Scapy Module Documentation For Ethical Hacking

[Knight_Bishop]

Introduction​

Scapy is a powerful Python-based packet manipulation tool and library used in the field of ethical hacking. It allows users to craft, send, capture, and analyze network packets, making it a valuable resource for various network-related tasks, including network scanning, vulnerability assessment, and protocol exploitation. This documentation will guide you through the installation process, provide an overview of the key features and functionalities of the Scapy module, and offer examples of common use cases in ethical hacking.

Table of Contents​

1. Installation
   • Prerequisites
   • Installing Scapy
2. Basic Usage
   • Importing the Scapy module
   • Creating and sending packets
   • Capturing and analyzing packets
3. Network Scanning
   • IP scanning
   • Port scanning
4. Packet Crafting
   • Creating custom packets
   • Modifying packet fields
5. Protocol Exploitation
   • Sending malicious packets
   • Exploiting vulnerabilities
6. Conclusion
   • Further resources
   • Ethical considerations

1. Installation​

Prerequisites​

Before installing Scapy, ensure that you have the following requirements:

• Python (version 2.7 or 3.x)
• Root/Administrator access (required for certain features)
• Internet connectivity (to fetch dependencies and modules)

Installing Scapy​

To install Scapy, follow these steps:

1. Open a terminal or command prompt.
2. Use the following command to install Scapy via pip:

pip install scapy

Note: Depending on your system, you may require elevated privileges (e.g., sudo on Linux).
Congratulations! You have successfully installed the Scapy module.

2. Basic Usage​

Importing the Scapy module​

To begin using Scapy in your Python script, import the module using the following code:

from scapy.all import *

Creating and sending packets​

Scapy allows you to create custom packets and send them over the network. Here's an example of creating an ICMP ping request and sending it to a target IP address:

target_ip = "192.168.0.1"
packet = IP(dst=target_ip) / ICMP()
send(packet)

Capturing and analyzing packets​

Scapy provides the capability to capture and analyze network packets. Here's an example of capturing 10 ICMP packets and printing their summary:

packets = sniff(count=10, filtet="icmp")
for packet in packets:
    print(packet.summary())

3. Network Scanning​

IP scanning​

Scapy can be used for IP scanning to discover live hosts on a network. Here's an example of scanning a range of IP addresses:

target_range = "192.168.0.1/24"
response, _ = srp(Ether(dst="ff:ff:ff:ff:ff:ff") / ARP(pdst=target_range), timeout=2)
for _, received_packet in response:
    print(received_packet.summary())

Port scanning​

Scapy enables you to perform port scanning to identify open ports on a target system. Here's an example of performing a TCP SYN port scan:

target_ip = "192.168.0.1"
port_range = (1, 100)
response = sr1(IP(dst=target_ip) / TCP(sport=RandShort(), dport=port_range, flags="S"), timeout=5)
if response and response.haslayer(TCP) and response.getlayer(TCP).flags == 0x12:    print("Port", response.getlayer(TCP).dport, "is open.")

4. Packet Crafting​

Creating custom packets​

Scapy allows you to create custom packets with specific fields. Here's an example of crafting an Ethernet packet:

eth_packet = Ether(dst="00:11:22:33:44:55", src="aa:bb:cc:dd:ee:ff") / IP(dst="192.168.0.1") / TCP(dport=80)

Modifying packet fields​

You can modify fields of an existing packet using Scapy. Here's an example of changing the destination IP address of an IP packet:

packet = IP(src="192.168.0.1", dst="10.0.0.1") / ICMP()
packet[IP].dst = "192.168.0.2"

5. Protocol Exploitation​

Sending malicious packets​

Scapy enables the crafting and sending of malicious packets to exploit vulnerabilities. Please exercise caution and adhere to ethical guidelines when using this functionality. Here's an example of crafting and sending a DNS query packet:

target_ip = "192.168.0.1"
dns_query = IP(dst=target_ip) / UDP() / DNS(rd=1, qd=DNSQR(qname="example.com"))
send(dns_query)

Exploiting vulnerabilities​

Scapy can be used to exploit certain network vulnerabilities. Ensure that you have proper authorization and adhere to ethical guidelines when performing vulnerability exploitation.

6. Conclusion​

This documentation provided an overview of the Scapy module for ethical hacking, covering its installation, basic usage, network scanning, packet crafting, and protocol exploitation. Remember to use Scapy responsibly.

Further Resources​

• Scapy documentation: https://scapy.readthedocs.io/
• Scapy GitHub repository: https://github.com/secdev/scapy

"Success is not final, failure is not fatal: It is the courage to continue that counts." - Winston Churchill