GET YOUR VULNERABILITY AND THREAT DATABASE SUBSCRIPTION
EKOLABS 2016


Tools

Published on March 9th, 2013 | by NJ Ouchn

0

DPE Default Password Enumeration Parser and XML Database / Scheme Beta 002 released

DPE Default Password Enumeration Concept is an effort to provide structured enumeration of default logons and passwords of network devices, applications and Operating Systems.

The main goal is to increase the “password auditing scanners” interoperability potential. Any kind of tool integrating the XML DPE scheme will be able to identify and report default access configurations on specific devices, software or operating systems.

Taking into account the benefits of SecurityMetrics standards principles, DPE integrates CPE naming scheme (http://cpe.mitre.org) to describe information technology systems, platforms and packages and CVE (http://cve.mitre.org) to describe the vulnerability

DPE provides the default usernames and passwords information for the following:

  • Operating Systems : Unix, Linux, Windows, iSeries AS/400 …
  • Network devices : Routers, firewalls, switches, printers
  • Databases : Oracle, MySQL, MS SQL and more
  • Web applications : WebSphere, Apache …
  • Administrative Web Based solutions
  • Telephony devices and SIP systems
  • Other: specific applicances.

Changelog

New DPE scheme.

The information and Credentials are now organized by Vendor. In fact, the xml becomes easier to read and consume.

Here is a sample

<vendor name="advantech">
    <model cpe="cpe:/h:advantech:adam-6015" description="advantech adam-60xx module series" dpeid="dpe-2008-5848" type="scada">
      <info cve="cve-2008-5848" port="80" protocol="http"/>
      <credential password="&quot;00000000&quot;" username="none"/>
    </model>
    <model cpe="cpe:/h:advantech:adam-6017" description="advantech adam-60xx module series" dpeid="dpe-2008-5848" type="scada">
      <info cve="cve-2008-5848" port="80" protocol="http"/>
      <credential password="&quot;00000000&quot;" username="none"/>
    </model>
</vendor>

Added a DPE id

The main idea behind this id is to associate a default credential with a CVE whenever is possible to do so. It will facilitate the extraction of information from the DPE xml db on the basis on CVE (or DPE id). This feature will be added for the next beta release.

For default passwords reported by CVE-2008-5848, the DPE id will be “DPE-2008-5848”.

Parser update

Few modification added to the parser to reflect the new DPE scheme and to report more information in output text file.

You can now check the XML DB version by leveraging the -b (or  – -banner)

$ ./dpeparser.py --banner
    ____  ____  _____   ____   
   |  _ \|  _ \| ____| |  _ \ __ _ _ __ ___  ___ _ __ 
   | | | | |_) |  _|   | |_) / _` | '__/ __|/ _ \ '__|
   | |_| |  __/| |___  |  __/ (_| | |  \__ \  __/ |   
   |____/| |   |_____| |_|   \__,_|_|  |___/\___|_|   
         |_|Beta 002 Database XML build v212_p1922

Where

v212 means 212 vendors

p1922 means 1922 passwords

It is mandatory to download this new parser.

Download & Usage

Tags: , ,


About the Author

“Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses”



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