Scapy is an incredible tool when it comes to playing with the network. As it is written on its official website, Scapy can replace a majority of network tools such as nmap, hping and tcpdump. However, you might encounter some issues when using the sniff function inside a thread.In this blog post, I review the different common issues about sniffing the network inside a thread with Scapy and suggest a solution to solve them.
One of the features offered by Scapy is to sniff the network packets passing through a computer’s NIC. Below is a small example:
This little sniffer displays the source and the destination of all packets having an IP layer:
class="highlight">$ sudo python3 sniff_main_thread.py[*] Start sniffing...[!] New Packet: 10.137.2.30 -> 10.137.2.1[!] New Packet: 10.137.2.30 -> 10.137.2.1[!] New Packet: 10.137.2.1 -> 10.137.2.30[!] New Packet: 10.137.2.1 -> 10.137.2.30[!] New Packet: 10.137.2.30 -> 216.58.198.68[!] New Packet: 216.58.198.68 -> 10.137.2.30[!] New Packet: 10.137.2.30 -> 216.58.198.68[!] New Packet: 10.137.2.30 -> 216.58.198.68[!] New Packet: 216.58.198.68 -> 10.137.2.30[!] New Packet: 216.58.198.68 -> 10.137.2.30[!] New Packet: 10.137.2.30 -> 216.58.198.68[!] New Packet: 10.137.2.30 -> 216.58.198.68[!] New Packet: 216.58.198.68 -> 10.137.2.30[!] New Packet: 10.137.2.30 -> 216.58.198.68^C[*] Stop sniffing
CTRL+C