A hacker searching for bride on Bharat matrimony but he found bug (Security loophole in login page) on the Bharat matrimony website. He was found that content of the web page is the part of URL of Bharat matrimony website. Then he can easily run script xss or html codes from the URL and easily steal user informations(user id & password) . After this he made a video all his work and published on U-Tube . Now any one can hack Bharat matrimony users passwords by using simple coding.
- What we did, just for fun
Bharat Matrimony, India’s most trusted matrimony portal with over 1.5+ crore members worldwide and has been recognized by Limca Book of Records, the Indian equivalent of Guinness Book of records, for record number of documented marriages online. The company has been profiled in NASSCOM’s Showcase of Innovation Book 2006 & 2007; the book showcases the top 100 IT innovators in our country. BharatMatrimony pioneered and recently launched EliteMatrimony.com – an exclusive matrimony website for the super-rich, celebrities, royalty and the who’s who of society. Also Consim (Formerly known as BharatMatrimony.com) bagged the most prestigious award – “Fastest growing 50 technology companies in India” in 2008 by influential US based audit firm Deloitte.Today Consim, the parent company hosts a set of successful portals which include – BharatMatrimony.com, ClickJobs.com, IndiaProperty.com, IndiaAutomobile.com and IndiaList.com, All over its huge company of india . Their Login page was having Security loophole. That loop hole still working. Check out the hacker’s video.
Related posts:
- Why Alexa’s Rank is important for a Website Alexa is a Different way to measure web traffic....
- All Over ,Twitter in safe side after targeted by Mikeyy Mooney Stalk daily(Worm) targeted Twitter’s network with four different attacks...
Related posts brought to you by Yet Another Related Posts Plugin.
May 12th, 2009 at 8:50 AM
Hey this in any case alters only the content displayed on the page that gets controlled by the query string parameter and hence does not have any implications otherwise !
May 12th, 2009 at 6:59 PM
Bug found on 14-Feb-2009, Till yesterday they didn’t care of it they close that loop hole within 24 hr after Hacker’s u-tube video and our post and Raxit Sheth is guy who found this bug http://raxitsheth.blogspot.com/2009/05/security-discloser.html
May 12th, 2009 at 7:41 PM
@Chithra
if you view the video, it clearly shows on infected site, if you enter your username/password, it will send that information to Me !!! your username and password with Me, due to the bug in BharatMatrimony.com
Didnt you see the implications ??
-Raxit Sheth
May 14th, 2009 at 10:02 PM
yes Bharatmatrimony.com people are care less guy, the bug open are for 3 month, so lots of people hack bharat matrimony between these time
July 9th, 2009 at 7:34 PM
I should say that http://www.currentopics.com has lots of interesting information. Looks like the author did a good job. I will be coming back to http://www.currentopics.com for new information. Thank you.
August 8th, 2009 at 6:06 AM
your post is helpful and informative