#!/usr/bin/env python
# coding: utf-8

# # Scapy

# ##### Suraj Deshmukh (surajssd009005@gmail.com)
# ##### http://deshmukhsuraj.wordpress.com/
# #### @surajssd009005

# ## What is Scapy?

# - An interactive tool; that lets you send, sniff, craft and manipulate packets
# - Craft and decode packets of wide number of protocols
# - You can do network scans, traceroutes, arpspoofs, so almost all tasks of nmap and tcpdump
# 

# ## Why use Scapy(and not other tools)?

# - Scapy is a very flexible tool to use(you'll know when you do hands-on).
# - Uses Python as a tool usage language, hence easier to use.
# - Break open tool designer's perspective.

# ### Tool designer's perspective

# - Computers are good at decoding but not so good at interpreting.
# - So a programmer while designing tool makes his tool mimic interpretation.
# - e.g. When a packet is sent on a TCP port with SYN flag and response comes back as SYN-ACK then port is open
# - They show the result in a way what original author thought was appropriate, though it is helpful for beginners.
# - So much information is lost in the process.

# - But computer networks has so many protocols, so permutation of doing things increase
# - So somebody would like to play in some unique way with protocols what nobody has ever thought about
# - But playing with networks is not as easy job
# - Need to write 100's of lines of C code

# #### enter Scapy...

# - just a single line to send packet of your choice

# ## In a Nutshell

# <img src='http://www.secdev.org/projects/scapy/doc/_images/scapy-concept.png'>

# ## Lets start some packets rolling...

# In[7]:


from scapy.all import *


# ## Basics

# In[8]:


ip = IP()
ip.show()


# In[9]:


ip.ttl = 100
ip.show()


# In[10]:


ip.dst = '192.168.0.1'
ip.show()


# ## Encapsulating Layers

# In[11]:


ip = IP(dst='192.168.0.1')
icmp = ICMP()
pkt = ip/icmp
pkt


# In[12]:


pkt = IP(dst='www.google.com')/TCP(dport=80)
pkt


# In[13]:


pkt = Ether()/IP()/TCP()
pkt


# ## Send and Receive Packets

# In[14]:


send(IP()/ICMP())


# In[18]:


p = sr1(IP(dst='192.168.0.1')/ICMP())
p


# In[19]:


ans, unans = sr(IP(dst='192.168.0.1')/TCP(dport=[53, 80]))
ans.show() 


# ## Ping

# In[20]:


ip = IP()
ip.show()


# In[21]:


# default gateway
ip.dst = '192.168.0.1'
ip.show()


# In[22]:


icmp = ICMP()
icmp.show()


# In[23]:


# send and receive, stops after receiving a single reply
# store the reply in variable named 'gateway'
gateway = sr1(ip/icmp)
gateway


# In[24]:


gateway.show()


# ## Traceroute

# In[25]:


# Traceroute works by sending packets each time with decreasing 'ttl' value
reply = sr1(IP(dst='www.google.com', ttl=1)/UDP())
reply.show()


# In[26]:


reply.src


# In[27]:


ans, unans = traceroute(["www.google.com","www.yahoo.com","www.bing.com"],maxttl=20)


# In[28]:


ans.show()


# In[29]:


ans.graph()


# ## Sniff

# In[31]:


a = sniff(iface='wlan0', count=10, filter='ip')
a.summary()


# In[32]:


sniff(iface="wlan0", prn=lambda x: x.summary(), count=10)


# ## Capture and Store Packets

# In[33]:


pkts = sniff(iface="wlan0", prn=lambda x: x.summary(), count=20)


# In[34]:


wrpcap('temp.pcap', pkts)


# In[35]:


pkts = rdpcap("temp.pcap")