To replay a tcp packet cpatured by wireshark, you can use either tcpreplay/bittwist tools
Example1:
tcprewrite --infile=capturedtraffic.pcap --outfile=temp.pcap --srcipmap=0.0.0.0/0:192.168.1.15 --enet-smac=00:0c:29:de:78:42
tcpreplay --intf1=eth0 temp.pcap
sender source MAC is set to 00:0c:29:de:78:42
Example2:
bittwiste -I arp-packet.pcap -O fake-arp.pcap -T arp -o 2 -s 00:00:aa:bb:cc:dd -p 192.168.1.1 -t 00:08:55:64:65:6a -q 192.168.1.20
input file: arp-packet.pcap
output file: fake-arp.pcap
The sender MAC address is set to 00:00:aa:bb:cc:dd; a non-existent MAC address on the network.
bittwist -i vr0 fake-arp.pcap sending packets through vr0 trace file
Example1:
tcprewrite --infile=capturedtraffic.pcap --outfile=temp.pcap --srcipmap=0.0.0.0/0:192.168.1.15 --enet-smac=00:0c:29:de:78:42
tcpreplay --intf1=eth0 temp.pcap
sender source MAC is set to 00:0c:29:de:78:42
Example2:
bittwiste -I arp-packet.pcap -O fake-arp.pcap -T arp -o 2 -s 00:00:aa:bb:cc:dd -p 192.168.1.1 -t 00:08:55:64:65:6a -q 192.168.1.20
input file: arp-packet.pcap
output file: fake-arp.pcap
The sender MAC address is set to 00:00:aa:bb:cc:dd; a non-existent MAC address on the network.
bittwist -i vr0 fake-arp.pcap sending packets through vr0 trace file
No comments:
Post a Comment