Posted by & filed under /dev/random, Hacking & Pentesting, Tools & Methodology.

I wanted to learn how to use scapy, specifically to craft some packets that could confuse IDS operators at a blue team/red team exercise at SANS Boston. Now, I’ve used packETH for this before (and it works like a charm), but I wanted to learn something that could be scripted on the command line.

So I installed scapy from the repositories in Ubuntu (or I could have fetched it from the above link). I wanted to play around and craft some ICMP ping packets with custom payloads, just to see if the IDS guys in the other room really was listening on the wire:

ans,unans = sr(IP(dst="10.246.144.1-254")/ICMP()/"PING! If you can read this, you're on the *wrong* OSI layer. O_o Zombies ahead!! Greetings from the SEC542 class")

Leave a Reply

  • (will not be published)