Ethical Hacking: Learn Penetration Testing, Cybersecurity with Advanced Ethical Hacking Techniques and Methods by Grant Joe

Author:Grant, Joe [Grant, Joe]
Language: eng
Format: epub, azw3, pdf
Published: 2020-08-16T16:00:00+00:00

Traceroute

Traceroute employs the ICMP ping command to figure out how many network devices lie between the computer system initiating the trace and the target system. The traceroute command functions by manipulating the Time To Live value of a network packet, also known as TTL. TTL indicates the number of times the same network packet can be broadcasted again by the next host on the network before the packet expires. The command assigns an initial TTL value of 1 to the packet indicating that the packet can be broadcasted only by one more device between the initiating system and the target system. The receiving device will then send back an ICMP type 11 code 0 packet indicating time exceeded, and that the packet has been logged. The sender then increases the TTL of the packet by one and sends the next set of packets. The packets reach the next hop on the network as per their time to live. As a result of this, the receiving router sends another reply indicating time exceeded. This process continues until the packets reach the target, and all hops on the route have been logged. It leads to printing a list of devices that exist between the initiating system and the target system. This command can help a penetration tester to understand the kind of devices that are present on the network. The default TTL of Windows-based devices is 128, Linux-based devices are 64, and Cisco networking devices is 255.

The command for traceroute on Windows-based systems is tracert. On Linux-based systems, it is simply traceroute. A tracert command on the Windows system would give the following output. Let us take an example of a traceroute to google.com

tracert www.google.com

Tracing route to www.google.com [74.125.227.179]

Over a maximum of 30 hops:

1 1 ms<1 ms 1 ms 192.168.1.1

2 7 ms 6 ms 6 ms 10.10.1.2

3 7 ms 8 ms 7 ms 10.10.1.45

4 9 ms 8 ms 8 ms 10.10.25.45

5 9 ms 10 ms 9 ms 10.10.85.99

6 11 ms 51 ms 10 ms 10.10.64.2

7 11 ms 10 ms 10 ms 10.10.5.88

8 11 ms 10 ms 11 ms 216.239.46.248

9 12 ms 12 ms 12 ms 72.14.236.98

10 18 ms 18 ms 18 ms 66.249.95.231

11 25 ms 24 ms 24 ms 216.239.48.4

12 48 ms 46 ms 46 ms 72.14.237.213

13 50 ms 50 ms 50 ms 72.14.237.214

14 48 ms 48 ms 48 ms 64.233.174.137

15 47 ms 47 ms 46 ms dfw06s32-in-f19.1e100.net [74.125.227.179]

Trace complete.

There are several tools on Kali Linux that use the TCP, UDP, and ICMP protocols to scan target networks. The result of a successful scan will give you information like network hostnames, IP addresses, operating systems, and services operated on the network. A few scanning tools can also discover vulnerabilities and user details. The details gathered in the scanning stage can be used in the exploitation stage to attack specific targets.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.