INTRODUCTION TO SCAPY

Ahmet Göker
6 min readNov 21, 2021

--

Hey amazing hackers welcome back to my fourth blog.

Today I am going to introduce Scapy library and what we can do with this tool such as for network attacks, network scanning etc … lets dive into it.

In order to create a network scanner we will be able to use python library called Scapy. This library is designed to send, sniff, dissect and of course editing network packets and this designed tool is really powerful network manipulation library. Let’s explain a little bit with python thus in practical way.

INSTALLING SCAPY

First of all, we should install this tool onto our terminal however, we must understand things in Linux operating system lets understand that there are two different users we have root user and a normal user so higher privileges are required for system-level commands in fact, if we want to send and receive some packets we have to be a root user because it requires root privilege command and furthermore, installing some tools we are going to use “sudo” command I want to explain more in comprehensive detail lets dive into it.

As you can see I was a normal user however adding “sudo” command it did work properly it just asked for the password, this will install with administrator privileges.

Note that because it can be when you have a problem with installing this tool u can normally use this following command

sudo apt-get update && sudo apt-get upgrade && sudo apt-get install python3-virtualenv -y

Because of that you should create a new virtual environment for this specific project it totally differs what you want to call as your project, if you are facing any problem u can send me a message:)

UNDERSTANDING HOW SCAPY WORKS

In this section, we will learn and get knowledge how Scapy actually works and how we can use it to create our network mapping script or network manipulation tool.Let’s create our first Python file as “scapy-hack.py” once done is we can import any library or module inside this file. I want to quickly illustrate and create our small ping request however in order to perform this action we need to import some modules such as ICMP(Internet Control Message Protocol) also called an echo request from that server to being able to import this package we can use;

at the first screenshot we can see that scapy has been imported. Secondly, we need to import IP so as to define an IP layer

And lastly, to send and receive packets, we should use a function which it does for us thus, use this following command

In order to know your IP address u can use “ıfconfig” command because it will be different for you depending on your system.

if you are not a root user, do not forget add “sudo” because you are a normal user keep that in your mind. I am going to use as follow

we are defining our source and destination IP.

Then we will obviously define our the destination IP because we want to create a ping request to a XXXX server let’s use Facebook.com you can by that either use write the IP address or you can put the server’s name it is totally up to you.

Because of that as i mentioned earlier scapy is a powerful tool it will automatically translate this address if you use the IP address of Facebook.

Now we are going to create ip_layer packet so as to print it out to see what it contains in that packet

The output of this program should look like this;

Let’s have a look at the “src” and “dst” fields.The destination is an instance of Net, which means that scapy will take care of translating it into an actual IP address

Next we are going to send an ICMP request to perform this script we can the class to create an instance like this;

As you can we put “id=100” there that means that the protocol helps to trace packets and to see the result u can simply type “print(icmp_request.show())”, and the result is shown above) from here you can the packet type which is used for testing the connection availability.

We will combine some other things such as “packet” parameter with that being said we know that the application resides on the top of the IP layer which we have created two layers in order to combine this we can simply add

packet = ip_layer / icmp_request, print(packet.show()) looks like this one;

This will list out the combined packet as you seen this / this operator was not used for mathematical operation, this operator is used for combining layers in Scapy.

Now so far so good our request is ready to be sent it to the the server so we already put “sr” thus no worries:)

If you want to see more details about a certain layer u can modify your own script which you have written :) u can use ls commands what we mostly use when we want to know more comprehensive detail about the particular field

for instance ;

There will be more about such topics stay sharp and keep motivate and help other people share your knowledge and your hacking journey because with helping people you will remind and get more knowledge about this field and not to forget which I always recommend to people who are new in this expedition keep practicing, keep doing in practical way such as CTF events or competition which are mostly conducted by experienced people

please follow me on my YouTube channel where I have been solving and learning the methodology of hacking so as to become a pro hacker :))…

YouTube: https://YouTube.com/TurkishHoodie

Linkedin: https://www.linkedin.com/in/ahmetgöker

--

--