Sunday, February 5, 2012

TinKode-NASA 2 Websites Full Access


NASA 2 Websites Full Access

Posted by isrtinkode on February 19, 2010
 _   _
| \ | | __ _ ___  __ _
|  \| |/ _` / __|/ _` |
| |\  | (_| \__ \ (_| |
|_| \_|\__,_|___/\__,_|
      #owned by c0de.breaker
I had access to:
www.istd.gsfc.nasa.gov
www.sed.gsfc.nasa.gov
Some screens:
http://i44.tinypic.com/vnjl10.png
http://i41.tinypic.com/25j9zle.png
http://i37.tinypic.com/294t26t.png
http://i35.tinypic.com/qnpf9y.png
http://i38.tinypic.com/23r5mw.png
http://i37.tinypic.com/2rfe92u.png
http://i35.tinypic.com/a57s5e.png
Informations:
#Version: 5.0.41-community-nt-log
#User: **********.gsfc.nasa.gov
#Principal Database: *****
Tables from “*****” database:
#access
#branch
#docs
#docsbranch
#intro
#programs
Columns from “access” table:
#Id
#firstName
#lastName
#userName
#userID
#passWd
#projAdmin
#branchAdmin
#userAdmin
#userEmail
#deleteFlag
#dateCreated
#dateExp
Admins Accounts:
http://www.istd.gsfc.nasa.gov
[1]c****n:****2b550647
[2]c****n:****457ee5exxx = pass
[3]c****n:****14414xxx
[4]am****s:****df47xxx
[5]m****a:****b668859ca = demo
[6]pm****es:****b668859ca = demo
[7]hb****h:****b410747xxx
[8]rb****rut:****b410747xxx
[9]bw****r:****f299589xxx
[10]j****on:****dc4acc0xxx
[11]j****s:****c4acc0xxx
[12]l****ia:****4746f1dxxx
[13]g****w:****33e5ba3axxx
[14]j****le:****ff639f44xxx
[15]d****k:****0cf29958xxx
[16]A****s:****42fa7cxxx
http://www.sed.gsfc.nasa.gov
[17]l****y:****c17889xxx
[18]k****m:****9040104xxx
[19]j****ch:****dc4acc0xxx
[20]c****rmann:****027e9a6xxx
[21]rw****ey:****d42fa7cxxx
[22]y****e:****6107b5cxxx
[23]s****n:****cf29958xxx
[24]b****i:****dd3b569xxx
[25]lr****y:****410747xxx
[26]e****l:****bf05750xxx
[27]cd****ka:****bb79660xxx
[29]j****es:****e4746f1xxx
[30]r****z:****d75fb3exxx
[31]t****ley:****90f14657de5 = d41d8cd9
[32]e****ks:****d75fb3exxx
[33]ph****es:****6e3e050xxx
[34]pp****an:****0877c779xxx
[35]ac****n:****5eb1a0fexxx
I didn’t want to damage anything. Only to show that nasa subdomains have many SQLI, XSS, vulnerabilities etc
#Finish, c0de.breaker

0 comentarii:

Post a Comment