Description

Most current tools that work at the packet level suffer some deficiencies that will prevent you to correctly map networks, find flaws, test equipments, etc. Learn what those deficiencies are, and how you can overcome them with Scapy (http://www.secdev.org/projects/scapy) to efficiently do network discovery, network stack crash testing, leak findings, Wi-Fi injection, attacks, automating specific tasks, etc. See how to extend Scapy with the obscure protocols you need to test and that have no tools supporting them, all that in a matter of minutes.

Topics

• Introduction

• conceptual flaws of other tools

• Scapy's concepts to avoid those flaws

• Quick overview

• packet manipulation

• sending packets

• sniffing

• manipulating packet lists

• sending and receiving

• manipulating result lists

• high level functions

• Packet creation workshop

• old school

• honey, I shrunk the C exploit (by a factor of 100)

• Fuzzing

• random everywhere

• Playing with TTL

• fun with DNAT

• sliced network scans

• Playing with leaks

• examples of flaws

• spotting the padding

• Playing with Wi-Fi

• sniffing, AP spotting

• signal strength monitoring

• frame injection

• airpwn attack (AP spoofing)

• Extending Scapy

• scripting Scapy

• adding your own protocols

• building your own tools

Prerequisites

• good knowledge of TCP/IP protocol suite

• good python basics (read, understood and practicized http://www.python.org/doc/current/tut/tut.html)

• some knowledge of Ethernet and 802.11 will help

Prerequisite material

• computer with Scapy *installed* and *running* and *working*

• python

• python-crypto

• python-gnuplot

• python-pyx

• graphviz

• imagemagick

• prism2 or 2.5 with recent hostap driver for Wi-Fi injection