# Default Credentials Checking
### Run on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet
```
changeme --all 172.18.0.0/20 --dryrun -f
```
### Run on Subnet with Dry Run Fingerprinting on ALL protocols on a Single Subnet
```
changeme --all Grepped-ips.txt --dryrun -f
```
### Run on a Subnet or File with List of IPs or Subnets (Active Scan) on All Protocols:
```
changeme --all 172.18.0.0/20
changeme --all Grepped-ips.txt
```
```console
root@kali:~# changeme -h
#####################################################
# _ #
# ___| |__ __ _ _ __ __ _ ___ _ __ ___ ___ #
# / __| '_ \ / _` | '_ \ / _` |/ _ \ '_ ` _ \ / _ \ #
# | (__| | | | (_| | | | | (_| | __/ | | | | | __/ #
# \___|_| |_|\__,_|_| |_|\__, |\___|_| |_| |_|\___| #
# |___/ #
# v1.2.3 #
# Default Credential Scanner by @ztgrace #
#####################################################
usage: changeme.py [-h] [--all] [--category CATEGORY] [--contributors]
[--debug] [--delay DELAY] [--dump] [--dryrun]
[--fingerprint] [--fresh] [--log LOG] [--mkcred]
[--name NAME] [--noversion] [--proxy PROXY]
[--output OUTPUT] [--oa] [--protocols PROTOCOLS]
[--portoverride] [--redishost REDISHOST]
[--redisport REDISPORT] [--resume]
[--shodan_query SHODAN_QUERY] [--shodan_key SHODAN_KEY]
[--ssl] [--threads THREADS] [--timeout TIMEOUT]
[--useragent USERAGENT] [--validate] [--verbose]
target
Default credential scanner v1.2.3
positional arguments:
target Target to scan. Can be IP, subnet, hostname, nmap xml
file, text file or proto://host:port
options:
-h, --help show this help message and exit
--all, -a Scan for all protocols
--category CATEGORY, -c CATEGORY
Category of default creds to scan for
--contributors Display cred file contributors
--debug, -d Debug output
--delay DELAY, -dl DELAY
Specify a delay in milliseconds to avoid 429 status
codes default=500
--dump Print all of the loaded credentials
--dryrun Print urls to be scan, but don't scan them
--fingerprint, -f Fingerprint targets, but don't check creds
--fresh Flush any previous scans and start fresh
--log LOG, -l LOG Write logs to logfile
--mkcred Make cred file
--name NAME, -n NAME Narrow testing to the supplied credential name
--noversion Don't perform a version check
--proxy PROXY, -p PROXY
HTTP(S) Proxy
--output OUTPUT, -o OUTPUT
Name of result file. File extension determines type
(csv, html, json).
--oa Output results files in csv, html and json formats
--protocols PROTOCOLS
Comma separated list of protocols to test:
http,ssh,ssh_key. Defaults to http.
--portoverride Scan all protocols on all specified ports
--redishost REDISHOST
Redis server
--redisport REDISPORT
Redis server
--resume, -r Resume previous scan
--shodan_query SHODAN_QUERY, -q SHODAN_QUERY
Shodan query
--shodan_key SHODAN_KEY, -k SHODAN_KEY
Shodan API key
--ssl Force cred to SSL and fall back to non-SSL if an
SSLError occurs
--threads THREADS, -t THREADS
Number of threads, default=10
--timeout TIMEOUT Timeout in seconds for a request, default=10
--useragent USERAGENT, -ua USERAGENT
User agent string to use
--validate Validate creds files
--verbose, -v Verbose output
```
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://wiki.smhuda.com/pentesting/infrastructure-security/network-infrastructure/default-credentials-checking.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.