0

I am new to scapy and i want to do some sort of ip spoofing with it. with this code : 

from scapy.all import *

A = "192.168.1.104" # spoofed source IP address
B = "192.168.1.107" # destination IP address
C = RandShort() # source port
D = 80 # destination port
payload = "yada yada yada" # packet payload

spoofed_packet = IP(src=A, dst=B) / TCP(sport=C, dport=D) / payload
send(spoofed_packet)

my wireshark shows that a packet with this src and this dst generated, but the wireshark in the destination doesnt show this packet(which means it didnt get the packet)

can anyone help me ?

ps: my destination is a centos on virtual box

  • I am not an expert on `scapy`, but trying to achieve something like this with `TCP` would be a challenge. For TCP would need a proper connection establishment, which likely is not happening in your case. First try with UDP, so that the packet will at-least get delivered. Is Server running there on the destination at all? try `netstat -ln -tcp` on that server. – gabhijit Feb 02 '19 at 08:31
  • @gabhijit yes my server is up and running. i made a udp packet spoofed_packet = IP(src=A, dst=B) / UDP(sport=C, dport=D) / payload, and i faced with a QUIC header in wireshark! –  Feb 02 '19 at 08:43
  • It probably showed a `QUIC` header because you are using port 80 with `UDP.`. I don't think one can trivially send a `TCP` packet like this. You will have to establish a proper `TCP` three way handshake look at [this question](https://stackoverflow.com/questions/26480854/3-way-handshake-in-scapy) – gabhijit Feb 02 '19 at 08:49

0 Answers0