EvilZone

Hacking and Security => Hacking and Security => Topic started by: neusbeer on February 11, 2014, 08:02:57 PM

Title: password AfXNtpa38x
Post by: neusbeer on February 11, 2014, 08:02:57 PM: I was busy pentesting ip cam's. and found a 'strange' thing.
I use noisy scanning with Acunetix (yeah I'm lazy), and it bruteforce about
40 passwords including this one.
Example log of Acunetix scan: [size=78%]http://www.webprocomponents.com/photographer-portfolio-pro/Wildlife-portfolio1-demo/admin/attackers/94.220.67.55.log (http://www.webprocomponents.com/photographer-portfolio-pro/Wildlife-portfolio1-demo/admin/attackers/94.220.67.55.log)[/size]
(see the bruteforce part) note, this ain't my log ;)

When testing a ipcam, the actual password of the HTTP Auth was AfXNtpa38x.
Not really a password you see everyday, and when I google it, there aren't many hits. (only a leak pastebin with also the same password in it. http://pastebin.com/2vMgHkYk (http://pastebin.com/2vMgHkYk))

Why does this (dutch) IP cam have this password.

Am I missing something? is this a standard password for IP cam's of this type or somekind of buildin hardcoded password.
Title: Re: password AfXNtpa38x
Post by: Phage on February 11, 2014, 10:15:44 PM: Is it weird that people put passwords on their internet connected cams? Just asking...
Title: Re: password AfXNtpa38x
Post by: vezzy on February 11, 2014, 10:20:50 PM: Quote from: Phage on February 11, 2014, 10:15:44 PM
Is it weird that people put passwords on their internet connected cams? Just asking...

It's not weird at all unless you intend on having script kiddies searching for cams on SHODAN to conduct surveillance on you.
Title: Re: password AfXNtpa38x
Post by: neusbeer on February 11, 2014, 10:35:32 PM: But why is it in a the wordlist of Acunetix scanner, which uses a small list of often used passwords and the password of a random cam. how big is the chance.
Title: Re: password AfXNtpa38x
Post by: Stackprotector on February 11, 2014, 11:04:37 PM: This is indeed a strange fact. Though the password also appears on that example list you shared. You sure it's only 40 passwords? Maybe it's a very specific brand default password or something underground? :P
Title: Re: password AfXNtpa38x
Post by: neusbeer on February 11, 2014, 11:18:58 PM: Code: [Select]
around 40 yeah. like password,123456 etc.. ain't that much.. Acunetix uses fast bruteforce with a few standard words to speed up.. (still slow though..) I think brand password..
Title: Re: password AfXNtpa38x
Post by: Phage on February 12, 2014, 08:58:53 AM: Quote from: vezzy on February 11, 2014, 10:20:50 PM
It's not weird at all unless you intend on having script kiddies searching for cams on SHODAN to conduct surveillance on you.

You clearly didn't get the irony.
Title: Re: password AfXNtpa38x
Post by: Silent Infiltrator on February 12, 2014, 07:00:32 PM: I have literally 0% with IP cams. But my personal instincts would say that a certain brand must use this password, or a certain model?
Title: Re: password AfXNtpa38x
Post by: Kulverstukas on February 12, 2014, 07:04:55 PM: Well it's logical that the IP cams use a default password, like many things such as routers and shit. People just forget or don't care enough, to change that password.
Title: Re: password AfXNtpa38x
Post by: lucid on February 12, 2014, 09:40:12 PM: Quote from: Phage on February 12, 2014, 08:58:53 AM

You clearly didn't get the irony.
I think he was adding to yours
Title: Re: password AfXNtpa38x
Post by: neusbeer on February 18, 2014, 07:50:30 PM: Quote from: Kulverstukas on February 12, 2014, 07:04:55 PM
Well it's logical that the IP cams use a default password, like many things such as routers and shit. People just forget or don't care enough, to change that password.

True, but this ain't the standard password, that's admin:admin I think.
looks more like vendor password or such.