zoukankan      html  css  js  c++  java
  • hping

    hping

     

    What is hping ?

         Hping is a command-line oriented TCP/IP packet crafter.

         HPING can be used to create IP packets containing TCP, UDP or ICMP payloads.

          All header fields can be modified and controlled using the command line.

         A good understanding of IP and TCP/UDP is mandatory to use and understand the utility.

    What can hping do?

         Firewall testing

         Advanced port scanning

         Network testing, using different protocols, TOS, fragmentation

         Manual path MTU discovery

         Advanced traceroute, under all the supported protocols

         Remote OS fingerprinting

         Remote uptime guessing

         TCP/IP stacks auditing

         hping can also be useful to students that are learning TCP/IP.

    Help for hping

    # hping -h

    usage: hping host [options]

     

    Help for hping    --- Mode

     

    default mode     TCP

      -0  --rawip      RAW IP mode

      -1  --icmp       ICMP mode

      -2  --udp        UDP mode

      -9  --listen     listen mode

    Help for hping    --- IP

    -a  --spoof      spoof source address         -t  --ttl        ttl (default 64)

    -W  --winid      use win* id byte ordering  -N  --id         id (default random)

    -y  --dontfrag   set dont fragment flag     -r  --rel        relativize id field

    -f  --frag       split packets in more frag 

    -x  --morefrag   set more fragments flag

    -g  --fragoff    set the fragment offset

    -m  --mtu        set virtual mtu, implies --frag if packet size > mtu

    -o  --tos        type of service (default 0x00), try --tos help

    -G  --rroute     includes RECORD_ROUTE option and display the route buffer

    -H  --ipproto    set the IP protocol field, only in RAW IP mode

    Help for hping    --- ICMP

     

    -C  --icmptype   icmp type (default echo request)

    -K  --icmpcode   icmp code (default 0)

          --icmp-ts    Alias for --icmp --icmptype 13 (ICMP timestamp)

          --icmp-addr  Alias for --icmp --icmptype 17 (ICMP address subnet mask)

          --icmp-help  display help for others icmp options

    Help for hping    --- UDP/TCP

    -s  --baseport   base source port             (default random)

    -p  --destport   [+][+]<port> destination port(default 0) ctrl+z inc/dec

    -k  --keep       keep still source port

    -w  --win        winsize (default 64)

    -O  --tcpoff     set fake tcp data offset     (instead of tcphdrlen / 4)

    -Q  --seqnum     shows only tcp sequence number

    -b  --badcksum   (try to) send packets with a bad IP checksum

                       many systems will fix the IP checksum sending the packet

                       so you'll get bad UDP/TCP checksum instead.

    Help for hping    --- UDP/TCP

      -M  --setseq     set TCP sequence number

      -L  --setack     set TCP ack

      -F  --fin        set FIN flag

      -S  --syn        set SYN flag

      -R  --rst        set RST flag

      -P  --push       set PUSH flag

      -A  --ack        set ACK flag

      -U  --urg        set URG flag

      -X  --xmas       set X unused flag (0x40)

      -Y  --ymas       set Y unused flag (0x80)

      --tcpexitcode    use last tcp->th_flags as exit code

      --tcp-timestamp  enable the TCP timestamp option to guess the HZ/uptime

    Help for hping    --- Common

      -d  --data       data size                    (default is 0)

      -E  --file       data from file

      -e  --sign       add 'signature'

      -j  --dump       dump packets in hex

      -J  --print      dump printable characters

      -B  --safe       enable 'safe' protocol

      -u  --end        tell you when --file reached EOF and prevent rewind

      -T  --traceroute traceroute mode          (implies --bind and --ttl 1)

      --tr-stop        Exit when receive the first not ICMP in traceroute mode

      --tr-keep-ttl    Keep the source TTL fixed, useful to monitor just one hop

      --tr-no-rtt       Don't calculate/show RTT information in traceroute mode

    IP Spoofing

     

