Scapy is Easy!

by pocc 5 years ago

macOS ◆ xterm-256color ◆ bash 1705 views

Description

This is a simple Scapy demonstration. In it, we will ping 8.8.8.8 and look at the response packets.

Transcript

# === Scapy is Easy! ===
# Let's send a ping to 8.8.8.8 and look at the response
scapy
bash-5.0$ # === Scapy is Easy! ===
bash-5.0$ # Let's send a ping to 8.8.8.8 and look at the response
bash-5.0$ scapy
                                      
                     aSPY//YASa       
             apyyyyCY//////////YCa       |
            sY//////YSpcs  scpCY//Pp     | Welcome to Scapy
 ayp ayyyyyyySCP//Pp           syY//C    | Version 2.4.2
 AYAsAYYYYYYYY///Ps              cY//S   |
         pCCCCY//p          cSSps y//Y   | https://github.com/secdev/scapy
         SPPPP///a          pP///AC//Y   |
              A//A            cyP////C   | Have fun!
              p///Ac            sC///a   |
              P////YCpc           A//A   | Craft packets like it is your last
       scccccp///pSP///p          p//Y   | day on earth.
      sY/////////y  caa           S//P   |                      -- Lao-Tze
       cayCyayP//Ya              pY/Ya   |
        sY/PsY////YCc          aC//Yp 
         sc  sccaCY//PCypaapyCP//YSs  
                  spCPY//////YPSps    
                       ccaacs         
                                    
>>> ping = IP(dst="8.8.8.8") / ICMP()
>>> ans, unas = sr(ping)
Begin emission:
..Finished sending 1 packets.
.*
Received 4 packets, got 1 answers, remaining 0 packets
>>> ans.show()
0000 IP / ICMP 192.168.1.194 > 8.8.8.8 echo-request 0 ==> IP / ICMP 8.8.8.8 > 192.168.1.194 echo-reply 0
>>> response_packet = ans[0][1]
>>> response_packet.show()
###[ IP ]### 
  version= 4
  ihl= 5
  tos= 0x0
  len= 28
  id= 16833
  flags= 
  frag= 0
  ttl= 120
  proto= icmp
  chksum= 0x2ea6
  src= 8.8.8.8
  dst= 192.168.1.194
  \options\
###[ ICMP ]### 
     type= echo-reply
     code= 0
     chksum= 0x0
     id= 0x0
     seq= 0x0

More by pocc

tshark | Using the Example Extcap from the Documentation 03:18

by pocc 5 years ago

tshark | Decrypting WPA-PSK 01:53

by pocc 5 years ago

randpkt usage 01:05

by pocc 5 years ago

tshark | Decrypt TLSv1.2 03:38

by pocc 5 years ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay the downloaded recording in your terminal using the asciinema play command:

asciinema play 237464.cast

If you don't have asciinema CLI installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from the releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '/assets/237464.cast',
      document.getElementById('player'),
      { cols: 102, rows: 28 }
    );
  </script>
</body>
</html>

See asciinema player quick-start guide for full usage instructions.

While this site doesn't offer GIF conversion at the moment, you can still do it yourself with the help of asciinema GIF generator utility - agg.

Once you have it installed run the following command to create GIF file:

agg https://asciinema.org/a/237464 237464.gif

Or, if you already downloaded the recording file:

agg 237464.cast 237464.gif

Check agg --help for all available options. You can change font family and size, select color theme, adjust speed and more.

See agg manual for full usage instructions.