Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: DPE - Default Password Enumeration standarization released
From: Jerome Athias <jerome.athias () free fr>
Date: Sun, 29 Jun 2008 20:28:34 +0200

Heya,

This is a nice idea.

A tiny script can help extracting (quite correctly) the Phenoelit list
http://www.ja-psi.com/pentest/DPE_ja.xml
(here i assume that all are routers, blabla)

Note: I would add a vendor ID (here Secunia's one) and a product id ;-).
It makes things more easy when playing theXploiter and searching for
matching vulnerabilities...

I'll mix it with
https://www.securinfos.info/passwords-liste-mots-de-passe.html and some
other Eric Knight' style dad... :-p
I also accept unreleased default passwords lists ^_^

My 0,02 bucks

Cheers
/JA

Kurt Grutzmacher a écrit :
On Thu, Jun 26, 2008 at 05:19:40PM +0200, SD List wrote:
  
DPE is the security-database naming scheme that provides structured
enumeration of default logons and passwords of network devices,
applications and Operating Systems.
    

Having a common format for this list is a great idea for many reasons. A
couple questions:

Are you going to be seeding this database from the Phenoelit list @
http://www.phenoelit-us.org/dpl/dpl.html or any other existing lists?

How will the community be able to add / modify to this list?

Will there be a central maintainer or committee (you?) who reviews
entries before inclusion and what's the expected time-line after
submitting can be expected?

When will there be more than just 3 entries in it?  :)

Kurt

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault