🔐 Password Reuse & Default Passwords

🧠 Common Practices & Risks

• It's common for users and administrators to leave default credentials unchanged.

• Admins often reuse the same passwords across multiple systems for convenience.

• In large infrastructures, it’s easy to overlook one device (e.g., router, printer, firewall), leaving it with a weak or default password.

• Applications often ship with default credentials. These are:

  • Meant to be changed after installation

  • Often left unchanged due to assumptions about internal-only access

⚠️ Using weak or reused passwords increases the risk of compromise, especially when Single Sign-On (SSO) is not configured during initial setup.

---

🤖 Credential Stuffing

📄 What Is It?

Credential Stuffing is an attack method where default or known credentials are used across various services to gain unauthorized access.

• Relies on databases of default or leaked credentials

• Unlike brute-force attacks, it uses predefined username:password combinations

🔗 Helpful Resource: DefaultCreds-Cheat-Sheet

---

📋 Example Default Credentials

Product/Vendor	Username	Password
Zyxel (ssh)	zyfwp	PrOw!aN_fXp
APC UPS (web)	apc	apc
Weblogic (web)	system	manager
Weblogic (web)	weblogic	weblogic1, welcome(1)
Kanboard (web)	admin	admin
Vectr (web)	admin	11_ThisIsTheFirstPassword_11
Caldera (web)	admin	admin
Dlink (web)	admin, 1234, root	admin, 1234, 12345, root
JioFiber / GigaFiber	admin	jiocentrum
Kali Linux (OS)	kali	kali
F5	admin, root, support	admin, default, (blank)

ℹ️ These can often be found in the official documentation or using OSINT.

---

🛠️ Hydra: Credential Stuffing Syntax

Hydra is a powerful tool to automate credential stuffing attacks.

hydra -C <user_pass.list> <protocol>://<IP>

Example (SSH attack):

hydra -C user_pass.list ssh://10.129.42.197

---

🧭 OSINT & Google Dorks

Using Open Source Intelligence (OSINT) can guide attackers in:

• Understanding the company structure and tools

• Searching for known credentials (e.g., using Google)

🔍 Example Google Dork:

default credentials for tomcat manager

---

🌐 Router Default Credentials

Even though routers are often better protected, internal or test systems may still have default settings.

📶 Example Router Defaults

Brand	IP Address	Username	Password
3Com	http://192.168.1.1	admin	Admin
Belkin	http://192.168.2.1	admin	admin
BenQ	http://192.168.1.1	admin	Admin
D-Link	http://192.168.0.1	admin	Admin
Digicom	http://192.168.1.254	admin	Michelangelo
Linksys	http://192.168.1.1	admin	Admin
Netgear	http://192.168.0.1	admin	password

📌 Resource: Router Passwords Database

---

Let me know if you want this turned into a downloadable .md file or need more topics converted!