Fijxu/Markdown-Notes
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
This repository has been archived on 2024-12-03. You can view files and clone it, but cannot push or open issues or pull requests.
Markdown-Notes/Networking/UDP Ping.md

107 lines
5.2 KiB
Markdown
Raw Normal View History

1
2022-12-03 03:16:12 -03:00
# How to ping via UDP
UDP protocol is different from TCP, there is no SYN, SYN ACK and RST (3-Way Handshake), so it is difficult to get a response from a UDP server without sending valid data to the server.
## How to find data to send
You can use `netcat` / `nc` with the `-u` argument to make a UDP connection to the server
```bash
nc -u <IP> <port>
```
Once netcat is connected to the server, you can use "Wireshark" to capture network traffic.
You will need to set the `ip.addr == <IP> && udp` filters in order to exclude other unnecessary packets and then start capturing the traffic.
(Remember that you have to replace `<IP>` with the server IP)
![[wiresharkFilter.png]]]
Then you can start typing numbers or anything else inside NetCat to check if the server responds to the data sent, in my case, I sent a `1` to the server and it responds with a `.` (which in hexadecimal is `0e` and in ASCII is `SO`)
![[Pasted image 20220114185921.png]]
Now that we have data to send, we will use one of these 2 tools, one called `nping` or `hping3`, these two are used to generate custom packets.
### nping
Using nping is quite simple, and in order to do a UDP ping, you have to type this in the console:
```bash
nping --udp --data-string "1" -p <port> <IP>
```
(If you need information about what each command does, type `nping --help` or read the manuals with `man nping`)
With this command, a `1` will be sent to the server every second, thus being possible to estimate the latency between client and server
![[Pasted image 20220114202442.png]]
### hping3 (Recommended)
Like nping, hping3 also serves to execute pings, but this one has more useful options and gives more information about the latency, you don't have to wait for the command to finish to see the latency like nping.
First of all, you have to create a file with the data you want to send, if you know that the server responds to `1`, you create a file with a `1` inside using this command:
```bash
echo "1" > data
```
Then we use this hping command to send pings to the server
```bash
hping3 -2 -d 1 -E data -p <port> <IP>
```
(The `-d` argument is dynamic and has to be changed depending on the length of the data.)
![[Pasted image 20220114204056.png]]
And that's it, so we can get the latency between client and server through a UDP port.
## Common problems
### What to do in case the server is not responding
Sometimes, there are servers that do not deliver any response when sending random data, for that we need the software that interacts with the server (the client).
In this case I will take as an example the CS:GO community servers.
We start Wireshark and set the `ip.addr == <IP> && udp` filters, replacing `<IP>` with the IP of the community server and start capturing traffic.
Now hit Refresh to get a response from the server
![[Pasted image 20220214220004.png]]]
Now we go back to Wireshark and see if the server gives us a response.
![[Pasted image 20220214221154.png]]
As we can see, what we need to send in order to get a response is `....TSource Engine Query` but we must be careful, because the `.... ` may not be correct and will not work when pinging, this is because most of the packets send Hexadeciamal characters, so what we have to do to get the correct data, is to click on the first packet sent by us (where the Source is the local IP), go to the bottom, expand the Data section, **Right click > Copy > ...as Printable Text** and we will have copied the data.
![[Pasted image 20220214233215.png]]
In my case I get `ÿÿÿÿTSource Engine Query`, and as you can see, the `....` was changed to `ÿÿÿÿ`, which is the correct data to be able to send a ping.
This data can be copied to a file for use with `hping3` or directly copied in quotes with in the `--data-string` argument of `nping`.
(If this doesn't work, see bellow)
### I have used the explanations above and still get no response.
Sometimes, using the **Copy > ...as Printable Text** option may not work if we copy it to a text file (for `hping3`) or using it with `--data-string` of `nping` , in that case, the thing to do, is to copy the Value. Then instead of going to **Copy > ...as Printable Text**, you select **Value**, so we get the data in Hexadecimal
```hex
ffffffff54536f7572636520456e67696e6520517565727900
```
is the same as
```text
ÿÿÿÿÿTSource Engine Query
```
Already having the value in Hexadecimal, we can use it directly from `nping` with the argument `--data "<value>"` instead of using `--data-string`.
Ex:
```shell
nping --udp --data "ffffffffff54536f7572636520456e67696e652051756565727900" -p <port> <IP>
```
With `hping3` it is a bit more complicated since in hping3 there is no equivalent to `--data` like nping, if you need to send custom data, you need to write it to a file first. So how do I write Hexadecimal directly to a file?
That can be done using this command:
```shell
echo '<data>' | xxd -r -p > <filename>
```
(You will need to have the `vim` or `xxd-standalone` package installed from AUR in case you are using an Arch Linux based distro) (If you are using other distro other than Arch Linux, just install the `vim` package)
Replace `<data>` with the Hexadecimal value and `<filename>` with the name you want and you will have a file with the data needed to use it with `hping3`.
Reference in a new issue Copy permalink