INSTALLING & RUNNING
====================

Installing and running Pcapteller is pretty straight forward:


1. Installation

install.sh will take care of missing dependencies (internet connection required).
Scapy and ipcalc are dependencies required by Pcapteller.

The installation must be run with root / sudo privileges

sudo ./install.sh



2. Running

Pcapteller must be run as root (or with sudo) in order to replay packets successfully.
Run Pcapteller with a pcap file, provide an IP address that fits your network, and configure the IP address of the victim machine as seen in the pcap file.

This will allow you to simulate the "story" contained in the pcap file as it happened in your own network.

Here you have a few command line examples:

   1. Replay a pcap file as it is (full speed): 
      python pcapteller.py -f example.pcap -i eth0
      
   2. Replay a pcap file as it is (inter-arrival delays): 
      python pcapteller.py -f example.pcap -i eth0 -r
   
   3. Replay a pcap file and replace a single MAC address:
      python pcapteller.py -f example.pcap -i eth0 -a 00:01:02:03:04:05 -b 00:DE:AD:BE:EF:00
   
   4. Replay a pcap file and replace a single IP address:
      python pcapteller.py -f example.pcap -i eth0 -c 192.168.1.2 -d 10.20.30.40
   
   5. Replay a pcap file and replace a single MAC / IP address:
      python pcapteller.py -f example.pcap -i eth0 -a 00:01:02:03:04:05 -b 00:DE:AD:BE:EF:00 -c 192.168.1.2 -d 10.20.30.40
      
   6. Replay a pcap file and replace multiple MAC addresses:
      python pcapteller.py -f example.pcap -i eth0 -a "00:01:02:03:04:05, 00:AA:BB:CC:DD:EE" -b "00:DE:AD:BE:EF:00, 00:C0:FF:EE:BA:BE"
      
   7. Replay a pcap file and replace multiple IP addresses:
      python pcapteller.py -f example.pcap -i eth0 -c "192.168.1.2, 192.168.1.3" -d "10.20.30.40, 50.60.70.80"
      
   8. Replay a pcap file and replace multiple MAC / IP addresses:
      python pcapteller.py -f example.pcap -i eth0 -a "00:01:02:03:04:05, 00:AA:BB:CC:DD:EE" -b "00:DE:AD:BE:EF:00, 00:C0:FF:EE:BA:BE" -c "192.168.1.2, 192.168.1.3" -d "10.20.30.40, 50.60.70.80"


3. Start training your blue team, or creating a heck of a network decoy! :-)

