Open in app

Sign in

Write

Sign in

HOW I FOUND A BUG IN NASA 🚀

sudo-xabit
3 min readNov 19, 2024

--

Hello, everyone!
I hope you’re doing great. Today, I’m excited to share an incredible story about my recent experience hunting bugs in NASA’s systems. I found four vulnerabilities that were accepted! 🎉 But here’s the twist — their severity levels were downgraded from P3-P4 to P5 (informational), which was a bit disappointing. Regardless, I learned a lot, and I hope you do too from this writeup! If you enjoy it, don’t forget to follow me for more content like this. 🙌

How It Started

Every bug hunt begins with recon and enumeration, where I searched for parameters using fuzzing tools and performed port scans. Once I completed this phase, I transitioned to the actual hunting phase.

During this, I had an idea to check for a vulnerability related to EXIF metadata not being stripped.

What Is EXIF Metadata?

If you’re not familiar with EXIF metadata, let me explain:
When you buy a new phone or reset it to factory settings, the first time you take a picture, it asks for permissions like location or storage. That’s because images and videos store EXIF metadata, which includes:

  • Location (GPS coordinates)
  • Software name
  • Date and time of creation
  • Camera details
  • And much more!

In secure applications, when someone uploads an image, the EXIF metadata is usually removed (stripped) to prevent sensitive data from being leaked. But if it’s not stripped, it can expose personal or confidential information.

What I Found

I started analyzing images uploaded to NASA’s systems. To do this, I used a tool called Exif Tool, which allows you to inspect the metadata of image files. After an hour of searching, I discovered an image uploaded through WordPress content that had EXIF metadata fully intact.

Here’s what the metadata revealed:

  • Date the photo was created
  • Location (GPS coordinates)
  • Name and telephone number of the creator
  • Geolocation details like city
  • Document ID
  • Software used

And much more sensitive information that could potentially violate user privacy!

The Report

I reported the vulnerability, feeling thrilled because this issue highlighted a serious flaw — sensitive metadata wasn’t being stripped. This could lead to:

  • Privacy violations
  • Leakage of user information
  • Non-compliance with security best practices

NASA accepted the report, which was amazing 🚀! However, they categorized it as a P5 (informational) bug instead of a higher severity level like P3 or P4. According to Bug crowd’s VRT (Vulnerability Rating Taxonomy), this type of vulnerability usually falls into the P3-P4 category.

Takeaways

While I was slightly disappointed with the categorization, the experience taught me valuable lessons. I hope this story inspires you to dig deeper into your bug hunting journey and look for creative angles like this one.

If you found this helpful, please follow me for more stories and writeups about different vulnerabilities. Let’s learn and grow together as ethical hackers! 💻✨

check out second part and other write-ups.

NASA
Hacking
Bug Bounty
Vdp
Hall Of Fame

--

--

sudo-xabit
sudo-xabit

Written by sudo-xabit

23 Followers
54 Following

Ethical Hacker in the shadows whispers fly , codes and secrets never die . India 17

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams