Author Topic: password AfXNtpa38x  (Read 1981 times)

0 Members and 3 Guests are viewing this topic.

Offline neusbeer

  • Knight
  • **
  • Posts: 223
  • Cookies: 11
  • Beer makes you stronger XD
    • View Profile
    • http://www.facebook.nl/hackneus
password AfXNtpa38x
« on: February 11, 2014, 08:02:57 pm »
I was busy pentesting ip cam's. and found a 'strange' thing.
I use noisy scanning with Acunetix (yeah I'm lazy), and it bruteforce about
40 passwords including this one.
Example log of Acunetix scan: [size=78%]http://www.webprocomponents.com/photographer-portfolio-pro/Wildlife-portfolio1-demo/admin/attackers/94.220.67.55.log[/size]
(see the bruteforce part) note, this ain't my log ;)


When testing a ipcam, the actual password of the HTTP Auth was AfXNtpa38x.
Not really a password you see everyday, and when I google it, there aren't many hits. (only a leak pastebin with also the same password in it. http://pastebin.com/2vMgHkYk)

Why does this (dutch) IP cam have this password.


Am I missing something? is this a standard password for IP cam's of this type or somekind of buildin hardcoded password.
« Last Edit: February 11, 2014, 08:38:10 pm by neusbeer »
--Neusbeer

Offline Phage

  • VIP
  • Overlord
  • *
  • Posts: 1280
  • Cookies: 120
    • View Profile
Re: password AfXNtpa38x
« Reply #1 on: February 11, 2014, 10:15:44 pm »
Is it weird that people put passwords on their internet connected cams? Just asking...
"Ruby devs do, in fact, get all the girls. No girl wants a python, but EVERY girl wants rubies" - connection

"It always takes longer than you expect, even when you take into account Hofstadter’s Law."

Offline vezzy

  • Royal Highness
  • ****
  • Posts: 771
  • Cookies: 172
    • View Profile
Re: password AfXNtpa38x
« Reply #2 on: February 11, 2014, 10:20:50 pm »
Is it weird that people put passwords on their internet connected cams? Just asking...

It's not weird at all unless you intend on having script kiddies searching for cams on SHODAN to conduct surveillance on you.
Quote from: Dippy hippy
Just brushing though. I will be semi active mainly came to find a HQ botnet, like THOR or just any p2p botnet

Offline neusbeer

  • Knight
  • **
  • Posts: 223
  • Cookies: 11
  • Beer makes you stronger XD
    • View Profile
    • http://www.facebook.nl/hackneus
Re: password AfXNtpa38x
« Reply #3 on: February 11, 2014, 10:35:32 pm »
But why is it in a the wordlist of Acunetix scanner, which uses a small list of often used passwords and the password of a random cam. how big is the chance.
--Neusbeer

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: password AfXNtpa38x
« Reply #4 on: February 11, 2014, 11:04:37 pm »
This is indeed a strange fact. Though the password also appears on that example list you shared. You sure it's only 40 passwords? Maybe it's a very specific brand default password or something underground? :P
~Factionwars

Offline neusbeer

  • Knight
  • **
  • Posts: 223
  • Cookies: 11
  • Beer makes you stronger XD
    • View Profile
    • http://www.facebook.nl/hackneus
Re: password AfXNtpa38x
« Reply #5 on: February 11, 2014, 11:18:58 pm »
Code: [Select]
around 40 yeah. like password,123456 etc.. ain't that much..
Acunetix uses fast bruteforce with a few standard words to speed up..
(still slow though..)
I think brand password..
« Last Edit: February 12, 2014, 09:48:44 am by neusbeer »
--Neusbeer

Offline Phage

  • VIP
  • Overlord
  • *
  • Posts: 1280
  • Cookies: 120
    • View Profile
Re: password AfXNtpa38x
« Reply #6 on: February 12, 2014, 08:58:53 am »
It's not weird at all unless you intend on having script kiddies searching for cams on SHODAN to conduct surveillance on you.


You clearly didn't get the irony.
"Ruby devs do, in fact, get all the girls. No girl wants a python, but EVERY girl wants rubies" - connection

"It always takes longer than you expect, even when you take into account Hofstadter’s Law."

Offline Silent Infiltrator

  • /dev/null
  • *
  • Posts: 17
  • Cookies: -1
  • I came, I saw, I took a nap
    • View Profile
Re: password AfXNtpa38x
« Reply #7 on: February 12, 2014, 07:00:32 pm »
I have literally 0% with IP cams. But my personal instincts would say that a certain brand must use this password, or a certain model?
#YOLOSWAG

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: password AfXNtpa38x
« Reply #8 on: February 12, 2014, 07:04:55 pm »
Well it's logical that the IP cams use a default password, like many things such as routers and shit. People just forget or don't care enough, to change that password.

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: password AfXNtpa38x
« Reply #9 on: February 12, 2014, 09:40:12 pm »

You clearly didn't get the irony.
I think he was adding to yours
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline neusbeer

  • Knight
  • **
  • Posts: 223
  • Cookies: 11
  • Beer makes you stronger XD
    • View Profile
    • http://www.facebook.nl/hackneus
Re: password AfXNtpa38x
« Reply #10 on: February 18, 2014, 07:50:30 pm »
Well it's logical that the IP cams use a default password, like many things such as routers and shit. People just forget or don't care enough, to change that password.


True, but this ain't the standard password, that's admin:admin I think.
looks more like vendor password or such.
--Neusbeer