#!/bin/bash
if [ "$#" -ne 2 ]; then
echo "[!] Usage: arping.sh <network> <mask>"
echo " Example: arping.sh 192.168.1.0 255.255.255.0"
exit
fi
# Check if interface exists
ifconfig $IFACE >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "[!] Interface does not exists!"
echo " Use ifconfig to check applicable interfaces"
exit
fi
# Check if IP
DOTS=$(echo $1 | grep -o "\." | wc -l)
if [ $DOTS -ne 3 ]; then
echo "[!] Not a valid IP Address!"
exit
fi
# Check if Mask
DOTS=$(echo $2 | grep -o "\." | wc -l)
if [ $DOTS -ne 3 ]; then
echo "[!] Not a valid Mask!"
exit
fi
# Check if IP is in range
OCTA=`echo $1 | cut -d"." -f1`
if [ $OCTA -lt 0 ] || [ $OCTA -gt 255 ]; then
echo "[!] Not a valid IP address!"
exit
fi
OCTB=`echo $1 | cut -d"." -f2`
if [ $OCTB -lt 0 ] || [ $OCTB -gt 255 ]; then
echo "[!] Not a valid IP address!"
exit
fi
OCTC=`echo $1 | cut -d"." -f3`
if [ $OCTC -lt 0 ] || [ $OCTC -gt 255 ]; then
echo "[!] Not a valid IP address!"
exit
fi
OCTD=`echo $1 | cut -d"." -f4 | cut -d"/" -f1`
if [ $OCTD -lt 0 ] || [ $OCTD -gt 255 ]; then
echo "[!] Not a valid IP address!"
exit
fi
# Check if IP is in range
MASKA=`echo $2 | cut -d"." -f1`
if [ $MASKA -lt 0 ] || [ $MASKA -gt 255 ]; then
echo "[!] Not a valid subnet mask!"
exit
fi
MASKB=`echo $2 | cut -d"." -f2`
if [ $MASKB -lt 0 ] || [ $MASKB -gt 255 ]; then
echo "[!] Not a valid subnet mask!"
exit
fi
MASKC=`echo $2 | cut -d"." -f3`
if [ $MASKC -lt 0 ] || [ $MASKC -gt 255 ]; then
echo "[!] Not a valid subnet mask!"
exit
fi
MASKD=`echo $2 | cut -d"." -f4 | cut -d"/" -f1`
if [ $MASKD -lt 0 ] || [ $MASKD -gt 255 ]; then
echo "[!] Not a valid subnet mask!"
exit
fi
# Check for continguous ones in mask
if [ $MASKA -lt $MASKB ] || [ $MASKB -lt $MASKC ] || [ $MASKC -lt $MASKD ]; then
echo "[!] Mask must be contiguous binary ones"
echo " Example: 255.255.255.128"
exit
fi
# Set Floors and Ceilings of IP ranges
if [ $MASKA -ne 255 ]; then
FLOORA=$(($OCTA & $MASKA))
CEILINGA=$(($FLOORA + 255 - $MASKA))
else
FLOORA=$OCTA
CEILINGA=$OCTA
fi
if [ $MASKB -ne 255 ]; then
FLOORB=$(($OCTB & $MASKB))
CEILINGB=$(($FLOORB + 255 - $MASKB))
else
FLOORB=$OCTB
CEILINGB=$OCTB
fi
if [ $MASKC -ne 255 ]; then
FLOORC=$(($OCTC & $MASKC))
CEILINGC=$(($FLOORC + 255 - $MASKC))
else
FLOORC=$OCTC
CEILINGC=$OCTC
fi
if [ $MASKD -ne 255 ]; then
FLOORD=$(($OCTD & $MASKD))
CEILINGD=$(($FLOORD + 255 - $MASKD))
else
FLOORD=$OCTD
CEILINGD=$OCTD
fi
echo "========================================================================="
echo "ARPing the range..."
echo "$FLOORA.$FLOORB.$FLOORC.$FLOORD - $CEILINGA.$CEILINGB.$CEILINGC.$CEILINGD"
echo "========================================================================="
for a in `seq $FLOORA $CEILINGA`; do
for b in `seq $FLOORB $CEILINGB`; do
for c in `seq $FLOORC $CEILINGC`; do
for d in `seq $FLOORD $CEILINGD`; do
arp $a.$b.$c.$d | grep ethernet | tr -d "()" | \
awk -F" " '{print $2":\t"$1}'
done
done
done
done
echo "========================================================================="
You can write it to a file as-is or, for a "file-less malware" approach, just modify the nested for loop by replacing the variables with your "floors and ceilings" of the infected host's subnet, copy, and paste into terminal (don't forget to clear your bash_history...).
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.