Scapy – Easy way to scan available IPs in LAN using ARP reply.

To perform ARP Ping scan, use this command on scapy. 

>>> ans,unans=srp(Ether(dst=”ff:ff:ff:ff:ff:ff”)/ARP

(pdst=”192.168.0.0/24″),timeout=2) Begin emission:

………….*………………Finished to send 256 packets.
…………………………………………………….

………….*

…………………………………………………………………………………………….

*..*..*……………………………………….. Received 267 packets,

got 5 answers, remaining 251 packets

Review answer with this command

>>> ans.summary(lambda (s,r): r.sprintf(“%Ether.src% %ARP.psrc%”) )
34:08:04:70:61:54 192.168.0.1
00:18:ae:26:6b:43 192.168.0.100
6c:9b:02:16:36:26 192.168.0.11
b4:62:93:dc:7a:e4 192.168.0.16
c8:97:9f:66:ee:18 192.168.0.19

Scapy also includes a built-in arping() function

>>> arping(“192.168.0.*”)
Begin emission:
**Finished to send 256 packets.
****
Received 6 packets, got 6 answers, remaining 250 packets
34:08:04:70:61:54 192.168.0.1
00:18:ae:26:6b:43 192.168.0.100
6c:9b:02:16:36:26 192.168.0.11
38:aa:3c:c6:ab:9b 192.168.0.18
b4:62:93:dc:7a:e4 192.168.0.16
c8:97:9f:66:ee:18 192.168.0.19
(<ARPing: TCP:0 UDP:0 ICMP:0 Other:6>, <Unanswered: TCP:0 UDP:0 ICMP:0 Other:250>)
>>>

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s