2,196 questions
0
votes
1
answer
96
views
Scapy does not recognize IP-in-IP encapsulation
I need to manipulate pcap with some packets that are IP-in-IP encapsulated. Wireshark/tshark readily shows encapsulation:
However, scapy can't see encapsulated packet (IP layer):
Wireshark shows ...
- 6,940
-2
votes
1
answer
101
views
How to create a TCP packet bigger than 64KB and save it in a pcap file?
Edit: theoretically maximum size of a packet is 64KB. However, broken or not, such packets do happen in practice on some more exotic network hardware.
For purpose of testing a network device I need to ...
- 6,940
-4
votes
1
answer
98
views
Code says 'pkt' is not defined but the tutorial I'm following doesn’t have this issue [closed]
I'm working on a project about VPN tunneling, I've been following along with this example (https://www.youtube.com/watch?v=t_VmiXNWKkk&list=WL&index=2&pp=gAQBiAQB). The guy demonstrates ...
0
votes
1
answer
94
views
AttributeError: 'AsyncSniffer' object has no attribute 'stop_cb'
When running the following code:
import time
from scapy.all import AsyncSniffer
sniffy = AsyncSniffer(iface="wlp0s20f3", filter="not arpand not port 22")
sniffy.start()
time....
- 2,383
0
votes
1
answer
78
views
How to select what type of fields I should use in a protocol header
Getting into protocol development with Scapy, going through documentation and watching videos on Scapy but I'm a bit confused with field types. Let's assume something generic for a packet structure:
| ...
- 61
0
votes
0
answers
24
views
Scapy wrpcap does create a new Object
I've implemented a protocol(Packet) in Scapy, which is does send its defined fields as well as its app_data either inverted or non-inverted on the wire.
I want to use a simple flag attribute which is ...
- 192
0
votes
0
answers
64
views
I'm using Scapy in Python3 to request a DNS query, but I'm not getting a response
Environment: WSL Ubuntu
Network: Bridge
When requesting DNS through dns.resolver in Python, a response is received, but when importing Scapy and requesting a DNS query, no response is received.
No ...
1
vote
0
answers
73
views
Scapy Raw layer in data frame is missing initial 3 characters of load and shortened load is repeated when printed
I am using Scapy to learn about Wi-Fi. I am new to both Scapy and Wi-Fi.
I have a Raspberry Pi 5 and a laptop, running Debian GNU/Linux 12 (Bookworm) and Ubuntu 22.04.1 LTS, respectively, and an ALFA ...
- 398
0
votes
0
answers
60
views
User-space NAT with Scapy on Windows: Outbound UDP/TCP packets work, but no replies
I am building a user-space NAT/router in Python using Scapy (on Windows 11, with Npcap). The setup is:
Laptop1: Runs the NAT script, it has a single Wi-Fi NIC
Laptop2: Sets Laptop1 as its default ...
- 1
-3
votes
2
answers
276
views
How to send a raw TCP packet over IPv6 using Scapy [closed]
I am trying to send a raw tcp packet over Ipv6 using Scapy. But I always get the warning: No route found for IPv6 destination (ipv6 address) (no default route?)
I am deploying in Kali Linux.
My ...
- 25
0
votes
0
answers
158
views
How to Get the payload Bytes from a packet in scapy along with the parsed HTTP layer components from the packet
I need some help in accomplishing 2 things with scapy:
extract the payload bytes as integers from the TCP layer
Also get access to the HTTP components like the Host , path , Cookies , Headers , User ...
0
votes
0
answers
43
views
Generate ICMPv6 Packet Too Big Error in Mininet Topology
How do I get my router in Mininet to send the "Packet Too Big" error back to the host before the host fragments the packet?
In Wireshark, I am only able to view the fragmented packets when I ...
0
votes
0
answers
93
views
Pages are not loading while doing a spoofing attack using scapy
I am trying to conduct a spoofing attack using scapy.
Here is my code:
import scapy.all as scapy
from scanner import scan
#NOTE: The scanner module takes in an IP Address and finds the
#...
- 93
1
vote
0
answers
118
views
Python. Socket vs Scapy
I want to do a script for get all hostnames from IP addresses of my internal DNS.
I have used socket.gethostbyaddr(ip) and I got always the correct answer but when I try to do it with Scapy with PTR ...
- 113
1
vote
0
answers
49
views
How to set option 15 on TCP/IP packets in a pcap and recalculate checksums? (preferably with scapy)
For purposes of testing network hardware I need to set (obsolete) Kind=15 (alternate checksum) option on TCP/IP connection in a pcap file I received from somebody.
This answer specifies how to set an ...
- 6,940
1
vote
1
answer
103
views
Is there a way to create structure in scapy to dissect packet where a field length is variable and its value is also dependent on packet length?
