-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy patharpscan.py
266 lines (239 loc) · 9.1 KB
/
arpscan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
'''
https://github.com/royhills/arp-scan
https://www.blackmoreops.com/2015/12/31/use-arp-scan-to-find-hidden-devices-in-your-network/
http://pentestmonkey.net/blog/the-science-of-safely-finding-an-unused-ip-address
written in Python 3.6.0
Your Python version is printed out at the beging of the script
If you receive "File "<string>", line 1" when running look at the version information printed.
If it shows other than 3.x use "python nmap3.py"
once you select a number you will be asked for an IP address. Network and /mask works also.
The script will output the appropriate arp-scan command.
subprocess.run(["sudo", "arp-scan", "-I", "eth2",
"--arpspa=127.0.0.1", "10.112.39.0/24"])
'''
print()
import subprocess
import sys
import re
import netifaces
ver = sys.version
pattern = re.compile('\A\d{1}.{1}\d{1}.{1}\d{1}.{1}')
ver = re.findall(pattern,ver)
print()
ver = ver[0]
print('Running Python version ----> %s' %(ver))
print('''
---------------------------------------------------------------------
arp-scan is a layer 2 tool. You must be connected to the LAN or vlan
that you are scanning.
If you run arp-scan manually you can pass vlan tags. I plan to add that
to the script in
the future.
This script finds an unused IP address on the LAN. You may need to use
Wireshark initally to find some addresses in use on the LAN. Set the
display filter to arp and wait a few minutes.
The script creates several arp-scan commands. These scans will find
devices that don't respond to ping. Once arp-scan finishes pick two
unused addresses at the top and bottom of the range.
Rerun the script selecting 1. Enter the two IP addresses. The script
will output two more arp-scan commands. Run these to verify that the
two IPs really aren't in use.
If you create a file "arpscan.txt" in the folder where you run the
script it will load the IP address as a default and use it where an
ip address is needed. The file should have one
line - the ip address or netork and mask (Ex. 192.168.10.0/24) to use.
---------------------------------------------------------------------
''')
def readip():
"""
create a file named arpscan.txt in the folder where the script is executed.
In the file enter one ip address range compatable with arp-scan.
The script will read the file and insert the ip address when
prompting for an ip address. Simply hit [Enter] to accept the IP.
You can override the default by typing in an address.
This allows you to quickly run several different scans with the same
IP address.
"""
try:
IP = []
f = open('ip.txt', 'r')
for line in f:
IP.append(line)
f.close
except: # FileNotFoundError:
IPAddress = input('Enter an IP Address or network - use /24 style mask: ')
with open('ip.txt', 'w') as filehandle:
filehandle.write(IPAddress)
return IPAddress
try:
ipsaved = IP[0]
ipsaved = ipsaved.strip('\n')
if not ipsaved:
IPAddress = input('Enter an IP Address or network - use /24 style mask: ')
else:
IPAddress = input('Enter an IP Address or network - use /24 style mask: [%s]: ' % (ipsaved))
if IPAddress == '':
IPAddress = ipsaved
with open('ip.txt', 'w') as filehandle:
filehandle.write(IPAddress)
if not IPAddress:
IPAddress = ipsaved
return IPAddress
except:
print('\n[!] An Unknown Error Occured or CTRL+C was pressed')
def ethinterface():
"""
Uses the python library netifaces to enumerate a list of the interfaces
on the system.
Presents a list of interfaces and prompt the use to select one.
