majoring compsci, yet a self-taught

on the homepage, i mentioned that i am majoring a computer science, that is true. however, there is a catch on why i decided to take a degree.

table of contents

indonesia

indonesia is a country located in asia, just take a look on a map. i basically live there. when it comes to "programming", most of the universities will teach their students either php, java or python. this just doesn't feel right, it's dated and stupid. it is 2022 and they are still teaching php.

no hate for php.

what i am trying to say is, the way professors are teaching is dated. thus! most of the government sites are very very vulnerable.

new kominfo and the government instances

let me drive you somewhere, let's do some google dorking. step 1:

  • search using google index of /fckeditor/editor/filemanager/connectors/
  • results! only include sites that ends with .id, ex: spai.kemdikbud.go.id, alumni.uinjambi.ac.id

voilà! now you've got some vulnerable web app. guess what? it's built using php. they're learning php at their university yet they don't fucking know shit.

not only that, there's so many ways to attack these .id web apps.

someone even bypassed the admin account by changing the cookie session (an official government web app)

a web app said it costs rp. 1.000,000.000.000 to build? 😀 source https://www.bbc.com/indonesia/articles/cg322wgp8p1o

from here, i think whoever's reading this knows what happens. no need to tell you more. happy hacking.

on a trip long way from home

i am currently a student, don't know how this will end up, but, it is what it is so wish me luck roasting silently.