Scapy Script
sample python script with scapy inside...
#! /usr/bin/env python
#
# execute with sudo python a.py 
#
import sys
from scapy.all import sr1,IP,ICMP
p=sr1(IP(dst=sys.argv[1])/ICMP())
if p:
        p.show()

Important Scapy Commands
execute wireshark with a packet
	
>>>whireshark(p)

Display all IP flags
	
>>> x=IP(flags=(0,7))
>>> [k for k in x]
[<IP  flags= |>, <IP  flags=MF |>, <IP  flags=DF |>, <IP  flags=MF+DF |>, <IP  flags=evil |>, <IP  flags=MF+evil |>, <IP  flags=DF+evil |>, <IP  flags=MF+DF+evil |>]


sniff
scapy sniff with tshark like filters.
	
a=sniff(filter="tcp port 25")
or print sniffed packets
a=sniff(prn = lambda x: x.display)
print detail of packet
a=sniff(prn = lambda x: ls(x))
or send the same packet
a=sniff(filter="udp port 161")
sendp(a)
some other sniff samples
sniff(filter="udp and port 53", count=100, iface="eth0")

(c) 2009 by packetlevel.ch / last update: 07.11.2009