Re: DPE - Default Password Enumeration standarization released

[Jerome Athias <jerome.athias () free fr>]

Heya,

This is a nice idea.

A tiny script can help extracting (quite correctly) the Phenoelit list
http://www.ja-psi.com/pentest/DPE_ja.xml
(here i assume that all are routers, blabla)

Note: I would add a vendor ID (here Secunia's one) and a product id ;-).
It makes things more easy when playing theXploiter and searching for
matching vulnerabilities...

I'll mix it with
https://www.securinfos.info/passwords-liste-mots-de-passe.html and some
other Eric Knight' style dad... :-p
I also accept unreleased default passwords lists ^_^

My 0,02 bucks

Cheers
/JA

Kurt Grutzmacher a écrit :
> On Thu, Jun 26, 2008 at 05:19:40PM +0200, SD List wrote:
>   
> > DPE is the security-database naming scheme that provides structured
> > enumeration of default logons and passwords of network devices,
> > applications and Operating Systems.
> >     
>
> Having a common format for this list is a great idea for many reasons. A
> couple questions:
>
> Are you going to be seeding this database from the Phenoelit list @
> http://www.phenoelit-us.org/dpl/dpl.html or any other existing lists?
>
> How will the community be able to add / modify to this list?
>
> Will there be a central maintainer or committee (you?) who reviews
> entries before inclusion and what's the expected time-line after
> submitting can be expected?
>
> When will there be more than just 3 entries in it?  :)
>
> Kurt

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------