Hadopi Anti-Piracy Agency Website Turned Into The Pirate Bay Due To XSS Vulnerability
Hadopi, the French agency charged with handling file-sharers’ copyright digressions, has once again been shamed by a copyright-related blunder. The agency which mandates that all citizens secure their networks to keep out freeloading pirates, has a surprisingly insecure site itself. Ironically enough, the vulnerability allowed outsiders to change the search engine of the Hadopi site into that of The Pirate Bay.
Hadopi has had its fair share of troubles since it came into effect last year. One of the most shameful missteps occurred when the agency unveiled its logo to the public, as it turned out that they had forgotten to secure a proper license to actually use the font type.
In what could easily be an April fools joke, but isn’t, the President of the French Pirate Party Paul Da Silva has revealed an interesting exploit he discovered on the Hadopi site. To assist the public in finding authorized sources to download movies and music on the Internet, the Hadopi agency launched a new search engine on its site earlier this week. A useful feature, but also one that turned out to be very easy to exploit, Da Silva told TorrentFreak. It took the Pirate Party President just 10 minutes to find an XSS vulnerability that replaced the Hadopi search engine with that of The Pirate Bay. As can be seen in the picture below the Hadopi site even featured Pirate Bay’s logo, the most recognizable pirate icon on the Internet.
“For a while now we have been telling Members of Parliament and Hadopi employees that what they request from every French citizen is just impossible (securing their Internet connection). It would require them to be experts, and even if all of them were, we would still be facing the problem of IP spoofing,” Da Silva told TorrentFreak.
Although the vulnerability was fixed after a few hours, the Pirate Party President managed to make his point, and many French publications picked up the shameful error. The big question is whether it will change the antics of the Hadopi agency, whose threats thus far have had little effect on the piracy habits of the French public.
Credit: TorrentFreak.com
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.