Jump to content
Sign in to follow this  
SoulA

ARP Packet

Recommended Posts

SoulA

I finished converting one of the example scripts that came with packetx on how to send an ARP packet so I thought I would share. You need to get packetx and winpcap I believe. This program is also a CUI program that must be compiled and run form the command line.

One note is that I couldn't get this to work on Vista. DEP would constantly kill the program when I tried to get the IP address of the interface you select. It works on Windows XP however. If anyone can find a good solution to this problem please let me know.

#NoTrayIcon
#AutoIt3Wrapper_Change2CUI=y

Global $oPktX = ObjCreate("PktX.PacketX")
If Not IsObj($oPktX) Then 
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

For $i = 1 to $oPktX.Adapters.Count
    If $oPktX.Adapters($i).Isgood Then
        ConsoleWrite($i & ". " & $oPktX.Adapters($i).Description & @CRLF)
    EndIf
Next
ConsoleWrite("Choose Adapter: ")

$oPktX.Adapter = $oPktX.Adapters(Number(cmdRead()))

$sHWAddr = $oPktX.Adapter.HWAddress
ConsoleWrite("MAC Address = " & $sHWAddr & @CRLF)

;$sIPMask = $oPktX.Adapter.NetMask
;ConsoleWrite("IP Mask = " & $sIPMask & @CRLF)

$sIPAddr = $oPktX.Adapter.NetIP
ConsoleWrite("IP Address = " & $sIPAddr & @CRLF)

$sIPReso = "192.168.1.1"
$aIPReso = StringSplit($sIPReso, ".")
$aIPAddr = StringSplit($sIPAddr, ".")

Dim $aPacket[60] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _
      0x08, 0x06, 0x00, 0x01, _
      0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _   
      Number($aIPAddr[1]), _
      Number($aIPAddr[2]), _
      Number($aIPAddr[3]), _
      Number($aIPAddr[4]), _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      Number($aIPReso[1]), _
      Number($aIPReso[2]), _
      Number($aIPReso[3]), _
      Number($aIPReso[4]), _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00]
      
$oPktX.Adapter.SendPacket($aPacket, 1) ;send one packet 

Func cmdRead()
    Local $input = ""
    $file = FileOpen("con", 4)
    While 1
        $chr = FileRead($file, 1)
        If $chr = @LF Then ExitLoop
        $input &= BinaryToString($chr)
        Sleep(50)
    WEnd
    FileClose($file)
    $input = StringReplace($input, @CR, "")
    Return $input
EndFunc
Edited by SoulA

Share this post


Link to post
Share on other sites
SoulA

Here is some more code that you can possibly build on. It is a program I called ARPing and I made really quick as a demo of what you might be able to do so there is little to no error checking... so beware. Basically it uses the ARP protocol to see if hosts are alive instead of ping since some networks may have ping or ICMP disabled on their networks. It sends an ARP packet to whatever IP you want and listens for a return packet and if it gets one (which it should if host is alive) then you know that host is online. Again it only works through command line and on Windows XP for some annoying reason.

#NoTrayIcon
#AutoIt3Wrapper_Change2CUI=y

#Region packetx declares
Const $PktXPacketTypePromiscuous = 0x0020
Const $PktXLinkType802_3 = 1
Const $PktXLinkType802_5 = 2
Const $PktXLinkTypeFddi = 3
Const $PktXLinkTypeWan = 4
Const $PktXLinkTypeLocalTalk = 5
Const $PktXLinkTypeDix = 6
Const $PktXLinkTypeArcnetRaw = 7
Const $PktXLinkTypeArcnet878_2 = 8
Const $PktXLinkTypeAtm = 9
Const $PktXLinkTypeWirelessWan = 10
Const $PktXModeCapture = 1

; Protocol types
Const $PktXProtocolTypeEthernet = 1
Const $PktXProtocolTypeIp = 2
Const $PktXProtocolTypeUdp = 3
Const $PktXProtocolTypeTcp = 4
#EndRegion

Global $oPktX = ObjCreate("PktX.PacketX")
If Not IsObj($oPktX) Then 
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

ObjEvent($oPktX, "PacketX_")
If @error Then
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

For $i = 1 to $oPktX.Adapters.Count
    If $oPktX.Adapters($i).Isgood Then
        ConsoleWrite($i & ". " & $oPktX.Adapters($i).Description & @CRLF)
    EndIf
Next
ConsoleWrite("Choose Adapter: ")
$oPktX.Adapter = $oPktX.Adapters(Number(cmdRead()))

ConsoleWrite("Type in IP: ")
$sIPReso = cmdRead()

$sHWAddr = $oPktX.Adapter.HWAddress
;$sIPMask = $oPktX.Adapter.NetMask
;ConsoleWrite("IP Mask = " & $sIPMask & @CRLF)
$sIPAddr = $oPktX.Adapter.NetIP
$aIPReso = StringSplit($sIPReso, ".")
$aIPAddr = StringSplit($sIPAddr, ".")

Dim $aPacket[60] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _
      0x08, 0x06, 0x00, 0x01, _
      0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _   
      Number($aIPAddr[1]), _
      Number($aIPAddr[2]), _
      Number($aIPAddr[3]), _
      Number($aIPAddr[4]), _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      Number($aIPReso[1]), _
      Number($aIPReso[2]), _
      Number($aIPReso[3]), _
      Number($aIPReso[4]), _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00]

$oPktX.Adapter.BuffSize = 256 * 1024 ; 256 KB
$oPktX.Adapter.BuffMinToCopy = 0
$oPktX.Adapter.HWFilter = $PktXPacketTypePromiscuous
$oPktX.Adapter.Mode = $PktXModeCapture

$oPktX.Start
$oPktX.Adapter.SendPacket($aPacket, 1) ;send one packet 

$bAlive = False
$begin = TimerInit()
While TimerDiff($begin) < 10000
    Sleep(20)
    If $bAlive = True Then 
        ConsoleWrite($sIPReso & " is online")
        ExitLoop
    EndIf
WEnd
$oPktX.Stop

If $bAlive = False Then ConsoleWrite($sIPReso & " is offline")

Func PacketX_OnPacket($oPacket)
    AliveCheck($oPacket)
EndFunc   ;==>PacketX_OnPacket

Func cmdRead()
    Local $input = ""
    $file = FileOpen("con", 4)
    While 1
        $chr = FileRead($file, 1)
        If $chr = @LF Then ExitLoop
        $input &= BinaryToString($chr)
        Sleep(50)
    WEnd
    FileClose($file)
    $input = StringReplace($input, @CR, "")
    Return $input
EndFunc

Func AliveCheck($oPacket)
    $aData = $oPacket.Data
    $iHWType = $aData[14] & $aData[15]
    $iProtocolType = $aData[16] & $aData[17]
    $iOPCode = $aData[20] & $aData[21]
    $sSenderIP = $aData[28] & "." & $aData[29] & "." & $aData[30] & "." & $aData[31]
    $sDestMac = ""
    For $i = 32 to 37
        $sDestMac &= Hex($aData[$i], 2) & ":"
    Next
    $sDestMac = StringTrimRight($sDestMac, 1)
    $sDestIP = $aData[38] & "." & $aData[39] & "." & $aData[40] & "." & $aData[41]
    
    If $iHWType = 01 And $iProtocolType = 80 And $iOPCode = 02 And _
    StringCompare($sSenderIP, $sIPReso) = 0 And StringCompare($sDestMac, $sHWAddr) = 0 And _
    StringCompare($sDestIP, $sIPAddr) = 0 Then $bAlive = True
EndFunc   ;==>PrintHead
Edited by SoulA

Share this post


Link to post
Share on other sites
Authenticity

Heh great script :D thanks for the share.

Backtrack adherent? heh oop

Edited by Authenticity

Share this post


Link to post
Share on other sites
SoulA

Scans an IP range.

