Wiki
  • Introduction
  • 👾Penetration Testing
    • Application Security
      • Mobile App Security
        • Android Application Testing
          • Security Checklist
          • SSL Pinning Bypasses
          • Non-Proxy Aware Applications
            • Setting up VPN Server
            • Bypasses
          • Common Proxying Issues
          • Android Local Storage Checks
          • Android Task Hijacking
          • Kiosk Mode / Breakout Testing
          • Magisk on GenyMotion
        • iOS Application Testing
          • iOS Testing Using Objection
          • IPA Analysis Using MobSF
          • iOS Jailbreak Bypass
          • Decrypting iOS Apps
          • iOS Reverse Engineering
          • Jailbreak Detection Bypasses
          • iOS Local Storage Checks
          • Installing IPA
          • ATS Auditing
          • iOS Jailbreaking
          • Frida Pinning Bypasses
          • iOS Jailbreaking
        • Code Security
        • Frida on Windows
      • Web Application Security
        • Web Shells
        • CSV Injection
        • Measure Response Time using CURL
        • OSINT
          • EyeWitness
        • GraphQL Hacking
      • API Security
        • Security Checklist
        • Postman and Burp
        • CURL via BurpSuite
        • SOAP API Pentesting
    • Infrastructure Security
      • Network Infrastructure
        • Red Team Powershell Scripts
        • Mounting NFS Shares
        • Password Cracking/Auditing
        • Remote Access Sheet
        • Password Cracking Using Hashcat
        • Calculate IP Addresses from CIDR
        • Grep IP addresses or IP Ranges from a File
        • Default Credentials Checking
        • Check SSL/TLS Certificates
        • Log a terminal session
        • Unauthenticated Mongo DB
        • Microsoft SQL Server (MSSQL)
        • NTP Mode 6 Vulnerabilities
        • BloodHound
        • AD Offensive Testing
        • CrackMapExec
        • Select all IP addresses in Sublime Text
        • Convert CIDRs to an IP address list
        • Microsoft Exchange Client Access Server Information Disclosure
        • Web Server HTTP Header Internal IP Disclosure
        • smbclient.py
        • GetUserSPNs.py
        • Get-GPPPassword.py
        • SMBMap
        • Mounting Shares
        • mitm6
        • AD Attacks
        • Weak IKE Security Configurations
        • Locked BIOS Password Bypass
      • Wireless Security
        • Cached Wireless Keys
        • Aircrack Suite
    • SSL/TLS Security
    • Secure Code Review
      • Python
      • Semgrep
        • Semgrep to HTML Report
    • Cloud Security
      • Cloud Penetration Testing
    • Social Engineering
      • Simulated Phishing
        • GoPhish
    • Tool Usage
      • Docker
      • Split
      • PhantomJS
      • Aquatone
      • Tmux
      • Ipainstaller
      • Public IP From Command Line
      • Wifite
      • IKE Scan
      • Grep
      • Pulling APKs
      • Bitsadmin
      • Drozer
      • Iptables
      • Python Web Server
      • Crackmapexec
      • Impacket
      • Nessus
      • Adding SUDO User
      • Nmap
      • Metasploit Payloads
      • SMTP Open Relay
      • SQLMap
      • Screen
      • Remove All After Colon
      • Remove Old Linux Kernels
      • CURL
      • Hashcat
      • Secure Copy Protocol (SCP)
      • SSH & PGP Tools
      • IP Calculator
      • BloodHound
      • Netcat File Transfer
      • OpenVAS
      • BurpSuite
      • Exiftool
      • Python Virtual Environments
    • Errors and Solutions
      • Kill Process On Specific Port
      • Kill SSH Port Forwarding
      • SSH Key
      • Expanding Disk on Kali VM
    • Scoping
      • Scoping Questionnaires
        • Mobile App Testing
    • OSINT
      • Dark Web OSINT
      • Certificate Chain Check
      • EyeWitness - Web Service Screenshot
      • Tor to Browse Onion Links
      • DarkDump - Scan Dark Web for Onion Links
      • Domain related File Search
      • Google Dorking
      • IP / Network Blocks owned by a Company
  • ⌨️Programming
    • Automation
      • Running a Service at Boot
      • Network Connectivity Cron
    • Python
      • Adding Columns in Pandas
      • Copy Entire Column Data To New Column Pandas
      • Loading Progress Bar
      • Reorder Columns in Pandas
      • Filename with Date/Time Stamp
      • Command Line Arguments
      • Changing Date Format
      • Removing Index Column Pandas
      • Regex - Remove HTML Tags
      • Column Header Mapping
  • 🌐Miscellaneous
    • Scripts
      • Clickjacking Checker
      • Bulk WHOIS
      • SMB Signing Check
      • FDQN to IP Address
      • Grep IP Addresses
      • Nessus Parser
      • Build Review Audit
      • Nessus Merger
      • Nmap2CSV
      • Remove Audio From Videos
    • Favourite Reads/Links
    • Hacking Posters
    • Windows Developer VMs
    • Windows Workspaces
    • GitHub Pages
    • Interview Prep
      • Senior Penetration Tester
    • CVSS Formula
    • Android Rooting
      • Lineage OS 18.1 on OnePlus X
      • TWRP Recover on OnePlus X
      • Magisk Rooting
    • Presentation Slides
      • BlackHat - USA [2022]
  • 🐞Vulnerability Wiki
    • 🌐APPLICATION LEVEL
      • 🔒AUTHENTICATION
        • Authentication Bypass
        • Lack of Password Confirmation
        • 2FA Code Brute-forceable
        • Lack of Verification
        • Lack of Throttling on Form Submissions
        • Lack of Rate Limiting on Login
        • Weak Password Complexity Rules
        • 🖥️SESSION MANAGEMENT
        • 🔑ACCESS CONTROL
      • 🔢INPUT VALIDATION
      • ➗CRYPTOGRAPHY
      • 📉LOGGING
      • 📕DATA PROTECTION
      • 📲COMMUNICATION
      • 👨‍💻MALICIOUS CODE
      • 💡LOGIC
      • 🗄️FILE UPLOAD
      • ⚙️API ISSUES
      • 🔍CONFIGURATIONS
    • 💾INFRASTRUCTURE LEVEL
      • ICMP Timestamp Request Remote Date Disclosure (CVE-1999-0524)
      • ASP.NET Debug Mode Validation
Powered by GitBook
On this page
  • Run on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet
  • Run on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet
  • Run on a Subnet or File with List of IPs or Subnets (Active Scan) on All Protocols:

