Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-46997: GitHub - Viralmaniar/Passhunt: Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default password

Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

CVE
Open in Source
#vulnerability#web#js#git#backdoor#ssh

Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Screenshot

Pre-requisites

Make sure you have installed the following:

- Python 3.0 or later.

  • pip3 (sudo apt-get install python3-pip)

How to install?

git clone https://github.com/Viralmaniar/Passhunt.git cd Passhunt pip3 install -r requirements.txt python3 Passhunt.py

How do I use this?

  • Press 1: This will print the list of supported vendors.
  • Press 2: Enter the vendor name and search for default credentials.
  • Press 3: To exit from the program.

Credit

The list of default passwords is obtained from cirt.net. All passwords and vendor list maintained by cirt.net

TODO

  • Offline password search
  • Create username and password list in a json file and parse them

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE