ICMP & TCP PING with HPING3

HPing3 is a multiknife like tool that has the capability to accomplish many different things through the command line. HPing3 can allow you to craft network packets, sniff traffic, fingerprint hosts, transfer files, scan host, and much more. In this post I will use hping3 to ping a host using ICMP and TCP. In order to send an ICMP request to a host you'll need to use to the "-1" command. Using the "-1" command will enable hping3 to use ICMP as the protocol of choice. Additionally, you might want to limit the number of ICMP requests sent to the host. Similar to the ping command, hping3 will send requests until the application is terminated (ctrl-c) or limited by the count command, "-c". In this case we'll use "-c 3" to limit the number of requests to three.
sudo hping3 -1 -c 3 192.168.56.101
 The screenshot above shows a successufull ICMP ping and reply. However, lets assume that the administrator has now blocked ICMP requests. Using the same command as shown above our the response from the host will look different.
As you can see our packets were sent, but not accepted resulting in a 100% packet loss. Since the administrator blocked IMCP on the host, we are not able to get a response. However, we could attempt to use TCP and a TCP port to ping our host. By default hping3 commands are sent using TCP. We will use the TCP SYN flag command, "-S", to ellicit a response from the host allowing use to recieve an echo reply. We will also specify a port using the command "-p" followed by the port number, which in this case will be 135.
The screenshot above shows a successufull TCP ping and reply to port 135.

No comments

Powered by Blogger.