Python how to send a gtp packet using scapy. I tried converting the existing hex stream of gtp message but not able to create it properly

Question

Python how to send a gtp packet using scapy. I tried converting the existing hex stream of gtp message but not able to create it properly. some links are there but not ans is on it. scapy not parsing GTP layers

Answer 1

Quick example just tried, first hex stream is as below

000c29dad1de000c29e3c64d08004500007c00004000401167bbc0a828b3c0a828b2086808680068bf6432ff00580000000128db0000450000540000400040015ea5ca0b289ec0a828b20800bee70000287b0411204bf43d0d0008090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637

enter scapy interactive mode and assign the above hex stream to a variable,

a = '000c29dad1de000c29e3c64d08004500007c00004000401167bbc0a828b3c0a828b2086808680068bf6432ff00580000000128db0000450000540000400040015ea5ca0b289ec0a828b20800bee70000287b0411204bf43d0d0008090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637'
b = a.decode('hex')
B = Ether(b)
B.show()
###[ Ethernet ]###
  dst= 00:0c:29:da:d1:de
  src= 00:0c:29:e3:c6:4d
  type= 0x800
###[ IP ]###
     version= 4L
     ihl= 5L
     tos= 0x0
     len= 124
     id= 0
     flags= DF
     frag= 0L
     ttl= 64
     proto= udp
     chksum= 0x67bb
     src= 192.168.40.179
     dst= 192.168.40.178
     \options\
###[ UDP ]###
        sport= 2152
        dport= 2152
        len= 104
        chksum= 0xbf64
###[ Raw ]###
           load= '2\xff\x00X\x00\x00\x00\x01(\xdb\x00\x00E\x00\x00T\x00\x00@\x00@\x01^\xa5\xca\x0b(\x9e\xc0\xa8(\xb2\x08\x00\xbe\xe7\x00\x00({\x04\x11 K\xf4=\r\x00\x08\t\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !"#$%&\'()*+,-./01234567'

here scapy does not dissect and show GPRS, but we can still send out, i.e. windows nc

send(B, iface='Intel(R) Dual Band Wireless-N 7260')

so the packet sent out with the interface, showing by wireshark is as

Answer 2

Credit to chat gpt :)

from scapy.all import IP, UDP, Raw
from scapy.contrib.gtp import GTPHeader

# Define GTP header fields
gtp_version = 1
gtp_type = 1  # GTP-U
gtp_length = 20  # GTP header length (in bytes)
gtp_teid = 12345  # Tunnel Endpoint Identifier
gtp_sequence_number = 0  # Sequence number
gtp_n_pdu_number = 0  # N-PDU number

# Create GTP header (as Raw layer)
gtp_header = GTPHeader(version=gtp_version, gtp_type=gtp_type, length=gtp_length, teid=gtp_teid, seq=gtp_sequence_number, npdu=gtp_n_pdu_number)

# Define GTP destination port
DPORT = 2152

# Create a UDP packet with source/destination ports (replace with actual values)
udp_packet = UDP(dport=DPORT)

# Create a payload (e.g., raw data) to include in the GTP packet
payload_data = b'This is a GTP packet payload.'

# Construct the final packet by combining IP, UDP, GTP headers, and payload
gtp_packet = IP(dst='1.2.3.4') / udp_packet / gtp_header / Raw(load=payload_data)

# Display the packet summary
print(gtp_packet.summary())

# Send the packet (replace 'eth0' with the appropriate interface)
# send(gtp_packet, iface='eth0')