DEV Community

powerexploit
powerexploit

Posted on

Let's! Ping The Network with 15 Line Of Code Using Python & Scapy!

Alt Text
This Blog is basically published first in my blog ankitdobhal.github.io

My funny experience:

Let's try to travel the time 1 year back when I started to learn about little bit about hacking and networking in windows and Linux. Ping was my first tool,it is a basic networking utility which helps to check connectivity and communication b/w two systems.So When first time I used this utility it helped me to understand the basic concept of packets,and I was very much happy. well I know its sound to much awkward now.
Alt Text
Well!! Then after spending my more time in pentesting, I started to automate more stuff using python. yesterday ping came back to me, when I was working and trying to understand how packets works, & found one of the module of the python scapy and tried to break the code & ping the network,lets try to understnd what I did with with scapy.

Scapy and How it works:

So before discussing about scapy you need to be able that how to write code in python ,& if you don't know then this place is not for you!! Now What is Scapy and how it works?
Well scapy is a powerful Python-based interactive packet manipulation program and library.It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work.

To install this super amazing python based library & tool you need to write this following commands in your os terminal:



pip install scapy (Windows)
pip3 install scapy (Linux)

Enter fullscreen mode Exit fullscreen mode




My ping script with scapy & python:




#!/usr/bin/python3

pingscanner.py

import sys
from scapy.all import *
print("pinging the target....")
ip = sys.argv[1] # command line argument
icmp = IP(dst=ip)/ICMP()
#IP defines the protocol for IP addresses

dst is the destination IP address

TCP defines the protocol for the ports

resp = sr1(icmp,timeout=10)
if resp == None:
print("This host is down")
else:
print("This host is up")

Enter fullscreen mode Exit fullscreen mode




what is this code doing? Let's break

Python have its power to automate most of the stuffs which lets the pentester to ease their hacking task,In above code the basic first thing I did imported scapy and sys module to use them their functions,ip is the variable which stores the target ip address ,icmp variable which creates packet and resp variable which contain sr1 function that Send packets at layer 3 and return only the first answer.Then finally conditional statement to check host is up or down.

Thankyou for visiting and understanding the power of python,You can also find above code in my gist and can ask me about anything follow me on twitter,github,medium.

Top comments (6)

Collapse
 
lifeofkar profile image
Karthik R

Just found out what scapy is,

I'm trying to build a similar ping check script using the scapy.

But i feel this is a bit un-reliable.
some times while pinging even 8.8.8.8 shows down

Just 1 out of 3 results came with UP :(

Any particular reason for this?

Collapse
 
powerexploit profile image
powerexploit

I have't any idea when I tried scapy it was working very well also for 8.8.8.8 it was showing up.

Collapse
 
lifeofkar profile image
Karthik R

Here's the code sample i'm using and some test runs.
Let me know if im doing anything wrong here :)
bin.gojira.tokyo/azuleqoyot.rb

Thread Thread
 
powerexploit profile image
powerexploit

Hey I have checked your script.I am happy that you are working on scapy.
why you are making its too complex you can ping 8.8.8.8 with simple script as i have shared.

Collapse
 
rudyryk profile image
Alexey Kinev

Hello, Ankit! Good positng, thank you. Btw, it's more general to write:

resp is None

because None is a singleton. Also explicit imports are more preferred, like:

from scapy.all import IP, ICMP, sr1

Collapse
 
infin1tium profile image
infin1tium

How can I print the received packets? I want to make it work similar to the "ping" command in the command prompt.