Vulnerability Development mailing list archives

Re: default passwords...partII

From: vision () WHITEHATS COM (Max Vision)
Date: Tue, 4 Jul 2000 20:38:33 -0700


On Wed, 5 Jul 2000, Roelof Temmingh wrote:

Maybe someone with some time on hands will register www.defaultpasswords.com :)


Well someone beat me to it; from my
https://secure.register.com/step-8.cgi:
"We apologize but the domain(s) defaultpasswords.com has been taken by
another user in the time you were going through the process. Please note
that we have not billed you for any of the domain names listed above."

Bummer, I'm working on a definitive web database for default passwords.
As I mentioned in private email to several on this list, I have quite a
list already, and have also gone through many search engines gathering
more information (what I did was similar to what was later suggested on
this list).

What I'm doing is different from other work in that my interest is in
accuracy and having a reference, preferrably a URL, for every entry.  I
think it's a mistake to compile a list based on other lists.

Cute, as I typed this email someone took defaultpasswords.net too!  I
think I've lost perspective of just how crowded the net really is.

Max

ob defaultpassword:

examination of the ROM images at
ftp://ftp.osicom.com/pub/printservers/Flash/
reveals the following NETPrint devices have the "sysadm" default:
(yes I looked through all of these roms to verify)
NETPrint 1000E/NDS
NETPrint 1500E/N
NETPrint 2000E/N
NETPrint 1000E/B
NETPrint 2000E/B
NETPrint 1000E/N
NETPrint 2000E/N
NETPrint 1000 T/B
NETPrint 2000 T/B
NETPrint 1000 T/N
NETPrint 2000 T/N
NETPrint 1500 E/B
NETPrint 1500E/N
NETPrint 1500T/N
NETPrint 1000E/D
NETPrint 500 E/B
NETPrint 500 E/N
NETPrint 500 T/B
NETPrint 500 T/N
NETCommuter Remote Access Server
JETXPrint 1000E/B
JETXPrint 1000E/N
JETXPrint 1000T/N
JETXPrint 500 E/B

Additionally, the following may have other telnet defaults than sysadm, as
indicated in the following ASCII strings from the roms:
 TELNET Module loaded
 secret Manager Manager sysadm sysadm guest guest echo echo debug d.e.b.u.g
 login:  Password:  53 %2.2x 42
NETCommuter Remote Access Server
NETPrint 1500 E/B
NETPrint 1000E/D
NETPrint 1000E/NDS
NETPrint 1500E/N
NETPrint 2000E/N

Current thread:

Maximum Linux Security (d/l), (continued)
- - - Maximum Linux Security (d/l) Arturo Busleiman (Jul 04)
    - Re: Maximum Linux Security (d/l) Korhan Gurler (Jul 04)
    - RES: Maximum Linux Security (d/l) Guilherme Mesquita (Jul 04)
    - Re: RES: Maximum Linux Security (d/l) Richard Rager (Jul 04)
    - Any Critical Path N-Plex vulnerabilities ? Juan M. Courcoul (Jul 05)
    - default passwords...partII Roelof Temmingh (Jul 04)
    - Re: default passwords...partII Daniel SALAGEAN (Jul 04)
    - Re: default passwords...partII Joe Jenkins (Jul 05)
    - Re: default passwords...partII Daniel SALAGEAN (Jul 05)
    - Re: default passwords...partII CouNT (Jul 06)
    - Re: default passwords...partII Max Vision (Jul 04)
    - Formatting bugs (was BitchX /ignore bug) Kotz (Jul 04)
    - Re: Maximum Linux Security (d/l) Renato Murilo Langona (Jul 04)
    - BitchX /ignore bug Rick Jansen (Jul 04)
    - Re: BitchX /ignore bug Blue Boar (Jul 04)
    - Re: BitchX /ignore bug Ron DuFresne (Jul 05)
    - Re: BitchX /ignore bug nohican () MARCELLA NIETS ORG (Jul 05)
    - Re: BitchX /ignore bug Steve Mosher (Jul 05)
    - Re: BitchX /ignore bug Ryan Yagatich (Jul 05)
    - Re: BitchX /ignore bug Firstname Lastname (Jul 04)
    - Re: Maximum Linux Security (d/l) rompa (Jul 10)

(Thread continues...)