First we would like to thank everyone who has made hping because we use it
constantly. We have found it to be one of the main tools we use when
testing out 'odd' network traffic or that new application that no one can
really explain.
The main reason for this release is the fix the problem that was caused by
Microsoft releasing SP2 for XP and removing the ability for an application
to make use of 'raw sockets'.
Some information on this can be found at:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#EHAA
This of course broke the ability for hping to send packets. Since we are sometimes
required to run the tool under Windows this was a problem. ;)
We decided to try and fix this. (We are James Fields [james.v.fields@gmail.com and
Kevin Johnson [kjohnson@secureideas.net])
We took a look at the code and then looked at what Fyoder and the NMAP team
did to fix the same issue. (NMAP is available at http://www.insecure.org and
we HIGHLY recommend it!) We saw that by using libdnet and some of the code
Fyoder had written, we could modify hping and enable it to work on Windows
again.
There are a couple notes that we would like to make you aware of:
* Hping now creates the entire Ethernet packet instead of depending on the
network stack. This means we will only support Ethernet networks. We
are not sure if hping supported other types before, but it definitely
doesn't now.
* The timing of the packets is incorrect. By this we mean that when hping
displays the RTT of a packet it is higher then the actual RTT. This is
an error with how hing gets that time. We are looking at ways to fix
this and would love ideas or help.(see below) This bug existed in the
previous version of hping for Windows. We do not believe that our changes
have added any extra time to this display.
* The random destination scan now works correctly. This was a bug in the
original version for Windows.
We hope that you find this release useful. If you have any comments, questions
or just want to talk to someone, feel free to contact us directly. You can either
use the email addresses above or send an email to hping@secureideas.net and the
message will get to the two of us.
If we are able to make any other significant updates to this package, we will
upload it to the hping wiki at http://wiki.hping.org
Thanks
James Fields and Kevin Johnson
[james.v.fields@gmail.com] [kjohnson@secureideas.net]
May 24, 2006
###############################################################################
Original README
###############################################################################
First thing of note. Thanks to Salvatore Sanfilippo for the hping tool. It's
helped me to better understand some network concepts. Much more info. can be
found at the 'mother' site: http://www.hping.org.
There is also a wiki at http://wiki.hping.org.
Usage for Windows version of hping:
Here's a URL for how to use hping (Unix and Windows version, except revisions with
Windows version listed below):
http://www.hping.org/manpage.html
Some differences in argument parameters and behavior compared to the Unix version
are as follows:
1. When hping is run in listen mode on Unix, memory paging is disabled. I haven't
implemented this in the native Windows version. If I get all fired up at some
point, maybe I'll try to figure it out.
2. There is an option to choose the network interface to use under Unix. I
haven't seen a simple way that Windows defines the network interfaces (i.e. eth0,
ppp0, ...). Thus, I've used the IP address as an I.D. for a specific interface.
3. Under Unix, pressing ctrl-z once will increment a port or ttl value
(depending on context) and pressing it twice will decrement it. I've changed this
to ctrl-z will increment, ctrl-a will decrement.
4. The option for sending packets at a specified interval is done using
microseconds in Unix. For example: hping -i u10000. Under Windows I've
changed this to milliseconds. Thus, the equivalent to the command above would
be: hping -i m100 (10 packets per second).
Compile:
I compiled hping using the free Dev-C++ compiler, and had to link these libraries:
libwinmm.a
libws2_32.a
libwsock32.a
libwpcap.a
libiphlpapi.a
Using Microsoft Visual C++ you'll have to link:
winmm.lib
ws2_32.lib
wsock32.lib
wpcap.lib
iphlpapi.lib
NOTE:
I have been able to successfully compile with the Borland and Visual C++
compilers. However, when attempting to send packets I get a 10049 socket error
code on a `sendto'. I'm guessing it has something to do with how these compilers
deal with structs, but have not looked into it. Any ideas and/or help would be
much appreciated.
ANOTHER NOTE:
Also, the new SP2 for Windows XP appears to be causing some issues. Here's a
link explaining some changes to raw sockets.
