«
»

pWn3d!


While looking to grab some podcasts for my commute to DC this morning, I went to check out the website for WYPR.  The following image is currently their homepage:

wypr-owned.jpg

I do not know if it will be there by the time you read this, but I find it pretty entertaining.   Of course, website defacement these days is trivial, but someone forgot to patch something or shutdown an unneeded service.  ;-)

, ,

This entry was posted on March 7, 2007, 6:34 am UTC and is filed under Uncategorized. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. #1 by Paul on March 7, 2007 - 10:47 am UTC

    My guess would be they got in via FTP:

    ftp 207.114.6.197
    Connected to http://www.wypr.org.
    220 vwww3 Microsoft FTP Service (Version 5.0).

    and excuse me but why, why do they have FTP open to the world?!?!?!

    Quote

  2. #2 by Jason J. Thomas on March 7, 2007 - 11:27 am UTC

    Heh. And it looks like the anonymous account is enabled on IIS 5. Someone is going to get in a shitstorm of trouble about this.

    And, really, why would you have FTP open? Close it. If you need it, put it on a separate box.

    Quote

  3. #3 by Psychophil on March 8, 2007 - 6:10 pm UTC

    Thats whats happens when somebody brings in their nephew who ‘knows all about computers’ to set up the web site.

    Quote

  4. #4 by Jason J. Thomas on March 10, 2007 - 11:30 am UTC

    psychophil: So true. “I know how to setup a server. How hard is it? It looks just like Windows 95.”

    Quote
(will not be published)