| CHANGEME(1) | User Commands | CHANGEME(1) |
NAME¶
changeme - Default Credential Scanner
DESCRIPTION¶
A default Credential Scanner with support for various protocols
SYNOPSIS¶
changeme [options] <target>
OPTIONS¶
required arguments:¶
- target
- Target to scan. Can be IP, subnet, hostname, nmap xml file, text file or proto://host:port
optional arguments:¶
- -h, --help
- show this help message and exit
- --all, -a
- Scan for all protocols
- --category, -c CATEGORY
- Category of default creds to scan for
- --contributors
- Display cred file contributors
- --debug, -d
- Debug output
- --delay, -dl DELAY
- Specify a delay in milliseconds to avoid 429 status codes default=500
- --dump
- Print all of the loaded credentials
- --dryrun
- Print urls to be scan, but don't scan them
- --fingerprint, -f
- Fingerprint targets, but don't check creds
- --fresh
- Flush any previous scans and start fresh
- --log, -l LOG
- Write logs to logfile
- --mkcred
- Make cred file
- --name, -n NAME
- Narrow testing to the supplied credential name
- --noversion
- Don't perform a version check
- --proxy, -p PROXY
- HTTP(S) Proxy
- --output, -o OUTPUT
- Name of result file. File extension determines type (csv, html, json).
- --oa
- Output results files in csv, html and json formats
- --protocols PROTOCOLS
- Comma separated list of protocols to test: http,ssh,ssh_key. Defaults to http.
- --portoverride
- Scan all protocols on all specified ports
- --redishost REDISHOST
- Redis server
- --redisport REDISPORT
- Redis server
- --resume, -r
- Resume previous scan
- --shodan_query, -q SHODAN_QUERY
- Shodan query
- --shodan_key, -k SHODAN_KEY
- Shodan API key
- --ssl
- Force cred to SSL and fall back to non-SSL if an SSLError occurs
- --threads, -t THREADS
- Number of threads, default=10
- --timeout TIMEOUT
- Timeout in seconds for a request, default=10
- --useragent, -ua USERAGENT
- User agent string to use
- --validate
- Validate creds files
- --verbose, -v
- Verbose output
EXAMPLES¶
changeme 192.168.2.100 Scan single host
- changeme 192.168.2.0/24 Scan subnet
- changeme subnet.xml Scan using a nmap output file
- changeme -n "Apache Tomcat" --timeout 5 192.168.2.0/24 Scan a subnet for Tomcat default creds and set the timeout to 5 seconds
- changeme --shodan_query "Server: SQ-WEBCAM" --shodan_key keygoeshere -c camera Use Shodan to populate a targets list and check them for default credentials
- changeme --protocols ssh,ssh_key 192.168.2.0/24 Scan subnet for SSH and known SSH keys
- changeme snmp://192.168.2.100 Scan a host for SNMP creds using the protocol syntax
AUTHOR¶
changeme was developed by ztgrace, this manpage was made by Samuel Henrique <samueloph@debian.org> based on changeme --help output and can be used by other projects as well.
| June 2018 | changeme 1.1.1 |