Home page logo

pen-test logo Penetration Testing mailing list archives

Re: DPE - Default Password Enumeration standarization released
From: Jerome Athias <jerome.athias () free fr>
Date: Sun, 29 Jun 2008 20:28:34 +0200


This is a nice idea.

A tiny script can help extracting (quite correctly) the Phenoelit list
(here i assume that all are routers, blabla)

Note: I would add a vendor ID (here Secunia's one) and a product id ;-).
It makes things more easy when playing theXploiter and searching for
matching vulnerabilities...

I'll mix it with
https://www.securinfos.info/passwords-liste-mots-de-passe.html and some
other Eric Knight' style dad... :-p
I also accept unreleased default passwords lists ^_^

My 0,02 bucks


Kurt Grutzmacher a écrit :
On Thu, Jun 26, 2008 at 05:19:40PM +0200, SD List wrote:
DPE is the security-database naming scheme that provides structured
enumeration of default logons and passwords of network devices,
applications and Operating Systems.

Having a common format for this list is a great idea for many reasons. A
couple questions:

Are you going to be seeding this database from the Phenoelit list @
http://www.phenoelit-us.org/dpl/dpl.html or any other existing lists?

How will the community be able to add / modify to this list?

Will there be a central maintainer or committee (you?) who reviews
entries before inclusion and what's the expected time-line after
submitting can be expected?

When will there be more than just 3 entries in it?  :)


This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]