Pakistani hackers reveal why Google, other websites were defaced

Published: November 26, 2012

Hackers cite vulnerabilities in server of PKNIC - that manages domains for Pakistan - as reason. DESIGN: ESSA MALIK

A group of hackers from Pakistan revealed vulnerabilities with PKNIC – which manages domains for Pakistan including .com, .pk and org.pk – which led to the defacement of websites including Google’s Pakistan page earlier.

The group claims to be the “watchdog” of the Pakistani cyberspace and reportedly monitors websites to make sure they keep functioning smoothly.

Members of the group, Khanisgr8, Net_Spy, Xpired, Sho0ter and N3t.Crack3r, in an email sent to ProPakistani revealed that hundreds of .pk domains, including google.com.pk, msn.com.pk and other domains for top global brands were defaced on Saturday due to security flaws with the PKNIC system.

Photo: Screenshot on ProPakistani

The group pointed out that the defacement took place because the PKNIC servers were vulnerable to Boolean-based blind SQL injection, time-based blind SQL injection, cross-site scripting and sensitive directory disclosure.

The members provided ProPakistani with complete parameters and proofs of vulnerability, which according to experts, were valid. The security experts told ProPakistani that PKNIC has been vulnerable for a long time.

Earlier, a hacker named eBoz, had re-routed around 284 .pk domains from their servers to a hosting account allegedly owned by himself, by penetrating and re-configuring the DNS and name servers of these domain names.

on Twitter, become a fan on Facebook

Reader Comments (9)

  • Khan Bhai
    Nov 26, 2012 - 5:09PM

    About time Pakistan takes internet security seriously. Reportedly Pakistan military networks were attacked recently.

    Recommend

  • aisah azeeem
    Nov 26, 2012 - 5:12PM

    What a news…??Are we really interested in knowing why that happened?All we are concerned about is,How you’re going to prevent this in future…???Right?

    Recommend

  • Ali
    Nov 26, 2012 - 5:26PM

    PSEB or PASHA should take over PKNIC. Whoever dealt with PKNIC knows about the low quality service, high cost of .pk domains and basic level of their website. Its a joke. Owner making too much money and pays no attention to the users. Its basically Qabza group. ET should investigate it in detail.

    Recommend

  • A Pakistani
    Nov 26, 2012 - 5:50PM

    Why are our Govt. institutions so inept…Recommend

  • iLiberal
    Nov 26, 2012 - 5:58PM

    Umm….Okkaaayyyyy….

    Recommend

  • faizan
    Nov 26, 2012 - 6:01PM

    sounds cool stuff

    Recommend

  • Rahim
    Nov 26, 2012 - 6:15PM

    Wow, that is scary, we have sensitive information stored by PKNIC. They better employ someone who knows what are they doing.

    Recommend

  • Ali
    Nov 27, 2012 - 2:14PM

    can i contect you?

    Recommend

  • Dec 7, 2012 - 5:46PM

    Brilliant post, nicely done. And thanks for mentioning all that info ¨C you have introduced to me to three new blogs and I love them all! CheersRecommend

More in Pakistan