lolcreds

Public credential defaults and exposure patterns for authorized security testing.

Oracle E-Business Suite

Oracleenterprise app4 credentials1 default credential

Credentials4 documented
01

SYSADMIN Application User

oracle-ebs / sysadmin-default

Oracle E-Business Suite includes the SYSADMIN application user for system administration. Fresh or demo environments commonly use an initial SYSADMIN password that must be changed during implementation hardening.

static defaultuser definedsecretusername/password

Default credentials

SYSADMIN:SYSADMIN

Location

public interface
E-Business Suite login, Forms, OA Framework, and web self-service pages
database

FND_USER and related Oracle EBS application security tables

config file

implementation notes, cloning scripts, and application tier configuration

logs

sign-on audit records, Concurrent Manager logs, and web access logs

Notes

Treat SYSADMIN/SYSADMIN as an initial/demo credential to verify and rotate, not proof that a hardened production instance accepts it.

02

FND Application User Password

oracle-ebs / fnd-user-password

EBS application users and service accounts authenticate through the FND user model for forms, web applications, concurrent programs, and integrations.

user definedgenerated on installsecretusername/password

Location

database

FND_USER, password hash/verifier fields, responsibilities, and sign-on audit tables

public interface
EBS web login, Forms, mobile/web services, and integration endpoints
secret store

password managers and enterprise vaults

source code

integration scripts, SOA adapters, and test configs

logs

FND login audit, Apache/OACore logs, and concurrent request logs

03

APPS Schema Password

oracle-ebs / apps-schema-password

Oracle EBS application tiers and database tools use the APPS schema credential to access the EBS data model and PL/SQL packages.

user definedgenerated on installsecretusername/password

Location

database

Oracle Database user/schema state for APPS and product schemas

config file

EBS context files, dbc files, AutoConfig output, scripts, and clone artifacts

secret store

Oracle wallets, password vaults, and deployment secrets

source code

DBA automation, integrations, and migration scripts

logs

AutoConfig, adop, clone, and SQL*Plus logs

04

DBC, JDBC, and WebLogic Secrets

oracle-ebs / dbc-and-jdbc-secrets

EBS application tier files contain database connection descriptors, DBC information, WebLogic admin credentials, and managed server secrets used by the application stack.

generated on installuser definedsecretsecret value

Location

config file

FND_SECURE .dbc files, context XML, WebLogic domain config, JDBC data sources, and application tier properties

secret store

Oracle wallets, credential stores, and deployment vaults

artifact

EBS clones, backups, and support bundles

logs

WebLogic, OACore, forms, and patching logs

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.