Scapy is a powerful packet manipulation tool, network scanner, packet generator, packet sniffer, etc. Scapy uses python interpreter as a command board. So you can perform any python operations to design your packets. You can install scapyt by typing the following in your terminal (Ubuntu).
#apt-get install python-scapy
Start Scapy by running the following in your terminal (you should be a root user), once your done with your installation.
#scapy -s mysession
Vital commands to begin with :
ls() – Lists supported protocol layers.
If a protocol layer is given as parameter, it lists the fields and types of fields associated with that particular protocol layer. Lets try, the Internet protocol layer.
#ls(IP)
And the result would be something like this…
lsc() – Lists some user commands. If a command is given as parameter, its documentation is displayed.
conf – This contains the configuration.
Fine, what are we waiting for? Lets go ahead and create our own packet. Lets create a TCP/IP packet.
>>> i=IP() #create IP packet >>> i.dst="192.168.1.10" #destination = 192.168.1.10 >>> i.src="192.168.1.3" #source = 192.168.1.3 >>> i.ttl=128 #time to live = 128 >>> i.show() #show the created packet ###[ IP ]### version= 4 ihl= None tos= 0x0 len= None id= 1 flags= frag= 0 ttl= 128 proto= ip chksum= None src= 192.168.1.3 dst= 192.168.1.10 \options\ >>> t=TCP() #create TCP packet >>> send(i/t) #send the packets, '/' is used as a separator
Now the packet is sent. But how do you confirm? Well, we know Wireshark! Go ahead and start your Wireshark, and resend the packet to actually capture your packet. Here is what I captured,
