Default password network scanning

Midnight Research Labs has just published a new tool. Depant will scan your network and check to see if services are using default passwords. It starts by performing an Nmap scan to discover available services on the network. It organizes these services by speed of response. Using Hydra it does brute force password checking of these services with a default password list. The user can supply an alternate list for the first phase or an additional list to be used in a followup check. Depant has many different options for configuring your scan and will certainly help you find that rogue piece of hardware on your network that someone failed to set up securely.

15 thoughts on “Default password network scanning

  1. Brute Force != Password list

    Brute Force = a, aa, ab, ac .. c, ca, cb … hell, helm, heln, etc…

    Password List = user, name, username, etc, as the list dictates.

    If hello isn’t on the list, hello won’t be used at all. In brute force, hello will be used, eventually, as every combination of alphanumeric characters of x length are tried.

  2. I was under the impression that a brute force attack was anything that wasn’t trying to just bypass the password.

  3. Dictionary password attacking uses a pre-populated list of possible passwords. Usually those found in a dictionary and that are common words that aren’t spelled funky (i.e. “@pple”).

    Brute force tries every combination from a-z and can try variations of words. This can also be taken from a list but most security scanners will just do variations of common words (i.e. “apple”, “@pple”, “appl3″, etc.)

    Hybrid pw attacks are a combination of the above.

  4. I don’t know if anyone else has made this observation, but there seems to be a trend that a large number of people will take a word like ‘password’, turn it into pa55w0rd and be happy that the result is secure. I’ve just noticed more and more that this is a common thing for non-IT (non-security-conscious) people to do.. Could be a good start for a wordlist anyhow.

  5. people should do this on their home networks too. soooo many people dont secure their wifi fully. they put a WPA2 key on it, thats 64 letters long, but forget to password protect the routers software. put the ip address of the router in, tpye admin and password, and your free to change all the settings you like

  6. Well, ross, you’d have to break the 64 letters long wpa2 key in order to get to the router, so although it’s not a good idea to leave the router unprotected, it’s hardly a serious issue.

  7. well, beamish, you can connect to routers using this amazing invention known as cables – so you in fact do not always need the WPA\WEP key.

    it seems like _ALL_ the posters have no clue – keep using those scripts, kiddies!

  8. Well I would say truth, if they were close enough to plug in a cable to your router you might have a bigger problem’s then the would be intruder stealing the info on your network. I would be more worried about them stealing your network. LOL

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s