-
Star
(158)
You must be signed in to star a gist -
Fork
(33)
You must be signed in to fork a gist
-
-
Save gabonator/74cdd6ab4f733ff047356198c781f27d to your computer and use it in GitHub Desktop.
| Summary of passwords by sperglord8008s, updated November 1. 2020. For login try "root", "default", "defaul" or "root" | |
| 00000000 | |
| 059AnkJ | |
| 4uvdzKqBkj.jg | |
| 7ujMko0admin | |
| 7ujMko0vizxv | |
| 123 | |
| 1111 | |
| 1234 | |
| 1234qwer | |
| 2601hx | |
| 12345 | |
| 54321 | |
| 123456 | |
| 666666 | |
| 888888 | |
| 1111111 | |
| /*6.=_ja | |
| anko | |
| anni2013 | |
| annie2012 | |
| avtech97 | |
| cat1029 | |
| ccadmin | |
| cxlinux | |
| default | |
| dreambox | |
| fxjvt1805 | |
| hdipc%No | |
| hi3518 | |
| hichiphx | |
| hipc3518 | |
| hkipc2016 | |
| hslwificam | |
| ikwb | |
| ipc71a | |
| IPCam@sw | |
| ivdev | |
| juantech | |
| jvbzd | |
| jvtsmart123 | |
| klv123 | |
| klv1234 | |
| meinsm | |
| OxhlwSG8 | |
| pass | |
| password | |
| realtek | |
| root | |
| hi3518 | |
| S2fGqNFs | |
| service | |
| smcadmin | |
| supervisor | |
| support | |
| system | |
| tech | |
| tlJwpbo6 | |
| ubnt | |
| user | |
| vhd1206 | |
| vizxv | |
| xc3511 | |
| xmhdipc | |
| zlxx. | |
| Zte521 |
Tuya/Aldi cam, would like to have the password.
AK3918EN080 V300S (Anyka).
cat shadow:
root:$1$1m7mklzD$Hu1Z3GPZPUhpuiOBql3v7/:0:0:root:/:/bin/sh
Thanks in advance.
Hi all. Can you help me to determine what type of crypto algorithm give hash like this: oEP0ZGfC
and this:
root:8/3DL08/eA4ic:0:0:root:/:/bin/sh
Thank you.
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)?
root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.
Can you help me decrypt this hash?
root:$6$CSBi5eyWVF/TR7$fuOZRy2hvs6qUMkth6Om65nlLhIO23dT5mW.Uctswf3x0PyQI2DjvofdNWRfTcvW8eElhu1xmzVTKCbdosLTX1:15069:0:99999:7:::
root:$1$soidjfoi$9klIbmCLq2JjYwKfEA5rH1:10933:0:99999:7:::
help me with this to crack down anyone
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.
I have the same hash on a device. Has anyone cracked it?
Can anyone help me crack this? I successfully pulled the passwd file off the memory chip for my camera a Project Nursery camera, but I can't figure out hashcat to get the password from the hash. The passwd file contains one line:
root:$1$2bIsCaZh$4rPJIavm2oheHsh3.eORn.:0:0::/root:/bin/sh I guess my main question is what part of that to isolate in a text file to run hashcat on and how do I tell what kind of hash it is (md5... etc)?
i need help with this hash. root:$6$wyzecamv2$hvp6M6S2JI7vyyHfEDPWCYJ8N2r5B4ZzS8uZYwyMkoWyg90sCJzupBGD57CObtKonld0Yvr2B/ejt4l4/jryi.:0:0:root:/:/bin/sh . I tried using hashid with no luck . Is it a good hash?
I've got a Tuya TCP Smart cam here for which i would like to have the password: shadow says: root:$1$dVhFuDGx$YrOKRgTcjTCqEK75.z277/:15874:0:99999:7::: It shows "Lobster" and Linux version 3.10.27 (canjian@ubuntu) (gcc version 4.8.5 20150209 (prerelease) (Realtek RSDK-4.8.5p1 Build 2521) ) #1 PREEMPT Fri Dec 7 15:51:19 CST 2018
@Dobie007 Hi, I have the same camera, were you able to crack the password?