#NoTrayIcon
#AutoIt3Wrapper_Change2CUI=y

#Region packetx declares
Const $PktXPacketTypePromiscuous = 0x0020
Const $PktXLinkType802_3 = 1
Const $PktXLinkType802_5 = 2
Const $PktXLinkTypeFddi = 3
Const $PktXLinkTypeWan = 4
Const $PktXLinkTypeLocalTalk = 5
Const $PktXLinkTypeDix = 6
Const $PktXLinkTypeArcnetRaw = 7
Const $PktXLinkTypeArcnet878_2 = 8
Const $PktXLinkTypeAtm = 9
Const $PktXLinkTypeWirelessWan = 10
Const $PktXModeCapture = 1

; Protocol types
Const $PktXProtocolTypeEthernet = 1
Const $PktXProtocolTypeIp = 2
Const $PktXProtocolTypeUdp = 3
Const $PktXProtocolTypeTcp = 4
#EndRegion

Global $oPktX = ObjCreate("PktX.PacketX")
If Not IsObj($oPktX) Then 
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

ObjEvent($oPktX, "PacketX_")
If @error Then
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

For $i = 1 to $oPktX.Adapters.Count
    If $oPktX.Adapters($i).Isgood Then
        ConsoleWrite($i & ". " & $oPktX.Adapters($i).Description & @CRLF)
    EndIf
Next
ConsoleWrite("Choose Adapter: ")

$iInput = Number(cmdRead())
If $iInput > $i - 1 Or $iInput < 1 Then usage()
$oPktX.Adapter = $oPktX.Adapters($iInput)

$oPktX.Adapter.BuffSize = 256 * 1024 ; 256 KB
$oPktX.Adapter.BuffMinToCopy = 0
$oPktX.Adapter.HWFilter = $PktXPacketTypePromiscuous
$oPktX.Adapter.Mode = $PktXModeCapture
$sHWAddr = $oPktX.Adapter.HWAddress
$sIPAddr = $oPktX.Adapter.NetIP
$aIPAddr = StringSplit($sIPAddr, ".")

Dim $aPacket[60] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _
      0x08, 0x06, 0x00, 0x01, _
      0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _   
      Number($aIPAddr[1]), _
      Number($aIPAddr[2]), _
      Number($aIPAddr[3]), _
      Number($aIPAddr[4]), _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0, _
      0, _
      0, _
      0, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00]

ConsoleWrite("Type in IP: ")
$sIPReso = cmdRead()

$iNum = 0
If StringInStr($sIPReso, "-") Then
    $aIP = StringSplit($sIPReso, "-")
    If Not IsIPAddress($aIP[1]) Then usage()
    If Not IsIPAddress($aIP[2]) Then usage()
    $aIP1 = StringSplit($aIP[1], ".")
    $aIP2 = StringSplit($aIP[2], ".")
        
    For $i = 1 to 4
        If Number($aIP1[$i]) <> Number($aIP2[$i]) Then ExitLoop
    Next
        
    If Number($aIP1[$i]) > Number($aIP2[$i]) Then usage()   
        
    $time = TimerInit()
    Select
        Case $i = 1
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    For $i2 = 1 to 255
                        For $i3 = 1 to 255
                            $sIPReso = (String($iIP & "." & $i1 & "." & $i2 & "." & $i3))
                            selection($sIPReso, $aPacket)
                            $iNum += 1
                            If $i3 = Number($aIP2[4]) AND $i2 = Number($aIP2[3]) Then ExitLoop
                        Next
                        $iNum += 1
                        If $i2 = Number($aIP2[3]) AND $i1 = Number($aIP2[2]) Then ExitLoop
                    Next
                    $iNum += 1
                    If $i1 = Number($aIP2[2]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 4
        Case $i = 2
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    For $i2 = 1 to 255
                        $sIPReso = (String($aIP2[1] & "." & $iIP & "." & $i1 & "." & $i2))
                        selection($sIPReso, $aPacket)
                        $iNum += 1
                        If $i2 = Number($aIP2[4]) AND $i1 = Number($aIP2[3]) Then ExitLoop
                    Next
                    $iNum += 1
                    If $i1 = Number($aIP2[3]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 3
        Case $i = 3
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $iIP & "." & $i1))
                    selection($sIPReso, $aPacket)
                    $iNum += 1
                    If $i1 = Number($aIP2[4]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 2
        Case $i = 4
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $aIP2[3] & "." & $iIP))
                selection($sIPReso, $aPacket)
                $iNum += 1
            Next
    EndSelect   
    ConsoleWrite("Scanned " & $iNum & " addresses in " & round(TimerDiff($time) / 1000, 2) & " seconds" & @CRLF)    
Else
    If Not IsIPAddress($sIPReso) Then usage()
    selection($sIPReso, $aPacket)
EndIf

Func selection($sIPReso, $aPacket)
    $aIPReso = StringSplit($sIPReso, ".")

    $aPacket[38] = Number($aIPReso[1])
    $aPacket[39] = Number($aIPReso[2])
    $aPacket[40] = Number($aIPReso[3])
    $aPacket[41] = Number($aIPReso[4])

    $oPktX.Start
    $oPktX.Adapter.SendPacket($aPacket, 1) ;send one packet 

    $begin = TimerInit()
    While TimerDiff($begin) < 80
        Sleep(20)
        If $bAlive = True Then 
            ConsoleWrite($sIPReso & " is online" & @CRLF)
            ExitLoop
        EndIf
    WEnd
    $oPktX.Stop

    If $bAlive = False Then ConsoleWrite($sIPReso & " is offline" & @CRLF)
EndFunc

Func PacketX_OnPacket($oPacket)
    Global $bAlive = False
    
    $aData = $oPacket.Data
    $iHWType = $aData[14] & $aData[15]
    $iProtocolType = $aData[16] & $aData[17]
    $iOPCode = $aData[20] & $aData[21]
    $sSenderIP = $aData[28] & "." & $aData[29] & "." & $aData[30] & "." & $aData[31]
    $sDestMac = ""
    For $i = 32 to 37
        $sDestMac &= Hex($aData[$i], 2) & ":"
    Next
    $sDestMac = StringTrimRight($sDestMac, 1)
    $sDestIP = $aData[38] & "." & $aData[39] & "." & $aData[40] & "." & $aData[41]
    
    If $iHWType = 01 And $iProtocolType = 80 And $iOPCode = 02 And _
    StringCompare($sSenderIP, $sIPReso) = 0 And StringCompare($sDestMac, $sHWAddr) = 0 And _
    StringCompare($sDestIP, $sIPAddr) = 0 Then $bAlive = True
EndFunc   ;==>PacketX_OnPacket

Func cmdRead()
    Local $input = ""
    $file = FileOpen("con", 4)
    While 1
        $chr = FileRead($file, 1)
        If $chr = @LF Then ExitLoop
        $input &= BinaryToString($chr)
        Sleep(50)
    WEnd
    FileClose($file)
    $input = StringReplace($input, @CR, "")
    Return $input
EndFunc

Func IsIPAddress($text)
    Return StringRegExp($text, "(((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))")
EndFunc

Func usage()
    ConsoleWrite("Usage: Enter single ip or range divided by - Example 192.168.1.1-192.168.1.10")
    Exit
EndFunc
Edited by SoulA

Share this post


Link to post
Share on other sites
SoulA

This should work on Vista now. I tried on my Vista machine and it seemed to run fine. Hopefully this is now XP and Vista compatible.

#NoTrayIcon
#AutoIt3Wrapper_Change2CUI=y

#Region packetx declares
Const $PktXPacketTypePromiscuous = 0x0020
Const $PktXLinkType802_3 = 1
Const $PktXLinkType802_5 = 2
Const $PktXLinkTypeFddi = 3
Const $PktXLinkTypeWan = 4
Const $PktXLinkTypeLocalTalk = 5
Const $PktXLinkTypeDix = 6
Const $PktXLinkTypeArcnetRaw = 7
Const $PktXLinkTypeArcnet878_2 = 8
Const $PktXLinkTypeAtm = 9
Const $PktXLinkTypeWirelessWan = 10
Const $PktXModeCapture = 1

; Protocol types
Const $PktXProtocolTypeEthernet = 1
Const $PktXProtocolTypeIp = 2
Const $PktXProtocolTypeUdp = 3
Const $PktXProtocolTypeTcp = 4
#EndRegion

Global $oPktX = ObjCreate("PktX.PacketX")
If Not IsObj($oPktX) Then 
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

ObjEvent($oPktX, "PacketX_")
If @error Then
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

For $i = 1 to $oPktX.Adapters.Count
    If $oPktX.Adapters($i).Isgood Then
        ConsoleWrite($i & ". " & $oPktX.Adapters($i).Description & @CRLF)
    EndIf
Next
ConsoleWrite("Choose Adapter: ")

$iInput = Number(cmdRead())
If $iInput > $i - 1 Or $iInput < 1 Then usage()
$sAdapter = $oPktX.Adapters($iInput)
$oPktX.Adapter = $oPktX.Adapters($iInput)

$oPktX.Adapter.BuffSize = 256 * 1024 ; 256 KB
$oPktX.Adapter.BuffMinToCopy = 0
$oPktX.Adapter.HWFilter = $PktXPacketTypePromiscuous
$oPktX.Adapter.Mode = $PktXModeCapture
$sHWAddr = $oPktX.Adapter.HWAddress
$sIPAddr = _GetNetConNames(_NetConsFolderObject(), $sHWAddr)
If Not IsIPAddress($sIPAddr) Then 
    ConsoleWrite("This Adapter has no IP.")
    Exit
EndIf
$aIPAddr = StringSplit($sIPAddr, ".")

