如何通过已知MAC地址获取主机的IP地址，使用Python / Scapy

你可以使用ARP缓存中的信息：

> arp -a 
localhost (10.37.129.2) at 0:1c:42:0:0:9 on vnic1 ifscope permanent [ethernet]
localhost (10.37.129.255) at ff:ff:ff:ff:ff:ff on vnic1 ifscope [ethernet]
localhost (10.211.55.2) at 0:1c:42:0:0:8 on vnic0 ifscope permanent [ethernet]
localhost (10.211.55.255) at ff:ff:ff:ff:ff:ff on vnic0 ifscope [ethernet]
fritz.slwlan.box (192.168.0.1) at 0:4:e:2b:28:16 on en1 ifscope [ethernet]

你可以自己在Unix系统上运行“arp -a”命令，然后解析结果，或者你也可以查看

http://libdnet.sourceforge.net/dnet.html

这个链接，它可以让你通过Python访问ARP缓存。

也许你可以使用 arp-scan，但这样的话你就需要以管理员身份运行这个程序了，具体原因可以查看 这里:

$ arp-scan --interface=eth0 --localnet
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.5.2 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.1.1     00:c0:9f:09:b8:db       QUANTA COMPUTER, INC.
192.168.1.4     00:02:b3:bb:5c:09       Intel Corporation
192.168.1.3     00:02:b3:bb:66:98       Intel Corporation
192.168.1.5     00:02:a5:90:c3:e6       Compaq Computer Corporation
192.168.1.6     00:c0:9f:0b:91:d1       QUANTA COMPUTER, INC.
192.168.1.8     00:02:b3:3d:13:5e       Intel Corporation
...

34 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.5.2: 256 hosts scanned in 1.717 seconds (149.10 hosts/sec).  33 responded