Packet Manipulation/Crafting

EildorEildor Member Posts: 444
in Off-Topic
What is the best way of manipulating/crafting packets? I want to have full control, including source IP, destination... is that possible? I have no malicious intent, just think it would be pretty interesting to mess around with.

I'm aware that software exists for this, but I want to code it myself.
· Share on FacebookShare on Twitter

Comments

  • lsud00dlsud00d Member Posts: 1,571
    Scapy--

    Scapy

    Or if you're good with Python you can script it yourself.

    I know the_hutch has some experience with this.

    Also obviously use a sniffer like Wireshark to confirm what goes across the wire.
    · Share on FacebookShare on Twitter
  • SteveO86SteveO86 Member Posts: 1,423
    +1 for scapy, it's a nice tool for testing ACLs and Firewalls.

    Slight learning curve as you want to understand the packet format you are crafting. It also works over WLANs to.
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
    · Share on FacebookShare on Twitter
  • EildorEildor Member Posts: 444
    SteveO86 wrote: »
    +1 for scapy, it's a nice tool for testing ACLs and Firewalls.

    Slight learning curve as you want to understand the packet format you are crafting. It also works over WLANs to.

    How does one learn the packet format? If I were to capture packets on Wireshark would that give me what I need?

    Also, what would stop me from crafting thousands of CDP packets to do some sort of DoS attack on a local switch? Apart from turning CDP off, of course...
    · Share on FacebookShare on Twitter
  • lsud00dlsud00d Member Posts: 1,571
    Here's common packets:

    Raw Packet Formats

    and CDP:

    Frame Formats

    All just a short google away icon_thumright.gif
    · Share on FacebookShare on Twitter
  • EildorEildor Member Posts: 444
    lsud00d wrote: »
    Here's common packets:

    Raw Packet Formats

    and CDP:

    Frame Formats

    All just a short google away icon_thumright.gif

    Yeah you're right, in fact it's the first thing that comes up! Sorry. Cheers mate.
    · Share on FacebookShare on Twitter
  • lsud00dlsud00d Member Posts: 1,571
    No problem, just glad to help!
    · Share on FacebookShare on Twitter
  • doverdover Member Posts: 184 ■■■■□□□□□□
    I'm going to throw out hping2 as a simple, easy to use packet crafting tool - although it is not nearly as full featured as Scapy.

    Also fun is netdude. It gives you some pretty amazing abilities.
    · Share on FacebookShare on Twitter
  • EildorEildor Member Posts: 444
    Sweet, will try some of these out when I get time. Thanks guys.
    · Share on FacebookShare on Twitter
  • the_hutchthe_hutch Banned Posts: 827
    lsud00d wrote: »
    Scapy--

    Scapy

    Or if you're good with Python you can script it yourself.

    I know the_hutch has some experience with this.

    Also obviously use a sniffer like Wireshark to confirm what goes across the wire.

    Haha...yep. Scapy is pretty much the coolest scripting library ever. Complete control over ever aspect of the TCP/IP stack when handling raw packets. I've tried to find equivalents in other scripting languages...but there is nothing comparable (at least from what I've found). The only set back is that there is a lack of documentation, so learning it is a lot of trial and error. I'm thinking about producing a video series on using Scapy.
    · Share on FacebookShare on Twitter
  • EildorEildor Member Posts: 444
    the_hutch wrote: »
    I'm thinking about producing a video series on using Scapy.

    Please do!
    · Share on FacebookShare on Twitter
  • doverdover Member Posts: 184 ■■■■□□□□□□
    Mike Poor and Judy Novak have a good scapy example for crafting overlapping packets at packetstan.com.

    Site hasn't been updated in a long time, unfortunately. Still a good example though.

    Packetstan
    · Share on FacebookShare on Twitter
  • EildorEildor Member Posts: 444
    dover wrote: »
    Mike Poor and Judy Novak have a good scapy example for crafting overlapping packets at packetstan.com.

    Site hasn't been updated in a long time, unfortunately. Still a good example though.

    Packetstan

    Thank you.

    How much Python would I need to learn? Never done anything in Python before, looks quite a bit different to Java.
    · Share on FacebookShare on Twitter
  • cisco_troopercisco_trooper Member Posts: 1,441 ■■■■□□□□□□
    I want to say hping3

    hping3(icon_cool.gif - Linux man page
    · Share on FacebookShare on Twitter
  • CodeBloxCodeBlox Member Posts: 1,363 ■■■■□□□□□□
    If you want true control over crafting everything in your packets in C, look up raw sockets. This will do what you want. See below:

    The RAW socket C programming tutorial with working program examples tested on Linux OS
    Currently reading: Network Warrior, Unix Network Programming by Richard Stevens
    · Share on FacebookShare on Twitter
  • EildorEildor Member Posts: 444
    CodeBlox wrote: »
    If you want true control over crafting everything in your packets in C, look up raw sockets. This will do what you want. See below:

    The RAW socket C programming tutorial with working program examples tested on Linux OS

    Would love to learn C, just don't have the time at the moment. From what I remember it's a rather small language though. I was going through Brian Kernighan's book a few years ago, the exercises are pretty tough. I never got to finish it, or even get halfway (and it's not even a big book!).
    · Share on FacebookShare on Twitter
Sign In or Register to comment.