EvilZone

Hacking and Security => Hacking and Security => : neusbeer February 11, 2014, 08:02:57 PM

: password AfXNtpa38x
: neusbeer February 11, 2014, 08:02:57 PM: I was busy pentesting ip cam's. and found a 'strange' thing.
I use noisy scanning with Acunetix (yeah I'm lazy), and it bruteforce about
40 passwords including this one.
Example log of Acunetix scan: [size=78%]http://www.webprocomponents.com/photographer-portfolio-pro/Wildlife-portfolio1-demo/admin/attackers/94.220.67.55.log (http://www.webprocomponents.com/photographer-portfolio-pro/Wildlife-portfolio1-demo/admin/attackers/94.220.67.55.log)[/size]
(see the bruteforce part) note, this ain't my log ;)

When testing a ipcam, the actual password of the HTTP Auth was AfXNtpa38x.
Not really a password you see everyday, and when I google it, there aren't many hits. (only a leak pastebin with also the same password in it. http://pastebin.com/2vMgHkYk (http://pastebin.com/2vMgHkYk))

Why does this (dutch) IP cam have this password.

Am I missing something? is this a standard password for IP cam's of this type or somekind of buildin hardcoded password.
: Re: password AfXNtpa38x
: Phage February 11, 2014, 10:15:44 PM: Is it weird that people put passwords on their internet connected cams? Just asking...
: Re: password AfXNtpa38x
: vezzy February 11, 2014, 10:20:50 PM: : Phage February 11, 2014, 10:15:44 PM
Is it weird that people put passwords on their internet connected cams? Just asking...

It's not weird at all unless you intend on having script kiddies searching for cams on SHODAN to conduct surveillance on you.
: Re: password AfXNtpa38x
: neusbeer February 11, 2014, 10:35:32 PM: But why is it in a the wordlist of Acunetix scanner, which uses a small list of often used passwords and the password of a random cam. how big is the chance.
: Re: password AfXNtpa38x
: Stackprotector February 11, 2014, 11:04:37 PM: This is indeed a strange fact. Though the password also appears on that example list you shared. You sure it's only 40 passwords? Maybe it's a very specific brand default password or something underground? :P
: Re: password AfXNtpa38x
: neusbeer February 11, 2014, 11:18:58 PM: :
around 40 yeah. like password,123456 etc.. ain't that much.. Acunetix uses fast bruteforce with a few standard words to speed up.. (still slow though..) I think brand password..
: Re: password AfXNtpa38x
: Phage February 12, 2014, 08:58:53 AM: : vezzy February 11, 2014, 10:20:50 PM
It's not weird at all unless you intend on having script kiddies searching for cams on SHODAN to conduct surveillance on you.

You clearly didn't get the irony.
: Re: password AfXNtpa38x
: Silent Infiltrator February 12, 2014, 07:00:32 PM: I have literally 0% with IP cams. But my personal instincts would say that a certain brand must use this password, or a certain model?
: Re: password AfXNtpa38x
: Kulverstukas February 12, 2014, 07:04:55 PM: Well it's logical that the IP cams use a default password, like many things such as routers and shit. People just forget or don't care enough, to change that password.
: Re: password AfXNtpa38x
: lucid February 12, 2014, 09:40:12 PM: : Phage February 12, 2014, 08:58:53 AM

You clearly didn't get the irony.
I think he was adding to yours
: Re: password AfXNtpa38x
: neusbeer February 18, 2014, 07:50:30 PM: : Kulverstukas February 12, 2014, 07:04:55 PM
Well it's logical that the IP cams use a default password, like many things such as routers and shit. People just forget or don't care enough, to change that password.

True, but this ain't the standard password, that's admin:admin I think.
looks more like vendor password or such.