Introduction To Scapy Network Packet Generator – POFTUT

Introduction To Scapy Network Packet Generator

by

Scapy is a tool for network protocol, package generation and manipulation and showing them in a visual way with graphics and 3D images. There are tools equivalent like hping3 but scapy is very flexible against it. Scapy can manipulate all data of general protocols like IP, Ethernet, tcp, udp etc. If you have a network protocol scenerio you can implement it with scapy and python scripting. I advise to read it as a whole but I may be very long for simple usage. Here I will give you quick dirty usage of scapy.

Install Scapy

Ubuntu, Debian, Mint, Kali

$ sudo apt install scapy -y
Ubuntu, Debian, Mint, Kali
Ubuntu, Debian, Mint, Kali

Fedora, CentOS, RedHat

$ sudo yum info scapy

Start Scapy Interactive Shell

Now we can run scapy shell or use it in our python scripts. For simplicity we run shell. Be aware that Scapy will access network stack of OS and need root privileges. So we run it with sudo. At info we get a message saying we have not GnuPlot but we will not use it.

$ sudo scapy
Start Scapy Interactive Shell
Start Scapy Interactive Shell

Create IP Packet

There a lot of network protocol class and objects in scapy lets look IP by setting some options. We changed default value IP to IP.

>>> IP(version="6") <IP version='6' |>

Create TCP Packet

Now add some tcp on ip. As you see network protocols delimited with / .

>>> IP()/TCP() <IP frag=0 proto=tcp |<TCP |>>

Set Application Layer Data

We can assign the new packet to a variable

>>> a=IP()/TCP()/"GET / HTTP/1.0\r\n\r\n" >>> a <IP frag=0 proto=tcp |<TCP |<Raw load='GET / HTTP/1.0\r\n\r\n' |>>>

Print Packet

Reading packet is very easy with string and hexdump formats

>>> str(a)

We can send packets with L2 or L3 . Below we send then L3 by looking routing table. sendp is used to send L2.

>>> z=(IP(dst="ismailbaydan.com/32")) 
>>> send(z)

Receive Packet

Sending packet is not enough for practical usage to send and receive packets sr and sr1 function should be used. sr1 function is used only for 1 packet reply. _ is used for last reply where it is a tupple made of answered and unanswered packets. We get answer from ismailbaydan.com as it shown below.

>>> sr(IP(dst="ismailbaydan.com/32")/TCP(dport=[80])) Begin emission: .......................Finished to send 1 packets. ........................................................................................................................................................................................................................................................................................................................................* Received 352 packets, got 1 answers, remaining 0 packets (<Results: TCP:1 UDP:0 ICMP:0 Other:0>, <Unanswered: TCP:0 UDP:0 ICMP:0 Other:0>) >>> ans,unans=_ >>> ans.summary() IP / TCP 192.168.122.25:ftp_data > 192.254.233.205:http S ==> IP / TCP 192.254.233.205:http > 192.168.122.25:ftp_data SA / Padding >>> unans.summary()

 

LEARN MORE  How To Give Su Rigth To User In FreeBSD?

Introduction To Scapy Network Packet Generator Infographic

Introduction To Scapy Network Packet Generator Infographic
Introduction To Scapy Network Packet Generator Infographic

 

Leave a Comment