Techiepedia
Published in

Techiepedia

How I found the security issue in Govt of Indian website

Hello everyone, this is my first valid bug/security misconfiguration issue in one of the Govt of Indian website.

Bug-type: RDP (Remote Desktop control)
Website: example.govt.in
IP address: 10.10.10.1 (example)

TO get a IP address of a website use “ping -4 example.govt.in” you will get a ip address 10.10.10.1.

Everything started from scanning the open ports by using nmap,
nmap -sC -sV 10.10.10.1
-sC: equivalent to — script=default
-sV: Probe open ports to determine service/version info

Found more than 29 open ports, but 1 port caught my attention was port number 3389 (RDP) (windows server)

To access the windows remote desktop service from unix based system there is open source tool called “rdesktop”.

rdesktop 10.10.10.1

Got access to the login page with a warning message by clicking ok got a login pannel.

Without wasting time on bruteforce tried some default credentials and got a valid username (****) and tried some default passwords none of them were valid so i stopped looking for a valid password right there.

Took a screenshot of the login pannel and made a report with steps to reproduce and submitted to rvdp after 3 days they sent a acknowledgement email and after 2days the issue was fixed.

impact of RDP
1) Bruteforce the login credentials
2) Getting a full access to the server
3) In recent time most of ransomware and data breach attack was happend through RDP
4) etc.

How to fix the issue
1) Filter the port in firewall of server
2) Closing the port after the work complete ..

Tip: Never stop learning.

--

--

--

Where Innovation is Composed

Recommended from Medium

TryHackMe:Kenobi

[New Coin Listing] Beta Finance(BETA) to Be Listed on DigiFinex

{UPDATE} Baby Hazel Royal Bath Hack Free Resources Generator

Weekly Brief-Cybersecurity

Why Customer-Centric Encryption Matters in Financial Services

Two Days Remaining until Catex DeFi Website Launch

Changing How Startups See Network Security

(ENDED/已結束)Get rewarded for referrals! 推薦拿獎勵!購買獲U幣!「推薦獎勵USDT不抽直接送!?」

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
C M UPPIN

C M UPPIN

Cyber Security Researcher || Security Analyst || CTF Player || Webapp Pentester || Ethical Hacker

More from Medium

How To Secure Your Personal Data And Files — 2022

Basic CSRF

Utilization of OWASP Tools to protect against XSS vulnerabilities

Cansina — Open Source Hidden Content Discovery Tool on Linux