Stack Overflow
Stack Overflow

Questions tagged [scapy]

Scapy is a network packet manipulation tool for use with Python.

What is Scapy?

Scapy is a network packet manipulation program for use with Python. It is able to:

  • forge or decode packets of a wide number of protocols
  • send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery. (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.)

What makes scapy different from most other networking tools?

  • You can build whatever packets you want, stack ARP on top of 802.11, use double 802.1q encapsulation or send an ICMP packet with padding, and send them over the wire.

  • Scapy does not interpret answers: unlike most tools, it won't say “this port is open” instead of “I received a SYN-ACK”. You are free to interpret the packets as you want

  • It reports everything: you see the padding, the reserved fields... Nothing is dismissed

Useful links:

2198 questions
12
votes
1 answer

FileNotFoundError: [Errno 2] No such file or directory: b'liblibc.a'

import scapy.all as scapy def scan(ip): scapy.arping(ip) scan("192.168.196.0") Above error when using scapy for arping python version 3.9.1
Viketan Revankar
  • 121
  • 1
  • 1
  • 3
12
votes
3 answers

PyCharm: Unresolved reference with Scapy

I am working on a network tool that I write in python using scapy. As IDE I am using Pycharm. My Code works. So if I run it, everything works just as intended. My problem is that PyCharm is giving me some errors. It marks every use of IP, TCP,…
NIoSaT
  • 423
  • 6
  • 22
12
votes
6 answers

How to pickle a scapy packet?

I need to pickle a scapy packet. Most of the time this works, but sometimes the pickler complains about a function object. As a rule of thumb: ARP packets pickle fine. Some UDP packets are problematic.
Helmut Grohne
  • 6,578
  • 2
  • 31
  • 67
12
votes
1 answer

Filter options for sniff function in scapy

I'm working on a scapy based tool where at a point I need to sniff a packet based on protocol and the ip address of the destination I'd like to know about the ways in which filter option in sniff() function can be used. I tried using format in…
Venkat Ramana
  • 508
  • 1
  • 6
  • 16
12
votes
8 answers

How can I filter a pcap file by specific protocol using python?

I have some pcap files and I want to filter by protocol, i.e., if I want to filter by HTTP protocol, anything but HTTP packets will remain in the pcap file. There is a tool called openDPI, and it's perfect for what I need, but there is no wrapper…
coelhudo
  • 4,710
  • 7
  • 38
  • 57
12
votes
2 answers

How to verify if a packet in Scapy has a TCP layer

I want to know how can I verify that a packet I received from the sr1() function in Scapy contains a TCP layer, in order to do some treatment on the TCP flags.
farfalla
  • 173
  • 1
  • 1
  • 10
12
votes
3 answers

Scapy how get ping time?

I'm trying to write a scapy script which can make an average on the ping time, so I need to get the time elapsed between ICMP echo/reply packet sent and reply packet received. For now, I have this: #! /usr/bin/env python from scapy.all import * from…
user1789326
  • 141
  • 1
  • 3
  • 8
11
votes
3 answers

Scapy and Python 3.2

Will Scapy be compatible with Python 3.2? I've been trying to find some info on how it performs, since the Scapy website has rather scarce (if any) info on Python 3.X compatibility, and I didn't come up with anything informative. Has anyone tried…
kyooryu
  • 1,469
  • 3
  • 23
  • 48
11
votes
2 answers

Parsing PPPoE Tags with Scapy

I am trying to correctly dissect PPPoE Discovery packets with Scapy. Here's how Scapy displays example PADI packet: >>> p =…
thor
  • 2,204
  • 3
  • 20
  • 23
11
votes
2 answers

Reading PCAP file with scapy

I have about 10GB pcap data with IPv6 traffic to analyze infos stored in IPv6 header and other extension header. To do this I decided to use Scapy framework. I tried rdpcap function , but for such big files it is not recommended. It tries to load…
Krystian
  • 405
  • 2
  • 4
  • 14
11
votes
8 answers

Python scapy import error

If I include following line in my python source file from scapy.all import * I get this error from scapy.all import * ImportError: No module named all Which is true in Console and IDLE, but not eclipse. I am very much confused why this is…
rda3mon
  • 1,709
  • 4
  • 25
  • 37
11
votes
2 answers

Python Scapy sniff without root

I'm wondering if there is any possibility to run Scapy's 'sniff(...)' without root priveleges. It is used in an application, where certain packages are captured. But I don't want to run the whole application with root permissions or change anything…
Martin
  • 594
  • 1
  • 8
  • 32
11
votes
1 answer

Man in the middle attack with scapy

I'm trying to do a man in the middle attack with scapy on a test network. My setup is like this: Now that you get the idea, here's the code: from scapy.all import * import multiprocessing import time class MITM: packets=[] def…
prongs
  • 9,422
  • 21
  • 67
  • 105
10
votes
2 answers

Scapy: get/set frequency or channel of a packet

I have been trying to capture WIFI packets with Linux and see the frequency/channel at which packet was captured. I tried Wireshark and there was no luck and no help. Though using a sample packets from Wireshark, I can see the frequency/channel. So…
Aven Desta
  • 2,114
  • 12
  • 27
10
votes
0 answers

Why doesn't the AP show up? Why is my MAC not anonymous?

In this example is the code to create an Answering Machine for Proberequests. The result is that the AP is showing up on a device. The following is my code. I had to change some things up to get it working. import sys import os import time from…
Yoshi
  • 141
  • 2
  • 16
1 2
3
99 100