Dim $aPacket[60] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _
      0x08, 0x06, 0x00, 0x01, _
      0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _   
      Number($aIPAddr[1]), _
      Number($aIPAddr[2]), _
      Number($aIPAddr[3]), _
      Number($aIPAddr[4]), _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0, _
      0, _
      0, _
      0, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00]

ConsoleWrite("Type in IP: ")
$sIPReso = cmdRead()

$iNum = 0
If StringInStr($sIPReso, "-") Then
    $aIP = StringSplit($sIPReso, "-")
    If Not IsIPAddress($aIP[1]) Then usage()
    If Not IsIPAddress($aIP[2]) Then usage()
    $aIP1 = StringSplit($aIP[1], ".")
    $aIP2 = StringSplit($aIP[2], ".")
        
    For $i = 1 to 4
        If Number($aIP1[$i]) <> Number($aIP2[$i]) Then ExitLoop
    Next
        
    If Number($aIP1[$i]) > Number($aIP2[$i]) Then usage()   
        
    $time = TimerInit()
    Select
        Case $i = 1
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    For $i2 = 1 to 255
                        For $i3 = 1 to 255
                            $sIPReso = (String($iIP & "." & $i1 & "." & $i2 & "." & $i3))
                            selection($sIPReso, $aPacket)
                            $iNum += 1
                            If $i3 = Number($aIP2[4]) AND $i2 = Number($aIP2[3]) Then ExitLoop
                        Next
                        $iNum += 1
                        If $i2 = Number($aIP2[3]) AND $i1 = Number($aIP2[2]) Then ExitLoop
                    Next
                    $iNum += 1
                    If $i1 = Number($aIP2[2]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 4
        Case $i = 2
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    For $i2 = 1 to 255
                        $sIPReso = (String($aIP2[1] & "." & $iIP & "." & $i1 & "." & $i2))
                        selection($sIPReso, $aPacket)
                        $iNum += 1
                        If $i2 = Number($aIP2[4]) AND $i1 = Number($aIP2[3]) Then ExitLoop
                    Next
                    $iNum += 1
                    If $i1 = Number($aIP2[3]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 3
        Case $i = 3
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $iIP & "." & $i1))
                    selection($sIPReso, $aPacket)
                    $iNum += 1
                    If $i1 = Number($aIP2[4]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 2
        Case $i = 4
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $aIP2[3] & "." & $iIP))
                selection($sIPReso, $aPacket)
                $iNum += 1
            Next
    EndSelect   
    ConsoleWrite("Scanned " & $iNum & " addresses in " & round(TimerDiff($time) / 1000, 2) & " seconds" & @CRLF)    
Else
    If Not IsIPAddress($sIPReso) Then usage()
    selection($sIPReso, $aPacket)
EndIf

Func selection($sIPReso, $aPacket)
    $aIPReso = StringSplit($sIPReso, ".")

    $aPacket[38] = Number($aIPReso[1])
    $aPacket[39] = Number($aIPReso[2])
    $aPacket[40] = Number($aIPReso[3])
    $aPacket[41] = Number($aIPReso[4])

    $oPktX.Start
    $oPktX.Adapter.SendPacket($aPacket, 1) ;send one packet 

    $begin = TimerInit()
    While TimerDiff($begin) < 80
        Sleep(20)
        If $bAlive = True Then 
            ConsoleWrite($sIPReso & " is online" & @CRLF)
            ExitLoop
        EndIf
    WEnd
    $oPktX.Stop

    If $bAlive = False Then ConsoleWrite($sIPReso & " is offline" & @CRLF)
EndFunc

Func PacketX_OnPacket($oPacket)
    Global $bAlive = False
    
    $aData = $oPacket.Data
    $iHWType = $aData[14] & $aData[15]
    $iProtocolType = $aData[16] & $aData[17]
    $iOPCode = $aData[20] & $aData[21]
    $sSenderIP = $aData[28] & "." & $aData[29] & "." & $aData[30] & "." & $aData[31]
    $sDestMac = ""
    For $i = 32 to 37
        $sDestMac &= Hex($aData[$i], 2) & ":"
    Next
    $sDestMac = StringTrimRight($sDestMac, 1)
    $sDestIP = $aData[38] & "." & $aData[39] & "." & $aData[40] & "." & $aData[41]
    
    If $iHWType = 01 And $iProtocolType = 80 And $iOPCode = 02 And _
    StringCompare($sSenderIP, $sIPReso) = 0 And StringCompare($sDestMac, $sHWAddr) = 0 And _
    StringCompare($sDestIP, $sIPAddr) = 0 Then $bAlive = True
EndFunc   ;==>PacketX_OnPacket

Func cmdRead()
    Local $input = ""
    $file = FileOpen("con", 4)
    While 1
        $chr = FileRead($file, 1)
        If $chr = @LF Then ExitLoop
        $input &= BinaryToString($chr)
        Sleep(50)
    WEnd
    FileClose($file)
    $input = StringReplace($input, @CR, "")
    Return $input
EndFunc

Func IsIPAddress($text)
    Return StringRegExp($text, "(((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))")
EndFunc

Func usage()
    ConsoleWrite("Usage: Enter single ip or range divided by - Example 192.168.1.1-192.168.1.10")
    Exit
EndFunc

; Find the folder containing the network connection objects
; ==============================================================================================
Func _NetConsFolderObject()
    Local $wbemFlagReturnImmediately = 0x10
    Local $wbemFlagForwardOnly = 0x20
    Local $strComputer = "localhost"
    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
    $colNetwork = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
    Return $colNetwork
EndFunc   ;==>_NetConsFolderObject

; Find the network connection objects
; ==============================================================================================
Func _GetNetConNames($colNetwork, $sMac)
    Dim $strNetworks, $IDXname=0, $IDXstatus=0
    If IsObj($colNetwork) Then
        For $clsConn In $colNetwork
            If StringCompare($sMac, String($clsConn.MacAddress)) = 0 Then 
                $sIP = String($clsConn.IPAddress(0))
                Return $sIP
            EndIf
        Next
    Else
        MsgBox(0, "WMI Output", "No WMI Objects Found for class: " & "Win32_NetworkAdapter")
    EndIf
    Return 0
EndFunc   ;==>GetNetworkNames

Share this post


Link to post
Share on other sites
SoulA

An even faster version:

#NoTrayIcon
#AutoIt3Wrapper_Change2CUI=y

#Region packetx declares
Const $PktXPacketTypePromiscuous = 0x0020
Const $PktXLinkType802_3 = 1
Const $PktXLinkType802_5 = 2
Const $PktXLinkTypeFddi = 3
Const $PktXLinkTypeWan = 4
Const $PktXLinkTypeLocalTalk = 5
Const $PktXLinkTypeDix = 6
Const $PktXLinkTypeArcnetRaw = 7
Const $PktXLinkTypeArcnet878_2 = 8
Const $PktXLinkTypeAtm = 9
Const $PktXLinkTypeWirelessWan = 10
Const $PktXModeCapture = 1

; Protocol types
Const $PktXProtocolTypeEthernet = 1
Const $PktXProtocolTypeIp = 2
Const $PktXProtocolTypeUdp = 3
Const $PktXProtocolTypeTcp = 4
#EndRegion

