{"id":879,"date":"2014-10-22T10:45:25","date_gmt":"2014-10-22T10:45:25","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2014\/10\/22\/how-to-build-a-tcp-connection-in-scapy\/"},"modified":"2021-08-01T00:28:08","modified_gmt":"2021-08-01T00:28:08","slug":"how-to-build-a-tcp-connection-in-scapy","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html","title":{"rendered":"How to Build a TCP Connection in Scapy"},"content":{"rendered":"

Scapy<\/a> is a packet manipulation program written in Python by Philippe Biondi.<\/p>\n

Within this article I will show you the code required to build a 3WHS within Python using Scapy.<\/p>\n

Prevent RST<\/h2>\n

At the point you send the SYN from Scapy and the SYN-ACK is returned. Because the Linux kernel receives the SYN-ACK but didn’t send the SYN it will issue a RST. To prevent this IPtables can be used, using the syntax below,<\/p>\n

iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP iptables -L<\/pre>\n
Code<\/h2>\n
In order to perform a 3WHS with Scapy the following code is used.<\/p>\n
#!\/usr\/local\/bin\/python\r\nfrom scapy.all import *\r\n\r\n# VARIABLES\r\nsrc = sys.argv[1]\r\ndst = sys.argv[2]\r\nsport = random.randint(1024,65535)\r\ndport = int(sys.argv[3])\r\n\r\n# SYN\r\nip=IP(src=src,dst=dst)\r\nSYN=TCP(sport=sport,dport=dport,flags='S',seq=1000)\r\nSYNACK=sr1(ip\/SYN)\r\n\r\n# ACK\r\nACK=TCP(sport=sport, dport=dport, flags='A', seq=SYNACK.ack, ack=SYNACK.seq + 1)\r\nsend(ip\/ACK)<\/pre>\n
Example<\/h2>\n
To run the script above (based on you saving the script as 3WHS.py) the following syntax is used \u00a0.\/3WHS.py <src ip> <dst ip> <dst port><\/span><\/p>\n
Once run your see the following packets sent and received via a tcpdump<\/span>,<\/p>\n
[root@client ~]# tcpdump -ni any port 443 -S\r\n14:53:14.402953 IP 172.16.120.5.62409 > 172.16.100.101.https: S 1000:1000(0) win 8192\r\n14:53:14.406422 IP 172.16.100.101.https > 172.16.120.5.62409: S 1629791522:1629791522(0) ack 10\r\n01 win 18484\r\n14:53:14.505963 IP 172.16.120.5.62409 > 172.16.100.101.https: . ack 1629791523 win 8192\r\n\r\n# 172.16.120.5 = client \/ 172.16.100.101 = server<\/pre>\n
On the server you will then see the connection established by running a netstat<\/span>,<\/p>\n
[root@server ~]# netstat -anp | grep 443 | grep EST\r\ntcp \u00a0 \u00a0 \u00a0 \u00a00 \u00a0 \u00a0 \u00a00 ::ffff:127.0.0.1:443 \u00a0 \u00a0 \u00a0 \u00a0::ffff:172.16.120.5:42375 \u00a0 ESTABLISHED 2611\/httpd<\/pre>\n","protected":false},"excerpt":{"rendered":"
Scapy is a packet manipulation program written in Python by Philippe Biondi. Within this article I will show you the code required to build a 3WHS within Python using Scapy. Prevent RST At the point you send the SYN from Scapy and the SYN-ACK is returned. Because the Linux kernel receives the SYN-ACK but didn’t … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36],"tags":[],"yoast_head":"\nHow to Build a TCP Connection in Scapy - Fir3net<\/title>\n<meta name=\"description\" content=\"Scapy is a packet manipulation program written in Python by Philippe Biondi. Within this article I will show you the code required to build a 3WHS within\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Build a TCP Connection in Scapy - Fir3net\" \/>\n<meta property=\"og:description\" content=\"Scapy is a packet manipulation program written in Python by Philippe Biondi. Within this article I will show you the code required to build a 3WHS within\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html\" \/>\n<meta property=\"og:site_name\" content=\"Fir3net\" \/>\n<meta property=\"article:published_time\" content=\"2014-10-22T10:45:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-01T00:28:08+00:00\" \/>\n<meta name=\"author\" content=\"Rick Donato\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rick Donato\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html\"},\"author\":{\"name\":\"Rick Donato\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037\"},\"headline\":\"How to Build a TCP Connection in Scapy\",\"datePublished\":\"2014-10-22T10:45:25+00:00\",\"dateModified\":\"2021-08-01T00:28:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html\"},\"wordCount\":158,\"publisher\":{\"@id\":\"https:\/\/www.fir3net.com\/#organization\"},\"articleSection\":[\"Python\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html\",\"url\":\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html\",\"name\":\"How to Build a TCP Connection in Scapy - Fir3net\",\"isPartOf\":{\"@id\":\"https:\/\/www.fir3net.com\/#website\"},\"datePublished\":\"2014-10-22T10:45:25+00:00\",\"dateModified\":\"2021-08-01T00:28:08+00:00\",\"description\":\"Scapy is a packet manipulation program written in Python by Philippe Biondi. Within this article I will show you the code required to build a 3WHS within\",\"breadcrumb\":{\"@id\":\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.fir3net.