Python Forum
Python 2.7 RAW sockets: missing and wrong fields in ARP header - Printable Version

+- Python Forum (https://python-forum.io)
+-- Forum: Python Coding (https://python-forum.io/forum-7.html)
+--- Forum: Networking (https://python-forum.io/forum-12.html)
+--- Thread: Python 2.7 RAW sockets: missing and wrong fields in ARP header (/thread-8027.html)

Python 2.7 RAW sockets: missing and wrong fields in ARP header - gold604 - Feb-03-2018

Hello, at the beggining I would like to say that I didn't have any experiences with sockets earlier. I am trying to create response ARP packet in python 2.7. I have almost done it, but there's a problem: when I was looking at the packet in wireshark i found out that ARP header is missing sender & target mac and sender & target ip fields. Harware size and protocol size fields are wrong as well. What am I doing wrong? Do I pack data wrongly? Here is source code of the program:

import socket
import struct
import binascii


def formatMAC(mac):
    return mac.lower().replace(':', '')

def sendPacket(packet):
    s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW)
    s.bind(("wlan0", 0))
    return s.send(packet)

eth_src = formatMAC('A0:88:B4:0A:A5:A8')
eth_dst = formatMAC("18:A6:F7:CF:51:B6")
eth_prt = '0806'

arp_hw_type = '0001'
arp_prt_type = '0800'
arp_hw_size = '0006'
arp_prt_size = "0004"
arp_opcode = '0002'
arp_mac_src = formatMAC('A0:88:B4:0A:A5:A8')
arp_ip_src = '192.168.0.134'
arp_mac_dst = formatMAC('18:A6:F7:CF:51:B6')
arp_ip_dst = '192.168.0.1'

eth_pack = struct.pack("!6s6s2s", binascii.unhexlify(eth_dst), binascii.unhexlify(eth_src), binascii.unhexlify(eth_prt))
arp_pack = struct.pack("2s2s1s1s2s6s4s6s4s",
         binascii.unhexlify(arp_hw_type), 
         binascii.unhexlify(arp_prt_type),
         binascii.unhexlify(arp_hw_size),
         binascii.unhexlify(arp_prt_size),
         binascii.unhexlify(arp_opcode),
         binascii.unhexlify(arp_mac_src),
         socket.inet_aton(arp_ip_src), 
         binascii.unhexlify(arp_mac_dst),
         socket.inet_aton(arp_ip_dst)
         )

packet = eth_pack + arp_pack
print(sendPacket(packet))
Wireshark:
[Image: 8u9el.png]

Thanks.

RE: Python 2.7 RAW sockets: missing and wrong fields in ARP header - wavic - Feb-04-2018

See Scapy. You can craft whatever packet you want.