17 Year old hacks US Air Force

Hackers are not only a major threat to private organizations and individuals but also to the Governments worldwide. US Government and military is no exception and is always under a constant hackers attack threat.

A 17 year old high school student hacked the US Air Force (USAF). For his efforts – he was not punished, instead earned hundreds of thousands of cash. The attack wasn’t a malicious attempt to steal any data or cause damage to the military assets or resources, the student voluntarily appeared in the air force’s bug bounty program.

The kid name is Jack Cable and he topped the air force’s bug bounty program. He hacked the Air Force and identified no less than 30 high end vulnerabilities, reported them to the authorities. Pentagon is reported to have paid cash prizes worth $5,000 per vulnerability. this is some real handy money for a 17 year old.

Also See: Meet Shahmeer Amir, the third most proficient cyber bug hunter in the world.

US Air Force (USAF) made its hackathon program open to hackers worldwide and 33 ethical hackers participated in the program. Jack cable earned the highest bounty.

“I found what’s known as an XML external entities vulnerability. That handles the applications processing of XML, which is a type of input data. I found that I could give it a URL and the application would make a request to that website. And I was able to escalate that after working on for a few hours into a remote code execution. So that would allow me to basically do whatever I wanted. So I could access all the user data that was on the website and I could change anything that I wanted to,” Cable told Marketplace.

Via: International Business Times