How to get a internal target mac address:
1. Send a ARP request
2. Recv a ARP response, and parse it.
With scapy (a powerful packet tool or library), we can create a arp scanner for mac address.
#!/usr/bin/env python
# -*- coding: utf8 -*-
# Author: Nixawk
from scapy.all import *
import logging
import threading
import Queue
logging.basicConfig(level=logging.DEBUG,
format='[*] %(name)s - %(message)s')
logger = logging.getLogger('arpscanner')
# disable scapy verbose mode
conf.verb = 0
# disable scapy scapy warning
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
def arpscanner(iplist, lock):
"""Scan internal mac addresses"""
while 1:
try:
lock.acquire()
ip = iplist.get_nowait()
lock.release()
# create a ether object
ether = Ether(type=0x0806)
# create a arp object
arp = ARP(op=1, hwdst='ff:ff:ff:ff:ff:ff', pdst=ip)
# send arp request and receive response
arpres = srp1(ether/arp, timeout=0.05)
if arpres and arpres.haslayer('ARP'):
logger.info('%s \t %s' % (ip, arpres['ARP'].hwsrc))
else:
logger.debug('%s \t %s' % (ip, None))
except Queue.Empty:
lock.release()
break
return
if __name__ == "__main__":
iplist = Queue.Queue()
lock = threading.Lock()
for i in range(1, 255, 1):
ip = "192.168.1.%s" % i
iplist.put(ip)
for n in range(30):
t = threading.Thread(target=arpscanner, args=(iplist, lock))
t.start()
Root privilege is needed, and result is as follow:
root:scapy/ # python2 scapy-arp_request.py
WARNING: No route found for IPv6 destination :: (no default route?)
[*] arpscanner - 192.168.1.1 80:89:17:7d:a1:20
[*] arpscanner - 192.168.1.9 None
[*] arpscanner - 192.168.1.3 None
[*] arpscanner - 192.168.1.8 None
[*] arpscanner - 192.168.1.6 None
[*] arpscanner - 192.168.1.11 None
[*] arpscanner - 192.168.1.15 None
[*] arpscanner - 192.168.1.12 None
[*] arpscanner - 192.168.1.2 None
[*] arpscanner - 192.168.1.4 None
[*] arpscanner - 192.168.1.22 None
[*] arpscanner - 192.168.1.7 None
[*] arpscanner - 192.168.1.21 None
[*] arpscanner - 192.168.1.20 None
[*] arpscanner - 192.168.1.19 None
[*] arpscanner - 192.168.1.5 None
[*] arpscanner - 192.168.1.13 None
[*] arpscanner - 192.168.1.16 None
[*] arpscanner - 192.168.1.23 None
[*] arpscanner - 192.168.1.18 None
[*] arpscanner - 192.168.1.10 None
[*] arpscanner - 192.168.1.14 None
[*] arpscanner - 192.168.1.17 None
[*] arpscanner - 192.168.1.25 None
[*] arpscanner - 192.168.1.24 None
[*] arpscanner - 192.168.1.27 None
[*] arpscanner - 192.168.1.29 None
[*] arpscanner - 192.168.1.26 None
[*] arpscanner - 192.168.1.31 None
[*] arpscanner - 192.168.1.28 None
[*] arpscanner - 192.168.1.30 None
[*] arpscanner - 192.168.1.32 None
[*] arpscanner - 192.168.1.33 None
[*] arpscanner - 192.168.1.34 None
[*] arpscanner - 192.168.1.38 None
[*] arpscanner - 192.168.1.36 None
[*] arpscanner - 192.168.1.39 None
[*] arpscanner - 192.168.1.37 None
[*] arpscanner - 192.168.1.45 None
[*] arpscanner - 192.168.1.42 None
[*] arpscanner - 192.168.1.41 None
[*] arpscanner - 192.168.1.44 None
[*] arpscanner - 192.168.1.49 None
[*] arpscanner - 192.168.1.48 None
[*] arpscanner - 192.168.1.46 None
[*] arpscanner - 192.168.1.40 None
[*] arpscanner - 192.168.1.52 None
[*] arpscanner - 192.168.1.43 None
[*] arpscanner - 192.168.1.51 None
[*] arpscanner - 192.168.1.35 None
[*] arpscanner - 192.168.1.53 None
[*] arpscanner - 192.168.1.47 None
[*] arpscanner - 192.168.1.56 None
[*] arpscanner - 192.168.1.50 None
[*] arpscanner - 192.168.1.58 None
[*] arpscanner - 192.168.1.55 None
[*] arpscanner - 192.168.1.57 None
[*] arpscanner - 192.168.1.54 None
