I try change ICMP packet length on 1 byte from Scapy. But I still see 100 bytes sent in the traffic. Yes, I want send 100 bytes and see packet length 1 byte in traffic dump. What options need use? or it is impossible?
>>> data = 'A'*100
>>> packet = IP(dst='1.1.1.1')/ICMP(length=1)/Raw(load=data)
>>> send(packet)
There is no length field in ICMP header. There is one in IP header.
So you can try something like that:
data = 'A' * 100
packet = IP(dst='1.1.1.1', len=29)/ICMP()/Raw(load=data)
send(packet)
Here I put 29 as length since my IP header is 20 bytes long and my ICMP header is 8 byte long. So this leaves 1 byte for the payload.
You will see in wireshark that 100 A characters are actually sent
while the data length displayed by wireshark is 1.