WEBVTT 00:00.440 --> 00:02.560 Welcome to Network Scanner section. 00:02.560 --> 00:08.360 In this section we are going to create a program that do the scanning okay. 00:08.400 --> 00:13.960 By using IP of a computer we need to get its Mac address. 00:14.800 --> 00:21.960 So here just see we have a full computer one router that is here okay. 00:22.000 --> 00:26.160 We have computer A, B C and D okay. 00:26.680 --> 00:32.560 So here while we are trying to connect to another computer, first we need to know its IP address. 00:32.560 --> 00:36.640 As you see here all this computer has IP okay. 00:36.640 --> 00:38.400 This is the IP for router. 00:38.440 --> 00:42.320 This is IP for computer B, C and D. 00:42.360 --> 00:50.480 So now this A you may ask why doesn't this computer has any IP address or Mac address okay. 00:51.000 --> 00:55.080 That is because it is the hacker computer we are going to. 00:57.120 --> 01:05.160 Build a program that later on we we could use this computer as man in the middle. 01:05.200 --> 01:13.160 Okay, so all the connection, all the packets that is moving through this computer, from this computer 01:13.160 --> 01:19.120 to the router, they must move to computer A and then move it to router. 01:19.120 --> 01:23.520 So here we can capture it and we can modify it and we can use it. 01:24.280 --> 01:32.440 So here we are trying to find for example this computer okay 0 to 7 that is here. 01:32.960 --> 01:35.400 So this is the computer for hacker okay. 01:35.440 --> 01:41.400 It will send a packet and it is called ARP request. 01:41.400 --> 01:43.240 You may ask what is ERP. 01:44.280 --> 01:49.040 Okay ERP stands for Address Resolution protocol okay. 01:49.080 --> 01:52.960 It allows us to link IP to Mac address. 01:53.680 --> 02:01.680 So first it will send a mac a packet to all computer all clients okay. 02:01.800 --> 02:05.840 There is a broadcast Mac a broadcast packet okay. 02:06.520 --> 02:13.970 It will go to router there and say, who has this IP to this computer, to this computer, to this D 02:14.010 --> 02:15.970 computer D and. 02:18.010 --> 02:20.450 All this computer will not answer. 02:20.450 --> 02:24.290 Only the computer will answer that has this IP address. 02:24.290 --> 02:27.290 And that is here in 027. 02:27.890 --> 02:29.650 And that is in here. 02:29.650 --> 02:32.530 It will say that I have 027. 02:32.530 --> 02:35.530 And my Mac address is this one okay. 02:37.490 --> 02:40.370 And this packet is called ARP response. 02:40.970 --> 02:43.210 The first one is called ARP request. 02:43.250 --> 02:49.090 It is a broadcast packet okay that will send to all clients. 02:49.090 --> 02:57.530 And the response is a packet that only hacker computer receives from the client that has this IP. 02:57.570 --> 02:58.010 Okay. 02:58.050 --> 02:59.970 The IP that is requested. 03:00.410 --> 03:03.650 And here it is giving its Mac address. 03:03.650 --> 03:10.290 Now the hacker computer has its Mac address and now it can do anything it wants. 03:10.330 --> 03:10.770 Okay. 03:11.130 --> 03:12.930 So Very easy. 03:13.290 --> 03:24.530 Now here we are going to, uh, use, uh, library or, um, okay, a library called Scapy to do this. 03:24.650 --> 03:25.050 Okay. 03:26.730 --> 03:27.770 We need to use it. 03:28.170 --> 03:36.810 You may know what is a module or what is a library because already I think in Python basic section, 03:36.810 --> 03:44.650 I, I give you a simple introduction to what is a library or what is a module and how we can use it. 03:44.650 --> 03:48.050 So here we are going to use Scapy module okay. 03:48.090 --> 03:50.090 Let's first import that. 03:52.330 --> 03:52.810 Okay. 03:54.570 --> 04:01.090 Import Scapy dot all as something like Scapy. 