hping wiki

Differences for page Getting started with hping3

Current version compared with version Mon Sep 19 08:40:13 GMT 2005

...
  
  {Important Note:} to get the best of hping3 you should learn some basic Tcl programming. To make the
  task more simple I'm writing a book about Tcl programming, the first nine chapters (all you need
- to start with Tcl IMHO) are *online for free* here: [link http://www.invece.org/tclwise/].
+ to start with Tcl IMHO) are *online for free* here: [link http://www.invece.org/tclwise/].  
  
- 
  ===First steps===
  
  
...
  
  The *hping* command should be called with a subcommand as a first argument (*resolve* in the example)
  and additional arguments according to the particular subcommand.
- The [hping resolve] command is used to convert an hostname in an [IP address].
+ The [hping resolve] command is used to convert a hostname to an [IP address].
  
  
  Ok, that's the basic usage. Now we can start to try more advanced commands (you can find
...
  
  
  This command means "send an ICMP echo request packet to 192.168.1.8". Many details of
- the packet can be omitted. For example we didn't specifie our source address (that will
+ the packet can be omitted. For example we didn't specify our source address (that will
  default to the real source address of the sender, the one of the outgoing interface),
  nor the IP or ICMP checksum. hping will compute them for us.
  
...
  Our ICMP packet reached the destination, that kindly replied with an ICMP echo reply
  packet.
  
- It's better to recall for a second the previuos command, to analyze it better:
+ It's better to recall for a second the previous command, to analyze it better:
  
  hping3.0.0-alpha-1> {hping send \{ip(daddr=192.168.1.8)+icmp(type=8,code=0)\}}
  
...
  As you can see, there are \{ and \} surrounding the packet description. This is required by
  [Tcl] in order to quote the string so that special characters will not be interpreted.
- To quote with \{\} in Tcl is just like to quote with "" in most other languages, with the
+ Quoting with \{\} in Tcl is just like to quote with "" in most other languages, with the
  difference that no escapes are recognized inside \{\} quoting.
  
  The second thing to note is the format we used to describe the packet. That's called
...
  is a simple way to figure how to generate a given packet, because hping3 use this
  format to send packets, but also to receive packets as we will see in a moment.
  
- 
  ===Tcl inside===
  
  Before to show how it's possible to receive packets, I want to stress the fact that we are
...
  text editor, and then run it using hping:
  
   # hping exec foo.htcl
+ - Cut&paste it into the hping interactive shell also works well.
  
- But note that to just cut&paste it into the hping interactive shell also works well.
- It's important to note that this time we used "" quoting for the packet
- description, because we are using *$i* in order to have the *i* variable
- expanded as ttl value for every *foreach* iteration.
+ Note that because this example uses a variable *i* to increment the ttl value on every iteration 
+ of the *foreach*, we used "" rather than \{\} quoting so that *$i* would be expanded to the value of *i*.
  
  
  I think it's clear now that in order to make a good use of [hping3] you need to learn the Tcl
...
  
  ===Packet reception===
  
- Another very imporant subcommand of hping is [hping recv], that is used to
+ Another very important subcommand of hping is [hping recv], that is used to
  capture packets from the specified interface. The simplest usage is the following:
  
  
...
  `Because the received packet description is too long I added newlines quoted with \\, but actually hping will read the packet as a unique string.`
  
  
- [hping recv] returns a Tcl list, where every element is a packet (but for default
+ [hping recv] returns a Tcl list, where every element is a packet (but by default
  it will be just one-element list).
  
  
...
  
  If you don't want [hping recv] to block forever, you can specify an additional
  argument. One more argument will tell hping the max number of packets to return in
- a single call. To know the details please check the [hping recv] page in this wiki.
+ a single call. To learn the details please check the [hping recv] page in this wiki.
  
  
  Note that the command always returns a Tcl list of packets, even when just one packet
...
   }
  
  
- The first like is just a *while* loop that will repeat forever the script provided as second argument.
- the second line, {set p \[lindex \[hping recv eth0\] 0\]} gets the next packet, the *lindex* command
+ The first line is just a *while* loop that will repeat the script provided as second argument forever.
+ The second line, {set p \[lindex \[hping recv eth0\] 0\]} gets the next packet, the *lindex* command
  is used to extract the packet from the Tcl list (and the 0 argument tells lindex to get the first packet).
  
  
...
  [img http://www.hping.org/hping3/linux.jpg]
  
  
- 
  While that's what I get with Windows 2000:
  
  [img http://www.hping.org/hping3/win.jpg]
...
  
+ 
  `To appreaciate the real difference about the two OSes note the scale indication in the pictures.`
  
  
...

The following is the old page content