Gaana.com Hacker How Khalid Gain Access to 'Gaana.com' Server

Indian music streaming service Gaana.com was hacked by a netizen named Mak Man on Thursday, 28 May. The streaming service with 10 million users belongs to Times Internet. After hacking the website, the hacker aka Mak Man shared the news on Facebook, reported Business Standard.

gaana.com hacker

Interestingly, the CEO later offered the hacker a job at Gaana.com to help find other issue on the website. After hacking the website, ‘Mak Man’ shared the news on Facebook, according to Business Standard, and wrote: “Mak Man

[SQL injection] Gaana.com – http://makman.tk/gaana.php

Alexa rank: 121 (India)

Number of user records in database: 10 million+

Exploit POC: http://makman.tk/gaana.php

POC details: Enter the email address of the user (registered on gaana.com) to get all the details.”

 


So how exactly did Khalid gain access to Gaana.com's servers? He says the vulnerability was SQL injection. Simply put, it's a bug in the website's code that occurs when an input parameter from the client side has not been properly sanitised, allowing a hacker to execute SQL (Structured Query Language) code at the website's back-end DBMS (Database Management System).

"In this particular case (Gaana.com), there was a user table in the database which had almost 12 million records. This table had all the usernames, email addresses, passwords (MD5 encrypted), date of birth, Facebook IDs, Twitter IDs and other financial information," said Khalid, in an email to us.

While he claims he didn't steal or download any of the information, Khalid says it was easily within his grasp, although it would've taken a few days given the sheer quantity.

How to Protect Data:



  • Never use the same password for multiple online accounts

  • Don't click on unknown links or URLs while online

  • Keep your system and your antivirus software up to date.

  • Make sure that when you're entering your financial details into any online portal, it's a legitimate organisation, and one you can trust.


And his efforts seem to have paid off. Times Internet CEO Satyan Gajwani came out on social media, owning up for the goof and thanking the then anonymous Mak Man for his efforts. The hole has since been patched, and Gaana.com was offline for a few hours last evening as they carried out extensive diagnostic tests to uncover any further flaws. At Gajwani's request, Khalid also took down the script he had hosted on his website.

Comments

Post a Comment

Popular posts from this blog

This Guy Killed All Girls With This Video - Why Male is a Joke in India?

Image
Here is a video in which a person  from Hyderabad explains why Man  is a joke in India will leave you thinking about the harsh reality. In a six-minute stand-up comedy, the person perfectly projects the mentality of the society and even the mentality of girls. Must Watch:  Before Too Late Open Your Eyes He goes on to explain the discrimination: "If a girl is with four boys, her friends call her  that she is moving socialy but if a boy is with four girls, he is tagged as a flirt". The video by Fame Comedy is going viral on social media.Watch the clip and tell us what you think about it.
Read more

OU Degree Results 2016 For 1st 2nd 3rd Year BA B.Sc BCA B.Com BBA @ www.osmania.ac.in Manabadi.com

Image
Osmania University (OU) successfully conducted UG Degree 1st, 2nd & 3rd-year examination in the month of March 2016. A huge number of candidates who are studying BA, B.Sc, BCA, B.Com, BBA, and another group appeared for the examination across various examination centers in Telangana. All the candidates who had written the exam are eagerly waiting for the results. Osmania University is likely to declare Degree Results 2016 today i.e; 30th May 2016. Students can check the results from the direct link provided below. Osmania University Degree 1st, 2nd And 3rd Year exam result can be search via online at official website that is www.osmania.ac.in. Candidates can download OU degree 1st, 2nd And 3rd Year and courses like B.A, B.com, B.BA,  B.Sc exam results 2016 from the direct link provided below. Osmania University (OU) Degree Results 2016: Osmania University is all set to declare Degree Results for the 1st year, 2nd Year and 3rd Year students. Candidates of all the groups who had appe...
Read more

ICC Cricket World Cup 2015: New Zealand Vs Scotland Match Live Streaming Online Star sports & cricinfo.com

Image
ICC Cricket World Cup 2015: New Zealand Vs Scotland Match Live Streaming Online Star sports & cricinfo.com: Match number 6 in the ICC Cricket World Cup 2015 is going to pit New Zealand against Scotland, NewZealand Vs Scotland is scheduled on 17 February, 2015 at time: 11 a.m. local time, 10 p.m. GMT. World Cup 2015 begins from February 14, 2015 and ends on March 29, 2015. There are various channels that will be telecasting the World Cup 2015. Date: Tuesday, Feb. 17 Start Time: 11 a.m. local time, 10 p.m. GMT (Feb. 17) TV Info: Live on Sky Sports 2 (UK) sports & cricinfo.com Live Stream: Sky Go New Zealand Squad: Brendon McCullum (captain), Corey Anderson, Trent Boult, Grant Elliott, Martin Guptill, Tom Latham, Mitchell McClenaghan, Nathan McCullum, Kyle Mills, Adam Milne, Luke Ronchi (wkt), Tim Southee, Ross Taylor, Daniel Vettori, Kane Williamson. Coach: Mike Hesson Scotland Squad: Richie Berrington, Kyle Coetzer (vice-capt), Freddie Coleman, Matthew Cross (wk), Josh Davey,...
Read more