Global $iAlive = 0

Global $oPktX = ObjCreate("PktX.PacketX")
If Not IsObj($oPktX) Then 
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

ObjEvent($oPktX, "PacketX_")
If @error Then
    MsgBox(0, "ERROR", "No Object")
    Exit
EndIf

For $i = 1 to $oPktX.Adapters.Count
    If $oPktX.Adapters($i).Isgood Then
        ConsoleWrite($i & ". " & $oPktX.Adapters($i).Description & @CRLF)
    EndIf
Next
ConsoleWrite("Choose Adapter: ")

$iInput = Number(cmdRead())
If $iInput > $i - 1 Or $iInput < 1 Then usage()
$sAdapter = $oPktX.Adapters($iInput)
$oPktX.Adapter = $oPktX.Adapters($iInput)

$oPktX.Adapter.BuffSize = 256 * 1024 ; 256 KB
$oPktX.Adapter.BuffMinToCopy = 0
$oPktX.Adapter.HWFilter = $PktXPacketTypePromiscuous
$oPktX.Adapter.Mode = $PktXModeCapture
$sHWAddr = $oPktX.Adapter.HWAddress
$sIPAddr = _GetNetConNames(_NetConsFolderObject(), $sHWAddr)
If Not IsIPAddress($sIPAddr) Then 
    ConsoleWrite("This Adapter has no IP.")
    Exit
EndIf
$aIPAddr = StringSplit($sIPAddr, ".")

Dim $aPacket[60] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _
      0x08, 0x06, 0x00, 0x01, _
      0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _
      Number(Dec(StringMid($sHWAddr, 1, 2))), _
      Number(Dec(StringMid($sHWAddr, 4, 2))), _
      Number(Dec(StringMid($sHWAddr, 7, 2))), _
      Number(Dec(StringMid($sHWAddr, 10, 2))), _
      Number(Dec(StringMid($sHWAddr, 13, 2))), _
      Number(Dec(StringMid($sHWAddr, 16, 2))), _   
      Number($aIPAddr[1]), _
      Number($aIPAddr[2]), _
      Number($aIPAddr[3]), _
      Number($aIPAddr[4]), _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0, _
      0, _
      0, _
      0, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00]

ConsoleWrite("Type in single IP address or range divided by a -: ")
$sIPReso = cmdRead()

$iNum = 0
$time = TimerInit()
If StringInStr($sIPReso, "-") Then
    $aIP = StringSplit($sIPReso, "-")
    If Not IsIPAddress($aIP[1]) Then usage()
    If Not IsIPAddress($aIP[2]) Then usage()
    If StringCompare($aIP[1], $aIP[2]) = 0 Then usage()
    $aIP1 = StringSplit($aIP[1], ".")
    $aIP2 = StringSplit($aIP[2], ".")
        
    For $i = 1 to 4
        If Number($aIP1[$i]) <> Number($aIP2[$i]) Then ExitLoop
    Next
        
    If Number($aIP1[$i]) > Number($aIP2[$i]) Then usage()   
        
    Select
        Case $i = 1
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    For $i2 = 1 to 255
                        For $i3 = 1 to 255
                            $sIPReso = (String($iIP & "." & $i1 & "." & $i2 & "." & $i3))
                            selection($sIPReso, $aPacket)
                            $iNum += 1
                            If $i3 = Number($aIP2[4]) AND $i2 = Number($aIP2[3]) Then ExitLoop
                        Next
                        $iNum += 1
                        If $i2 = Number($aIP2[3]) AND $i1 = Number($aIP2[2]) Then ExitLoop
                    Next
                    $iNum += 1
                    If $i1 = Number($aIP2[2]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 4
        Case $i = 2
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    For $i2 = 1 to 255
                        $sIPReso = (String($aIP2[1] & "." & $iIP & "." & $i1 & "." & $i2))
                        selection($sIPReso, $aPacket)
                        $iNum += 1
                        If $i2 = Number($aIP2[4]) AND $i1 = Number($aIP2[3]) Then ExitLoop
                    Next
                    $iNum += 1
                    If $i1 = Number($aIP2[3]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 3
        Case $i = 3
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                For $i1 = 1 to 255
                    $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $iIP & "." & $i1))
                    selection($sIPReso, $aPacket)
                    $iNum += 1
                    If $i1 = Number($aIP2[4]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $iNum += 1
            Next
            $iNum -= 2
        Case $i = 4
            For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $aIP2[3] & "." & $iIP))
                selection($sIPReso, $aPacket)
                $iNum += 1
            Next
    EndSelect   
Else
    If Not IsIPAddress($sIPReso) Then usage()
    selection($sIPReso, $aPacket)
    $iNum += 1
EndIf
ConsoleWrite("Scanned " & $iNum & " addresses in " & round(TimerDiff($time) / 1000, 2) & " seconds" & @CRLF)
If $iNum = 1 Then 
    ConsoleWrite("There is " & $iAlive & " alive host.")
Else
    ConsoleWrite("There are " & $iAlive & " alive hosts.")
EndIf

Func selection($sIPReso, $aPacket)
    $aIPReso = StringSplit($sIPReso, ".")

    $aPacket[38] = Number($aIPReso[1])
    $aPacket[39] = Number($aIPReso[2])
    $aPacket[40] = Number($aIPReso[3])
    $aPacket[41] = Number($aIPReso[4])

    $oPktX.Start
    $oPktX.Adapter.SendPacket($aPacket, 1) ;send one packet 

    $begin = TimerInit()
    While TimerDiff($begin) < 80
        Sleep(20)
        If $bAlive = True Then 
            ConsoleWrite("Host " & $sIPReso & " appears to be up." & @CRLF)
            ConsoleWrite("MAC Address: " & $sgMAC & @CRLF & @CRLF)
            $iAlive += 1
            ExitLoop
        EndIf
    WEnd
    $oPktX.Stop

    ;If $bAlive = False Then ConsoleWrite($sIPReso & " is offline" & @CRLF)
EndFunc

Func PacketX_OnPacket($oPacket)
    Global $bAlive = False
    Global $sgMAC = ""
    
    $aData = $oPacket.Data
    $iHWType = $aData[14] & $aData[15]
    $iProtocolType = $aData[16] & $aData[17]
    $iOPCode = $aData[20] & $aData[21]
    $sSenderIP = $aData[28] & "." & $aData[29] & "." & $aData[30] & "." & $aData[31]
    $sDestMac = ""
    For $i = 32 to 37
        $sDestMac &= Hex($aData[$i], 2) & ":"
    Next
    $sDestMac = StringTrimRight($sDestMac, 1)
    $sDestIP = $aData[38] & "." & $aData[39] & "." & $aData[40] & "." & $aData[41]
    
    If $iHWType = 01 And $iProtocolType = 80 And $iOPCode = 02 And _
            StringCompare($sSenderIP, $sIPReso) = 0 And StringCompare($sDestMac, $sHWAddr) = 0 And _
            StringCompare($sDestIP, $sIPAddr) = 0 Then 
        $bAlive = True
        For $i = 22 to 27
            $sgMAC &= Hex($aData[$i], 2) & ":"
        Next
        $sgMAC = StringTrimRight($sgMAC, 1)
    EndIf
        
EndFunc   ;==>PacketX_OnPacket

Func cmdRead()
    Local $input = ""
    $file = FileOpen("con", 4)
    While 1
        $chr = FileRead($file, 1)
        If $chr = @LF Then ExitLoop
        $input &= BinaryToString($chr)
        Sleep(50)
    WEnd
    FileClose($file)
    $input = StringReplace($input, @CR, "")
    Return $input
EndFunc

Func IsIPAddress($text)
    Return StringRegExp($text, "(((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))")
EndFunc

Func usage()
    ConsoleWrite("Usage: Enter single ip or range divided by - Example 192.168.1.1-192.168.1.10")
    Exit
EndFunc

; Find the folder containing the network connection objects
; ==============================================================================================
Func _NetConsFolderObject()
    Local $wbemFlagReturnImmediately = 0x10
    Local $wbemFlagForwardOnly = 0x20
    Local $strComputer = "localhost"
    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
    $colNetwork = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
    Return $colNetwork
EndFunc   ;==>_NetConsFolderObject

