                              Hackbot 2.15
   RTFM/RTFINTRO/RTFFAQ/RTFINST/RTFLSTINF/RTFCONTACTINF/RTFBUGRPT/RTFSRC
RTFNWS/RFFRESHMEAT/RTFMIRRORINF/RTFPORTINF/RTFLICENSE/RTFDISCLAIMER/RTFKNWNBGS
------------------------------------------------------------------------------

###############################################################
# Authors:                                                    #
#                                                             #
# Marco van Berkum             - m.v.berkum@obit.nl           #
#                                http://ws.obit.nl            #
# Kristian Vlaardingerbroek    - kris@obit.nl                 #
#                                http://www.obit.nl           #
# Pepijn Vissers               - zoef@zoefdehaas.nl           #
#                                http://www.zoefdehaas.nl     #
# Martijn Mooijman             - foobar@obit.nl               #
#                                http://bitch.obit.nl         #
# Herman Poortermans           - herman@ofzo.nl               #
#                                http://cashcow.dyn.dhs.org   #
# Guido Barosio                - gbarosio@uolsinectis.com.ar  #  
#                                                             #
# Port maintainers:                                           #
#                                                             #
# OpenBSD                   - Herman Poortermans              #
#                             herman@ofzo.nl                  #
# NetBSD                    - Niilo Kajander                  #
#                             nk@atki.net                     #
# Gentoo                    - Martijn Mooijman                #
#                             foobar@obit.nl                  #
# Debian                    - Michiel van de Garde            #
#                             garde@benben.com                #
# Sun                       - Sam Nelson                      #
#                             mail@sun.com                    #
###############################################################

Hackbot(1)                Scanning tools               Hackbot(1)

NAME
       Hackbot - Host exploration and bannergrab tool

SYNOPSIS
       hackbot.pl   [-OAitfmsSdrX[-P   <proxy:port>][-a  <NN>][-z
       <NN>][-l <c|v|d>]  [-w  avociun]]  [<host|ip|net|range>|-F
       <targetfile>]

DESCRIPTION
       Hackbot  is  a  vulnerability  and  bannergrabber meant as
       auditory tool for remote and local hosts. Hackbot requires
       PERL  (http://www.perl.org),  IO::Socket, Net::hostent and
       Getopt::Std which  should  come  with  your  default  PERL
       installation.

PLATFORMS
       Hackbot  should work on all UNIX platforms which have perl
       and the necessary modules installed. If you want to get it
       to  work  with Windows fix it yourself, I simply refuse to
       support it. Microsoft is evil and should be  removed  from
       this planet.

OPTIONS
       -O log to output file.

       -A All scan types.

       -i Ident scan.

       -t Telnet fingerprinting.

       -f FTP scan, grabs FTP banner and checks for
          anonymous user login.

       -m MTA scan, grabs MTA banner and checks for
          open relay, EXPN and VRFY.

       -s SSH scan, grabs SSH banner.

       -S Check target host with spamcop's database.

       -d DNS scan, grabs DNS version.
       
       -V Print Version and exit.
       
       -r Registrar whois lookup.

       -P Scan via proxy.

       -l  loglevel  sets  loglevel  state,  see LOGLEVEL OPTIONS
       below.

       -w Webserver scan, various options, see the
          WEBSERVER OPTIONS section below.

Marco van Berkum               2.15                             1

Hackbot(1)                Scanning tools               Hackbot(1)

       -z NN Set time in seconds between each  CGI  poll  (to  be
       less conspicuous).

       -a NN Set alternative webserver port

       -X X allow check

       -F Reads hostnames or IP's from a targetfile.

WEBSERVER OPTIONS
       Webserver scan types:

       a All webserver scans.

       v Check webserver version.

       o Check for webserver PUBLIC and ALLOW options.

       c CGI scan, scans for commonly exploitable CGI's

       i IDA, IDC, IDQ scan, scans for path revealing NT
          problems.

       u Unicode scan, scans for NT unicode vulnerabilities.

       n Nimda scan, scans for eml files in website html
          source, works best combined with -c option.

LOGLEVEL OPTIONS
       Loglevel states:
                       c  critical (default)
                       v  verbose
                       d  debug

       c Critical only list information that is important.

       v Verbose same as above + might-be-interesting-stuff.

       d  Show all normal scaninfo, All socketinfo, data and show
       additional 'tagpoints'.

SCANOUTPUT
       The output of the scan is placed in output.host files  or,
       when the -O option is used, it is placed in the given out-
       put file

SCANOUTPUT EXAMPLE
       output.127.0.0.1
       output.www.yourdomain.name
       or, when -O option is defined, output  is  placed  in  the
       given output file.

Marco van Berkum               2.15                             2

Hackbot(1)                Scanning tools               Hackbot(1)

EXAMPLES
       FTP, MTA and webserver options, CGI and IDA scan

       $ hackbot.pl -f -m -w oci localhost

       ALL scans

       $ hackbot.pl -A localhost

       or from a file

       $ hackbot.pl -A -F file_with_hosts

       or with ranges and output file

       $ hackbot.pl -O logfile -A 192.168.1.1 192.168.1.255

       or with CIDR's

       $ hackbot.pl -A 192.168.1.0/24

       NOTE: CIDR masks < /24 are currently unsupported.

AUTHORS
       Marco van Berkum - m.v.berkum@obit.nl
       Kristian Vlaardingerbroek - kris@obit.nl
       Pepijn Vissers - zoef@zoefdehaas.nl
       Martijn Mooijman - foobar@obit.nl
       Herman Poortermans - herman@ofzo.nl
       Guido Barosio - gbarosio@uolsinectis.com.ar
BUGS
       All  bugs  can  be  reported to m.v.berkum@obit.nl, before
       reporting bugs please refer to the KNOWN_BUGS file  first.

