Simple Network Scanner -- Print hosts connected to the network
The scanner uses libnet to send ARP requests for every possible host on the network, while listening for ARP replies with libpcap; we understand that those host for which the scanner receives an ARP reply is connected to the network.
- libnet code can be found on scan.c
- libpcap code can be found on cap.c
Once we have the MAC address of the host which replied our ARP request, the scanner parses a csv file from the IEEE webpage(see Makefile), and gets the manufacturer/vendor for the specific network hardware it observes from the MAC.
NOTE: Root permissions are needed in order to use the scanner
Primarily, you will need to install wget to download the csv and both libnet and libpcap to compile the scanner.
- Debian based:
sudo apt-get install wget sudo apt-get install libnet-dev sudo apt-get install libpcap-dev - Fedora:
sudo yum install wget sudo yum install libnet-devel sudo yum install libpcap-devel - Arch Linux:
sudo pacman -S wget sudo pacman -S libnet sudo pacman -S libpcap NOTE: You can install snetscan directly via AUR:
yaourt -S snetscan-git Compile the project on Linux with make. You need to tell the scanner the interface/device to use in the scan. You can check possible interfaces/devices by running the scanner with no arguments:
[github@drnoob snetscan]$ ./snetscan WARNING: DEVICE option is mandatory Available devices are: * enp3s0 * lo Usage: ./snetscan --dev DEVICE [--help] Options: --dev Set network interface --help Print this help and exit Then, specify the interface with --dev
[github@drnoob snetscan]$ sudo ./snetscan --dev enp3s0 Using interface: 'enp3s0' Scanning from 192.168.1.1 to 192.168.1.254 Waiting for requests... IP Addess MAC Address 192.168.1.1 24:76:7D:XX:XX:XX (Cisco SPVTG) 192.168.1.10 30:B5:C2:XX:XX:XX (TP-LINK TECHNOLOGIES CO.,LTD.) 192.168.1.49 04:D6:AA:XX:XX:XX (SAMSUNG ELECTRO-MECHANICS(THAILAND)) 192.168.1.100 F8:32:E4:XX:XX:XX (ASUSTek COMPUTER INC.) 192.168.1.101 90:B1:1C:XX:XX:XX (Dell Inc.)