Password Reset code vulnerability allows hackers to ruin one’s system

A day before, TheHackerNews received an update about a vulnerability that can be found in most of high profile websites. An unknown Indian hacker said that the brute force method is effective in simple password reset loophole on most website.

“Around 40% websites adopts password reset code composed of numbers and of some fixed length”, TheHackerNews said.

For what the hacker did, the other hackers will surely take advantage of it, to which the tool can be downloaded easly on Mozilla Add-ons’ official website.

Apparently, the hacker could hit lots of website which contains the system hole. The bad part is, most of all penetrated websites by this hacking method are websites that provides SMS Services, and in fact, most of these are sending limited number of strings by which the method could be easy applied.

Screenshot source: www.mozilla.net