Introduction
Netdiscover는 주로 DHCP 서버가 없는 무선 네트워크용으로 개발된 활성/수동 스캔 도구이다.
이는 APR 프로토콜을 사용하여 네트워크에 연결된 장치의 IP 주소와 MAC주소를 수집할 수 있다.
네트워크 ARP 트래픽을 검사하는 데 사용할 수도 있지만, 일반 로컬 네트워크를 검색하는 자동 검색 모드를 사용하여, 네트워크 주소를 찾을 수 있다.
설치 방법
sudo apt install netdiscover
옵션
- -i : 스캔할 인터페이스 지정
sudo netdiscover -i eth0
Currently scanning: 172.26.240.0/16 | Screen View: Unique Hosts
12 Captured ARP Req/Rep packets, from 3 hosts. Total size: 720
_____________________________________________________________________________
IP At MAC Address Count Len MAC Vendor / Hostname
-----------------------------------------------------------------------------
172.30.1.254 1c:ec:72:05:9e:19 10 600 Allradio Co., Ltd
172.30.1.14 00:93:37:e9:9d:e1 1 60 Intel Corporate
172.30.1.15 08:00:27:dc:58:89 1 60 PCS Systemtechnik GmbH- -r : 지정된 IP 주소 범위 스캔
sudo netdiscover -r 172.30.1.0/24
urrently scanning: Finished! | Screen View: Unique Hosts
7 Captured ARP Req/Rep packets, from 3 hosts. Total size: 420
_____________________________________________________________________________
IP At MAC Address Count Len MAC Vendor / Hostname
-----------------------------------------------------------------------------
172.30.1.14 00:93:37:e9:9d:e1 1 60 Intel Corporate
172.30.1.15 08:00:27:dc:58:89 1 60 PCS Systemtechnik GmbH
172.30.1.254 1c:ec:72:05:9e:19 5 300 Allradio Co., Ltd- -s : 스캔을 중지할 시간 지정
sudo discover -i eth0 -r 172.30.1.0/24 -s 10
Currently scanning: Finished! | Screen View: Unique Hosts
5 Captured ARP Req/Rep packets, from 3 hosts. Total size: 300
_____________________________________________________________________________
IP At MAC Address Count Len MAC Vendor / Hostname
-----------------------------------------------------------------------------
172.30.1.14 00:93:37:e9:9d:e1 1 60 Intel Corporate
172.30.1.15 08:00:27:dc:58:89 1 60 PCS Systemtechnik GmbH
172.30.1.254 1c:ec:72:05:9e:19 3 180 Allradio Co., Ltd위 옵션들을 주로 사용하며,
이를 제외하고도 많고 다양한 옵션들을 제공한다.
netdiscovert —help 를 통해 확인이 가능하다..
root@kali:~# netdiscover --help
Netdiscover 0.10 [Active/passive ARP reconnaissance tool]
Written by: Jaime Penalba <jpenalbae@gmail.com>
Usage: netdiscover [-i device] [-r range | -l file | -p] [-m file] [-F filter] [-s time] [-c count] [-n node] [-dfPLNS]
-i device: your network device
-r range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
-l file: scan the list of ranges contained into the given file
-p passive mode: do not send anything, only sniff
-m file: scan a list of known MACs and host names
-F filter: customize pcap filter expression (default: "arp")
-s time: time to sleep between each ARP request (milliseconds)
-c count: number of times to send each ARP request (for nets with packet loss)
-n node: last source IP octet used for scanning (from 2 to 253)
-d ignore home config files for autoscan and fast mode
-f enable fastmode scan, saves a lot of time, recommended for auto
-P print results in a format suitable for parsing by another program and stop after active scan
-L similar to -P but continue listening after the active scan is completed
-N Do not print header. Only valid when -P or -L is enabled.
-S enable sleep time suppression between each request (hardcore mode)
If -r, -l or -p are not enabled, netdiscover will scan for common LAN addresses.
※ 내용이 이상하거나 문제가 있을 경우, 또는 설명에 부족한 내용이 있으시면 알려 주시면 감사합니다.
'도구|Tools' 카테고리의 다른 글
| [도구/Tools] Nikto (0) | 2023.10.04 |
|---|---|
| [도구/Tools] unix-privesc-check (0) | 2023.10.01 |
| [도구/Tools] WP-Scan (0) | 2023.10.01 |
| [도구/Tools] Nmap (0) | 2023.10.01 |
| [도구/Tools] dirbuster (0) | 2023.10.01 |