Cyberwar Efforts Step-Up – NASA Sites Hacked

Use Netsparker


Ah cyberwar, cyber terrorism, efforts are ramping up, more sites are going down.

The war in Lebanon is now showing its consequences in the digital world and a huge number of websites has been attacked and defaced as a protest against the invasion of Lebanon by Israel.

Today two NASA websites were attacked as well. The intrusion was carried out by the Chilean group of crackers known as Byond Hackers Crew through a leak in the SQL Injection they entered the system and subtracted user names, passwords and e-mails from the NASA web server.

Seems like a pretty straight forward attack..but a high profile government site being prone to SQL injection that allow admin escalation?

That’s pretty bad..

After that these information had been stolen, they managed in entering the administrative area by using an administrator user ID and password , and finally they made the defacement replacing the homepage with their message.

This group goes with the others that in last days carried out attacks against governmental and commercial websites both from America and Israel, whereas other blackhat groups attacked Israeli websites provoking a denial of service (DDoS) of that particular webpage.

Let’s hope things don’t boil over to attacking powerstations or anything that will cause collateral damage.

Source: Zone-H

Posted in: Hacking News, Web Hacking

, , ,


Latest Posts:


HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.
NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.
Metta - Information Security Adversarial Simulation Tool Metta – Information Security Adversarial Simulation Tool
Metta is an information security preparedness tool in Python to help with adversarial simulation and assess security defense preparation and alerts.


Comments are closed.