Python Network Hacking with Kali Linux and Scapy = attack one! 😀
Summary
TLDRThis video demonstrates the power of Python and network knowledge to manipulate network traffic using Scapy. The host shows how to forge and inject packets to disrupt a network's Spanning Tree Protocol, a common method to prevent loops in corporate environments. The video serves as a cautionary tutorial, urging viewers to use such skills ethically for network protection rather than malicious intent. It also emphasizes the importance of proper network configuration to prevent such attacks.
Takeaways
- 🐍 Coding in Python combined with network knowledge can be powerful for both ethical hacking and network protection.
- 🔍 The script uses Scapy, a packet manipulation tool, to demonstrate how to capture and manipulate network packets.
- 🚀 The video aims to educate on how to use Python and network understanding for good, like protecting companies, rather than causing harm.
- 🔒 It emphasizes the importance of securing networks by configuring them properly, such as enabling features like Root Guard.
- 📚 The presenter suggests obtaining certifications like Network+ or CCNA for a deeper understanding of networking.
- 💡 The script captures Spanning Tree Protocol (STP) frames, which are crucial for understanding and manipulating network traffic.
- 🛠️ By manipulating STP frames, it's possible to disrupt network operations, as demonstrated by the script that can DOS a network.
- 📡 The video includes a practical demonstration of how a simple script can change the root port of a switch, causing a denial of service.
- 🚨 A warning is given against using such scripts for malicious purposes and an encouragement to use knowledge for ethical hacking and network security.
- 🌐 The video concludes with a call to action for viewers to subscribe to the channel for more content on hacking and network security.
Q & A
What is the main purpose of the video script?
-The main purpose of the video script is to demonstrate how knowledge of Python coding and networking can be used to manipulate network traffic, specifically by forging and injecting packets into a network. The script emphasizes the potential power and danger of such skills and urges the use of these abilities for good, such as protecting networks, rather than for malicious purposes.
What is the significance of using Python in network manipulation as described in the script?
-Python is significant in network manipulation because it allows for the creation of scripts that can capture, manipulate, and send packets back into the network. Its simplicity and the powerful libraries available, such as Scapy, make it an ideal tool for network testing and security auditing.
What is Scapy and how is it used in the context of the video?
-Scapy is a powerful interactive packet manipulation program that allows the forging or decoding of packets of a wide range of protocols. In the video, it is used to capture, manipulate, and re-inject packets into the network to demonstrate how easily a network can be compromised if not properly secured.
Why is it important to have a good understanding of networking before attempting to manipulate network traffic?
-A good understanding of networking is crucial because it provides the necessary knowledge to identify vulnerabilities and configure networks securely. Without this understanding, one might inadvertently cause damage or fail to recognize the potential impact of their actions on network stability and security.
What is the Spanning Tree Protocol (STP) and why is it targeted in the script?
-The Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. It is targeted in the script because manipulating STP can cause a denial of service by creating network loops or blocking legitimate paths, effectively disrupting network communication.
How does the script demonstrate the potential to disrupt a network using STP?
-The script demonstrates network disruption by capturing STP frames, manipulating them to change the path cost and bridge MAC address, and then re-injecting these manipulated frames into the network. This causes the network switches to re-evaluate their root paths, potentially blocking legitimate connections and creating a denial of service.
What is the ethical stance taken by the script's author regarding the use of network manipulation techniques?
-The script's author takes an ethical stance, advocating for the use of network manipulation techniques for good purposes, such as network security and protection, rather than for malicious intent. The author emphasizes the responsibility of using such powerful knowledge to protect rather than to harm.
What is the role of permissions in capturing network packets as mentioned in the script?
-Permissions play a critical role in capturing network packets. The script mentions a 'permission error' when attempting to capture packets without administrative privileges. Using 'sudo' provides the necessary permissions to capture and manipulate network traffic, which is essential for network testing and security auditing.
How does the script use packet manipulation to create a denial of service (DoS) attack?
-The script creates a DoS attack by manipulating STP packets to make a switch believe that the best path to the root bridge is through the machine running the script, rather than the actual root port. This causes the switch to block the legitimate root port, redirecting all traffic to the script's machine, effectively cutting off network communication between devices.
What is the significance of the script's simplicity in terms of line count?
