The author of
this program is Salvatore Sanfilippo. He is a hacker from
So of course all kudos go to him for crafting such an
excellent tool. He is
presently working on v3, and hopefully will be
releasing it soon. There are
several tutorials on the web regarding this
tool. A couple are by the author
himself. However I found them to be
confusing, and often difficult to follow.
This is no fault of the author
seen as his mother tongue is not
The reason I chose to learn this tool is very simple. I was
to how the people who were attempting to gain access to our
were going about it. One of the ways of course is by packet
Crafting packets will allow you to probe firewall rulesets and
entry points into the targeted system or network.
presentation will show you how to use this tool. It will
not however teach
you how to hack or to help secure your network. You
can do both with HPing.
To do both successfully you will need a lot
more knowledge in regards to
TCP/IP, routers, access control lists,
OSI chart, and some other
What I hope to accomplish by this brief is to show you just how
it is to craft packets, and perhaps give you a glimpse into the
of the black-hat hacker. Not to mention hopefully stimulate
curiousity, and encourage you to further explore the murky world
the hacker. The one constant with hackers of all stripes, whether
be black/white/grey hat is that they have a burning curiousity
One last note on HPing before we start to look at it.
HPing will run
on any Linux distro, as well as Net/Free/OpenBSD systems and
it will run on Solaris as well. I highly advise you to run
at the same time. This will allow you to monitor your crafted
as well as look at your return packets as well.
I have included
tcpdump snippets to highlight what the outgoing and
incoming packets look
like on the wire. I beleive this to be an
important part as it allows you to
visualize the packets.
Be aware that HPing "does not" run under Windows. You
can however still
have tcpdump for Windows. It is called windump and can be
found athttp://windump.polito.it/HPing itself can be found at http://www.hping.org/ and
can be found at http://www.tcpdump.org/The two packets you see below are just one ip addy
sending a Syn packet to another ip addy.