Hello friends, In our hacking class that was help on Sunday, we have discussed several things like how to find an IP address( that i already explained in detail), the other term that we discussed is Ping Sweep. Today i will share what is ping sweep and how it helps in reconnaissance or simply information gathering phase. We will cover all topics that were discussed in CME hacking class in detail everyday. So keep reading..
What is Ping Sweep?
First of all you should know what is ping, Ping is basically a system's network based utility which is used to identify that host is alive or dead or technically you can call it as echo reply. By alive i mean that host( computer, system, network, website etc..) is active and by dead means host is in shutdown mode.
Note: Anything can be a host like website, computer system, printer, network or any device.
Now what is Ping Sweep, basically ping sweep is basically a information gathering technique which is used to identify live hosts by pinging them. Let's understand it more technically, Ping Sweep is also called Ping scan or ICMP sweep (Internet Control message protocol) or 2 way handshake protocol. It is two way handshake protocol because one host sends data(packets) and other host validates the data and return the acknowledgement (basically packets) that ping is successful or not.
Ping Sweep can be used for several purposes:
1. Normal Ping Sweep
Once we have the IP address of the host we can ping that IP address and check whether host is alive or not. Once the packets are received correctly then it confirms that host is alive and we can proceed our attack further on the host (or Victim).
For normal Ping sweep there are lot of tools available, some are fping, gping, Nmap or you can directly do this using looping shell script on both windows and linux platforms.
Below how its done on windows:
Go to START ---> RUN ---> CMD ----> then type PING 127.0.0.1 (IP address of host).
Below is snapshot of PING:
|Sample of Successful ping Sweep|
2. Flood Pinging :
Its a kind of denial of service attack, it occurs when you flood a lot of pings to a website or simply a host. This results in that normal or legitimate user will not be able to access that website because every host (website or victim network) has certain maximum capacity limit when flooding of pings cross that limit, it jams the network and host stops responding. This is done by making automated scripts or you can directly do this using flood pinging software's like server attack etc. Flood pinging is sometimes also called ping of death as it make the host behaves like a dead host which does not respond to anything.
Note: This will work only if attackers bandwidth is more than host. But doing this in groups can do the trick.
Normally what happens, only few website owners opts for unlimited bandwidth plans as they are too costly. So they opt for plans like 10Gb bandwidth etc. Now if you do this from your 2 or 4 Mbps connections its vain. But when you do this in group means now suppose you and your group has 20 members. Now if you launch the same attack from 20 computers having 2 Mbps connection means 40 mbps at a time. But now you are thinking bandwidth is 10Gb and we only reached 40mbps, here the trick, hackers creates multiple connections around 1000 from one PC and 20 means 20000 connections at a time. What this will result, it will slowdown websites database and other functionality and website will stop responding.
For doing this on victim( means an IP address of PC), what you need is just a connection faster than him, if you don't have do that in group.
Flood Pinging is highly helpful in Session Hijacking, that i will explain laterzzz so keep reading and keep learning, as learning is the only key to become a elite.
I hope you all liked this post, if you have any queries ask me in form of comments..