Hi,
Since the firmware is in an external flash i could patch the inittab file and get a working terminal. I got the idea out of the video i linked above.
This is the line i actually changed:
ttyS1::respawn:-/bin/sh
Since then it's lying around because i have no idea how to continue. (The runtime file would need to be changed or an alternative chipset software used)
I haven't cracked the password yet either, but I haven't gotten around to extracting the FW yet. Would it be possible for you to send it to me? That would help me a lot :) (https://drive.google.com/drive/folders/1q8jVospsmOQUF0f-Y5loyOJjMwOogVA1?usp=sharing)
Ive seen it asked for before here and other places but no answers. Any one can help with: $1$yFuJ6yns$33Bk0I91Ji0QMujkR/DPi1 ?
L18DAFENSG_AF_V0-A_XAHS-RTMP-H5 V3.3.2.1 build 2024-08-29 14:35:19
Ive tried all the dictionary attacks i could find and my AMD iGPU is now at its limit trying to brute force 8chars, could take me years
somebody knows ? root:$1$RiBtxRAG$PvXy3AX92u.mvo/UwXlTJ0:19404:0:99999:7::: user:$1$ri3K4P4s$ne/es0YuNHyn0rti8KJ2a.:19404:0:99999:7:::
Hi , did you find the password for these ? can you share them if yes . thank you .
$1$ $.MO09JyxBBNd9Xv0pXIqc0
lbtech2002
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.I have the same hash on a device. Has anyone cracked it?
I know it's very late, but the password for this hash is yunyi666
root:$1$soidjfoi$9klIbmCLq2JjYwKfEA5rH1:10933:0:99999:7:::
help me with this to crack down anyone
I have the same password in the shadow file. Help please.
is there still a discord?
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.I have the same hash on a device. Has anyone cracked it?
I know it's very late, but the password for this hash is yunyi666
Oh thanks a lot! You saved me a ton of time!
Hello,
Can you help "decrypt" bellow hash:
root:$1$ouLOV500$zvYRvG33R/lxTS.9Gpz5H1
Model is: DENVER Indoor smart Wi-Fi_IP camera - IIC-172
SoC is: ANYKA AK3918EN080 V200 CDSJ02I22
Thanks in advance!
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.I have the same hash on a device. Has anyone cracked it?
I know it's very late, but the password for this hash is yunyi666
I have the same hash in shadow file,but the pwd doesn't seem to be that one.
How you found this? It should be md5crypt.
Using john:
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware]
└─$ mkdir try
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware]
└─$ cd try
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try]
└─$ touch root.hash
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try]
└─$ echo '$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1' > root.hash
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try]
└─$ cat root.hash
$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try]
└─$ touch wordlist.txt
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try]
└─$ echo 'yunyi666' > wordlist.txt
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try]
└─$ john --wordlist=./wordlist.txt --format=md5crypt --fork=4 root.hash
Using default input encoding: UTF-8
Loaded 1 password hash (md5crypt, crypt(3) $1$ (and variants) [MD5 256/256 AVX2 8x3])
Node numbers 1-4 of 4 (fork)
4 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s
3 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s
2 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s
Press 'q' or Ctrl-C to abort, almost any other key for status
1: Warning: Only 1 candidate left, minimum 24 needed for performance.
1 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 50.00p/s 50.00c/s 50.00C/s yunyi666
Waiting for 3 children to terminate
Session completed.
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try]
└─$ john --show --format=md5crypt root.hash
0 password hashes cracked, 1 left
Has someone cracked it? I tried to use hashcat with mask: 8 letters,only numbers and lowercase character,but after 3 days it couldn't find the pwd.
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.I have the same hash on a device. Has anyone cracked it?
