Scapy is an interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, etc. Additional details can be found at http://www.secdev.org/projects/scapy/. Below are some screen captures from Ubuntu version 10.04. Scapy was not present by default, so it needed to be installed.
The command must be executed with root credentials. Simply enter scapy, and the command prompt should appear.
The command ls() will display all of the various modules available.
To view options for a specific module such as TCP, enter the command ls(TCP).
Variables can be used to specify different values than the defaults. The command ls() can be used to verify the value of the variable.
The commands below configure the destination port, source port, and payload variables.
The command send(i/t/p) will send the packet to the destination address with the variables, which is the loopback in this example. The send command is at Layer 3; sendp is at Layer 2.
The tcpdump command can be used to verify the packet was sent.
Multiple ports can be used, as well as a range
The sr command can be used to send and receive data.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.