When Keith asked if anyone from the team wanted to interview a self-professed teenage hackerfrom India, I was cynical. Usually script kiddies in India who are also kids in real life suffer from delusions of grandeur along with the need to impress the fellow man his or her importance to India’s Cyber War against (who else?) Pakistan.
minhal mehdiis no different, for he is quite the teenager (but asked me to refrain from revealing his true age in this post) and has been hacking his way into some low security websites for about six months now, along with his friend and seniorNoTty_rAJ.
Minhal claims to hail from Lucknow, the capital of Uttar Pradesh and is [hopefully] a high-schooler with some years of school still left. He also believes hacking is not always a crime, and that it is an art and his passion.
In his introductory email, minhal claimed to have hacked manywebsites a short list being posted here. His claim to fame, in other words, is hacking one server’s root with an SQL vulnerability.
An abridged chat transcript follows with minimal editing pertaining to minhal’s answers.
Techie-Buzz (TB): What prompted you to start hacking?
minhal: i saw many forign hackers are hacking indian website, feeling of revenge motivated me for hacking. My hacks are payback to forign hackers for hacking indian websites.
TB: Which Indian websites were hacked that motivated you?
minhal: cbi website and thousends of indian websites.
TB: But you’ve mostly hacked low-security websites whose domain registrations have expired by now.
minhal: i’m new in cyber wolrd and trying to do my best for india
TB: What kind of loopholes did you find in these websites?
minhal: shell upload vlun. or SQL vlun. i found XSS in nasa’s website.
TB: So these were from exploit-db or bugtraq, right?
minhal: nah ,, its was my own
TB: So did you hack the NASA website?
minhal: it was president Xss but XSS is too long and boring