Packages and Binaries:
changeme
This package contains a default credential scanner. Commercial vulnerability scanners miss common default credentials. Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules.
changeme keeps credential data separate from code. All credentials are stored in yaml files so they can be both easily read by humans and processed by changeme. Credential files can be created by using the ./changeme.py –mkcred tool and answering a few questions.
changeme supports the http/https, MSSQL, MySQL, Postgres, ssh and ssh w/key protocols. Use ./changeme.py –dump to output all of the currently available credentials.
Installed size: 313 KB
How to install: sudo apt install changeme
Dependencies:
- python3
- python3-cerberus
- python3-jinja2
- python3-libnmap
- python3-logutils
- python3-lxml
- python3-memcache
- python3-netaddr
- python3-paramiko
- python3-psycopg2
- python3-pymongo
- python3-pyodbc
- python3-pysnmp4
- python3-redis
- python3-requests
- python3-selenium
- python3-shodan
- python3-sqlalchemy
- python3-tabulate
- python3-yaml
changeme
Default Credential Scanner
root@kali:~# changeme -h
#####################################################
# _ #
# ___| |__ __ _ _ __ __ _ ___ _ __ ___ ___ #
# / __| '_ \ / _` | '_ \ / _` |/ _ \ '_ ` _ \ / _ \ #
# | (__| | | | (_| | | | | (_| | __/ | | | | | __/ #
# \___|_| |_|\__,_|_| |_|\__, |\___|_| |_| |_|\___| #
# |___/ #
# v1.2.3 #
# Default Credential Scanner by @ztgrace #
#####################################################
usage: changeme.py [-h] [--all] [--category CATEGORY] [--contributors]
[--debug] [--delay DELAY] [--dump] [--dryrun]
[--fingerprint] [--fresh] [--log LOG] [--mkcred]
[--name NAME] [--noversion] [--proxy PROXY]
[--output OUTPUT] [--oa] [--protocols PROTOCOLS]
[--portoverride] [--redishost REDISHOST]
[--redisport REDISPORT] [--resume]
[--shodan_query SHODAN_QUERY] [--shodan_key SHODAN_KEY]
[--ssl] [--threads THREADS] [--timeout TIMEOUT]
[--useragent USERAGENT] [--validate] [--verbose]
target
Default credential scanner v1.2.3
positional arguments:
target Target to scan. Can be IP, subnet, hostname, nmap xml
file, text file or proto://host:port
options:
-h, --help show this help message and exit
--all, -a Scan for all protocols
--category CATEGORY, -c CATEGORY
Category of default creds to scan for
--contributors Display cred file contributors
--debug, -d Debug output
--delay DELAY, -dl DELAY
Specify a delay in milliseconds to avoid 429 status
codes default=500
--dump Print all of the loaded credentials
--dryrun Print urls to be scan, but don't scan them
--fingerprint, -f Fingerprint targets, but don't check creds
--fresh Flush any previous scans and start fresh
--log LOG, -l LOG Write logs to logfile
--mkcred Make cred file
--name NAME, -n NAME Narrow testing to the supplied credential name
--noversion Don't perform a version check
--proxy PROXY, -p PROXY
HTTP(S) Proxy
--output OUTPUT, -o OUTPUT
Name of result file. File extension determines type
(csv, html, json).
--oa Output results files in csv, html and json formats
--protocols PROTOCOLS
Comma separated list of protocols to test:
http,ssh,ssh_key. Defaults to http.
--portoverride Scan all protocols on all specified ports
--redishost REDISHOST
Redis server
--redisport REDISPORT
Redis server
--resume, -r Resume previous scan
--shodan_query SHODAN_QUERY, -q SHODAN_QUERY
Shodan query
--shodan_key SHODAN_KEY, -k SHODAN_KEY
Shodan API key
--ssl Force cred to SSL and fall back to non-SSL if an
SSLError occurs
--threads THREADS, -t THREADS
Number of threads, default=10
--timeout TIMEOUT Timeout in seconds for a request, default=10
--useragent USERAGENT, -ua USERAGENT
User agent string to use
--validate Validate creds files
--verbose, -v Verbose output
Updated on: 2024-May-23