Manual Reference Pages - HACKBOT (1)
Hackbot - Host exploration and bannergrab tool
hackbot.pl [-VOAitfmsSdprX][-P <proxy:port>][-a <NN>][-z <NN>][-l <c|v|d>][-g <string>][-w avociun]] [<host|ip|net|range>|-F <targetfile>]
Hackbot is a vulnerability and bannergrabber meant as auditory tool for remote and local hosts. Hackbot requires PERL (http://www.perl.org), IO::Socket, Net::hostent and Getopt::Std which should come with your default PERL installation.
Hackbot should work on all UNIX platforms which have perl and the necessary modules installed.
-O log to output file.
-A All scan types.
-i Ident scan.
-t Telnet fingerprinting.
-f FTP scan, grabs FTP banner and checks for
anonymous user login.
-m MTA scan, grabs MTA banner and checks for
open relay, EXPN and VRFY.
-s SSH scan, grabs SSH banner.
-S Check target host with spamcops database
-d DNS scan, grabs DNS version.
-p POP3 scan
-r Registrar whois lookup.
-V Print Version and exit.
-P Scan via proxy.
-l loglevel sets loglevel state, see LOGLEVEL OPTIONS below.
-g <string> Google search, uses strings from google.db when -A option is used. See GOOGLE SEARCH section below
-w Webserver scan, various options, see the
WEBSERVER OPTIONS section below.
-z NN Set time in seconds between each CGI poll (to be less conspicuous).
-a NN Set alternative webserver port.
-X X allow check.
-F Reads hostnames or IPs from a targetfile.
Webserver scan types:
a All webserver scans.
v Check webserver version.
o Check for webserver PUBLIC and ALLOW options.
c CGI scan, scans for commonly exploitable CGIs
i IDA, IDC, IDQ scan, scans for path revealing NT
u Unicode scan, scans for NT unicode vulnerabilities.
n Nimda scan, scans for eml files in website html
source, works best combined with -c option.
c critical (default)
c Critical only list information that is important.
v Verbose same as above + might-be-interesting-stuff.
d Show all normal scaninfo, All socketinfo, data and show additional tagpoints.
The output of the scan is placed in output.host files or, when the -O option
is used, it is placed in the given output file
or, when -O option is defined, output is placed in the given output file.
FTP, MTA and webserver options, CGI and IDA scan
$ hackbot.pl -f -m -w oci localhost
$ hackbot.pl -A localhost
or from a file
$ hackbot.pl -A -F file_with_hosts
or with ranges and output file
$ hackbot.pl -O logfile -A 192.168.1.1 192.168.1.255
or with CIDRs
$ hackbot.pl -A 192.168.1.0/24
NOTE: CIDR masks < /24 are currently unsupported.
or with a higher loglevel
$ hackbot -A -lv 192.168.1.1
The google search is issued with the -A option by default (using google.db),
a manual scan can be done this way:
hackbot.pl -g string host
$ hackbot.pl -g britney www.geocities.com
Hackbot will search for URLs containing britney on http://www.geocities.com via google.
It could find this for instance:
Marco van Berkum - firstname.lastname@example.org
Kristian Vlaardingerbroek - email@example.com
Pepijn Vissers - firstname.lastname@example.org
Martijn Mooijman - email@example.com
Herman Poortermans - firstname.lastname@example.org
Guido Barosio - email@example.com
All bugs can be reported to firstname.lastname@example.org, before reporting bugs please
refer to the KNOWN_BUGS file first.
Hackbot is licensed under the LGPL License, see LICENSE for more information.
The author of this program _CANNOT_ be held responsible for any illegal scanning activities initiated by an user or unauthorised party. This program is meant as tool to determine your OWN network security.
Any unauthorised probes with this program should be reported to local authorities and/or to the attacker himself. Complaints to my address regarding the unauthorised use of this program will be moved unseen to /dev/null.
|Marco van Berkum ||HACKBOT (1) ||2.21 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.