Penetration Testing mailing list archives
Re: Pentesting a Web Applicaton
From: Anders Thulin <anders.thulin () sentor se>
Date: Fri, 01 Jun 2007 07:52:05 +0200
Stong, Ian C CTR DISA GIG-CS wrote:
When you access the router via web interface a popup comes up asking for username/pwd. It says "Enter username and password for "DI-514" at y.y.y.y - Then it has fields for User Name: and Password: - and then OK or Cancel.
Try find a DI-514 manual on the net: there's usually a way to reset these things to factory default state. Not sure about 514, but at one time some D-Link routers sent out passwords on request. There used to be a windows utility (from D-Link) that sent out a UDP packet to .... some port I've forgotten, and in return each D-LINK device that received that packet would return a reply packet, in which the full configuration appeared, including user and master passwords in clear. I think D-LINK stopped doing that, but I'm not sure where or when the line was drawn. -- Anders Thulin anders.thulin () sentor se 070-757 36 10 ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Pentesting a Web Applicaton behind Akamai Technology grd (May 16)
- RE: Pentesting a Web Applicaton behind Akamai Technology peter.schaub (May 16)
- Re: Pentesting a Web Applicaton behind Akamai Technology Lee Lawson (May 17)
- Pentesting a Web Applicaton Stong, Ian C CTR DISA GIG-CS (May 31)
- Re: Pentesting a Web Applicaton Ed Hottle (May 31)
- Re: Pentesting a Web Applicaton Anders Thulin (May 31)
- RE: Pentesting a Web Applicaton Erin Carroll (May 31)
- Re: Pentesting a Web Applicaton behind Akamai Technology Lee Lawson (May 17)
- RE: Pentesting a Web Applicaton behind Akamai Technology peter.schaub (May 16)
- Re: Pentesting a Web Applicaton behind Akamai Technology Dotzero (May 17)