scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is...

13
Scapy Bo Li

Transcript of scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is...

Page 1: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

ScapyBo Li

Page 2: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

What is Scapy• Scapy is a packet manipulation tool for computer

networks.

• forge or decode packets, send them on the wire, capture them, and match requests and replies

• Handle tasks

• scanning, tracerouting, probing, unit tests, attacks, and network discovery.

Page 3: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Introduction of Python

http://www.secdev.org/conf/scapy_csw05.pdf

http://www.secdev.org/conf/scapy_csw05.pdf
Page 4: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Introduction of Python

http://www.secdev.org/conf/scapy_csw05.pdf

http://www.secdev.org/conf/scapy_csw05.pdf
Page 5: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Recap of Last Class• server_address = ('localhost', 10001)

• sock.connect(server_address)

• try:

• …

• while True:

• data = sock.recv(4096)

• …

• finally:

• sock.close()

Page 6: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Scapy

Page 7: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Network Layer

Page 8: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Layers scapy works on"GET / HTTP/1.0\r\n\r\n"

/

TCP(dport=80)

IP(dst=“127.0.0.1”)

Ether()

/

/

Page 9: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Construct packet

• Combine different layers

• default: system default

• Example:

• a = Ether()/IP()/TCP()/“GET / HTTP/1.0\r\n\r\n"

Page 10: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Send and Receive• Send only

• send() — send package(s) at Network layer

• sendp() — send package(s) at Link layer

• Send & receive

• sr() — send and receive package(s) at Network layer

• sr1() — send and receive one package at Network layer

• srp() — send and receive package(s) at Link layer

Page 11: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Two ways of using Scapy

• Console

• sudo scapy

• With in Python script

• from scapy.all import *

Page 12: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Examples• Get DNS request

• a = sr1(IP(dst=“8.8.8.8")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.google.com")))

• TCP ping

• ans,unans=sr( IP(dst="192.168.1.*")/TCP(dport=80,flags="S") )

• ans.summary( lambda(s,r) : r.sprintf("%IP.src% is alive") )

• More on:

• http://www.secdev.org/projects/scapy/doc/usage.html#simple-one-liners

http://www.secdev.org/projects/scapy/doc/usage.html#simple-one-liners
http://www.secdev.org/projects/scapy/doc/usage.html#simple-one-liners
Page 13: scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Any Questions?


Network packet manipulation with Scapy

Network packet manipulation with Scapy

Network packet forgery with Scapy · Extending Scapy Scapy’s Main Concepts Python interpreter disguised as a Domain Specific Language Fast packet designing Default values that

Network packet forgery with Scapy · Extending Scapy Scapy’s Main Concepts Python interpreter disguised as a Domain Specific Language Fast packet designing Default values that

Scapy documentation (!) - julien.desfossez.free.frjulien.desfossez.free.fr/doc/scapydoc.pdf · 1 Introduction 1.1 About this document 1.2 What is Scapy Scapy is a Python program that

Scapy documentation (!) - julien.desfossez.free.frjulien.desfossez.free.fr/doc/scapydoc.pdf · 1 Introduction 1.1 About this document 1.2 What is Scapy Scapy is a Python program that

Packet generation and network based attacks with Scapy · Packet generation and network based attacks with Scapy Philippe BIONDI phil@secdev.org / philippe.biondi@eads.net Corporate

Packet generation and network based attacks with Scapy · Packet generation and network based attacks with Scapy Philippe BIONDI [email protected] / [email protected] Corporate

Scapy and IPv6 networking - SecDev.orgsecdev.org/conf/scapy-IPv6_HITB06.pdf · The Scapy Concept Scapy + IPv6 = Scapy6 Fun Security with Scapy6 Beware! IPv6 is coming, and it is not

Scapy and IPv6 networking - SecDev.orgsecdev.org/conf/scapy-IPv6_HITB06.pdf · The Scapy Concept Scapy + IPv6 = Scapy6 Fun Security with Scapy6 Beware! IPv6 is coming, and it is not

Scapy - Easy Packet Handling - toulibre.org · Pr´esentation de scapy D´emo Scapy Easy Packet Handling Etienne Maynier etienne.maynier@gmail.com Capitole du Libre 24 Novembre 2012

