Hping3: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 18: | Zeile 18: | ||
=ACK Ping= | =ACK Ping= | ||
*hping3 192.168.244.52 -A -p 80 | *hping3 192.168.244.52 -A -p 80 | ||
| − | ACK Flag: -A | + | ACK Flag: -A |
| + | =Scan= | ||
| + | *hping3 -8 1-1000 -S bortus.tuxmen.de | ||
| + | <pre> | ||
| + | Scanning bortus.tuxmen.de (94.130.248.217), port 1-1000 | ||
| + | 1000 ports to scan, use -V to see all the replies | ||
| + | +----+-----------+---------+---+-----+-----+-----+ | ||
| + | |port| serv name | flags |ttl| id | win | len | | ||
| + | +----+-----------+---------+---+-----+-----+-----+ | ||
| + | 21 ftp : .S..A... 64 0 29200 44 | ||
| + | 22 ssh : .S..A... 64 0 29200 44 | ||
| + | 80 http : .S..A... 64 0 29200 44 | ||
| + | 139 netbios-ssn: .S..A... 64 0 29200 44 | ||
| + | 389 ldap : .S..A... 64 0 29200 44 | ||
| + | 443 https : .S..A... 64 0 29200 44 | ||
| + | 445 microsoft-d: .S..A... 64 0 29200 44 | ||
| + | 636 ldaps : .S..A... 64 0 29200 44 | ||
| + | All replies received. Done. | ||
| + | Not responding ports: | ||
| + | </pre> | ||
| + | |||
=gespoofte IP= | =gespoofte IP= | ||
*hping3 192.168.244.52 -S -p 80 -a 192.168.244.156 | *hping3 192.168.244.52 -S -p 80 -a 192.168.244.156 | ||
Version vom 13. November 2018, 17:22 Uhr
Install
- apt-get install hping3
PING auf port 0
- hping3 192.168.244.52
SYN Ping
- hping3 192.168.244.52 -S -p 80 -w 2000 -d 1500 --fast
SYN tcp flag: -S Port 80: -p 80 TCP Window: -w 2000 Data Size: -d 1500 10Packets/s: --fast
SYN PUSH Ping
- hping3 192.168.244.52 -S -P -p 80
Push Flag: -P
ACK Ping
- hping3 192.168.244.52 -A -p 80
ACK Flag: -A
Scan
- hping3 -8 1-1000 -S bortus.tuxmen.de
Scanning bortus.tuxmen.de (94.130.248.217), port 1-1000 1000 ports to scan, use -V to see all the replies +----+-----------+---------+---+-----+-----+-----+ |port| serv name | flags |ttl| id | win | len | +----+-----------+---------+---+-----+-----+-----+ 21 ftp : .S..A... 64 0 29200 44 22 ssh : .S..A... 64 0 29200 44 80 http : .S..A... 64 0 29200 44 139 netbios-ssn: .S..A... 64 0 29200 44 389 ldap : .S..A... 64 0 29200 44 443 https : .S..A... 64 0 29200 44 445 microsoft-d: .S..A... 64 0 29200 44 636 ldaps : .S..A... 64 0 29200 44 All replies received. Done. Not responding ports:
gespoofte IP
- hping3 192.168.244.52 -S -p 80 -a 192.168.244.156
SYN flooding
- hping3 -S 192.168.244.52 -a 192.168.244.10 -p 631 --flood
Pakete in Verbindung schicken
kann man in Verbindung mit ARP Spoofing benutzen
- Versuchsaufbau
- server: tac
- client: cardassia
fenster server
- starten eines tcp server auf port 2020
root@tac:~# nc -lp 2020
fenster client eins
- tcpdump
cardassia ~ # tcpdump -ni lan -S port 2020 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lan, link-type EN10MB (Ethernet), capture size 65535 bytes
fenster client zwei
- client
thomas.will@cardassia ~ $ nc 192.168.244.52 2020
fenster client eins
cardassia ~ # tcpdump -ni lan -S port 2020 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lan, link-type EN10MB (Ethernet), capture size 65535 bytes 15:26:44.663526 IP 192.168.244.1.58257 > 192.168.244.52.2020: Flags [S], seq 1758983238, win 29200, options [mss 1460,sackOK,TS val 2268763 ecr 0,nop,wscale 7], length 0 15:26:44.663980 IP 192.168.244.52.2020 > 192.168.244.1.58257: Flags [S.], seq 963043879, ack 1758983239, win 28960, options [mss 1460,sackOK,TS val 193210349 ecr 2268763,nop,wscale 7], length 0 15:26:44.664035 IP 192.168.244.1.58257 > 192.168.244.52.2020: Flags [.], ack 963043880, win 229, options [nop,nop,TS val 2268763 ecr 193210349], length 0
fenster client drei
datei erstellen 10 bytes mit Umbruch
cardassia ~ # echo "hallo tux" > data.dat cardassia ~ # hping3 -s 58257 -p 2020 -A -d 10 -E data.dat -c 1 -M 1758983239 -L 963043880 192.168.244.52