# Login Brute Forcing

{% file src="/files/2wyXwkkEO9OaLuVMlFyw" %}

<figure><img src="/files/Ct99QI48xIFMTBEOh0Ai" alt=""><figcaption></figcaption></figure>

## Default Passwords

| Device/Manufacturer  | Default Username | Default Password | Device Type                  |
| -------------------- | ---------------- | ---------------- | ---------------------------- |
| Linksys Router       | admin            | admin            | Wireless Router              |
| D-Link Router        | admin            | admin            | Wireless Router              |
| Netgear Router       | admin            | password         | Wireless Router              |
| TP-Link Router       | admin            | admin            | Wireless Router              |
| Cisco Router         | cisco            | cisco            | Network Router               |
| Asus Router          | admin            | admin            | Wireless Router              |
| Belkin Router        | admin            | password         | Wireless Router              |
| Zyxel Router         | admin            | 1234             | Wireless Router              |
| Samsung SmartCam     | admin            | 4321             | IP Camera                    |
| Hikvision DVR        | admin            | 12345            | Digital Video Recorder (DVR) |
| Axis IP Camera       | root             | pass             | IP Camera                    |
| Ubiquiti UniFi AP    | ubnt             | ubnt             | Wireless Access Point        |
| Canon Printer        | admin            | admin            | Network Printer              |
| Honeywell Thermostat | admin            | 1234             | Smart Thermostat             |
| Panasonic DVR        | admin            | 12345            | Digital Video Recorder (DVR) |

Alongside default passwords, default usernames are another major security concern. Manufacturers often ship devices with pre-set usernames, such as `admin`, `root`, or `user`. You might have noticed in the table above how many use common usernames. These usernames are widely known and often published in documentation or readily available online. SecLists maintains a list of common usernames at [top-usernames-shortlist.txt](https://github.com/danielmiessler/SecLists/blob/master/Usernames/top-usernames-shortlist.txt)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://eldeim.gitbook.io/brain_fuck/notes/certifications/eastereggs/htb-cbbh/login-brute-forcing.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.