• Home

  • Documents

  • Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22...
16
Scapy, a packet manipula0on tool Guillaume Valadon RIPE 70 May, 14 2015

Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Scapy,  a  packet  manipula0on  tool  

Guillaume  Valadon  RIPE  70  -­‐  May,  14  2015  

Page 2: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

What  is  Scapy  ?  

•  fast  packet  manipulaAon  in  Python  – send,  receive,  inject,  save,  modify,  ...  

•  default  values  that  work  •  hidden  tricks:  checksum  computaAons,  interface  selecAon,  ...  

•  developped  by  Philippe  Biondi  since  2003  •  maintained  by  Pierre  Lalet  and  Guillaume  Valadon  since  2013  

Page 3: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Scapy  as  a  command  line  tool  

Page 4: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Packet  built  layer  by  layer  (Ether,  IP,  TCP,  ...)  using  the  slash  operator,  such  as:  

 

Page 5: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Scapy  matches  queries  and  replies:  

Page 6: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Some  useful  funcAons,  for  example:  

Page 7: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Scapy  as  a  Python  module  

Page 8: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

A  simple  ping6  with  Scapy:  

Page 9: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Supported  protocols  

•  IP,  IPv6,  UDP,  TCP,  ICMP,  ICMPv6,  ...  •  DNS/DNSSEC,  SNMP,  DHCP,  DHCPv6,  HSRP,  ...  •  RIP,  BGP,  Mobile  IPv6,  ...  

•  contribuAons:  OpenFlow,  MPLS,  HomePlug  AV,  ..  

Page 10: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Adding  a  new  protocol  

Page 11: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Let's  add  a  new  protocol  on  top  of  Ethernet:  

Page 12: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

More  features  are  available  

•  answering  machines  •  automaAon  •  ...    

Page 13: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets
Page 14: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets
Page 15: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

Where  ?  

•  Scapy  works  on  Linux,  *BSD,  MAC  OS  X  –  the  Windows  port  does  not  work  anymore  

•  stable  version:  2.3.1  – pip,  arch,  and  gentoo  

•  development  version  on  bitbucket:  – hg  clone  hbps://bitbucket.org/secdev/scapy/  

Page 16: Guillaume!Valadon! RIPE!70!3!May,!14!2015! · In [41: out[41: query reply srI (query) Received 22 packets got I answers Begin ion Finished to send I packets. remaining O packets

How  can  you  help  ?  

•  tell  that  you  use  Scapy  •  report  issues  on  Bitbucket  •  share  your  protocols  •  invite  use  to  give  tutorials    


O NU FEMININO EM SUZANNE VALADON - ifch.unicamp.br Silva e Siqueira.pdf · XII EHA – ENCONTRO DE HISTÓRIA DA ARTE –UNICAMP 2017 437 O NU FEMININO EM SUZANNE VALADON Marina Silva

O NU FEMININO EM SUZANNE VALADON - ifch.unicamp.br Silva e Siqueira.pdf · XII EHA – ENCONTRO DE HISTÓRIA DA ARTE –UNICAMP 2017 437 O NU FEMININO EM SUZANNE VALADON Marina Silva

Documents
TCP as a Reliable Transport. How things can go wrong Lost packets Corrupted packets Reordered packets…

TCP as a Reliable Transport. How things can go wrong Lost packets Corrupted packets Reordered packets…

Documents
Suzanne Valadon french painter

Suzanne Valadon french painter

Art & Photos
Chapter 7 The Query Compiler Query Processor : Query Parser Tree Logical Query Plan Physical Query Plan Query Structure Relational Algebraic Expression

Chapter 7 The Query Compiler Query Processor : Query Parser Tree Logical Query Plan Physical Query Plan Query Structure Relational Algebraic Expression

Documents
Highly Nonstationary Wavelet Packets - CORE · wavelet packets, that generalize the class of nonstationary wavelet packets. We de-fine the periodic Shannon wavelet packets and show

Highly Nonstationary Wavelet Packets - CORE · wavelet packets, that generalize the class of nonstationary wavelet packets. We de-fine the periodic Shannon wavelet packets and show

