Date: Sun, 6 Nov 2005 17:43:07 +0100 (CET) From: Nicolas Jombart <ecu@ipv42.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/88552: [NEW PORT] net/hping-devel: Network auditing tool Message-ID: <20051106164307.BB21F15258@shiva.ipv42.net> Resent-Message-ID: <200511061650.jA6GoIIK091314@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 88552 >Category: ports >Synopsis: [NEW PORT] net/hping-devel: Network auditing tool >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Nov 06 16:50:17 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Nicolas Jombart >Release: FreeBSD 5.4-STABLE i386 >Organization: >Environment: System: FreeBSD shiva.int.ipv42.net 5.4-STABLE FreeBSD 5.4-STABLE #0: Sat Jun 25 11:14:20 CEST 2005 >Description: This is the devel branch of hping: it's the same, but with a TCL scripting feature. There is a CONFLICTS with the main version of hping, and the category is net, which is more suitable that security. A new PR is coming to reflect that to the hping port. Generated with FreeBSD Port Tools 0.63 >How-To-Repeat: >Fix: --- hping-devel-3.0.20051105.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # hping-devel # hping-devel/files # hping-devel/files/patch-configure # hping-devel/files/patch-Makefile.in # hping-devel/files/patch-bytesex.h # hping-devel/files/patch-hping3.8 # hping-devel/Makefile # hping-devel/distinfo # hping-devel/pkg-descr # echo c - hping-devel mkdir -p hping-devel > /dev/null 2>&1 echo c - hping-devel/files mkdir -p hping-devel/files > /dev/null 2>&1 echo x - hping-devel/files/patch-configure sed 's/^X//' >hping-devel/files/patch-configure << 'END-of-hping-devel/files/patch-configure' X--- configure.orig Fri Jun 4 08:39:10 2004 X+++ configure Mon Oct 31 10:49:39 2005 X@@ -143,6 +143,7 @@ X -e "s^@TCL_INC@^$TCL_INC^g" \ X -e "s^@TCL_VER@^$TCL_VER^g" \ X -e "s^@TCL_LIB@^$TCL_LIB^g" \ X+ -e "s^@CFLAGS@^$CFLAGS^g" \ X <Makefile.in > Makefile X X # END-of-hping-devel/files/patch-configure echo x - hping-devel/files/patch-Makefile.in sed 's/^X//' >hping-devel/files/patch-Makefile.in << 'END-of-hping-devel/files/patch-Makefile.in' X--- Makefile.in.orig Sat Apr 10 01:38:56 2004 X+++ Makefile.in Mon Oct 31 10:48:24 2005 X@@ -6,10 +6,10 @@ X # $date: Sun Jul 25 17:56:15 MET DST 1999$ X # $rev: 3$ X X-CC= gcc X+CC?= gcc X AR=/usr/bin/ar X RANLIB=/usr/bin/ranlib X-CCOPT= -O2 -Wall @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@ X+CCOPT= -Wall @CFLAGS@ @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@ X DEBUG= -g X #uncomment the following if you need libpcap based build under linux X #(not raccomanded) X@@ -50,20 +50,20 @@ X $(RANLIB) $@ X X hping3: byteorder.h $(OBJ) X- $(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ X+ $(CC) -o hping3 $(CCOPT) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ X @echo X ./hping3 -v X @echo "use \`make strip' to strip hping3 binary" X @echo "use \`make install' to install hping3" X X hping3-static: byteorder.h $(OBJ) X- $(CC) -static -o hping3-static $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ -ldl X+ $(CC) -static -o hping3-static $(CCOPT) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ -ldl X X byteorder.h: X ./configure X X .c.o: X- $(CC) -c $(CCOPT) $(DEBUG) $(COMPILE_TIME) $< X+ $(CC) -c $(CCOPT) $(COMPILE_TIME) $< X X clean: X rm -rf hping3 *.o libars.a END-of-hping-devel/files/patch-Makefile.in echo x - hping-devel/files/patch-bytesex.h sed 's/^X//' >hping-devel/files/patch-bytesex.h << 'END-of-hping-devel/files/patch-bytesex.h' X X$FreeBSD: ports/security/hping/files/patch-bytesex.h,v 1.2 2004/10/10 08:44:48 krion Exp $ X X--- bytesex.h.orig Tue Sep 14 15:22:45 2004 X+++ bytesex.h Tue Sep 14 15:21:50 2004 X@@ -8,10 +8,12 @@ X #define ARS_BYTESEX_H X X #if defined(__i386__) \ X+ || defined(__ia64__) \ X || defined(__alpha__) \ X || (defined(__mips__) && (defined(MIPSEL) || defined (__MIPSEL__))) X #define BYTE_ORDER_LITTLE_ENDIAN X #elif defined(__mc68000__) \ X+ || defined (__amd64__) \ X || defined (__sparc__) \ X || defined (__sparc) \ X || defined (__PPC__) \ END-of-hping-devel/files/patch-bytesex.h echo x - hping-devel/files/patch-hping3.8 