Skip to content

Instantly share code, notes, and snippets.

@otobrglez

otobrglez/REPORT.md

Created May 19, 2017 12:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save otobrglez/355adde72570629d7195fe489a21938a to your computer and use it in GitHub Desktop.
Save otobrglez/355adde72570629d7195fe489a21938a to your computer and use it in GitHub Desktop.
Download ZIP
arp-scan / arp-fingerprint "bomb"
Raw
REPORT.md

Problem && how to replicate?

  1. Najprej arp-scan
sudo arp-scan -r 3 -b 2 --localnet --ouifile=data/nmap-mac-prefixes.txt

Output:

Interface: en0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.9 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.168.1 d4:ca:6d:34:db:80 Routerboard.com
192.168.168.151 28:5a:eb:99:d5:62 Apple
192.168.168.153 b8:e8:56:36:0a:64 Apple
192.168.168.154 98:01:a7:8f:60:ef Apple
192.168.168.163 a4:5e:60:de:3c:91 Apple
192.168.168.205 9c:b6:d0:d9:a8:f5 Rivet Networks
192.168.168.221 54:72:4f:0b:85:c3 Apple
192.168.168.222 6c:72:e7:93:cb:26 Apple
192.168.168.251 78:f8:82:cc:34:c4 LG
192.168.168.252 54:72:4f:0b:85:c3 Apple
192.168.168.253 28:5a:eb:99:d5:62 Apple
192.168.168.254 a4:5e:60:de:3c:91 Apple

2301 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.9: 256 hosts scanned in 4.112 seconds (62.26 hosts/sec). 12 responded
  1. Potem arp-fingerprint "random" hosta
sudo arp-fingerprint 192.168.168.222

Output:

# some OS information
  1. Beng!

Information / versions

arp-scan 1.9

Copyright (C) 2005-2013 Roy Hills, NTA Monitor Ltd.
arp-scan comes with NO WARRANTY to the extent permitted by law.
You may redistribute copies of arp-scan under the terms of the GNU
General Public License.
For more information about these matters, see the file named COPYING.

libpcap version 1.8.1 -- Apple version 67.50.2
$Id: arp-scan.c 19582 2013-04-28 17:11:17Z rsh $
$Id: error.c 19550 2013-04-15 09:24:42Z rsh $
$Id: wrappers.c 19550 2013-04-15 09:24:42Z rsh $
$Id: utils.c 19550 2013-04-15 09:24:42Z rsh $
$Id: link-bpf.c 19580 2013-04-26 15:52:31Z rsh $

/usr/local/bin/arp-fingerprint version [unknown] calling Getopt::Std::getopts (version 1.07 [paranoid]),
running under Perl version 5.18.2.
  [Now continuing due to backward compatibility and excessive paranoia.
   See 'perldoc Getopt::Std' about $Getopt::Std::STANDARD_HELP_VERSION.]
Usage: arp-fingerprint [options] <target>
Fingerprint the target system using arp-scan.

'options' is one or more of:
        -h Display this usage message.
        -v Give verbose progress messages.
  -o <option-string> Pass specified options to arp-scan
  • OSX 10.12.4 (16E195)
  • arp-scan via homebrew
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment