Nmap Development mailing list archives
Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS
From: Shinnok <admin () shinnok com>
Date: Sat, 23 Jul 2011 12:13:04 +0300
On 07/23/2011 12:02 PM, Shinnok wrote:
Hey Paulino, You should probably check the emulators for d-link routers available on d-link's website. The give you access to the interface of d-link routers as well as their login process. Examples: http://support.dlink.com/emulators/dir825/113NA/Login.html http://support.dlink.com/emulators/di624s/ http://support.dlink.com/EMULATORS/DI524/ They should provide insight you into urls and for some the http post login process. However, I don't own a d-link router and thus I can't attest to their exact fidelity as presented on the website's sandbox, so, if someone reading this e-mail owns a d-link router, can you please find the emulator for it on the website and check that the urls and the login process match the ones on the actual device? You can find a list of all emulators available here: http://www.dlink.com/support/faq/?prod_id=1457 The default username and password for D-Link DI(http auth) and WBR(http post) series are "admin" and blank password. http://www.dlink.com/support/faq/ More default router logins: http://www.routerpasswords.com/ http://www.phenoelit-us.org/dpl/dpl.html http://cirt.net/passwords http://defaultpasswords.in/ http://portforward.com/default_username_password/ http://www.virus.org/default-password/ http://www.3ice.hu/tool/dpl/DefaultRouterPasswordList.html http://urbanwireless.info/default-router-passwords Set top boxes logins: http://www.receiverpasswords.com/ Regards, Shinnok
Forgot to mention this: Another good way of fingerprinting routers and other devices besides url probes, that authenticate via http-auth is by checking the WWW-Authenticate http header field realm: http://www.shodanhq.com/?q=d-link http://www.shodanhq.com/?q=d-link+router http://www.shodanhq.com/?q=linksys You can cross-check identifier strings with lists like: http://www.http-stats.com/header/Www-Authenticate Shinnok _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New NSE script: http-default-accounts.nse - Default account access checker Paulino Calderon (Jul 01)
- Re: New NSE script: http-default-accounts.nse - Default account access checker Gutek (Jul 02)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Paulino Calderon (Jul 16)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Shinnok (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Shinnok (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Hani Benhabiles (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Paulino Calderon (Jul 23)
- Re: New NSE script: http-default-accounts.nse - Default account access checker - CALL FOR FINGERPRINTS Shinnok (Jul 23)