...in support of the Iranian protesters, #IranElection and a free Iran
While still in a preliminary setup phase I'm hoping we can use here as a base to plan hacks on specific Iranian web sites, especially those that directly threaten the safety of protesters.
At the top of that list is:
http://www.gerdab.ir/fa/pages/?cid=422
This site is asking for people to identify the protesters shown in the pics and is an immediate threat to those individuals.
I've already done a preliminary scan of that site with Acunetix. The results are here
A Distributed Denial of Service attack (DDOS) could temporarily block access to that site but based on their infrastructure that's also liable to bog the Internet for all, including the protesters.
The site boasts an impressive uptime and the automated Acunetix scans detected no immediate vulnerabilities but if the OS and Webserver fingerprints are accurate there may be exploits that would allow us to seize control of the site and take it down from the inside. This will take considerable work and I thus can use all the help I can get.
I've setup an accompanying Google Group where interested persons may join to collaborate. I'll post more specific details on sites as well as possible approaches, exploits and vulnerabilities, tools to use, etc.
While I am committed to helping in any way I can, my own time is limited, as most professionals are; as such, I am looking for like minded individuals to assist or even offer more insight. As an exercise it can prove to be a solid exercise in cyber security, penetration testing and specifically web site hacking but with a very specific goal, that of assisting all those who have been protesting and dying in Iran in an attempt to have a basic human right - the right to freedom.
No comments:
Post a Comment