Friday, January 24, 2020

Network Scanning - UDP and TCP Packet Crafting Techniques using HPING3


In network scanning, your first procedure will be to scan the target network to determine all possible open ports, live hosts, and services running. Knowledge of packet crafting techniques may help you to scan the network beyond the firewall or IDS.

First go to Windows 10 machine and Navigate to Start --> All Apps and click Wireshark to launch the application.




Wireshark main window appears as shown in the screenshot. Double-click the Ethernet interface to start capturing packets.


Wireshark starts capturing the traffic on the Ethernet interface.



Now go to Kali Linux machine




In the Username field type root and click Next.


1.     In the Password field type toor and click Sign In


Open a command terminal and type hping3 -c 3 10.10.10.10 and press Enter.
Here, -c 3 means that we only want to send three packets to the target machine


Here, --scan parameter defines the port range to scan and –S represents SYN flag.



To perform UDP packet crafting, type hping3 10.10.10.10 --udp --rand-source --data 500 and press Enter.



Switch to the Windows 10 machine, click Windows 10. Click any UDP packet to see the packet details. In the packet details pane, expand the Data section to view the data size of the packet.


Click the Restart Packet Capturing icon from the menu bar and click Continue Without Saving button in Unsaved packets… pop-up.


Switch to the Kali Linux machine, click Kali linux, and send a TCP SYN request to the target machine, type hping3 -S 10.10.10.10 -p 80 -c 5 and press Enter.
-S will perform TCP SYN request on the target machine, -p will pass the traffic through which port is assigned, and -c is the count of the packets sent to the Target machine.


Switch to the Windows 10 machine, click Windows 10 and observe the TCP packets captured via Wireshark.


Switch to the Kali Linux machine, click Kali linux and type hping3 10.10.10.10 --flood and press Enter.

2.     Switch to the Windows 10 machine, click Windows 10 and observe the Wireshark window, which displays the TCP packet flooding from the attacker machine.
Stop the packet capture after a while


Double-click the TCP packet stream to observe the TCP packet information. The TCP Packet stream displays the complete information of TCP packet transmitted to the attacker machine and received packets.




-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Ping Command

Using #pingcommand utility to find #ipaddress of a target #domain , Find the maximum network frame size and emulate the #tracert. #C...