Send hand-crafted Ethernet Frames in Python (ARP for example)
Tonight I decided to send ARP flood over the wireless link to find who is using it. This is a strange thing .. ok but it works pretty fine and quickly ..
First step is to build the custom packet.. I tested several suffs and i decided to keep the dpkt package. It support a large subset of packets and is easy to use. (Nobody for a MSN parser ?:)
The next step is to send and wait for answers. This has been a bit harder, meanly because I spent a long time looking how to send Ethernet Frames (not IP packets).
In other words, how RAW sockets works in python.
Here a small answer.
soc = socket.socket(socket.PF_PACKET, socket.SOCK_RAW) #create the raw-socket
soc.bind(("ath0",0x0806)) # ether type for ARP
soc.send(handly_crafted_packet)
data = soc.receive(1024)
...
If you want a full example, checkout the arp-flood script I wrote.
- Raw Network access in Python
- Last PPP Ip .
- Stateless vs Statefull firewalls
- Arpwatch on WRT54G
- Slow bridging the Wifi
admin June 7th, 2005
- Network
- Comments(14)
Did you look at scapy? It got some nice shortcuts like sendp() for sending ethernet frames. Very nice tool!
Yes, i know scapy but it’s a interactive tool, and i need something that be cron-ed. And second thing, I want to learn how to do that too:)
For some reason the page shows only interactive sessions but it can be scripted too. I’ve used scapy to automate testing of an IP host for an embedded target, the suite being run under the control of unittest.
ive been trying to figure out how to send ethernet frames in python for a couple of days now, thanks
Hi,
I am trying to run ur full code but i m getting following error……
Plz reply me on madhurnamdev@huawei.com
C:DOCUME~1M71323Desktop>python pac.py
Traceback (most recent call last):
File “pac.py”, line 70, in ?
s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW)
AttributeError: ‘module’ object has no attribute ‘PF_PACKET’
Raw sockets are not supported on windows operating system. This works only on Unix I think (sure for SunOS/*BSD/Linux)
Thank you! That’s what I needed.
im using FreeBSD 6.2 and python2.4.3 got the same msg..
Traceback (most recent call last):
File “arp.py”, line 74, in ?
s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW)
AttributeError: ‘module’ object has no attribute ‘PF_PACKET’
Did you have example code that you based your code on?
Hey is there a place where I can read more about operations I can do with dpkt and twisted?
thnks
-L
hello
I have project send/recive ARP with python on linux(fedora10).
I can’t use Ex. code.
If you help me or teach me , Thanks
nattapong__@hotmail.com
On my centos server, everything works perfectly, however on my mac I get this error, similar to the BSD and Windows error others have been reporting:
Traceback (most recent call last):
File “arp-flood.py”, line 74, in
s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW)
AttributeError: ‘module’ object has no attribute ‘PF_PACKET’
Is this because in Mac OS X, raw sockets are not allowed like in windows, or is it something else? Does anyone know a work around?
It appears that BSD(and OSX, since it is built with the same networking stack) can not be used with PF_PACKET it has to use BSD
http://lists.apple.com/archives/darwin-development/2003/Jun/msg00235.html
http://en.wikipedia.org/wiki/Berkeley_Packet_Filter
Anyone has any solutions for this please let me know
Bsdpunk at gmail dot com
Err BPF not BSD….I feel retarded for leaving so many comments, but I don’t know how to merge them.