A default password, a preconfigured password for a device or software, can be easily found on the internet and in instruction manuals; thus, it must be changed during the initial setup. If the default password is not changed, it can create a significant security vulnerability, as anyone who knows the default password can easily gain access to the account. This provides an attack vector for nearly every corporate network, increasing the risk of hacking and cracking threats, such as a serious breach of confidentiality.
Changing default passwords is one of the most fundamental and crucial aspects of cybersecurity. However, it is often overlooked. If a default password, which should only be shared internally, is externally exposed, attackers can exploit it and execute an attack. We used the keywords “Default Password” and the title filter on Criminal IP to search for exposed default passwords.
[Criminal IP Search 101- How Hackers Find Your Default Password]
How to Search for IP Addresses of Websites With the Keyword Default Password
When searching “Default Password” on Criminal IP Asset Search, we found a total of 221,921 IP addresses and banners of websites, such as general login pages, software admin pages, and gateway equipment suppliers’ pages.
Result when searching “Default Password” on Criminal IP Asset Search
How to Search for Default Passwords Using Title Filter
If you add a title filter and search for “Default Password” title:admin, you can find manual pages that display default passwords.
Result when searching “Default Password” title:admin on Criminal IP Asset Search
If you go onto one of the searched IP addresses, you can see that the username and password of an admin account are exposed. The problem with this is that before the administrator, the attacker might gain complete access to the website and launch another cyber attack.
An admin login page the present the default password
In another IP address, you can see that a manual page is exposed and displays both the username and password.
An admin manual page that presents the default password
Using the same mechanism, you can use variations of the title filter like title:system and title:monitoring. The following is a website we found using “Default Password” title:system. The main body of the following manual page provides information on default account.
A login manual page that presents the default password
In addition, you can figure out the default password without having to access the actual website but through its banner. The screenshot below is a banner of the login page with an exposed default password.
You can figure out the default password through IP’s banner
As the previous examples suggest, the vulnerability of default passwords is that they are often easy to guess or publicly displayed on the website during the initial setup. This makes your account susceptible to even simple hacking attempts. Therefore, it is crucial to change the default password immediately and regularly check for any externally exposed manual pages.
Source : Criminal IP
[…] Default Password, a Security Flaw #BugBounty #bugbountytips blog.criminalip.io/2022/06/23/def… Source by Ninad […]