How I Hacked NASA Using Google Dork in Just 10 Minutes

Hey, fellow security enthusiasts!👋

I’m Gaurish , a beginner in the world of bug hunting, and guess what? I recently found a PII data exposure vulnerability on NASA’s website. This write-up is my humble attempt to share my journey and hopefully help some of you out there. So, buckle up and get ready for some laughs (and maybe a few cringes) as I walk you through how I made my first significant find.

The Humble Beginnings✨

Alright, let me level with you. As a rookie, diving into bug hunting can feel like trying to swim before you can crawl. But there’s one tool that can make you feel like a pro instantly: Google Dorking. For the uninitiated, Google Dorking is like using Google search on steroids – you can uncover a treasure trove of sensitive information with just a few clever search queries.

The Initial Recon🚀

Being new to this, I knew my dream of hacking NASA was a bit ambitious – but hey, who doesn’t dream big? Bug hunting typically requires a ton of patience and a solid foundation of knowledge, especially when you’re targeting an organization as massive as NASA. But, armed with a couple of low-level bug hunting tips, I decided to dive right in. Was it the smartest move? Probably not. Was it fun? Absolutely.

I kicked off my NASA reconnaissance mission using Google Dorking. Think of Google Dorking as the sniper rifle of hacking– it’s versatile and surprisingly powerful.

Here’s the initial dork I used:

This query is designed to uncover directory listings on NASA’s domain. To my astonishment, I unearthed over 100 directory listings. That’s a lot of potential vulnerabilities just waiting to be explored!

Narrowing the Search🧐

With so many directories, I needed a way to sift through the noise. I decided to zero in on specific keywords. My first shot was at finding databases:

Unfortunately, my dreams of uncovering NASA’s hidden databases were dashed – nothing turned up. Next, I tried looking for admin pages:

Still, no luck. At this point, I was starting to think the universe was having a laugh at my expense as i am a beginner. But then, I had a lightbulb moment: PII (Personally Identifiable Information). I tweaked my approach and searched for contacts:

Jackpot!🤯

And there it was – a subdomain of nasa with a file named contacts.asc. My heart was pounding as I clicked on it, and the file downloaded to my system. Inside, I found names, emails, phone numbers, fax numbers, and addresses of more than 120 personnel associated with the Mars Pathfinder mission. It was a goldmine of sensitive information.

Reporting the Bug

I wasted no time and reported the issue through Bugcrowd. After an agonizing 4-hour wait, I received a response: the issue was replicated and triaged with a P3 severity. The next day, at 1:00 AM approx I got the confirmation I was hoping for – my issue was validated, and I earned my first Hall of Fame mention from NASA.

Lessons Learned

Here are a few takeaways from my adventure:

1. Persistence Pays Off: Don’t get discouraged by initial failures. Keep experimenting with different keywords and approaches.

2. Google Dorking is Powerful: It’s an underrated but highly effective recon method, especially for beginners.

3. Report Responsibly: If you find something, report it through the proper channels. Ethical hacking is all about making the internet a safer place.

Final Thoughts

Bug hunting can be a thrilling and rewarding experience, even for beginners like me. If I can stumble upon a significant find at NASA, so can you. So, get out there, start dorking, and may the bugs be ever in your favor!

Happy hacking, everyone!

Feel free to share your thoughts and experiences in the comments. Let’s learn and laugh together!

You can connect with me on LinkedIn

Note: This write-up is purely for educational purposes. Always follow ethical guidelines and report vulnerabilities responsibly.

I hope you enjoyed this journey as much as I did. Until next time, stay curious and keep hunting!