Monday , 24 October 2016

Getting started with Hping3

Getting started with Hping3

Getting started with Hping3 :- 

Hping3 is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.

Hping3 is used in :-

  • Firewall testing
  • Advanced port scanning
  • Network testing, using different protocols, TOS, fragmentation
  • Manual path MTU discovery
  • Advanced traceroute, under all the supported protocols
  • Remote OS fingerprinting
  • Remote uptime guessing
  • TCP/IP stacks auditing
  • hping can also be useful to students that are learning TCP/IP.

1. Find out Status of Host in case of ICMP blocked by Firewall

Most of time when you ping to any bank sites or any secure sites they are not gives you ping reply beacuse ICMP is blocked by firewall. so in this condition you can easily find out the status of host with hping3 command beacuse insted of icmp it,s using TCP or UDP packets.

root@bt:~# hping3 –S –p 80 –c 2

– s syntex is used for SYN request, – p is indicating Protocol and 80 is used for HTTP. – c2 is used for sending request only 2 times. Normal ping :-

Getting started with Hping3

Hping 3 :- hping1 2. Play with the Ports involved in the process

root@bt:~# hping3 –S –p  ++50  –c 5


3. Idle Scanning

Idle scanning is a technique to portscan a remote system fully anonymous.

root@bt:~# hping3 -I eth0 -SA

4. ICMP Ping

root@bt:~# hping3 -1

– i syntax is used to ask hping to use icmp insted of TCP. by default hping is using TCP.


 5. ACK scan on Port 80 :- 


root@bt:~# hping3 -A –p 80



5. SYN scan on port 50-60

root@bt:~# hping3  -8   50-56   –S   -V


6. UDP Scan on Port 80 :-


root@bt:~# hping3 -2 –p 80



7. Intercept all traffic containing HTTP signature

root@bt:~# hping3 -9 HTTP – i eth0


8. Scan entire subnet for live host

root@bt:~# hping3 -1 192.168.1.x    – – rand-dest –I eth0

9. Collecting Initial Sequence number :-

root@bt:~# hping3 –q –p 139 -S

10. FIN , PUSH and URG scan on port 80

root@bt:~# hping3 –F   –P  –U –p 80


11. ICMP time-stamp

root@bt:~# hping3 –1 – -icmp-ts –c 2

12. Finding Firewall

root@bt:~# hping3 –1 – -icmp-addr –c 2

if this command is not giving the reply means this particular ip-address belongs to firewall.

13. Find out particular port is open on the server or not

root@bt:~# hping3 – 8 50-56 –S 80


Also check :- Perform DDOS Attack with Hping Command

Hope you like my post.Getting started with Hping3. Please Share with others.

Use Facebook to Comment on this Post

About Syed Balal Rumy

A 27 year Tech Geek and a blogger from India ( Bihar ) , live in New Delhi. I am MCITP , CEHv8 , CCNA , CCNA Security , CCNP Security , Security + and CCSA certified. Loves to write tech articles based on my real experiences.

Powered by