1

I have a recurring problem where packets I send with scapy don't arrive. I tried to sniff them using scapy and wireshark, but they don't get sniffed. It's as if they weren't sent, but the script sending them displays the "sent 1 packet" message.

I looked it up and found this similar question that the problem might be that the packet is sent to the wrong interface. this seems likely, because my scapy's default iface is set to "eth0", and I sniff on my wifi connection. If this is really the problem, how do i set scapy to send & sniff on the wifi connection?

code example:

from scapy.all import *

message = raw_input("enter your message:")

for c in message:
    packet = Ether() / IP(dst = "127.0.0.1") / UDP(sport = 4001, dport = ord(c))
    send(packet)

raw_input()

In this script is supposed to send a message to a server by sending empty UDP packets to ports signifying the letters. The script runs fine, I just don't get any packets on my "server", and the packet this script supposedly sends cannot be sniffed.

EDIT: my os is windows 8.1

Community
  • 1
  • 1
user1461837
  • 91
  • 2
  • 11

2 Answers2

1

The destination for your packet is 127.0.0.1 which falls under the network range for the loopback interface on your system. You could listen and send on this interface (with the aforementioned address) if you are using the same computer (but a separate process) for sniffing.

You will need to send your packet to the address of your WiFi interface on the computer you are sniffing on.

You'll also want to ensure that your firewall (if you have one running) isn't blocking the connection.

That's just the beginning of the troubleshooting process of what can be going wrong. If you are just looking to test basic Scapy - I suggest using the loopback interface on your machine to test.

RyPeck
  • 7,830
  • 3
  • 38
  • 58
1

Various reasons are possible. Some of them:

1) Check out with conf.route, which interface is used for sending to 127.0.0.1. Easiest in an interactive session to try just one packet.

2) FW already mentioned. Try disabling FW fully to see if it has effect.

3) Failure to find/import library for sending packets. You have not indicated OS, so cannot help in detail. E.g. MacOS uses libdnet.

4) Lacking permission to craft packet. Try to run as root.

If you would try it with scapy in python3 (pip install scapy-python3), I could help you in more detail.

Eriks Dobelis
  • 913
  • 7
  • 16
  • What is conf.route? How do I check what interface I'm sending a packet with? How do I run scapy as root? I tried searching the web, but with little success. Thanks. – user1461837 Jul 15 '15 at 14:11
  • 2
    Open interactive session (e.g. with `sudo scapy`), and run `conf.route`. You will see your routes as scapy has interpreted them, and corresponding interfaces. As scapy does its own interpretation of routes, in case of an error it is possible that e.g. 127.0.0.1 gets sent over a different interface than it should be. – Eriks Dobelis Jul 15 '15 at 14:16
  • I tried disabling the firewall and tried all the interfaces in conf.route. I'm pretty sure the problem is with libdnet. i have it installed. What should I try to do? Thanks anyway. – user1461837 Jul 16 '15 at 16:36
  • 1
    For windows eth0 cannot be right. How did you select the interface? Try running interactive python session and check if you can import libdnet and if it works – Eriks Dobelis Jul 17 '15 at 04:53