Was this helpful?

  1. Penetration Testing
  2. Infrastructure Security
  3. Network Infrastructure

Default Credentials Checking

Run on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet

changeme --all 172.18.0.0/20 --dryrun -f

Run on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet

changeme --all Grepped-ips.txt --dryrun -f

Run on a Subnet or File with List of IPs or Subnets (Active Scan) on All Protocols:

changeme --all 172.18.0.0/20

changeme --all Grepped-ips.txt
root@kali:~# changeme -h

 #####################################################
#       _                                             #
#   ___| |__   __ _ _ __   __ _  ___ _ __ ___   ___   #
#  / __| '_ \ / _` | '_ \ / _` |/ _ \ '_ ` _ \ / _ \  #
# | (__| | | | (_| | | | | (_| |  __/ | | | | |  __/  #
#  \___|_| |_|\__,_|_| |_|\__, |\___|_| |_| |_|\___|  #
#                         |___/                       #
#  v1.2.3                                             #
#  Default Credential Scanner by @ztgrace             #
 #####################################################
    
usage: changeme.py [-h] [--all] [--category CATEGORY] [--contributors]
                   [--debug] [--delay DELAY] [--dump] [--dryrun]
                   [--fingerprint] [--fresh] [--log LOG] [--mkcred]
                   [--name NAME] [--noversion] [--proxy PROXY]
                   [--output OUTPUT] [--oa] [--protocols PROTOCOLS]
                   [--portoverride] [--redishost REDISHOST]
                   [--redisport REDISPORT] [--resume]
                   [--shodan_query SHODAN_QUERY] [--shodan_key SHODAN_KEY]
                   [--ssl] [--threads THREADS] [--timeout TIMEOUT]
                   [--useragent USERAGENT] [--validate] [--verbose]
                   target

Default credential scanner v1.2.3

positional arguments:
  target                Target to scan. Can be IP, subnet, hostname, nmap xml
                        file, text file or proto://host:port

options:
  -h, --help            show this help message and exit
  --all, -a             Scan for all protocols
  --category CATEGORY, -c CATEGORY
                        Category of default creds to scan for
  --contributors        Display cred file contributors
  --debug, -d           Debug output
  --delay DELAY, -dl DELAY
                        Specify a delay in milliseconds to avoid 429 status
                        codes default=500
  --dump                Print all of the loaded credentials
  --dryrun              Print urls to be scan, but don't scan them
  --fingerprint, -f     Fingerprint targets, but don't check creds
  --fresh               Flush any previous scans and start fresh
  --log LOG, -l LOG     Write logs to logfile
  --mkcred              Make cred file
  --name NAME, -n NAME  Narrow testing to the supplied credential name
  --noversion           Don't perform a version check
  --proxy PROXY, -p PROXY
                        HTTP(S) Proxy
  --output OUTPUT, -o OUTPUT
                        Name of result file. File extension determines type
                        (csv, html, json).
  --oa                  Output results files in csv, html and json formats
  --protocols PROTOCOLS
                        Comma separated list of protocols to test:
                        http,ssh,ssh_key. Defaults to http.
  --portoverride        Scan all protocols on all specified ports
  --redishost REDISHOST
                        Redis server
  --redisport REDISPORT
                        Redis server
  --resume, -r          Resume previous scan
  --shodan_query SHODAN_QUERY, -q SHODAN_QUERY
                        Shodan query
  --shodan_key SHODAN_KEY, -k SHODAN_KEY
                        Shodan API key
  --ssl                 Force cred to SSL and fall back to non-SSL if an
                        SSLError occurs
  --threads THREADS, -t THREADS
                        Number of threads, default=10
  --timeout TIMEOUT     Timeout in seconds for a request, default=10
  --useragent USERAGENT, -ua USERAGENT
                        User agent string to use
  --validate            Validate creds files
  --verbose, -v         Verbose output

PreviousGrep IP addresses or IP Ranges from a FileNextCheck SSL/TLS Certificates

Last updated 1 year ago

Was this helpful?

👾