GNU/Linux Scapy

Publicado

GNU/Linux Scapy http://www.secdev.org/projects/scapy/ es un potente programa de manipulación de paquetes interactiva. Es capaz de forjar o decodificar paquetes de un gran número de protocolos, es una utilidad escrita en Python que nos servirá para crear y manipular paquetes, escanear, funciones de sniffer, creación de gráficas 2D / 3D / Pdf, passive OS fingerprinting, tracers gráficos. Además, podemos crear utilidades escritas en Python usando scapy. Posee funciones similares a ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, ARPSpoof, firewalk.
Todo mediante línea de comandos, es integrable en Python, programable, versátil y flexible. Obtendremos solo los datos que queramos y todo lo complejo que deseemos. 1. apt-get install scapy
dhcpcanon – DCHP IPv4 client anonymity profile implementation
dhcpig – DHCP exhaustion script using scapy network library
python-scapy – Packet generator/sniffer and network scanner/discovery
python3-scapy – Packet crafting/sniffing/manipulation/visualization security tool
Nos instalara scapy y scapy3
Ejecutamos facilmente: 1. scapy
>>>
Denegacion de servicio
>>> send(IP(src=RandIP(‘78.0.0.0/16’), dst=’(IP)’)/TCP, dport=(puerto), loop=1, verbose=1)
Sniffer
>>> sniff(filter=”host 172.18.20.79″) File “
SyntaxError: invalid character in identifier
>>> sniff(filter=“host 172.18.19.79”)
^C
>>> sniff(filter=“host 172.18.19.79”)
^C
>>> sniff(filter=“icmp”, count=2)
^C
>>> sniff(filter=“icmp”, count=0)
^C
>>> sniff(iface=“wlp1s0”, filter=“tcp and port 80”, count=2)

>>> sniff(iface=“wlp1s0”, filter=“tcp and port 80”, count=2, prn=lambda x: x.summary)

>>> sniff(iface=“wlp1s0”, filter=“tcp and port 80”, count=2, prn=lambda x: x.show())
###[ Ethernet ]### dst= 52:54:00:4c:bb:65 src= 94:53:30:c5:47:f3 type= IPv4
###[ IP ]### version= 4 ihl= 5 tos= 0×0 len= 52 id= 30831 flags= DF frag= 0 ttl= 64 proto= tcp chksum= 0xd3bd src= 172.18.19.79 dst= 23.78.22.232 \options\
###[ TCP ]### sport= 53380 dport= http seq= 383643197 ack= 2109256274 dataofs= 8 reserved= 0 flags= A window= 237 chksum= 0xeebd urgptr= 0 options= [(‘NOP’, None), (‘NOP’, None), (‘Timestamp’, (2485683609, 1832873335))]
###[ Ethernet ]### dst= 94:53:30:c5:47:f3 src= 52:54:00:4c:bb:65 type= IPv4
###[ IP ]### version= 4 ihl= 5 tos= 0×0 len= 52 id= 56596 flags= DF frag= 0 ttl= 64 proto= tcp chksum= 0×6f18 src= 23.78.22.232 dst= 172.18.19.79 \options\
###[ TCP ]### sport= http dport= 53380 seq= 2109256274 ack= 383643198 dataofs= 8 reserved= 0 flags= A window= 235 chksum= 0xaa10 urgptr= 0 options= [(‘NOP’, None), (‘NOP’, None), (‘Timestamp’, (1832875838, 2485673608))]
Existe la manera de tener nuestros propios script en python para realizar lineas de comando en scapy.

Autor