Default Credentials Checking
Run on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet
changeme --all 172.18.0.0/20 --dryrun -fRun on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet
changeme --all Grepped-ips.txt --dryrun -fRun on a Subnet or File with List of IPs or Subnets (Active Scan) on All Protocols:
changeme --all 172.18.0.0/20
changeme --all Grepped-ips.txtroot@kali:~# changeme -h
#####################################################
# _ #
# ___| |__ __ _ _ __ __ _ ___ _ __ ___ ___ #
# / __| '_ \ / _` | '_ \ / _` |/ _ \ '_ ` _ \ / _ \ #
# | (__| | | | (_| | | | | (_| | __/ | | | | | __/ #
# \___|_| |_|\__,_|_| |_|\__, |\___|_| |_| |_|\___| #
# |___/ #
# v1.2.3 #
# Default Credential Scanner by @ztgrace #
#####################################################
usage: changeme.py [-h] [--all] [--category CATEGORY] [--contributors]
[--debug] [--delay DELAY] [--dump] [--dryrun]
[--fingerprint] [--fresh] [--log LOG] [--mkcred]
[--name NAME] [--noversion] [--proxy PROXY]
[--output OUTPUT] [--oa] [--protocols PROTOCOLS]
[--portoverride] [--redishost REDISHOST]
[--redisport REDISPORT] [--resume]
[--shodan_query SHODAN_QUERY] [--shodan_key SHODAN_KEY]
[--ssl] [--threads THREADS] [--timeout TIMEOUT]
[--useragent USERAGENT] [--validate] [--verbose]
target
Default credential scanner v1.2.3
positional arguments:
target Target to scan. Can be IP, subnet, hostname, nmap xml
file, text file or proto://host:port
options:
-h, --help show this help message and exit
--all, -a Scan for all protocols
--category CATEGORY, -c CATEGORY
Category of default creds to scan for
--contributors Display cred file contributors
--debug, -d Debug output
--delay DELAY, -dl DELAY
Specify a delay in milliseconds to avoid 429 status
codes default=500
--dump Print all of the loaded credentials
--dryrun Print urls to be scan, but don't scan them
--fingerprint, -f Fingerprint targets, but don't check creds
--fresh Flush any previous scans and start fresh
--log LOG, -l LOG Write logs to logfile
--mkcred Make cred file
--name NAME, -n NAME Narrow testing to the supplied credential name
--noversion Don't perform a version check
--proxy PROXY, -p PROXY
HTTP(S) Proxy
--output OUTPUT, -o OUTPUT
Name of result file. File extension determines type
(csv, html, json).
--oa Output results files in csv, html and json formats
--protocols PROTOCOLS
Comma separated list of protocols to test:
http,ssh,ssh_key. Defaults to http.
--portoverride Scan all protocols on all specified ports
--redishost REDISHOST
Redis server
--redisport REDISPORT
Redis server
--resume, -r Resume previous scan
--shodan_query SHODAN_QUERY, -q SHODAN_QUERY
Shodan query
--shodan_key SHODAN_KEY, -k SHODAN_KEY
Shodan API key
--ssl Force cred to SSL and fall back to non-SSL if an
SSLError occurs
--threads THREADS, -t THREADS
Number of threads, default=10
--timeout TIMEOUT Timeout in seconds for a request, default=10
--useragent USERAGENT, -ua USERAGENT
User agent string to use
--validate Validate creds files
--verbose, -v Verbose output
Last updated