Wednesday, 6 June 2018

Easy Way to Generate Packets using Scapy

SCAPY STEPS:
1. Now, capture a packet on the port where we want to send our packet from and store it into filename.pcap. Send the file to your desktop using scp
#bash
$tcpdump -i et1_4 -w /mnt/flash/originalpacket.pcap
2. Now, open wireshark and select a packet and go to File > Export selected packet > Give a modifiedpacket.pcap
3. Copy the modifiedpacket.pcap to the switch from where we want to send the packet.
3. In switch (from which we want to send the packet), go to bash and install scapy on the switch from where we want to send
#bash
        $sudo wget scapy.zip
2. Now, run scapy by typing $sudo scapy //now we will get >>>Welcome to scapy
3. If we want to send the packet directly, use
 >>>sendp(rdpcap(“/mnt/flash/modifiedpacket.pcap”),iface=”et1_4”) //this sends the packet on interface et ¼.
Note: The above command can be used to send even many packets. It will send those packets one by one on the given interface. So, essentially, we couldv’e also used
>>>sendp(rdpcap(“/mnt/flash/originalpacket.pcap”),iface=”et1_4”)
(OR)
If we want to modify any fields:
>>>somename=rdpcap(“/mnt/flash/modifiedpacket.pcap”)
>>>somename \\show all the packets in the pcap file
>>>somename[0] \\we choose only the first packet. If we press enter, we will see all the layers in that packet
>>>somename[0][STP] \\we will filter in that packet for only the STP protocol
>>>somename[0][STP].portid = 12345\\we see which fields are there and use that name and then give the value we want. Here, for eg, we want to change the portid field and give it a value of 0X809a
>>>sendp(somename[0],iface=”et1_2”) //sends the selected packet (here, packet 0) on the interface et ½ . We will get a message saying that it has been sent

No comments:

Post a Comment