Friday, March 9, 2012

Scapy

Scapy is an interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, etc.  Additional details can be found at http://www.secdev.org/projects/scapy/.  Below are some screen captures from Ubuntu version 10.04.  Scapy was not present by default, so it needed to be installed.

scapy_1

The command must be executed with root credentials.  Simply enter scapy, and the command prompt should appear.

scapy_2

The command ls() will display all of the various modules available.

scapy_3

To view options for a specific module such as TCP, enter the command ls(TCP).

scapy_4

Variables can be used to specify different values than the defaults.  The command ls() can be used to verify the value of the variable.

scapy_5

The commands below configure the destination port, source port, and payload variables.

scapy_6

The command send(i/t/p) will send the packet to the destination address with the variables, which is the loopback in this example.  The send command is at Layer 3; sendp is at Layer 2.

scapy_7

The tcpdump command can be used to verify the packet was sent.

scapy_8

Multiple ports can be used, as well as a range

scapy_9

The sr command can be used to send and receive data.

scapy_10

No comments:

Post a Comment