💻 At 17, I Hacked My School — In Class 12

Dream To Aim
thatraghavarora
June 18, 2025

Every computer student at some point dreams of hacking their school’s system — just to see if it’s possible.
In my case, that dream turned into a real-world achievement. Not to break rules, but to prove skill. And at just 17 years old, in Class 12, I did exactly that.

🧠 Curiosity Turned Skill

As a cybersecurity researcher and web developer, I’ve always had a habit of exploring systems — clicking where no one clicks, sending unexpected inputs, and checking how secure everyday apps really are.

One day, I decided to analyze my school’s web application — the one used for internal data like student records, marksheets, attendance, staff data, and more. Within hours of testing, I found multiple flaws that allowed me to bypass authentication, escalate privileges, and gain full backend access.

🔓 What I Gained Access To:

  • Every student’s profile and personal information (including Aadhaar numbers)
  • Teacher records and schedules
  • Administrative settings and announcements
  • Even the principal’s admin panel with full control

Yes, it was real. Yes, I could’ve done anything. But that’s not what ethical hackers do.

🛡️ From Hacker to Helper

Instead of misusing the access or bragging about it online, I documented every vulnerability — including steps to reproduce, potential impacts, and how to fix them.

I approached my school’s administration privately, explained the risks, and submitted my report.

Their reaction?
Surprised. Shocked. But most importantly, grateful.

🏆 Recognized, Not Punished

Rather than facing trouble, I was recognized by my school with a Cybersecurity Award, presented publicly to appreciate my ethical approach and technical talent. It was a proud moment — not just because I pulled it off, but because I proved that responsible hacking has real value.

đź’¬ Lessons I Learned

  • Real-world security is often weak — even in places you trust.
  • Ethics matter more than skill. Having access doesn’t mean using it.
  • Recognition comes when you do the right thing, even when no one’s watching.

🚀 The Start of Something Bigger

This experience sparked even more curiosity and gave me confidence that age doesn’t define capability — action does. Since then, I’ve gone on to responsibly disclose vulnerabilities to 28+ major companies, including NASA, WHO, Nokia, Panasonic, Jio, Swiggy, Zepto, and more.

This wasn’t just a high school moment. It was a launchpad.

“I hacked my school not to destroy it, but to defend it.”
– Raghav Arora

Leave a Reply

Your email address will not be published. Required fields are marked *