Good morning. I made a simple network scanner which lists information about scanned devices, however I noticed that the OUI Manufacturer information is only printed as 8 characters long.
What am I missing here?
import scapy.all as scapy
import manuf
def get_device_type(mac_address):
p = manuf.MacParser()
manufacturer = p.get_manuf(mac_address)
return manufacturer or "Unknown"
def scan(ip):
print("Sending ARP requests...")
arp_request = scapy.ARP(pdst=ip)
broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
arp_request_broadcast = broadcast / arp_request
answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0]
print("\nIP\t\tMAC Address\t\tManufacturer\t\tOS\n---------------------------------------------------------------------------------------------------------------")
for element in answered_list:
ip = element[1].psrc
mac = element[1].hwsrc
device_type = get_device_type(mac)
try:
syn_packet = scapy.IP(dst=ip) / scapy.TCP(dport=80, flags="S")
response = scapy.sr1(syn_packet, timeout=1, verbose=False)
if response:
if response.haslayer(scapy.TCP) and response.getlayer(scapy.TCP).flags == 0x12:
os_info = "Linux/Unix"
elif response.haslayer(scapy.TCP) and response.getlayer(scapy.TCP).flags == 0x14:
os_info = "Windows"
else:
os_info = "Unknown"
else:
os_info = "Unknown"
except:
os_info = "Error"
print(f"{ip}\t{mac}\t{device_type}\t{os_info}\t")
print("\nDone\n---------------------------------------------------------------------------------------------------------------")
scan("192.168.42.1/24")
Thanks.
get_manuf
returns the abbreviated 8 character name from the Wireshark database. To get the full name, use get_manuf_long
.