scapy를 이용한 3-way handshaking

IP 정보를 받아와서 확인

>>> ip = IP() 
>>> ip.display()
###[ IP ]###
  version= 4
  ihl= None
  tos= 0x0
  len= None
  id= 1
  flags= 
  frag= 0
  ttl= 64
  proto= hopopt
  chksum= None
  src= 127.0.0.1
  dst= 127.0.0.1
  \options\

 

목적지 IP 주소를 Kali#1으로 변경 후 IP 정보를 확인

>>> ip.dst = "192.168.111.130" 
>>> ip.display()
###[ IP ]###
  version= 4
  ihl= None
  tos= 0x0
  len= None
  id= 1
  flags= 
  frag= 0
  ttl= 64
  proto= hopopt
  chksum= None
  src= 192.168.111.131
  dst= 192.168.111.130
  \options\

 

TCP 정보를 가져와서 확인

>>> tcp = TCP() 
>>> tcp.display()
###[ TCP ]###
  sport= ftp_data
  dport= http
  seq= 0
  ack= 0
  dataofs= None
  reserved= 0
  flags= S
  window= 8192
  chksum= None
  urgptr= 0
  options= {}

 

출발지 포트번호를 랜덤하게 생성 후 TCP 정보를 확인

>>> tcp.sport = RandNum(1024, 65535)
>>> tcp.display()
###[ TCP ]###
  sport= <RandNum>
  dport= http
  seq= 0
  ack= 0
  dataofs= None
  reserved= 0
  flags= S
  window= 8192
  chksum= None
  urgptr= 0
  options= {}

 

SYN 패킷을 생성

>>> syn = ip/tcp

 

SYN 패킷을 전송 후 첫번째 응답이 올 때까지 대기

>>> syn_ack = sr1(syn)
Begin emission:
.Finished to send 1 packets.
*
Received 2 packets, got 1 answers, remaining 0 packets

 

SYN_ACK 패킷 확인

>>> syn_ack.display() 
###[ IP ]###
  version= 4L
  ihl= 5L
  tos= 0x0
  len= 44
  id= 0
  flags= DF
  frag= 0L
  ttl= 64
  proto= tcp
  chksum= 0xda75
  src= 192.168.111.130
  dst= 192.168.111.131
  \options\
###[ TCP ]###
     sport= http
     dport= 52412
     seq= 2944719005L
     ack= 1
     dataofs= 6L
     reserved= 0L
     flags= SA
     window= 29200
     chksum= 0x707f
     urgptr= 0
     options= [('MSS', 1460)]
###[ Padding ]###
        load= '\x00\x00'

 

ACK 패킷 생성

>>> ack = ip/TCP(sport=syn_ack[TCP].dport, dport=80, flags="A", seq=syn_ack[TCP].ack, ack=syn_ack[TCP].seq+1)

 

ACK 패킷 전송

>>> send(ack) 
.
Sent 1 packets.