#!/usr/local/bin/python3 "" "to the local area network ARP scanning ARP (address Resolution protocol,arp), Ethernet MAC address recognition (below): Host in the entire LAN broadcast ARP request message, The ARP request contains the IP address of the target device, and each device on the LAN checks the ARP request to see if the IP address in the ARP request is itself, and only the device that meets the IP address sends the ARP response; The ARP response should contain the IP address in the ARP request and the corresponding MAC address; "" "" "" Here need to scapy this module https://pypi.org/project/go here to download scapy or go to its official website https://scapy.net/Download Scapy is a powerful interactive package operating program. It can forge or decode a large number of protocol packages , as well as the ability to send, capture, match and reply to a wide range of protocol packages. It also handles a large number of classic tasks, such as scanning, tracking, probing, unit testing, XXX or web-break scanning, and it can handle tasks that other tools cannot handle, such as sending invalid frames and injecting their own 802.11 frames, There are some combination techniques (such as VLAN jump +arp cache poisoning, WEP encryption channel VoIP decoding, etc.), in short, is very powerful when executing this script, if you need to use sudo to execute "" "" "LS () List all protocols and protocol options LSC () lists all scapy command functions The "" "" "/operator acts as a combination between the two layers. When the operator is used, the lower layer can be overloaded with one or more of its default fields, depending on its upper layer. The following functions are required in this example >>>ls (ether) Dst:destmacfield = (none) Src:sourcemacfield = (none) Type:xshortenumfield = (36864) #dst Destination MAC address 6 byte 48-bit DST set to FF:FF:FF:FF:FF:FF for broadcast set #src source MAC address 6 byte 48-bit #type Ethernet type to identify what protocol was used on the previous layer, such as 0800 is IP protocol, 0806 is the ARP protocol , 8035 is Rarp protocol >>>ls (ARP) Hwtype:xshortfield = (1) Ptype:xshortenumfield = (2048) Hwlen:fieldlenfield = (None) ple N:fieldlenfield = (none) Op:shortenumfield = (1) Hwsrc:multipletypefield = (none) Psrc:multipletypefield = (none) hwdst:multipletypef Ield = (none) Pdst:multipletypefield = (none) #hwtype the type of hardware address, hardware address not only Ethernet, is the Ethernet type when this value is 1#ptype identify what protocol is used for the previous layer #op is the action Type field, A value of 1 indicates an ARP request, a value of 2, an ARP reply, a value of 3, a RARP request, and a value of 4, which indicates a rarp reply. #hwsrc Source MAC address #psrc Source IP address #hwdst destination MAC address #pdst destination IP address >>> SRP1 (pkt,timeout=1,verbose=0) #srp1 Send and receive packets on the second layer and return the first answer #pkt build package variables #timeout=1 Timeout 1 seconds to discard, the actual time to see the program processing Ability #verbose=0 not show Details "" "from Scapy.all import *import Sys,getopt,socketdef get_local_net (): #获取主机名 hostname = socket.gethostname () #获取主机的局域网ip localip = Socket.gethostbyname (hostname) Localipnums = Localip.split ('. ') localipnums.pop () localipnet = '. '. Join (localipnums) return localipnetdef Get_vlan_ip_and_mac (): LocalNet = get_local_net () result = [] for IpFix in range (1, 254): IP =localnet+ "." +str (IpFix) #组合协议包 arppkt=ether (dst= "Ff:ff:ff:ff:ff:ff")/arp (pdst=ip) res = SRP1 (arppkt,timeout=1,verbose=0) If res: Result.append ({"Localip": Res.)PSRC, "Mac": Res.hwsrc}) return Resultresult = Get_vlan_ip_and_mac () print (result)
ARP scan of local area network via Python for Mac