Published on February 10th, 2013 | by NJ Ouchn0
DPE Default Password Enumeration Parser and XML Database Beta released
Years ago (around 2007/2008), i have designed the DPE project as an effort to provide structured enumeration of default logons and passwords of network devices, applications and Operating Systems.
The main goal is to increase the “password auditing scanners” interoperability potential.
Any kind of tool integrating the XML DPE scheme will be able to identify and report default access configurations on specific devices, softwares or operating systems.
Taking into account the benefits of SecurityMetrics standards principles, DPE integrates the CPE naming scheme (mitre.org) to describe information technology systems, plateforms and packages.
DPE provides the default usernames and passwords information for the following :
- Operating Systems : Unix, Linux, Windows, iSeries AS/400 …
- Network devices : Routers, firewalls, switches, printers
- Databases : Oracle, MySQL, MS SQL and more
- Web applications : WebSphere, Apache …
- Administrative Web Based solutions
- Telephony devices and SIP systems
- Other: specific applicances.
Why DPE ?
During a security evaluation process, auditors do not have a fast and simple way to identify at a glance the default access parameters of targeted device.
In fact, most of them use a simple bruteforce utility to try every couple of Logons and passwords. In one hand, this could be a time-consuming stage and in the other it may causes indirect denial of service (accounts lockout, IP banning, alarms raising …)
I got the idea and solved by the way my the problem (during a pentesting) by creating the DPE (Default Password Enumeration).
Now every piece of software that integrates the DPE scheme along with the latest passwords Database can test the appropriate default logon/password.
To demonstrate the added value of the concept and to facilitate the understanding of the DPE basics, I have developed a simple program called ‘DPEparser ‘. DPEparser is written in python and allows to consume the xml based database. The database itself is the core of the DPE concept. It is based on a wide amount of data found on renowned sites that have done a great job by keeping and sharing with us the information.
And to stand out from the others, DPE incorporates some missing information such as CPE (Common Platform Enumeration) and CVE. The main goals are to unify and to facilitate the search for default passwords during security assessments or penetration testing.
As a result, my ultimate objective is the creation of a unique and consolidated database for default credentials aligned with open standards such as CVE and CPE.
For this first beta release, I generated a list of 301 passwords and 32 vendors. I added several entries CPE based on the official NVD dictionary v2.2 (http://nvd.nist.gov/cpe.cfm) when it is possible to do so. The database should grow very quickly.
DPEparser is open source. So feel free to debug/modify the code as long as you keep …. you know the drill 😉
- Integrated information
- Vendor name
- Device Description,
- CPE (if any)
- CVE (if any)
- Protocol used
- Default tcp/udp port
- default username
- default password
- Search for credentials by CPE Common Platform Enumeration v2.2 (cpe:/h:cisco:building_broadband_service_manager:5.0)
- Search for credentials by Type (available keywords: router,switch,firewall,voip,software, operating system, telephony, database, printer)
- Search for credentials by vendor (cisco, alcatel ….)
- Export and save automatically results to a comma-separated. It can be supplied to your favorite password bruteforcer.
- Update DPE xml database from the official DPE repository (www.toolswatch.org/dpe)