emperor's new architecture research

User Tools

Site Tools

Trace:
scapy-usage-examples

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
scapy-usage-examples [2012/08/03 14:19]
94.245.224.234 created 		scapy-usage-examples [2012/08/05 12:12] (current)
89.144.206.230 [how to]
Line 10: Line 10:
  
 <code python> <code python>
->>>​ pkts=sniff(count=10)+>>>​ pkts=sniff(count=100, iface="​wlan1"​#use exteranl wifi card to sniff 
 +>>>​pkts 
 +<​Sniffed:​ TCP:0 UDP:47 ICMP:0 Other:​53>​
 >>>​ wrpcap(‘traffic.pcap’,​pkts) ​     #  Write list of packets to PCAP file >>>​ wrpcap(‘traffic.pcap’,​pkts) ​     #  Write list of packets to PCAP file
 >>>​ packetlist = rdpcap(‘traffic.pcap’) #  Read PCAP file into list of packets >>>​ packetlist = rdpcap(‘traffic.pcap’) #  Read PCAP file into list of packets
->>>​ for pkt in pkts+>>>​ for pkt in packetlist
-...     print pkt+...     print pkt, pkt.src, pkt.name #src give the MAC address of the device; name gives the protocol (Ethernet/​802.3...)
 </​code>​ </​code>​
 returns a dump like this: returns a dump like this:
Line 50: Line 52:
  
  
-[[http://​www.packetstan.com/​2011/​03/​extracting-ap-names-from-packet.html|PACKETSTAN:​ Extracting AP names from Packet Captures ]] +  * [[http://​www.packetstan.com/​2011/​03/​extracting-ap-names-from-packet.html|PACKETSTAN:​ Extracting AP names from Packet Captures ]] 
  
-ping all online IPs; with timeout+works great, extracts MAC addresses and ESSIDs found in a pcap file.  
 + 
 +downloaded this script by Tim Medin; run it like this: 
 + 
 +<​code>​./​APNameFromPcap.py -f [a .pcap file] | sort -u</​code>​ 
 + 
 +returns a list like this: 
 +<​code>​ 
 +00:​--:​--:​--:​--:​-- ​      ​Alexxa 
 +00:​--:​--:​--:​--:​-- ​      ​NETGEAR 
 +00:​--:​--:​--:​--:​-- ​      ​UPC008034 
 +00:​--:​--:​--:​--:​-- ​      ​UPC011853 
 +00:​--:​--:​--:​--:​-- ​      ​UPC019652 
 +00:​--:​--:​--:​--:​-- ​      ​bobi13 
 +bc:​--:​--:​--:​--:​-- ​      ​ASUS_lgdp 
 +</​code>​ 
 + 
 +  * ping all online IPs; with timeout
  
 <​code>​ <​code>​
Line 74: Line 93:
 (doesn'​t really continue once it reaches my own IP) (doesn'​t really continue once it reaches my own IP)
  
-[[http://​samsclass.info/​124/​proj11/​123-P14x-promscan.html|Detecting Promiscuous NICs with scapy]] fun exercise, tried it with 2 wifi cards+  * [[http://​samsclass.info/​124/​proj11/​123-P14x-promscan.html|Detecting Promiscuous NICs with scapy]] fun exercise, tried it with 2 wifi cards
  
scapy-usage-examples.1344003578.txt.gz · Last modified: 2012/08/03 14:19 by 94.245.224.234

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki