TEACHERS
GALLERY
PRICING
SIGN IN
TRY ZURU
GET STARTED
Loop
Audio
Interval:
5s
10s
15s
20s
60s
Play
1 of 20
Slide Notes
Download
Go Live
New! Free Haiku Deck for PowerPoint Add-In
Scapy
Share
Copy
Download
0
250
Published on Nov 18, 2015
No Description
View Outline
MORE DECKS TO EXPLORE
PRESENTATION OUTLINE
1.
Scapy
Advanced by Jesús Pedrosa
Photo by
Program Executive Office Soldier
2.
Roadmap
Sniffing
Injecting
Creating a new protocol
Creating an out of the ordinary protocol
Creating a traffic generator (included in the deluxe version)
Photo by
Sjoerd Lammers street photography
3.
Sniffing
Hardcore Level: Virgin Mary
Photo by
bikesandwich
4.
The easy way
The sniff() method
Filters
Interfaces
Packet count
Photo by
Carlos Alejo
5.
Injecting
Hardcore Level: Saint Joseph
Photo by
baseball971
6.
The not so easy way
The sr() method
The "other" sr() methods, sr1, srp, srloop, srploop
Photo by
Tekniska museet
7.
Creating a new protocol
Hardcore level: Saint Peter
Photo by
Gemma Stiles
8.
What scapy is good for out of the box
Protocols based on fixed packet representation
Protocols with simple type representation
Protocols that are already well settled in the market
Photo by
derekskey
9.
What scapy is a pain in the ass for
New protocols
Protocols with weird conditional fields
Protocols with a variable structure
Protocols with different levels of abstraction/subprotocols
Mostly anything that is not well settled in the market/already included in the framework to begin with
Photo by
derekskey
10.
What are we going to try
Create a new layer
Create a new field
Create a new binding
Use it for something
Photo by
derekskey
11.
Our new layer
Name and fields_desc[] class attributes
Standard types of fields: bit, byte, x3byte, enum...
Conditional fields
Length fields and fields with length
Photo by
derekskey
12.
Our new field
The getfield() method
The i2m() method
Getting to chop the length we want
Photo by
derekskey
13.
Binding layers
Used to tell the dissector to jump form one analyzer to another
The bind_layer() method
Simple conditions
Photo by
derekskey
14.
Creating an out of the ordinary protocol
Hardcore Level: God
Photo by
Han Shot First
15.
So you say you protocol looks like... what?
Overloading the __init__() of the class
Setting a new name for every new instace
Setting a new fields_desc for every new instance
Setting up our own flags for later
Inheritance and adding some other weird stuff
Photo by
rolfkallman
16.
Where the magic lies
The dissect() method
The do_dissect() method
The guess_payload_class() method
Photo by
rolfkallman
17.
Overcoming Scapy limitations
Creating a state object
Passing data from one packet to another
Behaving accordingly to the state
Photo by
rolfkallman
18.
Fields with particular needs
Example of Huffman codification decodification and http2 in general
Photo by
rolfkallman
19.
Creating a traffic generator (included in the deluxe version)
Now this is some serious stuff
Photo by
maticulous
20.
Possibilities
State machines
Check the web page, it's all there
http://www.secdev.org/projects/scapy/doc/usage.html#interactive-tutorial
Photo by
rwillia532
Friend of Haiku Deck
×
Error!