-
Notifications
You must be signed in to change notification settings - Fork 0
/
netsniff.py
102 lines (79 loc) · 3.34 KB
/
netsniff.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# Author: Rafael Maderazo and Eugenio Pastoral
# Course: Data Communications
import ipcalc, sniffer, argparse, sys, netifaces
from os import system
from datetime import datetime
from scapy.all import *
try:
from scapy.all import *
except ImportError:
print("Scapy library for Python is not installed on your system. Run 'pip install --pre scapy[basic]' to install the library.")
print("For more information, visit https://scapy.readthedocs.io/en/latest/installation.html to isntall Scapy.")
exit(0)
# Declare sniffer object
sniff = sniffer.Sniffer()
# Get current date and time for the filename of the dump file
now = datetime.now()
dt_string = now.strftime("%Y-%m-%d %H.%M.%S")
filename = "netsniff_dump " + dt_string + ".txt"
# Initialize result list.
result = []
# This function scans the network through sending ARP packets. The result is the IP:MAC mapping of the devices in the network. It takes in an IPv4 address as a parameter.
def arp_scan(ip):
try:
# Print console message.
print("[*] Scanning " + ip + "...")
# Initialize the packet.
request = Ether(dst="ff:ff:ff:ff:ff:ff") / ARP(pdst=ip)
# Send out the packet.
ans, unans = srp(request, timeout=2, iface='ens18', inter=0.1, verbose = 0)
# Create the dump file.
f = open(filename, "w")
f.write("****IP:MAC Mapping****\n")
# Get the IPv4 and MAC addresses in each response packet.
for sent, received in ans:
# Write the IPv4 and MAC addresses into the dump file.
f.write("IP: " + str(received.psrc) + " | MAC: " + str(received.hwsrc) + "\n")
# Store the IPv4 and MAC addresses into the result list.
client = "IP: " + str(received.psrc) + " | MAC: " + str(received.hwsrc)
result.append(client)
# If no mapping is found, write it in the dump file.
if result == []:
f.write("None found.\n")
f.write("\n")
# Close file.
f.close()
except KeyboardInterrupt as e:
sys.exit(0)
def main():
# Argument Parsing
parser = argparse.ArgumentParser(description = "To use netsniff, please indicate the network interface to be used. The syntax is as follows:\n'sudo python3 netscniff.py -i [network interface]'", formatter_class = argparse.RawTextHelpFormatter)
parser.add_argument("-i", "--i", help = "Network Interface to be used")
args = parser.parse_args()
try:
# Get the IPv4 address and subnet mask.
ip = netifaces.ifaddresses(str(args.i))[netifaces.AF_INET][0]['addr']
subnet = netifaces.ifaddresses(str(args.i))[netifaces.AF_INET][0]['netmask']
# Convert IPv4 and subnet mask to CIDR format.
addr = ipcalc.IP(ip, mask=subnet)
# Perform ARP scan.
arp_scan(str(addr.guess_network()))
# Perform packet sniffing.
sniff.initialize()
except:
print("Please provide a valid network interface. Try again.")
if __name__ == '__main__':
try:
t = Thread(target = main)
t.daemon = True
t.start()
t.join()
except KeyboardInterrupt as e:
try:
print("[*] Sniffing stopped.")
system('clear')
print("****IP:MAC Mapping****")
print('\n'.join(result))
sniff.print_dump(filename)
except:
sys.exit(0)