Re: [null] Regarding source routing using hping3

286 views
Skip to first unread message

Zubin Mithra

unread,
Jun 19, 2012, 11:50:10 PM6/19/12
to null-...@googlegroups.com

On Wed, Jun 20, 2012 at 12:23 AM, adwiteeya agrawal <adwiteey...@gmail.com> wrote:
Hello,
I wish to do source routing using hping3. I am not sure how to specify the IP addresses for the hops to make. the man command only said that it can include a max on 9 routes and something regarding the RECORD_ROUTE
but i am not exactly able to figure out how to use it
Thanks in advance :)

Source routing is disabled on a lot of machines in an internal network(as it gives an attacker about path packets going out of a network take.) That might be the reason hping is not working for you.

Looking at the man pages of hping, it seems that --lsrr and --ssrr are the options you need.

Normal traceroute working includes sending packets of increasing TTL values and observing the Time-Exceeded packet sent by each intermediate routing device. This logic is obviously not possible for source routing - source routing is implemented using RECORD_ROUTE.

If the RECORD_ROUTE option is checked, a routing device inserts its own address into a structure into the IP datagram and forwards it, and thats how source routing works.


Cheers,
zm
 

--
Get ready for the Dilli Shakedown!
nullcon security conference Delhi Sept 26-29th 2012
http://nullcon.net
 
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/

Zubin Mithra

unread,
Jun 19, 2012, 11:51:35 PM6/19/12
to null-...@googlegroups.com
On Wed, Jun 20, 2012 at 9:20 AM, Zubin Mithra <zubin....@gmail.com> wrote:

On Wed, Jun 20, 2012 at 12:23 AM, adwiteeya agrawal <adwiteey...@gmail.com> wrote:
Hello,
I wish to do source routing using hping3. I am not sure how to specify the IP addresses for the hops to make. the man command only said that it can include a max on 9 routes and something regarding the RECORD_ROUTE
but i am not exactly able to figure out how to use it
Thanks in advance :)

Source routing is disabled on a lot of machines in an internal network(as it gives an attacker about path packets going out of a network take.) That might be the reason hping is not working for you.

Typo - I meant "as it gives an attacker information about the path takes by packets, when going out of a network".

Prajwal Panchmahalkar

unread,
Jun 20, 2012, 1:47:16 AM6/20/12
to null-...@googlegroups.com
Have you ever tried using google ?? 

Sent from my iPhone

Zubin Mithra

unread,
Jun 20, 2012, 4:55:28 AM6/20/12
to null-...@googlegroups.com

On Wed, Jun 20, 2012 at 1:02 PM, adwiteeya agrawal <adwiteey...@gmail.com> wrote:
Thanks zm for replying,
However i think i did not state my problem correctly... I know the -lsrr and -ssrr options but the thing is you can only specify two IP address... what to do when you want to source route more than one IP address.


I'm unsure about what you are trying to achieve - if you could detail what you have done so far, it might help me get a better understanding of what you are trying to do.


Cheers,
zm
Reply all
Reply to author
Forward
0 new messages