Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: DPE - Default Password Enumeration standarization released
From: natron <natron () invisibledenizen org>
Date: Mon, 30 Jun 2008 06:52:30 -0500

Don't forget Pete Finnigan's default password list for Oracle, which
contains almost 600 user ID/pw combinations spanning various Oracle
installations, add-ons, and common third-party products.

http://www.petefinnigan.com/default/default_password_list.htm

N

On Sun, Jun 29, 2008 at 1:28 PM, Jerome Athias <jerome.athias () free fr> wrote:

Heya,

This is a nice idea.

A tiny script can help extracting (quite correctly) the Phenoelit list
http://www.ja-psi.com/pentest/DPE_ja.xml
(here i assume that all are routers, blabla)

Note: I would add a vendor ID (here Secunia's one) and a product id ;-).
It makes things more easy when playing theXploiter and searching for
matching vulnerabilities...

I'll mix it with
https://www.securinfos.info/passwords-liste-mots-de-passe.html and some
other Eric Knight' style dad... :-p
I also accept unreleased default passwords lists ^_^

My 0,02 bucks

Cheers
/JA

Kurt Grutzmacher a écrit :
On Thu, Jun 26, 2008 at 05:19:40PM +0200, SD List wrote:

DPE is the security-database naming scheme that provides structured
enumeration of default logons and passwords of network devices,
applications and Operating Systems.


Having a common format for this list is a great idea for many reasons. A
couple questions:

Are you going to be seeding this database from the Phenoelit list @
http://www.phenoelit-us.org/dpl/dpl.html or any other existing lists?

How will the community be able to add / modify to this list?

Will there be a central maintainer or committee (you?) who reviews
entries before inclusion and what's the expected time-line after
submitting can be expected?

When will there be more than just 3 entries in it?  :)

Kurt

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]