F-secure has a write-up on the worm which includes the list of passwords that it checks (reproduced below). The list of just over 180 passwords candidates contains the usual suspects - the username for the account, repeated digits, qwerty, admin, password and pass1, pass12, pass123. Given that the worm has successfully infected such a large number of machines, this password guessing stragegy must be quite effective. So weak passwords are still letting us down.
(Added April 2nd, 2009: you can see a nice graphic of this password list at Graham Cluley's blog).
(Added April 2nd, 2009: you can see a nice graphic of this password list at Graham Cluley's blog).
- [username]
- [username][username]
- [reverse_of_username]
- 00000
- 0000000
- 00000000
- 0987654321
- 11111
- 111111
- 1111111
- 11111111
- 123123
- 12321
- 123321
- 12345
- 123456
- 1234567
- 12345678
- 123456789
- 1234567890
- 1234abcd
- 1234qwer
- 123abc
- 123asd
- 123qwe
- 1q2w3e
- 22222
- 222222
- 2222222
- 22222222
- 33333
- 333333
- 3333333
- 33333333
- 44444
- 444444
- 4444444
- 44444444
- 54321
- 55555
- 555555
- 5555555
- 55555555
- 654321
- 66666
- 666666
- 6666666
- 66666666
- 7654321
- 77777
- 777777
- 7777777
- 77777777
- 87654321
- 88888
- 888888
- 8888888
- 88888888
- 987654321
- 99999
- 999999
- 9999999
- 99999999
- a1b2c3
- aaaaa
- abc123
- academia
- access
- account
- Admin
- admin
- admin1
- admin12
- admin123
- adminadmin
- administrator
- anything
- asddsa
- asdfgh
- asdsa
- asdzxc
- backup
- boss123
- business
- campus
- changeme
- cluster
- codename
- codeword
- coffee
- computer
- controller
- cookie
- customer
- database
- default
- desktop
- domain
- example
- exchange
- explorer
- files
- foobar
- foofoo
- forever
- freedom
- games
- home123
- ihavenopass
- Internet
- internet
- intranet
- killer
- letitbe
- letmein
- Login
- login
- lotus
- love123
- manager
- market
- money
- monitor
- mypass
- mypassword
- mypc123
- nimda
- nobody
- nopass
- nopassword
- nothing
- office
- oracle
- owner
- pass1
- pass12
- pass123
- passwd
- Password
- password
- password1
- password12
- password123
- private
- public
- pw123
- q1w2e3
- qazwsx
- qazwsxedc
- qqqqq
- qwe123
- qweasd
- qweasdzxc
- qweewq
- qwerty
- qwewq
- root123
- rootroot
- sample
- secret
- secure
- security
- server
- shadow
- share
- student
- super
- superuser
- supervisor
- system
- temp123
- temporary
- temptemp
- test123
- testtest
- unknown
- windows
- work123
- xxxxx
- zxccxz
- zxcvb
- zxcvbn
- zxcxz
- zzzzz
1 comment:
Those are only positive password use not totally cracking.
Laby[linen suits for men]
Post a Comment