Hello,
Does anyone know where word lists containing commands can be found? Let me
explain: during a pen-test I found a network device that has a telnet
server. However, the prompt doesn't tell what it is/does nor does it appear
to be an IOS-style box. More likely an embedded device. The password was
trivial, however, there is little I can do with it because most commands I
typed give an error back. I wrote a perl script that takes commands from a
file and fed them one by one to the device through telnet, saving those that
do not lead to an error to a separate file for later examination. Currently
(the brute-force is still going on) I'm using 15M wordlist initially
designed for password cracking.
I'm also looking for a file that contains commands (such as the IOS ones)
that are not words by themselves, but can be concatenations of words, with
or without hyphens and other typical shell/Cisco/whatever commands.
Probably this is more for curiosity than for actual penetration of the above
device, however I thought others would be interested as well in such a list.
Years ago, there used to be many word lists at
ftp.cso.uiuc.edu/pub/security/wordlists/ but the site is no longer up.
Thank you.
Received on May 18 2001
Intro
