Search⌘ K
AI Features
Home
Courses
Python Scapy for Network Security

Verifying Response Packet Correctness

Explore how to assemble multi-layer network packets in Scapy and verify their correctness by matching them with captured requests. Understand writing packets to files, using Ethernet layers, and employing Wireshark to confirm response validity in DNS and SYN scanner setup.

We'll cover the following...

Putting the full packet together

Network packets are composed of several different layers. We’ve built different packet layers for a honeypot or server but haven’t put them together.

When building a SYN scanner, we built independent layers and then stacked them together. We can build a complete DNS packet, including an IP, UDP, and DNS layer, via the same process.

Python 3.8
from scapy.all import *
packets = rdpcap('http.cap')
request = packets[12]
ip = IP(src='145.253.2.203',dst='145.254.160.237')
udp = UDP(sport=53,dport=3009)
dns = request[DNS]
dns.qr = 1
dns.ancount = 1
rr = DNSRR(rrname = request.qd.qname, rdata = '127.0.0.1')
dns.an = rr
response = ip/udp/dns
response.show2()

In the code block above, we’ve created a DNS packet designed to be a response to the request ...