hping wiki



since version 3, that's now in alpha stage, hping is trying to not be just a little tool but to become a framework for scripting related to TCP/IP testing and security. hping3 continues to be command-line compatible with hping2, but integrates two main new things: the first is an engine called APD that is able to translate simple packet descriptions in the form of strings into a packet ready to be sent, and the reverse (generate the representation from a real packet). The second is the Tcl scripting language. So you can imagine hping3 as a scriptable TCP/IP stack.
The following is a very little hping3 script that may help demonstrate the usage philosophy::
set srcaddr 192.168.1.5
foreach destaddr {1.2.3.4 100.101.102.103} {
    foreach ttl {1 2 3 4} {
    hping send "ip(saddr=$srcaddr,daddr=$destaddr,ttl=$ttl)+icmp(type=8,code=0,id=5,seq=10)+data(str=[string repeat X 28])"
    }
}

This script will send an ICMP echo request from 192.168.1.5 for every ttl value of 1,2,3,4 to the two target hosts 1.2.3.4 and 100.101.102.103. There is already much more than this (like the hping recv command that is able to do the reverse, reading packets in form of strings), but the key idea of hping is:

To make TCP/IP hacking trivial, so that researchers can focus on searching interesting protocol problems and make internet more secure instead to spend a lot of time rewriting again and again the same low level, hard to debug, non interactive C code.
hping2 was used (in the past) to...
  • Traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities.
  • Perform the idle scan (now implemented in nmap with an easy user interface).
  • Test firewalling rules.
  • Test IDSes.
  • Exploit known vulnerabilties of TCP/IP stacks.
  • Networking research.
  • Learn TCP/IP (hping was used in networking courses AFAIK).
hping3 should be used to...
  • Write real applications related to TCP/IP testing and security.
  • Automated firewalling tests.
  • Proof of concept exploits.
  • Networking and security research when there is the need to emulate complex TCP/IP behaviour.
  • Prototype IDS systems.
  • Simple to use networking utilities with Tk interface.
  • All the usage of hping2

See Also: hping3 API
 
Attached files
ginda.txt6096 bytesThu Nov 02 13:19:51 GMT 2017remove file
ww.txt6092 bytesThu Nov 02 13:20:16 GMT 2017remove file
ginda.html22011 bytesThu Nov 02 13:44:01 GMT 2017remove file
Edit this page Upload file Page history - Page last update: Thu Mar 02 13:05:20 GMT 2006 by 129.177.32.22 | Your address: 54.196.201.241 | Admin