The valid credentials, userid as username and password as password, are hardcoded in the login page...
-
-
Show this thread
-
Yes the credentials are working. You can find attached the ValidateInput() methodpic.twitter.com/258NOUTWR0
Show this thread
End of conversation
New conversation -
-
-
I will die by laughing after seeing this post



. Alright, I just want to ask one question, so the "so" called computer engineers in the government departments have even did any 1month course of computer? They only studied the theory and never tried the practical and reverse -
In mantra layabout the Mumbai Govt center for state legislature way Majority staff Even hi courts and home ministry operate 50 yr old manual typewriters ones with black red ribbon tape Yet
@rsprasad says India digital nation with not even 5% of population know computer usage.
End of conversation
New conversation -
-
-
this is govt site, everybody should have access ;D
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
am i missing something here? Those are just validation? "userid" "password" is for the Error Msg right? Not the cred themselves.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
can you login with username "userid" and password "password"? can you post code of function "ValidateInput()"? i think those are validation check for allowed characters and not for authentication. username, password both using same function ValidateInput() to check allowed chars
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Vulnerable for string hamming attack....nah?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I think this website was developed by some college intern for their academic project.

- 1 more reply
New conversation -
-
-
Did you test if there is Server Side Validation?
-
Elliot has already mentioned that the username and password are hardcoded into the webpage itself. So ofcourse any server side validation will also succeed
End of conversation
New conversation -
-
-
Leurs sites ça pourraient être des pages test du site root-me c'est ouf
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
To be frank with you, I don't think it's too bad. To me it's not a security flaw just bad code.
End of conversation
New conversation -
-
Isn't this just input validation? You know to validate that you don't submit an invalid username or password... It doesn't decide if it's a real user/pass pair or grant access.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I thought this was a meme. Then I realized it's India.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
(2/2) and those agencies build third class websites and charge so much money for that. A normal person can't even navigate through it properly. They don't even care about UI / UX or fixing bugs, so security doesn't exist for them.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
This is what our government does.. they declare or take some hefty amount of money in the name of making online portals or websites for citizen's convenience and then take a bribe and give contractsnto shitty Web Development Agency. (1/2)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
If you have decided to look into Indian websites then I don't think you will be having time to look anywhere else for the next 4-5 years. Keep up the good work, cheers.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
