Đóng giả gói tin

onhamotminh — GMT

Công cụ Hping tài liệu sưu tầm được hping2 - send (almost) arbitrary TCP/IP packets to network hosts Synopsis hping2 [ -hvnqVDzZ012WrfxykQbFSRPAUXYjJBuTG ] [ -c count ] [ -i wait ] [ --fast ] [ -I interface ] [ -9 signature ] [ -a host ] [ -t ttl ] [ -N ip id ] [ -H ip protocol ] [ -g fragoff ] [ -m mtu ] [ -o tos ] [ -C icmp type ] [ -K icmp code ] [ -s source port ] [ -p[+][+] dest port ] [ -w tcp window ] [ -O tcp offset ] [ -M tcp sequence number ] [ -L tcp ack ] [ -d data size ] [ -E filename ] [ -e signature ] [ --icmp-ipver version ] [ --icmp-iphlen length ] [ --icmp-iplen length ] [ --icmp-ipid id ] [ --icmp-ipproto protocol ] [ --icmp-cksum checksum ] [ --icmp-ts ] [ --icmp-addr ] [ --tcpexitcode ] [ --tcp-timestamp ] [ --tr-stop ] [ --tr-keep-ttl ] [ --tr-no-rtt ] hostname Base Options -h --help Show an help screen on standard output, so you can pipe to less. -v --version Show version information and API used to access to data link layer, linux sock packet or libpcap -c --count count Stop after sending (and receiving) count response packets. After last packet was send hping2 wait COUNTREACHED_TIMEOUT seconds target host replies. You are able to tune COUNTREACHED_TIMEOUT editing hping2.h -i --interval Wait the specified number of seconds or micro seconds between sending each packet. --interval X set wait to X seconds, --interval uX set wait to X micro seconds. The default is to wait one second between each packet. Using hping2 to transfer files tune this option is really important in order to increase transfer rate. Even using hping2 to perform idle/spoofing scanning you should tune this option, see HPING2-HOWTO for more information. --fast Alias for -i u10000. Hping will send 10 packets for second. -n --numeric Numeric output only, No attempt will be made to lookup symbolic names for host addresses. -q --quiet Quiet output. Nothing is displayed except the summary lines at startup time and when finished. -I --interface interface name By default on linux and BSD systems hping2 uses default routing interface. In other systems or when there is no default route hping2 uses the first non-loopback interface. However you are able to force hping2 to use the interface you need using this option. Note: you don't need to specify the whole name, for example -I et will match eth0 ethernet0 myet1 et cetera. If no interfaces match hping2 will try to use lo. -V --verbose Enable verbose output. TCP replies will be shown as follows: len=46 ip=192.168.1.1 flags=RA DF seq=0 ttl=255 id=0 win=0 rtt=0.4 ms tos=0 iplen=40 seq=0 ack=1380893504 sum=2010 urp=0 -z --bind bind CTRL+Z to time to live (TTL) so you will able to increment/decrement ttl of outgoing packets pressing CTRL+Z once or twice. -Z --unbind unbind CTRL+Z so you will able to stop hping2 Protocol Selection Default protocol is TCP, by default hping2 will send tcp headers to target host's port 0 with a winsize of 64 without any tcp flag on. Often this is the best way to do an 'hide ping', useful when target is behind a firewall that drop ICMP. Moreover a tcp null-flag to port 0 has a good probability of not being logged. -0 --rawip RAW IP mode, in this mode hping2 will send IP header with data appended with --signature and/or --file, see also --ipproto that allows you to set the ip protocol field. -1 --icmp ICMP mode, by default hping2 will send ICMP echo-request, you can set other ICMP type/code using --icmptype --icmpcode options. -2 --udp UDP mode, by default hping2 will send udp to target host's port 0. UDP header tunable options are the following: --baseport, --destport, --keep. -9 --listen signature HPING2 listen mode, using this option hping2 waits for packet that contain signature and dump from signature end to packet's end. For example if hping2 --listen TEST reads a packet that contain 234-09sdflkjs45-TESThello_world it will display hello_world. Ip Related Options -a --spoof hostname Use this option in order to set a fake IP source address, this option ensures that target will not gain your real address. However replies will be sent to spoofed address, so you will can't see them. In order to see how it's possible to perform spoofed/idle scanning see the HPING2-HOWTO. -t --ttl time to live Using this option you can set TTL (time to live) of outgoing packets, it's likely that you will use this with --traceroute or --bind options. If in doubt try ` hping2 some.host.com -t 1 --traceroute '. -N --id Set ip->id field. Default id is random but if fragmentation is turned on and id isn't specified it will be getpid() & 0xFF , to implement a better solution is in TODO list. -H --ipproto Set the ip protocol in RAW IP mode. -W --winid Windows* id has different byte ordering, if this option is enable hping2 will properly display windows reply ids. -r --rel Display id increments instead of id. See the HPING2-HOWTO