; Find the network connection objects
; ==============================================================================================
Func _GetNetConNames($colNetwork, $sMac)
    Dim $strNetworks, $IDXname=0, $IDXstatus=0
    If IsObj($colNetwork) Then
        For $clsConn In $colNetwork
            If StringCompare($sMac, String($clsConn.MacAddress)) = 0 Then 
                $sIP = String($clsConn.IPAddress(0))
                Return $sIP
            EndIf
        Next
    Else
        MsgBox(0, "WMI Output", "No WMI Objects Found for class: " & "Win32_NetworkAdapter")
    EndIf
    Return 0
EndFunc   ;==>GetNetworkNames
Edited by SoulA

Share this post


Link to post
Share on other sites
SoulA

Here is my ARPing program using all WinPcap that was provided Here

#NoTrayIcon
#AutoIt3Wrapper_Change2CUI=y

#include <winpcap.au3>
#include <array.au3>

Global $pcap
Global $iScan = 0
Global $iAlive = 0
;declare array that will be filled with what ip's we will be scanning
Dim $aIPSendArray[2] = [1, 0]
Dim $aAliveHosts[1] = [0]

; initialise the Library
$winpcap = _PcapSetup()
If ($winpcap = -1) Then
    ConsoleWrite("WinPcap not found !")
    Exit
EndIf

; Get the interfaces list for which a capture is possible
$pcap_devices = _PcapGetDeviceList()
If ($pcap_devices = -1) Then
    ConsoleWrite(_PcapGetLastError())
    Exit
EndIf

For $i = 0 To UBound($pcap_devices) - 1
    $sAdapterName = StringMid($pcap_devices[$i][1], StringInStr($pcap_devices[$i][1], "'", 0, 1) + 1)
    $sAdapterName = StringMid($sAdapterName, 1, StringInStr($sAdapterName, "'", 0, 1) - 1)
    
    ConsoleWrite($i + 1 & ". " & $sAdapterName & " (MAC Address: " & $pcap_devices[$i][6] & ")" & @CRLF)
Next
ConsoleWrite("Choose Adapter: ")

$iInput = Number(cmdRead())
;$iInput = 1 ;debug
If $iInput > $i - 1 Or $iInput < 1 Then usage()
$iInput -= 1
If Not IsIPAddress($pcap_devices[$iInput][7]) Then
    ConsoleWrite("This device has no IP")
    Exit
EndIf

If ($pcap_devices[$iInput][3] <> "EN10MB") Then
    ConsoleWrite("This example only accepts Ethernet devices...")
    Exit
EndIf

$aIPAddr = StringSplit($pcap_devices[$iInput][7], ".")

Dim $aPacket[60] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _
        0x08, 0x06, 0x00, 0x01, _
        0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _
        Number($aIPAddr[1]), _
        Number($aIPAddr[2]), _
        Number($aIPAddr[3]), _
        Number($aIPAddr[4]), _
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
        0, _
        0, _
        0, _
        0, _
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00]

ConsoleWrite("Type in single IP address or range divided by a -: ")
$sIPReso = cmdRead()
;$sIPReso = "192.168.1.1" ;debug
ConsoleWrite(@CRLF)

$pcap = _PcapStartCapture($pcap_devices[$iInput][0], "", 1)
If ($pcap = -1) Then
    ConsoleWrite(_PcapGetLastError())
    Exit
EndIf

;start creating array filled with the ips we are going to scan
$time = TimerInit()
If StringInStr($sIPReso, "-") Then
    $aIP = StringSplit($sIPReso, "-")
    If UBound($aIP) > 3 Then usage()
    If Not IsIPAddress($aIP[1]) Then usage()
    If Not IsIPAddress($aIP[2]) Then usage()
    If StringCompare($aIP[1], $aIP[2]) = 0 Then usage()
    $aIP1 = StringSplit($aIP[1], ".")
    $aIP2 = StringSplit($aIP[2], ".")
    
    For $i = 1 To 4
        If Number($aIP1[$i]) <> Number($aIP2[$i]) Then ExitLoop
    Next
    
    If Number($aIP1[$i]) > Number($aIP2[$i]) Then usage()
    
    $iIPTest1 = Number($aIP1[1] & $aIP1[2] & $aIP1[3] & $aIP1[4]);used to test if ip is in rage later in script
    $iIPTest2 = Number($aIP2[1] & $aIP2[2] & $aIP2[3] & $aIP2[4])
    
    Select
        Case $i = 1
            $aIPSendArray[1] = 1
            For $iIP = Number($aIP1[$i]) To Number($aIP2[$i])
                For $i1 = Number($aIP1[$i + 1]) To 255
                    For $i2 = Number($aIP1[$i + 2]) To 255
                        For $i3 = Number($aIP1[$i + 3]) To 255
                            $sIPReso = (String($iIP & "." & $i1 & "." & $i2 & "." & $i3))
                            selection($sIPReso)
                            If $i3 = Number($aIP2[4]) And $i2 = Number($aIP2[3]) Then ExitLoop
                        Next
                        $aIP1[$i + 3] = 1
                        If $i2 = Number($aIP2[3]) And $i1 = Number($aIP2[2]) Then ExitLoop
                    Next
                    $aIP1[$i + 2] = 1
                    If $i1 = Number($aIP2[2]) And $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $aIP1[$i + 1] = 1
            Next
        Case $i = 2
            $aIPSendArray[1] = 2
            For $iIP = Number($aIP1[$i]) To Number($aIP2[$i])
                For $i1 = Number($aIP1[$i + 1]) To 255
                    For $i2 = Number($aIP1[$i + 2]) To 255
                        $sIPReso = (String($aIP2[1] & "." & $iIP & "." & $i1 & "." & $i2))
                        selection($sIPReso)
                        If $i2 = Number($aIP2[4]) And $i1 = Number($aIP2[3]) Then ExitLoop
                    Next
                    $aIP1[$i + 2] = 1
                    If $i1 = Number($aIP2[3]) And $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $aIP1[$i + 1] = 1
            Next
        Case $i = 3
            $aIPSendArray[1] = 3
            For $iIP = Number($aIP1[$i]) To Number($aIP2[$i])
                For $i1 = Number($aIP1[$i + 1]) To 255
                    $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $iIP & "." & $i1))
                    selection($sIPReso)
                    If $i1 = Number($aIP2[4]) And $iIP = Number($aIP2[$i]) Then ExitLoop
                Next
                $aIP1[$i + 1] = 1
            Next
        Case $i = 4
            $aIPSendArray[1] = 4
            For $iIP = Number($aIP1[$i]) To Number($aIP2[$i])
                $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $aIP2[3] & "." & $iIP))
                selection($sIPReso)
            Next
    EndSelect
Else
    If Not IsIPAddress($sIPReso) Then usage()
    selection($sIPReso)
EndIf

If $aIPSendArray[0] > 1 Then scan() ;scan function

;output how many hosts were alive
If $iAlive = 1 Then
    ConsoleWrite("There is " & $iAlive & " alive host." & @CRLF)
Else
    ConsoleWrite("There are " & $iAlive & " alive hosts." & @CRLF)
EndIf

;how many hosts we scanned and how long
If $iScan = 1 Then
    ConsoleWrite("Scanned " & $iScan & " address in " & Round(TimerDiff($time) / 1000, 2) & " seconds")
Else
    ConsoleWrite("Scanned " & $iScan & " addresses in " & Round(TimerDiff($time) / 1000, 2) & " seconds")
EndIf

_PcapStopCapture($pcap) ; Stop capture
_PcapFree()

Func scan()
    AdlibEnable("getPacket", 1)
    
    For $i = 2 To $aIPSendArray[0]
        $aIPReso = StringSplit($aIPSendArray[$i], ".")

