IncredibleIndia.org Attacked Twice

By Susam Pal on 25 May 2006

IncredibleIndia.org has a security loophole.

The vulnerability was reported to the administrator of the website in the first week of April 2006 but no action was taken. Then I released a security advisory describing the issue on 16 April 2006. The security hole is an SQL injection vulnerability present in the following URL: http://www.incredibleindia.org/newsite/cms_page.asp?pageid=1110. This URL allows an attacker to probe their database and drop tables.

It is said that one should never assume a website to be too insignificant to get the attention of attackers. An attack of this kind is not a matter of whether it will happen but when it will happen.

IncredibleIndia.org was attacked twice today but the website recovered both the times. Perhaps the administrator recovered the dropped tables from a backup. However, I am not sure if the administrator is aware of the fact that the tables are being dropped by attackers.