Your SlideShare is downloading. ×
Scapy
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Scapy

367

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
367
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SCAPY packetlife.net Basic Commands Specifying Addresses and Valuesls() # Explicit IP address (use quotation marks)List all available protocols and protocol options >>> IP(dst="192.0.2.1")lsc()List all available scapy command functions # DNS name to be resolved at time of transmissionconf >>> IP(dst="example.com")Show/set scapy configuration parameters # IP network (results in a packet template) Constructing Packets >>> IP(dst="192.0.2.0/24")# Setting protocol fields # Random addresses with RandIP() and RandMAC()>>> ip=IP(src="10.0.0.1") >>> IP(dst=RandIP())>>> ip.dst="10.0.0.2" >>> Ether(dst=RandMAC())# Combining layers # Set a range of numbers to be used (template)>>> l3=IP()/TCP() >>> IP(ttl=(1,30))>>> l2=Ether()/l3 # Random numbers with RandInt() and RandLong()# Splitting layers apart >>> IP(id=RandInt())>>> l2.getlayer(1)<IP frag=0 proto=tcp |<TCP |>> Sending Packets>>> l2.getlayer(2)<TCP |> send(pkt, inter=0, loop=0, count=1, iface=N) Send one or more packets at layer three Displaying Packets sendp(pkt, inter=0, loop=0, count=1, iface=N) Send one or more packets at layer two# Show an entire packet>>> (Ether()/IPv6()).show() sendpfast(pkt, pps=N, mbps=N, loop=0, iface=N) Send packets much faster at layer two using tcpreplay###[ Ethernet ]### dst= ff:ff:ff:ff:ff:ff >>> send(IP(dst="192.0.2.1")/UDP(dport=53)) src= 00:00:00:00:00:00 . type= 0x86dd Sent 1 packets.###[ IPv6 ]### >>> sendp(Ether()/IP(dst="192.0.2.1")/UDP(dport=53)) version= 6 . tc= 0 Sent 1 packets. fl= 0 plen= None Sending and Receiving Packets nh= No Next Header hlim= 64 sr(pkt, filter=N, iface=N), srp(…) src= ::1 Send packets and receive replies dst= ::1 sr1(pkt, inter=0, loop=0, count=1, iface=N), srp1(…) Send packets and return only the first reply# Show field types with default values srloop(pkt, timeout=N, count=N), srploop(…)>>> ls(UDP()) Send packets in a loop and print each replysport : ShortEnumField = 1025 (53)dport : ShortEnumField = 53 (53) >>> srloop(IP(dst="packetlife.net")/ICMP(), count=3)len : ShortField = None (None) RECV 1: IP / ICMP 174.143.213.184 > 192.168.1.140chksum : XShortField = None (None) RECV 1: IP / ICMP 174.143.213.184 > 192.168.1.140 RECV 1: IP / ICMP 174.143.213.184 > 192.168.1.140 Fuzzing Sniffing Packets# Randomize fields where applicable>>> fuzz(ICMP()).show() sniff(count=0, store=1, timeout=N) Record packets off the wire; returns a list of packets when stopped###[ ICMP ]### type= <RandByte> # Capture up to 100 packets (or stop with ctrl-c) code= 227 >>> pkts=sniff(count=100, iface="eth0") chksum= None >>> pkts unused= <RandInt> <Sniffed: TCP:92 UDP:7 ICMP:1 Other:0>by Jeremy Stretch v1.0

×