changeme(1)

Default Credential Scanner

Section 1 changeme bookworm source

Description

CHANGEME

NAME

changeme - Default Credential Scanner

DESCRIPTION

A default Credential Scanner with support for various protocols

SYNOPSIS

changeme [options] <target>

OPTIONS

required arguments:

target

Target to scan. Can be IP, subnet, hostname, nmap xml file, text file or proto://host:port

optional arguments:

-h, --help

show this help message and exit

--all, -a

Scan for all protocols

--category, -c CATEGORY

Category of default creds to scan for

--contributors

Display cred file contributors

--debug, -d

Debug output

--delay, -dl DELAY

Specify a delay in milliseconds to avoid 429 status codes default=500

--dump

Print all of the loaded credentials

--dryrun

Print urls to be scan, but don’t scan them

--fingerprint, -f

Fingerprint targets, but don’t check creds

--fresh

Flush any previous scans and start fresh

--log, -l LOG

Write logs to logfile

--mkcred

Make cred file

--name, -n NAME

Narrow testing to the supplied credential name

--noversion

Don’t perform a version check

--proxy, -p PROXY

HTTP(S) Proxy

--output, -o OUTPUT

Name of result file. File extension determines type (csv, html, json).

--oa

Output results files in csv, html and json formats

--protocols PROTOCOLS

Comma separated list of protocols to test: http,ssh,ssh_key. Defaults to http.

--portoverride

Scan all protocols on all specified ports

--redishost REDISHOST

Redis server

--redisport REDISPORT

Redis server

--resume, -r

Resume previous scan

--shodan_query, -q SHODAN_QUERY

Shodan query

--shodan_key, -k SHODAN_KEY

Shodan API key

--ssl

Force cred to SSL and fall back to non-SSL if an SSLError occurs

--threads, -t THREADS

Number of threads, default=10

--timeout TIMEOUT

Timeout in seconds for a request, default=10

--useragent, -ua USERAGENT

User agent string to use

--validate

Validate creds files

--verbose, -v

Verbose output

EXAMPLES

changeme 192.168.2.100 Scan single host
changeme 192.168.2.0/24 Scan subnet
changeme subnet.xml Scan using a nmap output file
changeme -n "Apache Tomcat" --timeout 5 192.168.2.0/24 Scan a subnet for
Tomcat default creds and set the timeout to 5 seconds
changeme --shodan_query "Server: SQ-WEBCAM" --shodan_key keygoeshere -c
camera Use Shodan to populate a targets list and check them for default
credentials
changeme --protocols ssh,ssh_key 192.168.2.0/24 Scan subnet for SSH and
known SSH keys
changeme snmp://192.168.2.100 Scan a host for SNMP creds using the protocol
syntax

AUTHOR

changeme was developed by ztgrace, this manpage was made by Samuel Henrique <samueloph@debian.org> based on changeme --help output and can be used by other projects as well.