IRPAS/Itrace

From aldeid
Jump to: navigation, search

Description

Itrace is a program that implements traceroute functionality using ICMP echo request packets. Therefore, it looks like you are just pinging your target while you traceroute there. It often helps tracing behind firewalls.

Installation

Install irpas package (contains itrace):

$ sudo apt-get install irpas

Then optionally create a symbolic link to /pentest/ directory:

$ mkdir -p /pentest/enumeration/itrace/
$ ln -s /usr/sbin/itrace /pentest/enumeration/itrace/itrace

Usage

Basic syntax

$ itrace [-vn] [-pX] [-mX] [-tX] -i<dev> -d<destination>

Options

-v
verbose mode
-n
reverse lookup IPs
-pX
send X probes (default=3)
-mX
maximum TTL (default=30)
-tX
timeout X sec (default=3)
-i<dev>
use this device
-d<des>
trace to this destination

Example

Here is an example using the traceroute utility:

$ traceroute **************.fr
traceroute to ***********.fr (84.246.***.***), 30 hops max, 60 byte packets
 1  192.168.100.1 (192.168.100.1)  4.088 ms  4.191 ms  5.068 ms
 2  192.168.1.1 (192.168.1.1)  5.233 ms  5.333 ms  5.529 ms
 3  10.125.127.9 (10.125.127.9)  39.908 ms  40.238 ms  42.799 ms
 4  10.125.127.10 (10.125.127.10)  43.536 ms  44.749 ms  45.347 ms
 5  xe-5-1-0-0.ncidf201.Aubervilliers.francetelecom.net (193.253.81.122)  48.224 ms  48.209 ms  50.099 ms
 6  tengige0-2-0-4.ntaub201.Aubervilliers.francetelecom.net (81.253.129.78)  50.430 ms  41.653 ms  40.240 ms
 7  tengige0-3-0-1.ntpst101.Paris.francetelecom.net (193.252.161.242)  41.248 ms  43.044 ms  44.052 ms
 8  xe-5-1-0-0.nrlyo101.Lyon.francetelecom.net (193.251.126.157)  51.831 ms  51.980 ms  53.895 ms
 9  xe-6-0-2-0.nrlyo102.Lyon.francetelecom.net (193.252.101.202)  53.994 ms  57.736 ms  57.717 ms
10  xe-4-0-0-0.nclyo102.Lyon.francetelecom.net (193.252.103.253)  99.933 ms  99.921 ms  99.904 ms
11  193.252.227.18 (193.252.227.18)  99.890 ms  99.876 ms  99.824 ms
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

And the results provided by itrace:

$ sudo itrace -i wlan0 -d **************.fr
 1(1)   [192.168.100.1]
 2(1)   [192.168.1.1]
 3(1)   [10.125.127.9]
 4(1)   [10.125.127.10]
 5(1)   [193.253.81.122]
 6(1)   [81.253.129.78]
 7(1)   [193.252.161.242]
 8(1)   [193.251.126.157]
 9(1)   [193.252.160.186]
10(1)   [81.253.181.37]
11(1)   [193.252.227.18]
12(all) Timeout
13(all) Timeout
14(all) Timeout
15(all) Timeout
16(all) Timeout
17(all) Timeout
18(all) Timeout
19(all) Timeout
20(all) Timeout
21(all) Timeout
22(all) Timeout
23(all) Timeout
24(all) Timeout
25(all) Timeout
26(all) Timeout
27(all) Timeout
28(all) Timeout
29(all) Timeout
30(all) Timeout

Comments

Talk:IRPAS/Itrace