hping wiki
HOME - RECENT CHANGES - CONTACTS - DOWNLOAD - ANTIREZ - TCL BOOK

What's hping


since version 3, that's now in alpha stage, hping is trying to not be just a little tool but to become a framework for scripting related to TCP/IP testing and security. hping3 continues to be command-line compatible with hping2, but integrates two main new things: the first is an engine called APD that is able to translate simple packet descriptions in the form of strings into a packet ready to be sent, and the reverse (generate the representation from a real packet). The second is the Tcl scripting language. So you can imagine hping3 as a scriptable TCP/IP stack.
The following is a very little hping3 script that may help demonstrate the usage philosophy:: 
set srcaddr 192.168.1.5
foreach destaddr {1.2.3.4 100.101.102.103} {
    foreach ttl {1 2 3 4} {
    hping send "ip(saddr=$srcaddr,daddr=$destaddr,ttl=$ttl)+icmp(type=8,code=0,id=5,seq=10)+data(str=[string repeat X 28])"
    }
}
This script will send an ICMP echo request from 192.168.1.5 for every ttl value of 1,2,3,4 to the two target hosts 1.2.3.4 and 100.101.102.103. There is already much more than this (like the hping recv command that is able to do the reverse, reading packets in form of strings), but the key idea of hping is:

To make TCP/IP hacking trivial, so that researchers can focus on searching interesting protocol problems and make internet more secure instead to spend a lot of time rewriting again and again the same low level, hard to debug, non interactive C code.
hping2 was used (in the past) to...
  • Traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities.
  • Perform the idle scan (now implemented in nmap with an easy user interface).
  • Test firewalling rules.
  • Test IDSes.
  • Exploit known vulnerabilties of TCP/IP stacks.
  • Networking research.
  • Learn TCP/IP (hping was used in networking courses AFAIK).
hping3 should be used to...
  • Write real applications related to TCP/IP testing and security.
  • Automated firewalling tests.
  • Proof of concept exploits.
  • Networking and security research when there is the need to emulate complex TCP/IP behaviour.
  • Prototype IDS systems.
  • Simple to use networking utilities with Tk interface.
  • All the usage of hping2

See Also: hping3 API
 
Recently accessed pages
Hping2 Win32 Version
Home
ICMP
Cygwin
WinPCap
How to add an image in a wiki page
Download
External tutorials and articles
Win32
Windows
GetIpTtl
Good security tools
Idle scan
IPv4
Gif LZW encoding and Mandelbrot in pure Tcl
 
Edit this page Upload file Page history - Page last update: Thu Mar 02 13:05:20 GMT 2006 by 129.177.32.22 | Your address: 18.217.208.72 | Admin
Copyright (C) 2004 Salvatore Sanfilippo - Powered by YakuWiki and Tcl/Tk