Wait, It was brute forcing passwords? This sounds extremely dangerous in the wrong hands. Seems like a boon for malicious users
Wait, It was brute forcing passwords? This sounds extremely dangerous in the wrong hands. Seems like a boon for malicious users
A human in that position would try a few obvious things like "admin/admin" and then go hunting in the readme to see if a specific user is documented for testing and then maybe go to the user database and see if there is an existing admin user and maybe reset the password to get in.
Yeah, I didn't see what passwords it typed but it was trying usernames like "testuser" and stuff :p