Last active
July 20, 2023 19:36
-
-
Save larshb/224663d81918d0e81961643506bbd614 to your computer and use it in GitHub Desktop.
ARP-scan for Windows
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re | |
| from subprocess import CalledProcessError, check_output as echo | |
| from sys import platform | |
| from socket import gethostbyaddr | |
| # Config | |
| IGNORE_BROADCAST = True | |
| LOOKUP_HOSTNAMES = True | |
| def get_host(ip): | |
| try: | |
| return gethostbyaddr(ip)[0] | |
| except: | |
| return '(timed out)' | |
| if 'win' in platform: | |
| ARP_CM = ["arp", "-a"] | |
| ARP_IF = r"Interface: ((?:\d+.)+\d)" | |
| ARP_IP = r"((?:\d+\.){3}\d+)\s+((?:\w+-)+\w+)\s+(\w+)" | |
| TABLE_FMT = [ | |
| '+-----------------+-------------------+------------+', | |
| '| IP | MAC | Allocation |', | |
| '|-----------------|-------------------|------------|', | |
| ] | |
| network, interface = {}, None | |
| for line in echo(ARP_CM).decode().splitlines(): | |
| matches = re.search(ARP_IF, line) | |
| if matches: | |
| if interface: | |
| print(TABLE_FMT[0]) | |
| interface = matches.group(1) | |
| print(interface) | |
| print('\n'.join(TABLE_FMT)) | |
| matches = re.search(ARP_IP, line) | |
| if IGNORE_BROADCAST and '255' in line: | |
| continue | |
| if matches: | |
| ip, mac, alloc = matches.groups() | |
| print('| %15s | %17s | %10s | ' % (ip, mac, alloc), end='') | |
| hostname = get_host(ip) if LOOKUP_HOSTNAMES else '' | |
| print(hostname) | |
| entry = (hostname, ip, mac, alloc) | |
| if interface in network: | |
| network[interface] += [entry] | |
| else: | |
| network[interface] = [entry] | |
| if interface: | |
| print(TABLE_FMT[0]) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment