+91 80 4201 0563 (Only for Sales), +91 80 4377 5796 (Admin & HR inquiries)
info@alethea.in
Schedule A Demo
Facebook
Twitter
LinkedIn
YouTube
RSS
Alethea.in Logo
  • Products
    • SWAT WiCheck 6
    • SWAT WiCheck 6 ATF
    • SWAT WiCheck V0200
    • SWAT WiCheck D2A
    • SWAT WiCheck Lite
  • Services
    • Specialized Applications
    • IoT Solutions
    • Wireless Experience Center
    • Cellular Technologies
    • SWAT Professional Services
  • Solutions
  • Resources
    • Blog
    • Newsletters
    • Brochures
    • Case Studies
      • Product Case Studies
      • Services Case Studies
    • Videos
  • About Us
  • Careers
  • Contact Us

Packet Injection

GowthamJuly 10, 2020

What is Packet Injection?

Every network equipment maker would want to test different features and also ensure that the equipment is not susceptible to (1) malicious attacks, (2) malfunctioning devices.

Packet injection is one of the ways to replay these message sequences from the client side and check the stability and security of the device under test. For example, you can send directed probe requests from the clients so as to test how well an AP can handle probes from several clients or a single rogue client.

Open nature of wireless networks makes it easier for an attacker who is within the range of the network to inject packets into the datastream of an application. Through this, the attacker may hijack a user session or do a man in the middle attack. Wireless technologies offer little or no protection for the users in the network against such scenarios.

Wireless packet injection tools are evolving rapidly and there are many tools providing different capabilities on different networks. So it is essential for network equipment vendors to test these scenarios.

SWAT WiCheck, a Wi-Fi multi client simulator provides packet injection as a traffic so that packets can be injected from multiple WiCheck clients simultaneously and the system tested. 

To perform packet injection with WiCheck, we need a pcap file which can be 

  1. Existing traces/pcaps or 
  2. Existing traces with some parameters modified or 
  3. A packet sequence that is created completely from scratch

In this post, we discuss in detail about how you can use a packet editor to modify the existing traces/Pcaps and how you can create your own packet sequence

Modification of parameters from existing Capture

To perform packet injection, we must be aware of packet editing tools so that we can edit pcap files as per the requirement.

Packet Capture editors

There are many packet editors available in the market for editing pcap/pcapng files. A list of these can be found at https://wiki.wireshark.org/Tools in the section Capture file editors and/or anonymize.

Of these, Wiredit comes with a UI and comes with a monthly subscription of usage. Most of the other tools like tcprewrite are Command Line based packet editors.

In this post, we will discuss Scapy, a tool where you can create your own packets or edit packets using Python.

Scapy

Scapy is an easy to use python programming module to edit Pcap files. We have given an example below on how to edit Pcap Files with Scapy

For Packet injection, we should first select a list of messages that are to be injected. This can be easily done using Wireshark by selecting the messages based on any filter (source, destination, protocol etc)

Here is an example of a sample selected message.

Here the TCP packets selected are the ones from IP 192.168.0.132 to 192.168.0.10.

MAC address of machine with IP 192.168.0.132 is 02:06:57:00:00:00

MAC address of machine with IP 192.168.0.10 is c8:9c:dc:d1:26:d6

Now using a Scapy program below we can change the destination MAC address to  ab:ab:ab:ab:ab:ab

Now the program has to be run on terminal (linux)

# python change_mac.py

The output file looks as below.

There are many fields that can be changed programmatically from Scapy

Making your own packet sequence

You can create your own Pcap file using Scapy. The python script below is used for creating a Pcap file with a single packet, generates a reassociation request packet which is built by adding predefined data / headers:

  • Dot11
  • Dot11ReassocReq
  • Dot11Elt packets and 
  • a RadioTap header is added to it. 

We create a class from scapy.packet for adding information fields manually and then extend it to the packet created.

In the next post, we will discuss how to use SWAT WiCheck products to inject packets and test how AP handles the probe requests at scale.

Previous Post Meet the Ready and Reliable Solution to your Wi-Fi 6 Testing Challenges @ Wi-Fi Knowledge Summit, 2020 Next Post Packet Injection, Scale Test With WiCheck

Archives

  • September 2020 (1)
  • July 2020 (2)
  • February 2020 (1)
  • January 2020 (2)
  • December 2019 (1)
  • November 2019 (2)
  • September 2019 (2)
  • August 2019 (2)
  • July 2019 (3)
  • March 2019 (2)
  • December 2018 (1)
  • October 2018 (1)
  • September 2018 (1)
  • May 2018 (1)
  • March 2018 (1)
  • February 2018 (1)
  • January 2018 (1)
  • November 2017 (1)
  • October 2017 (1)
  • September 2017 (2)
  • August 2017 (1)
  • July 2017 (2)
  • June 2017 (1)
  • May 2017 (1)
  • April 2017 (1)
  • March 2017 (9)

Recent Posts

  • Malicious Packet Injection
  • Packet Injection, Scale Test With WiCheck
  • Packet Injection
  • Meet the Ready and Reliable Solution to your Wi-Fi 6 Testing Challenges @ Wi-Fi Knowledge Summit, 2020
  • Wi-Fi 6 Uplink OFDMA – What makes it complex?
About Us

We help organizations in Perfecting Broadband through our Products and Services. We strive to enhance the User Experience of your end customers.

Read More

Current Openings

LTE Protocol Test Engineer

C# Desktop Application Developer

GUI Developer for Test Tool

Read More

Contact Us

info@alethea.in

+91 80 4201 0563 (Only for sales queries)

+91 80 4377 5796 (Admin & HR inquiries)

Alethea Communications Technologies Pvt Ltd

Siri Shambhavi, #2346,

1st & 2nd Floor,

17th cross, HSR layout, Sector 1,

Bangalore 560 102, Karnataka, INDIA

Request A Live Demo
Request A Sales Call

Privacy Policy              Cookie Policy                 Contact Us

© Copyright 2017-2019 Alethea Communications Technologies Pvt Ltd | All Rights Reserved.