Jump to content

capture ARP Cache


Recommended Posts

II need to capture arp addresses and ip s as variables. . . hope u guys help

#include <Process.au3>
TrayTip("Intruder Detector","Monitoing Started",2)
Do
$rc = _RunDos("arp -a >c:\ArpList.bin")
$Size=FileGetSize("c:\ArpList.bin")
$intruder=FileRead("c:\ArpList.bin")
if $Size>142 then 
    TrayTip("Network Watcher","Life Connection From"&$intruder,4,2)
;for $line=1 to 10
;$Exclude[$line]=FileReadLine("c:\intruderList.txt",$line)
;if $Exclude[$line]=
    FileWrite("c:\intruderList.txt",@HOUR&":"&@MIN&"--<Connection From:-"&$intruder)
_RunDos("arp -d")
EndIf
    Sleep(5000)
Until $rc=1

Link to comment
Share on other sites

u know when u do an "arp -a" command in dos it displays the arp caches and IPs--> i need to capture each as a variable in and array or something<-- i did it as above but that's not what i want

Link to comment
Share on other sites

From the help file

; Demonstrates StdoutRead()
#include <Constants.au3>

$foo = Run(@ComSpec & " /c dir foo.bar", @SystemDir, @SW_HIDE, $STDERR_CHILD + $STDOUT_CHILD)

While 1
    $line = StdoutRead($foo)
    If @error Then ExitLoop
    MsgBox(0, "STDOUT read:", $line)
Wend

While 1
    $line = StderrRead($foo)
    If @error Then ExitLoop
    MsgBox(0, "STDERR read:", $line)
Wend

MsgBox(0, "Debug", "Exiting...")

Modify the run command and parse the output.

Link to comment
Share on other sites

thanks man for your reply . ...this is the first reply in 5 days. . .bit what irealy want is to capture these ip adresses and arp caches as arrays and variables u know the output of "arp -a" command in dos as to some actions upon them later as pinging them and . . . .etc

Link to comment
Share on other sites

thanks man for your reply . ...this is the first reply in 5 days. . .bit what irealy want is to capture these ip adresses and arp caches as arrays and variables u know the output of "arp -a" command in dos as to some actions upon them later as pinging them and . . . .etc

That is the modification part. Use String* functions to parse the output from arp -a and put the result in an array. When done make it an UDF and post it in scripts so the next person only have to search for arp to find it..:)

EDIT: StringRegExp is perfect for the task.

Edited by Uten
Link to comment
Share on other sites

check this pic please

Modified example above, added output parsing:

#include <Constants.au3>

$foo = Run("arp -a", @SystemDir, @SW_HIDE, $STDOUT_CHILD)

Global $line = ""

While 1
    $line = $line & StdoutRead($foo)
    If @error Then ExitLoop
Wend

$result = StringRegExp($line, "(?i)((?:\d{1,3}\.){3}\d{1,3})\s+?((?:[0-9A-F]{2}-){5}[0-9A-F]{2})", 3)

For $i = 0 to UBound($result) - 1 step 2
    MsgBox(0, UBound($result) / 2, "IP:     " & $result[$i] & @CRLF & "MAC: " & $result[$i+1])
Next
Link to comment
Share on other sites

1st of thanks alot it was nice u should do the UDF file u did it . .. . . . sorry for being late my computer got disconnected for days . . . thanks again i hope u follow my topics cause i got alot . . . .thanks again

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...