Simply I browsed the media page and then to pressroom archive. While I was Hovering each and every link the from 1st june 2008 onwards they had given direct links to the PDF files(the press releases). The days behind 28th may 2008 were given a PHP file “download_sis.php” and a variable SIS to download the PDF i.e “download_sis.php?sis=media/pressrelease-21may2008-talkchoice.pdf” and so on. This isn’t something huge but yes vulnerability is there to Wataniya. This file download_sis.php can be used to download any files in the server. Ok now you do have a question. Why the hell do I need to download some static HTML’s? According to my php knowledge this was indeed vulnerability in the site. A normal user can call for files in the server.

Alright let me tell you why this is not safe. “download_sis.php?sis=download_sis.php” got my point. PHP pages are server side scripts. If you try to save them there’s no way to get the original code thus you get the out from the server which is the HTML.

<?php
$filename = $_GET['sis'];
if( ! is_file($filename) || $filename[0] == ‘.’ || $filename[0] == ‘/’ )
die(”Bad access attempt.\n”);
$file = explode(’.', $filename);
//if($file[1] != ’sis’) die(’Could not download selected file.’);
header(”Pragma: public”);
header(”Expires: 0″);
header(”Cache-Control: must-revalidate, post-check=0, pre-check=0″);
header(”Content-Type: application/force-download”);
header(”Content-Type: application/octet-stream”);
header(”Content-Type: application/download”);
header(”Content-Disposition: attachment; filename=”.basename($filename).”;”);
header(”Content-Transfer-Encoding: binary”);
header(”Content-Length: “.filesize($filename));
readfile(”$filename”);
exit();
?>

That’s the code I’ve downloaded from the download_sis.php file. Basically it checks for whether the typed file exists or not. If the file exists it send the browser the request to download it, else it gives an error message saying “Bad access attempt”. Well the mistake here is they should have mentioned that only PDF files can be downloaded in the coding, as validation or other PHP validations could have been applied.

Still feels it’s not a security measure we can leave, well think again. Linux shadow password file is what you should be looking for “/etc/passwd” Just keep in mind if u get to that file you probably can do some damage.

You have probably got an image here. As I said I was browsing the whole site. I went to the Contact Us page. I tried submitting an enquiry. Filled all the fields they had and tried to send a prank one. As you all know sending an email requires server side support. So I tried submitting my “prank” message. The form was submitted to a file “mail.php”.

A php warning came along:

Warning: fsockopen(): php_hostconnect: connect failed in /var/www/html/wataniya/contactus/class.smtp.php on line 105

Warning: fsockopen(): unable to connect to 10.10.9.2:25 in /var/www/html/wataniya/contactus/class.smtp.php on line 105
Message could not be sent.
Mailer Error: Language string failed to load: connect_host

We can download the mail.php file too. But the important thing here is about the error. An error can give us lots of information. As we can see above, the structure of the site is clearly showed in the error.

As far as the mail php application is concerned, they have lots of SMTP information in those mail files.
Well after everything we have seen above, this is indeed a huge vulnerability for Wataniya and its online server. This should have been taken cared by the Wataniya administrators. Without the use of easy PHP validations they have come up with this exploit. Making it more easier for any one to get into their private data. A telecommunication company user information should be secured. So just think what if this server is connected to their main frame(just in case), what are the out puts of this whose gonna take responsible for just a simple validation they missed out. Am not an expert but figuring out this puzzle was what piece of cake. Yeah.

Drop me a line if you were able to do anything with my information given above. And one last thing am not even 18 I cant take any responsibilities don’t come and scratch my head with “cyber crime unit”. I’ve got better things to do than this. Please take a note that information given above is only ment to be used as educational purpose only.

UPDATE:
They have removed the file download_sis.php, now that was fast. -_-

Well my search ended when my cousin inquired about several places. I did a small wiki on the places and then decided to join NIIT for BSC (HONS) in Computing. Java was the main language I chose as multiplatform environment is what im looking for. Any ways I left Male’, shifted to Colombo. Ok not a bad excuse. I’ve been studying for a year now. Well that’s now. What happened in between? Right…

I missed lots of blog posts I should have posted.Wasted some time which I wish I could get back. To be honest lan gamming and the institute stuffs made me so lazy. And yeah some great movies and of cause tv series killed my sleep. Researching on topics for institute projects were some of my work I do in the morning. I totally missed my blog and my readers.

So let me come to the point. The most important thing I found tonight in its back yard is ROL provides Vista Crack. Being one of the internet service providers in Maldives, they are currently hosting a crack for the well known operating system Microsoft Windows Vista in its back yard. So whose taking responsible for this. Am sure TAM (Telecom Authority of Maldives) wont even care about these actions by these companies. And about ROL am not calling them or emailing them at least this time they wont ask me to disconnect my modem power cable and put it on again. Any how I get the same response from the geeks at ROL’s phone booth. So when can Maldivians have a genuine internet service provider. All I can see is Dhiraagu is bluffing their advertisements and ROL doing their backyard business. Perhaps ROL is turning out to be some warez geeks to host something like Vista Crack.

