Scapy study notes (1)

Reprinted please specify: Xiao Wu Yi


Scapy is an interactive data a function Python to write powerful packet processing procedures, can be used to send, sniffing, analytical and forgery of network data packet, is often used in network attack and test. It can be

Instead of hping, arpspoof.ARP SK, arping, p0f, and is part of the nmap, Tcpdump and tshark.

A, scapy installation

1,Download

From the download release version, here I download is(executable zip)

2,Installation

The LINUX platform:

Download the compressed files to extract, to extract the directory, and then run setup. The specific steps are as follows:

$CD scapy-2.X (unzipped directory)

$sudo python setup.py install

The windows platform:

In the case of python2.6, installation, need to install the following database:

(1)Scapy,The latest version, after decompression, run the “ ” “ Python setup.py install” installation

(2)pywin32:pywin32-214.win32-py2.6.exe

(3)winpcap:WinPcap_4_1_1.exe

(4)pypcap: pcap-1.1-scapy-20090720.win32-py2.6.exe

(5)libdnet: dnet-1.12.win32-py2.6.exe

(6)pyreadline: pyreadline-1.5-win32-setup.exe

The download address.:

3,Upgrade

If you always want to get the latest version, scapy Mercurial Library:

(1)Install Mercurial

$ sudo apt-get installl mercurial

(2)Detection of scapy

$ hg clone

(3)Install Scapy

$ cd scapy

$ sudo python setup.py install

The encounter, you can always upgrade to the latest version:

$ hg pull

$ hg update

$ sudo python setup.py install

Two, operation

1,Start

$ sudo scapy

Or

After running Python import scapy

But take note:

>>> from scapy import conf

Will make mistakes, you want to use

>>> from scapy.all import conf

By using 2 simple

To generate four IP package, the /30 subnet mask. The following:

Python 2.7.3 (default, Apr 10 2013, 05:09:49)

[GCC 4.7.2] on linux2

Type "help", "copyright", "credits" or "license" for more information.

>>> from scapy.all import *

WARNING: No route found for IPv6 destination :: (no default route?)

>>> IP()

<IP  |>

>>> target="www.baidu.com"

>>> target="www.baidu.com/30"

>>> ip=IP(dst=target)

>>> ip

<IP  dst=Net('www.baidu.com/30') |>

>>> [p for p in ip]

[<IP  dst=61.135.169.104 |>, <IP  dst=61.135.169.105 |>, <IP  dst=61.135.169.106 |>, <IP  dst=61.135.169.107 |>]

>>>

Posted by Terry at November 25, 2013 - 11:25 AM