Nmap Development mailing list archives
Re: Data file for default passwords
From: David Fifield <david () bamsoftware com>
Date: Thu, 3 Mar 2016 18:31:14 +0100
On Thu, Mar 03, 2016 at 10:25:52PM +0530, tabish imran wrote:
There are tons of devices like routers, printers and webcams with default user/ pass combinations . If I were to scrape default passwords from websites and write a script which ( depending onĀ results from the scan ) checks for default passwords , it could be useful. Pro - would take less time than bruteforce Con - might be pretty big ( alternatively the script could look for the default passwords from a website) Comments ?
Hi, what you describe sounds like the existing http-default-accounts script: https://nmap.org/nsedoc/scripts/http-default-accounts.html https://svn.nmap.org/nmap/nselib/data/http-default-accounts-fingerprints.lua A good project would be to increase the coverage of the script; i.e., to add a lot of new entries to http-default-accounts-fingerprints.lua. I don't get what you mean by "scrape default passwords from websites," though. What's your plan for building a database of default credentials? _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Data file for default passwords tabish imran (Mar 03)
- Re: Data file for default passwords David Fifield (Mar 03)
- Message not available
- Re: Data file for default passwords tabish imran (Mar 03)
- Message not available
- Re: Data file for default passwords David Fifield (Mar 03)
- Re: Data file for default passwords Fotis Hantzis (Mar 03)
- Re: Data file for default passwords tabish imran (Mar 03)