Thats not all. ROL site is full of holes more than you could expect from an ISP at least Dhiraagu has a secure site. But ROL ass is not clean at all. Any one with the knowledge of XSS can do many cool stuffs to ROL’s web site. Something like this (Maumoon One) ( Don’t laugh too much keke ).

Damn it was fun… haha and regarding vista crack I was laughing to death… Finally something to do after olevel’s. Well I got few words for Raajje Online and that is …

Clean up ur staffs
Stick up the notes
Clean out the holes

PS: Tell all your friends that ROL’s Vista Crack Really works keke … Click here to Download
Shame on you ROL

UPDATE:
They have removed the crack plus all the warez. Now thats called power of blogging…
Oh and I didn’t take a screen shot damn… but heres one from a friend ..

Live application such as Windows Live Desktop also has dropped from beta. With all new features such as Blogging and sharing pictures arent gonna change your mind for Gmail. But it can combine your Yahoo and Gmail. Yeh and it also includes posting pictures directly to Flickr. The features are not that bad, but could be improved or worsen. Apparently the online nature of Windows Live Mail is slow and no change has been brought to it yet. New features on Windows Live Mail are expected to be seen with the official launching of @live mail.

Guys its time to start with a fresh mail stop entering numbers before and after your mail, get your mail before some one takes it out ;). Feel fresh Live is out.

But how can I leave Gmail ;).

Click here to get You@Live.Com

Click here to get Windows Live Desktop

Face book has its own concept which makes it different from other social networks such as Hi5 and myspace. Nevertheless they have their own platform of developing what we call FaceBook apps. I have tested face book application concept few weeks back which was very easy. And started my work last night, basically the application would read all the latest blog posts in Mv Blogs(through RSS) and display them in facebook. I nearly spend 4hrs on this.

How can this app help you:
You may display the latest feeds on your profile.
Share the blog posts with your friends.

And one more thing. MvBlogs RSS feeds does not have flickr links, so flickr guys sorry (but keep them flicking the pics are awsome) ;). So I guess you still have to use mvblogs.org for flickr pix :).

Thats all my application would enable you to enjoy FaceBooking while blogging at the same time.

Ok lemme make this short

http://apps.facebook.com/mvblogs/

Requirements:
Eyes & Head

Recently a Japanese Blogger named Hamachiya2 has discovered that IE6 can easily be crashed by one line of css and html. With this code ” <style>*{position:relative}</style><table><input></table> ” IE6 will crash immediately. I would highly recommend all of you to use FIREFOX, although the new IE 7 is also kinda ok.

Here is a preview check it out in IE 6 Click Here

Apple’s “iPhone” is dated to be released tomorrow. It’s a phone every one is talking about. But it’s not worth to buy one. iPhone has a 2 mega pixel camera which doesn’t include any specialty such as “Carl Zeiss” or “Cyber shot” features. In the other hand nokia n95 provides you the best image quality optimized with Carl Zeiss. Moreover the unbeatable VOIP technology in nokia n95 is just one touch away from you. The word “MMS” is not found in iPhone it self.

Compared to n95, iPhone enables you to watch YOUTUBE videos, and it includes an improved music player and its having graphical interface you will fall in love with ;).

But in general iPhone its self needs the word “improvement”, improvement before it reaches the customers. I think it needs to enable users to interact with their daily life. And it needs quality in phone it self.

^Image taken from http://n95blog.com/

“We will let you enjoy broadband internet the way it meant to be”

So the question arises whether it’s the best time to introduce the new package or is it just the competition against Dhiraagu. Dhiraagu has also introduced a new package but in limited terms as bandwidth is only 3 GB. Yeh we all know ROL doesn’t have bandwidth issues but yes the difference arises in speed and the services given by both of these companies. So my question is this the time? Well NO. Furthermore the quotes on the ads also indirectly tell us that they haven’t been giving good service to the users.

They have already fooled us the customers previously. After the submarine cable came we all thought the speed would make a difference. But no, a week after they have installed the upgrades the speed was like heaven for a normal customer like me. I’ve received around 60-80 kbps. And again they had failed to protect their promise and after few weeks the speed went down to 30 kbps. So this means finally the SUBMARINE CABLE drama is still on show.

Ok so what’s next? What’s with this new package mega pipe? Is it an upgrade for the 650/- package users or is it a new package where the price is double. I’ve also given a ring to them today to get more info but unfortunately was unable to get any info on the new package. So my question remains are they attempting to fool us again.

Oh yeh the ad is edited below \/

Click here (YOUTUBE)