FN-FORUM: Hacking the NSA's website

date posted 3rd August 2005 07:50

I dont know if anyones come across this yet, but ive been telling
everyone i know because i find it both funny and concerning that
America's National Security Agency cannot even secure their own
website.

Someone in one of the IRC channels im regularly in found this, they
have notified the NSA of it multiple times since MAY!!! Yet the NSA
dont seem to give a damn.

http://www.nsa.gov/notices/notic00003.cfm?Address=3D%22%3E%3Cscript%3Ealert=
(%22Dread%20was%20here%20and%20the%20NSA%20have%20shit%20security%22)%3C/sc=
ript%3E

Ive not done anything else that play around with the alert() message,
so ive no idea how far this could be taken, and im not too keen on
appearing on the NSA's server log's as someone trying to break things,
but surely its only a matter of time. I'm beginning to think its what
they deserve if they dont fix it even when they are notified of it. Im
sure some 14 year old kid wants his 15 minutes of fame on the local
news for hacking the NSA's website.

Tam Denholm
www.dreadlabs.com