Scapy | the broadcast

Python: Combine NetIfaces, Scapy and IPAddress to find local connected network

By: ron

On: 2018-11-07

You got the task to generate a list of IP-Networks connected to LAN „VirtualBox Host-Only Network“. There might be more than one IP-Network. Use Scapy to crawl through all Interfaces and get the human-readable interface name [only required for windows users]. Use NetIfaces to get a list of IP-Addresses connected to this interface. Use IPAddress to calculate the IP-Network(s) directly connected. In my case, only one subnet is directly connected: 192.168.56.0/24Read More →

Python netifaces and scapy: Getting meaningful Interface-names and full IP-Adresses-/Netmask-Information

By: ron

On: 2018-11-06

In: Scripting, Windows

With: 0 Comments

Using Windows: scapy reads: meaningful interface-names ip-address but no netmask netifaces reads: full Ethernet/IP/IPv6-Information but no meaningful interface-names Mixing both, provides everything needed. Netifaces only Adding Scapy to get meaningful interface namesRead More →

Python Scapy: Wait for CDP-Neighbor

By: ron

On: 2018-11-02

In: automation, Scripting, Windows

With: 0 Comments

After provisioning a new Cisco CSR1000V-Router this script waits until the router is fully deployed got it’s Management-IP-Address assigned via DHCP. and returns this Management IP-Address. Prepare First, install „netaddr“-package. needed to check, if the management-IP of the CDP-Neighbor is in the correct IP-Subnet the „wait-for-CDP“-Script Obviously far to much hard-coded stuff, just as an example 😉 waiting for a CDP-Neighbor to appear with the following properties: hostname „CSR-A“ an IP-Address within the network „192.168.56.0 /24“ at the interface VirtualBox Host-Only-Network Provision a new CSR1000V Router named „CSR-A“ Run the „wait-for-CDP-Neighbor“-Script In a second CMD-Box, and… Be patient, of course. Or store the returned IP-AddressRead More →

Python Scapy: CDP-Monitor

By: ron

On: 2018-11-01

In: Scripting

With: 0 Comments

Watch and decode Cisco Discovery Protocol Packetes. CDP Monitor-Script Inspired by the Scapy ARP-Monitor i created an CDP-Monitor displaying hostname and an optional Management-IP-Address. Real-Life Example Run this script: Open another CMD-Window to spin up a new CSR1000V-Router: Go back to the „python“-Screen and wait: It works, the IOS-XE CSR1000V-Router is installed and it got it’s baseline-config applied: Hostname Interface set to „ip address dhcp“ CDP enabled takes some time, but these first CDP-Packets captured were not sent in 60s interval, so don’t be scared 😉Read More →

Python Scapy: Capturing „Cisco Discovery Protocol (CDP)“

By: ron

On: 2018-10-31

In: Scripting

With: 0 Comments

It’s hard to believe, how easy it is to capture (and to craft) LAN-Data using Python Scapy. I need to capture CDP-Packets and to extract information like the hostname of the sender and it’s IP-Address. As an modification of the „ARP-Monitor“-example taken from the manual Using scapy in your tools. Scapy Installation nothing special: pip install Python: Install Scapy Example: List all Interfaces of my Laptop Capture 10 Packets on a specific interface Capture CDP-Packets Decode CDP (with inactive dissector) Activate the CDP-Parser Capture again and display CDP-Information as cleartext Decode CDP-Hostname Decode CDP-Management-IP-AddressRead More →