6GB NASA Database Leaked, Hackers Notify Agency
A sample of the database reveals information such as usernames, email addresses, names, IDs, login dates, passwords, and other data.
“Complete Database is in GB's, well we aren't leaking it. We may keep all parts in our private home! Yet only little bit dump or few columns data is released just to inform NASA that being National Aeronautics and Space Administration you must also keep your servers up to date!” the hackers said.
They claim they informed NASA a few days ago, but since the organization failed to respond, they leaked part of the database to attract the agency’s attention.
NASA domains and subdomains have been found to be vulnerable on numerous occasions in the past several days. Members of TeamHav0k also found a subdomain that can easily be exploited by hackers.
They identified a cross-site scripting (XSS) vulnerability and made a screenshot to prove their findings.
“Well here’s another XSS in NASA.... I was surprised at how easy it was just a simple check of the src of the page they only filtered out stuff like < / > and i think the = as well,” a TeamHav0k representative said.
Last week the Kennedy Space Center was found to contain a similar weakness, but after being contacted, the site's administrators promised to look into it.
A few years ago the veterans of the hacking scene proved their skills by hacking into NASA. Now, the organization has so many sites and they’re so full of security holes that it’s hard for even a novice hacker to resist the temptation.
Source: Softpedia
Database Leaked:
http://pastebin.com/YkncVygq
Categories:
Cyber Crime
,
Database Dumped
,
Hacker News
,
Hackers Voice
0 5:
Post a Comment