Re: Pentesting a Web Applicaton

From: Ed Hottle (edhottle@charter.net)
Date: Fri Jun 01 2007 - 00:38:15 EDT

• Next message: Eric Smith: "Re: Pentesting a Web Applicaton"
• Previous message: Ricardo Mourato: "Re: Active Directory Pentest"
• In reply to: Stong, Ian C CTR DISA GIG-CS: "Pentesting a Web Applicaton"
• Next in thread: Eric Smith: "Re: Pentesting a Web Applicaton"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hope this helps.

The following reset procedure will completely restore the default settings
on your D-Link device including your password. This procedure applies to the
DI-514, DI-524....

Step 1 Locate the reset pinhole on the back of the unit.

Step 2 With the unit powered on, press and hold the Reset button.

Step 3 Hold the Reset button for about 10 seconds.

Step 4 Release the Reset button.

Step 5 The unit will reboot. Allow 20-30 seconds before reconnecting.

Step 6 The device is now at factory defaults.

Note: Do not recycle power during the reset procedure.

The default user name for most D-Link devices is admin and the password is
left blank.

On 5/31/07 11:29 AM, "Stong, Ian C CTR DISA GIG-CS" <Ian.Stong.ctr@disa.mil>
wrote:

> Hi,
>
> I have a DLINK router/wireless device that has a web interface for
> managing it via the inside interface. I know the username but the
> password was cached and due to some Winblows issues the info is gone.
>
> Would like some advice for tools I can run (on Windows) to attempt to
> find the password. I tried brutus but wasn't able to get it to work
> properly (or I misconfigured).
>
> When you access the router via web interface a popup comes up asking for
> username/pwd. It says "Enter username and password for "DI-514" at
> y.y.y.y - Then it has fields for User Name: and Password: - and then OK
> or Cancel.
>
>
> You help is appreciated,
>
> Ian Stong
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

• Next message: Eric Smith: "Re: Pentesting a Web Applicaton"
• Previous message: Ricardo Mourato: "Re: Active Directory Pentest"
• In reply to: Stong, Ian C CTR DISA GIG-CS: "Pentesting a Web Applicaton"
• Next in thread: Eric Smith: "Re: Pentesting a Web Applicaton"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:50 EDT