    # hping -a 172.27.20.100 -1 192.168.100.205

    HPING 192.168.100.205 (hme0 192.168.100.205): icmp mode set, 28 headers + 0 data bytes

    46 bytes from 192.168.100.205: icmp_seq=0 ttl=127 id=20484 rtt=2.0 ms

    46 bytes from 192.168.100.205: icmp_seq=1 ttl=127 id=20485 rtt=1.7 ms

    46 bytes from 192.168.100.205: icmp_seq=2 ttl=127 id=20486 rtt=1.8 ms

    ^C

    --- 192.168.100.205 hping statistic ---

    3 packets tramitted, 3 packets received, 0% packet loss

    round-trip min/avg/max = 1.7/1.8/2.0 ms

    #

    Note: This do not works in windows XP SP2

    Syn flood --- src port differ

     

    # hping 192.168.100.205 -S -p 80

    HPING 192.168.100.205 (hme0 192.168.100.205): S set, 40 headers + 0 data bytes

    len=46 ip=192.168.100.205 flags=RA seq=0 ttl=127 id=20345 win=0 rtt=2.4 ms

    len=46 ip=192.168.100.205 flags=RA seq=1 ttl=127 id=20346 win=0 rtt=1.0 ms

    len=46 ip=192.168.100.205 flags=RA seq=2 ttl=127 id=20347 win=0 rtt=0.9 ms

    len=46 ip=192.168.100.205 flags=RA seq=3 ttl=127 id=20348 win=0 rtt=1.0 ms

    len=46 ip=192.168.100.205 flags=RA seq=4 ttl=127 id=20350 win=0 rtt=1.0 ms

    len=46 ip=192.168.100.205 flags=RA seq=5 ttl=127 id=20351 win=0 rtt=0.9 ms

    ^C

    --- 192.168.100.205 hping statistic ---

    6 packets tramitted, 6 packets received, 0% packet loss

    round-trip min/avg/max = 0.9/1.2/2.4 ms

    Syn packets --- duplicated syn packets

     

    d:\>hping 192.168.1.1 -S -k -p 80

    HPING 192.168.1.1 (eth0 192.168.1.1): S set, 40 headers + 0 data bytes

    len=65543 ip=192.168.1.1 ttl=64 id=11924 sport=80 flags=SA seq=0 win=8192 rtt=10.0 ms

    DUP! len=65543 ip=192.168.1.1 ttl=64 id=11925 sport=80 flags=SA seq=0 win=8192 rtt=1001.0 ms

    DUP! len=65543 ip=192.168.1.1 ttl=64 id=11926 sport=80 flags=SA seq=0 win=8192 rtt=2002.0 ms

    DUP! len=65543 ip=192.168.1.1 ttl=64 id=11927 sport=80 flags=SA seq=0 win=8192 rtt=3004.0 ms

     

    --- 192.168.1.1 hping statistic ---

    4 packets tramitted, 4 packets received, 0% packet loss

    round-trip min/avg/max = 10.0/1504.2/3004.0 ms

    Packets with payload

    d:\partner\hping>cat payload.txt

    This is testing payload for hping!!!

     

    d:\partner\hping>hping 192.168.1.1 -1 -d 100 -E payload.txt

     

    Hping --- Resource

     

     

     

  • 相关阅读:
    【sqli-labs】 less23 Error based
    【sqli-labs】 less22 Cookie Injection- Error Based- Double Quotes
    【sqli-labs】 less21 Cookie Injection- Error Based- complex
    【sqli-labs】 less20 POST
    【sqli-labs】 less19 POST
    【sqli-labs】 less18 POST
    【sqli-labs】 less17 POST
    【sqli-labs】 less16 POST
    【sqli-labs】 less15 POST
    nginx.conf(centos7 1.14)主配置文件修改
  • 原文地址:https://www.cnblogs.com/swordzj/p/2428351.html
Copyright © 2011-2022 走看看