nmapbot: using instant messaging as a remote administration tool

• Previous message: Hugo Fortier: "Re: Wireless Pentest using an iPaq"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 05 Oct 2004 01:06:43 -0400
To: pen-test@securityfocus.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've created a small proof of concept named "nmapbot" that shows it is
possible to use instant messaging as a platform for remote command and
control of computer systems.

Purpose:
- --------
To create a semi-intelligent security bot that uses instant messaging as
a platform for receiving commands and returning results.

Method:
- -------
Using Python, the AOL TOC protocol, Bayesian language processing, and
nmap 3.70, I hacked together a little bot that can run nmap and ping.
Future editions will include additional commands =)

Security pundits have been promoting the idea that IM is unsafe for
several years...

nmapbot provides some new considerations to an old idea -- using
ordinarily legitimate communication channels for unintended purposes.

The nmapbot rests squarely on the shoulders of python and projects such
as Py-AIML, AIMLBayes, GrokItBot, and Reverend. Many thanks to fyodor
et al. for the excellent tool suite in nmap 3.70.

If you are interested, you can find source code and documentation for
nmap bot at:
http://www.sharp-ideas.net

Cheers,
Abe Usher, CISSP

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBYivjT3X9miqOcSQRAnMcAJ9R5g/O4LJHo+qrtixtWISFact67wCghLt7
+hbo7jgInQx3IqMIOad0k8c=
=EwQ3
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Internet Security Systems. - Keeping You Ahead of the Threat

When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology.

http://www.securityfocus.com/sponsor/ISS_pen-test_041001
-------------------------------------------------------------------------------

• Previous message: Hugo Fortier: "Re: Wireless Pentest using an iPaq"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [fw-wiz] nmapbot: using instant messaging as a remote administration tool ... I've created a small proof of concept named "nmapbot" that shows it is ... a platform for receiving commands and returning results. ... nmap 3.70, I hacked together a little bot that can run nmap and ping. ... (Firewall-Wizards) nmapbot: using instant messaging as a remote administration tool ... I've created a small proof of concept named "nmapbot" that shows it is ... a platform for receiving commands and returning results. ... nmap 3.70, I hacked together a little bot that can run nmap and ping. ... (NT-Bugtraq) nmapbot: using instant messaging as platform for running remote system commands ... I've created a small proof of concept named "nmapbot" that shows it is ... a platform for receiving commands and returning results. ... nmap 3.70, I hacked together a little bot that can run nmap and ping. ... (Vuln-Dev) [Full-Disclosure] nmapbot: using instant messaging as a remote administration tool ... To create a semi-intelligent security bot that uses instant messaging as ... a platform for receiving commands and returning results. ... nmap 3.70, I hacked together a little bot that can run nmap and ping. ... (Full-Disclosure)