Plugin 11000 - default FTP passwords for HP's MPE/xx?

From: Javier Fernandez-Sanguino (jfernandezat_private)
Date: Wed Jun 04 2003 - 02:18:47 PDT

  • Next message: H D Moore: "Re: Plugin 11000 - default FTP passwords for HP's MPE/xx?"

    I was wondering while looking at "MPEi/X Default Accounts" plugin and 
    comparing its tests with CIRT's password list [1] there seems to be some 
    discrepancy between them.
    
    CIRT's lists passwords as:
    
    "Hewlett-Packard","HP 2000/3000 
    MPE/xx","N/A","Multi","FIELD","SUPPORT","N/A",""
    
    That is, user "FIELD" password "SUPPORT"
    
    But the plugin lists the accounts as
    (...)
    accounts[10] = "SUPPORT.FIELD";
    
    and is sent as
    (...)
         username = accounts[i];
         user = string("USER ", username, CRLF);
    
    Should this be done sending first a USER (FIELD) and then a password 
    (SUPPORT) or does the MPEi/X support this strange (non-RFC?) method of 
    logging into a FTP server.
    
    It seems, also, that some of the default accounts listed in CIRT's are 
    not included
    
    Username   | Password
    ----------------------
    OPERATOR     DISC
    FIELD        SERVICE
    FIELD        LOTUS
    FIELD        HPONLY
    HELLO        MGR.SYS
    HELLO        FIELD.SUPPORT
    HELLO        OP.OPERATOR
    MAIL         REMOTE
    MAIL         MPE
    .....
    
    I can do a better cross-check but I would like to know if the plugin 
    behaviour is correct or if I'm missing something...
    
    Regards
    
    Javi
    
    
    
    [1] http://www.cirt.net/cgi-bin/passwd.pl
    



    This archive was generated by hypermail 2b30 : Wed Jun 04 2003 - 02:22:25 PDT