search

x90skysn3k / brutespray

Bruteforcing from various scanner output - Automatically attempts default creds on found services.
MIT License
2.01k stars 381 forks source link

False Positive Telnet Results #33

Closed superhedgy closed 4 years ago

superhedgy commented 4 years ago

Hi I have been testing it against a bunch of HP printers with telnet services.

I have got the following results which I was not able to verify:

# cat telnet-success.txt 
[+] ACCOUNT FOUND: [telnet] Host: xxx User: [E2][80][93] Password: 0 [SUCCESS]
[+] ACCOUNT FOUND: [telnet] Host: xxx User: [E2][80][93] Password: 0 [SUCCESS]
[+] ACCOUNT FOUND: [telnet] Host: xxx User: [E2][80][93] Password: 0P3N [SUCCESS]
[+] ACCOUNT FOUND: [telnet] Host: xxx User: [E2][80][93] Password: 0P3N [SUCCESS]
....

After digging up a bit E2 80 93 is the hex characters in UTF-8 encoding for dash "-".

superhedgy commented 4 years ago

It appears to be a Medusa bug. I will raise it on their git.

x90skysn3k commented 4 years ago

cool thanks, yeah when medusa sees output back it counts as a success