Send scapy packets through raw sockets in python

Question

Is it possible? If yes? How?

This is my script (it doesn't work):

from scapy.all import *
import socket

try:
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    p=IP(dst="192.168.1.254")/TCP(flags="S", sport=RandShort(), dport=80)
    s.connect(("192.168.1.254",80))
    s.send(p)
    print ("Request sent!")
except:
    print ("An error occurred.")

--UPDATE--

p = bytes(IP(dst="DESTINATIONIP")/TCP(flags="S", sport=RandShort(), dport=80))
    while True:
        try:
            socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, sockip, sockport, True)
            s = socks.socksocket()
            s.connect((DESTINATIONIP,DESTINATIONPORT))
            s.send(p)
            print ("Request Sent!")
        except:
            print ("An error occurred.")

is it possible to send this syn packet but through an http proxy instead of socks?

Answer 1

To send a scapy packet using raw sockets you have to convert your packet to raw bytes first. For example a packet crafted using scapy like this:

p = IP(dst="192.168.1.254")/TCP(flags="S", sport=RandShort(),dport=80)

should be converted to raw bytes with bytes(p) . This will give you something like:

'E\x00\x00(\x00\x01\x00\x00@\x06\xf6w\xc0\xa8\x01\t\xc0\xa8\x01\xfe\x97%\x00P\x00\x00\x00\x00\x00\x00\x00\x00P\x02 \x00t\x15\x00\x00'

Then you can send it using raw sockets. So for your example you could modify a little your code like:

from scapy.all import *
import socket

try:
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    p = IP(dst="192.168.1.254")/TCP(flags="S", sport=RandShort(),dport=80)/Raw("Hallo world!")
    s.connect(("192.168.1.254",80))
    s.send(bytes(p))
    print "[+] Request Sent!"
except Exception, e:
    raise e

This should work!

Notice!!! Have in mind that when you use socket (module) to communicate with another computer sockets automatically construct your packets (headers, etc) and send the content you wish to send. But when you construct a packet with scapy you craft it from the beginning so you define its content and its headers,layers etc. So in your example when you send your packet you will sent 'all' as content-payload even the packet-headers(ip-header,tcp-header). You can test it by running the below sniffer:

#!/usr/bin/env python

from scapy.all import *

def printer(packet):
    if packet.haslayer(Raw):
        print packet.getlayer(Raw).load

print "[+] Sniff started"
while True:
    sniff(store=0, filter="host 192.168.1.254 and port 80", prn=printer, iface="your_interface_here")

Well while the sniffer is running try to run the first piece of code in my post (as I updated the packet with a raw layer=tcp.payload) and you will observe that not only the data but the whole packets gets transmitted as data. So you kind of sending the headers twice. That's why sockets has its own send method and scapy its own.