Documents
Suzanne Valadon, Toulouse Lautrec y Exposición del Centro Cultural de la Villa

Suzanne Valadon, Toulouse Lautrec y Exposición del Centro Cultural de la Villa

Documents
Homework Packets 2 Grade Unit 1 Reading Street - PC\|MACimages.pcmac.org/.../HomeworkPacketsUnitReadingStreetndGrade_(1)… · Homework Packets By: Cindy Saucer Unit 1 Homework Packets

Homework Packets 2 Grade Unit 1 Reading Street - PC\|MACimages.pcmac.org/.../HomeworkPacketsUnitReadingStreetndGrade_(1)… · Homework Packets By: Cindy Saucer Unit 1 Homework Packets

Documents
Chapter 6 Query Execution. Query Query Compilation (Chapter 7 ) query plan Query execution metadata ( Chapter 6 ) data the major parts Of the query processor

Chapter 6 Query Execution. Query Query Compilation (Chapter 7 ) query plan Query execution metadata ( Chapter 6 ) data the major parts Of the query processor

Documents
Packets and Protocols

Packets and Protocols

Documents
NSC #2 - D3 04 - Guillaume Valadon & Nicolas Vivet - Detecting BGP hijacks

NSC #2 - D3 04 - Guillaume Valadon & Nicolas Vivet - Detecting BGP hijacks

Technology
ACCOMMODATION PACKETS,

ACCOMMODATION PACKETS,

Documents
Packet switching network Data is divided into packets. Transfer of information as payload in data packets Packets undergo random delays & possible loss

Packet switching network Data is divided into packets. Transfer of information as payload in data packets Packets undergo random delays & possible loss

Documents
Seed Packets

Seed Packets

Documents
Query Processing and Query Optimization

Query Processing and Query Optimization

Engineering
Textbook Query Optimization 2. Textbook Query Optimization · Textbook Query Optimization Logical Query Optimization Optimization Phases Textbook query optimization steps: 1.translate

Textbook Query Optimization 2. Textbook Query Optimization · Textbook Query Optimization Logical Query Optimization Optimization Phases Textbook query optimization steps: 1.translate

Documents
Stefan Burschka Tranalyzer Feel the packets, be the packets

Stefan Burschka Tranalyzer Feel the packets, be the packets

Documents
Packets Review!

Packets Review!

Documents
Hyperanalytic Wavelet Packets

Hyperanalytic Wavelet Packets

Documents
Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets

Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets

Documents
Detecting Spoofed Packets

Detecting Spoofed Packets

Documents
Query Processing: Query Formulation

Query Processing: Query Formulation

Documents
Catalogue of Gift Boxes - Thomas Etty Esq. ·  · 2017-09-21Catalogue of Gift Boxes 7 packets £12.50 5 packets £9.00 7 packets £12.50 7 packets £12.50 6 packets £10.00 Sachet

Catalogue of Gift Boxes - Thomas Etty Esq. ·  · 2017-09-21Catalogue of Gift Boxes 7 packets £12.50 5 packets £9.00 7 packets £12.50 7 packets £12.50 6 packets £10.00 Sachet

Documents
Water Wave Packets

Water Wave Packets

Documents
Wavelet Basis Packets and Wavelet Frame Packets · Wavelet Basis and Frame Packets 241 Proof. We have 2. Orthogonal or Biorthogonal Wavelet Basis Packets and Wavelet Frame Packets

Wavelet Basis Packets and Wavelet Frame Packets · Wavelet Basis and Frame Packets 241 Proof. We have 2. Orthogonal or Biorthogonal Wavelet Basis Packets and Wavelet Frame Packets

Documents
OSPF-process & Packets

OSPF-process & Packets

Documents
Theme1 packets

Theme1 packets

Entertainment & Humor
Relocation packets

Relocation packets

Real Estate
Suzanne Valadon

Suzanne Valadon

Education
Using sub query. Sub query A query inside another query

Using sub query. Sub query A query inside another query

Documents
Lamella Packets

Lamella Packets

Documents