From: Wincanton Design (info@wincantondesign.co.uk)
To: staff@attrition.org
Date: Thu, 31 Aug 2006 10:56:42 +0100
Subject: T-mobile


Hi,
after weeks of researching t-mobile and finding vulnerabilities of each branch of 
their companies servers, I managed to find their employees secret login section which 
states on the front page : WATSON is a web-based application that allows you to activate 
a customer's device.

And as you can see from the screen shot I took, credit can also be added to accounts and 
the details of the customers on the system.

I've included the screen shot so that you can see for yourself ;)


Cracked by the Area 51 team ;)




From: lyger (lyger@attrition.org)
To: Wincanton Design (info@wincantondesign.co.uk)
Cc: staff@attrition.org
Date: Thu, 31 Aug 2006 18:24:47 -0400 (EDT)
Subject: Re: T-mobile


On Thu, 31 Aug 2006, Wincanton Design wrote:

": " Hi,
": " after weeks of researching t-mobile and finding vulnerabilities of each branch 
": " of their companies servers, I managed to find their employees secret login section 
": " which states on the front page : WATSON is a web-based application that allows you to 
": " activate a customer's device.
": "
": " And as you can see from the screen shot I took, credit can also be added to accounts 
": " and the details of thecustomers on the system.
": "
": " I've included the screen shot so that you can see for yourself ;)
": "
": "
": " Cracked by the Area 51 team ;)

Hi,

Assuming you're not an authorized T-Mobile employee, is there any reason
we shouldn't report this to T-Mobile or the police/bobbies/authorities in
your neck of the woods?




From: Wincanton Design (info@wincantondesign.co.uk)
To: lyger (lyger@attrition.org)
Date: Fri, 1 Sep 2006 08:13:13 +0100
Subject: Re: T-mobile

wow ok sorry!
i thought u guys were like a site that showed people what people have hacked...
oh well
please dont report and you will hear no more of it then!
i'm only 14



main page ATTRITION feedback