Network Scanning using scapy module – Python

Scapy is a library supported by both Python2 and Python3. It is used for interacting with the packets on the network. It has several functionalities through which we can easily forge and manipulate the packet. Through scapy module we can create different network tools like ARP Spoofer, Network Scanner, packet dumpers etc. This module can be used to create more advanced tools related network security and ethical hacking.

Installation of scapy module:
As scapy module is not included in Python3 library by default, we have to add it into our Python library using pip. Execute this command in your Linux terminal to get the scapy module for Python3.

pip3 install scapy-python3

What is network scanning ?
Network scanning refers to scanning of whole network to which we are connected and try to find out what are all the clients connected to our network. We can identify each and every client using their IP and MAC address. We can use ARP ping to find out the alive systems in our network.

Some important functions for creating Network scanner –

ARP(): This function defined in scapy module which allows us to create ARP packets (request or response). By default, if we are calling it, it will create an ARP request packet for us.

filter_none

edit
close

play_arrow

link
brightness_4
code

import scapy.all as scapy
  
request = scapy.ARP()

chevron_right


summary(): This method provide us the status of the packet that we have created. It does not provide the detailed information about the packet, it just gives us the basic idea like what is the type of packet, what is the destination of the packet etc.
For example if we want to create an ARP packet using ARP() method which is present in the scapy module and want to see the summary of the packet then we can do this by creating the object of ARP class.



filter_none

edit
close

play_arrow

link
brightness_4
code

import scapy.all as scapy
  
request = scapy.ARP()
print(request.summary())

chevron_right


Now we have created a request packet of ARP. Here the output of the program will be like this –
Summary function Image

show() method: This method is very similar to summary() method. It gives more detailed information about the packet. The usage of this function is also much similar to as summary() method.

filter_none

edit
close

play_arrow

link
brightness_4
code

import scapy.all as scapy
  
request = scapy.ARP()
print(request.show())

chevron_right


ls() function: This method is present in the scapy class. By using this method, we can see what are the fields that we can set for a specific packet.
In our example we will create an ARP packet and the with the help of ls() function, we will see what are the available fields for this packet.

filter_none

edit
close

play_arrow

link
brightness_4
code

import scapy.all as scapy
  
request = scapy.ARP()
print(scapy.ls(scapy.ARP()))

chevron_right


Steps for creating Network Scanner –

1. Create an ARP packet using ARP() method.
2. Set the network range using variable.
3. Create an Ethernet packet using Ether() method.
4. Set the destination to broadcast using variable hwdst.
5. Combine ARP request packet and Ethernet frame using ‘/’.
6. Send this to your network and capture the response from different devices.
7. Print the IP and MAC address from the response packets.

Below is the Python implementation –

filter_none

edit
close

play_arrow

link
brightness_4
code

import scapy.all as scapy
  
request = scapy.ARP()
  
request.pdst = 'x'
broadcast = scapy.Ether()
  
broadcast.dst = 'ff:ff:ff:ff:ff:ff'
  
request_broadcast = broadcast / request
clients = scapy.srp(request_broadcast, timeout = 1)[0]
for element in clients:
    print(element[1].psrc + "      " + element[1].hwsrc)

chevron_right


Here x = Network range. For example x = 192.168.1.1/24, 172.16.5.1/16 etc

Output:

Attention geek! Strengthen your foundations with the Python Programming Foundation Course and learn the basics.

To begin with, your interview preparations Enhance your Data Structures concepts with the Python DS Course.




My Personal Notes arrow_drop_up


If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.