Montag, 15. Oktober 2007

Scapy

Gestern habe ich mal ein bisschen mit den Beispielen aus dem scapy-Tutorial herumgebastelt.

>>> res,unans = traceroute(["www.fedorawiki.de","www.fedoraproject.org"],dport=[80,443],maxttl=20,retry=-2)
scapy gibt folgendes aus:
tcpdump: WARNING: eth0: no IPv4 address assigned
Begin emission:
**********************************************************Finished to send 80 packets.
**************Begin emission:
*Finished to send 8 packets.
***.................Begin emission:
....Finished to send 4 packets.
**........Begin emission:
Finished to send 2 packets.
**
Received 109 packets, got 80 answers, remaining 0 packets
 66.35.62.162:tcp443 66.35.62.162:tcp80 88.198.43.11:tcp443 88.198.43.11:tcp80
1  10.0.0.1        11  10.0.0.1        11 10.0.0.1        11  10.0.0.1        11
2  10.128.192.1    11  10.128.192.1    11 10.128.192.1    11  10.128.192.1    11
3  213.46.171.53   11  213.46.171.53   11 213.46.171.53   11  213.46.171.53   11
4  213.46.171.53   11  213.46.171.53   11 213.46.171.53   11  213.46.171.53   11
5  213.46.160.25   11  213.46.160.25   11 213.46.171.62   11  213.46.171.62   11
6  213.46.160.170  11  213.46.160.170  11 213.46.171.42   11  213.46.171.42   11
7  213.46.190.194  11  213.46.190.194  11 89.149.186.73   11  89.149.186.69   11
8  206.223.115.36  11  206.223.115.36  11 213.200.86.90   11  213.200.86.90   11
9  66.192.245.116  11  66.192.245.116  11 213.239.240.238 11  213.239.240.238 11
10 66.35.62.162    SA  66.35.62.162    SA 213.239.252.43  11  213.239.252.43  11
11 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
12 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
13 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
14 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
15 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
16 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
17 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
18 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
19 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
20 66.35.62.162    SA  66.35.62.162    SA 88.198.43.11    SA  88.198.43.11    SA
Nun zur Visualisierung eine Grafik
>>> res.graph(target="> /tmp/graph.svg")


Ein einfaches Paket

>>> p = IP(dst="10.0.0.1")/ICMP()
>>> p
-IP  frag=0 proto=icmp dst=10.0.0.1 |>>> p.show2()
###[ IP ]###
  version= 4L
  ihl= 5L
  tos= 0x0
  len= 28
  id= 1
  flags= 
  frag= 0L
  ttl= 64
  proto= icmp
  chksum= 0x66c9
  src= 10.0.0.23
  dst= 10.0.0.1
  options= ''
###[ ICMP ]###
     type= echo-request
     code= 0
     chksum= 0xf7ff
     id= 0x0
     seq= 0x0
>>> sr1(p)
Begin emission:
......Finished to send 1 packets.
*
Received 7 packets, got 1 answers, remaining 0 packets
-IP  version=4L ihl=5L tos=0x0 len=28 id=14398 flags= frag=0L ttl=64 proto=icmp chksum=0x2e8c src=10.0.0.1 dst=10.0.0.23 options='' |-ICMP  type=echo-reply code=0 chksum=0xffff id=0x0 seq=0x0 |-

Ein anderes Paket
>>> p = IP(dst="10.0.0.1")/TCP(dport=22)/"AAAAAAAAAA"
>>> sr1(p)

und noch ein weiteres
>>> p = IP(dst="10.0.0.0/24")/TCP(dport=80, flags="S")
>>> sr1(p)

gepostet von Fabian um 00:02

labels:

Keine Kommentare:

Kommentar veröffentlichen

Abonnieren Kommentare zum Post (Atom)