For the last few months I have been working on AJAX, Asynchronous Javascript and XML technology for hacking. You can find the tutorial on the page hardcore hacking in the form of attachment. I was learning the techniques from my friend Mr. Vinay Katoch. The tutorials were amazing. He cleared some of my concepts. Now it was time to implement and check my skills out!!


So i choose BSNL's Dotsoft servers admin page for hacking. Dotsoft is bsnl's in-housed developed software , integrating and commercial activities, telecom billing and accounting, FRS and directory inquiry. It has been implemented in 171 districts across the country.


NOW THE WORK:


I developed a security penetration testing ajax web application

My traget was the dotsoft server and i executed the SQL command to retrive the password from the SQL database mentioned in the tutorial in the page hardcore hacking.

I easily hacked the admin account of the server by implementing the AJAX technique!!


HERE"S THE PICS:




Login Page of dotsoft server







Executing SQL query in the password field




Voilla..~~!!! The admin account has been hacked...


SO enjoy hacking