imported>Kunda |
imported>mutante m (→[[Mediawiki]]) |
||
(9 intermediate revisions by 2 users not shown) | |||
Line 9: | Line 9: | ||
*Website with a huge collection of default passwords for routers, AP's, switches etc. Sorted by manufactor. |
*Website with a huge collection of default passwords for routers, AP's, switches etc. Sorted by manufactor. |
||
== Things NOT to do == |
|||
=== where passwords should NOT be === |
=== where passwords should NOT be === |
||
Line 17: | Line 18: | ||
#the name of your new born child |
#the name of your new born child |
||
#your [[mantra]] |
#your [[mantra]] |
||
#in a dictionary |
|||
=== what passwords u should NOT use === |
|||
A [http://www.openwall.com/passwords/wordlists/password.lst common passwords list] by Openwall Project |
|||
public domain |
|||
This is a list of over 3000 passwords most commonly seen on a set of Unix systems in mid-1990s, sorted for decreasing number of occurrences (that is, more common passwords are listed first). |
|||
==== FTP archives: ==== |
|||
* ftp://ftp.openwall.com/pub/wordlists/ (and its [http://www.openwall.com/mirrors/ mirrors]) |
|||
* ftp://ftp.ox.ac.uk/pub/wordlists/ |
|||
* ftp://ftp.zedz.net/pub/crypto/wordlists/ |
|||
derived exclusively from the ox.ac.uk archive above, but files uncompressed |
|||
* ftp://ftp.cerias.purdue.edu/pub/dict/ |
|||
includes the ox.ac.uk archive and more |
|||
== Warning: ironical == |
|||
=== Examples: Good Passwords === |
|||
something like |
|||
susi<br> |
|||
peter<br> |
|||
123456<br> |
|||
qwertz/qwerty<br> |
|||
asdfg<br> |
|||
letmein<br> |
|||
admin<br> |
|||
root<br> |
|||
irule<br> |
|||
owned<br> |
|||
or |
|||
(very good one)<br> |
|||
g33k |
|||
=== Reset forgotten passwords === |
|||
==== [[Mediawiki]] ==== |
|||
UPDATE user SET user_password = MD5(CONCAT(user_id, '-',MD5('somepass'))) WHERE user_name = 'whatever'; |
|||
===== bash script ===== |
|||
put this into a file resetpass.sh |
|||
<pre> |
|||
#!/bin/bash |
|||
# mediawiki - reset a user password |
|||
read -p "Which username to you want to reset? " username |
|||
read -p "Enter new password: " password |
|||
mysql -u root -p wikidb -e "UPDATE user SET user_password = MD5(CONCAT(user_id, '-',MD5('$password'))) WHERE user_name = '$username';" |
|||
if [[ $? -eq 0 ]] |
|||
then |
|||
echo "Ok. Updated password of '$username' to '$password'." |
|||
exit 0 |
|||
else |
|||
echo "Error. Could not reset password." |
|||
exit 1 |
|||
fi |
|||
</pre> |
|||
<tt>> chmod +x resetpass.sh |
|||
>./resetpass.sh</tt> |
|||
==== [[MySQL]] ==== |
|||
[[MySQL#Reset_forgotten_root_password]] |
|||
==== [[Windows]] ==== |
|||
[http://support.microsoft.com/?kbid=321305 Microsoft: How to log on to Windows XP if you forget your password] |
|||
==== [[Linux]] ==== |
|||
Wenn du von einem anderen Medium bootest und auf einem System mit aktivierten Shadow Passwörtern die /etc/shadow bearbeitest und dort das verschlüsselte Passwort schlicht entfernst,also das (nur) das Passwortfeld leer lässt (::) kann man sich je nach Distribution direkt ohne Pass einloggen ([[Suse]]) oder muss zuerst auf einem anderen System ein bekanntes Passwort verschlüsseln und den daraus resultierenden encrypteten String einfügen ([[Debian]]). |
|||
[http://linuxgazette.net/107/tomar.html How to Reset forgotten Root passwords] |
|||
[[Category:Hacking]] |
[[Category:Hacking]] |
Latest revision as of 15:29, 12 August 2006
your passwords[edit]
some hints like min. 8 letters, combined with numbers etc.
default passwords[edit]
The most common default password is <blank> or the 'Enter' password. (Don't forget to try just because its seem to be too easy to be true.)
- Website with a huge collection of default passwords for routers, AP's, switches etc. Sorted by manufactor.
Things NOT to do[edit]
where passwords should NOT be[edit]
- on a post-it sticker attached to the monitor
- in public dumpfiles of mediawikis [1]
- on this wiki page ;)
- tattooed to your forhead
- the name of your new born child
- your mantra
- in a dictionary
what passwords u should NOT use[edit]
A common passwords list by Openwall Project public domain
This is a list of over 3000 passwords most commonly seen on a set of Unix systems in mid-1990s, sorted for decreasing number of occurrences (that is, more common passwords are listed first).
FTP archives:[edit]
- ftp://ftp.openwall.com/pub/wordlists/ (and its mirrors)
- ftp://ftp.ox.ac.uk/pub/wordlists/
- ftp://ftp.zedz.net/pub/crypto/wordlists/
derived exclusively from the ox.ac.uk archive above, but files uncompressed
includes the ox.ac.uk archive and more
Warning: ironical[edit]
Examples: Good Passwords[edit]
something like
susi
peter
123456
qwertz/qwerty
asdfg
letmein
admin
root
irule
owned
or
(very good one)
g33k
Reset forgotten passwords[edit]
Mediawiki[edit]
UPDATE user SET user_password = MD5(CONCAT(user_id, '-',MD5('somepass'))) WHERE user_name = 'whatever';
bash script[edit]
put this into a file resetpass.sh
#!/bin/bash # mediawiki - reset a user password read -p "Which username to you want to reset? " username read -p "Enter new password: " password mysql -u root -p wikidb -e "UPDATE user SET user_password = MD5(CONCAT(user_id, '-',MD5('$password'))) WHERE user_name = '$username';" if [[ $? -eq 0 ]] then echo "Ok. Updated password of '$username' to '$password'." exit 0 else echo "Error. Could not reset password." exit 1 fi
> chmod +x resetpass.sh
>./resetpass.sh
MySQL[edit]
MySQL#Reset_forgotten_root_password
Windows[edit]
Microsoft: How to log on to Windows XP if you forget your password
Linux[edit]
Wenn du von einem anderen Medium bootest und auf einem System mit aktivierten Shadow Passwörtern die /etc/shadow bearbeitest und dort das verschlüsselte Passwort schlicht entfernst,also das (nur) das Passwortfeld leer lässt (::) kann man sich je nach Distribution direkt ohne Pass einloggen (Suse) oder muss zuerst auf einem anderen System ein bekanntes Passwort verschlüsseln und den daraus resultierenden encrypteten String einfügen (Debian).