In my previous post, I talked about using Scapy to query a DNS server for the IP address of a fully qualified domain name (FQDN). In this post, I will be leveraging that code to send ICMP packets. The code is available on GitHub.
The first additional function I add is
def is_ip(address) and as the name might suggests, it checks if an address given is an IP address or a FQDN. It does so by splitting the address into pieces based on the period(.). Both a FQDN and IP address are split into sections this way, so it makes sense. It then iterates over the sections and if it comes across a alpha character, it assumes it is a FQDN and not an IP address. A refactor of this code would change the code to not need a split into segments.
s_ip(address): isIP = True split = address.split('.') for each in split: for char in each: if char.isalpha(): isIP = False return isIP
The second additional function I add is
def send_msg(address, message). This takes the IP address and a message to be sent over ICMP. Adding the
verbose=0 flag allows for silent operation of the command. Human readable messages can be added either to stdout or to a log.
def send_msg(address, message): send(IP(dst=address)/ICMP()/message, verbose=0)
In the main function, I collect the message the user wants to send and the IP address. I also make sure that the script is run as root, and set the default DNS server address in case one is not set.
def main(): args = parser() hostname = args.host message = args.message dns = args.dns if dns == None: dns = '184.108.40.206' if os.geteuid() != 0: exit("Script needs to be run as root user") if message == None: message = input("Enter the message you want to send: ") if is_ip(hostname) == False: IPv4 = get_IP(hostname, dns, "A") else: IPv4 = hostname send_msg(IPv4, message)
This was another simple script and the results can be seen with a network protocol analyzer, such as Wireshark. The example below shows an ICMP message of "Hello World" sent to localhost.