Python scapy - ghdrako/doc_snipets GitHub Wiki
- https://scapy.readthedocs.io/en/latest/introduction.html
- https://scapy.readthedocs.io/en/latest/api/scapy.html
- https://scapy.net/
- https://github.com/secdev/scapy
- https://wiki.sans.blue/Tools/pdfs/ScapyCheatSheet_v0.2.pdf
- https://github.com/secdev/scapy/blob/master/doc/notebooks/Scapy%20in%2015%20minutes.ipynb
- https://scapy.readthedocs.io/en/latest/
- https://www.youtube.com/playlist?list=PL9lx0DXCC4BMS7dB7vsrKI5wzFyVIk2Kg
Scapy
sudo ./run_scap
Create Frames(Packet) in Scapy
The / operator is used to bind layers together.
packet = IP()/TCP()
Ether()/packet
packet = Ether()/Raw("Hello world")
packet
packet.summary()
packet = Ether(dst='aa:aa:aa:aa:aa:aa')/Raw("Hello world")
packet.summary()
packet.Ether(dst)='bb:bb:bb:bb:bb:bb'
packet.show()
hexdump(packet)
wireshark(frame)
Send Frames in Scapy
sendp(packet)
List protocol fields
Protocol fields can be listed using the ls() function:
>>> ls(IP, verbose=True)
Scapy packets are objects with some useful methods, such as summary().
p = Ether()/IP(dst="www.secdev.org")/TCP()
p.summary()
#!/usr/bin/python3
import scapy.all as scapy
scapy.send(scapy.IP(dst=”172.16.8.83″) / scapy.ICMP(seq=1234))
Send message to server nc -l -p 12345
import socket
from scapy.all import StreamSocket, Raw
s = socket.socket()
s.connect(("127.0.0.1", 12345))
ss = StreamSocket(s, Raw)
ss.sr1(Raw("Hello World"))
#!/usr/bin/python
# -*- coding: utf-8 -*-
from scapy.all import *
#ustawienie metody na GET
get='GET/HTTP/1.0\n\n'
#ustawienie targetu
ip=IP(dst="www.google.com")
#source port wybierany losowo z podanej puli
port=RandNum(1024,65535)
#tworzenie pakietu SYN
SYN=ip/TCP(sport=port, dport=80,flags="S",seq=666)
#wysłanie SYN, otrzymanie SYN,ACK
SYNACK=sr1(SYN)
#tworzenie ACK z użyciem GET
ACK=ip/TCP(sport=SYNACK.dport, dport=80, flags="A", seq=SYNACK.ack, ack=SYNACK.seq+1)/get
#wysłanie requesta ACK-GET
reply,error=sr(ACK)
#wyświetlenie odpowiedzi
print reply.show()