remind:
Such IoT devices will have a WEB management system (easy to use and manage), and often this management system usually has weak password loopholes ----> the control right directly falls
As a joke:
There are always some people who spray this kind of technical article as soon as they open their mouths?
No account password, no weak password, no default password. What else can you go on playing with? funny?
Weak password:
https://github.com/TheKingOfDuck/fuzzDicts
Device Default Password
Product 1: Convinced
| device name |
default account |
default password |
| Convince General |
song for |
Song for sangfor@2018 sangfor@2019 |
| Convinced EDR |
root |
edr@sangfor |
| Convinced EDR |
admin |
admin |
| Sangfor Product AD |
song for |
dlanrecover |
| Sangfor load balancing AD3.6 |
admin |
admin |
| Convinced AD3.9 |
admin |
admin |
| Sangfor WAC (WNS V2.6 ) |
admin |
admin |
| Convinced VPN |
Admin |
Admin |
| Convinced VPN |
admin |
admin |
| Sangfor IPSEC VPN SSL (5.5) |
Admin |
Admin |
| Convince AC 6.0 |
admin |
admin |
| SANGFOR Firewall |
admin |
song for |
| Sangcon AF (NGAF V2.2) |
admin |
song for |
| Sangfor NGAF Next Generation Application Firewall (NGAF V4.3) |
admin |
admin |
| Sangfor Internet behavior management equipment data center |
Admin |
password is empty |
| SANGFOR_AD_v5.1 |
admin |
admin |
| net god firewall |
firewall |
firewall |
Product 2: Lenovo products
| Lenovo Intrusion Detection System IDS |
root |
111111 |
| Lenovo Intrusion Detection System IDS |
admin |
admin123 |
| Lenovo Wangyu |
administrator |
administrator |
| Wangyu event server |
admin |
admin123 |
| Lenovo Network Royal Firewall PowerV |
administrator |
administrator |
| Lenovo Intrusion Detection System |
lenovo |
default |
| Network Guard Intrusion Detection System |
admin |
talent |
Product 3: Venus Star
| Tiantian Intrusion Detection and Management System V7.0 |
Admin Audit adm |
venus70 |
| Tiantian Intrusion Detection and Management System V6.0 |
Admin Audit adm |
venus60 |
| Tianqing Hanma usg firewall |
admin |
fw.admin venus.fw |
| Tianqing Hanma usg firewall |
Audit |
venus.audit |
| Tianqing Hanma usg firewall |
useradmin |
venus.user |
Product 3: Venus Star
| Tiantian Intrusion Detection and Management System V7.0 |
Admin Audit adm |
venus70 |
| Tiantian Intrusion Detection and Management System V6.0 |
Admin Audit adm |
venus60 |
| Tianqing Hanma usg firewall |
admin |
fw.admin venus.fw |
| Tianqing Hanma usg firewall |
Audit |
venus.audit |
| Tianqing Hanma usg firewall |
useradmin |
venus.user |
Product 4: Anheng
| Mingyu WEB Application Firewall |
admin |
admin adminadmin |
| Mingyu attack and defense laboratory platform |
root |
123456 |
| Mingyu Security Gateway |
admin |
adminadmin |
| Mingyu operation and maintenance audit and book risk control system |
admin |
1q2w3e/1qaz@WSX |
| Mingyu operation and maintenance audit and book risk control system |
system/auditor/operator |
1q2w3e4r |
| 明御网站卫士 |
sysmanager |
sysmanager888 |
产品五:网御星云
| 网御星云安全网关 |
administrator |
leadsec@7766 |
| 网御上网行为管理系统 |
admin |
leadsec |
| 网御漏洞扫描系统 |
leadsec |
leadsec |
| 网御WAF集中控制中心(V3.0R5.0) |
admin audit adm |
leadsec.waf |
| 网御入侵检测系统V3.2.72.0 |
adm admin |
leadsec32 |
| 网御安全日志审计管理系统 |
useradmin |
leadsec.useradmin |
| 网御安全日志审计管理系统 |
auditor |
leadsec.auditor |
产品六:华三通信
| H3C iMC |
admin |
admin |
| H3C SecPath系列 |
admin |
admin |
| H3C SecPath 运维审计系统 |
system |
admin |
| H3C S5120-SI |
test |
123 |
| H3C智能管理中心 |
admin |
admin |
| H3C ER3100 |
admin |
adminer3100 |
| H3C ER3200 |
admin |
adminer3200 |
| H3C ER3260 |
admin |
adminer3260 |
| H3C |
admin h3c |
adminer admin h3capadmin h3c |
