Do you think that the personal from the IT department have default password in their equipments of a production environment? The answer is... YES!!!
In this post, we are going to discover these equipments with default credentials using ẃww.shodanhq.com
Shdoan is like "Google for Hackers". If you don't know; "SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners."
Shodan is different than Google, Bing... Shodan indexes banners, so we can locate specific version of a specific software. For example, we can search servers running Apache 2.2.3 or a specific ProFTP server version with a known vulnerability.
These are popular Shodan searches examples.
Allot
Allot is a Bandwidth management solution.
http://www.shodanhq.com/search?q=jboss+6657&page=2
In this post, we are going to discover these equipments with default credentials using ẃww.shodanhq.com
Shdoan is like "Google for Hackers". If you don't know; "SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners."
Shodan is different than Google, Bing... Shodan indexes banners, so we can locate specific version of a specific software. For example, we can search servers running Apache 2.2.3 or a specific ProFTP server version with a known vulnerability.
These are popular Shodan searches examples.
Allot
Allot is a Bandwidth management solution.
http://www.shodanhq.com/search?q=jboss+6657&page=2
Default credentials
Admin: admin
Password: allot
Admin: admin
Password: allot
Cisco Rourters and Cisco Switches without password.
http://www.shodanhq.com/search?q=cisco-ios+200
Netgear routers
http://www.shodanhq.com/search?q=netgear&page=3
Default credentials
Admin: admin
Password: password
Routers that give the default admin / password in their banner.
http://www.shodanhq.com/search?q=Default%3A%2Badmin
Zhone MALC
Zhone MALC is a full-featured multi-service access platform optimized for delivering voice, data, and video services over a pure packet access network.
http://www.shodanhq.com/search?q=Zhone+SLMS
Default credentials
Admin:admin
Password:zhone
Huawei routers
http://www.shodanhq.com/search?q=SmartAX+MT882
Default credentials
Admin: admin
Password: admin
OpenERP
http://www.shodanhq.com/search?q=SmartAX+MT882
Default credentials
Admin: admin
Password: admin
OpenERP
OpenERP is an Open Source Business Apps
http://www.shodanhq.com/search?q=openerp
Default credentials
Admin: admim
Password: admin
http://www.shodanhq.com/search?q=openerp
Default credentials
Admin: admim
Password: admin
Servidores Vulnerables Proftpd 1.3.3a
http://www.shodanhq.com/search?q=proftpd+1.3.3a
You can run the exploit on Metasploit or you can download on http://www.exploit-db.com/exploits/15449/
http://www.shodanhq.com/search?q=proftpd+1.3.3a
You can run the exploit on Metasploit or you can download on http://www.exploit-db.com/exploits/15449/
0 comments:
Post a Comment