hping 설치 및 사용방법

URL: hping.org

1. 설치방법

- 다운로드

hping.org/download.php 에서 Source를 확인

# wget http://hping.org/hping2.0.0-rc3.tar.gz

- 압축해제

# tar zxvf hping2.0.0-rc3.tar.gz

- 설치

※ 압축해제한 폴더내 INSTALL을 참고하세요.

# ./configure

# make; make install

2. 사용방법

Option 정보

usage: hping host [options]

  -h  --help      show this help

  -v  --version   show version

  -c  --count     packet count

  -i  --interval  wait (uX for X microseconds, for example -i u1000)

      --fast      alias for -i u10000 (10 packets for second)

  -n  --numeric   numeric output

  -q  --quiet     quiet

  -I  --interface interface name (otherwise default routing interface)

  -V  --verbose   verbose mode

  -D  --debug     debugging info

  -z  --bind      bind ctrl+z to ttl           (default to dst port)

  -Z  --unbind    unbind ctrl+z

Mode

  default mode     TCP

  -0  --rawip      RAW IP mode

  -1  --icmp       ICMP mode

  -2  --udp        UDP mode

  -9  --listen     listen mode

IP

  -a  --spoof      spoof source address

  -t  --ttl        ttl (default 64)

  -N  --id         id (default random)

  -W  --winid      use win* id byte ordering

  -r  --rel        relativize id field          (to estimate host traffic)

  -f  --frag       split packets in more frag.  (may pass weak acl)

  -x  --morefrag   set more fragments flag

  -y  --dontfrag   set dont fragment flag

  -g  --fragoff    set the fragment offset

  -m  --mtu        set virtual mtu, implies --frag if packet size > mtu

  -o  --tos        type of service (default 0x00), try --tos help

  -G  --rroute     includes RECORD_ROUTE option and display the route buffer

  -H  --ipproto    set the IP protocol field, only in RAW IP mode

ICMP

  -C  --icmptype   icmp type (default echo request)

  -K  --icmpcode   icmp code (default 0)

      --icmp-ts    Alias for --icmp --icmptype 13 (ICMP timestamp)

      --icmp-addr  Alias for --icmp --icmptype 17 (ICMP address subnet mask)

      --icmp-help  display help for others icmp options

UDP/TCP

  -s  --baseport   base source port             (default random)

  -p  --destport   [+][+]<port> destination port(default 0) ctrl+z inc/dec

  -k  --keep       keep still source port

  -w  --win        winsize (default 64)

  -O  --tcpoff     set fake tcp data offset     (instead of tcphdrlen / 4)

  -Q  --seqnum     shows only tcp sequence number

  -b  --badcksum   (try to) send packets with a bad IP checksum

                   many systems will fix the IP checksum sending the packet

                   so you'll get bad UDP/TCP checksum instead.

  -M  --setseq     set TCP sequence number

  -L  --setack     set TCP ack

  -F  --fin        set FIN flag

  -S  --syn        set SYN flag

  -R  --rst        set RST flag

  -P  --push       set PUSH flag

  -A  --ack        set ACK flag

  -U  --urg        set URG flag

  -X  --xmas       set X unused flag (0x40)

  -Y  --ymas       set Y unused flag (0x80)

  --tcpexitcode    use last tcp->th_flags as exit code

  --tcp-timestamp  enable the TCP timestamp option to guess the HZ/uptime

Common

  -d  --data       data size                    (default is 0)

  -E  --file       data from file

  -e  --sign       add 'signature'

  -j  --dump       dump packets in hex

  -J  --print      dump printable characters

  -B  --safe       enable 'safe' protocol

  -u  --end        tell you when --file reached EOF and prevent rewind

  -T  --traceroute traceroute mode              (implies --bind and --ttl 1)

  --tr-stop        Exit when receive the first not ICMP in traceroute mode

  --tr-keep-ttl    Keep the source TTL fixed, useful to monitor just one hop

  --tr-no-rtt       Don't calculate/show RTT information in traceroute mode

예제)

- icmp flooding

# hping -1 192.168.1.1 -d 60000

- ip spoofing

# hping 192.168.1.1 -1 -a 10.10.10.10 -d 60000