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#EHAA
Some people have reported some problems with Windows XP SP2. TCP packets don't
get sent out (10004 error). UDP and ICMP appear to be fine. (However, you
cannot spoof an IP with UDP packets). I'd like to get more feedback from
other people on how it is working on Windows XP SP2 machines.
SCAN MODE:
In regards to hping2-rc3-win32 version. I have implemented the scan mode
for windows now. The only switch that won't work is scanning for `known'
ports. The argument would be something like:
`hping --scan known <hostname>'
I haven't looked too hard into how to implement it, but for now it doesn't work.
I wanted to get something out for the scan mode as it's a very useful function.
Any comments can be sent to rgturpin@epop3.com
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
hping windows版源码 Hping是一个命令行下使用的TCP/IP数据包组装/分析工具,其命令模式很像Unix下的ping命令,但是它不是只能发送ICMP回应请求,它还可以支持TCP、UDP、ICMP和RAW-IP协议,它有一个路由跟踪模式,能够在两个相互包含的通道之间传送文件。 Hping的主要功能有:1、防火墙测试;2、实用的端口扫描;3、网络检测,可以用不同的协议、服务类型(TOS)、IP分片;4、手工探测MTU(最大传输单元)路径;5、先进的路由跟踪,支持所有的协议;6、远程操作系统探测;7、远程的运行时间探测;8、TCP/IP堆栈审计
资源推荐
资源详情
资源评论
收起资源包目录
hping.win32 (102个子文件)
ars.c 25KB
parseoptions.c 19KB
waitpacket.c 17KB
getifname.c 15KB
apd.c 14KB
sendip.c 13KB
main.c 10KB
split.c 10KB
winscan.c 10KB
sendicmp.c 8KB
antigetopt.c 7KB
usage.c 7KB
display_ipopt.c 4KB
send.c 3KB
rtt.c 3KB
sendtcp.c 3KB
strlcpy.c 3KB
sendudp.c 2KB
getlhs.c 2KB
statistics.c 2KB
winctrl_z.c 2KB
listen.c 2KB
wintimer.c 2KB
libpcap_stuff.c 2KB
hstring.c 2KB
logicmp.c 2KB
datafiller.c 2KB
ip_opt_build.c 2KB
sendip_handler.c 2KB
gethostname.c 1KB
sendhcmp.c 1KB
resolve.c 1KB
getusec.c 1KB
relid.c 967B
sockopt.c 919B
datahandler.c 875B
cksum.c 820B
arsglue.c 633B
version.c 632B
opensockraw.c 606B
memstr.c 585B
memlockall.c 569B
sendrawip.c 486B
hping.dev 8KB
hping.exe 380KB
hping2.h 14KB
ars.h 13KB
globals.h 3KB
in.h 2KB
antigetopt.h 1022B
bytesex.h 789B
release.h 528B
hcmp.h 525B
byteorder.h 177B
hstring.h 146B
systype.h 86B
hping.layout 4KB
parseoptions.o 15KB
apd.o 11KB
waitpacket.o 11KB
ars.o 9KB
main.o 9KB
sendip.o 7KB
winscan.o 7KB
usage.o 6KB
getifname.o 5KB
split.o 5KB
sendicmp.o 4KB
antigetopt.o 3KB
send.o 3KB
getlhs.o 2KB
rtt.o 2KB
sendtcp.o 2KB
statistics.o 2KB
logicmp.o 2KB
listen.o 2KB
display_ipopt.o 2KB
datafiller.o 2KB
sendip_handler.o 2KB
winctrl_z.o 2KB
libpcap_stuff.o 1KB
sendudp.o 1KB
ip_opt_build.o 1KB
wintimer.o 1KB
gethostname.o 1KB
arsglue.o 1KB
hstring.o 1KB
datahandler.o 1021B
sendhcmp.o 997B
sendrawip.o 896B
sockopt.o 837B
resolve.o 788B
version.o 728B
relid.o 711B
opensockraw.o 603B
getusec.o 538B
cksum.o 492B
memstr.o 448B
strlcpy.o 420B
memlockall.o 352B
共 102 条
- 1
- 2
资源评论
- jerrygu6252019-03-07这个软件需要在管理员模式下运行
470444
- 粉丝: 0
- 资源: 6
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功