Scapy - Easy Packet Handling - toulibre.org · Pr´esentation de scapy D´emo Scapy Easy Packet Handling Etienne Maynier [email protected] Capitole du Libre 24 Novembre 2012

Packet generation and network based attacks with … Scapy Network discovery and attacks Packet generation and network based attacks with Scapy Philippe BIONDI phil@secdev.org / philippe.biondi@eads.net

Packet generation and network based attacks with … Scapy Network discovery and attacks Packet generation and network based attacks with Scapy Philippe BIONDI [email protected] / [email protected]

SCAPY - modio.se · 2015-05-12 PyCon Exploit: SCAPY rocks A (Python) framework for packet manipulation

SCAPY - modio.se · 2015-05-12 PyCon Exploit: SCAPY rocks A (Python) framework for packet manipulation

Scapy Documentation - Inno · Scapy Documentation, Release 2.0.1 Second, they usually confuse decoding and interpreting. Machines are good at decoding and can help human beings with

Scapy Documentation - Inno · Scapy Documentation, Release 2.0.1 Second, they usually confuse decoding and interpreting. Machines are good at decoding and can help human beings with

Network packet forgery with Scapy - · PDF fileProblematic Scapy Network discovery and attacks Network packet forgery with Scapy Philippe BIONDI phil(at)secdev.org / philippe.biondi(at)eads.net

Network packet forgery with Scapy - · PDF fileProblematic Scapy Network discovery and attacks Network packet forgery with Scapy Philippe BIONDI phil(at)secdev.org / philippe.biondi(at)eads.net

Network packet forgery with Scapy - PacSec · Philippe BIONDI Network packet forgery with Scapy 26/109. Problematic Scapy Network discovery and attacks Concepts Quick overview High-level

Network packet forgery with Scapy - PacSec · Philippe BIONDI Network packet forgery with Scapy 26/109. Problematic Scapy Network discovery and attacks Concepts Quick overview High-level

Scapy Documentation

Scapy Documentation

Outsmarting Bluetooth Smart - Mike Ryan · PDF file⇀ SOCK_RAW for Bluetooth ⇀ In Linux 3.13. ... Scapy-based fuzzer ⇀ Scapy rules ... ⇁ Kali: nope, 1.0.6 is still 3.12

Outsmarting Bluetooth Smart - Mike Ryan · PDF file⇀ SOCK_RAW for Bluetooth ⇀ In Linux 3.13. ... Scapy-based fuzzer ⇀ Scapy rules ... ⇁ Kali: nope, 1.0.6 is still 3.12

Scapy - site.iugaza.edu.pssite.iugaza.edu.ps/aabuharb/files/2020/03/lab1_part3.pdf · Scapy is a Python program that enables the user to send, sniff and dissect and forge network

Scapy - site.iugaza.edu.pssite.iugaza.edu.ps/aabuharb/files/2020/03/lab1_part3.pdf · Scapy is a Python program that enables the user to send, sniff and dissect and forge network

Hack x Crack Scapy

Hack x Crack Scapy

Network packet manipulation with Scapy - SecDev.orgsecdev.org/conf/scapy_Aachen.pdf · 2005. 9. 21. · Title: Network packet manipulation with Scapy Author: Philippe BIONDI Subject:

Network packet manipulation with Scapy - SecDev.orgsecdev.org/conf/scapy_Aachen.pdf · 2005. 9. 21. · Title: Network packet manipulation with Scapy Author: Philippe BIONDI Subject:

PASSIVE BLUETOOH MONITORING IN SCAPY · AGENDA • bluetooth essentials • fundamental projects • scapy-btbb project overview • demo

PASSIVE BLUETOOH MONITORING IN SCAPY · AGENDA • bluetooth essentials • fundamental projects • scapy-btbb project overview • demo

IPv6 Packet Creation With Scapy Documentation - … · CHAPTER ONE INTRODUCTION Welcome to “IPv6 Packet Creation With Scapy”. This guide provides a list of some of the most often

IPv6 Packet Creation With Scapy Documentation - … · CHAPTER ONE INTRODUCTION Welcome to “IPv6 Packet Creation With Scapy”. This guide provides a list of some of the most often

Scapy talk

Scapy talk

Network packet manipulation with Scapy -

Network packet manipulation with Scapy -