martin carpenter

contents

contact
blog
2022/01/31
determining password dump origin using n-grams
2015/07/01
escape from ansible
2015/06/24
solaris elfsign vulnerability
2014/10/22
metasploiting nrpe
2014/01/24
readable setuid cores in desktop ubuntu
2014/01/20
enlightenment sysactions vulnerability
most popular
2013/10/22
extracting openssl private keys from core dumps
2013/03/25
john the ripper, cuda, ubuntu
2012/05/05, updated 2012/12/15
ubuntu unity lens for vim
2010/03/11
twofish.rb: pure ruby twofish gem
2010/04/14
ckwtmpx

forging ip packets with scapy

2012/09/16

tags: python scapy

github home http://github.com/mcarpenter/ipforge
repository URLs https://github.com/mcarpenter/ipforge.git
git://github.com/mcarpenter/ipforge.git

If you don't have python's scapy module in your toolbox then you should really add it. The API makes me wince slightly (two-letter method names, postfixed by integers (sr1, sr2)) but it provides some really powerful functionality over all layers of the network stack.

Sometimes I need to poke at the network with forged packets. I (finally) wrote ipforge.py to help me do that. telnet(1) works fine in the majority of cases for simple TCP connection testing... but otherwise it doesn't:

If you need to do more advanced packet forgery then of course scapy can help you do that too. Meanwhile you can hit ipforge from a shell script to do the simple stuff:

#!/bin/bash
while true ; do
  ipforge.py -f S -p tcp 192.168.1.66 192.168.1.51:666
  sleep 1
done

Or from native python:

#!/usr/bin/python
from ipforge import ipforge
from time import sleep
while True:
    ipforge(src='192.168.1.66', dst='192.168.1.51', dport=666, flags='S')
    sleep(1)