Scribd Logo
Upload

Welcome to Scribd!

  • 27 views

    Ethical Hacking

    Uploaded by

    Ahmed Amine Amouchi
    This document discusses various scanning techniques using Nmap and Hping3 including: 1. Pinging target IPs using Hping3 to craft UDP and TCP packets. 2. Scanning ports using Nmap to detect open and closed ports as well as filtered ports and perform OS detection. 3. Combining Nmap scans with options like -A to enable OS detection, version detection and script scanning.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Ethical Hacking

    Uploaded by

    Ahmed Amine Amouchi
    27 views10 pages
    This document discusses various scanning techniques using Nmap and Hping3 including: 1. Pinging target IPs using Hping3 to craft UDP and TCP packets. 2. Scanning ports using Nmap to detect open and closed ports as well as filtered ports and perform OS detection. 3. Combining Nmap scans with options like -A to enable OS detection, version detection and script scanning.

    Original Description:

    Original Title

    Ethical-Hacking

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses various scanning techniques using Nmap and Hping3 including: 1. Pinging target IPs using Hping3 to craft UDP and TCP packets. 2. Scanning ports using Nmap to detect open and closed ports as well as filtered ports and perform OS detection. 3. Combining Nmap scans with options like -A to enable OS detection, version detection and script scanning.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    27 views10 pages

    Ethical Hacking

    Uploaded by

    Ahmed Amine Amouchi
    This document discusses various scanning techniques using Nmap and Hping3 including: 1. Pinging target IPs using Hping3 to craft UDP and TCP packets. 2. Scanning ports using Nmap to detect open and closed ports as well as filtered ports and perform OS detection. 3. Combining Nmap scans with options like -A to enable OS detection, version detection and script scanning.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 10

    Ethical Hacking

    TP 2
    Scanning

    Réalise par :
    - Leith Mahfoudhi
    - Ahmed Amine Amouchi

    RT5
    UDP and TCP crafting Techniques using Hping3

    Pinging the Target IP using the Attacker VM

    Pinging the Attacker IP using the Target VM


    We set env var IP to point at the target IP

    1-

    -c 3 option means sending exactly 3 packets

    2-

    --scan 1-3000 : scan the first 3000 ports


    -S sets SYN flag
    3-

    --rand-source : uses random source address


    --data : sets Data size

    4-
    TCP SYN packets

    Network Scanning Using Nmap

    1-

    For each host the state of the top 1000 ports are displayed, the
    MAC address, the Network distance and the OS guess
    -O option is used to guess the OS of machine (based on the
    host response to the packets sent to it)

    2-
    -v : make the output more verbose
    -T4 : sets the timing template, packets sent per second, 4 is
    relatively fast, 5 is the fastest and 0 is the slowest
    - SA : TCP ACK scan used to map out firewall rulesets and
    check which ports are filtered

    The details displayed are the filtered and unflitered ports

    Unfiltered ports are those who return TCP RST response


    which means the port is either open or closed but isn’t filtered
    by the firewall
    Filtered ports are those who report No response recieved
    which are filtered by the Firewall

    3-
    -A: Enable OS detection, version detection, script scanning,
    and traceroute
    -sT : tcp connect scan (used when syn scan isn’t an option)
    -T3 : set the timing template to 3 (highest 5 slowest 0)
    The ouput shows the filtered|closed|open ports the os version
    the scripts result and the traceroute result

    4-

    -Su :udp scan


    -t5 : fastest timing template
    It shows the opened or opened|filtered ports
    5-

    -Pn : skips host discovery (treat all of hosts as online)


    -p : specifies port to scan 80 in this case

    The ouput shows the status of port 80 closed or open

    6-
    -ss syn scan
    -su udp scan
    -T4 to specify the speed of the scan
    -v for verobisty
    -A: Enable OS detection, version detection, script scanning,
    and traceroute
    --source-port specify the port from which the scanned requests
    will be sent
    --script to execute scripts here we specified the type of scripts
    to execute default scripts or safe and discovery scripts
    The -PS -PE -PA -PP and -PU options are all host discovery
    techniques techniques (ping types) used in combination to
    determine which targets are actually available on a network
    and avoid wasting a lot of time scanning for IP addresses that
    addresses that are not in use

    You might also like