ASPIRE

Kali Linux下的ARP侦测工具__netdiscover

Kali Linux下的ARP侦测工具__netdiscover
root@hi:~# netdiscover -h
Netdiscover 0.3-beta7 [Active/passive arp reconnaissance tool]
Written by: Jaime Penalba <[email protected]>

Usage: netdiscover [-i device] [-r range | -l file | -p] [-s time] [-n node] [-c count] [-f] [-d] [-S] [-P] [-C]
  -i device: your network device
  -r range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
  -l file: scan the list of ranges contained into the given file
  -p passive mode: do not send anything, only sniff
  -F filter: Customize pcap filter expression (default: "arp")
  -s time: time to sleep between each arp request (miliseconds)
  -n node: last ip octet used for scanning (from 2 to 253)
  -c count: number of times to send each arp reques (for nets with packet loss)
  -f enable fastmode scan, saves a lot of time, recommended for auto
  -d ignore home config files for autoscan and fast mode
  -S enable sleep time supression betwen each request (hardcore mode)
  -P print results in a format suitable for parsing by another program
  -L in parsable output mode (-P), continue listening after the active scan is completed

If -r, -l or -p are not enabled, netdiscover will scan for common lan addresses.
如果不带任何参数的话,netdiscover命令或从常见的局域网地址进行扫描,如:192.168.0.0-192.168.254.0/24,/16,/8
使用示例:

root@hi:~# netdiscover
 
 Currently scanning: 192.168.93.0/16   |   Screen View: Unique Hosts
 
 29 Captured ARP Req/Rep packets, from 10 hosts.   Total size: 1740
 _____________________________________________________________________________
   IP            At MAC Address      Count  Len   MAC Vendor
 -----------------------------------------------------------------------------
 192.168.1.7     44:6d:57:e1:35:4c    06    360   Unknown vendor
 192.168.1.1     1c:fa:68:11:ef:57    03    180   Unknown vendor
 192.168.1.100   20:68:9d:92:f3:d7    06    360   Unknown vendor
 192.168.1.102   fc:25:3f:90:a9:c4    01    060   Unknown vendor
 192.168.1.106   20:68:9d:1b:b0:54    02    120   Unknown vendor
 192.168.1.104   0c:8b:fd:0b:bb:16    03    180   Unknown vendor
 192.168.1.187   50:46:5d:b2:22:4a    01    060   Unknown vendor
 192.168.1.190   60:a4:4c:33:0d:07    01    060   Unknown vendor
 192.168.1.103   30:85:a9:f6:38:9f    04    240   Unknown vendor
 192.168.1.111   20:68:9d:1b:b0:54    02    120   Unknown vendor

 

使用-r选项手动指定扫描区间(CIDR地址块形式):
root@hi:~/Desktop/2014-2# netdiscover -r 192.168.1.1/24
 
 Currently scanning: Finished!   |   Screen View: Unique Hosts
 
 94 Captured ARP Req/Rep packets, from 8 hosts.   Total size: 5640
 _____________________________________________________________________________
   IP            At MAC Address      Count  Len   MAC Vendor
 -----------------------------------------------------------------------------
 192.168.1.100   20:68:9d:92:f3:d7    86    5160   Unknown vendor
 192.168.1.1     1c:fa:68:11:ef:57    01    060   Unknown vendor
 192.168.1.7     44:6d:57:e1:35:4c    02    120   Unknown vendor
 192.168.1.106   20:68:9d:1b:b0:54    01    060   Unknown vendor
 192.168.1.104   0c:8b:fd:0b:bb:16    01    060   Unknown vendor
 192.168.1.111   20:68:9d:1b:b0:54    01    060   Unknown vendor
 192.168.1.187   50:46:5d:b2:22:4a    01    060   Unknown vendor
 192.168.1.190   60:a4:4c:33:0d:07    01    060   Unknown vendor

效果还是很不错的,速度很快,比用Wireshark抓包自己分析要快和方便。

admin

, ,
,

《“Kali Linux下的ARP侦测工具__netdiscover”》 有 1 条评论

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注