Personal tools
Add to Technorati Favorites

Number of visitors
since 27 March 2006
Document Actions

Hacking US Visa website

My in-laws have applied for US visitor visa and I am tracking their US Visa WebsiteVISA appointment to see if we can prepone it so that they can come early to the US. I was at first impressed with the VFS ( website that caters to the US Visa requests from India for the controls that they had in place to ensure correctness and security. It would have never occurred to me to test those as I would have expected that any government website would tested and re-tested against vulnerabilities.

I guess I was wrong. All I did was to enter my father-in-laws details on the website. While doing so I somehow entered the last three digits of his visa fees receipt number wrong and VIOLA!!! I was presented with records of three apparently related people who were totally unrelated to me or my father-in-law. I could have canceled their appointment or done all kind of mischief. Needless to say, I closed the web-page promptly after taking this screen-shot.

Whether I should inform the US Visa department or not, I am not sure. But I thought I should publish this.

The URL to Trackback this entry is:

Re:Hacking US Visa website

Posted by tarney kassey at Sep 02, 2007 05:35 AM

i need to hack some visa, and visa credit card

Re:Hacking US Visa website

Posted by Anonymous User at Nov 03, 2008 06:14 PM

Well blow me.. this is what at least 40% of the world's embassies use.

Add comment

You can add a comment by filling out the form below. Plain text formatting.


Microsoft Store

Apple iTunes