Skip to content
/ default-credential Public

A threat actor may gain unauthorized access using the default username and password

License

AGPL-3.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

qeeqbox/default-credential

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
content
content
 
 
vulnerable-web-app @ 4ae491f
vulnerable-web-app @ 4ae491f
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Manufacturers or developers typically set default credentials, such as username and password combinations, for devices, software, and systems. These credentials are intended for initial access. A threat actor may exploit default credentials to gain unauthorized access to the system or data.

Example

Clone this current repo recursively

git clone --recursive https://github.com/qeeqbox/default-credential

Run the webapp using Python

python3 default-credential/vulnerable-web-app/webapp.py

Open the webapp in your browser 127.0.0.1:5142

Use the default credentials (username: admin and password: admin) to login

You have full control over the web app interface

Risk

  • Unauthorized Access
  • System Compromise
  • Operational Disruption
  • Legal and Financial Damage
    • Compliance Failures
    • Reputation Damage

Redemption

  • Disable, remove or change default credentials
  • Alternative Authentication Mechanisms

ID

91f9b046-b802-425a-b71b-64c21c6b1c0f

About

A threat actor may gain unauthorized access using the default username and password

Topics

visualization metadata credentials example vulnerability default qeeqbox infosecsimplified

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Sponsor this project

 
Learn more about GitHub Sponsors