Foxnews.com has taken an unsuspected turn and become an open wiki site. For more info see http://linuxinit.net/site/?id=664. Summary:
While browsing around the Fox News website, I found that directory indexes are turned on. So, I started following the tree up, until I got to /admin. Eventually, I found my way into /admin/xml_parser/zdnet/, in which, there is a shell script. Seeing as it’s a shell script, and I use Linux, I took a peek. Inside, is a username and password to an FTP. So, of course, I tried to login. The result? Epic fail on Fox’s part. And seriously, what kind of password is T1me Out. This is just pathetic.
And here’s something just too funny, something I hope will turn up on xkcd.com
(originally located at http://www.foxnews.com/images/root_images/071907_velociraptor1.jpg, this is a mirrored copy)
As other recent posts have mentioned, these blogs have just turned 2 years old. In order to celebrate the event I wanted to look back at the archives and find a post that stood out. This is hard when you’re talking about a blog of this high calibre. I started various popular posts, they were all very well written, technically and linguistically, so I had a hard time choosing. I decided to take an alternate route, I decided to read the posts that were made around the time I joined the site, the ones that convinced me as to the greatness of this blog.
I went back to January 2006 and one post in particular jumped right out at me; Interview: Ilfak Guilfanov. This was a great post addressing what at the time was a major issue and something that made me realise just what type of people make up this blog. I suggest you have a read of that post and other similar great posts, they make great reading for a Monday morning/early afternoon.
Happy birthday blogs, may your next 2 years be even greater.
I know I shouldn’t be merely referencing others’ blog posts, but this is just too good. Kuza55 has written up how a phisher can very easily get around the phishing-filter implemented in IE7, Firefox and Opera.
I’m writing this purely to pass on a message. If you’ve ever used the burp suite and have a comment about the software, now is the time to let the developers know. If you haven’t tried it yet, give it a go, you won’t regret it.
This is just to let you know that work is underway on the next release of Burp Suite, which should be available later this year. This will be a major upgrade with lots of new features in all of the tools.
At this point, it would be good to hear any other feature requests that you may have, however large or small. Please reply to me directly or join the discussion here:
and I’ll address as many as I can.
I’d be grateful if you would pass this email on to anyone else in your team who uses Burp Suite.