LinuxCommandLibrary

hping3

Ping using custom TCP/IP packets

TLDR

Ping a destination with 4 ICMP ping requests

$ hping3 --icmp --count [4] [ip_or_hostname]
copy

Ping an IP address over UDP on port 80
$ hping3 --udp --destport [80] --syn [ip_or_hostname]
copy

Scan TCP port 80, scanning from the specific local source port 5090
$ hping3 --verbose --syn --destport [80] --baseport [5090] [ip_or_hostname]
copy

Traceroute using a TCP scan to a specific destination port
$ hping3 --traceroute --verbose --syn --destport [80] [ip_or_hostname]
copy

Scan a set of TCP ports on a specific IP address
$ hping3 --scan [80,3000,9000] --syn [ip_or_hostname]
copy

Perform a TCP ACK scan to check if a given host is alive
$ hping3 --count [2] --verbose --destport [80] --ack [ip_or_hostname]
copy

Perform a charge test on port 80
$ hping3 --flood --destport [80] --syn [ip_or_hostname]
copy

SYNOPSIS

hping3 [options]

PARAMETERS

-v
    Verbose mode. Shows more information.

-c
    Send packets, then stop. The default is to send packets forever.

-i
    Interval between sending each packet (in seconds or microseconds). e.g., '-i u10' for 10 usec.

-n
    No DNS resolution.

-I
    Network interface to use.

-S
    Set SYN flag.

-A
    Set ACK flag.

-F
    Set FIN flag.

-P
    Set PUSH flag.

-U
    Set URG flag.

-R
    Set RST flag.

-s
    Source port.

-p
    Destination port. Can be ++ to scan ports sequentially.

--scan
    Preset port scan modes. e.g. --scan syn,fin,urg,psh

-d
    Data size. Size of ICMP/UDP/TCP body (default is 0).

-M
    Set TCP sequence number.

-N
    Set TCP ack number.

--ttl
    Set IP TTL.


    The target host IP address or hostname.

DESCRIPTION

hping3 is a versatile command-line packet crafting and network analysis tool. It allows users to create custom TCP/IP packets and send them to a target host, providing a powerful way to probe networks, test firewalls, perform denial-of-service attacks (use responsibly!), and analyze network behavior.

Unlike simple ping, hping3 offers fine-grained control over various TCP/IP header fields, such as source/destination IP addresses, port numbers, TCP flags (SYN, ACK, RST, PUSH, FIN, URG), and data payload.

This flexibility makes hping3 an invaluable tool for network administrators, security researchers, and penetration testers who need to understand and manipulate network traffic at a low level. Its capabilities extend beyond basic network connectivity testing to include tasks like firewall rule verification, TCP sequence number prediction, and OS fingerprinting. By observing the responses to specifically crafted packets, one can gain insights into the target system's configuration and security posture.

CAVEATS

hping3 requires root privileges to send raw packets. Misuse of hping3 can be illegal and cause network disruptions.

EXAMPLES

Basic Ping: hping3 example.com
TCP SYN Scan: hping3 -S -p 80 example.com
UDP Ping: hping3 --udp -p 53 example.com
Firewall Testing (Checking if Port 80 is Open) : hping3 -S -p 80 -I eth0 example.com

HISTORY

hping3 was developed by Salvatore Sanfilippo (antirez) as an improvement over the original hping tool. It has evolved over the years and become a standard tool for network testing and security analysis.

SEE ALSO

ping(8), traceroute(8), tcpdump(1)

Copied to clipboard