        $aPacket[38] = Number($aIPReso[1])
        $aPacket[39] = Number($aIPReso[2])
        $aPacket[40] = Number($aIPReso[3])
        $aPacket[41] = Number($aIPReso[4])
        
        $sPacket = "0x"
        For $i1 = 0 To UBound($aPacket) - 1
            $sPacket &= Hex($aPacket[$i1], 2)
        Next
        
        _PcapSendPacket($pcap, $sPacket)
    Next
    
    Sleep(200)
    
    AdlibDisable()
    $iScan += $aIPSendArray[0] - 1
EndFunc   ;==>scan

;fill in array of ips that we are going to scan
Func selection($sIPReso)
    $aIPSendArray[0] += 1
    ReDim $aIPSendArray[$aIPSendArray[0] + 1]
    $aIPSendArray[$aIPSendArray[0]] = $sIPReso
    If $aIPSendArray[0] = 10000 Then
        scan()
        Local $iTemp = $aIPSendArray[1]
        Dim $aIPSendArray[2] = [1, $iTemp]
    EndIf
EndFunc   ;==>selection

;function that executes everytime we get a packet
Func getPacket()
    $packet = _PcapGetPacket($pcap)
    If IsArray($packet) Then
        
        Local $sgMAC = ""
        Local $aData[$packet[2]]
        
        ;get info into array of the packet
        $packet[3] = StringTrimLeft($packet[3], 2)
        For $i = 0 To $packet[2] - 1
            $aData[$i] = Dec(StringLeft($packet[3], 2))
            $packet[3] = StringTrimLeft($packet[3], 2)
        Next
        
        ;start checking if it is that packet we want
        $iHWType = $aData[14] & $aData[15]
        $iProtocolType = $aData[16] & $aData[17]
        $iOPCode = $aData[20] & $aData[21]
        $sSenderIP = $aData[28] & "." & $aData[29] & "." & $aData[30] & "." & $aData[31]
        $iSenderIP = Number($aData[28] & $aData[29] & $aData[30] & $aData[31])
        $sDestMac = ""
        For $i = 32 To 37
            $sDestMac &= Hex($aData[$i], 2) & ":"
        Next
        $sDestMac = StringTrimRight($sDestMac, 1)
        $sDestIP = $aData[38] & "." & $aData[39] & "." & $aData[40] & "." & $aData[41]
        
        ;make sure the ip was in the range of the addresses we wanted to scan
        If $aIPSendArray[1] = 0 Then
            ;do nothing
        ElseIf $iSenderIP >= $iIPTest1 And $iSenderIP <= $iIPTest2 Then
            ;do nothing
        Else
            Return 0
        EndIf
        
        ;make sure it was the type of packet we wanted
        If $iHWType = 01 And $iProtocolType = 80 And $iOPCode = 02 And _
                StringCompare($sDestMac, $pcap_devices[$iInput][6]) = 0 And _
                StringCompare($sDestIP, $pcap_devices[$iInput][7]) = 0 Then
            ;do nothing
        Else
            Return 0
        EndIf
        
        ;don't want double positives
        For $i = 1 To $aAliveHosts[0]
            If StringCompare($aAliveHosts[$i], $sSenderIP) = 0 Then Return 0
        Next
        
        ;if this was the right packet output the data
        For $i = 22 To 27
            $sgMAC &= Hex($aData[$i], 2) & ":"
        Next
        $sgMAC = StringTrimRight($sgMAC, 1)
        ConsoleWrite("Host " & $sSenderIP & " appears to be up." & @CRLF)
        ConsoleWrite("MAC Address: " & $sgMAC & @CRLF & @CRLF)
        $iAlive += 1
        $aAliveHosts[0] += 1
        ReDim $aAliveHosts[$aAliveHosts[0] + 1]
        $aAliveHosts[$aAliveHosts[0]] = $sSenderIP
    EndIf
EndFunc   ;==>getPacket

Func IsIPAddress($text)
    Return StringRegExp($text, "(((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))")
EndFunc   ;==>IsIPAddress

Func cmdRead()
    Local $input = ""
    $file = FileOpen("con", 4)
    While 1
        $chr = FileRead($file, 1)
        If $chr = @LF Then ExitLoop
        $input &= BinaryToString($chr)
        Sleep(50)
    WEnd
    FileClose($file)
    $input = StringReplace($input, @CR, "")
    Return $input
EndFunc   ;==>cmdRead

Func usage()
    ConsoleWrite("Usage: Enter single ip or range divided by - Example 192.168.1.1-192.168.1.10")
    Exit
EndFunc   ;==>usage
Edited by SoulA

Share this post


Link to post
Share on other sites
ptrex

@SoulA

Great last script you povided !!

Better than the licenced "PacketX" ones.

Question:

Do you have any knowledge on how to do a UDP scan ?

For TCP it's fairly sumple to send a packet to the broadcast address.

But this approach doesn't work for UDP ?

Thanks

Regards,

ptrex

Edited by ptrex

Share this post


Link to post
Share on other sites
SoulA

Are you trying to use UDP/TCP to find alive hosts or to scan a computer's ports? Typically you use TCP to scan a computers hosts. You send a SYN packet to a specified port that you want to see if its open and if the host responds with a syn/ack then it is open. This is something I am working on now.

Share this post


Link to post
Share on other sites
ptrex

Share this post


Link to post
Share on other sites
Xand3r

because udp is connectionless (it dosen't use handshaking like tcp) it's impossible to udp scan a port unless the service listening on the port sends a response regardless of the data it has received

for example:

1.you connect to a remote machine on a udp port , there is no handshaking involved so the remote machine isn't aware of your connection so there is no response.

2. you connect to a remote machine on a udp port and send some random gibberish, the remote machine gets the data and decides what to do...:

-if it sends back some data(saying that your request is malformed or w/e) then you know that the port is open

-if it just ignores the data and dosen't send a response then there is no way for you to know that the port is open because the lack of ACK and of a response :D

cheers..


Only two things are infinite, the universe and human stupidity, and i'm not sure about the former -Alber EinsteinPractice makes perfect! but nobody's perfect so why practice at all?http://forum.ambrozie.ro

Share this post


Link to post
Share on other sites
SoulA

because udp is connectionless (it dosen't use handshaking like tcp) it's impossible to udp scan a port unless the service listening on the port sends a response regardless of the data it has received

for example:

1.you connect to a remote machine on a udp port , there is no handshaking involved so the remote machine isn't aware of your connection so there is no response.

2. you connect to a remote machine on a udp port and send some random gibberish, the remote machine gets the data and decides what to do...:

-if it sends back some data(saying that your request is malformed or w/e) then you know that the port is open

-if it just ignores the data and dosen't send a response then there is no way for you to know that the port is open because the lack of ACK and of a response :D

cheers..

This isn't true. I think if you try to connect to a port using UDP you will get an ICMP packet back saying that the port is unreachable. So you can try to send some info to a UDP port and if that port isn't open you should get an ICMP Destination Unreachable (Port Unreachable) packet. If you don't receive this message than that port is open.

Edited by SoulA

Share this post


Link to post
Share on other sites
SoulA

What would a syn-packet look like?

This might help give you an idea...

Dim $aPacket[62] = [ _
        Number(Dec(StringMid($sMAC, 1, 2))), _ ;dest mac
        Number(Dec(StringMid($sMAC, 3, 2))), _ 
        Number(Dec(StringMid($sMAC, 5, 2))), _
        Number(Dec(StringMid($sMAC, 7, 2))), _
        Number(Dec(StringMid($sMAC, 9, 2))), _
        Number(Dec(StringMid($sMAC, 11, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _;source mac
        Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _
        0x08, 0x00, _ ;IP HEADER type
        0x45, _;version and length
        0x00, _;diff services
        0x00, 0x00, _ ;total length
        0x16, 0x79, _;id
        0x40, _;flags
        0x00, _;fragment offset
        0x80, _;time to live
        0x06, _;protocol
        0xAA, 0xAA, _;checksum
        Number($aIPAddr[1]), _  ;source ip
        Number($aIPAddr[2]), _
        Number($aIPAddr[3]), _
        Number($aIPAddr[4]), _
        0, _ ;dest ip
        0, _
        0, _
        0, _
        0x39, 0xb4, _ ;source port
        0, 0, _ ;dest port
        0x00, 0x00, 0x00, 0x00, _ ;seq number
        0x00, 0x00, 0x00, 0x00, _ ;not sure what this is
        0x70, _ ;header length
        0x02, _ ;flags
        0x20, 0x00, _ ;window size
        0xAA, 0xAA, _ ;checksum
        0x00, 0x00, _ ;not sure what this is
        0x02, 0x04, 0x05, 0xB4, _ ;max segment size
        0x01, _ ;nop
        0x01, _ ;nop
        0x04, 0x02] ;sack permitted
                
        $iTotalLength = Hex(UBound($aPacket) - 14, 4)
        $aPacket[16] = Dec(StringMid($iTotalLength, 1, 2))
        $aPacket[17] = Dec(StringMid($iTotalLength, 3, 2))

Share this post


Link to post
Share on other sites
Xand3r

that is also true but most firewalls block icmp port unreachable by default and afaik my network fiters outgoing icpm port unreachables :) so that's not a very reliable method and has a very big chance of hitting a false positive


Only two things are infinite, the universe and human stupidity, and i'm not sure about the former -Alber EinsteinPractice makes perfect! but nobody's perfect so why practice at all?http://forum.ambrozie.ro

Share this post


Link to post
Share on other sites
SoulA

that is also true but most firewalls block icmp port unreachable by default and afaik my network fiters outgoing icpm port unreachables :) so that's not a very reliable method and has a very big chance of hitting a false positive

Yeah but if your scanning inside your own network it is good to know.