sed 's/^X//' >hping-devel/files/patch-hping3.8 << 'END-of-hping-devel/files/patch-hping3.8' X--- docs/hping3.8.orig Mon Oct 31 11:23:58 2005 X+++ docs/hping3.8 Mon Oct 31 11:23:27 2005 X@@ -1,8 +1,8 @@ X-.TH HPING2 8 "2001 Aug 14" X+.TH hping 8 "2001 Aug 14" X .SH NAME X-hping2 \- send (almost) arbitrary TCP/IP packets to network hosts X+hping \- send (almost) arbitrary TCP/IP packets to network hosts X .SH SYNOPSIS X-.B hping2 X+.B hping X [ X .B \-hvnqVDzZ012WrfxykQbFSRPAUXYjJBuTG X ] [ X@@ -116,11 +116,11 @@ X .br X .ad X .SH DESCRIPTION X-hping2 is a network tool able to send custom TCP/IP packets and to X-display target replies like ping program does with ICMP replies. hping2 X+hping is a network tool able to send custom TCP/IP packets and to X+display target replies like ping program does with ICMP replies. hping X handle fragmentation, arbitrary packets body and size and can be used in X order to transfer files encapsulated under supported protocols. Using X-hping2 you are able to perform at least the following stuff: X+hping you are able to perform at least the following stuff: X X - Test firewall rules X - Advanced port scanning X@@ -136,7 +136,7 @@ X - A lot of others. X X .IR "It's also a good didactic tool to learn TCP/IP" . X-hping2 is developed and maintained by antirez@invece.org and is X+hping is developed and maintained by antirez@invece.org and is X licensed under GPL version 2. Development is open so you can send X me patches, suggestion and affronts without inhibitions. X .SH HPING SITE X@@ -158,9 +158,9 @@ X .I -c --count count X Stop after sending (and receiving) X .I count X-response packets. After last packet was send hping2 wait COUNTREACHED_TIMEOUT X+response packets. After last packet was send hping wait COUNTREACHED_TIMEOUT X seconds target host replies. You are able to tune COUNTREACHED_TIMEOUT editing X-hping2.h X+hping.h X .TP X .I -i --interval X Wait X@@ -171,10 +171,10 @@ X .I wait X to X micro seconds. X The default is to wait X-one second between each packet. Using hping2 to transfer files tune this X+one second between each packet. Using hping to transfer files tune this X option is really important in order to increase transfer rate. Even using X-hping2 to perform idle/spoofing scanning you should tune this option, see X-.B HPING2-HOWTO X+hping to perform idle/spoofing scanning you should tune this option, see X+.B hping-HOWTO X for more information. X .TP X .I --fast X@@ -195,13 +195,13 @@ X startup time and when finished. X .TP X .I -I --interface interface name X-By default on linux and BSD systems hping2 uses default routing interface. X+By default on linux and BSD systems hping uses default routing interface. X In other systems or when there is no default route X-hping2 uses the first non-loopback interface. X-However you are able to force hping2 to use the interface you need using X+hping uses the first non-loopback interface. X+However you are able to force hping to use the interface you need using X this option. Note: you don't need to specify the whole name, for X example -I et will match eth0 ethernet0 myet1 et cetera. If no interfaces X-match hping2 will try to use lo. X+match hping will try to use lo. X .TP X .I -V --verbose X Enable verbose output. TCP replies will be shown as follows: X@@ -211,7 +211,7 @@ X .TP X .I -D --debug X Enable debug mode, it's useful when you experience some problem with X-hping2. When debug mode is enabled you will get more information about X+hping. When debug mode is enabled you will get more information about X .B interface detection, data link layer access, interface settings, options X .B parsing, fragmentation, HCMP protocol X and other stuff. X@@ -223,30 +223,30 @@ X CTRL+Z once or twice. X .TP X .I -Z --unbind X-Unbind CTRL+Z so you will able to stop hping2. X+Unbind CTRL+Z so you will able to stop hping. X .TP X .I --beep X Beep for every matching received packet (but not for ICMP errors). X .SH PROTOCOL SELECTION X-Default protocol is TCP, by default hping2 will send tcp headers to target X+Default protocol is TCP, by default hping will send tcp headers to target X host's