The Dumbest Reason Systems Get Compromised Is Still Default Passwords
Summary
Praetorian, an offensive security company, consistently finds that default credentials remain a primary vulnerability in enterprise systems, despite organizations spending millions on advanced defenses. This issue stems from the sheer scale of modern networks, which can include hundreds of thousands of diverse hosts, each potentially retaining vendor-supplied default credentials. To address the inefficiency of existing credential testing tools like THC Hydra, Praetorian developed Brutus. This open-source, single-binary tool automates multi-protocol credential testing, integrates with modern reconnaissance outputs, and crucially, compiles known-compromised SSH keys directly into its binary for automatic testing. Brutus also includes experimental features leveraging large language models and computer vision to identify unknown admin panels and suggest default credentials, aiming to streamline the identification and testing of overlooked infrastructure.
Key takeaway
For CTOs and VPs of Engineering overseeing large, complex networks, the persistent threat of default credentials demands a shift from periodic audits to continuous, automated testing. Your teams should deploy tools like Brutus to systematically scan for and remediate known-compromised keys and default logins across all infrastructure, including forgotten or temporary systems. This proactive approach is crucial to prevent attackers from exploiting the "dumbest" vulnerabilities that bypass sophisticated defenses.
Key insights
Default credentials remain a critical vulnerability due to enterprise scale, necessitating automated, comprehensive testing.
Principles
- Scale complicates security.
- Automate tedious security tasks.
- Test like an attacker.
Method
Brutus automates multi-protocol credential testing by compiling known-compromised SSH keys and using AI for admin panel identification, providing structured JSON output for efficient analysis.
In practice
- Use Brutus to test for default credentials.
- Integrate Brutus with existing recon tools.
- Systematically test for known-bad SSH keys.
Topics
- Offensive Security
- Default Credentials
- Vulnerability Scanning
- Lateral Movement
- AI for Cybersecurity
Code references
Best for: CTO, VP of Engineering/Data, Security Engineer, AI Security Engineer, MLOps Engineer
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by LLM on Medium.