FORUM | BeyazHacker.com

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

SHODAN(guvenlik kamerasi,site,bilgisayar,ve cokdaha fazlasi hack)PART 2

ghost_rider

Beyaz Hacker Üye
Katılım
10 Ara 2020
Mesajlar
65
Tepkime puanı
28
TheHarvester
theHarvester, kullanımı çok basit, ancak güçlü ve etkili bir araç olup, uygulamanın ilk aşamalarında kullanılmak üzere tasarlanmıştır. penetrasyon testi veya kırmızı takım katılımı. Açık kaynak istihbarat (OSINT) toplama için kullanın. şirketin internetteki dış tehdit ortamı. Araç e-postaları, adları, alt alanları, IP'leri ve URL'leri kullanarak toplar Shodan'ı da içeren birden fazla halka açık veri kaynağı.

sage: __main__.py [-h] -d DOMAIN [-l LIMIT] [-S START] [-g] [-p] [-s] [-v] [-e DNS_SERVER] [-t DNS_TLD] [-n] [-c] [-f FILENAME] [-b SOURCE]

theHarvester is used to gather open source intelligence (OSINT) on a company or domain.

optional arguments:
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN
company name or domain to search
-l LIMIT, --limit LIMIT
limit the number of search results, default=500
-S START, --start START
start with result number X, default=0
-g, --google-dork use Google Dorks for Google search
-p, --port-scan scan the detected hosts and check for Takeovers (21,22,80,443,8080)
-s, --shodan use Shodan to query discovered hosts
-v, --virtual-host verify host name via DNS resolution and search for virtual hosts
-e DNS_SERVER, --dns-server DNS_SERVER
DNS server to use for lookup
-t DNS_TLD, --dns-tld DNS_TLD
perform a DNS TLD expansion discovery, default False
-n, --dns-lookup enable DNS server lookup, default False
-c, --dns-brute perform a DNS brute force on the domain
-f FILENAME, --filename FILENAME
save the results to an HTML and/or XML file
-b SOURCE, --source SOURCE
baidu, bing, bingapi, certspotter, crtsh, dnsdumpster, dogpile, duckduckgo, github-code, google, hunter, intelx, linkedin,
linkedin_links, netcraft, otx, securityTrails, spyse(disabled for now), threatcrowd, trello, twitter, vhost, virustotal, yahoo,
all
GitHub: https://github.com/laramies/theHarvester
ReconDog
Keşif İsviçre Çakısı - tek bir yerde sonuç almak için birçok aracın ön yüzüdür. Wizard + CLA arabirimi (Komut Satırı Bağımsız Değişken arabirimi). STDIN'den (borulu girdi) hedefleri çıkarabilir ve onlara göre hareket edebilir. Tüm bilgiler API'ler ile çıkarılır, hedefle doğrudan temas kurulmaz. Bal küpünü tespit et seçeneği, hedefin bal küpü olup olmadığını kontrol etmek için shodan.io'yu kullanır
hoek@bughunter:/opt/ReconDog$ python dog
_____ ____
| __ |___ ___ ___ ___ |\_/| | \ ___ ___
| -| -_| _| . | | |. .| | | | . | . |
|__|__|___|___|___|_|_| \_/ |____/|___|_ |
|___| v2.0
1. Censys
2. NS lookup
3. Port scan
4. Detect CMS
5. Whois lookup
6. Detect honeypot
7. Find subdomains
8. Reverse IP lookup
9. Detect technologies
0. All
>>

GitHub: https://github.com/s0md3v/ReconDog
GoLismero
GoLismero, güvenlik testi için açık kaynaklı bir çerçevedir. Şu anda web güvenliğine yöneliktir, ancak diğer taramalara kolayca genişletilebilir.
Bu çok büyük bir araçtır ve bilgi aldığı kaynaklardan biri Shodan'dır.
bir python2 /opt/golismero/golismero.py scan <target_IP> -o <çıktı dosyası adı> ve güzel html çıktısıyla: bir sudo python2 golismero.py tarama https://example.com -o - -o report.html GitHub: https://github.com/golismero/golismero
Bonus - IP Kameralar Varsayılan Parolalar Dizini
ACTi: admin/123456 or Admin/123456
Amcrest: admin/admin
American Dynamics: admin/admin or admin/9999
Arecont Vision: none
AvertX: admin/1234
Avigilon: Previously admin/admin, changed to Administrator/<blank> in later firmware versions
Axis: Traditionally root/pass, new Axis cameras require password creation during first login (note that root/pass may be used for ONVIF access, but logging into the camera requires root password creation)
Basler: admin/admin
Bosch: None required, but new firmwares (6.0+) prompt users to create passwords on first login
Brickcom: admin/admin
Canon: root/camera
Cisco: No default password, requires creation during first login
Dahua: Requires password creation on first login. Previously this process was recommended but could be canceled; older models default to admin/admin
Digital Watchdog: admin/admin
DRS: admin/1234
DVTel: Admin/1234
DynaColor: Admin/1234
FLIR: admin/fliradmin
FLIR (Dahua OEM): admin/admin
FLIR (Quasar/Ariel): admin/admin
Foscam: admin/<blank>
GeoVision: admin/admin
Grandstream: admin/admin
Hanwha: admin/no default password, must be created during initial setup
Hikvision: Firmware 5.3.0 and up requires unique password creation; previously admin/12345
Honeywell: admin/1234
IndigoVision (Ultra): none
IndigoVision (BX/GX): Admin/1234
Intellio: admin/admin
Interlogix admin/1234
IQinVision: root/system
IPX-DDK: root/admin or root/Admin
JVC: admin/jvc
Longse: admin/12345
Lorex: admin/admin
LTS: Requires unique password creation; previously admin/12345
March Networks: admin/<blank>
Mobotix: admin/meinsm
Northern: Firmware 5.3.0 and up requires unique password creation; previously admin/12345
Oncam: admin/admin
Panasonic: Firmware 2.40 and up requires username/password creation; previously admin/12345
Pelco: New firmwares require unique password creation; previously admin/admin
Pixord: admin/admin
Q-See: admin/admin or admin/123456
Reolink: admin/<blank>
Samsung Electronics: root/root or admin/4321
Samsung Techwin (old): admin/1111111
Samsung (new): Previously admin/4321, but new firmwares require unique password creation
Sanyo: admin/admin
Scallop: admin/password
Sentry360 (mini): admin/1234
Sentry360 (pro): none
Sony: admin/admin
Speco: admin/1234
Stardot: admin/admin
Starvedia: admin/<blank>
Sunell: admin/admin
SV3C: admin/123456
Swann: admin/12345
Trendnet: admin/admin
Toshiba: root/ikwd
VideoIQ: supervisor/supervisor
Vivotek: root/<blank>
Ubiquiti: ubnt/ubnt
Uniview: admin/123456
W-Box (Hikvision OEM, old): admin/wbox123
W-Box (Sunell OEM, new): admin/admin
Wodsee: admin/<blank>
 
Üst