BACKTRACK 5 R3 : 0trace
BACKTRACK 5 R3 : 0trace
This post is going to introduce you to a "Identify Live Hosts" tool by
the name of 0trace that enables a user to perform hop enumeration
(“traceroute”) within an established TCP connection, such as a HTTP or
SMTP session. This is opposed to sending stray packets, as
traceroute-type tools usually do. The important benefit of using an
established connection and matching TCP packets to send a TTL-based
probe is that such traffic is happily allowed through by many stateful
firewalls and other defenses without further inspection (since it is
related to an entry in the connection table).
How to reach 0trace ?
The command syntax :
root@bt:/pentest/enumeration/0trace# ./0trace.sh eth0 (IP ADDRESS1)
and then you need to then open another terminal and connect using netcat as below
root@bt:~# nc (IP ADDRESS1) 80
Here in the example as shown vide screenshots,i have used a web site ip address for sample check....without opening the second terminal window...you will not get any progress on the first terminal....
How to reach 0trace ?
(Click to enlarge) |
(Click to enlarge) |
(Click to enlarge) |
root@bt:/pentest/enumeration/0trace# ./0trace.sh eth0 (IP ADDRESS1)
and then you need to then open another terminal and connect using netcat as below
root@bt:~# nc (IP ADDRESS1) 80
Here in the example as shown vide screenshots,i have used a web site ip address for sample check....without opening the second terminal window...you will not get any progress on the first terminal....
Comments