I know it's very late, but the password for this hash is yunyi666
I have the same hash in shadow file,but the pwd doesn't seem to be that one. How you found this? It should be md5crypt. Using john:
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware] └─$ mkdir try ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware] └─$ cd try ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ touch root.hash ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ echo '$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1' > root.hash ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ cat root.hash $1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1 ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ touch wordlist.txt ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ echo 'yunyi666' > wordlist.txt ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ john --wordlist=./wordlist.txt --format=md5crypt --fork=4 root.hash Using default input encoding: UTF-8 Loaded 1 password hash (md5crypt, crypt(3) $1$ (and variants) [MD5 256/256 AVX2 8x3]) Node numbers 1-4 of 4 (fork) 4 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s 3 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s 2 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s Press 'q' or Ctrl-C to abort, almost any other key for status 1: Warning: Only 1 candidate left, minimum 24 needed for performance. 1 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 50.00p/s 50.00c/s 50.00C/s yunyi666 Waiting for 3 children to terminate Session completed. ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ john --show --format=md5crypt root.hash 0 password hashes cracked, 1 leftHas someone cracked it? I tried to use hashcat with mask: 8 letters,only numbers and lowercase character,but after 3 days it couldn't find the pwd.
It is not clear md5. It is modified version.
Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.Hi everybody. Can you help me decrypt shadow on AK3918EN080 V200 (Anyka)? root:$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1:0:0:99999:7:::
Thank you for help.I have the same hash on a device. Has anyone cracked it?
I know it's very late, but the password for this hash is yunyi666
I have the same hash in shadow file,but the pwd doesn't seem to be that one. How you found this? It should be md5crypt. Using john:
┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware] └─$ mkdir try ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware] └─$ cd try ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ touch root.hash ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ echo '$1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1' > root.hash ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ cat root.hash $1$6AHjBnTn$LvoexcPTiWwZP5fLfCGdv1 ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ touch wordlist.txt ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ echo 'yunyi666' > wordlist.txt ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ john --wordlist=./wordlist.txt --format=md5crypt --fork=4 root.hash Using default input encoding: UTF-8 Loaded 1 password hash (md5crypt, crypt(3) $1$ (and variants) [MD5 256/256 AVX2 8x3]) Node numbers 1-4 of 4 (fork) 4 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s 3 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s 2 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 0p/s 0c/s 0C/s Press 'q' or Ctrl-C to abort, almost any other key for status 1: Warning: Only 1 candidate left, minimum 24 needed for performance. 1 0g 0:00:00:00 DONE (2025-10-05 11:00) 0g/s 50.00p/s 50.00c/s 50.00C/s yunyi666 Waiting for 3 children to terminate Session completed. ┌──(stagnola㉿kali)-[~/Scrivania/dump_firmware/try] └─$ john --show --format=md5crypt root.hash 0 password hashes cracked, 1 leftHas someone cracked it? I tried to use hashcat with mask: 8 letters,only numbers and lowercase character,but after 3 days it couldn't find the pwd.
It is not clear md5. It is modified version.
Can you tell me more about this?
Btw I can't access U-Boot either.
On my camera looks like u-boot disables prompt until kernel is loaded.
My only one way is to modify firmware,change shadow pwd and flash it back so I can login as root
Btw I can't access U-Boot either. On my camera looks like u-boot disables prompt until kernel is loaded. My only one way is to modify firmware,change shadow pwd and flash it back so I can login as root
As i remember, hashing algorithm in some library modified by vendor, so you must make hash with same algorithm and write hash in shadow pwd. Than system can compare hash from pass you entered with hash in shadow pwd.
Btw I can't access U-Boot either. On my camera looks like u-boot disables prompt until kernel is loaded. My only one way is to modify firmware,change shadow pwd and flash it back so I can login as root
As i remember, hashing algorithm in some library modified by vendor, so you must make hash with same algorithm and write hash in shadow pwd. Than system can compare hash from pass you entered with hash in shadow pwd.
Yeah that was kinda clear from your last message. I tried the password “yunyi666” (a guy here said was that one)to auth to device and it doesn’t work.
What you mean with “libraries modified by the vendor”?
Are there some libraries with source?
Hi. Ho, there is no source of libraries. You only can extract file from firmware and make reverse engineering with Ghidra or IDA Pro.
You can try to find some more info in telegram group "OpenIPC User"
Hi all, please help me to decrypt the password of telnet bvt user
bvt:$1$6LM5P7B4$z6ZaflT5B2h6spyn02CZw0:0:0:bvt:/home:/bin/sh