scapy: Operation not permitted when sending packets

StackOverflow https://stackoverflow.com/questions/22421290

  •  15-06-2023
  •  | 
  •  

Question

I'm trying to learn a bit of packet generation with scapy. It looks pretty cool. Following some documentation I'm doing this:

l3=IP(dst="192.168.0.1", src="192.168.0.2", tos=(46 << 2))

But only to get the error message of:

Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "/usr/lib/python2.7/dist-packages/scapy/sendrecv.py", line 251, in send
    __gen_send(conf.L3socket(*args, **kargs), x, inter=inter, loop=loop, count=count,verbose=verbose, realtime=realtime)
  File "/usr/lib/python2.7/dist-packages/scapy/arch/linux.py", line 307, in __init__
    self.ins = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(type))
  File "/usr/lib/python2.7/socket.py", line 187, in __init__
    _sock = _realsocket(family, type, proto)
error: [Errno 1] Operation not permitted

Running scapy as root solved the problem. But that's not what I wanted. Is it because normal user can't create RAW socket? If so, is there a solution?

Était-ce utile?

La solution

Scapy needs root privileges to create raw sockets because it uses the Python socket library. Raw sockets are only allowed to used "with an effective user ID of 0 or the CAP_NET_RAW capability" according to the Linux raw man pages.

I can't find what looks to be reliable documentation on setting the CAP_NET_RAW capability, but if you are looking to a work around to running Scapy scripts that user raw sockets without root, that is what you need to do.

Autres conseils

To run Scapy with just cap_net_raw privilege...

The safest and less complicated way I know is, in order:

  1. Make a personal copy of the python binary:

    $ sudo cp /usr/bin/python2.7 ~/python_netraw

  2. Own it:

    $ sudo chown your user name ~/python_netraw

  3. Don't let anybody else run it:

    $ chmod -x,u+x ~/python_netraw

  4. Give it cap_net_raw capability:

    $ sudo setcap cap_net_raw=eip /usr/bin/python_netraw

  5. Run scapy with it:

    $ ~/python_netraw -O /usr/bin/scapy

(Or use sudo each time you need to run Scapy with raw privileges.)

A dirty approach, possibly insecure: Directly give CAP_NET_RAW capability to Python:

sudo setcap cap_net_raw=eip $(readlink -f $(which python))

To run a temporary python environment (like for scapy) with cap_net_raw I found this works:

sudo -E capsh --caps="cap_setpcap,cap_setuid,cap_setgid+ep cap_net_raw+eip" --keep=1 --user="$USER" --addamb="cap_net_raw" -- -c /usr/bin/python3

adapted from the Arch Wiki

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top