NAME

       changeme - Default Credential Scanner

DESCRIPTION

       A default Credential Scanner with support for various protocols

SYNOPSIS

       changeme [options] <target>

OPTIONS

   required arguments:
       target Target to scan. Can be IP, subnet, hostname, nmap xml file, text file or proto://host:port

   optional arguments:
       -h, --help
              show this help message and exit

       --all, -a
              Scan for all protocols

       --category, -c CATEGORY
              Category of default creds to scan for

       --contributors
              Display cred file contributors

       --debug, -d
              Debug output

       --delay, -dl DELAY
              Specify a delay in milliseconds to avoid 429 status codes default=500

       --dump Print all of the loaded credentials

       --dryrun
              Print urls to be scan, but don't scan them

       --fingerprint, -f
              Fingerprint targets, but don't check creds

       --fresh
              Flush any previous scans and start fresh

       --log, -l LOG
              Write logs to logfile

       --mkcred
              Make cred file

       --name, -n NAME
              Narrow testing to the supplied credential name

       --noversion
              Don't perform a version check

       --proxy, -p PROXY
              HTTP(S) Proxy

       --output, -o OUTPUT
              Name of result file. File extension determines type (csv, html, json).

       --oa   Output results files in csv, html and json formats

       --protocols PROTOCOLS
              Comma separated list of protocols to test: http,ssh,ssh_key. Defaults to http.

       --portoverride
              Scan all protocols on all specified ports

       --redishost REDISHOST
              Redis server

       --redisport REDISPORT
              Redis server

       --resume, -r
              Resume previous scan

       --shodan_query, -q SHODAN_QUERY
              Shodan query

       --shodan_key, -k SHODAN_KEY
              Shodan API key

       --ssl  Force cred to SSL and fall back to non-SSL if an SSLError occurs

       --threads, -t THREADS
              Number of threads, default=10

       --timeout TIMEOUT
              Timeout in seconds for a request, default=10

       --useragent, -ua USERAGENT
              User agent string to use

       --validate
              Validate creds files

       --verbose, -v
              Verbose output

EXAMPLES

       changeme 192.168.2.100 Scan single host

       changeme 192.168.2.0/24 Scan subnet

       changeme subnet.xml Scan using a nmap output file

       changeme -n "Apache Tomcat" --timeout 5 192.168.2.0/24 Scan a subnet for Tomcat default creds and set the
       timeout to 5 seconds

       changeme --shodan_query "Server: SQ-WEBCAM" --shodan_key keygoeshere -c camera Use Shodan to populate a
       targets list and check them for default credentials

       changeme --protocols ssh,ssh_key 192.168.2.0/24 Scan subnet for SSH and known SSH keys

       changeme snmp://192.168.2.100 Scan a host for SNMP creds using the protocol syntax

AUTHOR

       changeme  was developed by ztgrace, this manpage was made by Samuel Henrique <samueloph@debian.org> based
       on changeme --help output and can be used by other projects as well.

changeme 1.1.1                                      June 2018                                        CHANGEME(1)