Question

I’m exploring network packet manipulation for ethical hacking purposes, and I’ve heard that Python’s Scapy library is powerful for tasks like sniffing, spoofing, and injecting packets. However, I’m new to Scapy and not sure how to use it for common network tasks like crafting custom packets or simulating attacks such as ARP spoofing.

Can someone provide a basic example of how Scapy can be used for packet sniffing and manipulation? Additionally, any tips on using Scapy safely for testing in a controlled environment would be appreciated.

Answer 1

Scapy is a great tool as it allows you to sniff, craft, spoof, and inject packets in the network, which is useful for ARP spoofing, packet crafting, and sniffing.

1. In order to use Scapy for network packet manipulation, the first step it to install it with pip:

pip install scapy

2. Next, we can use a python script just like we've designed here:

from scapy.all import *

def packet_sniffer(packet):
    if packet.haslayer(IP):
        print(f"Source: {packet[IP].src} -> Destination: {packet[IP].dst}")

sniff(prn=packet_sniffer, count=10)

Now, this code will capture and print the IP addresses of packets.

3. Also, for crafting packets, we can create and send custom packets like:

from scapy.all import *
packet = IP(dst="192.168.1.1")/ICMP()
send(packet)

This code will create and send an ICMP packet to the IP address 192.168.1.1. We can use this to check if the host at that address is reachable, similar to how the ping command works.