Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

Hackbot(1)			Scanning tools			    Hackbot(1)

NAME
       Hackbot - Host exploration and bannergrab tool

SYNOPSIS
       hackbot.pl   [-VOAitfmsSdprX][-P	  <proxy:port>][-a  <NN>][-z  <NN>][-l
       <c|v|d>][-g  <string>][-w  avociun]]  [<host|ip|net|range>|-F  <target‐
       file>]

DESCRIPTION
       Hackbot is a vulnerability and bannergrabber meant as auditory tool for
       remote and local hosts. Hackbot	requires  PERL	(http://www.perl.org),
       IO::Socket,  Net::hostent  and  Getopt::Std which should come with your
       default PERL installation.

PLATFORMS
       Hackbot should work on all UNIX platforms which have perl and the  nec‐
       essary modules installed.

OPTIONS
       -O log to output file.

       -A All scan types.

       -i Ident scan.

       -t Telnet fingerprinting.

       -f FTP scan, grabs FTP banner and checks for
	  anonymous user login.

       -m MTA scan, grabs MTA banner and checks for
	  open relay, EXPN and VRFY.

       -s SSH scan, grabs SSH banner.

       -S Check target host with spamcop's database

       -d DNS scan, grabs DNS version.

       -p POP3 scan

       -r Registrar whois lookup.

       -V Print Version and exit.

       -P Scan via proxy.

       -l loglevel sets loglevel state, see LOGLEVEL OPTIONS below.

       -g  <string>  Google search, uses strings from google.db when -A option
       is used. See GOOGLE SEARCH section below

       -w Webserver scan, various options, see the
	  WEBSERVER OPTIONS section below.

       -z NN Set time in seconds between each CGI poll (to be  less  conspicu‐
       ous).

       -a NN Set alternative webserver port.

       -X X allow check.

       -F Reads hostnames or IP's from a targetfile.

WEBSERVER OPTIONS
       Webserver scan types:

       a All webserver scans.

       v Check webserver version.

       o Check for webserver PUBLIC and ALLOW options.

       c CGI scan, scans for commonly exploitable CGI's

       i IDA, IDC, IDQ scan, scans for path revealing NT
	  problems.

       u Unicode scan, scans for NT unicode vulnerabilities.

       n Nimda scan, scans for eml files in website html
	  source, works best combined with -c option.

LOGLEVEL OPTIONS
       Loglevel states:
		       c  critical (default)
		       v  verbose
		       d  debug

       c Critical only list information that is important.

       v Verbose same as above + might-be-interesting-stuff.

       d  Show	all  normal scaninfo, All socketinfo, data and show additional
       'tagpoints'.

SCANOUTPUT
       The output of the scan is placed in output.host files or, when  the  -O
       option is used, it is placed in the given output file

SCANOUTPUT EXAMPLE
       output.127.0.0.1
       output.www.yourdomain.name
       or,  when  -O  option  is defined, output is placed in the given output
       file.

EXAMPLES
       FTP, MTA and webserver options, CGI and IDA scan

       $ hackbot.pl -f -m -w oci localhost

       ALL scans

       $ hackbot.pl -A localhost

       or from a file

       $ hackbot.pl -A -F file_with_hosts

       or with ranges and output file

       $ hackbot.pl -O logfile -A 192.168.1.1 192.168.1.255

       or with CIDR's

       $ hackbot.pl -A 192.168.1.0/24

       NOTE: CIDR masks < /24 are currently unsupported.

       or with a higher loglevel

       $ hackbot -A -lv 192.168.1.1

GOOGLE SEARCH
       The google search is issued  with  the  -A  option  by  default	(using
       google.db), a manual scan can be done this way:

       hackbot.pl -g string host

       For instance:

       $ hackbot.pl -g britney www.geocities.com

       Hackbot will search for URL's containing 'britney' on http://www.geoci‐
       ties.com via google.

       It could find this for instance:

       http://www.geocities.com/britney.html
       http://www.geocities.com/~user/britney.txt

       etc..

AUTHORS
       Marco van Berkum - m.v.berkum@obit.nl
       Kristian Vlaardingerbroek - kris@obit.nl
       Pepijn Vissers - zoef@zoefdehaas.nl
       Martijn Mooijman - foobar@obit.nl
       Herman Poortermans - herman@ofzo.nl
       Guido Barosio - gbarosio@uolsinectis.com.ar

BUGS
       All bugs can be reported to m.v.berkum@obit.nl, before  reporting  bugs
       please refer to the KNOWN_BUGS file first.

LICENSE
       Hackbot is licensed under the LGPL License, see LICENSE for more infor‐
       mation.

DISCLAIMER
       The author of this program _CANNOT_ be held responsible for any illegal
       scanning	 activities  initiated	by an user or unauthorised party. This
       program is meant as tool to determine your OWN network  security.   Any
       unauthorised  probes  with  this	 program  should  be reported to local
       authorities and/or to the attacker himself. Complaints  to  my  address
       regarding  the unauthorised use of this program will be moved unseen to
       /dev/null.

Marco van Berkum		     2.21			    Hackbot(1)

Vote for polarhome