Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Data file for default passwords

From: tabish imran <tabish.imran96 () gmail com>
Date: Thu, 3 Mar 2016 23:19:05 +0530
Hello fortis ,
Yeah , that makes more sense , I'll try to add them to the
http-default-accounts-fingerprints.lua , as suggested by David.
On 03-Mar-2016 11:01 pm, "Fotis Hantzis" <ithilgore.ryu.l () gmail com> wrote:


Hello Tabish,
if you were to compile such a list it would be very useful for both Ncrack
and the Nmap NSE brute force scripts.
Instead of writing a separate wrapper script, these username/password
combinations could have a higher priority in the default lists that both
tools use.
Regards,
ithilgore


On Thu, Mar 3, 2016 at 10:55 AM, tabish imran <tabish.imran96 () gmail com>
wrote:



There are tons of devices like routers, printers and webcams with default
user/pass combinations . If I were to scrape default passwords from
websites and write a script which ( depending on  results from the scan )
checks for default passwords , it could be useful.

Pro - would take less time than bruteforce

Con - might be pretty big

( alternatively the script could look for the default passwords from a
website)

Comments ?

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/





_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: