You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Andreas Zweili 5ce9164726 add x64 compiled binary 2 years ago
autom4te.cache add x64 compiled binary 2 years ago
build-aux add x64 compiled binary 2 years ago
doc add x64 compiled binary 2 years ago
rpm initial commit 2 years ago
src add x64 compiled binary 2 years ago
.gitignore initial commit 2 years ago
AUTHORS initial commit 2 years ago
COPYING initial commit 2 years ago
ChangeLog initial commit 2 years ago
INSTALL initial commit 2 years ago
LICENSE initial commit 2 years ago
Makefile add x64 compiled binary 2 years ago
Makefile.am initial commit 2 years ago
Makefile.in add x64 compiled binary 2 years ago
NEWS initial commit 2 years ago
README readd README file 2 years ago
README.md initial commit 2 years ago
README.rpm initial commit 2 years ago
TODO initial commit 2 years ago
aclocal.m4 add x64 compiled binary 2 years ago
autogen.sh initial commit 2 years ago
config.h add x64 compiled binary 2 years ago
config.h.in add x64 compiled binary 2 years ago
config.log add x64 compiled binary 2 years ago
config.status add x64 compiled binary 2 years ago
configure add x64 compiled binary 2 years ago
configure.ac initial commit 2 years ago
oui.txt-20161205 add update oui.txt list 2 years ago
stamp-h1 add x64 compiled binary 2 years ago
update-oui-database-legacy.sh initial commit 2 years ago
update-oui-database.sh initial commit 2 years ago

README.md

Welcome to Netdiscover 0.3 beta. Netdiscover is a network address discovering tool, developed mainly for those wireless networks without dhcp server, it also works on hub/switched networks. Its based on arp packets, it will send arp requests and sniff for replys.

Its my first public C tool, so dont be too hard with me, if some parts on the code looks like offuscated or are unreadable, and feel free to mail me with suggestions or patches at jpenalbae@gmail.com

Also mail me for any bug or compilation error, it must compile with gcc 2.95 or newer.

An excesive cpu comsuption happens on OpenBSD, due to threads design and the use of pcap_open_live() with pcap_loop(), any sugestions for fix are welcome.

Requeriments

  • libpcap
  • libnet > 1.1.2
  • Tested to work on Linux, Solaris MacOS X and OpenBSD, other unixes may work

Build

$ sh update-oui-database.sh (optional) $ ./configure $ make

make install

Usage

Screen Keys:

- k/j (or up/down arrow keys) scroll up/down
- q quit

Usage: ./netdiscover [-i device] [-r range | -p] [-s time] [-n node] [-c count] [-f] [-S]

-i device

The network device to sniff at and inject packets. If no device was
specified, first available will be used.

-r range

Scan a given range instead of auto scan. Valid range values are:
192.168.0.0/24, 192.168.0.0/16 or 192.168.0.0/8

-p

Enable passive mode do not send anything, only sniff

-s time

It will sleep given time in milliseconds between each arp request
injection. (default 1)

-c count

Number of times to send each arp reques. Usefull for networks with
packet loss, so it will scan given times for each host.

-n node

Last ip octet used for scanning as source host, you can change it
if the default host is already used (from 2 to 253) (default 66)

-S

Enable sleep time supression betwen each request. I will sleep each 255
scanned hosts instead of do it by each one, this mode was used on 0.3 beta4
and older releases. Avoid this option on networks with packet lossing,
or in wireless networks with low signal level. (also called hardcore mode)

-f

Enable fastmode scan, it will only scan for hosts .1, .100, .254 on each
network, usefull when searching for addresses being used, after find one
you can make a specific range scan to see online boxes.
Scanned hosts can be easily modified at fast_ips[] array on main.c source.

If -p or -r options are not used, netdiscover will automatically scan for common lan addresses. Those address lists can be modified at common_net[] on main.c

Examples

Scan common lan addresses on eth0

netdiscover -i eth0

Fast scan common lan addresses on eth0 (search only for gateways)

netdiscover -i eth0 -f

Scan some fixed ranges

netdiscover -i eth0 172.26.0.0/24

netdiscover -i eth0 192.168.0.0/16

netdiscover -i eth0 10.0.0.0/8

Scan common lan addresses with sleep time 0.5 instead of default 1

netdiscover -i eth0 -s 0.5

Scan fixed range on fast mode with sleep time 0.5 instead of default 1

netdiscover -i eth0 192.168.0.0/16 -f -s 0.5

Only sniff for arp traffic, dont send nothing

netdiscover -i eth0 -p

Scan for common lan addresses using old hardcore mode (much more faster, but avoid it on networks with bad link)

netdiscover -i eth0 -S

More parameter combinations are possible, these are only some examples.

Bugs & Contact

Feel free to mail me with any problem, bug, suggestions or fixes at: Jaime Penalba jpenalbae@gmail.com