martin carpenter

contents

most popular
2012/05/05, updated 2012/12/15
Ubuntu unity lens for vim
2010/04/14
ckwtmpx

forging ip packets with scapy

2012/09/16

tags: python scapy

github home http://github.com/mcarpenter/ipforge
repository URLs https://github.com/mcarpenter/ipforge.git
git://github.com/mcarpenter/ipforge.git

If you don't have python's scapy module in your toolbox then you should really add it. The API makes me wince slightly (two-letter method names, postfixed by integers (sr1, sr2)) but it provides some really powerful functionality over all layers of the network stack.

Sometimes I need to poke at the network with forged packets. I (finally) wrote ipforge.py to help me do that. telnet(1) works fine in the majority of cases for simple TCP connection testing... but otherwise it doesn't:

If you need to do more advanced packet forgery then of course scapy can help you do that too. Meanwhile you can hit ipforge from a shell script to do the simple stuff:

#!/bin/bash
while true ; do
  ipforge.py -f S -p tcp 192.168.1.66 192.168.1.51:666
  sleep 1
done

Or from native python:

#!/usr/bin/python
from ipforge import ipforge
from time import sleep
while True:
    ipforge(src='192.168.1.66', dst='192.168.1.51', dport=666, flags='S')
    sleep(1)