0xcafed00d / tracetcp Goto Github PK

View Code? Open in Web Editor NEW

217.0 18.0 60.0 122 KB

tracetcp. Traceroute utility that uses tcp syn packets to trace network routes.

Home Page: http://simulatedsimian.github.io/tracetcp.html

License: zlib License

C++ 54.31% C 45.69%

tracetcp's Introduction

Welcome to tracetcp.

Full documentation available here: http://simulatedsimian.github.io/tracetcp.html

tracetcp is a command line traceroute utility for WIN32 that uses TCP SYN packets rather than ICMP/UDP packets that the usual implementations use, thus bypassing gateways that block traditional traceroute packets.

In addition to providing the functionality of the standard traceroute utility tracetcp allows a trace to be performed over any TCP port. This allows the discovery of what ports a filewall blocks and also the presence of any transparent proxies that have been put in place.

System Requirements

You MUST install the winpcap library (http://www.winpcap.org) for this version to work. tracetcp has been tested with version 3.* and 4.* of this library.

Previous versions of tracetcp used raw sockets but Microsoft took out support for Raw TCP sockets in XP SP2, and as tracetcp uses this feature it caused it to stop working.

There is an article about this here that may be of interest: http://seclists.org/lists/nmap-hackers/2005/Apr-Jun/0000.html

In order to allow the program to function with XP sp2 it now uses the winpcap library to send and receive packets. The downside of using this is that the program will not function over dial-up connections.

tracetcp has been tested on on Windows XP, Vista & 7. You must be logged on to the System as a user that has administrator rights to use tracetcp.

Installation

You MUST install the winpcap library (http://www.winpcap.org) first. Just copy tracetcp.exe into a directory that is in you system PATH.

Usage

From the command prompt:

tracetcp host [options]
    where host = hostName|ipAddress[:portNumber|serviceName]
    if portNumber or serviceName is not present then port 80 (http) 
    is assumed.

Options:
    -?            Displays help information.

    -c            Select condensed output mode

    -h start_hop  Starts trace at hop specified.

    -m max_hops   Maximum number of hops to reach target.

    -n            No reverse DNS lookups for each node.

    -p num_pings  # of pings per hop (default 3).

    -r p1 p2      Multiple traces from port p1 to p2.

    -t timeout    Wait timeout milliseconds for each reply.

    -v            Displays version information.

    -s p1 p2      Easy port scan mode. gives the same result as
                  setting the following options:
                  -cnr p1 p2 -h 128 -m 1 -p 1

    -F            Disables the Anti-flood timer. Normally tracetcp
                  waits *at least* 0.5 seconds between sending out 
                  each packet, because if the packets are sent too 
                  fast some host seem to detect this as some form of 
                  flood and stop responding for a time. This option 
                  disables the 0.5 second timer, so the traces occur
                  faster.

    -R            Use raw socket interface to send/receive packets
                  this will not work on XP sp2. 
                  (you still need winpcap installed)

    -g address    use the specified host as a a gateway to remote
                  systems rather than the default gateway.


Examples:
    tracetcp www.microsoft.com:80 -m 60
    tracetcp post.sponge.com:smtp
    tracetcp 192.168.0.1 -n -t 500

Revision History

version 1.0.3 24-11-2016

Add support for HSRP routers (fix provided by Dresco)

version 1.0.2 07-01-2016

if destination reached but port is closed, this maybe due to some hosts not allowing connections with ttl = 0. Resend ping with large ttl to see if its really closed.

version 1.0.1 05-01-2016

make a generated SYN packet look as much like a SYN from chrome on windows as packets with no options were being dropped by some hosts

version 1.0.0 23-06-2014

Upgraded solution to Visual Studio 2013
Moved Repo to GitHub

version 0.99.4 beta 23-05-2005

fixed problem with in-accurate hop timing.

version 0.99.3 beta 21-05-2005

added winpcap support to bypass Microsofts removal of raw tcp sockets in xp sp2.
added -g option to override the default gateway
added -R option to revert to using raw sockets

version 0.99.2 beta 23-04-2004

Added -s option for "Easy port scan"
Added abitity to combine options on the command line e.g -cnr 10 30 instead of -c -n - r 10 30
Updated readme.txt with more info about software firewalls.
Fixed bug in anti-flood timeout code.
Added -F option to disable the anti-flood timer.
complete ip header construction - not leaving any fields for winsock to fill in now.

version 0.99.1 beta 25-08-2003

Added start hop option (-h) and changed help to -?
Added port range option -r to allow port scanning
Separated Tracing code and results display so that different display formats can be supported.
Added Condensed output mode (-c)
Added pings per hop option (-p)
Fixed a few Problems with the way packets were built
Visual Studio project files now included in source archive

version 0.99 beta 19-08-2003

First release on sourceforge.

version 0.90beta 21-07-2003

Internal test version.

