Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customise your settings, hit “Customise Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences

  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.
Sign in

Orion hacker sends stowaway into SPAAAAACE

Terrestrial attack packs p0wnload aboard sub-orbital flight

Darren Pauli Mon 8 Dec 2014 // 08:28 UTC

One of the 1.3 million names sent into space aboard NASA's Orion test capsule was a stowaway, uploaded to NASA's database by a security researcher who found and exploited a vulnerability.

The name 'Payload1 Payload2' was one of three uploaded to the NASA Orion database that collected names to be later transferred to a chip aboard the rocket and shot into space.

The hack since closed was not malicious nor dangerous to the mission but rather a flexing of grey matter by bug hunter Benjamin Kunz Mejri.

"Two IDs were observed by the NASA team and one passed through the procedure of verification and validation," Mejri wrote in an advisory.

"To ensure the ticket was closed NASA included an image that shows the user in the official NASA 'no fly list'.

"The high severity vulnerability allows remote attackers to inject own system specific codes to the application-side of the affected NASA online-service website."

The filter bypass and persistent input validation web vulnerability was related to the first and surname fields of the Orion boarding pass module.

It let remote attackers to inject scripts to compromise NASA's embed boarding pass module.

"After saving the malicious context to a boarding pass service the attacker can use the embed module to stream malicious codes as embed code execution through the boarding pass application of the NASA Mars program website," he said.

Mejri reported the flaw and his exploits to NASA which promptly banned two of the three identities uploaded, allegedly missing one. The two known identities were stamped with a 'no fly list' while the third remains known only to Mertz.

Names were written to a chip using e-beam lithography and subsequently flashed to a second chip which went into space.

NASA said the chip was not vulnerable since it was isolated and lacked executable code.

The ship landed safely in the Pacific Ocean Saturday a mile and a half off-target.

Mejri's payload spent four hours and 24 minutes in two elliptical orbits of Earth, with an apogee of 5800 kilometres. ®

24 Comments

Similar topics

Broader topics

Narrower topics

Other stories you might like

Biting the hand that feeds IT © 1998–2022

Your Consent Options Cookies Privacy Ts&Cs