Penetration Testing mailing list archives
Re: Cognos Default Username and password
From: pagvac <unknown.pentester () gmail com>
Date: Tue, 7 Mar 2006 21:42:35 +0000
On 3/7/06, 3 shool <3shool () gmail com> wrote:
Also use common sense password guessing. i.e.: cognos/cognosThis one seems to be working. When I give the above credentials the system takes me in but then gives the following error: You are not permitted to access the application at this time. CAM-AAA-0096 Unable to authenticate because the account can not be accessed.
I can think of 2 possibilities in this scenario: - there is a policy enabled which restricts what time you can access the application. Have you tried the valid credentials at a different time? - the default credentials are enabled from factory *but* the admin disabled them After googling "CAM-AAA-0096" I found a post that seems to support the 2nd possibility (as I said, research *is* the key): http://64.233.179.104/search?q=cache:eDucMYWXelMJ:www.tek-tips.com/viewthread.cfm%3Fqid%3D1046513%26page%3D14+CAM-AAA-0096&hl=en&gl=uk&ct=clnk&cd=1&client=firefox-a I'm sorry I can't help you any further, but it's a bit hard if I can't actually test the application myself. Maybe other testers from this forum have any thoughts on this? All the best, pagvac
I tried the other combinations that you listed but only cognos/cognos is going in. May be the user is blocked by the application?
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
Current thread:
- Cognos Default Username and password 3 shool (Mar 06)
- Re: Cognos Default Username and password pagvac (Mar 07)
- Re: Cognos Default Username and password 3 shool (Mar 07)
- Re: Cognos Default Username and password pagvac (Mar 07)
- Re: Cognos Default Username and password 3 shool (Mar 07)
- Re: Cognos Default Username and password 3 shool (Mar 07)
- Re: Cognos Default Username and password pagvac (Mar 07)