Share this post


Link to post
Share on other sites
dexto

@SoulA,

Great work one of the best LAN scripts written in Autoit.

Observation:

;fill in array of ips that we are going to scan
Func selection($sIPReso)
    $aIPSendArray[0] += 1
    ReDim $aIPSendArray[$aIPSendArray[0] + 1]
    $aIPSendArray[$aIPSendArray[0]] = $sIPReso
    If $aIPSendArray[0] = 10000 Then
        scan()
        Local $iTemp = $aIPSendArray[1]
        Dim $aIPSendArray[2] = [1, $iTemp]
    EndIf
EndFunc   ;==>selection

This simply makes you app. 10-20 times slower.

What your doing is every time ip is added to array of ips to be scanned it is not "resizing the array" it is in fact its is copying entire array to an array that is just one slot larger then freeing the old smaller array. Its doing that ever time you add an ip to be scanned. Have to realize what that is doing to your performance.

Way around it: instead adding to an array add to a string separating ips with something like ; or something else then when done StringSplit it and your done.

There are other choking points in the script but since i'm not sure about their validity or possible solution i will not talk about them.

Edited by dexto

Share this post


Link to post
Share on other sites
dexto

Here is optimized version of the script above, about 5 times faster with 10% CPU

One of my favorite scripts, thank you SoulA.

(Scans local network for all the devises and their MAC and IP made by SoulA optimized by dexto)

#NoTrayIcon
#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_Change2CUI=y
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****

#include "winpcap.au3"
#include <array.au3>

Global $pcap
Global $iScan = 0
Global $iAlive = 0
;declare array that will be filled with what ip's we will be scanning
Dim $aIPSendArray[2] = [1, 0]
Dim $aAliveHosts[1] = [0]

; initialise the Library
$winpcap = _PcapSetup()
If ($winpcap = -1) Then
    ConsoleWrite("WinPcap not found !")
    Exit
EndIf

; Get the interfaces list for which a capture is possible
$pcap_devices = _PcapGetDeviceList()
If ($pcap_devices = -1) Then
    ConsoleWrite(_PcapGetLastError())
    Exit
EndIf

$tmp = 0
For $i = 0 To UBound($pcap_devices) - 1
    If $pcap_devices[$i][6] <> '' And IsIPAddress($pcap_devices[$i][7]) And (StringInStr($pcap_devices[$i][1], 'Virtual', 0)==0) Then
        $tmp += 1
        $iInput = $i + 1
        $sAdapterName = StringMid($pcap_devices[$i][1], StringInStr($pcap_devices[$i][1], "'", 0, 1) + 1)
        $sAdapterName = StringMid($sAdapterName, 1, StringInStr($sAdapterName, "'", 0, 1) - 1)
        ConsoleWrite($i + 1 & ". " & $sAdapterName & " (MAC Address: " & $pcap_devices[$i][6] & ")" & @CRLF)
    EndIf
Next
If $tmp == 0 Then
    For $i = 0 To UBound($pcap_devices) - 1
        If StringInStr($pcap_devices[$i][1], 'Virtual', 0)>0 And IsIPAddress($pcap_devices[$i][7]) Then
            $tmp += 1
            $iInput = $i + 1
            $sAdapterName = StringMid($pcap_devices[$i][1], StringInStr($pcap_devices[$i][1], "'", 0, 1) + 1)
            $sAdapterName = StringMid($sAdapterName, 1, StringInStr($sAdapterName, "'", 0, 1) - 1)
            ConsoleWrite($i + 1 & ". " & $sAdapterName & " (MAC Address: " & $pcap_devices[$i][6] & ")" & @CRLF)
        EndIf
    Next
    Exit
EndIf

If $tmp > 1 Then
    ConsoleWrite("Choose Adapter: ")
    $iInput = Number(cmdRead())
EndIf

If $iInput > $i - 1 Or $iInput < 1 Then usage()
$iInput -= 1

;If ($pcap_devices[$iInput][3] <> "EN10MB") Then
;   ConsoleWrite("This example only accepts Ethernet devices...")
;   Exit
;EndIf

$aIPAddr = StringSplit($pcap_devices[$iInput][7], ".")
Dim $aPacketa[38] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _          ;6
        Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _  ;7
        Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _  ;8
        Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _  ;9
        Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _ ;10
        Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _ ;11
        Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _ ;12
        0x08, 0x06, 0x00, 0x01, _                                   ;16
        0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _                       ;22
        Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _  ;23
        Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _  ;24
        Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _  ;25
        Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _ ;26
        Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _ ;27
        Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _ ;28
        Number($aIPAddr[1]), _                                      ;29
        Number($aIPAddr[2]), _                                      ;30
        Number($aIPAddr[3]), _                                      ;31
        Number($aIPAddr[4]), _                                      ;32
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00]                         ;38


$sPacketa = "0x"
For $i1 = 0 To UBound($aPacketa) - 1
    $sPacketa &= Hex($aPacketa[$i1], 2)
Next
$sPacketb = '000000000000000000000000000000000000'

If $cmdLine[0] > 0 Then
    $sIPReso = $cmdLine[1]
Else
    ConsoleWrite("Type in single IP address or range divided by a -: ")
    $sIPReso = cmdRead()
EndIf
ConsoleWrite('---------------------------------'&@CRLF)
;$sIPReso = "192.168.0.0-192.168.25.255" ;debug

$pcap = _PcapStartCapture($pcap_devices[$iInput][0], "", 1)
If ($pcap = -1) Then
    ConsoleWrite(_PcapGetLastError())
    Exit
EndIf

;start creating array filled with the ips we are going to scan
$time = TimerInit()
AdlibEnable("getPacket", 1);start the thing

Global $out, $databuffer
If StringInStr($sIPReso, "-") Then
    $aIP = StringSplit($sIPReso, "-")
    If UBound($aIP) > 3 Then usage()
    If Not IsIPAddress($aIP[1]) Then usage()
    If Not IsIPAddress($aIP[2]) Then usage()
    If StringCompare($aIP[1], $aIP[2]) = 0 Then usage()
    $aIP1 = StringSplit($aIP[1], ".")
    $aIP2 = StringSplit($aIP[2], ".")

