Introduction to Scapy
HTML-код
- Опубликовано: 19 июл 2016
- This is a demonstration of Scapy for python using an Ubuntu VM
Note:
In the sniff example, I stated that I must have "messed up" the filter parameter. Upon review of the video, I noticed that I did not mess it up. What I did not notice is that the sniffer immediately filled, and I mistook that for it not working. So the parameter "filter="port 80"" should work for you at home who are following along.
![Jordan Adetunji - KEHLANI REMIX (feat. Kehlani) [Official Video]](http://i.ytimg.com/vi/EeJ8n5PxFGE/mqdefault.jpg)
Just found your channel, you should keep going!! It helps a lot and not a lot of people do what you’re doing. You’ll get huge!
Excellent introductory overview of Scapy, good job! :)
Notes...
ICMP - sr1(IP(dst="www.google.com")/ICMP())
TCP - sr1(IP(dst="www.google.com")/TCP(dport=80))
sr(IP(dst="www.google.com")/TCP(dport=[20,21,23,80,443]),timeout=1)
timeout = time to wait after the last packet has been sent
retry = if packet is unanswered the amount of times to retry
inter = time to wait inbetween two packets (if limited rate of answers receivable)
DNS - sr1(IP(dst="Your Local Router Here")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.google.com")))
rd = Recursion Desired
qd = Query Domain
DNSQR = DNS Query Record
qname = name of what you wish to query
ARP - Pinging arping("10.0.0.*")
nifty tool that can be used to discover clients on the network
TRACEROUTE - traceroute(["www.google.com"], maxttl=20)
scapy's traceroute does not use ICMP. It uses TCP (different from standard traceroute)
scapy's traceroute sends all the packets at one time and does not wait for individual responses to come, thus the importance of maxttl
Sniffing - Sniff() will read all interfaces and scan all ports
parameters
iface="eth0" specify interface
filter="icmp" only collect icmp protocol
Thanks for this tutorial! Scapy seems less daunting now.
Just found your channel .. Please continue.
ilove this scapy video, you should keep going!!!
Superb job mate..I really appreciate if you can share the power point presentation and your notes.
Great video. Thank you for posting.
Good job man! better than any script kiddies tuts on youtube
Good job!
Interesting Explanation
Nice tutorial, Thanks
Continue my friend 👍
Wow! That was great!!
Loved the video
Good job, could you post the cheat sheet that you get on the screen for your presentation?
the filter is lfilter :-) really good video
Thank you so much
nice tutorial. you should do more!
n yc pick a topic you're interested in.
Loved the video , thank you. can you suggest me a way to craft traffic generation
thank you bro
I have a question. So in my house, I have my Centralized Air Conditioner connected our Wi-Fi. There is an app I have on my phone that allows me to control the temperature. Now my question is, is it possible for me to send a crafted packet to my Centralized AC, to control it? How would I go about experimenting with this...Thanks
Hello, this maybe is a bit late, but you basically have two possibilities. 1st one, reverse engineer the app that allows you to control your air conditioner, and find the piece of code that sends the network packets, look at how it looks like, then craft a similar one. 2nd option, sniff the packets coming from your phone with wireshark or tcpdump or something, control your air conditioner with the app, and analyze the packet you just sniffed. You have several tutorials of people doing this online
Could you craft a packet that for example, that would change something in online game?
Great work Kurtis! Can you share the notepad file that was containing the example commands?
Ahmed Shalaby I will share it later tonight.
Ahmed Shalaby, I am very sorry... I do not have access to the file any longer. I suppose I deleted it after the tutorial. I encourage you to pause the video and copy it yourself as it should only take a few minutes to get it down.
I appreciate your praise and hope you will check out any future videos I may do.
Never mind Kurtis, I'll write it as you said, I really appreciate your concern. Thank you
Doing packet = sr1(IP(dst="")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.google.com")))
gives 0 unanswered packets
= 10.0.0.2
and packet.summary() returns an error, why??
good work , thank you , can you help me about manipulating the time between servals packets to send ?
Hey, I am glad you liked the video. It has been a while since I have worked with scappy, can you please clarify what it is you are trying to do and I will help you to the best of my ability.
Kurtis Schlienger thank you ,I want to create covert timing channel to detect it, covert timing channel are created by manipulate the time between packets to send to transmit a message, can you help me please to create it.
I get following error if to try launch scapy:
sergey@sergey-VirtualBox:~$ sudo scapy
sudo: scapy: command not found
what I'm doing wrong?
hello i am assuming you did not install scapy ... If in case you have not installed scapy you can just check their github out github.com/secdev/scapy/ just check the read me ..... or easier way "sudo apt-get install scapy "
A little late on my part, but great video
i tried the arp ping on my network yet i got no response
i yped in arping("192.168.0.*") and got no responses is there a reason for this? is it a problem with my machine or wireless card?
Try doing a standard ping from your terminal. Additionally do "arp /a" and let me know if the arp table comes up empty.
I assume that you're using virtualbox's machine. You need to change your network adapter in the settings.
I forgot to change from NAT to Bridged adapter and, thus, had the same problem as you.
try it with arping("192.168.0.0/24")
i was facing same problem but this way it work
for anyone reading this that faces the same problem, me from 3 years ago was using a NAT as suggested by Dopamine, I switched to bridged so that my machine could see others on the same network without being behind a NAT, fixed the problem
what exactly do i type in interactive scapy session
What OS are you using?
how to make HTTP request header and check response if server HTTP or not
nice video
can I have your note..?
24:15 By reaching amazon com you're not reaching the port 80 of your computer, but the one of amazon server :)
port 443
Can i reach you out somehow ? any social media accounts
Can you upload mitm2.py script?
No Mr. Script Kiddie. But, I wanna know what wallpaper you are using. Is it something like anonymous..green screen, hoodie? We are legion. we do not forget..we do not forgive..expect us? lmao
ubuntu
Please use 1 comment and chain your comments, it is hard to follow if you open a new chain for every response.
In Ubuntu Terminal type "ifconfig" and tell me the "inet" address of each of the interfaces that come up
enp0s3 - 10.0.2.15
i have tried running arping("10.0.2.*") earlier and it still shows an empty list
arping("10.*.*.*") - that is 10 dot star dot star dot star. IDK but RUclips is short handing it.
Warning: This might take a while, as there are a TON of addresses in this network range.
PS: This was a very basic, and low level question that could have been easily solved with very basic knowledge of networking. If the concepts in this video are confusing to you, then I suggest maybe taking a quick step backwards learning a bit about common network commands/protocols then re watching this video. Best of luck, and keep at it!
If this is taking too long, you can try "10.0.2.*". but this will limit your results to anything with a 10.0.2 prefix in their address
Thank you for all the mac addresses I can use for spoofing. LOL. JK.
Video quality is unclear
You're welcome :)