The content describes how the author, C. Sri Shavin Kumar, a cybersecurity enthusiast, discovered a security vulnerability in NASA's internal systems. By using a simple Google Dorking technique, the author was able to find a PDF document on NASA's website that contained a direct link to their internal Slack workspace. This allowed the author to access the workspace using any Gmail account, exposing confidential information such as internal discussions, sensitive documents, and project plans.
The author highlights that this incident demonstrates that even the best organizations can have security gaps, and Google Dorking can be a powerful tool to uncover hidden vulnerabilities. The author emphasizes the importance of cybersecurity being everyone's responsibility and the need for vigilance in identifying and addressing such security issues.
The content also includes a timeline of the discovery, triage, acceptance, and disclosure of the vulnerability.
toiselle kielelle
lähdeaineistosta
medium.com
Tärkeimmät oivallukset
by Sri Shavin K... klo medium.com 09-03-2024
https://medium.com/@srishavinkumar/p3-medium-how-i-gain-access-to-nasas-internal-workspace-d0896fee563cSyvällisempiä Kysymyksiä