vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
77ba2e1362f5ce066b8dc43227b5fd222db18555
NetAlertX/pialert/scanners/arpscan.py
Jokob-sk 77ba2e1362 arp-scan debug #261 work
2023-07-05 08:04:10 +10:00

67 lines
2.3 KiB
Python
Executable File
Raw Blame History

import re
import subprocess
from logger import mylog
from helper import write_file
from const import logPath
#-------------------------------------------------------------------------------
def execute_arpscan (userSubnets):
# output of possible multiple interfaces
arpscan_output = ""
# scan each interface
index = 0
for interface in userSubnets :
write_file (logPath + '/arp_scan_output_' + str(index) + '.txt', arpscan_output)
index += 1
arpscan_output += execute_arpscan_on_interface (interface)
# Search IP + MAC + Vendor as regular expresion
re_ip = r'(?P<ip>((2[0-5]|1[0-9]|[0-9])?[0-9]\.){3}((2[0-5]|1[0-9]|[0-9])?[0-9]))'
re_mac = r'(?P<mac>([0-9a-fA-F]{2}[:-]){5}([0-9a-fA-F]{2}))'
re_hw = r'(?P<hw>.*)'
re_pattern = re.compile (re_ip + '\s+' + re_mac + '\s' + re_hw)
# Create Userdict of devices
devices_list = [device.groupdict()
for device in re.finditer (re_pattern, arpscan_output)]
mylog('debug', ['[ARP Scan] Found: Devices including duplicates ', len(devices_list) ])
# Delete duplicate MAC
unique_mac = []
unique_devices = []
for device in devices_list :
if device['mac'] not in unique_mac:
unique_mac.append(device['mac'])
unique_devices.append(device)
# return list
mylog('debug', ['[ARP Scan] Found: Devices without duplicates ', len(unique_devices) ])
return unique_devices
#-------------------------------------------------------------------------------
def execute_arpscan_on_interface (interface):
# Prepare command arguments
subnets = interface.strip().split()
# Retry is 6 to avoid false offline devices
mylog('debug', ['[ARP Scan] - arpscan command: sudo arp-scan --ignoredups --retry=6 ', str(subnets)])
arpscan_args = ['sudo', 'arp-scan', '--ignoredups', '--retry=6'] + subnets
# Execute command
try:
# try runnning a subprocess
result = subprocess.check_output (arpscan_args, universal_newlines=True)
except subprocess.CalledProcessError as e:
# An error occured, handle it
mylog('none', ['[ARP Scan] Error: ', e.output])
result = ""
mylog('debug', ['[ARP Scan] on Interface Completed with results: ', result])
return result
Reference in New Issue View Git Blame Copy Permalink