0trace.py

LSE toolsLSE tools0trace.py (499)0trace.py (499)

Tool and Usage

Project details

Programming language
Python
Author
Jon Oberheide
Latest release
20070125 []

Project health

56
This score is calculated by different factors, like project age, last release date, etc.

Introduction

This security tool enables the user to perform hop enumeration (similar to traceroute). Instead of sending actual packets, it uses an established TCP connection.

Why this tool?

0trace is a small Python-based script to perform reconnaissance. It provides traceroute-like functionality. Additional data can be gathered about the network and its devices using this method.

How it works

The benefit of using an established connection is staying off the radar of a firewall. This technique works due to the session already being establed. By using the existing connection and send TTL-based probes, no suspicion will be raised.

Background information

0trace.py is a remake by Jon Oberheide of the original 0trace tool by Michal Zalewski.

The development of this tool looks to be stalled or stopped.

Usage and audience

0trace.py is commonly used for bypassing firewall rules, bypassing security measures, or reconnaissance. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

[+] Waiting for traffic from target on eth0...
[+] Traffic acquired, waiting for a gap...
[+] Target acquired: 192.168.0.10:54403 -> 66.135.192.87:80 (3736223256/873025975)
[+] Setting up a sniffer...
[+] Sending probes...

TRACE RESULTS
-------------
1 192.168.0.1
3 68.87.187.29
4 68.87.190.161
5 68.87.190.157
6 68.87.190.153
7 68.87.190.149
8 68.87.190.145
9 68.87.190.141
10 68.87.191.145
11 12.116.11.101
12 12.123.139.150
13 12.122.10.134
14 12.123.4.249
15 192.205.33.158
16 144.232.20.20
17 144.232.26.109
18 144.232.20.161
19 144.232.15.142
20 144.232.20.141
21 144.232.20.113
22 144.232.0.250
23 144.228.110.122
24 66.135.207.186
Target reached.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + Project is mature (10+ years)

Weaknesses

  • - Unknown project license

Author and Maintainers

0trace.py is under development by Jon Oberheide.

Installation

Supported operating systems

0trace.py is known to work on Linux.

Dependencies

Several dependencies are required to use 0trace.py.

  • dnet
  • dpkt
  • pypcap

0trace.py alternatives

Similar tools to 0trace.py:

56

FireAway

FireAway is a security tool to test the security of a firewall by trying to bypass its rules. It will use different methods to hide data or avoid detection by the firewall itself. This tool can be used for both defensive as offensive security.

60

opensvp

Opensvp is a security tool to test firewall software. It uses protocol level attacks to determine if the firewall is vulnerable to a type of attack.

60

Chiron

Chiron is a security assessment framework for IPv6 testing. It can be used during penetration testing or analysis of network devices. Read how it works in this review.

All 0trace.py alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a firewall testing tool and network reconnaissance tools.