[*] arpscanner - 192.168.1.59 None
[*] arpscanner - 192.168.1.61 None
[*] arpscanner - 192.168.1.60 None
[*] arpscanner - 192.168.1.66 None
[*] arpscanner - 192.168.1.63 None
[*] arpscanner - 192.168.1.64 None
[*] arpscanner - 192.168.1.62 None
[*] arpscanner - 192.168.1.67 None
[*] arpscanner - 192.168.1.68 None
[*] arpscanner - 192.168.1.65 None
[*] arpscanner - 192.168.1.70 None
[*] arpscanner - 192.168.1.69 None
[*] arpscanner - 192.168.1.71 None
[*] arpscanner - 192.168.1.73 None
[*] arpscanner - 192.168.1.74 None
[*] arpscanner - 192.168.1.76 None
[*] arpscanner - 192.168.1.78 None
[*] arpscanner - 192.168.1.82 None
[*] arpscanner - 192.168.1.83 None
[*] arpscanner - 192.168.1.77 None
[*] arpscanner - 192.168.1.79 None
[*] arpscanner - 192.168.1.80 None
[*] arpscanner - 192.168.1.102 08:00:27:ca:b2:41
[*] arpscanner - 192.168.1.90 None
[*] arpscanner - 192.168.1.81 None
[*] arpscanner - 192.168.1.91 None
[*] arpscanner - 192.168.1.84 None
[*] arpscanner - 192.168.1.85 None
[*] arpscanner - 192.168.1.72 None
[*] arpscanner - 192.168.1.88 None
[*] arpscanner - 192.168.1.75 None
[*] arpscanner - 192.168.1.87 None
[*] arpscanner - 192.168.1.89 None
[*] arpscanner - 192.168.1.107 08:00:27:12:a1:ba
[*] arpscanner - 192.168.1.86 None
[*] arpscanner - 192.168.1.108 None
[*] arpscanner - 192.168.1.93 None
[*] arpscanner - 192.168.1.94 None
[*] arpscanner - 192.168.1.92 None
[*] arpscanner - 192.168.1.97 None
[*] arpscanner - 192.168.1.98 None
[*] arpscanner - 192.168.1.96 None
[*] arpscanner - 192.168.1.95 None
[*] arpscanner - 192.168.1.100 None
[*] arpscanner - 192.168.1.101 None
[*] arpscanner - 192.168.1.99 None
[*] arpscanner - 192.168.1.104 None
[*] arpscanner - 192.168.1.103 None
[*] arpscanner - 192.168.1.106 None
[*] arpscanner - 192.168.1.112 None
[*] arpscanner - 192.168.1.110 None
[*] arpscanner - 192.168.1.114 None
[*] arpscanner - 192.168.1.113 None
[*] arpscanner - 192.168.1.111 None
[*] arpscanner - 192.168.1.109 None
[*] arpscanner - 192.168.1.115 None
[*] arpscanner - 192.168.1.116 None
[*] arpscanner - 192.168.1.118 None
[*] arpscanner - 192.168.1.117 None
[*] arpscanner - 192.168.1.105 None
[*] arpscanner - 192.168.1.120 None
[*] arpscanner - 192.168.1.123 None
[*] arpscanner - 192.168.1.122 None
[*] arpscanner - 192.168.1.121 None
[*] arpscanner - 192.168.1.119 None
[*] arpscanner - 192.168.1.124 None
[*] arpscanner - 192.168.1.125 None
[*] arpscanner - 192.168.1.126 None
[*] arpscanner - 192.168.1.128 None
[*] arpscanner - 192.168.1.127 None
[*] arpscanner - 192.168.1.129 None
[*] arpscanner - 192.168.1.130 None
[*] arpscanner - 192.168.1.131 None
[*] arpscanner - 192.168.1.133 None
[*] arpscanner - 192.168.1.132 None
[*] arpscanner - 192.168.1.134 None
[*] arpscanner - 192.168.1.135 None
[*] arpscanner - 192.168.1.136 None
[*] arpscanner - 192.168.1.137 None
[*] arpscanner - 192.168.1.138 None
[*] arpscanner - 192.168.1.140 None
[*] arpscanner - 192.168.1.139 None
[*] arpscanner - 192.168.1.141 None
[*] arpscanner - 192.168.1.143 None
[*] arpscanner - 192.168.1.147 None
[*] arpscanner - 192.168.1.144 None
[*] arpscanner - 192.168.1.145 None
[*] arpscanner - 192.168.1.146 None
[*] arpscanner - 192.168.1.142 None
[*] arpscanner - 192.168.1.149 None
[*] arpscanner - 192.168.1.153 None
[*] arpscanner - 192.168.1.152 None
[*] arpscanner - 192.168.1.150 None
[*] arpscanner - 192.168.1.151 None
[*] arpscanner - 192.168.1.148 None
[*] arpscanner - 192.168.1.154 None
[*] arpscanner - 192.168.1.155 None
[*] arpscanner - 192.168.1.156 None
