Sign in to follow this  
Followers 0
Ibrahim

capture ARP Cache

12 posts in this topic

II need to capture arp addresses and ip s as variables. . . hope u guys help

#include <Process.au3>
TrayTip("Intruder Detector","Monitoing Started",2)
Do
$rc = _RunDos("arp -a >c:\ArpList.bin")
$Size=FileGetSize("c:\ArpList.bin")
$intruder=FileRead("c:\ArpList.bin")
if $Size>142 then 
    TrayTip("Network Watcher","Life Connection From"&$intruder,4,2)
;for $line=1 to 10
;$Exclude[$line]=FileReadLine("c:\intruderList.txt",$line)
;if $Exclude[$line]=
    FileWrite("c:\intruderList.txt",@HOUR&":"&@MIN&"--<Connection From:-"&$intruder)
_RunDos("arp -d")
EndIf
    Sleep(5000)
Until $rc=1

Share this post


Link to post
Share on other sites



u know when u do an "arp -a" command in dos it displays the arp caches and IPs--> i need to capture each as a variable in and array or something<-- i did it as above but that's not what i want

Share this post


Link to post
Share on other sites

From the help file

; Demonstrates StdoutRead()
#include <Constants.au3>

$foo = Run(@ComSpec & " /c dir foo.bar", @SystemDir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)

While 1
    $line = StdoutRead($foo)
    If @error Then ExitLoop
    MsgBox(0, "STDOUT read:", $line)
Wend

While 1
    $line = StderrRead($foo)
    If @error Then ExitLoop
    MsgBox(0, "STDERR read:", $line)
Wend

MsgBox(0, "Debug", "Exiting...")

Modify the run command and parse the output.

Share this post


Link to post
Share on other sites

thanks man for your reply . ...this is the first reply in 5 days. . .bit what irealy want is to capture these ip adresses and arp caches as arrays and variables u know the output of "arp -a" command in dos as to some actions upon them later as pinging them and . . . .etc

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

thanks man for your reply . ...this is the first reply in 5 days. . .bit what irealy want is to capture these ip adresses and arp caches as arrays and variables u know the output of "arp -a" command in dos as to some actions upon them later as pinging them and . . . .etc

That is the modification part. Use String* functions to parse the output from arp -a and put the result in an array. When done make it an UDF and post it in scripts so the next person only have to search for arp to find it..:)

EDIT: StringRegExp is perfect for the task.

Edited by Uten

Share this post


Link to post
Share on other sites

check this pic please

Modified example above, added output parsing:

#include <Constants.au3>

$foo = Run("arp -a", @SystemDir, @SW_HIDE, $STDOUT_CHILD)

Global $line = ""

While 1
    $line = $line & StdoutRead($foo)
    If @error Then ExitLoop
Wend

$result = StringRegExp($line, "(?i)((?:\d{1,3}\.){3}\d{1,3})\s+?((?:[0-9A-F]{2}-){5}[0-9A-F]{2})", 3)

For $i = 0 to UBound($result) - 1 step 2
    MsgBox(0, UBound($result) / 2, "IP:     " & $result[$i] & @CRLF & "MAC: " & $result[$i+1])
Next

Share this post


Link to post
Share on other sites

1st of thanks alot it was nice u should do the UDF file u did it . .. . . . sorry for being late my computer got disconnected for days . . . thanks again i hope u follow my topics cause i got alot . . . .thanks again

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0