Python Active Recon – Basic Function

  python, scapy

I’m new to python and using scapy. Trying to make a basic active reconnaissance program to do the following:

  • fetch the IP address for the given network interface (eg enp0s or lo)
  • Should then send an ICMP request to every host in this network (can assume it is a /24 network).
  • Detect if an ICMP reply was returned
  • When the script has finished sending ICMP requests it should output a list of addresses for which a reply was received

Anyone know where I’m going wrong, can’t seem to figure it out…would appreciate the help of some more experienced coders to help me expand my knowledge

Thank you.

def active_recon():
#To get the IP address for the given network interface by using "ifconfig" command manually we know that enp0s3 = "10.0.2.15" and lo = "127.0.0.1"


  def filter_packets(ipaddress):
    def packet_handler(pkt):
      if(pkt[IP].src == ipaddress):
        print(pkt.summary())   
    
    return packet_handler


   #send an ICMP request to every host(IP address) in the same network (as we are assuming it's a /24 network)
  
  if(InterfaceSelected == "lo"): #using the global variable defined in the main function to determine which interface the user has selected
    ipaddress = "127.0.0.1"
    send(IP(dst="127.0.0.1")/ICMP())      #creating a packet which includes the IP header, which is neeeded to send a ping
    sr(IP(dst="127.0.0.1")/ICMP())      #detecting if a reply is returned - using sr function instead of sr1 function as this has the ability to receive multiple replies (in the event this happens)
    sniff(iface="lo", timeout=5, prn=filter_packets(ipaddress)) #5 second timeout

  if(InterfaceSelected == "enp0s3"):
    ipaddress = "10.0.2.15"
    send(IP(dst="10.0.2.15")/ICMP())      
    sr(IP(dst="10.0.2.15")/ICMP())  
    sniff(iface="enp0s3", timeout=5, prn=filter_packets(ipaddress))    
  
#Output a list of MAC addresses that sent a reply

Source: Python Questions

LEAVE A COMMENT