Default password network scanning

Midnight Research Labs has just published a new tool. Depant will scan your network and check to see if services are using default passwords. It starts by performing an Nmap scan to discover available services on the network. It organizes these services by speed of response. Using Hydra it does brute force password checking of these services with a default password list. The user can supply an alternate list for the first phase or an additional list to be used in a followup check. Depant has many different options for configuring your scan and will certainly help you find that rogue piece of hardware on your network that someone failed to set up securely.

Comments

  1. cde says:

    Brute Force != Password list

    Brute Force = a, aa, ab, ac .. c, ca, cb … hell, helm, heln, etc…

    Password List = user, name, username, etc, as the list dictates.

    If hello isn’t on the list, hello won’t be used at all. In brute force, hello will be used, eventually, as every combination of alphanumeric characters of x length are tried.

  2. yaleman says:

    It’s more of a dictionary attack than a brute force, but it’s a cute looking tool nonetheless.

  3. antiver says:

    isn’t a dictionary attack just a specific type of brute force attack?

  4. GoldenGoblin says:

    I thought it was gonna be wardriving depant but alas…

    Still nice utilites… thanks

  5. Dontknowmuch says:

    I was under the impression that a brute force attack was anything that wasn’t trying to just bypass the password.

  6. Matt says:

    Dictionary password attacking uses a pre-populated list of possible passwords. Usually those found in a dictionary and that are common words that aren’t spelled funky (i.e. “@pple”).

    Brute force tries every combination from a-z and can try variations of words. This can also be taken from a list but most security scanners will just do variations of common words (i.e. “apple”, “@pple”, “appl3″, etc.)

    Hybrid pw attacks are a combination of the above.

  7. Heath Jones says:

    I don’t know if anyone else has made this observation, but there seems to be a trend that a large number of people will take a word like ‘password’, turn it into pa55w0rd and be happy that the result is secure. I’ve just noticed more and more that this is a common thing for non-IT (non-security-conscious) people to do.. Could be a good start for a wordlist anyhow.

  8. freak3dot says:

    RE: pa55w0rd

    I once used d455w0rp for a password.

  9. ross says:

    people should do this on their home networks too. soooo many people dont secure their wifi fully. they put a WPA2 key on it, thats 64 letters long, but forget to password protect the routers software. put the ip address of the router in, tpye admin and password, and your free to change all the settings you like

  10. tunamurray says:

    quick add tr34kepOf’s password to the list!

  11. beamish says:

    Well, ross, you’d have to break the 64 letters long wpa2 key in order to get to the router, so although it’s not a good idea to leave the router unprotected, it’s hardly a serious issue.

  12. truth says:

    well, beamish, you can connect to routers using this amazing invention known as cables – so you in fact do not always need the WPA\WEP key.

    it seems like _ALL_ the posters have no clue – keep using those scripts, kiddies!

  13. Chieflers says:

    Well I would say truth, if they were close enough to plug in a cable to your router you might have a bigger problem’s then the would be intruder stealing the info on your network. I would be more worried about them stealing your network. LOL

  14. a2a_cracked says:

    singh_is_king … contact me… i hav done it… lets see how can we work together…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 92,339 other followers