Pakistani Hackers Expose PKNIC Vulnerabilities That Caused Defacements of .PK Domains
5 years ago
A Pakistani Hackers’ group has exposed multiple, highly critical vulnerability at PKNIC – the entity that manages country level domains (such as .com.pk, .pk, org.pk and others) for Pakistan.
This hacker group claims to be the watchmen of Pakistani cyber space and are believed to quietly observe things to make sure that they keep rolling smoothly.
Hacker group, having Khanisgr8 , Net_Spy , Xpired , Sho0ter and N3t.Crack3r as its members, revealed — in an email sent to ProPakistani — that hundreds of .PK domains, including google.com.pk, msn.com.pk and other country level domains for top global brands were defaced on Saturday due to security flaws of PKNIC system.
Hacker group, in an exclusive communication with ProPakistani, claimed that PKNIC servers are vulnerable to:
- Boolean-based blind sql injection
- Time-based blind sql injection
- Cross site scripting
- Sensitive directory disclosure
Hacker group provided ProPakistani with complete parameters and proofs of vulnerability, which according to experts are valid and the only reason that hundreds of .PK domains were taken down on Saturday. Security experts told ProPakistani that PKNIC is vulnerable for long and needs to be scrutinized at earliest to avoid such instances again.
ProPakistani can share the the complete details of these vulnerabilities with PKNIC if they want to resolve the flaws.
It maybe recalled that a hacker, named eBoz, had re-routed some 284 .PK domains from their legitimate servers to an hosting account allegedly owned by hacker himself, by penetrating and re-configuring the DNS and name servers of these domain names.
Following are screenshots proofs of PKNIC vulnerabilities: