Skip to content

hping3

sudo hping3 --scan all -S $(target)


sudo hping3 --scan known -S $(target)

Scanning 10.0.2.5 (10.0.2.5), port known
+----+-----------+---------+---+-----+-----+-----+
|port| serv name |  flags  |ttl| id  | win | len |
+----+-----------+---------+---+-----+-----+-----+
   21 ftp        : .S..A...  64     0  5840    46
   22 ssh        : .S..A...  64     0  5840    46
   23 telnet     : .S..A...  64     0  5840    46
   25 smtp       : .S..A...  64     0  5840    46
   53 domain     : .S..A...  64     0  5840    46
   80 http       : .S..A...  64     0  5840    46
  111 sunrpc     : .S..A...  64     0  5840    46
  139 netbios-ssn: .S..A...  64     0  5840    46
  445 microsoft-d: .S..A...  64     0  5840    46
  512 exec       : .S..A...  64     0  5840    46
  513 login      : .S..A...  64     0  5840    46
  514 shell      : .S..A...  64     0  5840    46
 1099 rmiregistry: .S..A...  64     0  5840    46
 1524 ingreslock : .S..A...  64     0  5840    46
 2049 nfs        : .S..A...  64     0  5840    46
 2121 iprop      : .S..A...  64     0  5840    46
 3306 mysql      : .S..A...  64     0  5840    46
 3632 distcc     : .S..A...  64     0  5840    46
 5432 postgresql : .S..A...  64     0  5840    46
 6000 x11        : .S..A...  64     0  5840    46
 6667 ircd       : .S..A...  64     0  5840    46
 6697 ircs-u     : .S..A...  64     0  5840    46
All replies received. Done.

Common arguments

Argument Description
-c Send a particular number of packets
-t The packet TTL (default 64)
-s Source TCP port (random by default)
-d Destination TCP port
-S Set the TCP SYN flag
-F Set the TCP FIN flag
-A Set the ACK flag

Other

Command Description
sudo hping3 -1 -c 10 michalszalkowski.com hping3 will act like an ordinary ping utility, sending ICMP-reverberation und getting ICMP-reply
sudo hping3 --traceroute -V -1 michalszalkowski.com hping3 will act like popular utilities like tracert (windows) or traceroute (linux) who utilizes ICMP packets expanding each time in 1 its TTL value.
sudo hping3 -c 3 -S -p 80 10.0.2.5 Send three TCP SYN probes to port 80 of 10.0.2.5
sudo hping3 -V -S -c 1 -p 80 -A michalszalkowski.com This scan could be utilized to check whether a host is alive (when Ping is blocked). This ought to send a RST response TCP port is open.
sudo hping3 -V -S -c 1 -p 80 -UPF michalszalkowski.com This scan sets the succession number to zero and set the URG + PSH + FIN signals in the packet. On the off chance that the focus on gadget’s TCP port is shut, the target gadget sends a TCP RST bundle in answer. In the event that the focus on gadget’s TCP port is open, the target disposes of the TCP Xmas output, sending no answer.
sudo hping3 -V -S -c 1 -p 80 -Y michalszalkowski.com This scan sets the arrangement number to zero and have no flag set in the packet. On the off chance that the focus on device’s port is shut, the target device sends a TCP RST packet in answer. In the event that the target device’s TCP port is open, the target device of the TCP NULL output, sending no reply.