configure Scapy to listen for a specific packet and once the packet is received, send a specific packet

StackOverflow https://stackoverflow.com/questions/19461555

  •  01-07-2022
  •  | 
  •  

Question

Is it possible to configure Scapy to listen for network traffic and send a crafted packet once a packet with certain parameters is received? I mean for example Scapy listens network traffic on eth0 and in case an ICMP "echo request" packet from source IP 10.10.44.3 is received, Scapy sends an TCP SYN packet to port 34 to IP address 192.168.2.1 using 8.8.8.8 as a source. Is such setup possible with Scapy?

Was it helpful?

Solution

Yes.

Using the sniff() function, you can provide a parameter to the stop_filter option.

>>> print sniff.__doc__
Sniff packets
sniff([count=0,] [prn=None,] [store=1,] [offline=None,] [lfilter=None,] + 
      L2ListenSocket args) -> list of packets

...clipped...

stop_filter: python function applied to each packet to determine
             if we have to stop the capture after this packet
             ex: stop_filter = lambda x: x.haslayer(TCP)

If the function returns 1, sniff will stop, and you can continue with whatever logic you wish.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top