{"id":375,"date":"2014-01-07T16:57:06","date_gmt":"2014-01-07T23:57:06","guid":{"rendered":"http:\/\/somethingk.com\/main\/?p=375"},"modified":"2014-01-20T18:04:44","modified_gmt":"2014-01-21T01:04:44","slug":"detecting-new-network-devices-with-python-and-tkinter","status":"publish","type":"post","link":"http:\/\/somethingk.com\/main\/detecting-new-network-devices-with-python-and-tkinter\/","title":{"rendered":"Detecting New Network Devices with Python and Tkinter"},"content":{"rendered":"

UPDATE: I made a better version of this tool with server implementation here<\/a>.<\/span><\/p>\n

Today I felt like building a python 2.7 script that would enumerate a network along with alert me to the presence of a new device.<\/p>\n

I limited my project to functions in the standard library.<\/p>\n

So something lightweight and okay fast is a ping sweep. From an early post<\/a> I included the Linux command for a sweep. I used this command along with the python commands to execute the ping sweep along with storing the results in a variable.<\/p>\n

new = commands.getoutput('for i in {'+MIN+'..'+MAX+'}; do ping -c 1 -t 1 '+PREFIX+'.$i | grep \"from\"; done')<\/code><\/p>\n

<\/code>Following, I used some regular expressions to pull out the IP addresses detected in a given prefix range.<\/p>\n

tmp = re.findall(PREFIX+\"\\.(\\d+)\", str(new)) #Pull out IP addresses from the ping results<\/code><\/p>\n

Put that in a loop with some comparison data and you have a script that prints an alert whenever a new device is detected.<\/p>\n\n\n\n
import commands, re
\nPREFIX = \"192.168.1\" #Network prefix
\nMIN = \"0\" #Starting network address, eg 192.168.1.0
\nMAX = \"12\" #Closing network address, e.g. 192.168.1.55
\nresults = []
\nwhile 1:
\nnew = commands.getoutput('for i in {'+MIN+'..'+MAX+'}; do ping -c 1 -t 1 '+PREFIX+'.$i | grep \"from\"; done') #Ping sweep the network to find connected devices
\ntmp = re.findall(PREFIX+\"\\.(\\d+)\", str(new)) #Pull out IP addresses from the ping results
\nif tmp != results:
\nfor t in tmp:
\nif t not in results:
\nprint \"New device at\" + PREFIX + \".\" + str(t)
\nresults = tmp<\/code><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

There are a few short comings in the code but that’s the basic idea.<\/p>\n

Now take this further, I hooked it up to a GUI with enumeration information! The new beastly application constantly flips through NMAP scan results of devices found connected to the network and displays the results in a GUI.\u00a0I even placed a picture in the GUI. I call this app, the Hindenburg, its kind of hacked together.<\/span><\/p>\n

\"The<\/a>
The Hindenburg!<\/figcaption><\/figure>\n\n\n\n
from Tkinter import *
\nimport time, commands, re
\nPREFIX = \"192.168.1\" #Network prefix
\nMIN = \"0\" #Starting network address, eg 192.168.1.0
\nMAX = \"12\" #Closing network address, eg 192.168.1.12
\nclass flipGUI(Tk):
\ndef __init__(self,*args, **kwargs): #Setup the GUI and make it pretty
\nTk.__init__(self, *args, **kwargs)
\nself.label1 = Label(self, width= 65, justify=CENTER, padx=5, pady=5, text=\"Guests\") #Text label
\nself.label2 = Label(self, text=\"Guests\") #Photo label
\nself.label2.grid(row=0, column=1, sticky=W+E+N+S, padx=5, pady=5)
\nself.label1.grid(row=0, column=0)
\nself.flipping()<\/code><\/code>\u00a0\u00a0\u00a0\u00a0def flipping(self): #Flip through NMAP scans of detected devices
\nt = self.label1.cget(“text”)
\nt = self.label2.cget(“image”)
\nfound = scanNetwork()
\nphoto = PhotoImage(file=”picture.gif”)
\nfor f in found[:-1]: #Loop through all but the last item
\nself.label1.config(text=f)
\nself.label1.update()
\nself.label2.config(image=photo)
\nself.label2.update()
\ntime.sleep(15)
\nself.label1.config(text=found[-1]) #the last item doesn’t require the sleep, it takes enough time to run the scans
\nself.label1.update()
\nself.label2.config(image=photo)
\nself.label2.update()
\nself.after(1, flipping())<\/p>\n

def scanNetwork():
\nfound = []
\nnew = commands.getoutput(‘for i in {‘+MIN+’..’+MAX+’}; do ping -c 1 -t 1 ‘+PREFIX+’.$i | grep “from”; done’) #Ping sweep the network to find connected devices
\ntmp = re.findall(PREFIX+”\\.(\\d+)”, str(new)) #Pull out IP addresses from the ping results
\nfor ip in tmp: #Loop through each found IP
\nfound.append(commands.getoutput(‘nmap -v -A -Pn ‘+PREFIX+’.’+ip))
\nreturn found<\/p>\n

app = flipGUI()
\napp.mainloop()<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

It’s ideal for an environment where it can just sit on the screen without much of any type of activity going on. If you are enumerating the entire network, there will be a lag… it happens.<\/p>\n","protected":false},"excerpt":{"rendered":"

UPDATE: I made a better version of this tool with server implementation here. Today I felt like building a python 2.7 script that would enumerate a network along with alert me to the presence of a new device. I limited my project to functions in the standard library. So something lightweight and okay fast is a ping sweep. From an […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,39,93,72,38],"tags":[104,32,18,153,105],"class_list":["post-375","post","type-post","status-publish","format-standard","hentry","category-enumeration","category-fingerprinting","category-networking","category-python","category-vulnerability-scanner","tag-devices","tag-nmap","tag-ping-sweep","tag-python-2-7","tag-tkinter"],"_links":{"self":[{"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/375","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/comments?post=375"}],"version-history":[{"count":18,"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/375\/revisions"}],"predecessor-version":[{"id":642,"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/375\/revisions\/642"}],"wp:attachment":[{"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/media?parent=375"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/categories?post=375"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/tags?post=375"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}