Friday, 1 March 2013

eroute v0.7

eroute v0.7

eroute is a simple arp scanner which can also do route checking through each host. It can quickly identify through the use of TCP, ICMP and other IP protocols (with mixed TTLs) hosts which are set to route packets and bridge networks. This small update adds in an options for trying all IP protocols (-allip) which in some assessments has been useful in identifying another method of egress.

route v0.7 - Edward Torkington
Usage:     -r <range>     -s <sourceIP>     -d <deviceindex>     -i <route check to destination ip/s for routing e.g.>     -I <route check to file containing destination ip/s e.g. alive-hosts.txt     -p <route check port numbers , seperated .e.g. 80,443>     -P <route check file containing port numbers, e.g. ports.txt>     -syn <send syn packets to each of the ip/ports>     -ping <send echo request to each of the ips>     -allip <try all IP protocols>     -ttl <send route check packets with normal TTL and with a TTL of 1>     -t <time delay between packets (default 10ms)>Examples:      Simple ARP                             -r 10.0.5-6.0-255      ARP from outside the range             -r -s      ARP with route checking                -r 10.0.5-6.0-255 -i -syn -p 80,443,3389      ARP with route checking (ttl 1)        -r 10.0.5-6.0-255 -i -syn -ttl -P c:\tools\wl\1-65535.txt      ARP with all route checks              -r 10.0.5-6.0-255 -i -syn -ping -ttl -P c:\tools\wl\1-65535.txt


  • Winpcap
  • .net Framework 2