Lan discovery (bash)

Moderators: digital, horus

Lan discovery (bash)

Postby analyzer on 30 May 2008, 20:02

With this script you can discover hosts connected to your network (use with caution, network admins don't usually like these kinds of tools) :)

Code: Select all
#!/bin/bash
# Lan discovery by analyzer (requesthelp@free.fr).
############################################
# THIS CAN BE MODIFIED
sleeptime="1"
############################################

# Normal color
NORMAL='\033[0;39m'
# RED: Error message
RED='\033[1;31m'
# YELLOW: Warning message
YELLOW='\033[1;33m'
# GREEN: Success message
GREEN='\033[1;32m'

RES_COL=70
MOVE_TO_COL="\\033[${RES_COL}G"

[[ $# -ne 1 ]] && echo "USAGE: $0 interface" && exit 1

uid=`id -u` && [ "$uid" = "0" ] || { echo "This script binds ping to the specified interface, you must be root !"; exit; }

interface=$1

echo -n "Checking interface $interface ...      "
sleep $sleeptime
if [ `ifconfig $interface | grep -c "UP"` != "0" ] ; then
   echo -e "$MOVE_TO_COL[ ${GREEN}OK${NORMAL} ]"
else
   echo -e "$MOVE_TO_COL[ ${RED}KO${NORMAL} ] => (interface is not available)"
   exit
fi

echo -n "Retrieving address IP for interface $interface ...      "
IP=`ifconfig $interface | perl -ne 'if ( m/^\s*inet (?:addr:)?([\d.]+).*?cast/ ) { print qq($1\n); exit 0; }'`
sleep $sleeptime
if [[ ! "$IP" ]] ; then
   echo -e "$MOVE_TO_COL[ ${RED}KO${NORMAL} ] => (IP not retrieved)"
   exit
fi

echo "$IP" | awk -F. '{
   if ( (($1>=0) && ($1<=255)) && (($2>=0) && ($2<=255)) && (($3>=0) && ($3<=255)) && (($4>=0) && ($4<=255)) ) {
      exit 1;
   } else {
      exit 0;
   }
}'

[[ $? -eq 0 ]] && echo -e "$MOVE_TO_COL[ ${RED}KO${NORMAL} ]" && exit

echo -e "$MOVE_TO_COL[ ${GREEN}OK${NORMAL} ] => $IP"


echo -n "Retrieving netmask for interface $interface ...      "
NETMASK=`ifconfig $interface | perl -ne 'if ( m/^.*Mask:([\d.]+).*$/ ) { print qq($1\n); exit 0; }'`
sleep $sleeptime
if [[ ! "$NETMASK" ]] ; then
   echo -e "$MOVE_TO_COL[ ${RED}KO${NORMAL} ] => (NETMASK not retrieved)"
   exit
fi

echo "$NETMASK" | awk -F. '{
   if ( (($1>=0) && ($1<=255)) && (($2>=0) && ($2<=255)) && (($3>=0) && ($3<=255)) && (($4>=0) && ($4<=255)) ) {
      exit 1;
   } else {
      exit 0;
   }
}'

[[ $? -eq 0 ]] && echo -e "$MOVE_TO_COL[ ${RED}KO${NORMAL} ]" && exit

echo -e "$MOVE_TO_COL[ ${GREEN}OK${NORMAL} ] => $NETMASK"


[[ -n $IP ]] && [[ -n $NETMASK ]] && eval `ipcalc --network $IP $NETMASK`

echo -n "Determining network information ...      "
[[ -n $IP ]] && [[ -n $NETMASK ]] && eval `ipcalc --prefix $IP $NETMASK`
[[ ! $PREFIX ]] && echo -e "$MOVE_TO_COL[ ${RED}KO${NORMAL} ]" && exit

NBHOSTS=$((2**(32-$PREFIX)-2))
if [ $NBHOSTS -gt 32768 ] ; then
   echo -e "$MOVE_TO_COL[ ${RED}KO${NORMAL} ] => Network too big ($NBHOSTS hosts)"
   exit
fi

echo -e "$MOVE_TO_COL[ ${GREEN}OK${NORMAL} ]"

echo -n "Discovery on network '$NETWORK' started ... ($NBHOSTS hosts)"
echo "Scan started ..." > ./resume.txt
subnet=`echo "$NETWORK" | cut -d. -f-2`

firstaddr1=`echo "$NETWORK" | cut -d. -f3`
lastaddr1=$((($NBHOSTS+2) / 255))
lastaddr1=$(($lastaddr1 + $firstaddr1))
lastaddr1=$(($lastaddr1-1))

nbhostscanned=0
for addr1 in `seq $firstaddr1 1 $lastaddr1`; do
   for addr2 in `seq 0 1 255`; do
      if [ $nbhostscanned -gt 0 ]; then         # Dont ping base network address
         if [ "$IP" != "${subnet}.${addr1}.${addr2}" ]; then
            (ping -c 1 -t 1 ${subnet}.${addr1}.${addr2} -I $interface > /dev/null && echo "   Found ${subnet}.${addr1}.${addr2}" >> ./resume.txt) &
         fi
      fi
      [[ $nbhostscanned -ge $NBHOSTS ]] && break      # End of job
      let nbhostscanned+=1
   done
done

if [ $nbhostscanned -eq $NBHOSTS ] ; then
   echo -e "$MOVE_TO_COL[ ${GREEN}OK${NORMAL} ] => ($nbhostscanned hosts scanned ...)"
else
   echo -e "$MOVE_TO_COL[ ${YELLOW}OK${NORMAL} ] => ($nbhostscanned hosts scanned ...)"
fi

sleep 3
echo "End of scan ..." >> ./resume.txt
nbalive=`cat ./resume.txt | grep -v "$IP" | wc -l`
let nbalive-=2
if [ $nbalive -gt 0 ] ; then
   echo -e "Found [ ${GREEN}${nbalive}${NORMAL} ] hosts alive on network '$NETWORK' ! => Detail in file ./resume.txt"
else
   echo -e "Found [ ${RED}${nbalive}${NORMAL} ] host alive on network '$NETWORK' ..."
fi
analyzer
Administrateur
Administrateur
 
Posts: 27
Joined: 22 Mar 2005, 19:37

Return to General

Who is online

Users browsing this forum: No registered users and 1 guest

cron