[Full-Disclosure] Re: IRCXpro 1.0 - Clear local and default remote admin passwords

[morning_wood]

> 2. Remote default admin enabled
> Our Reply: The user is prompted before the server starts for the first
time
> to set their own Operator Name and Password during the Initial Wizard for
> their administrator account.  (See initial.gif file attachment)
>
Look in your .gif and you will note
user:admin
password:password

with a "next" prompt. 90% of users will select "next" blindly.

Donnie Werner
http://exploitlabs.com