h
p
i
ng
wiki
HOME
-
RECENT CHANGES
-
CONTACTS
-
DOWNLOAD
-
ANTIREZ
-
TCL BOOK
Differences for page
What's hping
Current version compared with version
Thu Feb 23 18:35:39 GMT 2006
...
-
- Aren't you afraid that some freak will f**k up your pages??? Nick.
+
The following is the old page content
since version 3, that's now in alpha stage, hping is trying to not be just a little tool but to become a framework for scripting related to [TCP/IP] testing and security. [hping3] continues to be command-line compatible with [hping2], but integrates two main new things: the first is an engine called [APD] that is able to translate simple packet descriptions in the form of strings into a packet ready to be sent, and the reverse (generate the representation from a real packet). The second is the [Tcl] scripting language. So you can imagine hping3 as a scriptable TCP/IP stack. The following is a very little hping3 script that may help demonstrate the usage philosophy:: set srcaddr 192.168.1.5 foreach destaddr {1.2.3.4 100.101.102.103} { foreach ttl {1 2 3 4} { hping send "ip(saddr=$srcaddr,daddr=$destaddr,ttl=$ttl)+icmp(type=8,code=0,id=5,seq=10)+data(str=[string repeat X 28])" } } This script will send an [ICMP] echo request from 192.168.1.5 for every ttl value of 1,2,3,4 to the two target hosts 1.2.3.4 and 100.101.102.103. There is already much more than this (like the [hping recv] command that is able to do the reverse, reading packets in form of strings), but the key idea of hping is: To make [TCP/IP] hacking trivial, so that researchers can focus on searching interesting protocol problems and make internet more secure instead to spend a lot of time rewriting again and again the same low level, hard to debug, non interactive [C] code. ===hping2 was used (in the past) to...=== -> Traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities. -> Perform the [idle scan] (now implemented in [nmap] with an easy user interface). -> Test firewalling rules. -> Test [IDS]es. -> Exploit known vulnerabilties of [TCP/IP] stacks. -> Networking research. -> Learn [TCP/IP] (hping was used in networking courses AFAIK). ===hping3 should be used to...=== -> Write real applications related to [TCP/IP] testing and security. -> Automated firewalling tests. -> Proof of concept exploits. -> Networking and security research when there is the need to emulate complex [TCP/IP] behaviour. -> Prototype [IDS] systems. -> Simple to use networking utilities with Tk interface. -> All the usage of hping2 See Also: [hping3 API] Aren't you afraid that some freak will f**k up your pages??? Nick.
Copyright (C) 2004 Salvatore Sanfilippo - Powered by
YakuWiki
and
Tcl/Tk