Scapy: Art of Crafting and Manipulating Data Packets
Monday, October 05, 2015
By
Jitendra
scapy
2
comments
Hi there
After my post on Securing WordPress I am here again with a new topic called crafting and Manipulating data packets with Scapy.
It comes pre-installed in most linux distributions but you can also install it manually if it is not pre- installed.
1. Install python the version of python should be higher then 2.5.
2. Download and install Scapy
3.You have to run it with root privileges because some command may not work with simple privileges.
First Look that if python is installed or not use this command I am using Backbox OS here
backbox@backbox:~$ Python -V
Python 2.7.3
if it is not installed use this to install it
backbox@backbox:~$ sudo apt-get install python
Now after installing python you can run Scapy easily. So lets start packet crafting.
1. Run scapy with root privileges
backbox@backbox:~$ sudo scapy
It will show you response like in the image
2. For available Protocol support you can type command ls() and press enter it will show you all available protocols
3. To know more about a specific protocol just type ls(protocol) lets take example of ARP protocol shown in the image type ls(ARP) press enter it will show you the available commands of that protocol.
So after these lets start Crafting data packets. Now type this command to craft your first packet
>>> packet=IP(dst="xx.xx.xx.xx")/TCP(dport=80)/"Hello world"
and press enter it will . What does several components of this command means
IP=The type of packet you want to create I am creating and IP packet here.
dst= It contains IP address of destination where you want to send the packet.
/TCP= You are creating a TCP packet with default values of scapy
dport= Destination port
/"hello world": The payload of packet.
So after crafting the packet if you want to know the details of packet simply type ls(packet)
it will show you a response like this
here src= source IP
dst= destination IP
load=Payload
Now there are two more option for packet details
Just type packet OR type packet.summary
It will produce a result like this
So congratulation you successfully crafted a packet
Stay tuned for more
Thanks You
Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
After my post on Securing WordPress I am here again with a new topic called crafting and Manipulating data packets with Scapy.
What is Scapy and why it is used ?
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.).It comes pre-installed in most linux distributions but you can also install it manually if it is not pre- installed.
1. Install python the version of python should be higher then 2.5.
2. Download and install Scapy
3.You have to run it with root privileges because some command may not work with simple privileges.
First Look that if python is installed or not use this command I am using Backbox OS here
backbox@backbox:~$ Python -V
Python 2.7.3
if it is not installed use this to install it
backbox@backbox:~$ sudo apt-get install python
Now after installing python you can run Scapy easily. So lets start packet crafting.
1. Run scapy with root privileges
backbox@backbox:~$ sudo scapy
It will show you response like in the image
2. For available Protocol support you can type command ls() and press enter it will show you all available protocols
3. To know more about a specific protocol just type ls(protocol) lets take example of ARP protocol shown in the image type ls(ARP) press enter it will show you the available commands of that protocol.
>>> packet=IP(dst="xx.xx.xx.xx")/TCP(dport=80)/"Hello world"
and press enter it will . What does several components of this command means
IP=The type of packet you want to create I am creating and IP packet here.
dst= It contains IP address of destination where you want to send the packet.
/TCP= You are creating a TCP packet with default values of scapy
dport= Destination port
/"hello world": The payload of packet.
So after crafting the packet if you want to know the details of packet simply type ls(packet)
it will show you a response like this
here src= source IP
dst= destination IP
load=Payload
Now there are two more option for packet details
Just type packet OR type packet.summary
It will produce a result like this
So congratulation you successfully crafted a packet
Stay tuned for more
Thanks You
Jitendra K Singh
Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
How to send that packet ?
ReplyDeletehi thanks for your comment here as i denoted before
ReplyDeletei will be posted a next tutorial on today or tomorrow by how can you send and capture packets can really know that the packet has been sent.
stay tuned
thanks