.png)
2 weeks ago
15 BOOK THIS SPACE FOR AD
ARTICLE AD
Greetings, fellow cybersecurity enthusiasts! My name is Kamil Rahuman, and today, I’m thrilled to share my desire to contribute to the ever-evolving landscape of digital security, my attention is turned towards the Indian Government’s digital infrastructure.
Getting Started: Recon
My journey commenced with basic reconnaissance, meticulously gathering a comprehensive list of Indian Government websites, and laying the groundwork for what was to come.
Navigating with Subfinder
Armed with my list, I turned to Subfinder, a powerful tool for endpoint enumeration. I sifted through the vast expanse of government websites, honing in on those with endpoints ending in .gov.in, narrowing down my targets for further exploration.
Through this enumeration process, I got thousands of sites in the Indian Government which I scanned without a plan for the next stage.
So I should plan in another way to split some of the sites so that I can start checking the main domains. Then I selected some of those stuff from subdomains that were saved in the enumeration process.
Analyzing Website Architecture with Wappalyzer
On those selected subdomains I always used to check with Wappalyzer to unravel the technologies and applications employed in their construction, providing invaluable insights into potential vulnerabilities.
This tool automatically checks the page how the page was built and what are all the technologies the website is built will be shown…
These are all the technologies used in the main domain of the Indian government.
First Encounter: Taking Charge for Subdomain Takeover
With a strategic mindset and an eye for vulnerabilities, I embarked on the mission to uncover potential subdomain takeover opportunities within the Indian Government’s digital infrastructure.
Planning from my side How I can take over a government domain
With my sights set on vulnerabilities, I devised a plan to probe for subdomain takeover opportunities. I scrutinized select subdomains, searching for weaknesses that could potentially grant me unauthorized access and control. At that time a friend provided me with a simple landing page template. which seemingly looks like a simple interactive one where I planned I could add my content to that landing page after the domain is compromised. so that I can offer a platform to showcase the potential consequences of a successful domain takeover.
In above marked one shows some tabs where I planned to make the tabs to redirect to other vulnerable sites. The vulnerability is chained into Subdomain Takeover to Redirection!
Unfortunately, I could not find any of the subdomains to be vulnerable to takeover by the target government site.
LAST BUT NOT LEAST !! ACCESSING INTO GOVT DATABASE:
I found that the selected target domain which I searched for domain takeover has the PHPMyAdmin database server. and just checking out redacted.gov.in/phpmyadmin/index.php. I was able to log into the database without any authentication, so it did work.
Accessing the Database Server
I stumbled upon a main domain of an Indian Government website with a glaring vulnerability — direct access to the PHPMyAdmin database server. I seized the opportunity, gaining unrestricted access to the server and its wealth of data
But the Interesting part is As I mentioned in the above database picture the user’s password is encrypted in hash values were I was able to decrypt using this site called https://hashes.com/en/decrypt/hash.
Conclusion
From gathering basic information to finding crucial vulnerabilities and finally accessing the database server, each step showcased the importance of persistence and determination in ethical hacking.
Let’s meet again in another article
Bye!
Bengali (Bangladesh) · 
English (United States) ·