mirror of
https://github.com/danielmiessler/SecLists
synced 2026-02-11 10:02:58 +01:00
e9337bebcf
feat(passwords): Added router default users and passwords Source: https://portforward.com/ ``` import os from bs4 import BeautifulSoup invalidValues = ["none", "N/A", "blank", "user created", "password changes when reset", "none; created during initial setup", "PrintedOnRouterLabel", "provided by ISP"] invalidKeywords = ["none", "leave blank", "n/a", "blank", "found by", "found on", "printed on", "configured during", "create", "last", "located", "on ", "sticker on", "refer to"] def extract_credentials(file_path): with open(file_path, 'r') as file: content = file.read() soup = BeautifulSoup(content, 'html.parser') table = soup.find('table') if table: model = table.find('th').text.strip().lower().replace('model', '').strip().replace(' ', '-').replace('/', '-') usernames = set() passwords = set() for row in table.find_all('tr')[1:]: cols = row.find_all('td') username = cols[1].text.strip() password = cols[2].text.strip() if username not in invalidValues: addUsername = True tempusername = username.lower() for keyword in invalidKeywords: if tempusername.startswith(keyword): addUsername=False break if addUsername: usernames.add(username) if password not in invalidValues: addPassword = True temppassword = password.lower() for keyword in invalidKeywords: if temppassword.startswith(keyword): addPassword=False break if addPassword: passwords.add(password) return model, sorted(usernames), sorted(passwords) else: return None, None, None def save_credentials(model, usernames, passwords, output_dir): if model and usernames and passwords: user_file_path = os.path.join(output_dir, f'{model}_default-users.txt') pass_file_path = os.path.join(output_dir, f'{model}_default-passwords.txt') with open(user_file_path, 'w') as user_file: user_file.write('\n'.join(usernames)) with open(pass_file_path, 'w') as pass_file: pass_file.write('\n'.join(passwords)) def process_files(input_dir, output_dir): for file_name in os.listdir(input_dir): print(f'Processing file {file_name}') file_path = os.path.join(input_dir, file_name) model, usernames, passwords = extract_credentials(file_path) save_credentials(model, usernames, passwords, output_dir) # Input directory containing the text files input_dir = "C:\\Users\\User\\Desktop\\out\\portforward.com" # Output directory where the output files will be saved output_dir = "C:\\Users\\User\\Github\\SecLists\\Passwords\\Default-Credentials\\Routers" process_files(input_dir, output_dir) ``` |
||
|---|---|---|
| .. | ||
| BiblePass | ||
| Books | ||
| Common-Credentials | ||
| Cracked-Hashes | ||
| Default-Credentials | ||
| Honeypot-Captures | ||
| Keyboard-Walks | ||
| Leaked-Databases | ||
| Malware | ||
| Permutations | ||
| PHP-Hashes | ||
| Software | ||
| WiFi-WPA | ||
| Wikipedia | ||
| 500-worst-passwords.txt | ||
| 500-worst-passwords.txt.bz2 | ||
| 2020-200_most_used_passwords.txt | ||
| 2023-200_most_used_passwords.txt | ||
| bt4-password.txt | ||
| cirt-default-passwords.txt | ||
| citrix.txt | ||
| clarkson-university-82.txt | ||
| common_corporate_passwords.lst | ||
| darkc0de.txt | ||
| darkweb2017-top10.txt | ||
| darkweb2017-top100.txt | ||
| darkweb2017-top1000.txt | ||
| darkweb2017-top10000.txt | ||
| days.txt | ||
| der-postillon.txt | ||
| dutch_common_wordlist.txt | ||
| dutch_passwordlist.txt | ||
| dutch_wordlist | ||
| german_misc.txt | ||
| months.txt | ||
| Most-Popular-Letter-Passes.txt | ||
| mssql-passwords-nansh0u-guardicore.txt | ||
| openwall.net-all.txt | ||
| probable-v2-top207.txt | ||
| probable-v2-top1575.txt | ||
| probable-v2-top12000.txt | ||
| README.md | ||
| richelieu-french-top5000.txt | ||
| richelieu-french-top20000.txt | ||
| SCRABBLE-hackerhouse.tgz | ||
| scraped-JWT-secrets.txt | ||
| seasons.txt | ||
| stupid-ones-in-production.txt | ||
| twitter-banned.txt | ||
| unkown-azul.txt | ||
| UserPassCombo-Jay.txt | ||
| xato-net-10-million-passwords-10.txt | ||
| xato-net-10-million-passwords-100.txt | ||
| xato-net-10-million-passwords-1000.txt | ||
| xato-net-10-million-passwords-10000.txt | ||
| xato-net-10-million-passwords-100000.txt | ||
| xato-net-10-million-passwords-1000000.txt | ||
| xato-net-10-million-passwords-dup.txt | ||
| xato-net-10-million-passwords.txt | ||
The Passwords directory will hold a number of password lists that can be used by multiple tools when attempting to guess credentials for a given targeted service. This will include a number of very popular lists in cooperation with their maintainers, including the RockYou lists maintained by Rob Bowes.
- Password lists containing the count are located in the "withcount" folder.
- Lists over 100Mb have been compressed.
scraped-JWT-secrets.txt
This wordlist is from https://github.com/wallarm/jwt-secrets
Some passwords lists are +100MB and can't be stored on the repository. The following are external links to download more:
- Breach compilation (original link recovered)
- Weekpass