Nasa.gov Full Access

December 6th, 2009 TinKode Posted in Old Stuff | 18 Comments »

 _   _
| \ | | __ _ ___  __ _
|  \| |/ _` / __|/ _` |
| |\  | (_| \__ \ (_| |
|_| \_|\__,_|___/\__,_|
      #owned by c0de.breaker

I had access to:

www.istd.gsfc.nasa.gov
www.sed.gsfc.nasa.gov

Some screens:

http://i44.tinypic.com/vnjl10.png
http://i41.tinypic.com/25j9zle.png
http://i37.tinypic.com/294t26t.png
http://i35.tinypic.com/qnpf9y.png
http://i38.tinypic.com/23r5mw.png
http://i37.tinypic.com/2rfe92u.png
http://i35.tinypic.com/a57s5e.png

Informations:

#Version: 5.0.41-community-nt-log
#User: istdUser@pows002.gsfc.nasa.gov
#Principal Database: istd

Tables from “istd” database:

#access
#branch
#docs
#docsbranch
#intro
#programs

Columns from “access” table:

#Id
#firstName
#lastName
#userName
#userID
#passWd
#projAdmin
#branchAdmin
#userAdmin
#userEmail
#deleteFlag
#dateCreated
#dateExp

Admins Accounts:

http://www.istd.gsfc.nasa.gov
[1]cdutan:7a8c7fa22b550647
[2]cdutan:29bad1457ee5exxx = pass
[3]cdutan:5d838e1214414xxx
[4]amaples:6bd15dc17df47xxx
[5]mpena:6d98684b668859ca = demo
[6]pmorales:6d98684b668859ca = demo
[7]hbranch:462f0bb410747xxx
[8]rboucarut:462f0bb410747xxx
[9]bwarner:56d220cf299589xxx
[10]jgibbon:57fd17dc4acc0xxx
[11]jadams:57fd17dc4acc0xxx
[12]ldegumbia:7ea971e4746f1dxxx
[13]gshaw:7704f33e5ba3axxx
[14]jknuble:7aa98ff639f44xxx
[15]dclark:56d220cf29958xxx
[16]Aseas:01bb86d42fa7cxxx

http://www.sed.gsfc.nasa.gov
[17]lray:08561c1c17889xxx
[18]krehm:548be399040104xxx
[19]jlynch:57fd17dc4acc0xxx
[20]cwildermann:0c3e79027e9a6xxx
[21]rwhitley:01bb86d42fa7cxxx
[22]ylue:56e6286107b5cxxx
[23]sgreen:56d220cf29958xxx
[24]blui:1da506dd3b569xxx
[25]lruley:462f0bb410747xxx
[26]eshell:6a361bbf05750xxx
[27]cdurachka:25000fbb79660xxx
[29]jbyrnes:7ea971e4746f1xxx
[30]rlutz:5c402ed75fb3exxx
[31]tflatley:2f78c90f14657de5 = d41d8cd9
[32]ehicks:5c402ed75fb3exxx
[33]phestnes:1e4f606e3e050xxx
[34]ppittman:5eb6d0877c779xxx
[35]acarbin:460d15eb1a0fexxx

I didn’t want to damage anything. Only to show that nasa subdomains have many SQLI, XSS, vulnerabilities etc

#Finish, c0de.breaker

18 Responses to “Nasa.gov Full Access”

  1. anonymous Says:
    December 7th, 2009 at 22:34

    http://www.theregister.co.uk/2009/12/07/nasa_hack/

  2. TinKode Says:
    December 8th, 2009 at 02:28

    Hackers appear to have taken advantage of SQL Injection flaws and poor access controls in mounting the attack, reports Gunter Ollmann, an ex-IBM security expert who is now VP of Research at security firm Damballa.

    SQL injection was made only by me.

    The motives and perpetrators of the attack remain unclear at the time of writing. Messing around with sites run by the space agency is a risky business for hackers, as Gary McKinnon and others have discovered, though whether anything will happen over the latest break-in is unclear.

    The reason was simple!
    Because I could, and they were vulnerable.
    As you can see, I didn’t change anything.

  3. chep4s Says:
    December 8th, 2009 at 02:44

    http://www.theregister.co.uk/2009/12/07/nasa_hack/
    pwnt

  4. chep4s Says:
    December 8th, 2009 at 03:06

    i mean like… once they get a hold of even tinypics logs, you’re g4m3 0v3r lolol

  5. uberVU - social comments Says:
    December 8th, 2009 at 05:07

    Social comments and analytics for this post…

    This post was mentioned on Twitter by gollmann: 2x NASA.GOV sites pwn3d (via SQL Injection) – admin accounts extracted – http://bit.ly/6DNtpC #security…

  6. volare Says:
    December 8th, 2009 at 05:33

    Good screenshots) and good research;)

  7. H3xP Says:
    December 8th, 2009 at 17:17

    Logical Scenario; If you were a “very confidential organization”. Would you leave doors open for eye’s to see your work? There’s most definitly more to this. I am sure this is just a baited website. Majority of the huge organization’s use intranet over internet to prevent shit like this in the first place.

  8. Wojtek Says:
    December 8th, 2009 at 23:07

    What happend to: http://tinkode.baywords.com/index.php/2009/12/nasa-full-dislocure-again/ page?

  9. TinKode Says:
    December 8th, 2009 at 23:29

    I made the post: Private for all…
    First, the admins must fix the vulnerability, after that, it will be made public again!

  10. Wojtek Says:
    December 8th, 2009 at 23:43

    So, it’s public in Poland now…
    http://hcseclab.blogspot.com/2009/12/kolejna-strona-internetowa-nasa-pada.html

  11. John McKean Says:
    December 9th, 2009 at 23:50

    It is interesting to note that the password hashes for many users on both systems are identical!

  12. Funny Says:
    December 10th, 2009 at 16:45

    Hehe, ok. So what next? 250 years in jail.

    “As you can see, I didn’t change anything.”

    Same as if you broke someones window and said: “Just broking windows for fun, let me go evil policeman” Dont count on that one. :)

  13. Mosad Says:
    December 10th, 2009 at 17:23

    esti urat.SAL

  14. LOL1ds Says:
    December 10th, 2009 at 23:02

    Good job.. :) show the world is the art of hacking…

  15. klepon78 Says:
    December 15th, 2009 at 04:24

    how come you hacked a website while your computer are remote by other?

    the green eye on bottom right of your screen shoot, got I mean?

  16. TinKode Says:
    December 15th, 2009 at 13:45

    :) Who say that was my computer. Maybe was another one controled with VNC! :)

  17. Socrates Says:
    December 16th, 2009 at 01:00

    Dude nice, just make sure you don’t get caught for the rest of the hackers around the world. Nice hack.!

  18. brand clothing Says:
    December 17th, 2009 at 08:00

    It is interesting to note that the password hashes for many users on both systems are identical