#Testing firewall rules with Hping3 - examples
http://0daysecurity.com/articles/hping3_examples.html
#Siunčiam duomenis per hping
sudo hping3 -c 1 -n -V 192.168.11.1 -e "La" -1
#gaudom duomenis
https://danielmiessler.com/study/tcpdump/
#rodo kartu output
tcpdump icmp -l | tee dat
tcpdump -l > dat & tail -f dat
#tcpdump filtravimas
https://support.f5.com/kb/en-us/solutions/public/2000/200/sol2289.html
https://staff.washington.edu/dittrich/talks/core02/tools/tcpdump-filters.txt
#wireshark capture filters
https://wiki.wireshark.org/CaptureFilters
#ICMP
-C --icmptype icmp type (default echo request)
-K --icmpcode icmp code (default 0)
Interesting Parts of an ICMP Message ==================================== icmp[0] type icmp[1] code icmp[2:2] checksum icmp[4...] payload
#siunčia icmp paketą su pasiriktu tipu, kodu ir duomenimis
sudo hping3 -c 1 -n -V 192.168.11.1 -1 -C 8 -K 42 -e "La"
#Filtruoja icmp Type = 8(ping request) ir code = 42
sudo tcpdump -n 'icmp[0] == 8 and icmp[1] == 42'
# Loki Filter pvz
((icmp[0] = 0) || (icmp[0] = 8)) && ((icmp[6:2] = 0xf001) || (icmp[6:2] = 0x01f0)
#sudo tcpdump -vvXn 'icmp[0] == 8 and icmp[1] == 42 and icmp[8:2] = 0x4c61'
0x0010: c0a8 0b01 082a a8ce 3b53 0000 4c61 6261 .....*..;S..Laba
0x0020: 7320 6d61 6e6f 2076 6172 6461 7320 7972 s.mano.vardas.yr
0x0030: 6120 7061 756c 6975 7320 6173 2065 7375 a.paulius.as.esu0x0040: 2069 7320 4c69 6574 7576 6f73 .is.Lietuvos
#Text to hex
#The
0a
is the implicit newline that echo produces.echo "Labas" | od -t x1
0000000 4c 61 62 61 73 0a
0000006
#Hex to txt
cat hex | xxd -r -p
#flood with hping
# -S sync packets
# --flood high emission rate
# -d data size
sudo hping3 -V -c 1000000 -d 120 -S -w 64 -p 445 -s 445 --flood --rand-source <ip>
hping3 <ip> --flood -S -p 445
#Floodas su fake ipu
http://tipstrickshack.blogspot.lt/2012/10/dos-attack-from-linux-using-hping3.html
sudo hping3 -1 --flood 192.168.11.1 -a 192.168.11.112
#mac keitimas
sudo macchanger eth0 -m 00:00:11:11:00:00
#Komunikuojamas su hping su kitu hostu
http://ipositivesecurity.blogspot.lt/2012/01/diy-tools-using-hping.html
#Siuntėjas
sudo hping3 --data 100 --file test.txt -e GOLD 192.168.1.103 -V
#Gavėjas
htping3 --listen GOLD --interface eth1
sudo hping3 -V -c 1000000 -d 120 -S -w 64 -p 445 -s 445 --flood --rand-source <ip>
hping3 <ip> --flood -S -p 445
#Floodas su fake ipu
http://tipstrickshack.blogspot.lt/2012/10/dos-attack-from-linux-using-hping3.html
sudo hping3 -1 --flood 192.168.11.1 -a 192.168.11.112
#mac keitimas
sudo macchanger eth0 -m 00:00:11:11:00:00
#Komunikuojamas su hping su kitu hostu
http://ipositivesecurity.blogspot.lt/2012/01/diy-tools-using-hping.html
#Siuntėjas
sudo hping3 --data 100 --file test.txt -e GOLD 192.168.1.103 -V
#Gavėjas
htping3 --listen GOLD --interface eth1