Created
July 16, 2022 16:57
-
-
Save maheshbasnet089/5e2a4bff955d74ad2c7ad322483af094 to your computer and use it in GitHub Desktop.
It can be used to scan the hosts connected on your network in a short period of time .
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ipaddress | |
| import os | |
| import socket | |
| import struct | |
| import sys | |
| import threading | |
| import time | |
| SUBNET = '192.168.1.0/24' | |
| MESSAGE = 'PYTHONRULES!' | |
| class IP: | |
| def __init__(self, buff=None): | |
| header = struct.unpack('<BBHHHBBH4s4s', buff) | |
| self.ver = header[0] >> 4 | |
| self.ihl = header[0] & 0xF | |
| self.tos = header[1] | |
| self.len = header[2] | |
| self.id = header[3] | |
| self.offset = header[4] | |
| self.ttl = header[5] | |
| self.protocol_num = header[6] | |
| self.sum = header[7] | |
| self.src = header[8] | |
| self.dst = header[9] | |
| # human readable IP addresses | |
| self.src_address = ipaddress.ip_address(self.src) | |
| self.dst_address = ipaddress.ip_address(self.dst) | |
| # map protocol constants to their names | |
| self.protocol_map = {1: "ICMP", 6: "TCP", 17: "UDP"} | |
| try: | |
| self.protocol = self.protocol_map[self.protocol_num] | |
| except Exception as e: | |
| print('%s No protocol for %s' % (e, self.protocol_num)) | |
| self.protocol = str(self.protocol_num) | |
| class ICMP: | |
| def __init__(self, buff): | |
| header = struct.unpack('<BBHHH', buff) | |
| self.type = header[0] | |
| self.code = header[1] | |
| self.sum = header[2] | |
| self.id = header[3] | |
| self.seq = header[4] | |
| def udp_sender(): | |
| with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as sender: | |
| for ip in ipaddress.ip_network(SUBNET).hosts(): | |
| time.sleep(1) | |
| print('+', end='') | |
| sender.sendto(bytes(MESSAGE, 'utf8'), (str(ip), 65212)) | |
| class Scanner: | |
| def __init__(self, host): | |
| self.host = host | |
| if os.name == 'nt': | |
| socket_protocol = socket.IPPROTO_IP | |
| else: | |
| socket_protocol = socket.IPPROTO_ICMP | |
| self.socket = socket.socket( | |
| socket.AF_INET, socket.SOCK_RAW, socket_protocol) | |
| self.socket.bind((host, 0)) | |
| self.socket.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) | |
| print('hitting promiscuous mode...') | |
| if os.name == 'nt': | |
| self.socket.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON) | |
| def sniff(self): | |
| hosts_up = set([f'{str(self.host)} *']) | |
| try: | |
| while True: | |
| print('.', end='') | |
| raw_buffer = self.socket.recvfrom(65535)[0] | |
| ip_header = IP(raw_buffer[0:20]) | |
| if ip_header.protocol == "ICMP": | |
| offset = ip_header.ihl * 4 | |
| buf = raw_buffer[offset:offset + 8] | |
| icmp_header = ICMP(buf) | |
| if icmp_header.code == 3 and icmp_header.type == 3: | |
| if ipaddress.ip_address(ip_header.src_address) in ipaddress.IPv4Network(SUBNET): | |
| if raw_buffer[len(raw_buffer) - len(MESSAGE):] == bytes(MESSAGE, 'utf8'): | |
| hosts_up.add(str(ip_header.src_address)) | |
| print(f'Host Up: {str(ip_header.src_address)}') | |
| # handle CTRL-C | |
| except KeyboardInterrupt: | |
| if os.name == 'nt': | |
| self.socket.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF) | |
| print('\nUser interrupted.') | |
| if hosts_up: | |
| print(f'\n\nSummary: Hosts up on {SUBNET}') | |
| for host in sorted(hosts_up): | |
| print(f'{host}') | |
| print('') | |
| sys.exit() | |
| if __name__ == '__main__': | |
| if len(sys.argv) == 2: | |
| host = sys.argv[1] | |
| else: | |
| host = '192.168.100.238' | |
| s = Scanner(host) | |
| time.sleep(10) | |
| t = threading.Thread(target=udp_sender) | |
| t.start() | |
| s.sniff() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment