Today I’m writing about the very famous tool Python Scapy. You must be wondering how is this related to my internship project. Well, the translations that I have provided for particular matches and targets of iptables require some testing and verification. I’m using Scapy for carrying that out.
Because Scapy is powerful and interactive, provides various protocols and can easily handle scanning, tracerouting, probing, etc. It can forge and decode different types of packets, match requests and replies which is exactly what I needed for carrying out tests on my translations.
Scapy is an amazing tool and it can be used for carrying out many different tasks like ARP Cache poisoning, ARPing, exploit etherleak flaw, send packets at different layers and much more. I haven’t tried all of these functionalities and my work on Scapy at present is limited to forging the packets with particular attributes. I’m using Scapy 2.2.0
How to use Scapy?
Simple. Download and install Scapy and do
$ sudo scapy
That’s it. You have now successfully launched Scapy.
Now, in order to see the list of available protocols, type
In order too see the list of available commands, type
Forging first packet with Scapy
Suppose we wish to create a TCP packet with TTL 20 then, all we have to do is the following:
You can also enter the protocol in string format, that is,
Now, if you wish to see if the packet has been created with correct attributes, you can do the following:
Note that all the fields of a packet remain set to their default values unless changed.
So, this is how you can forge a packet with Scapy.
I’m also learning to use it and I’m using it for testing my translations, you can try it out for fun. It looks really captivating.
Thanks for reading.