I wrote a simple script to test default credentials in AS/400. I made use of the library and sample code from http://tn5250py.cvs.sourceforge.net/. It currently only works with IBM AS/400 telnet servers for now.
You can pull the code from https://github.com/milo2012/pentest_scripts/tree/master/as400.
You will have to supply the ip and port of the AS400 server in the command line
Below is a screenshot of the tool in action.
Cirt.net is a useful resource that contains the default credentials for various devices.
I wrote a script that crawls, parses and extracts the credentials from cirt.net and outputs them into the “combo” format as required by medusa. Medusa is a brute force tool for numerous services like MySQL, SMB, SSH, Telnet and etc.
Currently, only ssh and telnet related credentials are extracted from cirt.net.
You can download the “combo” word lists for ssh and telnet via the direct links below.
SSH combo list for Medusa
Telnet combo list for Medusa
Combined users.txt and passwords.txt that you can use with Patator (https://code.google.com/p/patator/) which is another awesome brute force tool.
Sample command for medusa “combo” SSH attack.
medusa -M ssh -C wordList_ssh.txt -H port22.txt
If you would like to play around with the python script, you can download the file at the below location.
Patator is another awesome tool that you can use for brute forcing SSH logins
Sample command for patator SSH attack
patator.py ssh_login host=10.0.0.1 user=FILE0 password=FILE1 0=users.txt 1=passwords.txt -x ignore:mesg=’Authentication failed.’
Special shoutout to Cirt.net for maintaining and providing the extensive database of default credentials at cirt.net/passwords