Python: Send IGMP packets with Scapy

StackOverflow https://stackoverflow.com/questions/22891990

  •  28-06-2023
  •  | 
  •  

문제

I would like to send IGMP packets using scapy, specifically IGMP Leave, IGMP Membership report. Is it possible to do so?

UPDATE:

I was able to eventually generate them. Had to do the following:

1) Install scapy v.2.2.0 as it's described here (including minor alteration in setup.py): scapy's contrib is missing after installing scapy on both windows and fedora

2) You need to use file from contribution package (features not added to the core of scapy):

import scapy.contrib.igmp
igmpPacket = scapy.contrib.igmp.IGMP()
도움이 되었습니까?

해결책

Yes, it is possible to send IGMP packets. After googling a bit, I came up with some useful links that can help you in some direction. On github there exists a IGMP and IGMPv3 implementation in scapy. Here is an interesting mailing list too. Also, this post has an other interesting stuff related to IGMP.

다른 팁

With this method, you can send out IGMP version 2 (RFC2236) Membership Query message, not IGMP version 3.

Here are complete code and tcpdump:

>>> from scapy.all import *
>>> import scapy.contrib.igmp
>>> p = IP(dst="62.22.14.4")/scapy.contrib.igmp.IGMP()
>>> send(p)
.
Sent 1 packets.
>>>

# tcpdump -ni cplane0 igmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on cplane0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:42:01.045618 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.045631 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.046470 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.046476 IP 44.60.11.3 > 62.22.14.4: igmp query v2 [max resp time 20]
18:42:01.959331 IP 62.22.14.4 > 224.1.1.1: igmp v2 report 224.1.1.1

Update: Since IGMPv3 is under construction. Here is a way to send IGMP version 3 Membership Query:

>>> from scapy.all import *
>>>
>>> class IGMP3(Packet):
...     name = "IGMP3"
...     fields_desc = [ ByteField("type", 0x11),
...                     ByteField("mrtime", 20),
...                   XShortField("chksum", None),
...                       IPField("gaddr", "0.0.0.0"),
...                      IntField("others", 0x0)]
...     def post_build(self, p, pay):
...         p += pay
...         if self.chksum is None:
...             ck = checksum(p)
...             p = p[:2]+chr(ck>>8)+chr(ck&0xff)+p[4:]
...         return p
...
>>> bind_layers( IP, IGMP3, frag=0, proto=2)
>>> p = IP(dst="62.21.20.21")/IGMP3()
>>> send(p)
.
Sent 1 packets.
>>>

# tcpdump -ni cplane0 igmp -v
tcpdump: listening on cplane0, link-type EN10MB (Ethernet), capture size     262144 bytes
17:24:35.013987 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014000 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014476 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.014482 IP (tos 0x0, ttl 62, id 1, offset 0, flags [none], proto IGMP (2), length 32)
44.60.11.3 > 62.21.20.21: igmp query v3 [max resp time 2.0s]
17:24:35.218208 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
62.21.20.21 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 239.1.1.1 is_ex, 0 source(s)]
라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top