Stack Overflow
Stack Overflow

Questions tagged [scapy]

Scapy is a network packet manipulation tool for use with Python.

What is Scapy?

Scapy is a network packet manipulation program for use with Python. It is able to:

  • forge or decode packets of a wide number of protocols
  • send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery. (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.)

What makes scapy different from most other networking tools?

  • You can build whatever packets you want, stack ARP on top of 802.11, use double 802.1q encapsulation or send an ICMP packet with padding, and send them over the wire.

  • Scapy does not interpret answers: unlike most tools, it won't say “this port is open” instead of “I received a SYN-ACK”. You are free to interpret the packets as you want

  • It reports everything: you see the padding, the reserved fields... Nothing is dismissed

Useful links:

2198 questions
0
votes
1 answer

Netfilterqueue, Scapy set_payload

I am trying to alter the payload of a packet using NetfilterQueue and Python3 however, I get the error: AttributeError: 'netfilterqueue.Packet' object has no attribute 'set_payload' Below is the code I am using. How can I rectify the error? import…
Spartacus98
  • 82
  • 1
  • 9
0
votes
0 answers

WARNING: Mac address to reach destination not found when send ipv6 packet

when try to send an ipv6 packet i get WARNING: Mac address to reach destination not found. Using broadcast. Finished sending 1 packets when i send a packet to specific destination using ipv6 as following: syn = IPv6(dst=destination,src=source) /…
nadeem
  • 215
  • 2
  • 10
0
votes
1 answer

Values ​assigned in the Scapy parameters

How can I find out what number is assigned to a specific value in any parameter in the IP Protocol or any other Protocol? If I set a value: a=IP(proto=73) I get: version= 4 ihl= None tos= 0x0 len= None id= 1 flags= frag= 0 ttl= 64 **proto=…
Alex Rebell
  • 465
  • 3
  • 15
0
votes
1 answer

Is it possible to read a pcap file from byte string with scapy?

I want to download a pcap from site.com/pcap.pcap, and determine if it has DNS records, using scapy. However, I don't want to ever write the file to disk. so something like import…
Info5ek
  • 1,227
  • 4
  • 17
  • 25
0
votes
1 answer

How do I remove headers to get only the encrypted portion

pcap = rdpcap(".pcap file") for pkt in pcap: if Raw in pkt: f=pkt[Raw] print f The above code gives the output as shown below: HTTP/1.1 200 OK Cache-Control: private, max-age=0 Content-Type: text/html; charset=utf-8 P3P:…
Mark
  • 3
  • 2
0
votes
1 answer

TCP fields with SCAPY

i'm trying to extract some information from networking connections using SCAPY. I need to extract some fields from TCP packet header, in fact Receiver Windows Field (WIN), Retransmission Time Out field (RTO), Max Segment field (MSS) and the Options…
user3663896
  • 9
  • 1
  • 3
0
votes
1 answer

Scapy - Function 'sr1()' doesn't Return Response-Packet

Hello guys I have a problem with Scapy in Python 3 on Windows 10. I tried to send a Ping (ICMP) request to my default-gateway. This is the packet command: p = IP(dst='10.0.0.138')/ICMP(type='echo-request')/Raw('Hello') But after I write r =…
SomeOne
  • 11
  • 3
0
votes
1 answer

reading Pcap and writing it to csv file python

I'm reading a pcap file and trying to write it to a csv file with necessary data. I used Scapy to read Pcap and could successfully fetch the package data, Now i'm trying to write to a csv file but endingup only with one data. Below is my code. pkts…
Darshan Mahalinge Gowda
  • 174
  • 7
0
votes
0 answers

Reading pcap files and fetch dport number with specific ip address

I'm new to Python. I'm reading pcap file using scapy, i want to fetch dport number by specifying particular ip addresses, I have something like below from scapy.all import * pkts = rdpcap('example.pcap') for pkt in pkts: if IP in pkt: …
Darshan Mahalinge Gowda
  • 174
  • 7
0
votes
1 answer

can't import http scapy

so when i'm trying to import http for scapy in a python code like this from scapy.layers.http import * it returns this error ModuleNotFoundError: No module named 'scapy.layers.http' but in the scapy terminal it works perfecty fine, i tried to look…
Rebel
  • 23
  • 6
0
votes
0 answers

why does my script stops outputing after n times?

I wrote a simple program to listen for packets over networks and output the information that I need to a default dict so I can examine the info later ,now when i run that script everything goes as I intentionally wanted , the cap_pkts function…
Sec Team
  • 47
  • 8
0
votes
1 answer

Strange sytax error with nested keyword parameters

I am currently trying to code some sort of QoS box by utilizing MITM via ARP poisioning. Now I ran into a syntax error I can not seem to resolve: File "/home/pi/qosmitm/networker.py", line…
GutZuFusss
  • 138
  • 1
  • 2
  • 15
0
votes
1 answer

sendpfast scapy to send spoofed udp

Using the sendpfast function, how can I send UDP Packets from a randomized source? I need to do this for network simulation experimentation purposes. I have a code like this where I set source IP and port: IP1 = Ether() /…
user963241
  • 6,758
  • 19
  • 65
  • 93
0
votes
0 answers

How to specify correct version of a python module

I have a container with two versions of scapy python modules installed. One 2.2.0-dev installed from sources by this project that I install. It comes with 2.2.0-dev bundled with it. I'm trying to figure out if skipping its installation would break…
padfoot
  • 811
  • 7
  • 16
0
votes
1 answer

Scapy TCP Handshake

Idea I'm trying to establish a 3-way TCP Handshake with Scapy Problem I see the SYN-ACK package in Wireshark but sr1 does never terminate and no package seems to be received. Code I have a simple setup to test a TCP handshake with…
Znerual
  • 173
  • 1
  • 10
1 2 3
99
100