So today I’ve been playing with python and decided to make an arp ping utility. When i get more time i’ll turn this into a simple arp scanner.<\/p>\n
I know that this is all possible using scapy but the idea of this was to teach myself how raw sockets work within python.<\/p>\n
This requires netifaces and a few other modules that can usually be obtained using sudo easy_install modulename (you’ll require python-dev as well)<\/p>\n
This script requires that you run as root in order to send and capture raw packets<\/p>\n
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 <\/div><\/td> #!\/usr\/bin\/env python<\/span> \n""" \nAuthor: phillips321 contact at phillips321.co.uk \nLicense: CC BY-SA 3.0 \nUse: Simple python arp ping \nReleased: www.phillips321.co.uk \nDependencies: \n netifaces (needs python-dev then easy_install netifaces) \nChangeLog: \n v0.2 - fixed response to search for target ip \n v0.1 - first release \n"""<\/span> \nversion =<\/span> "0.2"<\/span> \nimport<\/span> socket<\/span> \nimport<\/span> struct<\/span> \nimport<\/span> sys<\/span> \nimport<\/span> netifaces \nimport<\/span> binascii<\/span> \nif<\/span> len<\/span>(<\/span>sys<\/span>.argv<\/span>)<\/span> ==<\/span> 3<\/span> : \n target =<\/span> sys<\/span>.argv<\/span>[<\/span>1<\/span>]<\/span> \n interface =<\/span> sys<\/span>.argv<\/span>[<\/span>2<\/span>]<\/span> \nelif<\/span> len<\/span>(<\/span>sys<\/span>.argv<\/span>)<\/span> ==<\/span> 2<\/span>: \n target =<\/span> sys<\/span>.argv<\/span>[<\/span>1<\/span>]<\/span> \n interface =<\/span> "eth0"<\/span> \n print<\/span> "No interface given so defaulting to eth0"<\/span> \nelse<\/span>: #no values defined print help<\/span> \n print<\/span> "Usage: %s IP [interface] \\n<\/span> eg: %s 192.168.1.0 eth0"<\/span> % (<\/span>sys<\/span>.argv<\/span>[<\/span>0<\/span>]<\/span>,<\/span>sys<\/span>.argv<\/span>[<\/span>0<\/span>]<\/span>)<\/span> \n exit(<\/span>1<\/span>)<\/span> \n \nnetworkdetails =<\/span> netifaces.ifaddresses<\/span>(<\/span>interface)<\/span> \nipaddress =<\/span> networkdetails[<\/span>2<\/span>]<\/span>[<\/span>0<\/span>]<\/span>[<\/span>'addr'<\/span>]<\/span> \nmacaddress =<\/span> networkdetails[<\/span>17<\/span>]<\/span>[<\/span>0<\/span>]<\/span>[<\/span>'addr'<\/span>]<\/span> \nprint<\/span> "Attempting to arp ping %s from %s using %s"<\/span> % (<\/span>target,<\/span>ipaddress,<\/span>macaddress)<\/span> \n \n# create packet<\/span> \neth_hdr =<\/span> struct<\/span>.pack<\/span>(<\/span>"!6s6s2s"<\/span>,<\/span> '\\x<\/span>ff\\x<\/span>ff\\x<\/span>ff\\x<\/span>ff\\x<\/span>ff\\x<\/span>ff'<\/span>,<\/span> macaddress.replace<\/span>(<\/span>':'<\/span>,<\/span>''<\/span>)<\/span>.decode<\/span>(<\/span>'hex'<\/span>)<\/span>,<\/span> '\\x<\/span>08\\x<\/span>06'<\/span>)<\/span> \narp_hdr =<\/span> struct<\/span>.pack<\/span>(<\/span>"!2s2s1s1s2s"<\/span>,<\/span> '\\x<\/span>00\\x<\/span>01'<\/span>,<\/span> '\\x<\/span>08\\x<\/span>00'<\/span>,<\/span> '\\x<\/span>06'<\/span>,<\/span> '\\x<\/span>04'<\/span>,<\/span> '\\x<\/span>00\\x<\/span>01'<\/span>)<\/span> \narp_sender =<\/span> struct<\/span>.pack<\/span>(<\/span>"!6s4s"<\/span>,<\/span> macaddress.replace<\/span>(<\/span>':'<\/span>,<\/span>''<\/span>)<\/span>.decode<\/span>(<\/span>'hex'<\/span>)<\/span>,<\/span> socket<\/span>.inet_aton<\/span>(<\/span>ipaddress)<\/span>)<\/span> \narp_target =<\/span> struct<\/span>.pack<\/span>(<\/span>"!6s4s"<\/span>,<\/span> '\\x<\/span>00\\x<\/span>00\\x<\/span>00\\x<\/span>00\\x<\/span>00\\x<\/span>00'<\/span>,<\/span> socket<\/span>.inet_aton<\/span>(<\/span>target)<\/span>)<\/span> \n \ncount =<\/span> 5<\/span> \nwhile<\/span> count !=<\/span> 0<\/span>: \n count =<\/span> count - 1<\/span> \n try<\/span>: \n # send packet<\/span> \n rawSocket =<\/span> socket<\/span>.socket<\/span>(<\/span>socket<\/span>.PF_PACKET<\/span>,<\/span> socket<\/span>.SOCK_RAW<\/span>,<\/span> socket<\/span>.htons<\/span>(<\/span>0x0806<\/span>)<\/span>)<\/span> \n rawSocket.bind<\/span>(<\/span>(<\/span>interface,<\/span> socket<\/span>.htons<\/span>(<\/span>0x0806<\/span>)<\/span>)<\/span>)<\/span> \n rawSocket.send<\/span>(<\/span>eth_hdr + arp_hdr + arp_sender + arp_target)<\/span> \n \n # wait for response<\/span> \n rawSocket =<\/span> socket<\/span>.socket<\/span>(<\/span>socket<\/span>.PF_PACKET<\/span>,<\/span> socket<\/span>.SOCK_RAW<\/span> |