I took a look in the logs of my ad-hoc SMTP server (running on the main domain) sorescu.eu and I noticed a series of denied authentications.
I did not understand what happened, but I saw the user and the password list encoded in Base64. After I collected all the encoded values, I was curious which credentials were tested. I shall present below the application that I wrote to help me in decoding them, and, the list of passwords used to log in.
Java Base64 decoder code:
Worthy saying, before listing the password list:
import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import javax.xml.bind.DatatypeConverter; public class Base64 { public static void main(String[] args) throws IOException { BufferedReader reader = new BufferedReader(new InputStreamReader(System.in)); for (String line = reader.readLine(); line.length() > 0; line = reader.readLine()) { String result = new String(DatatypeConverter.parseBase64Binary(line)); System.out.println(result); } } }
oracle oracle!@#$ oracle123 oracle1234 master master!@#$ master123 master1234 server server!@#$ server123 server1234 sybase sybase!@#$ sybase123 sybase1234 root root!@#$ root123 root1234 web webmaster webmaster!@#$ webmaster123 webmaster1234 web!@#$ web123 web1234 test test!@#$ test123 test1234 user user!@#$ user123 user1234 !@#$ !@#$% !@#$%^ !@#$%^& !@#$%^&* 1 111 123 1234 123456 654321 backup backup!@#$ backup123 backup1234 admin admin!@#$ admin123 admin1234 asdf asdfgh data data!@#$ data123 data1234