"""
iflist = netifaces.interfaces()
print('Interfaces found')
for index in range(len(iflist)):
print (index, ':', iflist[index])
interface = input('enter interface # ')
interface = int(interface)
interface = iflist[interface]
# interface = input('Enter an interface name if needed: ')
print('interface selected is:', interface)
print()
return interface
print()
print('Script usage')
print('0 Initial arp-scan output')
print('1 Enter two unused IP addresses')
print('2 Scan for a lost device')
print()
# Make sure 0, 1 or 2 was entered
scanTest = False
try:
while (scanTest != '0' and scanTest != '1'and scanTest != '2'):
scanTest = input('Input a number to select ')
except: # if ctrl+c is pressed exit gracefully
print('\n[!] An Unknown Error Occured or CTRL+C was pressed')
raise SystemExit
scanTest = int(scanTest)
if scanTest == 0:
# 0 Enter the network and mask to scan Ex. 10.140.100.0/24
IPAddress = readip()
#build a list of interfaces and present to the user
iflist = netifaces.interfaces()
print('Interfaces found')
for index in range(len(iflist)):
print (index, ':', iflist[index])
interface = input('enter interface # ')
interface = int(interface)
interface = iflist[interface]
# interface = input('Enter an interface name if needed: ')
print('interface selected is:',interface)
print()
print()
print('-' * 65)
print()
if not interface:
print('sudo arp-scan --arpspa=127.0.0.1',IPAddress)
subprocess.run(['sudo', 'arp-scan', '--arpspa=127.0.0.1',IPAddress])
else:
I = '-I'
print('sudo arp-scan',I,interface, '--arpspa=127.0.0.1',IPAddress)
subprocess.run(['sudo', 'arp-scan',I,interface, '--arpspa=127.0.0.1',IPAddress])
print()
print()
print('-' * 65)
print()
if not interface:
print('sudo arp-scan --arpspa=0.0.0.0',IPAddress)
subprocess.run(['sudo', 'arp-scan', '--arpspa=0.0.0.0',IPAddress])
else:
I = '-I'
print('sudo arp-scan',interface, '--arpspa=0.0.0.0',IPAddress)
subprocess.run(['sudo', 'arp-scan',I,interface, '--arpspa=0.0.0.0',IPAddress])
print()
print()
print('-' * 65)
print()
if not interface:
print('sudo arp-scan --arpspa=255.255.255.255', IPAddress)
subprocess.run(['sudo', 'arp-scan', '--arpspa=255.255.255.255', IPAddress])
else:
I = '-I'
print('sudo arp-scan', I, interface, '--arpspa=255.255.255.255', IPAddress)
subprocess.run(['sudo', 'arp-scan', I, interface,
'--arpspa=255.255.255.255', IPAddress])
print()
print()
print('-' * 65)
print()
if not interface:
print('sudo arp-scan --arpspa=1.0.0.1', IPAddress)
subprocess.run(['sudo', 'arp-scan', '--arpspa=1.0.0.1', IPAddress])
else:
I = '-I'
print('sudo arp-scan', interface, '--arpspa=1.0.0.1', IPAddress)
subprocess.run(['sudo', 'arp-scan', I, interface,
'--arpspa=1.0.0.1', IPAddress])
print()
print()
print('-' * 65)
elif scanTest == 1:
try:
# 1 Enter the two IP addresses to test
IPAddress = input('Enter the 1st IP Address ')
IPAddress1 = input('Enter the 2nd IP Address ')
interface = ethinterface()
#interface = input('Enter an interface name if needed ')
# print some space
print()
print()
print('-' * 65)
# If no interface is entered
if not interface:
print('not interface')
print('sudo arp-scan --arpspa='+IPAddress, IPAddress1)
print('sudo arp-scan --arpspa='+IPAddress1, IPAddress)
arp = '--arpspa=' + IPAddress
arp1 = '--arpspa=' + IPAddress
subprocess.run(['sudo', 'arp-scan', arp, IPAddress1])
subprocess.run(['sudo', 'arp-scan', arp1, IPAddress])
# If an interface is entered
else:
I = '-I'
arp = '--arpspa=' + IPAddress
arp1 = '--arpspa=' + IPAddress1
print('sudo arp-scan', I, interface, '--arpspa='+IPAddress, IPAddress1)
print('sudo arp-scan', I, interface, '--arpspa='+IPAddress1, IPAddress)
print('-' * 65)
print()
subprocess.run(['sudo', 'arp-scan', I, interface, arp, IPAddress1])
subprocess.run(['sudo', 'arp-scan', I, interface, arp1, IPAddress])
print()
print('-' * 65)
print()
except:
print('\n[!] An Unknown Error Occured or CTRL+C was pressed')
elif scanTest == 2:
# try:
vlan_ID = input('Enter the vlan ID: ')
dest_MAC_addr = input('Enter the MAC Address: ')
IPAddress = input('Enter the IP Subnet: ')
interface = ethinterface()
# interface = input('Enter an interface: ')
# print some space
print()
print(f'IP Subnet {IPAddress}')
print('-' * 65)
if interface:
print(f'To re-run copy/paste this line:')
print(f'sudo arp-scan -I {interface} -Q {vlan_ID} --destaddr={dest_MAC_addr} {IPAddress}')
print()
args = '--destaddr=' + dest_MAC_addr
# remove comments for debugging
# print(f'MAC Addr {dest_MAC_addr}')
# print(f'arg={args}')
subprocess.run(['sudo', 'arp-scan', '-I', interface, '-Q', vlan_ID,
args, IPAddress])
print()
print('-' * 65)
print()
# except:
# print('\n[!] An Unknown Error Occured or CTRL+C was pressed')