GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  HACKBOT (1)

NAME

Hackbot - Host exploration and bannergrab tool

CONTENTS

SYNOPSIS

hackbot.pl [-VOAitfmsSdprX][-P <proxy:port>][-a <NN>][-z <NN>][-l <c|v|d>][-g <string>][-w avociun]] [<host|ip|net|range>|-F <targetfile>]

DESCRIPTION

Hackbot is a vulnerability and bannergrabber meant as auditory tool for remote and local hosts. Hackbot requires PERL (http://www.perl.org), IO::Socket, Net::hostent and Getopt::Std which should come with your default PERL installation.

PLATFORMS

Hackbot should work on all UNIX platforms which have perl and the necessary modules installed.

OPTIONS

-O log to output file.

-A All scan types.

-i Ident scan.

-t Telnet fingerprinting.

-f FTP scan, grabs FTP banner and checks for
anonymous user login.

-m MTA scan, grabs MTA banner and checks for
open relay, EXPN and VRFY.

-s SSH scan, grabs SSH banner.

-S Check target host with spamcop’s database

-d DNS scan, grabs DNS version.

-p POP3 scan

-r Registrar whois lookup.

-V Print Version and exit.

-P Scan via proxy.

-l loglevel sets loglevel state, see LOGLEVEL OPTIONS below.

-g <string> Google search, uses strings from google.db when -A option is used. See GOOGLE SEARCH section below

-w Webserver scan, various options, see the
WEBSERVER OPTIONS section below.

-z NN Set time in seconds between each CGI poll (to be less conspicuous).

-a NN Set alternative webserver port.

-X X allow check.

-F Reads hostnames or IP’s from a targetfile.

WEBSERVER OPTIONS

Webserver scan types:

a All webserver scans.

v Check webserver version.

o Check for webserver PUBLIC and ALLOW options.

c CGI scan, scans for commonly exploitable CGI’s

i IDA, IDC, IDQ scan, scans for path revealing NT
problems.

u Unicode scan, scans for NT unicode vulnerabilities.

n Nimda scan, scans for eml files in website html
source, works best combined with -c option.

LOGLEVEL OPTIONS

Loglevel states:
c critical (default)
v verbose
d debug

c Critical only list information that is important.

v Verbose same as above + might-be-interesting-stuff.

d Show all normal scaninfo, All socketinfo, data and show additional ’tagpoints’.

SCANOUTPUT

The output of the scan is placed in output.host files or, when the -O option is used, it is placed in the given output file

SCANOUTPUT EXAMPLE

output.127.0.0.1
output.www.yourdomain.name
or, when -O option is defined, output is placed in the given output file.

EXAMPLES

FTP, MTA and webserver options, CGI and IDA scan

$ hackbot.pl -f -m -w oci localhost

ALL scans

$ hackbot.pl -A localhost

or from a file

$ hackbot.pl -A -F file_with_hosts

or with ranges and output file

$ hackbot.pl -O logfile -A 192.168.1.1 192.168.1.255

or with CIDR’s

$ hackbot.pl -A 192.168.1.0/24

NOTE: CIDR masks < /24 are currently unsupported.

or with a higher loglevel

$ hackbot -A -lv 192.168.1.1

GOOGLE SEARCH

The google search is issued with the -A option by default (using google.db), a manual scan can be done this way:

hackbot.pl -g string host

For instance:

$ hackbot.pl -g britney www.geocities.com

Hackbot will search for URL’s containing ’britney’ on http://www.geocities.com via google.

It could find this for instance:

http://www.geocities.com/britney.html
http://www.geocities.com/~user/britney.txt

etc..

AUTHORS

Marco van Berkum - m.v.berkum@obit.nl
Kristian Vlaardingerbroek - kris@obit.nl
Pepijn Vissers - zoef@zoefdehaas.nl
Martijn Mooijman - foobar@obit.nl
Herman Poortermans - herman@ofzo.nl
Guido Barosio - gbarosio@uolsinectis.com.ar

BUGS

All bugs can be reported to m.v.berkum@obit.nl, before reporting bugs please refer to the KNOWN_BUGS file first.

LICENSE

Hackbot is licensed under the LGPL License, see LICENSE for more information.

DISCLAIMER

The author of this program _CANNOT_ be held responsible for any illegal scanning activities initiated by an user or unauthorised party. This program is meant as tool to determine your OWN network security. Any unauthorised probes with this program should be reported to local authorities and/or to the attacker himself. Complaints to my address regarding the unauthorised use of this program will be moved unseen to /dev/null.
Search for    or go to Top of page |  Section 1 |  Main Index


Marco van Berkum HACKBOT (1) 2.21

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.