04:01.130 --> 04:02.050 Okay. 04:02.050 --> 04:10.010 What is this man you may ask what is this mean okay skip dot all as something as something like scapy 04:10.010 --> 04:14.490 or anything you want is this is called aliasing okay. 04:14.570 --> 04:16.850 You don't use all this thing. 04:16.890 --> 04:17.130 Okay? 04:17.170 --> 04:22.130 Instead of using all this in your code, you rename it. 04:22.170 --> 04:22.370 Okay. 04:22.410 --> 04:25.890 You just use Scapy and it is very easy. 04:25.890 --> 04:30.690 Or you can even use a C or ace or anything. 04:30.690 --> 04:31.130 Okay. 04:32.370 --> 04:34.610 It's just a name. 04:34.650 --> 04:37.210 And then here we can use it. 04:37.210 --> 04:39.810 Let's create a function or define a function. 04:39.810 --> 04:41.490 I'm going to name it scan. 04:41.850 --> 04:48.050 Here we need to give the IP of a computer that you want to send the packet to. 04:48.090 --> 04:54.170 And here I am going to use this scapy that I just renamed okay. 04:54.170 --> 04:58.050 And it has a function called ARP okay. 04:58.090 --> 05:02.770 Use dot and then ARP or ping. 05:03.130 --> 05:03.930 Ping. 05:03.930 --> 05:09.490 And here just give the IP that is coming from here okay. 05:09.530 --> 05:11.810 As argument. 05:11.810 --> 05:17.530 And later on we can use this function or we can call it. 05:17.530 --> 05:21.090 And here I am going to use or Recall the scan function. 05:21.450 --> 05:27.810 And here I need to give the IP address for example for my router. 05:28.170 --> 05:32.410 Let's come here and use route dash. 05:32.970 --> 05:34.170 And let's hit enter. 05:34.610 --> 05:36.450 You see we have a gateway here. 05:36.490 --> 05:37.250 Okay. 05:37.290 --> 05:41.690 This gateway is the router okay ten 021. 05:42.170 --> 05:50.770 And now if I give this chain 0 to 1 and save it. 05:53.810 --> 05:59.050 And let's go to city document. 05:59.930 --> 06:00.530 Alice. 06:00.530 --> 06:03.890 City Python project for ethical hacking. 06:05.570 --> 06:06.210 Alice. 06:06.850 --> 06:07.210 Okay. 06:07.210 --> 06:08.610 We have network scanner. 06:08.650 --> 06:13.450 Okay, so let's change the directory to network scanner. 06:13.650 --> 06:14.090 Alice. 06:14.130 --> 06:17.010 Now you see we have the network scanner file here. 06:17.450 --> 06:22.290 Let's use pseudo python network scanner dot pi. 06:22.330 --> 06:23.130 Hit enter. 06:23.170 --> 06:24.540 Provide a password. 06:24.580 --> 06:25.340 Hit enter. 06:26.060 --> 06:27.660 And here you see. 06:29.820 --> 06:32.780 It says receive only one packet. 06:32.820 --> 06:33.100 Okay. 06:33.140 --> 06:36.100 Got one answer remaining zero packet. 06:36.780 --> 06:41.460 And you see this is the IP address for router. 06:41.460 --> 06:45.700 And this one is the Mac address for router. 06:45.740 --> 06:46.100 Okay. 06:46.140 --> 06:55.660 Now by using this simple program that you see here only 12344 lines of code or with spaces, we have 06:55.660 --> 06:56.900 six lines of code. 06:57.260 --> 07:07.180 Now you're able to get the Mac address for any computer, any client that you have its IP address. 07:07.180 --> 07:11.660 Now I have the Mac address for my router okay. 07:11.700 --> 07:13.580 Very easy, very simple. 07:14.380 --> 07:22.860 And through this section we will improve this program to get the Mac address for all the client. 07:22.900 --> 07:27.300 Okay so thanks for watching and I will see you in the next lecture.