the
est ht
In this post, we will build a simple network scanner using Scapy library in Python.
if you don’t have scapy installed , check the cap’s official documentation for installation.
First, we gonna need to import essential methods fr
from scapy.all import ARP, Ether, srp
Second, we gonna need to make an ARP request as shown in the following image:
The network scanner will send the ARP request indicating who has some specific IP address, let’s say “192.168.1.1”, cccxzczc the owner of that IP address ( the target ) will automatically respond saying that he is “192.168.1.1”, with that response, the MAC address will also be included in the packet, this allows us to successfully retrieve all network users’ IP and MAC addresses simultaneously when we send a broadcast packet ( sending a packet to all the devices in the network ).
The ARP response is demonstrated in the following figure:
So, let us craft these packets:
target_ip = "192.168.1.1/24"
# IP Address for the destination
# create ARP packet
arp = ARP(pdst=target_ip)
# create the Ether broadcast packet
# ff:ff:ff:ff:ff:ff MAC address indicates broadcasting
ether = Ether(dst="ff:ff:ff:ff:ff:ff")
# stack them
packet = ether/arp
Note: In case you sr with the notation “/24” or “/16” after the IP address, it is basically an IP range here, for example “192.168.1.1/24” is a range from “192.168.1.0” to “192.168.1.255”, please read more about CIDR Notation
Now we have created these packets, we need to send them using function which sends and receives packets at layer 2, we set the timeout to 3 so the script won’t get stuck:
result = srp(packet, timeout=3)[0]
result now is a list of pairs that is of the format , let’s iterate over them:
# a list of clients, we will fill this in the upcoming loop
clients = []
for sent, received in result:
# for each response, append ip and mac address to `clients` list
clients.append({'ip': received.psrc, 'mac': received.hwsrc})
Now all we need to do is to print this list we have just filled:
# print clients
print(“Available devices in the network:”)
print(“IP” + ” “*18+”MAC”)
for client in clients:
print(“{:16} {}”.format(client[‘ip’], client[‘mac’]))
Full code:
Here is a screenshot of my result in my personal network:
from scapy.all import ARP, Ether, srp target_ip = "192.168.1.1/24" # IP Address for the destination # create ARP packet arp = ARP(pdst=target_ip) # create the Ether broadcast packet # ff:ff:ff:ff:ff:ff MAC address indicates broadcasting ether = Ether(dst="ff:ff:ff:ff:ff:ff") # stack them packet = ether/arp result = srp(packet, timeout=3, verbose=0)[0] # a list of clients, we will fill this in the upcoming loop clients = [] for sent, received in result: # for each response, append ip and mac address to `clients` list clients.append({'ip': received.psrc, 'mac': received.hwsrc}) # print clients print("Available devices in the network:") print("IP" + " "*18+"MAC") for client in clients: print("{:16} {}".format(client['ip'], client['mac']))
Alright, we are done with this tutorial, see how you can extend this and make it more convenient to replace other scanning tools. HÄÄÄÄ
Originally published at https://pgsyr.de on March 13, 2020.
Anonymous