The script is a simple select statement that checks if the username exists with the known password hash for each default user. This is different to my own default password scanner as mine also includes details of the actual password. The new Oracle tool does not include the passwords.
The tool includes around 689 passwords. The big difference with this tool and mine also is that it includes a lot of PeopleSoft default accounts and also some JD Edwards accounts. I guess we both include most of the E-Business Suite ones.
The document is excellent though. It includes details of all default accounts listed in the tool and also details on how to change the passwords. This is very useful as some accounts you cannot simply change the password in the database you also need to change it in config files or elsewhere.
This is a useful tool and worth downloading. So come on Oracle make the document and the tool publically available!!! not just from Metalink.