| Apache Tomcat |
http |
tomcat |
tomcat |
|
| Apache Tomcat |
http |
manager |
manager |
|
| Apache Tomcat |
http |
tomcat |
none |
|
| Apache Tomcat |
http |
ADMIN |
ADMIN |
|
| Apache Tomcat |
http |
admin |
admin |
|
| Apache Tomcat |
http |
admin |
password |
|
| Apache Tomcat |
http |
ovwebusr |
OvW*busr1 |
|
| Apache Tomcat |
http |
j2deployer |
j2deployer |
|
| Apache Tomcat |
http |
tomcat |
s3cret |
|
| Apache Tomcat |
http |
cxsdk |
kdsxc |
|
| Apache Tomcat |
http |
xampp |
xampp |
|
| Apache Tomcat |
http |
QCC |
QLogic66 |
|
| Apache Tomcat |
http |
root |
owaspbwa |
|
| Apache Tomcat |
http |
role1 |
tomcat |
|
| Apache Tomcat |
http |
both |
tomcat |
|
| Apache Tomcat |
http |
root |
changethis |
|
| Apache Tomcat |
http |
admin |
changethis |
|
| APC (multiple) |
http |
apc |
apc |
|
| ConnectUPS Web/SNMP Card |
http |
admin |
admin |
|
| ConnectUPS Web/SNMP Card |
telnet |
admin |
admin |
|
| Emerson Network Power IntelliSlot Web Card |
telnet |
Liebert |
Liebert |
|
| Enterasys Switches (multiple) |
telnet |
admin |
NO PASSWORD |
Prompts to change after first login. |
| Fargo DTC4250e |
http |
root |
NO PASSWORD |
|
| Firebird Database |
TCP/3050 |
sysdba |
masterkey |
flamerobin package on Kali to interact with these databases. |
| FortiOS |
ssh |
Fortimanager_Access |
FGTAbc11*xy+Qqz27 |
Hard-coded admin credentials versions 4.3.0 - 4.3.16, 5.0.0 - 5.0.7 |
| Gitlab |
http |
root |
5iveL!fe |
|
| GL.inet WiFi routers (multiple) |
wifi APs named GL-XXX |
n/a |
goodlife |
WiFi default password. |
| Grandstream phones/SIP gateways |
http(s) |
admin |
admin |
|
| Grandstream phones/SIP gateways |
telnet |
admin |
admin |
|
| Graylog Appliance (OVA) |
user account |
ubuntu |
ubuntu |
|
| HID Fargo printers (multiple) |
telnet |
root |
NO PASSWORD |
|
| HID Fargo printers (multiple) |
telnet |
guest |
NO PASSWORD |
|
| Honeywell BNA (multiple) |
telnet |
root |
NO PASSWORD |
|
| Lantronix MSS100 |
http |
NO USERNAME |
system |
|
| MikroTik RB260GS |
http |
admin |
NO PASSWORD |
http://192.168.88.1 -- must manually set client IP when plugged into the switch |
| Netgear (multiple) |
http |
admin |
password |
|
| Motorola FX9500 |
ssh |
cliuser |
NO PASSWORD |
reader.login( login=factory, pwd=HERCf95*..) |
| OPNSense |
user account |
root |
opnsense |
|
| Perle 833 Access Servers |
??? |
superusr |
NO PASSWORD |
Haven't verified; pulled from manufacturer's website. |
| Perle CS9000 Console Server |
??? |
admin |
superuser |
Haven't verified; pulled from manufacturer's website. |
| Perle IOLAN Terminal Server |
??? |
ANY DATA! |
iolan |
Haven't verified; pulled from manufacturer's website. |
| Perle IOPRINT+ Print Server |
??? |
See sticker attached to device |
NO PASSWORD |
Haven't verified; pulled from manufacturer's website. |
| Perle IOSENSE Terminal Servers |
telnet |
admin |
superuser |
|
| Perle Linkstream2000 router |
??? |
manager |
...... |
Haven't verified; pulled from manufacturer's website. |
| Perle Jetstream/Lanstream Terminal Servers |
??? |
admin |
NO PASSWORD |
Haven't verified; pulled from manufacturer's website. |
| Perle P series routers |
??? |
N/A |
BRIDGE |
Haven't verified; pulled from manufacturer's website. |
| PFSense |
http |
admin |
pfsense |
|
| Raritan Secure Gateway |
http |
admin |
raritan |
|
| Raritan Secure Gateway |
telnet |
admin |
raritan |
|
| Raspbian |
user account |
pi |
raspberry |
|
| Sargraph |
http |
admin |
admin123 |
|
| SELKS |
user account |
selks-user |
selks-user |
|
| SELKS |
user account |
selks-user |
live |
In "live mode" |
| SELKS |
user account |
root |
StamusNetworks |
|
| Shackbox Linux |
user account |
herve |
123456789 |
|
| Shackbox Linux |
user account |
root |
123456789 |
|
| SIFT Workstation VM appliance |
user account |
sansforensics |
forensics |
|
| Solarwinds Logging and Event Manager |
ssh |
cmc |
password |
Restricted shell, but a Metasploit module exists to escape it. |
| Splunk |
http |
admin |
changeme |
forces password change after first login |
| Supermicro |
IPMI |
ADMIN |
ADMIN |
|
| TeraStation NAS |
http |
admin |
password |
|
| TP-LINK (multiple) |
http |
admin |
admin |
|
| Transition Networks CPSMM100-120 |
telnet |
NO USERNAME |
private |
|
| Vicidial |
Asterisk Manager |
cron |
1234 |
|
| Vicidial |
http |
6666 |
1234 |
|
| Vicidial |
mysql |
root |
NO PASSWORD |
|
| Vyatta |
user account |
vyatta |
vyatta |
|
| VyOS |
user account |
vyos |
vyos |
|
| Wiegotcha RFID Thief |
user account |
root |
Wiegotcha |
|
| Wiegotcha RFID Thief |
user account |
pi |
Wiegotcha |
|
| Windows Modern IE VMs (multiple) |
user account |
IEUser |
Passw0rd! |
|
| Xerox WorkCentre |
http |
admin |
1111 |
|
| zmodo Cameras/DVRs (multiple) |
??? |
admin |
NO PASSWORD |
|
| zmodo Cameras/DVRs (multiple) |
??? |
admin |
111111 |
|
| zmodo Cameras/DVRs (multiple) |
??? |
admin |
666666 |
|
| zmodo Cameras/DVRs (multiple) |
??? |
admin |
888888 |
|
| ZyXEL PK5001Z |
telnet |
admin |
CenturyL1nk |
CVE-2016-10401 |
| ZyXEL PK5001Z |
telnet |
admin |
QwestM0dem |
|
| ZyXEL PK5001Z |
user account |
root |
zyad5001 |
CVE-2016-10401 |