on 18th october 2024, i had just returned from a long trip from bihar and just arrived at my home in ranchi, i’d not been active on whatsapp for many days and couldnt wait to socialize with my friends at the weird discussion group, operated under dpsbk
sarvagya informs me, and i delete my messages to protect the school’s endpoint from unwanted attackers
i was joking about divyansh and bihar but sarvagya at 22:42 informed me about this endpoint and that probably led to the start of something amazing and something great.
as soon as i learned about this i deleted the messages so that the exploit doesnt get leaked
shit so insane we had to do this
the endpoint served a purpose.. so important yet miniscule that no one thought it could result in the biggest data breach of dps bokaro. yet.
<aside> 📌
what is this all about? you “hacked” the school?
explaining what the endpoint does.
what exploit the endpoint can result in. (pun intended)
informing the school about the exploit (bcoz dangerous)
the risk with result.pdf → PII and much
understanding the school’s ERP system
engineering the perfect scraper for the job
rechecking with the school about the exploit
investigative journalism and impact analysis
how could you be affected? what is at stake here?
legal concerns and why you shouldnt do this & im just cool
if you’re an organization, take notes. this is serious.
</aside>
for the people who cant even read a small 6900 word article, here’s the AI generated summary of SOFUSDELA.
did you hack DPS Bokaro?! what are you even yapping in this non-sensical article??? why am i the viewer, reading this?? what does life mean?? reading this gives me what?
for any legal and ethical concerns, no we did not hack the school
This is about the time when a secret opening in the fortress lead to a school’s data exposure. and what lesson do we derive from this.
Use of ‘school’ refers to Delhi Public School, Bokaro.
let us begin by assuming that this fortress is the database, like the base of the data. or say, the data is in the treasury here:
what data? the school’s data. like what data? uhh~ your data.
remember how during filling out the admission form, you gave out some data to the school, or how the school has your results, your behaviour patterns, some bill or slips about you, some data about the library book you rented, some finance related thing, or anything in general that the school records.
you see the fortress’s main gate? that is for admins, the kings you could say, they enter and use the data however they like. the walls? they are to protect the fortress of course, dummy.
there is water below the steps to the main gate which is infested with crocodiles, so when someone tries entering the fortress, they get a punishment or something..