Scapy安装以及简单使用
参考文档
前言
scapy是一个可以模拟发送报文的python程序,使用了它从此发包不愁。
安装
1、首先得安装Python2.7
在linux系统下还是简单一点
sudo apt-get install python2.7
2、其次安装部分依赖
sudo apt-get install tcpdump graphviz imagemagick python-gnuplot python-cryptography python-pyx
3、最后最简单的,安装scapy
sudo apt-get install python-scapy
由于上述步骤走的还是官方文档,笔者装的时候会出现第2歩的某些依赖没有安装上,不过没有关系,你可以现在终端sudo scapy,然后终端会提示出一些库无法引用,这个时候还是本着缺啥装啥的路子,缺啥就
sudo apt-get install python-xxx(提示的库)
成功后,出现如下(congradulation)
Welcome to Scapy (2.3.3)
>>>
模拟发包,并抓住它
1、一个基本命令ls()
>>> ls(IP)
version : BitField (4 bits) = (4)
ihl : BitField (4 bits) = (None)
tos : XByteField = (0)
len : ShortField = (None)
id : ShortField = (1)
flags : FlagsField (3 bits) = (0)
frag : BitField (13 bits) = (0)
ttl : ByteField = (64)
proto : ByteEnumField = (0)
chksum : XShortField = (None)
src : SourceIPField (Emph) = (None)
dst : DestIPField (Emph) = (None)
options : PacketListField = ([])
>>> ls(IP)
version : BitField (4 bits) = (4)
ihl : BitField (4 bits) = (None)
tos : XByteField = (0)
len : ShortField = (None)
id : ShortField = (1)
flags : FlagsField (3 bits) = (0)
frag : BitField (13 bits) = (0)
ttl : ByteField = (64)
proto : ByteEnumField = (0)
chksum : XShortField = (None)
src : SourceIPField (Emph) = (None)
dst : DestIPField (Emph) = (None)
options : PacketListField = ([])
>>> ls(UDP)
sport : ShortEnumField = (53)
dport : ShortEnumField = (53)
len : ShortField = (None)
chksum : XShortField = (None)
可从上面输出结果可知,ls()原来就是查看数据包的结构
2、简单发个ping包
>>> a=IP(dst='123.123.123.123')
>>> a
<IP dst=123.123.123.123 |>
>>> a=a/ICMP()
>>> a
<IP frag=0 proto=icmp dst=123.123.123.123 |<ICMP |>>
>>> send(a)
.
Sent 1 packets.
wireshark抓包可得,
抓住了这个ping包