Default Credentials

Default credentials are pre-set usernames and passwords for web applications, intended for initial access post-installation.

It's crucial to change these credentials after setup to prevent unauthorized access by attackers.

Importance in Security Testing:

• Testing for default credentials is a key aspect of authentication testing, as highlighted in OWASP's Web Application Security Testing Guide.

• Common default credentials often include combinations like "admin" and "password."

Resources for Testing:

• Various platforms maintain lists of default credentials, such as:

  • CIRT.net: A web database where you can find default credentials for specific devices (e.g., Cisco).

  • SecLists: A collection of default credentials.

  • SCADA GitHub Repository: Contains default passwords for various vendors.

Practical Example:

• During a penetration test, if a Cisco device is identified, we can reference CIRT.net for its default credentials.

• For web applications like BookStack, a targeted internet search can yield default credentials. For instance, searching "bookstack default credentials" can lead to installation instructions revealing the default admin login as [email protected] with the password "password."

Conclusion:

• Always ensure default credentials are changed to enhance security and mitigate risks associated with unauthorized access.