Hacked into bsnl.in
Posted by hackthisway on November 19, 2009
I was eagerly waiting for BSNL to patch their system so that I could publish this post which shows the hack in action. I could not record the video of the hack since the screen recorder, Istanbul became unresponsive on my Ubuntu OS.
While preparing for a seminar, I came across this website and out of curiosity Nmapped to find the OS running on the server. The OS detected was Sun Solaris 10. Then, I tried to check if it is vulnerable to Sun Solaris 10 telnet daemon authentication bypass vulnerability. and found it vulnerable.
Exploiting a vulnerability in Sun Solaris version 10/11
This is what happened at console. The exploit worked !!Now, playing a safe game and also being ethical I mailed the description of the vulnerability to the Deputy Director General who also happened to be the webmaster at bsnl.co.in
The email itself contains the information about the vulnerability which saves me the pain of describing it again.
I had to wait for 19 days to publish this post since the upgradation at bsnl.in took the same time.BSNL though late, showed the reaction 
Now, Nmapping bsnl.in does not show port 23 open.
Note : I am using Nmap version 5 on Ubuntu jaunty, compiled it from source !!!!
U:N:R said
purely Ethical
but dude
they don’t care…
you should have defaced the WEbsite..
“Jo log oocha sunte hai..unhe dhamakey ki jaroorat hoti hai”
i do keep doing these things..then mail@webmaser
U:N:R said
don’t look for the Mail ID..it’s fake
hackthisway said
it is not fake actually. but yes, they never login. I just do this for the safe side.