The hacker claims to have downloaded the entire NSC Knowledge Now site

Oct 27, 2012 10:52 GMT  ·  By

A hacker called “LegitHacker97” leaked an 82 MB file representing an entire website owned by the US National Aeronautics and Space Administration (NASA). More precisely, the target appears to be the NSC Knowledge Now site (nsckn.nasa.gov), which can only be accessed by authorized users.

The hacker told The Hacker News that he leveraged a Local File Include vulnerability to upload his own shell. This allowed him to download the entire website.

He claims that the security hole has been addressed after he breached the site.

The Hacker News’ Mohit Kumar analyzed the leaked data and he claims that it legitimately appears to originate from nsckn.nasa.gov.

He believes that the hacker might have social engineered NASA employees because users can only gain access to the site after obtaining clearance from a NASA officer.