Ready to Start Your Career?

Scapy Project

ziednamouchi 's profile image

By: ziednamouchi

January 1, 2017

scapy What is scapy?Scapy is a python interpreter specialized in networking, it is a powerful interactive packet manipulation module.Scapy is able to replace many existant tools like: ettercap, nmap, ping, traceroute…Building only one packet with C programming language will take 60 lines of code; however, with scapy it takes only few lines.Scapy is a multi-usage tool:
  • Packet forger.
  • Scanner.
  • Sniffer.
  • Tester (active machines/services).
  • Fingerprinting.
  • Offensive tool.
Scapy advantages:
  • No complex syntax to remember.
  • High-level functions already implemented.
  • Multi-tasking.
  • Modularity.
  • Extensibility.
Strengths and weaknesses:
  1. Strengths:
    • Interactive language.
    • Simple packets forging and analyzing.
    • Bypass local firewall.
  2. Weaknesses:
    • Can’t handle a large number of packets simultaneously.
    • Partial support for certain complex protocols.
Scapy usage:
  1. Interactive:
    • $ sudo scapy
    • Welcome to Scapy (2.0.1-dev)
    • >>>
  2. Script
    • You should add this line of code in order to use scapy; From scapy import *
 Scapy commands:
  1. Basic commands:
    • Scapy supports almost about 150 protocols such as:
    • Ethernet, IPv4, IPv6, ARP, ICMP, IGMP, UDP, TCP, DNS, FTP, TFTP, RADIUS…

Ls (): list all available protocols and protocol options.

Lsc (): list all scapy command functions.

Conf: show/set scapy configuration

2. Constructing packets:

a.   Setting port fields:

ip = IP (src = “10.0.0.1”)ip.dest = “10.0.0.2”

b.   Combining layers:

Layer_3 = >>> IP()/TCP()<IP frag=0 proto=TCP |<TCP |>>

c.    Splitting layers:

Layer_3.getlayer (1) # TCP layer
Displaying Packets:
Packet_name.show ()# shows an entire packet.
Sniffing Packets:
Sniff (count = 0, store = 1, timeout = N)
Schedule Demo