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Programming\",\"item\":\"https:\/\/www.fir3net.com\/programming\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Python\",\"item\":\"https:\/\/www.fir3net.com\/programming\/python\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"How to Build a TCP Connection in Scapy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.fir3net.com\/#website\",\"url\":\"https:\/\/www.fir3net.com\/\",\"name\":\"Fir3net\",\"description\":\"Keeping you in the know\",\"publisher\":{\"@id\":\"https:\/\/www.fir3net.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.fir3net.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.fir3net.com\/#organization\",\"name\":\"Fir3net\",\"url\":\"https:\/\/www.fir3net.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png\",\"contentUrl\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png\",\"width\":390,\"height\":88,\"caption\":\"Fir3net\"},\"image\":{\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037\",\"name\":\"Rick Donato\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g\",\"caption\":\"Rick Donato\"},\"description\":\"Rick Donato is a Network Automation Architect\/Evangelist and the founder of Packet Coders.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Build a TCP Connection in Scapy - Fir3net","description":"Scapy is a packet manipulation program written in Python by Philippe Biondi. Within this article I will show you the code required to build a 3WHS within","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html","og_locale":"en_US","og_type":"article","og_title":"How to Build a TCP Connection in Scapy - Fir3net","og_description":"Scapy is a packet manipulation program written in Python by Philippe Biondi. Within this article I will show you the code required to build a 3WHS within","og_url":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html","og_site_name":"Fir3net","article_published_time":"2014-10-22T10:45:25+00:00","article_modified_time":"2021-08-01T00:28:08+00:00","author":"Rick Donato","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Rick Donato","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html#article","isPartOf":{"@id":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html"},"author":{"name":"Rick Donato","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037"},"headline":"How to Build a TCP Connection in Scapy","datePublished":"2014-10-22T10:45:25+00:00","dateModified":"2021-08-01T00:28:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html"},"wordCount":158,"publisher":{"@id":"https:\/\/www.fir3net.com\/#organization"},"articleSection":["Python"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html","url":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html","name":"How to Build a TCP Connection in Scapy - Fir3net","isPartOf":{"@id":"https:\/\/www.fir3net.com\/#website"},"datePublished":"2014-10-22T10:45:25+00:00","dateModified":"2021-08-01T00:28:08+00:00","description":"Scapy is a packet manipulation program written in Python by Philippe Biondi. Within this article I will show you the code required to build a 3WHS within","breadcrumb":{"@id":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.fir3net.com\/Programming\/Python\/how-to-build-a-tcp-connection-in-scapy.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.fir3net.com\/"},{"@type":"ListItem","position":2,"name":"Programming","item":"https:\/\/www.fir3net.com\/programming"},{"@type":"ListItem","position":3,"name":"Python","item":"https:\/\/www.fir3net.com\/programming\/python"},{"@type":"ListItem","position":4,"name":"How to Build a TCP Connection in Scapy"}]},{"@type":"WebSite","@id":"https:\/\/www.fir3net.com\/#website","url":"https:\/\/www.fir3net.com\/","name":"Fir3net","description":"Keeping you in the know","publisher":{"@id":"https:\/\/www.fir3net.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.fir3net.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.fir3net.com\/#organization","name":"Fir3net","url":"https:\/\/www.fir3net.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png","contentUrl":"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png","width":390,"height":88,"caption":"Fir3net"},"image":{"@id":"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037","name":"Rick Donato","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g","caption":"Rick Donato"},"description":"Rick Donato is a Network Automation Architect\/Evangelist and the founder of Packet Coders."}]}},"_links":{"self":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts\/879"}],"collection":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/comments?post=879"}],"version-history":[{"count":0,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts\/879\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/media?parent=879"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/categories?post=879"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/tags?post=879"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}