Project 9: Intro to scapy (15 pts.)

What you need

A Linux machine, real or virtual, to act as the Sender. I recommend Kali.
Another computer of any sort to act as the Target. I used a second Kali machine.

What is scapy?

Scapy is an interactive environment that lets you build packets of any type you want and send them onto the network, and monitor the responses. It can be used for almost anything you want: port scanning, testing firewalls and IPS systems, attacks, etc.

Finding the Target IP Address

Open the client1 (Kali32) virtual machine. Log in as root with the password toor

This is your Target.

Use this command to find your Target IP address:

ifconfig

Your Target IP address should be 172.16.1.203, as shown below.

Starting scapy

Use this command to start scapy:

scapy

Scapy opens, as shown below on this page.

Sending ICMPv4 Packets with scapy

In the Linux machine, in the Terminal window, at the >>> prompt, type this command, and then press the Enter key:

i = IP()

This creates an object named i of type IP. To see the properties of that object, use the display() method with this command:

i.display()

A list of values appears, starting with the version number (4) and ending with the source and destination IP addresses, as shown below on this page.

If the colors are difficult to see, adjust them by clicking Edit, "Profile Preferences", Colors. I used "Black on light yellow".

Use these commands to set the destination IP address and display the properties of the i object again. Replace the IP address in the first command with the IP address of your target Target machine:

i.dst="192.168.198.138"
i.display()

Notice that scapy automatically fills in your machine's source IP address, as shown below on this page.

Use these commands to create an object named ic of type ICMP and display its properties:

ic = ICMP()
ic.display()

There aren't many properties for this object--it's just an echo-request, as shown below on this page.

Use this command to send the packet onto the network and listen to a single packet in response. Note that the third character is the numeral 1, not a lowercase L:

sr1(i/ic)

This command sends and receives one packet, of type IP at layer 3 and ICMP at layer 4. As you can see in the image above, the response is shown, with ICMP type echo-reply. The Padding section shows the portion of the packet that carries higher-level data. In this case it contains only zeroes as padding, as shown below.

Use this command to send a packet that is IP at layer 3, ICMP at layer 4, and that contains data with your name in it (replace YOUR NAME with your own name):

sr1(i/ic/"YOUR NAME")

You should see a reply with a Raw section containing your name, as shown below on this page.

Saving the Screen Image

Make sure you can see your name in the response packet.

Save a screen image with the filename Proj 9a from Your Name.

Sending a UDP Packet

Preparing the Target (Windows Version)

If you are using a Windows machine as the target, you need to have Nmap installed on your target Target 7 machine, so that you will have the Ncat listener.

On the target Windows machine, in a Command Prompt window, type these commands, pressing Enter after each one.

Note that the second switch in the ncat commmand is a lowercase L, not the numeral 1.

cd \program files\nmap
ncat -u -l 4444

Leave that Command Prompt window open.

Preparing the Target (Linux Version)

If your target is a Kali machine, in a Terminal window, execute this command:

Note that the second switch in the nc commmand is a lowercase L, not the numeral 1.

nc -ulp 4444

Leave that Terminal window open.

In the Terminal window, at the top, click File, "Open Terminal" to open a second Terminal window. In the second window, execute this command:

netstat -aun

You should see UDP port 4444 open, as shown below on this page.

Sending a UDP Packet from scapy

In the Linux machine, in the Terminal window, at the >>> prompt, type these commands, and then press the Enter key:

u = UDP()
u.display()

This creates an object named u of type UDP, and displays its properties.

Execute these commands to change the destination port to 4444 and display the properties again:

u.dport = 4444
u.display()

Your UDP packet's properties should look like the image below on this page:

Execute this command to send the packet to the Target machine:

send(i/u/"YOUR NAME SENT VIA UDP\n")

On the Target target, you should see the message appear, as shown below on this page:

Saving the Screen Image

Make sure you can see your name on the Target machine.

Save a screen image with the filename Proj 9b from Your Name.

Turning in Your Project

Email the images to cnit.123@gmail.com with a Subject line of Proj 9 from Your Name.

Sources

http://packetstorm.linuxsecurity.com/papers/general/blackmagic.txt

http://www.secdev.org/projects/scapy/

http://ipv6hawaii.org/?p=143

Last revised 9-27-16