Scapy sniff not working

0
votes

I am sending out packets on an interface ('enp0s9') and can verify that indeed packets are being sent on that interface with tcpdump.

I am trying to sniff those packets with scapy by doing the following:

packets = sniff(iface='enp0s9', store=0)
print str(packets)

yet nothing seems to happen. I am following the scapy cheat sheet but i don't know if i have wrong syntax. any help?

cheat sheet: https://blogs.sans.org/pen-testing/files/2016/04/ScapyCheatSheet_v0.2.pdf

1
ipscapypacket

1 Answers

2
votes

Try:

packets = sniff(iface='enp0s9', timeout=5)
print str(packets)

or just

sniff(iface='enp0s9', prn=lambda p: p.summary(), store=0)

Explanation

Sniff functions has a couple of arguments. You can check their meaning in scapy sources. Argument "store=0" means that packets storing will be disabled, so there will be no result.

You also need to stop sniffing after some time. You can use one of the following options:

  • stop_filter: Python function applied to each packet to determine if we have to stop the capture after this packet.
  • count: number of packets to capture. 0 means infinity.
  • timeout: stop sniffing after a given time (default: None).

As an alternative to such solution you can just use:

  • prn: function to apply to each packet.