SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

Welcome to Netdiscover 0.3 beta. Netdiscover is a network address discovering tool, developed mainly for those wireless networks without dhcp server, it also works on hub/switched networks. Its based on arp packets, it will send arp requests and sniff for replys.

Its my first public C tool, so dont be too hard with me, if some parts on the code looks like offuscated or are unreadable, and feel free to mail me with suggestions or patches at <jpenalbae@gmail.com>

Also mail me for any bug or compilation error, it must compile with gcc 2.95 or newer.

An excesive cpu comsuption happens on OpenBSD, due to threads design and the use of pcap_open_live() with pcap_loop(), any sugestions for fix are welcome.

Requeriments

  • libpcap
  • libnet > 1.1.2
  • Tested to work on Linux, Solaris MacOS X and OpenBSD, other unixes may work

Build

$ ./configure
$ make
# make install

Usage

Screen Keys:

  • k/j (or up/down arrow keys) scroll up/down
  • q quit

Usage: ./netdiscover [-i device] [-r range | -p] [-s time] [-n node] [-c count] [-f] [-S]

-i device
The network device to sniff at and inject packets. If no device was specified, first available will be used.

-r range
Scan a given range instead of auto scan. Valid range values are: 192.168.0.0/24, 192.168.0.0/16 or 192.168.0.0/8

-p
Enable passive mode do not send anything, only sniff

-s time
It will sleep given time in milliseconds between each arp request injection. (default 1)

-c count
Number of times to send each arp reques. Usefull for networks with packet loss, so it will scan given times for each host.

-n node
Last ip octet used for scanning as source host, you can change it if the default host is already used (from 2 to 253) (default 66)

-S
Enable sleep time supression betwen each request. I will sleep each 255 scanned hosts instead of do it by each one, this mode was used on 0.3 beta4 and older releases. Avoid this option on networks with packet lossing, or in wireless networks with low signal level. (also called hardcore mode)

-f
Enable fastmode scan, it will only scan for hosts .1, .100, .254 on each network, usefull when searching for addresses being used, after find one you can make a specific range scan to see online boxes. Scanned hosts can be easily modified at fast_ips[] array on main.c source.

If -p or -r options are not used, netdiscover will automatically scan for common lan addresses. Those address lists can be modified at common_net[] on main.c

Examples

Scan common lan addresses on eth0
# netdiscover -i eth0

Fast scan common lan addresses on eth0 (search only for gateways) # netdiscover -i eth0 -f

Scan some fixed ranges
# netdiscover -i eth0 172.26.0.0/24
# netdiscover -i eth0 192.168.0.0/16
# netdiscover -i eth0 10.0.0.0/8

Scan common lan addresses with sleep time 0.5 instead of default 1 # netdiscover -i eth0 -s 0.5

Scan fixed range on fast mode with sleep time 0.5 instead of default 1 # netdiscover -i eth0 192.168.0.0/16 -f -s 0.5

Only sniff for arp traffic, dont send nothing # netdiscover -i eth0 -p

Scan for common lan addresses using old hardcore mode (much more faster, but avoid it on networks with bad link)
# netdiscover -i eth0 -S

More parameter combinations are possible, these are only some examples.

Bugs & Contact

Feel free to mail me with any problem, bug, suggestions or fixes at: Jaime Penalba <jpenalbae@gmail.com>


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.