BoreInLyon

Who are you? ARP request using scapy

Who are you? ARP request using scapy

Daniel's photo
Daniel
·

0 min read

You are at a party. The party is at a friend’s house, and he is telling you to find Tom and bring him into the living room. You go in the yard, where there are around 10 people, and you don’t know any of them. The thing that you know for sure is that there aren’t 2 people with the same name. What do you do? You just simply shout the name, so that everybody outside will hear you. Tom when he hears his name, will come to you.

Address Resolution Protocol, or ARP, does something similar to the analogy above. In the story, we have found the human that is named Tom by shouting this name so that it was heard by all humans.

ARP will find out the MAC address associated with an IP address. Using ARP a packed will be sent to all computers connected in a local network, asking which device has the mentioned IP address. Only the device that has that IP address will respond with his MAC address.

ARP is used to find the MAC address of devices that has a certain IP address.

We can send ARP request using Python to find out the MAC address associated with an IP address located in the same local network, like us.

Install scapy module and import it
For our small project, we will need the scapy module, that will install using the following command:

pip install scapy

!If you do not have installed yet pip, I recommend installing it.

import scapy.all as scapy

Creating the ARP request

arpRequest = scapy.ARP()

After we have created our request, we would also like to see how our ARP request looks like we will use the show() and summary() methods.

arpRequest.show() [ ARP ]###

hwtype = 0x1 ptype = IPv4 hwlen = None plen = None op = who-has hwsrc = 5c:2c:a7:18:a6:b3 psrc = 192.168.0.22 hwdst = 00:00:00:00:00:00 pdst = 0.0.0.0

Or, we can simplify the output using summary method.

print(arpRequest.summary())

ARP who has 0.0.0.0 says 192.168.0.22

Now we can see that our ARP request is interested in the MAC address of the IP 0.0.0.0 . This is the default value and we need to change it with the desired one.
The show method showed us where the IP needs to be put, the parameter is pdst. The new format of our arp request is:

arpRequest = scapy.ARP(pdst=”192.168.0.14″)

To make sure that our request will be sent to all devices in the network, we need to set the broadcast MAC address.

broadcastP = scapy.Ether(dst=”ff:ff:ff:ff:ff:ff”)

Now the only thing that remains is to “combine” the 2 variables in one single variable and send it.

arpReqBroad = broadcastP/arpRequest

answ, unansw = scapy.srp(arpReqBroad, timeout = 1)

Variable answ is storing the request to which an answer was provided and unansw where no response was received.
If we do not know for sure if the IP from our request is connected to the network it will be safe to print both variables.

print(answ.summary()) print(unansw.summary())

What we have done so for was just trying to find the MAC address of a certain IP address. But how can we find the MAC addresses of all devices that are connected to the local network, without repeating the above code, or using loops?
We only need to set for pdst the network IP and netmask.

arpRequest = scapy.ARP(pdst=”192.168.0.0/24″)

Hope you enjoyed reading this small tutorial. See you next time!

PythonPython 3Tutorialtutorials