Quicklinks: Scapy | PacketFu | GoPacket | Pcap4J
When talking about packet generation, it is important to distinguish between
low and high-level networking libraries. Every serious language has a library
to interact with sockets directly. Shown here are libraries that provide an
interface for scripting with protocol primitives like
IP, TCP, and HTTP.
Each example will send a ping, the packet crafting equivalent of “Hello World!".
Interpreted languages like Python and Ruby can be convenient because packet generation can be interactive.
If an easy shell solution exists, KISS. Generate traffic with netcat, ping, hping, etc. and save with tshark.
function save_ping() {
tshark -w ping.pcap -f "host 8.8.8.8" -c 1
ping 8.8.8.8 -c 1
}
save_ping
To install, pip install scapy.
# send_ping.py
from scapy.all import *
ans, unans = sr(IP(dst="8.8.8.8")/ICMP()/"Scapy is easy!")
# Write the ping and its reply to a file
wrpcap("ping.pcap",ans+unans)
Run with python send_ping.py. Sending traffic with scapy is extremely easy!
If you do not send data with icmp like "Scapy is easy!" above, Scapy won’t compute checksums and Wireshark will complain.
If you want to live-capture with scapy [it should be possible]](/capture/sources/downloading_file#scapy) on systems with tail.
PacketFu does not have mindshare and you have to build the documentation. If ruby is not a hard requirement, life will be easier with a different library.
Install PacketFu with gem install packetfu.
This script will send the ping to the wire.
# send_ping.rb
require 'packetfu'
# Using :config prepoulates eth_src, eth_dst, and ip_src with system values.
icmp_pkt = PacketFu::ICMPPacket.new(:config => PacketFu::Utils.whoami?)
icmp_pkt.icmp_type = 8
icmp_pkt.icmp_code = 0
icmp_pkt.payload = "PacketFu is easy!"
icmp_pkt.ip_daddr="8.8.8.8"
icmp_pkt.recalc
icmp_pkt.to_w
# Write the generated ping to a file
icmp_pkt.to_f("ping.pcap")
Run with sudo ruby send_ping.rb. Sudo is required here to capture.
gopacket is the golang library to send packets onto the wire, maintained by Google. Gopacket analysis is a great tutorial to start with.
pcap4j is the library for choice for packet crafting in Java. Packet capturing with Java is a great place to start, in addition to the Official examples.