Posts Tagged ‘scapy’

Scapy is a powerful packet manipulation tool, network scanner, packet generator, packet sniffer, etc. Scapy uses python interpreter as a command board. So you can perform any python operations to design your packets. You can install scapyt by typing the following in your terminal (Ubuntu).

#apt-get install python-scapy

Start Scapy by running the following in your terminal (you should be a root user), once your done with your installation.

#scapy -s mysession

Screenshot from 2013-09-27 01:51:15

Vital commands to begin with :

ls() – Lists supported protocol layers.

Screenshot from 2013-09-27 02:09:26

If a protocol layer is given as parameter, it lists the fields and types of fields associated with that particular protocol layer. Lets try, the Internet protocol layer.
#ls(IP)
And the result would be something like this…

Screenshot from 2013-09-27 02:12:35

lsc() – Lists some user commands. If a command is given as parameter, its documentation is displayed.

Screenshot from 2013-09-27 02:10:27

conf – This contains the configuration.

Screenshot from 2013-09-27 02:14:30

Fine, what are we waiting for? Lets go ahead and create our own packet. Lets create a TCP/IP packet.

>>> i=IP() #create IP packet
>>> i.dst="192.168.1.10" #destination = 192.168.1.10
>>> i.src="192.168.1.3" #source = 192.168.1.3
>>> i.ttl=128 #time to live = 128
>>> i.show() #show the created packet
###[ IP ]###
version= 4
ihl= None
tos= 0x0
len= None
id= 1
flags=
frag= 0
ttl= 128
proto= ip
chksum= None
src= 192.168.1.3
dst= 192.168.1.10
\options\
>>> t=TCP() #create TCP packet
>>> send(i/t) #send the packets, '/' is used as a separator

Screenshot from 2013-09-27 02:05:26

Now the packet is sent. But how do you confirm? Well, we know Wireshark! Go ahead and start your Wireshark, and resend the packet to actually capture your packet. Here is what I captured,

Screenshot from 2013-09-27 02:07:16

Advertisements