Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 54 lines (47 sloc) 2.795 kB
7257579 @antirez Git repository created from hping3-clockskew-0.tar.gz
authored
1 WARNING: Also try `grep FIXME *.c'
2
3 HPING3 TODO.
4
5 HPING2 bugs will no longer be handled, the hping2 code inside hping3
6 is just a compatibility layer that will be dropped once the command
7 line interface will be reimplemented as an hping script itself.
8
9 DONE - split/rapd for IGRP (me)
10 DONE - add more flags and broadcast address to 'hping iflist'. (me)
11 DONE - ARS's apd and rapd support for IP and TCP options (me)
12
13 - TUN/TAP support -- virtual interface creation, with Tcl channels
14 - in 'hping recv' a timeout of zero or -1 should be specified using
15 keyword like 'dontblock' and 'forever', like a number of packets
16 equal to zero should be specified using the 'all' keyword.
17 - compression primitives 'hping zip', 'hping unzip'.
18 - recv should support -nobadsum and -notrunc to don't receive packets
19 containing layers with the bad checksum or truncated flags set.
20 - 'hping recvraw' should support a -split option to return the raw data
21 splitted in layers in a flat TCL list where elements are:
22 {layer0name binary0 layer1name binary1 ...}
23 - Ability to specify the outgoing interface regardless of the
24 destination IP address. (Should be impossible without datalink access)
25 - 'hping setif ?-promisc? ?-broadcast? ifname'
26 - 'hping build ?-nocompile? packet' APD->binary
27 - 'hping describe packet' binary->APD
28 - IPv6 support in ARS (some still-non-working patch received)
29 - The hping standard library. that's the real development area
30 to make the scripting capabilities useful. The library should
31 contain a reasonable number of functions to make it more handy,
32 and a number of standard exploits should be rewritten in hping
33 as examples. Also support for fragmentation, TCP reassembly,
34 and so on will be useful.
35 - A short way to invoke scripts in 'path' (/usr/local/lib/hping/*.htcl),
36 something like: "hping script.htcl". Hping may sense it's an .htlc
37 file and not a strange-locking domain name ;) and perform a lookup
38 in the standard library of scripts (~/.hping/*.htcl for example).
39 - Convert all the raw-socket stuff (used in output) to datalink.
40 - Implement a scanner, with random nmap and hping features, and also:
41 FIN scan follwed by a SYN scan, this can be useful
42 since many admins limit the incoming SYN packets, so the
43 SYN or connect() scan is too slow, while the FIN scan
44 show filtered ports as open. We can do a FIN scan, then scan
45 the ports that appears to be open with SYN. Should
46 be both fast and accurate.
47
48 TODO (about TCL scripting, but for future releases)
49
50 - 'hping iflist' should include the link header length (or -1 if it's unknown)
51 - 'hping recv' and 'recvraw' should have a -layer2 option to return the whole
52 level 2 frame. The same for 'hping send' and 'hping sendraw'.
53 - 'hping guesslhs' should run the ipv4 header detection and return the lhs
Something went wrong with that request. Please try again.