• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

NASA sites hacked hard - Vulnerable web application

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Thu Dec 18, 2003 4:32 pm    Post subject: NASA sites hacked hard - Vulnerable web application Reply with quote

Thirteen NASA Web sites were defaced this morning by a Brazilian crew dubbed drwxr, according to a statement from Zone-H, an organization that monitors hacking.

Zone-H said the defacer apparently modified the index pages on the sites to express his opinion about the war, leaving the message "The war in iraq, kill is a play!" and linking to a CNN video showing U.S. soldiers killing an Iraqi and cheering.

The main NASA Web site, www.nasa.gov, did not appear to be among those hit by the attack. It was still available today online.

Zone-H, citing Netcraft Ltd., a British Internet consultancy, said the sites were running the Apache 1.3.27 Web server with PHP (an open-source scripting language often used to create dynamic Web pages) and several Apache modules on a Linux system.

"We can suppose that the server was remotely compromised using a vulnerability in a PHP script, then the defacer probably gained root privileges using the local root exploit for the Linux kernel 2.4.22 [and earlier] published by iSEC Security Research last week."

Zone-H posted an example of the defaced pages at its site.

NASA officials could not be reached for comment this afternoon. But it appeared that the agency has taken the Web sites down, as they were not available.

The hacked NASA Web sites include its Computing, Information and Communications Technology Program site, www.cict.nasa.gov; the NASA Advanced Supercomputing Division (Numerical Aerospace Simulation Systems Division), www.nas.nasa.gov; the NASA Information Power Grid, www.ipg.nasa.gov; and the NASA Research & Education Network, www.nren.nasa.gov.

Source: Computerworld
Back to top
View user's profile Send private message Visit poster's website
CHeeKY
Just Arrived
Just Arrived


Joined: 13 Feb 2003
Posts: 3


Offline

PostPosted: Thu Dec 18, 2003 4:56 pm    Post subject: Reply with quote

I hope this is on back of the dummy servers that NASA last month said they would deploy to catch people as part of the on going attacks they were facing Smile
Back to top
View user's profile Send private message
tzontzo
Just Arrived
Just Arrived


Joined: 17 Sep 2003
Posts: 1


Offline

PostPosted: Mon Dec 22, 2003 11:08 am    Post subject: Reply with quote

First of all ....what bussines does have NASA with the war in the Irak ?
Back to top
View user's profile Send private message
Giro
New Member
New Member


Joined: 25 Mar 2004
Posts: 22
Location: England

Offline

PostPosted: Mon Dec 22, 2003 11:18 am    Post subject: Reply with quote

I guess they need some reason to deface sites you cant really pick a better one hey.
Back to top
View user's profile Send private message
destruction
Just Arrived
Just Arrived


Joined: 13 Dec 2003
Posts: 0


Offline

PostPosted: Mon Dec 22, 2003 7:29 pm    Post subject: Reply with quote

maybe cuz NASA belongs to USA in some ways!!!
Back to top
View user's profile Send private message
PhiBer
SF Mod
SF Mod


Joined: 11 Mar 2003
Posts: 20
Location: Your MBR

Offline

PostPosted: Wed Nov 04, 2009 8:31 pm    Post subject: Reply with quote

I think this is the record for "oldest thread" bump. Laughing

Spammers always make me laugh.
Back to top
View user's profile Send private message
AdamV
SF Mod
SF Mod


Joined: 06 Oct 2004
Posts: 24
Location: Leeds, UK

Offline

PostPosted: Thu Nov 05, 2009 2:39 am    Post subject: Reply with quote

Pretty close to it, I would say, although we do get lots of these posts on very old threads, usually a lot less lucid than this and much more obviously spammish with several links to recommended products to deal with a problem which is nothing to do with the thread (think adverts for detergent for people wanting to clean up their Windows, that kind of lame search error)

This one actually struck me as possibly a real person doing a search to find people talking about their subject and not paying attention to the dates on the thread before signing up and replying.
Google and others are pretty agnostic about dates on pages - a really relevant but very old page may still get to the top of the results above a new but less relevant (or less highly ranked) one.

Anyway, on this occasion I decided it was probably not spam and left it. Also it gave us all a chance to take a nostalgic trip to bygone days of gentle website defacements instead of harvesting massive botnet armies of zombie machines.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register