Hping

Source

http://www.hackinmania.org/viewtopic.php?f=6&t=14

Hping is tool used by VAPT,Network professional for network scanning and crafting TCP/IP packets. Hping is tool providing testing against firewalls ,security auditing and now implemented in the one of best tool Nmap scanner available on various platforms.
Hping is command-line based TCP/IP packet assembler/analyzer.hping isn’t only able to send ICMP requests,It supports ICMP,UDP and Raw-IP protocols, also has a traceroute capability,enable to send files between covered channel.

The stuff we can do using Hping:

  • Firewall testing
  • Advanced port scanning
  • Network testing, using different protocols, TOS, fragmentation
  • Manual path MTU discovery
  • Advanced traceroute, under all the supported protocols
  • Remote OS fingerprinting
  • Remote uptime guessing
  • TCP/IP stacks auditing
  • hping can also be useful to students that are learning TCP/IP.

There are two version of Hping present in cyber world.Hping 2 and Hping 3, since version 3 which is in alpha state they are trying to not be just little tool but to make it a framework for scripting TCP/IP. Hping 3 comes with two new thing : the first is an engine called APD that is able to translate simple packet description in form of string into packet to be sent and the reverse.The second is TCL scripting language,which makes it scriptable TCP/IP stack.

hping2 was used (in the past) to…

  • Traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities.
  • Perform the idle scan (now implemented in nmap with an easy user interface).
  • Test firewalling rules.
  • Test IDSes.
  • Exploit known vulnerabilties of TCP/IP stacks.
  • Networking research.
  • Learn TCP/IP (hping was used in networking courses AFAIK).

Hping3 should be used to…

  • Write real applications related to TCP/IP testing and security.
  • Automated firewalling tests.
  • Proof of concept exploits.
  • Networking and security research when there is the need to emulate complex TCP/IP behaviour.
  • Prototype IDS systems.
  • Simple to use networking utilities with Tk interface.

USAGE

Send TCP SYN packets to port 0 on host example.com(It will automatically increment the port number by 1)
$ hping example.com -S –V

Send TCP SYN packets to port 443 on host example.com:-
$ hping example.com -S -V -p 443

Send TCP packets to port 443 on host example.com with the SYN + ACK flags set:-
$ hping example.com -S -A -V -p 443

Send TCP SYN packets every 5 seconds to port 443 on host example.com:-
$ hping example.com -S -V -p 443 -i 5

Send UDP packets to port 111 on host example.com:-
$ hping example.com --udp -V -p 111

Send UDP packets spoofed to be from source host 192.168.1.150 to host example.com:-
$ hping example.com --udp --spoof 192.168.1.150

Send UDP packets spoofed to be from various random source IP addresses to host example.com:-
$ hping example.com --udp --rand-source

Send UDP packets with the data portion padded with 100 bytes but containing the contents of payload.txt to host example.com:-
$ hping example.com -V --udp --file payload.txt --data 100

TCL

Tcl is a simple-to-learn yet very powerful language. Its syntax is described in just a dozen rules, but it has all the features needed to rapidly create useful programs in almost any field of application – on a wide variety of international platforms.

The following script will send ICMP packet to 192.168.1.8, using TTL values from 1 to 6

foreach i [list 1 2 3 4 5 6] {
hping send "ip(daddr=192.168.1.8,ttl=$i)+icmp(type=8,code=0)"
}

Thanks and Regards

(AceKapila)