如何使用 Scapy 实现 ARP ping?
[英]How to implement ARP ping with Scapy?
问题描述
I've been trying to create a network scanner similar to netdiscover.
我一直在尝试创建一个类似于 netdiscover 的网络扫描仪。 I used Python and Scapy module to do that.我使用 Python 和 Scapy 模块来做到这一点。 I'm running my script on Kali linux on virtual box and when I'm scanning my NAT network created by Virtual Box it's showing me devices that are connected, but when I'm using wireless adapter to scan my wifi network the scanner is unable to find any devices, which is strange because netdiscover finds tons of them.我在虚拟盒子上的 Kali linux 上运行我的脚本,当我扫描由 Virtual Box 创建的 NAT 网络时,它向我显示已连接的设备,但是当我使用无线适配器扫描我的 wifi 网络时,扫描仪无法找到任何设备,这很奇怪,因为 netdiscover 找到了大量的设备。 However when I'm using arping function implemented by Scapy, devices are also showing, but when I'm running my code it doesn't detect any devices.但是,当我使用 Scapy 实现的 arping function 时,设备也会显示,但是当我运行我的代码时,它没有检测到任何设备。 Why is that?这是为什么?
I used code suggested by Scapy documentation and it's still not showing any devices.我使用了 Scapy 文档建议的代码,但它仍然没有显示任何设备。 Only Scapy arping function detects any devices at all只有 Scapy arping function 完全检测到任何设备
import scapy.all as scapy
import subprocess as sub
import re
def get_IP():
output=sub.check_output("route -n",shell=True)
ips={}
for row in output.split("\n")[2:]:
found=re.findall("\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}",row)
device=re.findall("[a-z]{2,10}\d$",row)
for ip in found:
if ("0.0.0" not in ip and "255.255.255" not in ip):
ips[device[0]]=ip
for device,ip in ips.items():
print("Device: {}\tIP: {}".format(device,ip))
device = raw_input("Choose a device > ")
return(ips[device][:-1]+"1/24")
def scan(ip):
#My code
print("Scanning...")
arp_request=scapy.ARP(pdst=ip)
brodcast=scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
arp=brodcast/arp_request
answered=scapy.srp(arp, timeout=1,verbose=False)[0]
for element in answered:
print("IP:{}".format(element[1].psrc))
print("MAC address: {}\n".format(element[1].hwsrc))
def scan2(ip):
#Code from scapy documentation and it's also not detecting any devices
ans, unans = scapy.srp(scapy.Ether(dst="ff:ff:ff:ff:ff:ff")/scapy.ARP(pdst=ip),timeout=2)
ans.summary(lambda (s,r): r.sprintf("%Ether.src% %ARP.psrc%") )
def scan3(ip):
#This works
scapy.arping(ip)
ip = get_IP()
scan(ip)
scan2(ip)
scan3(ip)
2 个解决方案
解决方案1
0 2019-09-23 23:46:26
I solved it just by deactivating connection to NAT Network, so I used ifconfig eth0 down .我只是通过停用与 NAT 网络的连接来解决它,所以我使用ifconfig eth0 down 。 However in some cases it's not the problem.但是在某些情况下,这不是问题。 If you're router does not allow net scans you need to change you're MAC address which means that you need to run series of these commands如果您的路由器不允许网络扫描,您需要更改您的 MAC 地址,这意味着您需要运行这些命令系列
ifconfig wlan0 down
ifconfig wlan0 hw ether 00:22:44:66:88:33 # Ofcourse you can choose any MAC address you want
ifconfig wlan0 down
ifconfig wlan0 up
service network-manager restart
After that network scanner will detect devices that are currently in the network之后,网络扫描仪将检测当前在网络中的设备
解决方案2
0 2019-12-24 17:17:18
Try this way:试试这个方法:
from scapy.all import scapy,ARP,Ether,srp,arping
or this way:或者这样:
from scapy.layers.l2 import *
In both cases remember delete the "scapy.", like this:在这两种情况下,请记住删除“scapy.”,如下所示:
#Before
scapy.arping(ip)
#After
arping(ip)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.