-The script's simplicity, with less than 10 lines of code, underscores the ease with which someone with knowledge of Python and networking can potentially disrupt a network. This highlights the importance of network security measures and the potential risks posed by even basic scripting knowledge.
Outlines
🐍 Python and Network Power
The speaker emphasizes the potential power and danger of combining Python coding skills with a deep understanding of networking. They caution against using these skills for malicious purposes and instead advocate for ethical hacking to protect networks. The video aims to demonstrate the simplicity of breaking a network using Python, specifically by manipulating packets with Scapy, a tool for packet manipulation. The speaker sets up a network environment with Cisco switches and MacBooks to illustrate the process and encourages viewers to subscribe for more content on hacking networks ethically.
🔍 Capturing and Manipulating Network Packets
The speaker demonstrates how to capture a packet from the network, specifically a Spanning Tree Protocol (STP) frame, using Scapy. They explain the importance of understanding the content of the captured packet and how to view it in a readable format. The video then transitions into showing how to manipulate the captured packet by altering its path cost and bridge MAC address, with the intention of disrupting the network's normal functioning. The speaker uses this example to highlight the ease with which a network can be compromised if not configured with security in mind.
💥 Disrupting Network with a Simple Script
The speaker executes a script that sends manipulated STP frames into the network, effectively creating a denial of service (DoS) attack by changing the root port of a switch. This action blocks legitimate traffic and causes ping requests between two MacBooks to time out. The video shows the switch's console changing its root port from the intended port to the one manipulated by the script. The speaker reiterates the importance of using such knowledge for good, understanding networks, and securing them against simple attacks. The video concludes with a call to action for viewers to subscribe and support the channel for more educational content.
Mindmap
Keywords
💡Packets
💡Python
💡Scapy
💡Spanning Tree Protocol (STP)
💡Manipulated or Forged Packets
💡Network Topology
💡Kali Linux
💡Denial of Service (DoS)
💡Ethical Hacking
💡Root Guard
💡BPDUs (Bridge Protocol Data Units)
Highlights
Demonstrates how to manipulate network packets to disrupt a network using Python and Scapy.
Emphasizes the importance of using such knowledge for ethical purposes, like network protection, rather than malicious intent.
Introduces Scapy as a tool for packet manipulation and its capabilities in various protocols.
Shows how to set up a virtual machine with Kali Linux for network testing purposes.
Explains the concept of Spanning Tree Protocol (STP) and its role in preventing network loops.
Advocates for proper network configuration to prevent security vulnerabilities.
Provides a basic script example to capture and manipulate STP frames using Scapy.
Details the process of capturing packets and how to view them using Scapy's functionalities.
Illustrates how to forge packets to disrupt network communication by manipulating path cost and bridge MAC address.
Discusses the impact of a Denial of Service (DoS) attack on network functionality.
Demonstrates the effectiveness of a simple script in causing a DoS attack on a network.
Shows how to use Scapy to capture and manipulate STP BPDUs to disrupt network traffic.
Explains the concept of root guard in network security and its importance.
Provides a step-by-step guide on how to use Scapy to forge and inject packets into a network.
Warns against the misuse of network knowledge and tools for unethical hacking.
Encourages viewers to subscribe and support the channel for more educational content.
Ends with a reminder to use the demonstrated skills responsibly and for the betterment of network security.
