您的位置: 首页  >  技术问答  >  的Python Scapy的--arp请求和响应

的Python Scapy的--arp请求和响应

分类: 技术问答 2022-06-26 08:57:10
问题描述:

我发送ARP分组广播与此行:的Python Scapy的--arp请求和响应

send(ARP(op=ARP.who_has, psrc="192.168.5.51", pdst=the_ip))

我的问题是:如何查看响应(在这种情况下:远程IP的MAC) ?我知道我可以做:

pkt = sniff(filter=arp , count=10) 
print (pkt.summary())

但我不想算数据包,因为我不知道什么时候会被打印(可能是在未来10个或100包)

是否有嗅探的方式,打印摘要,因此,看到我正在寻找的Mac地址?

编辑:我有一个想法,我可以嗅探10个数据包,如果有数据包中的IP打印MAC地址,否则嗅探10个数据包......这种技术似乎不是一个好的方法...

Scapy's user manual建议使用用于发送数据包和接收答案sr()sr1()功能:

The sr() function is for sending packets and receiving answers. The function returns a couple of packet and answers, and the unanswered packets. The function sr1() is a variant that only returns one packet that answered the packet (or the packet set) sent. The packets must be layer 3 packets (IP, ARP, etc.). The function srp() does the same for layer 2 packets (Ethernet, 802.3, etc.)

The official API documentation指定其完整的签名。这些似乎是这个用例的相关参数:

retry : if positive, how many times to resend unanswered packets. if negative, how many consecutive unanswered probes before giving up. Only the negative value is really useful.
timeout : how much time to wait after the last packet has been sent. By default, sr will wait forever and the user will have to interrupt (Ctrl-C) it when he expects no more answers.
inter : time in seconds to wait between each packet sent.

这里是与sr()功能执行例子:

In [1]: from scapy.all import * 
WARNING: No route found for IPv6 destination :: (no default route?) 

In [2]: results, unanswered = sr(ARP(op=ARP.who_has, psrc='192.168.1.2', pdst='192.168.1.1')) 
Begin emission: 
.....*Finished to send 1 packets. 

Received 6 packets, got 1 answers, remaining 0 packets 

In [3]: results 
Out[3]: <Results: TCP:0 UDP:0 ICMP:0 Other:1> 

In [4]: result = results[0] 

In [5]: result 
Out[5]: 
(<ARP op=who-has psrc=192.168.1.2 pdst=192.168.1.1 |>, 
<ARP hwtype=0x1 ptype=0x800 hwlen=6 plen=4 op=is-at hwsrc=XX:XX:XX:XX:XX:XX psrc=192.168.1.1 hwdst=XX:XX:XX:XX:XX:XX pdst=192.168.1.2 |>) 

In [6]: original_packet, answer = result 

In [7]: original_packet 
Out[7]: <ARP op=who-has psrc=192.168.1.2 pdst=192.168.1.1 |> 

In [8]: answer 
Out[8]: <ARP hwtype=0x1 ptype=0x800 hwlen=6 plen=4 op=is-at hwsrc=XX:XX:XX:XX:XX:XX psrc=192.168.1.1 hwdst=XX:XX:XX:XX:XX:XX pdst=192.168.1.2 |>

这里与sr1()功能执行例子:

In [9]: result = sr1(ARP(op=ARP.who_has, psrc='192.168.1.2', pdst='192.168.1.1')) 
Begin emission: 
.....Finished to send 1 packets. 
* 
Received 6 packets, got 1 answers, remaining 0 packets 

In [10]: result 
Out[10]: <ARP hwtype=0x1 ptype=0x800 hwlen=6 plen=4 op=is-at hwsrc=XX:XX:XX:XX:XX:XX psrc=192.168.1.1 hwdst=XX:XX:XX:XX:XX:XX pdst=192.168.1.2 |>
+0

我无法打印结果(必须使用字节打印)。我尝试了解码(“UTF-8”),这是行不通的:AttributeError:decode –

+0

数据包的十六进制表示可能通过语句str(packet).encode(“HEX”)打印出来。 – Yoel

+0

这是输出:pkt = str(pkt).encode(“HEX”) LookupError:'HEX'不是文本编码;使用codecs.encode()来处理任意的编解码器 –

相关推荐