[*] arpscanner - 192.168.1.157 None
[*] arpscanner - 192.168.1.159 None
[*] arpscanner - 192.168.1.160 None
[*] arpscanner - 192.168.1.163 None
[*] arpscanner - 192.168.1.162 None
[*] arpscanner - 192.168.1.158 None
[*] arpscanner - 192.168.1.161 None
[*] arpscanner - 192.168.1.164 None
[*] arpscanner - 192.168.1.165 None
[*] arpscanner - 192.168.1.166 None
[*] arpscanner - 192.168.1.167 None
[*] arpscanner - 192.168.1.168 None
[*] arpscanner - 192.168.1.169 None
[*] arpscanner - 192.168.1.172 None
[*] arpscanner - 192.168.1.171 None
[*] arpscanner - 192.168.1.174 None
[*] arpscanner - 192.168.1.170 None
[*] arpscanner - 192.168.1.175 None
[*] arpscanner - 192.168.1.173 None
[*] arpscanner - 192.168.1.176 None
[*] arpscanner - 192.168.1.182 None
[*] arpscanner - 192.168.1.180 None
[*] arpscanner - 192.168.1.181 None
[*] arpscanner - 192.168.1.179 None
[*] arpscanner - 192.168.1.183 None
[*] arpscanner - 192.168.1.184 None
[*] arpscanner - 192.168.1.177 None
[*] arpscanner - 192.168.1.178 None
[*] arpscanner - 192.168.1.185 None
[*] arpscanner - 192.168.1.186 None
[*] arpscanner - 192.168.1.187 None
[*] arpscanner - 192.168.1.188 None
[*] arpscanner - 192.168.1.191 None
[*] arpscanner - 192.168.1.193 None
[*] arpscanner - 192.168.1.190 None
[*] arpscanner - 192.168.1.189 None
[*] arpscanner - 192.168.1.192 None
[*] arpscanner - 192.168.1.194 None
[*] arpscanner - 192.168.1.196 None
[*] arpscanner - 192.168.1.195 None
[*] arpscanner - 192.168.1.197 None
[*] arpscanner - 192.168.1.199 None
[*] arpscanner - 192.168.1.198 None
[*] arpscanner - 192.168.1.201 None
[*] arpscanner - 192.168.1.200 None
[*] arpscanner - 192.168.1.202 None
[*] arpscanner - 192.168.1.203 None
[*] arpscanner - 192.168.1.204 None
[*] arpscanner - 192.168.1.205 None
[*] arpscanner - 192.168.1.207 None
[*] arpscanner - 192.168.1.208 None
[*] arpscanner - 192.168.1.209 None
[*] arpscanner - 192.168.1.210 None
[*] arpscanner - 192.168.1.206 None
[*] arpscanner - 192.168.1.213 None
[*] arpscanner - 192.168.1.211 None
[*] arpscanner - 192.168.1.214 None
[*] arpscanner - 192.168.1.212 None
[*] arpscanner - 192.168.1.215 None
[*] arpscanner - 192.168.1.216 None
[*] arpscanner - 192.168.1.217 None
[*] arpscanner - 192.168.1.222 None
[*] arpscanner - 192.168.1.219 None
[*] arpscanner - 192.168.1.220 None
[*] arpscanner - 192.168.1.221 None
[*] arpscanner - 192.168.1.223 None
[*] arpscanner - 192.168.1.218 None
[*] arpscanner - 192.168.1.224 None
[*] arpscanner - 192.168.1.226 None
[*] arpscanner - 192.168.1.225 None
[*] arpscanner - 192.168.1.227 None
[*] arpscanner - 192.168.1.228 None
[*] arpscanner - 192.168.1.229 None
[*] arpscanner - 192.168.1.231 None
[*] arpscanner - 192.168.1.230 None
[*] arpscanner - 192.168.1.232 None
[*] arpscanner - 192.168.1.233 None
[*] arpscanner - 192.168.1.235 None
[*] arpscanner - 192.168.1.234 None
[*] arpscanner - 192.168.1.237 None
[*] arpscanner - 192.168.1.238 None
[*] arpscanner - 192.168.1.236 None
[*] arpscanner - 192.168.1.242 None
[*] arpscanner - 192.168.1.240 None
[*] arpscanner - 192.168.1.241 None
[*] arpscanner - 192.168.1.244 None
[*] arpscanner - 192.168.1.243 None
[*] arpscanner - 192.168.1.239 None
[*] arpscanner - 192.168.1.245 None
[*] arpscanner - 192.168.1.247 None
[*] arpscanner - 192.168.1.248 None
[*] arpscanner - 192.168.1.252 None
[*] arpscanner - 192.168.1.246 None
[*] arpscanner - 192.168.1.253 None
[*] arpscanner - 192.168.1.251 None
[*] arpscanner - 192.168.1.250 None
[*] arpscanner - 192.168.1.249 None
[*] arpscanner - 192.168.1.254 None