29 Jan 2013
Iranian penetration testers exploit .tm domain
The Turkmenistan domain registry has been hacked with an SQL injection sent into hidden form fields which had invalid supporting data. The result received by the Iranian pentesting team was a database dump of plaintext (rather than hashed) passwords accompanied by their email derived customer logins. Some of the domains affected include gmail.tm, google.tm, youtube.tm, yahoo.tm, etc..
The control panel for the nameserver management authentication is a simple email and password challenge. Some of the revealed passwords were dictionary attack susceptible such as wendy, sunshine, etc.. ]]>