MTNL Server Vuberability | Delhi

Hacking MTNL servers ?? way too easy

Where is my proof ??



Don't believe it ?? yeah it could just be my id and all the stuff ..

Want a proof ??
Post ur MTNL telephone number that has broadband and you can get a screenshot here 🙂

Will i hack an account for you ??
No

Will i hack for money ??
No

Why the hell i posted it here ??
Just to make sure that evry1 knows

Wouldnt have it been better if i had told MTNL about this ??
Yes i did and they dont give a damn

can u please explain.... what u've hacked?? like r u usin someone else a/c OR usin ur a/c with no usage showing up OR changing bill amount for u etc???

exactly i can post my page exactly like u.I dont get what u have hacked.

too much confusion! i think i need a navratan tail champi on my head!😛what do you have here buddy?you can get anyone's details ? can change passwords? what!?

You can login to any1's account-> Change their passwords-> use their CA number to get all the call details from their MTNL phone@boygr8i can post ur page exactly too ( 😛 ) , all that is needed is your phone number

yes please, boygr8 give uv your no.😛i will pm you my no. too! 😛

In MTNL user ID is your telephone number. (also airtel)
And password is CA Number ( from your first bill ?)
If you have changed/not changed the password, how to get the password ?.
Para two :
What @ultra vires seems to claim he can get your password. say abcdefg1
You need not tell him . He knows how to get it !
all that is needed is your phone number
He can access your usage page .
Change your login password again. to say zxyxuvw2 !
You cannot connect again if you are using Wanminiport dialer to log in !
Para three : in BSNL old users 59.xx.xx.xx
here both the UserID and password are not based on telephone number or Bill A/c number. more safe.
For new users Ip 117.xx.xx.xx usage check a new 14 digit ID is given default password password! same mischief cannot be done.
Para Four : In Airtel same procedure New ID P/W for selfcare. same as above.
Only consolation, the "hacker' cannot log in and use your acct to connect to Internet ! ( Even then, some people claim they can do it !)

Para five : One probable source is the telephone bills statement/enquiry web site. Unlikely.
Or simply ring up CC and say you want the password ( forgot, misplaced bills, CA number PW already changed etc ? or say cannot connect ? )

i believe - jitne backroom ko access kar rahe hein, wo itne to samajhdaar honge hee ki upna pass change karle jub unka BB start hua thaa.... :hysterical:

its not from your CA number..
Its a vulnerability in their system ...
and btw i dont need to enter your password ...

Plz that looking CA number from bills and all is called social eng.
and not hacking.....

Looks like people have gotten used to those tom dick and harry def. of hacking.
More proof : ( i have picked another random number from MTNL directory)

If Port Binding is enabled , then its not of much use.What will anybody do by changing my password and looking at my session historyTry changing somebody's password and using his account. If it works, then its problematic.....if it doesnt , then there's no big issue except somebody might just be able to read my session history and change my password

although this shows you can access anyone's account, it cannot be used to use their connection because of port binding. there wont be any use just looking at the session history. that said, MTNL should take care of this and account information sholdnt be visible to anyone except the person whsoe account it is.if someone does change the password, you can always ask the cc to reset your passwod to default (CA no.) and then change it back.

if someone does change the password, you can always ask the cc to reset your passwod to default (CA no.) and then change it back.



^^ What if the hacker also calls up MTNL and asks them to reset the pw..... and then change it back ?

i think u have to call from that same number

they call on that number for a confirmation too i think.

I doubt port binding is activated on all lines. I have used my friend's username/pw on my router and it worked!. But since I have unlm connection I cant take great use of that.