Penetration Testing mailing list archives
word lists
From: "The Picard" <thepicard () home com>
Date: Thu, 17 May 2001 23:23:41 -0400
Hello, Does anyone know where word lists containing commands can be found? Let me explain: during a pen-test I found a network device that has a telnet server. However, the prompt doesn't tell what it is/does nor does it appear to be an IOS-style box. More likely an embedded device. The password was trivial, however, there is little I can do with it because most commands I typed give an error back. I wrote a perl script that takes commands from a file and fed them one by one to the device through telnet, saving those that do not lead to an error to a separate file for later examination. Currently (the brute-force is still going on) I'm using 15M wordlist initially designed for password cracking. I'm also looking for a file that contains commands (such as the IOS ones) that are not words by themselves, but can be concatenations of words, with or without hyphens and other typical shell/Cisco/whatever commands. Probably this is more for curiosity than for actual penetration of the above device, however I thought others would be interested as well in such a list. Years ago, there used to be many word lists at ftp.cso.uiuc.edu/pub/security/wordlists/ but the site is no longer up. Thank you.
Current thread:
- [PEN-TEST] MS Exchange 5.5 and Windows NT 4 Skinner, Tim L. (May 11)
- word lists The Picard (May 18)
- Re: word lists James W. Abendschan (May 18)
- Re: word lists Jim Duncan (May 19)
- word lists The Picard (May 18)