LICENSE
       Hackbot is licensed under the LGPL  License,  see  LICENSE
       for more information.

DISCLAIMER
       The  author  of  this program _CANNOT_ be held responsible
       for any illegal scanning activities initiated by  an  user
       or  unauthorised  party.  This program is meant as tool to
       determine your OWN  network  security.   Any  unauthorised
       probes  with  this  program  should  be  reported to local
       authorities and/or to the attacker himself. Complaints  to
       my  address regarding the unauthorised use of this program
       will be moved unseen to /dev/null.

Marco van Berkum               2.15                             3


RTFINTRO
--------

Hackbot started in August 2001 as an attempt to write a CGI
scanner in PERL, just to see how far I could come. That 
worked after some while (with a lot of bugs :)). So I 
decided to add some more functionality, like bannergrabbing
and Anonymous FTP login check. The structure of Hackbot 1
was very different from the current version. It had no 
CGI database, instead it was all built in. Also some stupid
bugs that I didn't discover yet where present in Hackbot 1.
Thats one of the reasons why I started Hackbot 2 . 
Another reason to start Hackbot 2 was to 
make it easier to edit CGI's and have information about 
exploits and links to advisories. So I created the database.

Hackbot 2 was much better than Hackbot 1, so I removed 
Hackbot 1 from my website. With Hackbot 2 I also found some
developers and betatesters who like to give suggestions and
program add-ons. Also it was added to freshmeat as project
and a mailinglist was started.


RTFFAQ
------
Q: why doesn't hackbot work?
A: because you're dumb.

Q: Why is it written in PERL?
A: Why not?

Q: Does Hackbot run on windows?
A: yes, if you install cygwin and perl it works.

Q: Does Hackbot have stealth options ? 
A: No, its not kiddieware(tm).

Q: Why does hackbot say my server has relaying enabled?
A: stop scanning localhost sucker :)

Q: a/s/l ?
A: 28/Male/The Hague, The Netherlands.

Q: I want to become developer, is that possible?
A: RTFLSTINF.

Q: Does Hackbot contain non standard modules?
A: NO.

Q: Can I Distribute Hackbot to my friends?
A: RTFLICENSE.

Q: Can I bug you about an intruder scanning me with your tool?
A: RTFDISCLAIMER.

Q: Can I report a bug?
A: RTFBUGRPT.

Q: I have a question that's not in this FAQ, can I ask it?
A: RTFCONTACTINF.

Q: Do you have a social life?
A: NO.

Q: foo?
A: bar


RTFINST
-------
Type 'make' to install Hackbot.


RTFLSTINF
---------
Hackbot has a mailinglist you can subscribe to.
The list is meant for developers, betatesters and for people
who just like to be informed about next releases and for 
making suggestions to the developers. If you want to develop 
also read developer_guidelines.txt.

To subscribe to the mailinglist you send an email to 
majordomo@ws.obit.nl with 'subscribe hackbot' in the BODY,
without subject and without signature. You'll be instructed
then how to proceed.

It is a restricted mailinglist and subscriptions need approval.


RTFCONTACTINF
-------------
Marco van Berkum          - m.v.berkum@obit.nl
Website                   - http://ws.obit.nl
Mailinglist               - majordomo@ws.obit.nl
Project page              - http://freshmeat.net/projects/hackbot/
Project maintainerpage    - http://freshmeat.net/~marcovberkum/
Online manual             - http://ws.obit.nl/hackbot/manpage.html
Online documentation file - http://ws.obit.nl/hackbot/documentation.txt
Fingerprint submissions	  - fingerprint@obit.nl
OpenBSD portmaintainer    - herman@ofzo.nl
NetBSD portmaintainer     - nk@atki.net
Gentoo portmaintainer     - foobar@obit.nl
Debian portmaintainer     - garde@benben.com

RTFBUGRPT
---------
Bugs that are NOT in the KNOWN_BUGS file (RTFKNWNBGS) can be reported 
to m.v.berkum@obit.nl


RTFSRC
------
A lot of questions can be answered just by reading the source.


RTFNWS
------
RTFCONTACTINF, RTFLSTINF, RFFRESHMEAT.


RFFRESHMEAT
-----------
Hackbot is a Freshmeat Open Source project, for more information
RTFCONTACTINF.


RTFMIRRORINF
------------
The hackbot project currently has 3 sourcepackage locations

http://ws.obit.nl/hackbot/
http://www.xs4all.nl/~mvberkum/hackbot/
http://webs.uolsinectis.com.ar/gbarosio/hackbot/

Thanks to Guido Barosio for setting up the a mirror.

If you want to donate a mirrorlocation please drop me an email


RTFPORTINF
----------
Hackbot ports are available for the following systems:

OpenBSD
Maintainer: Herman Poortermans
Email: herman@ofzo.nl

NetBSD
Maintainer: Niilo Kajander
Email: nk@atki.net

Debian
Maintainer: Michiel van de Garde 
Email: garde@benben.com

Gentoo
Maintainer: Martijn Mooijman
Email: foobar@obit.nl

If you want to become a portmaintainer of a system that is not in this
list yet drop me an email (m.v.berkum@obit.nl).

RTFKNWNBGS
----------
Known bugs are placed in the KNOWN_BUGS file.


RTFLICENSE
----------
Hackbot is licensed under the LGPL  License,  see  LICENSE for more information.


RTFDISCLAIMER
-------------
The author of this program _CANNOT_ be held responsible for any
illegal scanning activities initiated by an user or unauthorised
party. This program is meant as tool to determine your OWN network
security. Any unauthorised probes with this program should be reported
to local authorities and/or to the attacker himself. Complaints to my
address regarding the unauthorised use of this program will be moved
unseen to /dev/null.