port 0 with a winsize of 64 without any tcp flag on. Often this X is the best way to do an 'hide ping', useful when target is behind X a firewall that drop ICMP. Moreover a tcp null-flag to port 0 has a good X probability of not being logged. X .TP X .I -0 --rawip X-RAW IP mode, in this mode hping2 will send IP header with data X+RAW IP mode, in this mode hping will send IP header with data X appended with --signature and/or --file, see also --ipproto that X allows you to set the ip protocol field. X .TP X .I -1 --icmp X-ICMP mode, by default hping2 will send ICMP echo-request, you can set X+ICMP mode, by default hping will send ICMP echo-request, you can set X other ICMP type/code using X .B --icmptype --icmpcode X options. X .TP X .I -2 --udp X-UDP mode, by default hping2 will send udp to target host's port 0. X+UDP mode, by default hping will send udp to target host's port 0. X UDP header tunable options are the following: X .B --baseport, --destport, --keep. X .TP X@@ -288,11 +288,11 @@ X shows interesting details. X .TP X .I -9 --listen signature X-HPING2 listen mode, using this option hping2 waits for packet that contain X+hping listen mode, using this option hping waits for packet that contain X .I signature X and dump from X .I signature X-end to packet's end. For example if hping2 --listen TEST reads a packet X+end to packet's end. For example if hping --listen TEST reads a packet X that contain X .B 234-09sdflkjs45-TESThello_world X it will display X@@ -304,7 +304,7 @@ X ensures that target will not gain your real address. However replies X will be sent to spoofed address, so you will can't see them. In order X to see how it's possible to perform spoofed/idle scanning see the X-.BR HPING2-HOWTO . X+.BR hping-HOWTO . X .TP X .I --rand-source X This option enables the X@@ -347,7 +347,7 @@ X or X .B --bind X options. If in doubt try X-.BR "" "`" "hping2 some.host.com -t 1 --traceroute" "'." X+.BR "" "`" "hping some.host.com -t 1 --traceroute" "'." X .TP X .I -N --id X Set ip->id field. Default id is random but if fragmentation is turned on X@@ -361,11 +361,11 @@ X .I -W --winid X id from Windows* systems before Win2k has different byte ordering, if this X option is enable X-hping2 will properly display id replies from those Windows. X+hping will properly display id replies from those Windows. X .TP X .I -r --rel X Display id increments instead of id. See the X-.B HPING2-HOWTO X+.B hping-HOWTO X for more information. Increments aren't computed as id[N]-id[N-1] but X using packet loss compensation. See relid.c for more information. X .TP X@@ -445,7 +445,7 @@ X .SH TCP/UDP RELATED OPTIONS X .TP X .I -s --baseport source port X-hping2 uses source port in order to guess replies sequence number. It X+hping uses source port in order to guess replies sequence number. It X starts with a base source port number, and increase this number for each X packet sent. When packet is received sequence number can be computed as X .IR "replies.dest.port - base.source.port" . X@@ -485,7 +485,7 @@ X by target host. This can be useful when you need to analyze whether X TCP sequence number is predictable. Output example: X X-.B #hping2 win98 --seqnum -p 139 -S -i u1 -I eth0 X+.B #hping win98 --seqnum -p 139 -S -i u1 -I eth0 X .nf X HPING uaz (eth0 192.168.4.41): S set, 40 headers + 0 data bytes X 2361294848 +2361294848 X@@ -540,8 +540,8 @@ X .SH COMMON OPTIONS X .TP X .I -d --data data size X-Set packet body size. Warning, using --data 40 hping2 will not generate X-0 byte packets but protocol_header+40 bytes. hping2 will display X+Set packet body size. Warning, using --data 40 hping will not generate X+0 byte packets but protocol_header+40 bytes. hping will display X packet size information as first line output, like this: X .B HPING www.yahoo.com (ppp0 204.71.200.67): NO FLAGS are set, 40 headers + 40 data bytes X .TP X@@ -577,9 +577,9 @@ X A to host B you may use the following: X .nf X .I [host_a] X-.B # hping2 host_b --udp -p 53 -d 100 --sign signature --safe --file /etc/passwd X+.B # hping host_b --udp -p 53 -d 100 --sign signature --safe --file /etc/passwd X .I [host_b] X-.B # hping2 host_a --listen signature --safe --icmp X+.B # hping host_a --listen signature --safe --icmp X .fi X .TP X .I -u --end X@@ -587,13 +587,13 @@ X .I --file filename X option, tell you when EOF has been reached. Moreover prevent that other end X accept more packets. Please, for more information see the X-.BR HPING2-HOWTO . X+.BR HPING2-HOWTO . X .TP X .I -T --traceroute X-Traceroute mode. Using this option hping2 will increase ttl for each X+Traceroute mode. Using this option hping will increase ttl for each X .B ICMP time to live 0 during transit X received. Try X-.BR "hping2 host --traceroute" . X+.BR "hping host --traceroute" . X This option implies --bind and --ttl 1. You can override the ttl of 1 X using the --ttl option. Since 2.0.0 stable it prints RTT information. X .TP X@@ -601,7 +601,7 @@ X Keep the TTL fixed in traceroute mode, so you can monitor just one hop X in the route. For example, to monitor how the 5th hop changes or X how its RTT changes you can try X-.BR "hping2 host --traceroute --ttl 5 --tr-keep-ttl" . X+.BR "hping host --traceroute --ttl 5 --tr-keep-ttl" . X .TP X .I --tr-stop X If this option is specified hping will exit once the first packet END-of-hping-devel/files/patch-hping3.8 echo x - hping-devel/Makefile sed 's/^X//' >hping-devel/Makefile << 'END-of-hping-devel/Makefile' X# New ports collection makefile for: hping-devel X# Date Created: 2005/10/31 X# Whom: Nicolas Jombart <ecu@ipv42.net> X# X# $FreeBSD$ X# ex:ts=8 X XPORTNAME= hping XPORTVERSION= 3.0.20051105 XCATEGORIES= net security XMASTER_SITES= http://www.hping.org/ \ X http://ipv42.net/distfiles/hping/ XPKGNAMESUFFIX= -devel XDISTNAME= hping3-20051105 X XMAINTAINER= ecu@ipv42.net XCOMMENT= Network auditing tool X XLIB_DEPENDS= tcl84:${PORTSDIR}/lang/tcl84 X XNO_LATEST_LINK =yes XCONFLICTS= hping-[0-9]* X XGNU_CONFIGURE= yes XUSE_GMAKE= yes XUSE_REINPLACE= yes X XPLIST_DIRS+= lib/hping XPLIST_FILES= sbin/hping lib/hping/hpingstdlib.htcl XPORTDOCS= AS-BACKDOOR HPING2-HOWTO.txt HPING2-IS-OPEN \ X MORE-FUN-WITH-IPID SPOOFED_SCAN.txt APD.txt \ X API.txt HPING3.txt XMAN8= hping.8 X XEXAMPLES= README apd.htcl apd2.htcl ciscoios.htcl ciscoios0.htcl \ X cloner.htcl igrp.htcl isn-spectrogram.htcl nat-noise.htcl \ X passivets.htcl ping.htcl raw.htcl show-tcpseq.htcl \ X showled.htcl X.if !defined(NOPORTDOCS) XPLIST_DIRS+= %%EXAMPLESDIR%% X.for file in ${EXAMPLES} XPLIST_FILES+= %%EXAMPLESDIR%%/${file} X.endfor X.endif X Xdo-install: X ${INSTALL_PROGRAM} ${WRKSRC}/hping3 ${PREFIX}/sbin/hping X ${INSTALL_MAN} ${WRKSRC}/docs/hping3.8 ${PREFIX}/man/man8/hping.8 X ${MKDIR} ${PREFIX}/lib/hping X ${INSTALL_DATA} ${WRKSRC}/lib/hpingstdlib.htcl ${PREFIX}/lib/hping/ X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} ${EXAMPLESDIR} X ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/docs/|} ${DOCSDIR} X.for i in ${EXAMPLES} X ${REINPLACE_CMD} -e \ X 's|hpingstdlib.htcl|${PREFIX}/lib/hping/hpingstdlib.htcl|' \ X ${WRKSRC}/lib/${i} X.endfor X ${INSTALL_DATA} ${EXAMPLES:S|^|${WRKSRC}/lib/|} ${EXAMPLESDIR} X.endif X X.include <bsd.port.mk> END-of-hping-devel/Makefile echo x - hping-devel/distinfo sed 's/^X//' >hping-devel/distinfo << 'END-of-hping-devel/distinfo' XMD5 (hping3-20051105.tar.gz) = ca4ea4e34bcc2162aedf25df8b2d1747 XSIZE (hping3-20051105.tar.gz) = 584001 END-of-hping-devel/distinfo echo x - hping-devel/pkg-descr sed 's/^X//' >hping-devel/pkg-descr << 'END-of-hping-devel/pkg-descr' Xhping is a command-line oriented TCP/IP packet assembler/analyzer. XThe interface is inspired to the ping(8) unix command, but hping isn't Xonly able to send ICMP echo requests. It supports TCP, UDP, ICMP and XRAW-IP protocols, has a traceroute mode, the ability to send files Xbetween a covered channel, and many other features. XWhile hping was mainly used as a security tool in the past, it can be Xused in many ways by people that don't care about security to test Xnetworks and hosts. X Xhping3 adds the TCL scripting feature. X XWWW: http://www.hping.org/ END-of-hping-devel/pkg-descr exit --- hping-devel-3.0.20051105.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051106164307.BB21F15258>