White Hat Institute

Network scanning and enumeration using Hping3

Hping3 is a free command-line packet generator and analyzer for the TCP/IP convention created by Salvatore Sanfilippo. It is one type of analyzer for network security, security auditing, and testing of firewalls and networks. This tool is also utilized to exploit the idle-scan scanning technique, which is presently implemented in the Nmap Scanner. Hping3 doesn’t send only ICMP echo requests but also supports TCP, UDP, ICMP, and RAW-IP protocols. It has a traceroute mode, the ability to send files between a covered channel, and many other features.

To start hping3 and view the help page, type “hping3 -h” in the terminal and hit “Enter.”

scanning, hping, hping3

For this example, we will be scanning the host for open ports (- -scan 1–1024) using the SYN flag (-S).

Ex: (kali@kali:~$ hping3  – -scan 1–1024 -S

hping3 2

Because of its flexibility, hping3 frequently alludes as a packet crafting tool, which implies that it can make pretty much any packet you can envision. It can be useful during the reconnaissance, as various packets will elicit different responses from the operating framework TCP/IP stack, giving us pieces of information about the operating system, ports, and services.