4

I found this code online and found that it doesn't work on OSX. Does anyone know the correct method without using a third party library?

import socket
import struct
import binascii
rawSocket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(0x0003))
while True:
    packet = rawSocket.recvfrom(2048)
    ethernet_header = packet[0][0:14]
    ethernet_detailed = struct.unpack(“!6s6s2s”, ethernet_header)
    arp_header = packet[0][14:42]
    arp_detailed = struct.unpack(“2s2s1s1s2s6s4s6s4s”, arp_header)
    # skip non-ARP packets
    ethertype = ethernet_detailed[2]
    if ethertype != ‘\x08\x06’:
        continue
    source_mac = binascii.hexlify(arp_detailed[5])
    dest_ip = socket.inet_ntoa(arp_detailed[8])
    if source_mac == ‘74c24671971c’:
        print “Tide button pressed!, IP = “ + dest_ip

apparantly OSX does not have AF_PACKET or PF_PACKET and AF_INET is too high level for this I think, or at the very least requires more recoding than a drop in replacement.

Thanks

Improve this question

1 Answer 1

Reset to default
3

ok I figured this one out, on a mac I have to use pcap library. Here is the code I came up with.

#!/usr/bin/env python2.7

import sys, binascii, subprocess
import dpkt, pcap, socket

cottonelle = 'f0272d8b52c0'

def main():
    name = pcap.lookupdev()
    try:
        pc = pcap.pcap(name)
    except:
        print pc.geterr()

    try:
        print 'listening on %s' % (pc.name)
        for ts, pkt in pc:
            eth = dpkt.ethernet.Ethernet(pkt)
            ip_hdr = eth.data
            if eth.type != dpkt.ethernet.ETH_TYPE_ARP:
                continue
            if binascii.hexlify(eth.src) == cottonelle:
                subprocess.call("/usr/local/bin/stopsim", shell=True)
    except Exception as e:
        print e, pc.geterr()

if __name__ == '__main__':
    main()
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Could you post a link to a github gist? I'm having the same issue.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.