使用netdiscover进行网络发现

概述

脚本小子的日常就是只能介绍一些工具了,今天介绍一个比较简单的工具就是netdiscover了,这个工具最主要就是用来网络发现的

安装

我的环境是在kali下面的,ubuntu的软件源里面也有,所以安装很简单,用包管理器安装就好了
apt install netdiscover

使用

因为工具比较简单所以使用也是比较简单的没有什么复杂的参数
s首先看一下它的help

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
[email protected]:~# netdiscover --help
netdiscover: invalid option -- '-'

Netdiscover 0.3-pre-beta7 [Active/passive arp reconnaissance tool]
Written by: Jaime Penalba <[email protected]>

Usage: netdiscover [-i device] [-r range | -l file | -p] [-m file] [-s time] [-n node] [-c count] [-f] [-d] [-S] [-P] [-c]
-i device: your network device
-r range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
-l file: scan the list of ranges contained into the given file
-p passive mode: do not send anything, only sniff
-m file: scan the list of known MACs and host names
-F filter: Customize pcap filter expression (default: "arp")
-s time: time to sleep between each arp request (milliseconds)
-n node: last ip octet used for scanning (from 2 to 253)
-c count: number of times to send each arp reques (for nets with packet loss)
-f enable fastmode scan, saves a lot of time, recommended for auto
-d ignore home config files for autoscan and fast mode
-S enable sleep time supression between each request (hardcore mode)
-P print results in a format suitable for parsing by another program
-N Do not print header. Only valid when -P is enabled.
-L in parsable output mode (-P), continue listening after the active scan is completed

If -r, -l or -p are not enabled, netdiscover will scan for common lan addresses.

之后介绍一下常用的几个用法吧最简单的就是直接输入netdiscover
之后就是运行它的默认配置然后扫描局域网中所有的机器

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Currently scanning: 192.168.75.0/16   |   Screen View: Unique Hosts                                                           

68 Captured ARP Req/Rep packets, from 21 hosts. Total size: 4080
_____________________________________________________________________________
IP At MAC Address Count Len MAC Vendor / Hostname
-----------------------------------------------------------------------------
192.168.1.2 48:7d:2e:53:81:70 12 720 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.252 48:7d:2e:7f:d5:09 10 600 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.253 48:7d:2e:80:48:f3 18 1080 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.1 48:7d:2e:53:6d:ce 9 540 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.78 f4:5c:89:a9:a5:e5 1 60 Apple, Inc.
192.168.1.82 6c:b3:50:08:02:b4 1 60 Anhui comhigher tech co.,ltd
192.168.1.103 dc:4a:3e:40:91:8b 1 60 Hewlett Packard
192.168.1.50 e0:94:67:3e:89:74 3 180 Intel Corporate
192.168.1.13 d4:61:9d:3b:17:be 1 60 Apple, Inc.
192.168.1.70 3c:2e:f9:46:80:12 1 60 Apple, Inc.
192.168.1.53 98:6f:60:1e:8d:d5 1 60 GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
192.168.1.43 c8:1e:e7:44:90:5b 1 60 Apple, Inc.
192.168.1.108 90:94:97:da:92:94 1 60 HUAWEI TECHNOLOGIES CO.,LTD
192.168.1.49 f4:31:c3:41:35:79 1 60 Apple, Inc.
192.168.1.123 70:ef:00:19:b4:e6 1 60 Apple, Inc.
192.168.1.119 b0:e5:ed:7e:8a:38 1 60 HUAWEI TECHNOLOGIES CO.,LTD
192.168.1.128 54:dc:1d:44:86:ce 1 60 Yulong Computer Telecommunication Scientific (Shenzhen) Co.,Ltd
192.168.1.76 4c:57:ca:af:7e:2a 1 60 Apple, Inc.
192.168.1.83 a4:f1:e8:9a:cd:3b 1 60 Apple, Inc.
192.168.1.81 f4:0f:24:1a:9e:61 1 60 Apple, Inc.
192.168.1.3 24:1f:a0:27:60:d1 1 60 HUAWEI TECHNOLOGIES CO.,LTD

默认的配置扫描网络会比较慢因为你可以看到是扫描B类地址的,所以在局域网中我们没必要这么复杂输入下面就好了

netdiscover -i eth0 -r 192.168.1.1/24

-i是指定网卡
-r是指定ip地址的范围

之后大家可以看一下结果

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
Currently scanning: Finished!   |   Screen View: Unique Hosts                                                                 

1164 Captured ARP Req/Rep packets, from 29 hosts. Total size: 69840
_____________________________________________________________________________
IP At MAC Address Count Len MAC Vendor / Hostname
-----------------------------------------------------------------------------
192.168.1.2 48:7d:2e:53:81:70 254 15240 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.252 48:7d:2e:7f:d5:09 238 14280 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.253 48:7d:2e:80:48:f3 223 13380 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.1 48:7d:2e:53:6d:ce 144 8640 TP-LINK TECHNOLOGIES CO.,LTD.
192.168.1.78 f4:5c:89:a9:a5:e5 1 60 Apple, Inc.
192.168.1.50 e0:94:67:3e:89:74 9 540 Intel Corporate
192.168.1.36 14:bd:61:9a:73:6c 1 60 Apple, Inc.
192.168.1.43 c8:1e:e7:44:90:5b 3 180 Apple, Inc.
192.168.1.82 6c:b3:50:08:02:b4 4 240 Anhui comhigher tech co.,ltd
192.168.1.103 dc:4a:3e:40:91:8b 6 360 Hewlett Packard
192.168.1.70 3c:2e:f9:46:80:12 5 300 Apple, Inc.
192.168.1.76 4c:57:ca:af:7e:2a 5 300 Apple, Inc.
192.168.1.81 f4:0f:24:1a:9e:61 6 360 Apple, Inc.
192.168.1.83 a4:f1:e8:9a:cd:3b 1 60 Apple, Inc.
192.168.1.53 98:6f:60:1e:8d:d5 5 300 GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
192.168.1.92 e0:c7:67:66:96:e5 1 60 Apple, Inc.
192.168.1.123 70:ef:00:19:b4:e6 5 300 Apple, Inc.
192.168.1.108 90:94:97:da:92:94 13 780 HUAWEI TECHNOLOGIES CO.,LTD
192.168.1.128 54:dc:1d:44:86:ce 2 120 Yulong Computer Telecommunication Scientific (Shenzhen) Co.,Ltd
192.168.1.51 74:23:44:8e:a0:4e 1 60 Xiaomi Communications Co Ltd
192.168.1.72 c0:9f:05:5b:6e:0d 6 360 GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD
192.168.1.13 d4:61:9d:3b:17:be 5 300 Apple, Inc.
192.168.1.119 b0:e5:ed:7e:8a:38 16 960 HUAWEI TECHNOLOGIES CO.,LTD
192.168.1.9 38:ca:da:37:a6:79 3 180 Apple, Inc.
0.0.0.0 70:f0:87:47:ac:03 2 120 Apple, Inc.
192.168.1.16 70:f0:87:47:ac:03 196 11760 Apple, Inc.
192.168.1.132 98:ca:33:27:1c:9a 4 240 Apple, Inc.
0.0.0.0 48:3b:38:d8:ec:42 3 180 Apple, Inc.
192.168.1.33 48:3b:38:d8:ec:42 2 120 Apple, Inc.

为什么会有这么多机器和路由器呢,那是因为我在公寓外面连接了一个公共WiFi,至于在做什么大家可以想象一下。

欢迎关注Bboysoul的博客www.bboy.app
Have Fun

欢迎关注我的其它发布渠道