Welcome to the Dark art that is Packet Editing. I have been turned on to this numerous times but never found a suitable method for accomplishing this. Being a coder and also having worked on Scapy source a little, there is a small really unknown function in the src it does not do much but spawn a process in either unix or windows
here is the function:
Code: Select all
def hexedit(x):
x = str(x)
if WINDOWS:
f = os.tempnam("", "scapy")
else:
f = os.tempnam("scapy")
open(f,"w").write(x)
if WINDOWS:
subprocess.call([conf.prog.hexedit, f])
else:
os.spawnlp(os.P_WAIT, conf.prog.hexedit, conf.prog.hexedit, f)
x = open(f).read()
os.unlink(f)
return x
Alright then lets start
first download a hex editor of your choosing. I personally like hex edit or frhed you can find the resources at the end of this article.
Once that is done add them to your environment variables (also known as your system path). Next step is to run scapy. For a tutorial on installing scapy on your operating system visit
Code: Select all
http://www.secdev.org/projects/scapy/doc/installation.html#platform-specific-instructions
Code: Select all
conf.prog.hexedit = "frhed"
Where frhed is the name of the executable hex editor on my system path. Ok test to see that it works
enter this
Code: Select all
hexedit("AAAAAAA")
Ok for now until I get a bit better at doing stuff with this where just going to send a packet and modify its src ip.
Enter this
Code: Select all
send(IP(hexedit(IP(dst="www.google.ca")))/TCP())
You can then modify the src address to find your src address visit this site
Code: Select all
http://www.kloth.net/services/iplocate.php
It should then result in
You can use many different variations of scapy's networking methods to forge and edit packets please see scapy documentation to find out what you can dosent 1 packet
resources
Code: Select all
http://www.kloth.net/services/iplocate.php
http://www.secdev.org/projects/scapy/
http://frhed.sourceforge.net/ hex editor frhed
http://www.physics.ohio-state.edu/~prewett/hexedit/ hexedit