scapy the packet 途中01

SCAPY - 2016.10.09

▸ Python ⭐

▸ 2011 Release

▸ HP secdev.org

👉Python2

▸ Python3

▸ PhilippeBiondi

▸ Scapy Wireshark/pcap

Wireshark

hping3

openflow

send socket socket 👉

recv sniff 1pkt dissector dissect 👉

Scapy L5 👉 L7 👉 👉

▸ Scapy

1. Scapy Field

2. Scapy Packet

3. Scapy bind

‣ Scapy GPLv2

scapy/modules

load_module("<module name>")

scapy/contrib

load_contrib("<proto name>")

SCAPY & PROTOCOL

▸ Packet - scapy.packet.Packet

IP TCP

https://github.com/phaethon/scapy/blob/master/scapy/packet.py ▸ Field - scapy.fields.Field

https://github.com/phaethon/scapy/blob/master/scapy/fields.py

8SCAPY

Packet

Field Field

▸ Transmission Control Protocol [https://www.ietf.org/rfc/rfc793.txt] Scapy Field

Scapy TCP Padding

Scapy TCP data Payload

9SCAPY

SCAPY TCP / RFC TCP

▸ Packet

fields_desc :

list Field

Building :

fields_desc Field

Padding CheckSum Build Payload

Dissecting :

Wireshark (Dissector) Dissection Payload

Binding :

Building Dissecting Payload

Show/Display :

PACKET CLASS

FIELD CLASS

11SCAPY

▸ Field i2m h2i

m: ( )

b"¥x00¥x01¥x02...." ※Python2 str Python3 bytes

i: ( ) Python

str,bytes,int,long,

h: ( ) Scapy

named flag, enum,...

repr: ++( )

repr()

‣ Field

▸ bytes(pkt) Packet.build()

▸ Field struct.pack

▸ Padding

▸ Binding Payload Building

BUILDING

12SCAPY

▸ Ether(“xxxxxx”)

(L2 RadioTap)

payload

▸ L2 conf.l2types

▸ Binding Payload Dissecting

DISSECTING

13SCAPY

▸ Building Dissecting

▸ bind_layers()

▸ Scapy

▸ Packet.guess_payload_class()

BINDING

14SCAPY

BINDING

DISSECTING

BUILDING

CHALLENGE!

👉 Chap.6 ADDING NEW PROTOCOLS

CHALLENGE!

19SCAPY

20SCAPY

CHAP.6 ADDING NEW PROTOCOLS

21SCAPY

22SCAPY

▸ Packet

23SCAPY

SIMPLE EXAMPLE!?

▸ OSI 7

▸ Padding 7

24SCAPY

SIMPLE EXAMPLE

▸ RFC

▸ Scapy

26SCAPY

27SCAPY

HTCPCP

28SCAPY

HTCPCP

HYPER TEXT COFFEE POT CONTROL PROTOCOL

HTCPCP

▸ REST

▸ IoT

▸ py2K

latest: http://github.com/secdev/scapy ▸ (py3K )

latest: https://github.com/phaethon/scapy ▸

http://www.dirk-loss.de/scapy-doc/Scapy.pdf ▸

http://packetlife.net/media/library/36/scapy.pdf

32SCAPY

33SCAPY

scapy the packet 途中01

Engineering

developing ci/cd for nics dpdk pmd using dts · –uses sw...

network packet forgery with scapy · extending scapy...

the very unofficial dummies guide to scapy - palkeo ·...

network packet forgery with scapy - pacsec · philippe...

scapy documentation - packetlevel.ch · 2009-12-12 ·...

network packet manipulation with scapy -

network packet forgery with scapy - · pdf fileproblematic...

scapy documentation (!) -...

ipv6 packet creation with scapy documentation - … ·...

scapy talk

hack x crack scapy

packet crafting using scapy - ryerson university ·...

python scapy

scapy packet forgery

passive bluetooh monitoring in scapy · agenda •...

scapy test

network packet manipulation with scapy -...

scapy - cit.ctu.edu.vndtnghi/nid/scapy.pdf · 2 giới...

network packet manipulation with scapy - · pdf filehack.lu,...

network packet forgery with scapy - pacsec