| H3C ER2100n 路由器 |
admin |
admin 123456 |
| H3C WX1800H系列无线控制器 |
admin |
admin |
| H3C ER2100n 路由器 |
admin |
123456 admin |
| H3C WX2500H-5500H系列无线控制器 |
admin |
admin |
| H3C AC插卡系列 |
admin |
admin |
| H3C WAC/ MSG/ WiNet/ WBC系列无线控制器 |
admin |
admin |
| H3C SPM系列智能PoE管理器 |
admin |
admin |
| H3C WA5600/ 5300/ 4600/ 4300 系列无线接入点 |
admin |
h3capadmin |
| H3C LA4300系列无线接入点 |
admin |
h3capadmin |
| H3C WAP723/ 722/ 712系列无线接入点 |
admin |
h3capadmin |
产品七:天融信
| 天融信防火墙NGFW4000 |
superman |
talent |
| 天融信数据库审计系统 |
superman |
talent |
| 天融信 Reporter |
guest |
guest*PWD |
| TopAudit日志审计系统 |
superman |
talent |
产品八:绿盟
| 绿盟安全审计系统 |
1、 weboper 2、 webaudit 3、 conadmin 4、 admin 5、 shell |
1、 weboper 2、 webaudit 3、 conadmin 4、 admin 5、 shell |
| 绿盟产品 |
1、 nsfocus123 2、 nsf0cus |
1、 nsfocus123 2、 nsf0cus |
产品九:奇安信
| 网神SecFox运维安全管理与审计系统 |
admin |
!1fw@2soc#3vpn |
| 奇安信网神SecADS 3600 |
Useradmin |
useradmin |
产品十:华为
| 华为交换机 |
admin |
admin@huawei |
| 华为防火墙 |
telnetuser |
telnetpwd |
| 华为防火墙 |
ftpuser |
ftppwd |
| 华为USG6000系列 |
admin audit-admin |
Admin@123 |
| 华为SMARTAX MT800 |
admin |
admin |
| 华为AR-111S路由器 |
admin |
Admin@huawei |
| 华为AR6120-S路由器 |
admin |
|
| 华为交接机 |
admin |
|
| 华为防火墙usg2100 |
admin |
Admin@123 |
| 华为ap |
admin |
|
| 华为无线ac6605 |
admin |
|
| 华为 |
root |
Huawei12#$/FusionSphere12/Huawei@CLOUD8! |
产品十一:思科
| CISCO路由器 |
admin Cisco |
admin Cisco |
| CISCO传输控制器ONS15454版本4.1.x和4.5 |
CISCO15 |
密码为空 |
| ONS15454版本4.6.x和以上 |
CISCO15 |
otbu+1 |
| Cisco - Cisco IDS |
root |
attack |
| Cisco - CiscoWorks 2000 |
guest admin |
密码为空 cisco |
| Cisco - ConfigMaker |
cmaker |
cmaker |
产品十二:浪思
| 浪思交接机 |
admin inspur |
inspur123 inspur |
| 浪思ac |
admin |
admin.01 |
| 浪思路由器 |
admin |
admin |
产品十三:锐捷
| 锐捷ruijie防火墙 |
admin audit useradmin |
admin/firewall/admin123 audit123 useradmin |
| 锐捷WALL1600下一代防火墙 |
admin |
firewall |
产品十四:其他
| 科来网络回溯分析系统 |
csadmin |
colasoft |
| 黑盾防火墙 |
admin rule audit |
admin abc123 abc123 |
| 阿姆瑞特防火墙 |
admin |
manager |
| 山石网科/ hillstone安全审计平台 |
hillstone |
hillstone |
| 亿邮邮件网关 |
eyouuser eyougw admin |
eyou_admin admin@(eyou) ±ccccc/cyouadmin |
| Websense邮件安全网关 |
administrator |
admin |
| 梭子鱼邮件存储网关 |
admin |
admin |
| 360天擎 |
admin |
admin |
| 网康日志中心 |
ns25000 |
ns25000 |
| 方正防火墙 |
admin |
admin |
| 飞塔防火墙 |
admin |
密码为空 |
| Juniper_SSG__5防火墙 |
netscreen |
netscreen |
| LogBase日志管理综合审计系统 |
admin |
safetybase |
| 网络安全审计系统(中科新业) |
admin |
123456 |
| 天玥网络安全审计系统 |
Admin |
cyberaudit |
| 中新金盾硬件防火墙 |
admin |
123 |
| kill防火墙(冠群金辰) |
admin |
sys123 |
| 大唐 |
admin |
1234 |
| Hillstone安全审计平台 |
hillstone |
hillstone |
| 天天期网络安全审计系统 |
Admin |
cyberaudit |
| Oracle Web DB |
webdb |
webdb |
| RUCKUS路由器 |
spuer |
sp-admin |
| tp-link无线 |
admin |
admin |
| netgear无线 |
admin |
password |
| d-link无线 |
admin |
密码为空 |
| buffalo无线 |
admin |
root |
| linksys无线 |
admin |
admin |
| 华天动力OA系统 |
user |
123456 |
| 亿邮邮件EYOU |
admin |
eyouadmin |
| 移动管理平台-企业管理系统 |
sysadmin |
1 |
| 海康威视 |
admin |
hik12345+ |
| 海康威视 流媒体 |
admin |
12345 |
| Websense邮件安全网关 |
administrator |
admin |
| 梭子鱼邮件存储网关 |
admin |
admin |
| 麒麟堡垒机 |
freesvr |
freesvr |
| 中远麒麟堡垒机 |
admin |
12345678 |
| 中远麒麟堡垒机审计用户 |
audit |
12345678 |
| 锐捷Smartweb管理系统 |
guest |
guest |
| 金合OA |
admin |
000000 |
| 金山 V8 终端安全系统 |
admin |
admin |
| 思福迪堡垒机 |
admin |
safetybase |
| 佑友防火墙 |
admin |
hicomadmin |
| CoreMail |
coremail |
coremail |
| 电信网关配置管理 |
admin |
admin |
| 景云网络防病毒系统 |
super |
super123 |
| 网域科技下一代防火墙 |
admin |
admin*PWD |
| 网域科技上网行为管理 |
admin |
admin*PWD |
| F5-BIG-IQ |
admin root |
admin default |
| F5 BIG-IP |
admin |
admin |
| MinIO Browser |
minioadmin |
minioadmin |
| 中控考勤机web3.0 |
administrator |
123456 |