How to do it...

Let us use Scapy to read a previously saved pcap file. If you don't have a pcap file, you can use the Saving packets in the pcap format using pcap dumper recipe of this chapter to do that.

Then, parse the arguments from the command line and pass them to a send_packet() function along with the parsed raw packets. As with the previous recipes, this recipe requires admin privileges to run.

Listing 8.6 gives the code for replaying traffic by reading from a saved pcap file, as follows:

#!/usr/bin/env python 
# Python Network Programming Cookbook, Second Edition -- Chapter - 8 
# This program is optimized for Python 2.7.12 and Python 3.5.2. 
# It may run on any other version with/without modifications. 
 
 
import argparse 
from scapy.all import * 
 
 
def send_packet(recvd_pkt, src_ip, dst_ip, count): 
    """ Send modified packets""" 
    pkt_cnt = 0 
    p_out = [] 
 
    for p in recvd_pkt: 
        pkt_cnt += 1 
        new_pkt = p.payload 
        new_pkt[IP].dst = dst_ip 
        new_pkt[IP].src = src_ip 
        del new_pkt[IP].chksum 
        p_out.append(new_pkt) 
        if pkt_cnt % count == 0: 
            send(PacketList(p_out)) 
            p_out = [] 
 
    # Send rest of packet 
    send(PacketList(p_out)) 
    print ("Total packets sent: %d" %pkt_cnt) 
 
if __name__ == '__main__': 
    # setup commandline arguments 
    parser = argparse.ArgumentParser(description='Packet Sniffer') 
    parser.add_argument('--infile', action="store", dest="infile",
     default='pcap1.pcap') 
    parser.add_argument('--src-ip', action="store", dest="src_ip",
     default='1.1.1.1') 
    parser.add_argument('--dst-ip', action="store", dest="dst_ip",
     default='2.2.2.2') 
    parser.add_argument('--count', action="store", dest="count",
     default=100, type=int) 
    # parse arguments 
    given_args = ga = parser.parse_args() 
    global src_ip, dst_ip 
    infile, src_ip, dst_ip, count =  ga.infile, ga.src_ip,
     ga.dst_ip, ga.count 
    try: 
        pkt_reader = PcapReader(infile) 
        send_packet(pkt_reader, src_ip, dst_ip, count) 
    except IOError: 
        print ("Failed reading file %s contents" % infile) 
        sys.exit(1)

If you run this script, it will read the saved pcap file, pcap1.pcap, by default and send the packet after modifying the source and destination IP addresses to 1.1.1.1 and 2.2.2.2 respectively, as shown in the following output. If you use the tcpdump utility, you can see these packet transmissions:

# python 8_6_replay_traffic.py 
...
Sent 3 packets.
Total packets sent 3
----
# tcpdump src 1.1.1.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol 
decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 
bytes
^C18:44:13.186302 IP 1.1.1.1.www > ARennes-651-1-107-2.w2-
2.abo.wanadoo.fr.39253: Flags [P.], seq 2543332484:2543332663, ack 
3460668268, win 65535, length 179
1 packets captured
3 packets received by filter
0 packets dropped by kernel
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.116.60.158