How to implement ARP ping with Scapy?

Question

I've been trying to create a network scanner similar to netdiscover. I used Python and Scapy module to do that. I'm running my script on Kali linux on virtual box and when I'm scanning my NAT network created by Virtual Box it's showing me devices that are connected, but when I'm using wireless adapter to scan my wifi network the scanner is unable to find any devices, which is strange because netdiscover finds tons of them. However when I'm using arping function implemented by Scapy, devices are also showing, but when I'm running my code it doesn't detect any devices. Why is that?

I used code suggested by Scapy documentation and it's still not showing any devices. Only Scapy arping function detects any devices at all

import scapy.all as scapy
import subprocess as sub
import re

def get_IP():
    output=sub.check_output("route -n",shell=True)
    ips={}
    for row in output.split("\n")[2:]:
        found=re.findall("\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}",row)
        device=re.findall("[a-z]{2,10}\d$",row)

        for ip in found:
            if ("0.0.0" not in ip and "255.255.255" not in ip):
                ips[device[0]]=ip
    for device,ip in ips.items():
        print("Device: {}\tIP: {}".format(device,ip))

    device = raw_input("Choose a device > ")
    return(ips[device][:-1]+"1/24")

def scan(ip):
    #My code
    print("Scanning...")
    arp_request=scapy.ARP(pdst=ip)
    brodcast=scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
    arp=brodcast/arp_request
    answered=scapy.srp(arp, timeout=1,verbose=False)[0]
    for element in answered:
        print("IP:{}".format(element[1].psrc))
        print("MAC address: {}\n".format(element[1].hwsrc))
def scan2(ip):
    #Code from scapy documentation and it's also not detecting any devices
    ans, unans = scapy.srp(scapy.Ether(dst="ff:ff:ff:ff:ff:ff")/scapy.ARP(pdst=ip),timeout=2)
    ans.summary(lambda (s,r): r.sprintf("%Ether.src% %ARP.psrc%") )
def scan3(ip):
    #This works
    scapy.arping(ip)

ip = get_IP()

scan(ip)
scan2(ip)
scan3(ip)

Please be more specific for each of these: "everything works fine", "what's wrong with my code?", " it's still not working". — Ross Jacobs, Sep 21 '19 at 16:42
Your `get_IP()` function isn't really messy. Did you know Scapy parses the routes itself on all platforms? You can access them through `conf.route` (console) and/or `conf.route.routes` — Cukic0d, Sep 21 '19 at 17:43
I'm not pinging single IP, I pass to function IP with 1/24 at the end which tells it to scan all IP's in that network — PsychoAce, Sep 21 '19 at 20:20

score 0 · Answer 1 · answered Sep 23 '19 at 23:46

I solved it just by deactivating connection to NAT Network, so I used ifconfig eth0 down. However in some cases it's not the problem. If you're router does not allow net scans you need to change you're MAC address which means that you need to run series of these commands

ifconfig wlan0 down
ifconfig wlan0 hw ether 00:22:44:66:88:33 # Ofcourse you can choose any MAC address you want
ifconfig wlan0 down
ifconfig wlan0 up
service network-manager restart

After that network scanner will detect devices that are currently in the network

Andres Rodriguez · Answer 2 · 2019-12-27T15:05:00.413

0

Try this way :

from scapy.all import scapy,ARP,Ether,srp,arping

or this way:

from scapy.layers.l2 import *

In both cases remember delete the "scapy.", like this:

#Before
scapy.arping(ip)
#After
arping(ip)

edited Dec 27 '19 at 15:05

answered Dec 24 '19 at 17:17

Andres Rodriguez

1
1

How to implement ARP ping with Scapy?

2 Answers2