带有 scapy 的 ARP 数据包无应答

Question

I'm building a network scanner with Python using Scapy. I've been trying to send ARP packets but for some reason they don't get responded to.

#!/usr/bin/env python3

from scapy.all import *

def scan(ip):
    arp_request = ARP(pdst=ip)
    broadcast = Ether(dst="ff:ff:ff:ff:ff:ff")
    arp_request_broadcast = arp_request/broadcast
    answered_list = srp(arp_request_broadcast, timeout=2)[0]
    
    for element in answered_list:
        print(element[1].show())
    
scan("192.168.1.0/24")

Running it results in the following:

[void@Void Network Scanner]$ sudo python3 tutorial_netscanner.py 
[sudo] password for void: 
Begin emission:
Finished sending 256 packets.
............................................................
Received 60 packets, got 0 answers, remaining 256 packets

The strange part is that if I run this from the scapy interactive shell it works and the arp packets do get answered.

arping("192.168.1.0/24")

Super confused as to why this isn't working, the code seems perfectly fine to me, if anyone could help me out that would be great. Thank you.

Answer 1

arp_request/broadcast is incorrect. The outer-most protocols go on the left. If you use Wireshark to see what's going on (the first thing you should do when something like this happens), you can see that it's not what you'd expect it to be:

It's essentially a malformed packet. You need broadcast / arp_request ; although specifying the Ether layer is optional. You can use simply ARP (and sr ).

Use Wireshark. It's an invaluable tool. You should only run it on networks that you have control over/permission to snoop, but it really is indispensable.