So if we have found some usernames I want you to try these on all different ports
<user>:<user> ie. admin:admin
<boxname>:<boxname>
<user>:<rockyou.txt>
<user>:password
<user>:admin
We could also attempt to make a userlist and passlist to spray using hydra.
Useful lists:
/usr/share/seclists/Usernames/top-usernames-shortlist.txt
/usr/share/seclists/Passwords/Common-Credentials/best15.txt
Cewl can be used in websites to generate passwords that contain words from the public facing website.
Last updated 3 years ago