Transcripts
now just like that i've been able to dos
a network
by using packets captured off the
network and
sending manipulated or forged packets
back into the network
it's amazing what you'll be able to do
if you know how to code in python
if you understand how networks work
combining knowledge of those two areas
will make you
very very powerful or very very scary
depending on what you do
don't use this for malicious purposes
use your power for good
don't go out there and break networks
and get into trouble
use what i'm showing you here the power
of python power of understanding of
networks
to do good to protect companies rather
than destroy them
but i want to show you in this video how
a very simple script
can break a network
[Music]
now before we continue if you enjoy
these types of hacking videos
please consider subscribing to my
youtube channel please like this video
and click on the bell to get
notifications
that really does help me with the
youtube robots allows me to create more
content like this
i'm starting a series of videos where
i'm going to show you how easy it is to
hack
networks using python to help us do that
we're going to use
scapy or scappy if you prefer but i'm
going to call this scapy
on the scapy website they say that scapy
is a powerful
interactive packet manipulation program
it allows you to forge or decode packets
of a wide range of protocols
there's a whole bunch of stuff that you
can do with scapy i want to make this as
interesting as i can
and to help demonstrate that i've got
the following network
i have three cisco switches
i've also got two macbooks first macbook
is the macbook in front of me
macbook is connected to the 3560 cx
switch which is the switch on the bottom
in this topology
i'm running kali within a virtual
machine
on my windows computer and it's also
connected to a 3560
so this windows computer over here is
running kelly within a virtual machine
if you want to see how to set that up
have a look at this video where i show
you how to download kali
and install it within vmware workstation
player on windows
i typically use a virtual machine on
windows just to make it more accessible
to more people if you want to run kelly
natively you could do that i've also got
another windows
computer which is behind me so windows
laptop behind me
so what i'm going to be doing is using
kali
to sniff traffic from the network and to
inject
packets and frames into the network so
we basically going to inject
stuff into the network we're going to
forge packets forge frames
and send them into the network to break
the network
in this first example i'll show you how
i can break spanning tree protocol
or stp which is used in a lot of
corporate environments to stop
loops if you want to be a good ethical
hacker it helps to have an understanding
of networking
so go and get your network plus
certification or ccna
do something that gives you a good
understanding of networking because if
you understand networking
you'll see that it's very very easy to
break networks if they're not configured
properly
if you're a network engineer i'm
hopefully going to demonstrate to you
why you should enable or configure your
networks properly
why you should run root guard as an
example why you don't want to accept
bpdus
from any device on the network you need
to configure your network with security
in mind
okay so i'm going to demonstrate a
little bit about scapy and then i'll
show you how you can capture packets off
the wire
manipulate them and send them into the
network to break the network
so on my kali or kali linux vm
i'm going to open up a terminal
i'm going to start python 3. scapy is
installed by default
on kali that makes life a lot easier
here's a very basic script i'm going to
import scapy into python
and then what i can do is sniff for a
packet off the wire
now i've put links to all these scripts
on github so use the link below
if you want to download these scripts or
get access to them they're on my github
page
so i'll paste that command in sniff and
we are sniffing
the well-known mac address for spanning
tree and notice i get permission
error operation not permitted and that's
because i should have used
sudo python3 so sudo
python3 put in my password
okay so try that again import scapy
and then we want to capture
traffic to this well-known mac address
and store that in a variable
okay so that's now been done so now we
can view
the captured packet by simply using the
command packet
zero now i only captured one packet or
one frame in this example
if i captured two i could use one here
rather than zero to see the second
packet or second frame if you want to be
specific
okay so that's what it looks like not
very easy to read
so what we can do is use the show
command to
show the information nicely so packet
zero show and there you go
i can see that the frame that was
captured
it's an 802.3 frame in other words it's
ethernet
destination mac addresses this source
mac addresses this
we can see link layer control
information
but what's important is the spanning
tree part that's what we're interested
in
you can see the root id is this the root
has this mac address
the switch that sent the message was
this switch
you can see information such as the port
id and other information
so basically what we've done now is we
have captured
a packet off the wire and we can view
the output now you could as an example
go through the different layers by using
packet to zero
first packet that was captured and first
layer that shows us exactly the same
information
if i want to see layer 1 that shows me
that
or if i want to see layer 2 in the
output i see that
so i only see spanning tree information
or rather than doing it that way i could
simply specify stp
so only show me the stp information so
just by using two lines of code
importing escaping to python
and specifying what i want to view i've
been able to capture spanning tree
frames off the wire
and i can interrogate that i can see
what's going on
but now let me show you how i can
leverage that to break the network
so what i'm going to do is capture the
frame off the wire
but then i'm going to manipulate things
so i'm going to change the packet
path cost to this the bridge mac
i'm going to change to the root mac
so it's as if the spanning tree root is
sending messages
to the switch the switch that advertised
this frame is not the root switch it's
the 3560 switch in my topology who's not
the root
the root is one of the other switches
but what i could do is block the
connection to the root
so on the 3560 show spanning tree
i can see that its root port
is gigabit 0 2 which is the connection
to the 2960 switch
so the 2960 switch is the root in this
topology not
the switch i'm connected to now what
we're going to do with this first
script is capture spanning tree frames
and then what i'm going to do is block
the port to the root switch by setting
the cost to the root to zero
so basically this switch here
is going to think that it's got a better
path to the root switch
via the kali virtual machine rather than
its actual
root port so the root port on this
switch is this port
this switch is the route bridge but
we're going to tell
this switch that the best way to get to
the route is via us
and we can do that by manipulating the
cost
this switch sees the cost to the root
switch as
full but we're going to change the cost
to zero we're going to change the
advertising bridge
mac address to the root switch so
basically
this switch is going to think that this
is the best port to use to get to the
root switch
rather than this port once again show
spanning tree on the switch
its root port is gigabit 0 2
which is the port to the 2960 we're
gonna change that
to gigabit zero five which is currently
a designated port
but we're gonna make that the root port
and that will basically do a denial of
service attack against the macbooks so
rather than this macbook being able to
ping this macbook
traffic is going to be sent to us rather
than
to this macbook so we could for instance
capture that traffic and do something
with it
but for this basic demonstration i'm
just going to show you how to destroy
the network
okay macbook 1 has this ip address 10
110
can it ping macbook 2 which
has this ip address 10 1 1.
