here’s a quick script i whipped up a while ago.
it uses scapy to perform an ARP ping of a network, and provides a CSV report of any MAC addresses it finds, along with the associated IP’s.
It requires tcpdump to be installed and in the $PATH, as well as root privs to run.
#!/usr/bin/env python
# note that this script requires tcpdump to be installed
# additionally, it requires root privs to run.
# ----
# Portions of this code can be attributed to the book
# Python for Unix and Linux System Administration
# by Noah Gift and Jeremy M. Jones.
# Copyright 2008 Noah Gift and Jeremy M. Jones
# ISBN-13: 978-0-596-51582-9
# ----
import sys
if len(sys.argv) != 2:
print "Usage: pingarp n eg: pingarp 192.168.1.0/24"
sys.exit(1)
from scapy import srp,Ether,ARP,conf
conf.verb=0
ans,unans=srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst=sys.argv[1]),
timeout=2)
print r"MAC,IP"
for snd,rcv in ans:
print rcv.sprintf(r"%Ether.src%,%ARP.psrc%")
here’s sample output:
$ sudo ./pingarp 192.168.11.0/24 MAC,IP 00:16:01:8b:54:4a,192.168.11.1 00:13:ce:e9:6e:95,192.168.11.3 00:40:ca:8a:72:48,192.168.11.6