Question

我正在尝试在发送ARP请求后获得arp答复，但答复未到。

我看了一下Wireshk的结果，我认为他确实在向网络广播，但是没有回复...

由于Wireshark的结果，发送方和接收方的MAC地址与真实的MAC地址不对应，我相信我没有包装此权利，但我不明白为什么。

需要帮助...

#!/usr/bin/env python3

import struct
import socket



raw = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(0x0806))
raw.bind(("wlp3s0", socket.htons(0x0806)))


mac_local = b"ff:ff:ff:ff:ff:ff"   # mac de quem envia request
ip_local = "192.168.1.7"           # ip de quem envia request
mac_dest = b"00:00:00:00:00:00"    # mac de quem recebe request
ip_dest = "192.168.1.2"            # ip de quem recebe request




# Ethernet Header
protocol = 0x0806             # 0x0806 protocol to ARP
ethernet_header = struct.pack("!6s6sH", mac_dest, mac_local, protocol)


# ARP header

type_hardware = 1
type_protocol = 0x0800       # IPV4
size_addr_hardware = 6   # Refere ao tamanho do endereço do MAC que é 
48 bits  == 6 bytes 
size_addr_protocol = 4  # Refere ao tamanho do endereço do ipv4 que é 
32 bits == 4 bytes
operation = 1                  # 1 = request / 2 = Reply 

source_ip = socket.inet_aton(ip_local)
dest_ip = socket.inet_aton(ip_dest)


arp_addr = struct.pack("!HHBBH6s4s6s4s", type_hardware, type_protocol,
                       size_addr_hardware, size_addr_protocol, operation,
                       mac_local, source_ip, mac_dest, dest_ip)
pkt = ethernet_header + arp_addr

cont = 0
while cont < 6:
    raw.send(pkt)
    cont +=1

enter image description here

Answer 1

mac_dest和mac_local绝对不正确。您刚刚使用ASCII值创建了一个字节字符串。这些每个都是17字节长。而且，您只需要为每个地址获取这17个字节中的前6个。

它们应该是这样的：

mac_dest = b'\x00\x00\x00\x00\x00\x00'
mac_local = b'\xff\xff\xff\xff\xff\xff'

检查struct.pack调用之前字节字符串的长度正好是六个字节。

也不确定您要做什么，但是我怀疑将全零硬件地址用作目的地地址是否有意义。可以肯定的是没有人会收到它，因为它将是单播到一个没有人的地址。相反的做法可能会有所帮助（从全零发送到广播地址）-我认为这是ARP探针的标准。

ARP请求无回复原始套接字python

1 个答案: