Lab 1 - Sniffing & Spoofing
Sniffing
ICMP Packets
We successfully sniffed ICMP packets.
from scapy.layers.inet import *
from scapy.sendrecv import *
def print_pkt(pkt: Packet):
pkt.show()
if __name__ == "__main__":
pkt = sniff(filter=f"icmp", prn=print_pkt)
TCP Packets
We successfully sniffed ICMP packets.
netcat server IP: 172.20.10.3
netcat client IP: 172.20.10.11
from scapy.layers.inet import *
from scapy.packet import Raw
from scapy.sendrecv import *
def print_pkt(pkt: Packet):
if pkt.haslayer(Raw):
print(f"{pkt[IP].src} -> {pkt[IP].dst}: {pkt[Raw].load}")
if __name__ == "__main__":
pkt = sniff(filter=f"tcp and host 172.20.10.11 and port 1234", prn=print_pkt)
Sniffing from a Subnet
This can be accomplished with the net BPF filter.
Spoofing
We successfully spoofed ICMP echo requests.
Attacker
Real IP: 172.20.10.3
Spoofed IP: 172.20.10.67
Victim
IP: 172.20.10.11
Attacker Script
from scapy.layers.inet import *
from scapy.sendrecv import *
def print_pkt(pkt):
pkt.show()
if __name__ == "__main__":
a = IP()
a.dst = "172.20.10.11"
a.src = "172.20.10.67"
b = ICMP()
p = a / b
while True:
send(p)
time.sleep(1)