eigenein / my-iot

Yet another home automation
https://eigenein.github.io/my-iot
MIT License
0 stars 0 forks source link

ARP sniffer channel #24

Open eigenein opened 5 years ago

eigenein commented 5 years ago

Can potentially be used to passively scan for devices in local network.

eigenein commented 5 years ago

Couldn't see any packets from inside the Docker container with this snippet:

import socket
import struct
import binascii

raw_socket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(0x0003))

while True:

    packet = raw_socket.recvfrom(2048)

    ethernet_header = packet[0][0:14]
    ethernet_detailed = struct.unpack("!6s6s2s", ethernet_header)

    arp_header = packet[0][14:42]
    arp_detailed = struct.unpack("2s2s1s1s2s6s4s6s4s", arp_header)

    # skip non-ARP packets
    ethertype = ethernet_detailed[2]
    if ethertype != '\x08\x06':
        continue

    print("****************_ETHERNET_FRAME_****************")
    print("Dest MAC:        ", binascii.hexlify(ethernet_detailed[0]))
    print("Source MAC:      ", binascii.hexlify(ethernet_detailed[1]))
    print("Type:            ", binascii.hexlify(ethertype))
    print("************************************************")
    print("******************_ARP_HEADER_******************")
    print("Hardware type:   ", binascii.hexlify(arp_detailed[0]))
    print("Protocol type:   ", binascii.hexlify(arp_detailed[1]))
    print("Hardware size:   ", binascii.hexlify(arp_detailed[2]))
    print("Protocol size:   ", binascii.hexlify(arp_detailed[3]))
    print("Opcode:          ", binascii.hexlify(arp_detailed[4]))
    print("Source MAC:      ", binascii.hexlify(arp_detailed[5]))
    print("Source IP:       ", socket.inet_ntoa(arp_detailed[6]))
    print("Dest MAC:        ", binascii.hexlify(arp_detailed[7]))
    print("Dest IP:         ", socket.inet_ntoa(arp_detailed[8]))
    print("*************************************************\n")
eigenein commented 5 years ago

This altogether with DictReader may really help:

nobody@raspberrypi:/app$ cat /proc/net/arp
IP address       HW type     Flags       HW address            Mask     Device
192.168.2.13     0x1         0x2         xx:xx:xx:xx:xx:xx     *        wlan0
192.168.2.41     0x1         0x2         xx:xx:xx:xx:xx:xx     *        wlan0
172.18.0.2       0x1         0x2         xx:xx:xx:xx:xx:xx     *        br-7a16f1af2885
192.168.2.254    0x1         0x2         xx:xx:xx:xx:xx:xx     *        wlan0