for more information. Increments aren't computed as id[N]-id[N-1] but using packet loss compensation. See relid.c for more information. -f --frag Split packets in more fragments, this may be useful in order to test IP stacks fragmentation performance and to test if some packet filter is so weak that can be passed using tiny fragments (anachronistic). Default 'virtual mtu' is 16 bytes. see also --mtu option. -x --morefrag Set more fragments IP flag, use this option if you want that target host send an ICMP time-exceeded during reassembly. -y --dontfrag Set don't fragment IP flag, this can be used to perform MTU path discovery. -g --fragoff fragment offset value Set the fragment offset -m --mtu mtu value Set different 'virtual mtu' than 16 when fragmentation is enabled. If packets size is greater that 'virtual mtu' fragmentation is automatically turned on. -o --tos hex_tos Set Type Of Service (TOS) , for more information try --tos help -G --rroute Record route. Includes the RECORD_ROUTE option in each packet sent and displays the route buffer of returned packets. Note that the IP header is only large enough for nine such routes. Many hosts ignore or discard this option. Also note that using hping you are able to use record route even if target host filter ICMP. Record route is an IP option, not an ICMP option, so you can use record route option even in TCP and UDP mode. Icmp Related Options -C --icmptype type Set icmp type, default is ICMP echo request (implies --icmp) -K --icmpcode code Set icmp code, default is 0. (implies --icmp) --icmp-ipver Set IP version of IP header contained into ICMP data, default is 4. --icmp-iphlen Set IP header length of IP header contained into ICMP data, default is 5 (5 word of 32 bits). --icmp-iplen Set IP packet length of IP header contained into ICMP data, default is the real length. --icmp-ipid Set IP id of IP header contained into ICMP data, default is random. --icmp-ipproto Set IP protocol of IP header contained into ICMP data, default is TCP. --icmp-cksum Set ICMP checksum, for default is the valid checksum. --icmp-ts Alias for --icmptype 13 (to send ICMP timestamp requests) --icmp-addr Alias for --icmptype 17 (to send ICMP address mask requests) Ymas tcp flag. Common Options -d --data data size set packet body size. Warning, using --data 40 hping2 will not generate 0 byte packets but protocol_header+40 bytes. hping2 will display packet size information as first line output, like this: HPING www.yahoo.com (ppp0 204.71.200.67): NO FLAGS are set, 40 headers + 40 data bytes -E --file filename Use filename contents to fill packet's data. -e --sign signature Fill first signature length bytes of data with signature. If signature length is bigger than data size an error message will be displayed. This option can be used safely with --file filename option, remainder data space will be filled using filename -j --dump Dump received packets in hex. -J --print Dump received packets's printable characters. -B --safe Enable safe protocol, using this option lost packets in file transfers will be resent. For example in order to send file /etc/passwd from host A to host B you may use the following: [host_a]# hping2 host_b --udp -p 53 -d 100 --sign signature --safe --file /etc/passwd [host_b]# hping2 host_a --listen signature --safe --icmp -T --traceroute Traceroute mode. Using this option hping2 will increase ttl for each ICMP time to live 0 during transit received. Try hping2 host --traceroute. This option implies --bind and --ttl 1. You can override the ttl of 1 using the --ttl option. Since 2.0.0 stable it prints RTT information.

Đóng giả gói tin

Mr.Khoai — GMT

onhamotminh wrote:

....

whats this supposed to mean??? hping2: Có vẻ như là một app để ping đến một host khác? Có diệp rãnh Khoai sẽ test

Đóng giả gói tin

enola_- — GMT

onhamotminh give the material without saying any thing??????? i don't understand what is that document talking about. can you give some short desciption about how it work and what is it for. thank

Re: Đóng giả gói tin

onhamotminh — GMT

While hping was mainly used as a security tool in the past, it can be used in many ways by people that don't care about security to test networks and hosts. A subset of the stuff you can do using hping: Firewall testing Advanced port scanning Network testing, using different protocols, TOS, fragmentation Manual path MTU discovery Advanced traceroute, under all the supported protocols Remote OS fingerprinting Remote uptime guessing TCP/IP stacks auditing hping can also be useful to students that are learning TCP/IP. Ex: you can create 3 packets ping to havaonline: hping2 -1 -c 3 hvaonline.net also can create tcp,udp.. preference : http://www.hping.org/manpage.html i also begining...

Latest posts for the topic "Đóng giả gói tin"

Đóng giả gói tin

Đóng giả gói tin

Đóng giả gói tin

Re: Đóng giả gói tin