So , I am trying to create scapy dissection for mms protcol . Currently I am stuck with ISO 8823 OSI Presentation Layer Protocol. I want to create field dissection for Length A , but its dependent on ...
- 41
1
vote
1
answer
66
views
Is latency available within traceroute in scapy
from scapy.all import traceroute
def perform_traceroute(target):
result, _ = traceroute(target, maxttl=50, verbose=True)
print(result)
for hop in result:
query_packet = hop[0]...
1
vote
0
answers
364
views
Sniffing bluetooth packet using Scapy on raspberry pi5
I have been working on Scapy to sniff the wifi packets & works like a champ. With self interest started to read other supporting feature like bluetooth that supported by Scapy framework
Started to ...
- 1,985
1
vote
1
answer
569
views
Why does scapy give me an socket error when I try to start recording the network stream?
These are the two main functions for scapy:
def spck_clbk(packet):
global ip_cnt
if IP in packet:
save_pkDATA(packet)
ip_cnt += 1
ip_src = packet[IP].src
ip_trg ...
1
vote
0
answers
33
views
Why does not scapy bind_layers recognize my custom layer?
I am trying to extend Scapy's protocol parsing capabilities. Here is my code:
from scapy.all import *
class IEEE1722(Packet):
name = "ieee1722"
fields_desc = [
BitField(&...
- 25
1
vote
1
answer
170
views
Scapy not sniffing packets in monitor mode on Raspberry Pi5
Not able to sniff the packet on New Raspberry pi5 device Arm64 using wifi TP link Ac600 dongle but the same code works on pi4 for same dongle.
Wlan1 is set to monitor mode
from scapy.all import *
...
- 465
5
votes
1
answer
216
views
Extracting vendor info from Probe Request using Scapy
Trying to extract the vendor information (Apple, Samsung, etc) from Probe Request coming from mobile, So far no luck. Not sure where the corrections to be made to get this info.
Adding my code:
import ...
- 1,985
0
votes
1
answer
140
views
IPv6 Hop-by-Hop Scapy: ValueError: Missing 'dst' attribute
I'm experimenting with IPv6 Scapy and trying to set Router Alert Hop By Hop option. Here is the code sample:
hdr = IPv6ExtHdrHopByHop(options=[("Router Alert", b'\x01\x00')])
ip6 = IPv6(src=&...
- 9,760
1
vote
0
answers
79
views
Network Scanner- Python
I'm working on a project to design a network scanner. target_network_input.py is a script that asks the user to input the target network range. It prints all the possible networks on the console along ...
- 11
0
votes
0
answers
58
views
How can I sniff ICMP requests to offline hosts using Python?
I’m trying to sniff ICMP packets on my network using Python, but I’ve noticed a limitation. When I use my script, I can only sniff packets that receive replies (e.g., echo-reply). However, for offline ...
- 31
0
votes
1
answer
167
views
Why does not scapy recognize my custom layer?
In scapy I've added a layer with "bind_layers". But it seems that I did something wrong and a packet is not recognized correctly.
I try to add a layer to scipy and don't understand where am ...
4
votes
1
answer
168
views
Is there any way to modify strings inside .pcap files with python scapy wthiout yielding an error?
I am experimenting with scapy in python and captured a test pcap which only contains a transfer of a file over HTTP. The contents of the file are plaintext.
I am trying to basically change the Server ...
- 111
0
votes
1
answer
23
views
Why i'm only seeing certain messages that start with either "[*]", "[Info]" or ["alert]" in my script in the output?
So, I have a simple python script which aims at detecting syn flood attacks in a virtual network environment called mininet using scapy.
from scapy.all import *
from collections import defaultdict
...
1
vote
2
answers
63
views
Setting HTTP header field has no effect
I'm doing a MitM attack homework. It requires me to change the HTTP payload (adding script tags to the HTML content). I was able to inject the script but I found the content received on the user's ...
- 157
0
votes
0
answers
42
views
Why sr1 return None when TCP flags are FPU
from scapy.all import IP, ICMP, TCP, sr1
import sys
def probe_scan(ip):
probe_packet = IP(dst=ip) / ICMP()
return sr1(probe_packet, timeout=10) != None
def tryXMas(ip, port):
xMas_packet ...
1
vote
1
answer
152
views
How to capture data from a TCP socket with scapy
I am creating a TCP socket:
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as server_sock:
server_sock.bind((HOST, PORT))
server_sock.listen()
while True:
sock, addr = ...
- 21
0
votes
0
answers
51
views
How to get an Ether frame in bytes
I am capturing a single package using scapy:
from scapy.all import *
while True:
data = sniff(iface = 'lo', count = 1)
Then I try to convert the resulting object into bytes:
print(raw(data))
...
- 21
1
vote
1
answer
57
views
Is there a way to simulate the arrival of a package on an interface using scapy
For testing and debugging purposes, I'd like to be able to simulate the arrival of a package on a specific interface and have it then regularly go through the entire network stack. Is this possible ...
- 2,146
0
votes
1
answer
384
views
IP forwarding on rooted Android using Termux
Is it possible to intercept traffic with ARP-spoofing on Termux(rooted Android)?
I have this python script:
from scapy.all import *
from scapy.interfaces import *
from threading import Thread
import ...
- 11
-1
votes
1
answer
42
views
Only IP packets are displayed. Wireshark, Scapy
I am testing my Scapy code and when sending UDP, Wireshark shows the IPv4 protocol (without the ability to view the UDP packet). How to configure Wireshark to view more than just IP packets. Or is it ...
- 1
0
votes
0
answers
409
views
Speed optimization of pyshark
Is there a way to speed up pyshark processing?
Details
The rate in which pyshark loops over the packets is ~1000 packet per second, is it possible to speed it up?
For comparison, scapy was checked ...
- 973
0
votes
0
answers
111
views
scapy not working "ImportError" and "AttributeError"
PIP package scapy-python3 used to provide scapy3k, which was a fork from scapy implementing python3 compatibility since 2016. This package was included in some of the Linux distros under name of ...
- 1
0
votes
0
answers
557
views
How to reassemble fragmented TCP packets with Scapy and also including Netfilter Queue (developing an IDS)
I am developing an IPS and using Scapy to parse the packets and to take actions based on the payloads present in the packet . I am currently trying to implement Drop/Block functionality . Came across ...
- 53
0
votes
1
answer
453
views
Tcp server not responding to SYN packets generated from scapy
I have a very simple tcp server socket listening for new connections.
use std::net::TcpListener;
fn main() {
let listener = TcpListener::bind("127.0.0.1:7878").expect("Failed to ...
user16732580
0
votes
1
answer
127
views
python-scapy IKEv2_Transform
>>> from scapy.all import load_contrib
>>> load_contrib('ikev2')
>>> IKEv2_Transform()
Traceback (most recent call last):
File "<stdin>", line 1, in <...
0
votes
0
answers
760
views
Python Scapy not detecting my npcap or winpcap installation
I have a python script which imports scapy to do some network packet analysis. The first thing my script reports is "WARNING: No libpcap provider available ! pcap won't be used". Without ...
- 7,298
0
votes
1
answer
174
views
Python, Scapy and exporting to an .exe
At the moment I play a little bit with scapy, Qt and python. So far everything worked fine when starting the programm with VSC.
Now I tried to make an .exe with PyInstaller. It also worked, I got an ....
- 169
1
vote
0
answers
224
views
Error in using mitmproxy's http module in python
I have a code that uses mitmproxy http function and it miserably fails here:
def main(stdscr):
try:
parser = argparse.ArgumentParser(description='NetSour Network Analyzer')
parser....
- 11
1
vote
1
answer
115
views
I don't understand what is Network Padding
I'm building an arp spoofer in Python with scapy and I have this function to send spoofed arp packets:
def arp_spoof (dest_ip, dest_mac, source_ip):
scapy.sendp(scapy.Ether(dst=dest_mac)/ scapy....
- 51
1
vote
2
answers
2k
views
Python Scapy, the ARP packge gives me the WARNING that I should put destination mac address, but I did
I have this code, I want to automize the process of ARP Spoofing.
You run the program like this sudo python3 arpSpoof.py 192.168.1.1 192.168.1.101
The first IP address is the one of the router, and ...
- 11
1
vote
0
answers
363
views
tcpdump is not available when extracting packet features in windows
I have been trying to extract statistical features from a packet(pcap) using pyflowmeter but I keep on getting traceback error that :'scapy.error.Scapy_Exception: tcpdump is not available', I know ...
- 11
0
votes
0
answers
143
views
ARP spoofing makes my Target Machine lose internet
This is my code, I have tried flushing ip tables and enabled port forwarding. I don't know what is wrong with this script, I have also turned firewall off from my windows VM(target machine). Don't ...
- 11
0
votes
1
answer
83
views
Scapy IPsec AH Tunnel mode in socket
I am encountering a problem when trying to reconstruct packets in AH tunnel mode using Scapy. The packets are sent through a socket using the raw() method.
Setup:
AH Tunnel Mode Configuration:
Outer ...
- 1
1
vote
1
answer
135
views
multiple sniffers with scapy using tornado
I have 3 scripts:
scriptA: creates a certain type of connection to a server using scapy and responds to some sort of keepalive packets it finds using AsyncSniffer(). This works fine.
scriptB: sends a ...
- 89
0
votes
0
answers
58
views
scapy 255.255.255.255 broadcast not being received
I am trying to run some broadcast related tests in my network. I have a wireless client 10.48.225.30 and a wired host on the same subnet 10.48.225.45. I have a simple scapy script to run some ...
- 77