i know that already but just to show it
here
macbook 2 has this ip address 10 1 1
1. let's see if we can break the network
so pings are currently succeeding
macbook 1 can ping macbook 2.
okay so on our kelly machine we're
importing scapy we're going to capture
a spanning tree bpdu we're going to set
the path cost to zero we're going to set
the bridge mac address to the root mac
address
we're going to set the port id to one
we're going to send multiple bpdus into
the network
so we'll send a bpdu that's manipulated
we'll wait a second
and what i'll do actually is put the
timer here
so we'll send a packet into the network
we'll wait a second and then we'll loop
around
so i'll copy that simple script now
notice the script is very small
it's less than 10 lines of code most of
it is comments but very basic script
what i'll do is quit python here so i'm
in
the cali shell and i'll type nano
http hack root port dot py
and i'll paste that script in control x
save that so now if i run python 3 and i
need to use sudo
so sudo python 3 sdp
hack root port currently this mac can
ping the other mac
but if i run that
we've captured a frame packet has been
sent into the network
notice pings are timing out i've dosed
this network
or i've created a denial of service
attack against this network
pings are timing out if i look at the
console
of the switch previously its root port
was gigabit zero two
now it's gigabit zero
five in other words this port
we have made the root port of the switch
us we've become the root port
the port to the root bridge has been
blocked you can see here it says
alternate blocking
we've essentially used spanning tree
against itself
captured a packet of the wire changed a
few values
sent it back into the network and dosed
the network basically
spanning tree is blocking the right port
and we are getting all traffic
to come to us now that timed out
notice the root port is back to gigabit
zero two
so pings are succeeding once again let
me run that script again i was a bit
slow there
so pings has started to time out again
and on
the kali virtual machine if i ran
wireshark
and search for icmp you'll notice that i
see
icmp echo messages from 10
110 to 10 111
i'm capturing packets from the macbook
it can't send traffic to the other
device
because i'm blocking the port so again
that's what it looked like previously
now the root port is us
i'll make that longer because it times
out as i'm speaking to you
so running that again root port
was gigabit zero two you can see it's
listening at this point it was
forwarding as it's trying to learn where
the root bridge is
but now it's blocking so i've basically
used spanning tree against itself to dos
the network
and this script is less than 10 lines of
code if you know python
if you know how networks work it's
amazing what you can accomplish
simplescript with an understanding of
networking makes you very dangerous or
very powerful
please only use this for good do not
use these scripts for malicious purposes
i own this network i'm testing this on
my own network
make sure that you understand how
networks work make sure that you
understand how to protect them
because a simple script like this can
break an entire network
now once again if you enjoyed this video
please consider subscribing to my
youtube channel please like this video
and click on the bell to get
notifications i'm david bomble
and i want to wish you all the very best
only use this for good
not for bad
oh
Browse More Related Video
Spanning Tree Protocol - N10-008 CompTIA Network+ : 2.3
Tutup DDOS attack dan port scaning dengan mikrotik firewall
Basics of Network Traffic Analysis | TryHackMe Traffic Analysis Essentials
Perform Wireless Attacks | CEHv12 Practical ILabs Walkthrough
Mastering OCI Networking - Scenario 1 (Hub and Spoke with OCI Firewall)- Part B
Početak rada u Cisco Packet Traceru HR
5.0 / 5 (0 votes)