hping3
sudo hping3 --scan all -S $(target)
sudo hping3 --scan known -S $(target)
Scanning 10.0.2.5 (10.0.2.5), port known
+----+-----------+---------+---+-----+-----+-----+
|port| serv name | flags |ttl| id | win | len |
+----+-----------+---------+---+-----+-----+-----+
21 ftp : .S..A... 64 0 5840 46
22 ssh : .S..A... 64 0 5840 46
23 telnet : .S..A... 64 0 5840 46
25 smtp : .S..A... 64 0 5840 46
53 domain : .S..A... 64 0 5840 46
80 http : .S..A... 64 0 5840 46
111 sunrpc : .S..A... 64 0 5840 46
139 netbios-ssn: .S..A... 64 0 5840 46
445 microsoft-d: .S..A... 64 0 5840 46
512 exec : .S..A... 64 0 5840 46
513 login : .S..A... 64 0 5840 46
514 shell : .S..A... 64 0 5840 46
1099 rmiregistry: .S..A... 64 0 5840 46
1524 ingreslock : .S..A... 64 0 5840 46
2049 nfs : .S..A... 64 0 5840 46
2121 iprop : .S..A... 64 0 5840 46
3306 mysql : .S..A... 64 0 5840 46
3632 distcc : .S..A... 64 0 5840 46
5432 postgresql : .S..A... 64 0 5840 46
6000 x11 : .S..A... 64 0 5840 46
6667 ircd : .S..A... 64 0 5840 46
6697 ircs-u : .S..A... 64 0 5840 46
All replies received. Done.
Common arguments
Argument | Description |
-c | Send a particular number of packets |
-t | The packet TTL (default 64) |
-s | Source TCP port (random by default) |
-d | Destination TCP port |
-S | Set the TCP SYN flag |
-F | Set the TCP FIN flag |
-A | Set the ACK flag |
Other
Command | Description |
sudo hping3 -1 -c 10 michalszalkowski.com | hping3 will act like an ordinary ping utility, sending ICMP-reverberation und getting ICMP-reply |
sudo hping3 --traceroute -V -1 michalszalkowski.com | hping3 will act like popular utilities like tracert (windows) or traceroute (linux) who utilizes ICMP packets expanding each time in 1 its TTL value. |
sudo hping3 -c 3 -S -p 80 10.0.2.5 | Send three TCP SYN probes to port 80 of 10.0.2.5 |
sudo hping3 -V -S -c 1 -p 80 -A michalszalkowski.com | This scan could be utilized to check whether a host is alive (when Ping is blocked). This ought to send a RST response TCP port is open. |
sudo hping3 -V -S -c 1 -p 80 -UPF michalszalkowski.com | This scan sets the succession number to zero and set the URG + PSH + FIN signals in the packet. On the off chance that the focus on gadget’s TCP port is shut, the target gadget sends a TCP RST bundle in answer. In the event that the focus on gadget’s TCP port is open, the target disposes of the TCP Xmas output, sending no answer. |
sudo hping3 -V -S -c 1 -p 80 -Y michalszalkowski.com | This scan sets the arrangement number to zero and have no flag set in the packet. On the off chance that the focus on device’s port is shut, the target device sends a TCP RST packet in answer. In the event that the target device’s TCP port is open, the target device of the TCP NULL output, sending no reply. |