Stefan Esser posted two blog posts the other day that are worth mentioning. The first was a way to portscan by injecting an arbitrary percent tag to avoid the 401 Basic Auth popup. That might not seem like a big deal but when the victim sees a popup they are a whole lot more likely to know their browser is doing something weird.
The second post was another way to bypass the 401 basic auth dialog but this time he actually shows how to brute force it without causing the popup in Firefox. This is way more powerful than the former technique because it allows you to actually try multiple usernames and passwords against the victim host using favicons (the little black box in the URL field that says “RS” on this very site is an example of one).
So wow, a lot of good stuff coming out this week. I’m glad people are starting to think about this again. I can’t wait to see what happens next.