HexInject包装说明
HexInject是一种用途很广的分组喷油器和嗅探器,提供了一个命令行框架,原始的网络接入。它的设计与其他命令行实用程序一起工作,并为这个原因,它有利于建立强大的shell脚本能够读,截取和修改以透明的方式的网络流量。 资料来源:http://hexinject.sourceforge.net/
- 作者:埃马努埃莱Acri的
许可:BSD
0x01 包含在hexinject包工具
hexinject - 十六进制数据包注入器/监听器
:~# hexinject -h HexInject 1.5 [hexadecimal packet injector/sniffer] written by: Emanuele Acri < > Usage: hexinject <mode> <options> Options: -s sniff mode -p inject mode -r raw mode (instead of the default hexadecimal mode) -f <filter> custom pcap filter -i <device> network device to use -F <file> pcap file to use as device (sniff mode only) -c <count> number of packets to capture -t <time> sleep time in microseconds (default 100) -I list all available network devices Injection options: -C disable automatic packet checksum -S disable automatic packet size Interface options: -P disable promiscuous mode -M put the wireless interface in monitor mode (experimental: use airmon-ng instead...) Other options: -h help screen
0x02 prettypacket - 反汇编的原始网络数据包
:~# prettypacket -h PrettyPacket 1.5 [disassembler for raw network packets] written by: Emanuele Acri < > Usage: prettypacket [-x|-h] Options: -x type print example packet, to see its structure (available types: tcp, udp, icmp, igmp, arp, stp) -h this help screen
0x03 hex2raw - 转换hexstrings的标准输入到标准输出上的原始数据
:~# hex2raw -h Hex2Raw 1.5 [convert hexstrings on stdin to raw data on stdout] written by: Emanuele Acri < > Usage: hex2raw [-r|-h] Options: -r reverse mode (raw to hexstring) -h this help screen
0x04 packets.tcl - 生成的二进制包
:~# packets.tcl -h Packets.tcl -- Generates binary packets specified using an APD-like data format: http://wiki.hping.org/26 usage: packets.tcl 'APD packet description' example packets: ethernet(dst=ff:ff:ff:ff:ee:ee,src=aa:aa:ee:ff:ff:ff,type=0x0800)+ip(ihl=5,ver=4,tos=0xc0,totlen=58,id=62912,fragoff=0,mf=0,df=0,rf=0,ttl=64,proto=1,cksum=0xe500,saddr=192.168.1.7,daddr=192.168.1.6)+icmp(type=3,code=3,unused=0)+data(str=aaaa)+udp(sport=33169,dport=10,len=10,cksum=0x94d6)+data(str=aaaa)+arp(htype=ethernet,ptype=ip,hsize=6,psize=4,op=request,shard=00:11:22:33:44:55,sproto=192.168.1.1,thard=22:22:22:22:22:22,tproto=10.0.0.1) ethernet(dst=ff:ff:ff:ff:ff:ff,src=ff:ff:ff:ff:ff:ff,type=0x0800)+ip(ihl=5,ver=4,tos=00,totlen=30,id=60976,fragoff=0,mf=0,df=1,rf=0,ttl=64,proto=tcp,cksum=0x40c9,saddr=192.168.1.9,daddr=173.194.44.95)+tcp(sport=32857,dport=80,seq=1804471615,ack=0,ns=0,off=5,flags=s,win=62694,cksum=0xda46,urp=0) ethernet(dst=ff:ff:ff:ff:ff:ff,src=ff:ff:ff:ff:ff:ff,type=0x0800)+ip(ihl=5,ver=4,tos=00,totlen=30,id=60976,fragoff=0,mf=0,df=1,rf=0,ttl=64,proto=tcp,cksum=0x40c9,saddr=192.168.1.9,daddr=173.194.44.95)+tcp(sport=32857,dport=80,seq=1804471615,ack=0,ns=0,off=8,flags=s,win=62694,cksum=0xda46,urp=0)+tcp.nop()+tcp.nop()+tcp.timestamp(val=54111314,ecr=1049055856)+data(str=f0a)
0x05 hexinject用法示例
在启动通过eth0接口监听模式 (-s)(-i eth0的):
:~# hexinject -s -i eth0
FF FF FF FF FF FF 40 6C 8F 1B CB 90 08 00 45 00 00 31 E4 36 00 00 40 11 11 4E C0 A8 01 E8 C0 A8 01 FF D3 C6 7E 9C 00 1D B1 DA 4D 2D 53 45 41 52 43 48 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A
FF FF FF FF FF FF 40 6C 8F 1B CB 90 08 00 45 00 00 31 A1 63 00 00 40 11 54 21 C0 A8 01 E8 C0 A8 01 FF FF 69 7E 9E 00 1D 86 35 4D 2D 53 45 41 52 43 48 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A
FF FF FF FF FF FF 7C C3 A1 A4 B4 70 08 00 45 00 00 31 BF 94 00 00 40 11 35 FC C0 A8 01 DC C0 A8 01 FF E3 ED 7E 9C 00 1D A1 BF 4D 2D 53 45 41 52 43 48 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A
FF FF FF FF FF FF 7C C3 A1 A4 B4 70 08 00 45 00 00 31 2F DE 00 00 40 11 C5 B2 C0 A8 01 DC C0 A8 01 FF C5 16 7E 9E 00 1D C0 94 4D 2D 53 45 41 52 43 48 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A
0x06 prettypacket用法示例
打印一个UDP数据包 (-x UDP)的例子 : 五
0x07 hex2raw用法示例
:~# hex2raw
FF 40 6C 8F 1B CB 90 08 00 45 00 00 31 E4 36 00 00 40 11 11 4E C0 A8 01 E8 C0 A8 01 FF D3 C6 7E 9C 00 1D B1 DA 4D 2D 53 45 41 52 43 48 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A
FF FF FF FF FF FF 40 6C 8F 1B CB 90 08 00 45 00 00 31 A1 63 00 00 40 11 54 21 C0 A8 01 E8 C0 A8 01 FF FF 69 7E 9E 00 1D 86 35 4D 2D 53 45 41 52 43 48 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A
������@lE1�
!�������i~��5M-SEARCH * HTTP/1.1
0x08 packets.tcl用法示例
:~# packets.tcl 'ethernet(dst=ff:ff:ff:ff:ee:ee,src=aa:aa:ee:ff:ff:ff,type=0x0800)+ip(ihl=5,ver=4,tos=0xc0,totlen=58,id=62912,fragoff=0,mf=0,df=0,rf=0,ttl=64,proto=1,cksum=0xe500,saddr=192.168.1.7,daddr=192.168.1.6)+icmp(type=3,code=3,unused=0)+data(str=aaaa)+udp(sport=33169,dport=10,len=10,cksum=0x94d6)+data(str=aaaa)+arp(htype=ethernet,ptype=ip,hsize=6,psize=4,op=request,shard=00:11:22:33:44:55,sproto=192.168.1.1,thard=22:22:22:22:22:22,tproto=10.0.0.1)' > packet-out
原文来自:https://www.hackfun.org/kali-tools/hexinject_zh.html。转载请注明原出处,商用请联系原作者授权。