使用ARPing (Kali版本是Thomas)
使用ARPing
這是 用ARP 封包去偵測內網IP或Mac address
只能用於內網, 不能跨gateway
Kali版本是Thomas
有些設備是不回應Ping ICMP的封包
這就可以透過ARPing去查詢
================================
指令說明:
ARPing 2.14, by Thomas Habets <thomas@habets.se>
usage: arping [ -0aAbdDeFpPqrRuUv ] [ -w <us> ] [ -W <sec> ] [ -S <host/ip> ]
[ -T <host/ip ] [ -s <MAC> ] [ -t <MAC> ] [ -c <count> ]
[ -C <count> ] [ -i <interface> ] <host/ip/MAC | -B>
For complete usage info, use --help or check the manpage.
================================
基本指令: arping IP (可看到該IP對應的MAC adress)
root@kali-vm:~# arping 192.168.8.228
ARPING 192.168.8.228
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=0 time=10.486 msec
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=1 time=8.891 msec
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=2 time=7.246 msec
================================
基本指令: arping -c 1 IP
(可看到該IP對應的MAC adress, 也只跑一個封包就好)
root@kali-vm:~# arping -c 1 192.168.8.228
ARPING 192.168.8.228
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=0 time=5.658 msec
--- 192.168.8.228 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
rtt min/avg/max/std-dev = 5.658/5.658/5.658/-nan ms
================================
基本指令: arping -c 1 -T IP MACaddress
(從IP去確定對應的MAC adress, 只跑一個封包)
root@kali-vm:~# arping -c 1 -T 192.168.8.228 00:1b:24:5f:f8:76
ARPING 00:1b:24:5f:f8:76
60 bytes from 192.168.8.228 (00:1b:24:5f:f8:76): icmp_seq=0 time=12.343 msec
--- 00:1b:24:5f:f8:76 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
rtt min/avg/max/std-dev = 12.343/12.343/12.343/-nan ms
================================
基本指令: arping -c 1 -t MACaddress IP
(從MAC adress去確定對應的IP, 只跑一個封包)
root@kali-vm:~# arping -c 1 -t 00:1b:24:5f:f8:76 192.168.8.228
ARPING 192.168.8.228
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=0 time=4.542 msec
--- 192.168.8.228 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
rtt min/avg/max/std-dev = 4.542/4.542/4.542/-nan ms
================================
基本指令: arping -c 1 -d IP
(查看 IP 在內網 是否被使用)
================================
叁考:
1. http://lixcto.blog.51cto.com/4834175/1571838
2. http://wenson.iteye.com/blog/801379
這是 用ARP 封包去偵測內網IP或Mac address
只能用於內網, 不能跨gateway
Kali版本是Thomas
有些設備是不回應Ping ICMP的封包
這就可以透過ARPing去查詢
================================
指令說明:
ARPing 2.14, by Thomas Habets <thomas@habets.se>
usage: arping [ -0aAbdDeFpPqrRuUv ] [ -w <us> ] [ -W <sec> ] [ -S <host/ip> ]
[ -T <host/ip ] [ -s <MAC> ] [ -t <MAC> ] [ -c <count> ]
[ -C <count> ] [ -i <interface> ] <host/ip/MAC | -B>
For complete usage info, use --help or check the manpage.
================================
基本指令: arping IP (可看到該IP對應的MAC adress)
root@kali-vm:~# arping 192.168.8.228
ARPING 192.168.8.228
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=0 time=10.486 msec
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=1 time=8.891 msec
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=2 time=7.246 msec
================================
基本指令: arping -c 1 IP
(可看到該IP對應的MAC adress, 也只跑一個封包就好)
root@kali-vm:~# arping -c 1 192.168.8.228
ARPING 192.168.8.228
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=0 time=5.658 msec
--- 192.168.8.228 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
rtt min/avg/max/std-dev = 5.658/5.658/5.658/-nan ms
================================
基本指令: arping -c 1 -T IP MACaddress
(從IP去確定對應的MAC adress, 只跑一個封包)
root@kali-vm:~# arping -c 1 -T 192.168.8.228 00:1b:24:5f:f8:76
ARPING 00:1b:24:5f:f8:76
60 bytes from 192.168.8.228 (00:1b:24:5f:f8:76): icmp_seq=0 time=12.343 msec
--- 00:1b:24:5f:f8:76 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
rtt min/avg/max/std-dev = 12.343/12.343/12.343/-nan ms
================================
基本指令: arping -c 1 -t MACaddress IP
(從MAC adress去確定對應的IP, 只跑一個封包)
root@kali-vm:~# arping -c 1 -t 00:1b:24:5f:f8:76 192.168.8.228
ARPING 192.168.8.228
60 bytes from 00:1b:24:5f:f8:76 (192.168.8.228): index=0 time=4.542 msec
--- 192.168.8.228 statistics ---
1 packets transmitted, 1 packets received, 0% unanswered (0 extra)
rtt min/avg/max/std-dev = 4.542/4.542/4.542/-nan ms
================================
基本指令: arping -c 1 -d IP
(查看 IP 在內網 是否被使用)
================================
叁考:
1. http://lixcto.blog.51cto.com/4834175/1571838
2. http://wenson.iteye.com/blog/801379
留言
張貼留言