Scapy Calismalari -IV

Scapy ile arping ve Dns ve DHCP sorgulari olusturmak…
Arping

Agda aktif olan ag cihazlarini hizli bir sekilde kesfetmek icin kullanilir.

>>>> arping(“100.100.100.0/24”)
Begin emission:
*Finished to send 256 packets.

Received 1 packets, got 1 answers, remaining 255 packets
00:04:61:47:da:74 100.100.100.100
(, )

arping fonksiyonu ile ilgili detay bilgi almak icin her zamanki gibi help komutuna basvuruyoruz.

>>> help(arping)
Help on function arping in module __main__:

arping(net, timeout=2, cache=0, **kargs)
Send ARP who-has requests to determine which hosts are up
arping(net, cache=0, iface=conf.iface) -> None
Set cache=True if you want arping to modify internal ARP-Cache

Sahte DHCP Discover Paketleri Olusturmak

sendp(Ether(src="00:00:00:00:00:00",dst="ff:ff:ff:ff:ff:ff")/IP(src="0.0.0.0",dst="255.255.255.255")
/UDP(sport=68,dport=67)/BOOTP(chaddr="\x00\x00\x00\x00\x00\x00",xid=0x10000000)/
DHCP(options=[('message-type','discover'),('end')]))

DNS Sorgusu olusturmak


>>>dns_s = sr1(IP(dst="212.175.212.2")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.lifeoverip.net")))
Begin emission:
...Finished to send 1 packets.
.....................*
Received 25 packets, got 1 answers, remaining 0 packets


>>> dns_s
an= ns=> ar=> |>>>

Goruldugu uzere donen dns cevabina ait tum detaylar alinabiliyor.

Daha temiz bir gorunum elde etmek icin .display() fonksiyonu da kullanilabilir.

>>> ns_ans.display()
###[ IP ]###
version= 4L
ihl= 5L
tos= 0x0
len= 155
id= 58144
flags= DF
frag= 0L
ttl= 54
proto= UDP
chksum= 0xf018
src= 22.175.22.2
dst= 100.100.100.2
options= ”
###[ UDP ]###
sport= domain
dport= domain
len= 135
chksum= 0xb68c
###[ DNS ]###
id= 0
qr= 1L
opcode= QUERY
aa= 0L
tc= 0L
rd= 1L
ra= 1L
z= 0L
rcode= ok
qdcount= 1
ancount= 1
nscount= 2
arcount= 2
\qd\
|###[ DNS Question Record ]###
| qname= ‘www.lifeoverip.net.’
| qtype= A
| qclass= IN
\an\
|###[ DNS Resource Record ]###
| rrname= ‘www.lifeoverip.net.’
| type= A
| rclass= IN
| ttl= 14400L
| rdlen= 4
| rdata= ‘216.12.202.61’
\ns\
|###[ DNS Resource Record ]###
| rrname= ‘lifeoverip.net.’
| type= NS
| rclass= IN
| ttl= 14400L
| rdlen= 16
| rdata= ‘ns2.tekrom.net.’
|###[ DNS Resource Record ]###
| rrname= ‘lifeoverip.net.’
| type= NS
| rclass= IN
| ttl= 14400L
| rdlen= 16
| rdata= ‘ns1.tekrom.net.’
\ar\
|###[ DNS Resource Record ]###
| rrname= ‘ns1.tekrom.net.’
| type= A
| rclass= IN
| ttl= 40469L
| rdlen= 4
| rdata= ‘216.12.202.61’
|###[ DNS Resource Record ]###
| rrname= ‘ns2.tekrom.net.’
| type= A
| rclass= IN
| ttl= 40469L
| rdlen= 4
| rdata= ‘216.12.202.237’

This entry was posted in Network Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

thirteen + 11 =