Learn Python Pentesting

pythonlearn

Python Pentester

The script developed by the scapy library can be used to detect sniffers on the network (packet sniffers). The purpose is to determine the terminal units running in promiscuous mode. Bad broadcast packets are sent to the end-to-end units that are running the packet sniffer. Normally, if the terminal unit is not in promiscuous mode, it will ignore these packets. If you are not sure where to find the package, you can use the following command: This way, it’s possible to see if the packet sniffer is working in that extreme unit.

>> fake_bcast="ff:ff:ff:ff:ff:fe"

1	>> fake_bcast="ff:ff:ff:ff:ff:fe"

Preparing defective broadcast package

>> ans,unans = srp(Ether(dst=fake_bcast)/ARP(pdst=net), filter="arp and arp[7] = 2", timeout=1, iface_hint=net)

1	>> ans,unans = srp(Ether(dst=fake_bcast)/ARP(pdst=net), filter="arp and arp[7] = 2", timeout=1, iface_hint=net)

Preparing the package to be sent.

Python Pentesting Codes

#!/usr/bin/python
import sys
try:
from scapy.all import *
except ImportError:
sys.stderr.write("Scapy module must be installed in order to run this script !!!\n")
sys.exit(37)
def usage ():
sys.stderr.write("%s <-ip ip_address | -net net> \n"% (sys.argv[0]))
sys.stderr.write("%s -ip 10.0.0.37 | -net 192.168.1.0/24\n"% (sys.argv[0]))
sys.exit(37)
def is_net_sniffer(net):
fake_bcast="ff:ff:ff:ff:ff:fe"
ans,unans = srp(Ether(dst=fake_bcast)/ARP(pdst=net),
filter="arp and arp[7] = 2", timeout=1, iface_hint=net)
ans = ARPingResult(ans.res, name="galkan.net")
for snd,rcv in ans:
print rcv.sprintf("%ARP.psrc%")
def is_ip_sniffer (ip_address):
fake_bcast="ff:ff:00:00:00:00"
responses = srp1(Ether(dst=fake_bcast) / ARP(op="who-has", pdst=destination_ip),type=ETH_P_ARP, iface_hint=destination_ip, timeout=1, verbose=0)
if responses:
print "%s :OK"% (ip_address)
else:
print "%s: NOT"% (ip_address)
if __name__ == "__main__":
if len(sys.argv) != 3:
usage()
elif (sys.argv[1] == "-ip" and sys.argv[2]) :
destination_ip = sys.argv[2]
is_ip_sniffer(destination_ip)
elif (sys.argv[1] == "-net" and sys.argv[2]):
net = sys.argv[2]
is_net_sniffer(net)
else:
usage()

#!/usr/bin/python

import sys

try:

from scapy.all import *

except ImportError:

sys.stderr.write("Scapy module must be installed in order to run this script !!!\n")

sys.exit(37)

def usage ():

sys.stderr.write("%s <-ip ip_address | -net net> \n"% (sys.argv[0]))

sys.stderr.write("%s -ip 10.0.0.37 | -net 192.168.1.0/24\n"% (sys.argv[0]))

sys.exit(37)

def is_net_sniffer(net):

fake_bcast="ff:ff:ff:ff:ff:fe"

ans,unans = srp(Ether(dst=fake_bcast)/ARP(pdst=net),

filter="arp and arp[7] = 2", timeout=1, iface_hint=net)

ans = ARPingResult(ans.res, name="galkan.net")

for snd,rcv in ans:

print rcv.sprintf("%ARP.psrc%")

def is_ip_sniffer (ip_address):

fake_bcast="ff:ff:00:00:00:00"

responses = srp1(Ether(dst=fake_bcast) / ARP(op="who-has", pdst=destination_ip),type=ETH_P_ARP, iface_hint=destination_ip, timeout=1, verbose=0)

if responses:

print "%s :OK"% (ip_address)

else:

print "%s: NOT"% (ip_address)

if __name__ == "__main__":

if len(sys.argv) != 3:

usage()

elif (sys.argv[1] == "-ip" and sys.argv[2]) :

destination_ip = sys.argv[2]

is_ip_sniffer(destination_ip)

elif (sys.argv[1] == "-net" and sys.argv[2]):

net = sys.argv[2]

is_net_sniffer(net)

else:

usage()

Script detect_sniffer.py the output is similar to the following, since it is executed in the following way that it is saved to the named file.

# ./detect_sniffers.py -ip 192.168.1.1
192.168.1.1: NOT
# ./detect_sniffers.py -ip 192.168.1.2
192.168.1.2: OK
# ./detect_sniffers.py -net 192.168.1.0/24
192.168.1.2
192.168.1.37
192.168.1.109

# ./detect_sniffers.py -ip 192.168.1.1

192.168.1.1: NOT

# ./detect_sniffers.py -ip 192.168.1.2

192.168.1.2: OK

# ./detect_sniffers.py -net 192.168.1.0/24

192.168.1.2

192.168.1.37

192.168.1.109

Premium Website HTML Templates