Just burned his ISO
Quick Tutorial on Scapy
Brief Tutorial on Scapy
First, a brief introduction is in order for this powerful security tool. Scapy is an interactive packet manipulator program. It is able to create and decode packets of a wide number of protocols, send them over the wire, and capture them. It is able to perform ARP cache poisoning, be used as a supplement to nmap, and also replace a number of other commonly used security programs (such as arping, ethernal and perhaps even p0f). This short post will attempt to provide you with some supplemental information on Scapy by using the GRE Sniffing Article as an example. Lets take a look at four common commands used in scapy:
lsc() - List basic user commands
ls() - List available packages
send() - Send packets at layer 2
sendp() - Send packets at layer 3
Again, using the GRE Sniffing Article as an example, lets capture an snmpset packet used to customize certain administrative settings on a Cisco router. Once you have your packet you can assign it to a variable like so:
The argument given to the rdpcap function is the name of the packet that you captured via Wireshark or whatever other program you wish to use, however it should be in pcap format.
To do a hexdump of your packet you can do:
To be able to display your packet in each respective OSI layer you do:
To display the individual layer you can also do:
To start striping off layers of your packet to other variables for easier
customization you can do:
You can change any of the fields in the packet by typing:
and then hitting tab for all your options. For example, you can change the source port like so:
If you do a udp.display() you'll notice that it holds not only the UDP packet but also the concents of our SNMP packet.
Now lets try sending the packet
Since the variable "udp" holds our UDP packet we can simply attach it to the end of our IP statement.
This short tutorial barely scratches the surface on how powerful scapy is. I encourage you to check out all the different options for scapy and to also take a look at the scapy toolset, which allows you to create custom packet generating programs.
This is my very first tutorial so any type of feedback is definitely welcome and wanted.
thats quite useful, as I am in the introductory stages of teaching myself python. thanks! nice job
thanks for sharing this... im always fascinated with the art of packet crafting... if its not too much to ask, can you possibly set up a simple test environment and give me a nother tutorial
Just burned his ISO
Absolutely, I’m happy to see the positive responses