Title: TFFP brute force... a good wordlist?
Post by: zgrp on August 11, 2006, 06:47:44 AM
I'm using the http://www.arhont.com/digitalAssets/214_TFTP-bruteforce.tar.gz to brute force "Trivial File Transfer Protocol" config files, however the wordlist that come together with it is very weak ( less then 10 entrys) Someone here already compiled or know where I can find a good dictionary file to brute tftp?
Obs: I doesn't want only search for default cisco files, but also default filenames that tfpt daemons have, default firmware names of distinct devices avaible via tftp, etc. ;D
Well, if nobody know, I would like to invite everybody to this thread with the intention of asking to all members that now any possible name (and path if needed) of any sensitive/important file of any device that is able to been downloaded via TFTP, please post in this thread and I will make the compilation. :D
Thank you and hope all help, it can be useful to everybody.
ps: If you have a über password wordlist and you would like to share it should be wonderful! But please, not the default wordlist commons we find in google that in general are lost of time....
Title: Re: TFFP brute force... a good wordlist?
Post by: jimbob on August 16, 2006, 04:11:57 AM
Google is your friend...
Or at a pinch try /usr/share/dict/words on your favourite *nix box.