lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <41622736.9090702@sharp-ideas.net>
From: abe.usher at sharp-ideas.net (Abe Usher)
Subject: nmapbot: using instant messaging as a remote administration tool

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've created a small proof of concept named "nmapbot" that shows it is
possible to use instant messaging as a platform for remote command and
control of computer systems.

Purpose:
- --------
To create a semi-intelligent security bot that uses instant messaging as
a platform for receiving commands and returning results.

Method:
- -------
Using Python, the AOL TOC protocol, Bayesian language processing, and
nmap 3.70, I hacked together a little bot that can run nmap and ping.
Future editions will include additional commands =)

The nmapbot rests squarely on the shoulders of python and projects such
as Py-AIML, AIMLBayes, GrokItBot, and Reverend.  Many thanks to fyodor
et al. for the excellent tool suite in nmap 3.70.

If you are interested, you can find source code and documentation for
nmap bot at:
http://www.sharp-ideas.net

Cheers,
Abe Usher, CISSP


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBYic2T3X9miqOcSQRAtLuAJ9V6yH+aHzs4tRPvVIQhu9jGuDXkQCdEUCZ
g33XB8OYyWljCuCNPr1fpe8=
=Gg0O
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