TCP Null Scan using Scapy
Can someone guide me on how to send packets in Scapy to an ip address, with all flags in the TCP header set to null ? I have so far tried sending packets without specifying which flags to set, but it seems to set the Syn flag everytime I send the packet.
I would like to know i开发者_如何学运维t so that I can learn more about TCP Null Scans. Would be grateful for ur help and guidance.
I haven't used Scapy, but from a quick scan of the documentation there is an example of creating a TCP packet while specifying which flags to set, on this page of the docs:
http://www.secdev.org/projects/scapy/doc/usage.html#simple-one-liners
sr( IP(dst="192.168.1.*")/TCP(dport=80,flags="S") )
Perhaps you could try a command like that, with an empty string ""? i.e. TCP(dport=80,flags="") ?
If you don't want to actually send a TCP header, you'd be better off just setting the protocol of the IP packet and gluing a string of zeros on top of it.
sr( IP(dst="192.168.1.", proto="TCP")/"\0"*50)
Edit: I'm not actually positive on the syntax, you might have to use the protocol number instead of "TCP"
Thank you Andy and Jdizzle for the suggestions.
I tried out what Andy Recommended earlier itself, but the packet somehow seemed to have the Syn Flag set, when i checked it on wireshark.
The good news is, i solved the problem, the flags can be set to null, at the instance when you create the packet to be sent.
create a packet --> a=TCP() and then setting the flag to zero by --> a.flags=0 there are many other attributes that you can preset in this manner before preparing the packet to be sent over the network. You can view these attributes by --> ls(a)
where a=the name of the packet.
This worked successfully !
精彩评论