Scapy: More with sending and receiving packets

Hi dear followers ,
Sorry for the delay in this post but here it is as I discussed in the last post that how can we send more complicated packets with Scapy now as I told you earlier that we will talk about a port scanning technique via Scapy and how can we specify more then 1 dport so lets start today's Post.

So what are ports?

In networking field port refers to the endpoints of operating system which helps us in communicating with servers via many protocols.

Like there is USB ports in computer these port are also same like them but they are not physical they are virtual.

Each port have a specific protocol running on it like on port 80 http protocol is running if a computer connects to a service with a specific protocol then this dedicated port handles the request of receiving and sending data packets.

What is Port Scanning ?

By port scanning we can know which virtual ports are opened on a specific machine like if port 80 is opened there or not and can gather many other info via port scanning.

TCP connect :-

TCP connect is a 3 way handshake between the user also known as client and server. If the three way handshake has been taken place the communication has been established between user and the server.

IF port is open:-

Let suppose we want to connect to port 80 so this three way handshake will take place like this.

first of all client will try to make a connection with the port by sending a TCP packet to port 80 or where it wants to connect with SYN flag set and port specified.

Now if the port is open then the server will reply with a SYN-ACK flag set TCP packet.

Now the client will send a ACK RST flag set packet in the final handshake.

If port is closed:-

Now in other hand if a client sent a SYN flag set TCP packet with port and the server replied with a RST flag set packet then the port is closed.

How We can Specify more than one port in Scapy ?

In Scapy specifying more than one port is easy we use "[ ]" for specifying more than one port in dport. lets take a example.

>>>packet=sr(IP(dst="192.168.X.X",src="192.168.XX.XX",ttl=128)/TCP(dport=[23,83,50])/"hello")

Begin emission:

.**Finished to send 3 packets.

*

Received 4 packets, got 3 answers, remaining 0 packets

Now if we look at the result using ans.summary command then it gives output like this 

>>>ans.summary

P / TCP 192.168.XX.XX:ftp_data >192.168.XX.XX :telnet S ==> IP / TCP 10.1.99.2:telnet > 192.168.XX.XX:ftp_data

RA / Padding

IP / TCP 192.168.XX.XX:ftp_data > 192.168.XX.XX:http S ==> IP / TCP 192.168.XX.XX:http > 192.168.XX.XX:ftp_data SA /

Padding

IP / TCP 192.168.XX.XX:ftp_data > 192.168.XX.XX:domain S ==> IP / TCP 192.168.XX.XX:domain >

192.168.XX.XX:ftp_data SA / Padding

So here you can look that there is two values SA/Padding and RA/Padding

SA= SYN ACK flag set

RA= RST ACK flag set 

Now you can easily determine which ports are opened and closed

So now you look that the scapy has worked like a port scanner as well.

Defining source port and Flag Set:-

Basically Scapy works on port 22 but we can also specify the  source port and flag set with  scapy.

You can specify source port with any number you want let specify it with flag set

>>>packet=sr(IP(dst="192.168.X.X",src="192.168.XX.XX",ttl=128)/TCP(sport=122,dport=[23,83,50],flag="S")/"hello")

here flag="S" specifies that SYN packets will be sent by scapy.

and you can specify the sport to any of your desired value.

I think  its too much for today.

Wait for next post i will write it as soon as i get time. till then stay tuned and suggestion are welcome feel free to comment.

Thanks 

Jitendra Santram Singh  & Sooraj Shekhar (team Computer Korner and I-HOS)

Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!