    For $i = 1 To 4
        If Number($aIP1[$i]) <> Number($aIP2[$i]) Then ExitLoop
    Next

    If Number($aIP1[$i]) > Number($aIP2[$i]) Then usage()

    $iIPTest1 = Number($aIP1[1] & $aIP1[2] & $aIP1[3] & $aIP1[4]);used to test if ip is in range later in script
    $iIPTest2 = Number($aIP2[1] & $aIP2[2] & $aIP2[3] & $aIP2[4])

    Select
        Case $i = 1
            $aIPSendArray[1] = 1
            For $iIP = $aIP1[$i] To $aIP2[$i]
                For $i1 = $aIP1[$i + 1] To 255
                    For $i2 = $aIP1[$i + 2] To 255
                        For $i3 = $aIP1[$i + 3] To 255
                            $out = $sPacketa & Hex($iIP, 2) & Hex($i1, 2) & Hex($i2, 2) & Hex($i3, 2) & $sPacketb
                            $databuffer = DllStructCreate("ubyte[" & BinaryLen($out) & "]")
                            DllStructSetData($databuffer, 1, $out)
                            DllCall($Pcap_dll, "int:cdecl", "pcap_sendpacket", "ptr", $pcap, "ptr", DllStructGetPtr($databuffer), "int", BinaryLen($out))
                            $iScan += 1
                            If $i3 = $aIP2[4] And $i2 = $aIP2[3] Then ExitLoop
                        Next
                        $aIP1[$i + 3] = 1
                        If $i2 = $aIP2[3] And $i1 = $aIP2[2] Then ExitLoop
                    Next
                    $aIP1[$i + 2] = 1
                    If $i1 = $aIP2[2] And $iIP = $aIP2[$i] Then ExitLoop
                Next
                $aIP1[$i + 1] = 1
            Next
        Case $i = 2
            $aIPSendArray[1] = 2
            For $iIP = $aIP1[$i] To $aIP2[$i]
                For $i1 = $aIP1[$i + 1] To 255
                    For $i2 = $aIP1[$i + 2] To 255
                        $out = $sPacketa & Hex($aIP2[1], 2) & Hex($iIP, 2) & Hex($i1, 2) & Hex($i2, 2) & $sPacketb
                        $databuffer = DllStructCreate("ubyte[" & BinaryLen($out) & "]")
                        DllStructSetData($databuffer, 1, $out)
                        DllCall($Pcap_dll, "int:cdecl", "pcap_sendpacket", "ptr", $pcap, "ptr", DllStructGetPtr($databuffer), "int", BinaryLen($out))
                        $iScan += 1
                        If $i2 = $aIP2[4] And $i1 = $aIP2[3] Then ExitLoop
                    Next
                    $aIP1[$i + 2] = 1
                    If $i1 = $aIP2[3] And $iIP = $aIP2[$i] Then ExitLoop
                Next
                $aIP1[$i + 1] = 1
            Next
        Case $i = 3
            $aIPSendArray[1] = 3
            For $iIP = $aIP1[$i] To $aIP2[$i]
                For $i1 = $aIP1[$i + 1] To 255
                    $out = $sPacketa & Hex($aIP2[1], 2) & Hex($aIP2[2], 2) & Hex($iIP, 2) & Hex($i1, 2) & $sPacketb
                    $databuffer = DllStructCreate("ubyte[" & BinaryLen($out) & "]")
                    DllStructSetData($databuffer, 1, $out)
                    DllCall($Pcap_dll, "int:cdecl", "pcap_sendpacket", "ptr", $pcap, "ptr", DllStructGetPtr($databuffer), "int", BinaryLen($out))
                    $iScan += 1
                    If $i1 = $aIP2[4] And $iIP = $aIP2[$i] Then ExitLoop
                Next
                $aIP1[$i + 1] = 1
            Next
        Case $i = 4
            $aIPSendArray[1] = 4
            For $iIP = $aIP1[$i] To $aIP2[$i]
                $out = $sPacketa & Hex($aIP2[1], 2) & Hex($aIP2[2], 2) & Hex($aIP2[3], 2) & Hex($iIP, 2) & $sPacketb
                $databuffer = DllStructCreate("ubyte[" & BinaryLen($out) & "]")
                DllStructSetData($databuffer, 1, $out)
                DllCall($Pcap_dll, "int:cdecl", "pcap_sendpacket", "ptr", $pcap, "ptr", DllStructGetPtr($databuffer), "int", BinaryLen($out))
                $iScan += 1
            Next
    EndSelect
Else
    If Not IsIPAddress($sIPReso) Then usage()
    $a = StringSplit($sIPReso, ".")
    _PcapSendPacket($pcap, $sPacketa & Hex($a[1], 2) & Hex($a[2], 2) & Hex($a[3], 2) & Hex($a[4], 2) & $sPacketb)
    $iScan += 1
EndIf
Sleep(200)
AdlibDisable();end the thing

ConsoleWrite('---------------------------------'&@CRLF)

;output how many hosts were alive
If $iAlive = 1 Then
    ConsoleWrite("There is " & $iAlive & " alive host." & @CRLF)
Else
    ConsoleWrite("There are " & $iAlive & " alive hosts." & @CRLF)
EndIf

;how many hosts we scanned and how long
If $iScan = 1 Then
    ConsoleWrite("Scanned " & $iScan & " address in " & Round(TimerDiff($time) / 1000, 2) & " seconds")
Else
    ConsoleWrite("Scanned " & $iScan & " addresses in " & Round(TimerDiff($time) / 1000, 2) & " seconds")
EndIf

_PcapStopCapture($pcap) ; Stop capture
_PcapFree()


;function that executes everytime we get a packet
Func getPacket()
    $packet = _PcapGetPacket($pcap)
    If IsArray($packet) And StringLeft($packet[3], 3) <> '0xF' Then
        Local $sgMAC = ""
        Local $aData[$packet[2]]

        ;get info into array of the packet
        $packet[3] = StringTrimLeft($packet[3], 2)
        For $i = 0 To $packet[2] - 1
            $aData[$i] = Dec(StringLeft($packet[3], 2))
            $packet[3] = StringTrimLeft($packet[3], 2)
        Next

        ;start checking if it is that packet we want
        $iHWType = $aData[14] & $aData[15]
        $iProtocolType = $aData[16] & $aData[17]
        $iOPCode = $aData[20] & $aData[21]
        $sSenderIP = $aData[28] & "." & $aData[29] & "." & $aData[30] & "." & $aData[31]
        $iSenderIP = Number($aData[28] & $aData[29] & $aData[30] & $aData[31])
        $sDestMac = ""
        For $i = 32 To 37
            $sDestMac &= Hex($aData[$i], 2) & ":"
        Next
        $sDestMac = StringTrimRight($sDestMac, 1)
        $sDestIP = $aData[38] & "." & $aData[39] & "." & $aData[40] & "." & $aData[41]

        ;make sure the ip was in the range of the addresses we wanted to scan
        If $aIPSendArray[1] = 0 Then
            ;do nothing
        ElseIf $iSenderIP >= $iIPTest1 And $iSenderIP <= $iIPTest2 Then
            ;do nothing
        Else
            Return 0
        EndIf

        ;make sure it was the type of packet we wanted
        If $iHWType = 01 And $iProtocolType = 80 And $iOPCode = 02 And _
                StringCompare($sDestMac, $pcap_devices[$iInput][6]) = 0 And _
                StringCompare($sDestIP, $pcap_devices[$iInput][7]) = 0 Then
            ;do nothing
        Else
            Return 0
        EndIf

        ;don't want double positives
        For $i = 1 To $aAliveHosts[0]
            If StringCompare($aAliveHosts[$i], $sSenderIP) = 0 Then Return 0
        Next

        ;if this was the right packet output the data
        For $i = 22 To 27
            $sgMAC &= Hex($aData[$i], 2) & ":"
        Next
        $sgMAC = StringTrimRight($sgMAC, 1)
        ConsoleWrite($sSenderIP & @TAB & $sgMAC & @CRLF)
        $iAlive += 1
        $aAliveHosts[0] += 1
        ReDim $aAliveHosts[$aAliveHosts[0] + 1]
        $aAliveHosts[$aAliveHosts[0]] = $sSenderIP
    EndIf
EndFunc   ;==>getPacket

Func IsIPAddress($text)
    Return StringRegExp($text, "(((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))")
EndFunc   ;==>IsIPAddress

Func cmdRead()
    Local $input = ""
    $file = FileOpen("con", 4)
    While 1
        $chr = FileRead($file, 1)
        If $chr = @LF Then ExitLoop
        $input &= BinaryToString($chr)
        Sleep(50)
    WEnd
    FileClose($file)
    $input = StringReplace($input, @CR, "")
    Return $input
EndFunc   ;==>cmdRead

Func usage()
    ConsoleWrite("arpscan.exe 192.168.1.1-192.168.1.10")
    Exit
EndFunc   ;==>usage

Share this post


Link to post
Share on other sites
dexto

@SoulA

This script definitely deserves a separate post! :)

Share this post


Link to post
Share on other sites
SoulA

@SoulA

This script definitely deserves a separate post! :)

Yeah perhaps your right. I'm glad you have an inerest and the improvments are great. The only other major improvement I could think of doing was instead of having the script check the packets you use the pcap filters instead. Just have to learn their syntax and is probably much quicker.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.