How To: Turbo Ping Sweeping with Python

Turbo Ping Sweeping with Python

Why did I write this when they're tons of scanning tools available.

Let's start with a real world situation. I sometimes visit clients sites that I need to obtain a usable IP address for a server or whatever. Believe it or not, they are networks that are configured with class A and Class B classful network with some crazy Classless Inter-Domain Routing (CIDR). And the box I'm given may have two or more network interface cards. So, I need an IP and I need one fast. I need something that I can run without having to figure out any network settings. So you are asking why not use NMAP. It's too slow and I would have to think (figure out network setting).

So I wrote this Python script that will perform a ping sweep on the local sub-network. It will ping host 1 through 254 and report it's status as Host <ip> is Active or No response from <ip>.

Problems It solved:
I needed something that will ping 1-254 with Usain Bolt type of speed.
I wanted something that you doesn't need to be a network guru to use.
I don't care about the order of return. The order will be determined by latency of the host.
I just want to know who is up and who is down (I tend to use the higher number IP address).
I wanted the average completion time to be measured in seconds not minutes.
And of course, not a lot of code.

The Tech Behind It:

It is using Python's Multiprocessing module that will do the multi-threading. One of the advantages of the Multiprocessing module, is it's ability to auto scale across all processors and cores.

In testing, the average completion time were around 4.8 seconds on a Dual Core ( your time may vary due to Multiprocessing).

Pros:
Auto detects active interface wired or wireless
No networking knowledge needed
Zero configuration

Cons:
Takes no input (by design)

Dependencies:
scapy

The script can be found here:
https://bitbucket.org/ruped24/fastpingsweep/src

Script Walk Through:
note I can not use underscore because it screws up formatting. I will quote instead.

Line 10 – Allows the print statement to work under python 3.x.
Line 13 – Import scapy module,' get if addr'(get ip address), conf(get active configured interface).
Line 14 – Run a system command and get it's output and store it in a variable.
Line 15 – The multiprocessing module, This scales/uses all cores and does the threading.
Line 16 – Import the sys module to use the exit function.
Line 19 – Create the 'PING SWEEP' class.
Lin – 21 Initializes the 'ping sweeper' method on Line 48 (we'll get back to line 48 later)

Line 24 – Create the pinger function (method). This is the function that does all the work. (note a function inside a class is called a method)

Line 26 – Use scapy to get the active interface and IP address, then removes the last dot and the last octet. Stores it in variable self.hostadrr. note, to access the variable in side the class, it needs to have self prepend.

Line 27 – Takes the 'hostaddr' and add a dot and the 'host num' that will be passed in by Line 48. (we'll get back to line 48 later)

Line 28 – Runs the system's ping command with a count of 1 and store the result in the variable line.
Line 30 – Starts a while loop.

Line 31 – Check if the string bytes from is in the variable line. If true it will print Host i<ip> is Alive and break out of the loop. If the string Unreachable in in the variable line. Then it will print No response from <ip> and break out of the loop. (This is repeated 254 times by Line 46, the 'ping sweeper' method)

Line 46 – Exits the loop.
Line 48 – Create the 'ping sweeper' multi-threading function (method).
Line 49 --Start a for loop that will loop through and count 1-254. note line 49 says 255.
The python range function says count from the start number up to, but not including the last number (in our case 255).

Line 50 – Create the variable ping. Call the multiprocessing modules with it's parameters. target=(the name of your worker function) args=(the loop variable, in our case 'host num' (1-254).

Line 51 – Calls ping with the build-in start method of the multiprocessing module.
Line 54 – Python's little trick of calling a module as a standalone script.
Line 55 – Sets up a try block to catch exceptions (errors).
Line 56 – Starts an instance of the 'PING SWEEP' class line 19, and calls the method 'ping sweeper' (on line 48).
Line 57 – Catches control C and aborts the script.

By: n0neXn0ne

2 Comments

Hi,

I don't want to be a bad criticist or what so ever but what you have developed is a basic IP scaner to check if the machine is up or not. The feature to identify if its wired or lan is cool and if you say it scans 253 hosts in less than 5 seconds its amazing. But if you have machines that don't reply to ICMP requests, will it work anyway?

Cheers

The answer is No. Only to ICMP host(s) that are accepting request. hping3 will be my fallback for non ICMP host. And you do have hosts that don't reply to ICMP. hping3 is not defaulted on most system. I wanted to say with a default setup. You can modify it to use hping3. Let me know if you do.

thx

Share Your Thoughts

  • Hot
  • Latest