Created
October 3, 2014 23:46
-
-
Save joselitosn/a8a7b842037f9357fd56 to your computer and use it in GitHub Desktop.
Detects rogue DHCP servers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from scapy.all import * | |
| fam, hw = get_if_raw_hwaddr(conf.iface) | |
| # Define a callback function for when DHCP packets are received | |
| def dhcp_callback(pkt): | |
| # Check if the DHCP packet is a DHCP offer | |
| if DHCP in pkt and pkt[DHCP].options[0][1] == 2: | |
| print 'DHCP offer received from %s (%s)' % (pkt[IP].src, pkt[Ether].src) | |
| # Construct the DHCP request | |
| dhcp_request = ( | |
| Ether(dst='ff:ff:ff:ff:ff:ff') / | |
| IP(src='0.0.0.0', dst='255.255.255.255') / | |
| UDP(sport=68, dport=67) / | |
| BOOTP(chaddr=hw) / | |
| DHCP(options=[('message-type', 'discover'), 'end']) | |
| ) | |
| # Send the DHCP request | |
| sendp(dhcp_request) | |
| # Sniff for any DHCP packets | |
| sniff(prn=dhcp_callback, store=0) | |
| # Based on Craig Dodd code | |
| # http://dodd.io/blog/detecting-rogue-dhcp-servers |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi, I'm pretty new to python. I piped scapy and ran this but got the following error message do you think you could give me a hint as to where to go next?
self._handle = _dlopen(self._name, mode)
OSError: [WinError 126] The specified module could not be found