tracetcp's People

Contributors

Stargazers

Watchers

Forkers

locallotus shaolinint limkokholefork legacyone bygreencn dresco jackbro ming-hai sgeto nanbo99 vickyma xdan genuinex cybort adamhj lamr14 hatakepham simulatedsimian zzzz123321 oasisindesert p0nley lvanlaw chicleracha peaceanddemocracy oflenake briang61uk jiankui2018 471944 dennis-00 hx-technology-llc jiankui2022 cxxxfu layfolk007 netcapture raot1995 satria-fextha alanflorance jenhaoyang farokhfarah crk1918 gogcwy a-krisnadi ylx122

tracetcp's Issues

hardware filter to promiscuous mode

I have installed the latest wincap library and attempted to use tracetcp and I get the following message
which I believe may be related to my wireless connection.

failed to set hardware filter to promiscuous mode

I was using the tracetcp as part of a batch file which allows me to simply input a couple of digits to instruct the program as to what server and port I wish to test. The program returns that error msg.

If I try to execute tracetcp.exe all I get is a micro second view of what may be a cmd prompt screen and it is instantly closed and i receive no msg.

In researching the issue I found that those that are using wireshark which also uses wincap have had the same error.

MY OS is WIN XP sp3 and I am using Netgear WPN 311 wireless pci adapter w/ latest netgear driver installed.

Is there a resolution to this problem?

thanks

ehg

Winpcap NDIS6

I tried using this with Windows 10 with the newer NDIS6 http://www.win10pcap.org/ driver and it did not work, can you confirm that this works?
Thanks

NodeJS library for tracetcp

Hello!

I am curious if there's already an implemented NodeJS wrapper for this service?

Cheers!

tracetcp fails, won't even get past first hop

We have a vendor trying to use this utility and while a regular traceroute works, tracetcp doesn't over any port that I've tried. I can traceroute to 66.55.43.151 which is the site he's trying to tracetcp to, and can ping but can't use your utility to get there. All I get are timeouts, so it's not even getting past the first hop. This is on a Cisco-based network; are there any router functions that have to be turned off for your tool to work? I've exhausted every option that I can think of. There's no ACL blocking it, nothing of that sort that I can tell.

Thanks in advance!

stops after ICMP redirect

tracetcp, alas, ends after it receives an icmp redirect. (tracert and tcptracroute follow that redirect and give results).

I know I can work around that using -g, but that leaves me with the task of finding out where the hell the redirection went to.

So this would be the feature request:

follow icmp redirects
if not possible, give more info about target of redirect

Best regards, m.

"Error retrieving the MAC address of the adapter" on windows 10

Hi,

I'm using Windows 10. Any attempt to use tracetcp is returning the "Error retrieving the MAC address of the adapter" error.

For the record here's a log

C:\WINDOWS\system32> tracetcp www.google.com
Error retrieving the MAC address of the adapter

WinPcap is installed.

Thanks!

PacketInterface::sendPacket Failed: Interface not opened

currently on wifi tethered from an android phone, any idea why I get this:

C:>tracetcp www.microsoft.com:80 -m 60

Tracing route to 173.223.139.99 [a173-223-139-99.deploy.static.akamaitechnologie
s.com] on port 80
Over a maximum of 60 hops.
1 PacketInterface::sendPacket Failed: Interface not opened

TCP base SYN packet problem

Hi it seems some sites like this:
tracetcp 46.19.169.70
are not replying to the TCP SYN that tracetcp sends out even with TTL 255 but the browser can connect fine. I have been able to track the problem to the TCP header length being 20 bytes which it would seem the site is filtering and dropping them.

If possible and I have tested this end can you make the TCP base SYN packet that tracetcp sends out with a header length of 24 bytes by including:
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1460
with 00 00 padding

Thanks

Doesn't understand IPv6 addresses

It'd be nice if this could trace using IPv6 as well as IPv4.

Doesn't close connection cleanly

When tracetcp connects to the target destination it appears to finish after the destination sends a SYN, ACK back without actually closing the connection properly.

Wouldn't it be better to close the connection cleanly with an RST or even and ACK and FIN when done?
As it stands the destination tries sending back a couple of extra SYN,ACKS when it gets no reply.

Windows 10 support?

I ran this on Windows 10(from both Powersheel and command prompt). But the output is showing the trace as never completing and every hope is timing out.

I know I have connectivity though as a telnet to the relevant TCP port connects and tracert/ping also return.

Is it just me or is the utility not working for Windows 10?

I have Wireshark 2.0.4 which I think comes with WinPCAP 4.1.3

Tracing routes from windows 2012r2 times out on all hops

I have tried numerous variation of performing a trace route with the utility and it yields the same results of requests timed out. I even turned the TTL up to 40 seconds? a windows 8.1 pc on the same network different subnet has the expected results. any thoughts or suggestions?

PS C:> .\tracetcp.exe dc0XX:389 -t 40000

Tracing route to 172.x.x.x [x.x.x.x.x.x] on port 389
Over a maximum of 30 hops.
1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.