4

The Windows API contains a very handy function called SendARP. You can give it some source IP and a destination IP and it gives you the MAC address of the client with that destination IP. Also, this function can be used by standard users on Windows, i.e. does not need Administrator privileges.

Does the Linux API have a function that does the same as straightforward as SendARP?

I already thought about doing calls like ping -c 1 xxx.xxx.xxx.xxx and then parse the output of arp -a -v (of course while wrapping these commands in popen), but this seems rather ineffient, not to mention possible security issues that may arise by calling external programs. Sadly, Wine is missing SendARP as well, it is marked as a stub in iphlpapi.

Please note that the answer should be executable as a normal user as well, i.e. without root privileges (otherwise I could just create a raw socket and construct the ARP packet myself, but this requires the executable to have the CAP_NET_RAW capability, which needs to be assigned to it by root, explained here).

Community
  • 1
  • 1
sigalor
  • 901
  • 11
  • 24
  • Possible duplicate of [arp request and reply using c socket programming](http://stackoverflow.com/questions/16710040/arp-request-and-reply-using-c-socket-programming) – hek2mgl Jul 26 '16 at 13:52
  • 2
    The Linux (Unix) philosophy is to have specific tools you combine to build your own, not have many tools for every imaginable function. – m0skit0 Jul 26 '16 at 13:53
  • I agree with m0skit0. On Linux you can send ARP packets like any other packet using a [*raw socket*](https://stackoverflow.com/questions/16710040/arp-request-and-reply-using-c-socket-programming) – hek2mgl Jul 26 '16 at 13:54
  • @hek2mgl http://stackoverflow.com/q/16710040/2988730 is a related question but not a dupe. On Linux, there are many libraries that combine tools for you. This is how these libraries come into being. I am sure `SendARP` is built on top of raw sockets on Windows too. – Mad Physicist Jul 26 '16 at 13:58
  • 1
    @MadPhysicist Then it is off-topic because it "asks for a tool or a library". – hek2mgl Jul 26 '16 at 13:59
  • 1
    But for raw sockets, an executable needs the CAP_NET_RAW capability, which needs to be assigned to it by root (explained here: http://stackoverflow.com/a/9772141). – sigalor Jul 26 '16 at 14:01
  • There is an `arping` command. Also, Ubuntu (and probably many other distros) has a command `arpsend` in the `vzctl` package. – Mad Physicist Jul 26 '16 at 14:01
  • @sigalor Yes, it directly or indirectly requires root privileges. No way around this. – hek2mgl Jul 26 '16 at 14:02
  • @hek2mgl. While I am curious to see a definitive answer, I feel morally obligated to vote to close. – Mad Physicist Jul 26 '16 at 14:02
  • @MadPhysicist Take my comment as a definite answer. Creating raw sockets on Linux requires CAP_NET_RAW privileges. For issuing an ARP request you need a raw socket or a library function (of whatever library) which itself is using a raw socket. – hek2mgl Jul 26 '16 at 14:04
  • 1
    By definitive answer I meant something with detailed explanation and preferably examples. – Mad Physicist Jul 26 '16 at 14:06

0 Answers0