Pages: 1 [2]

Author Topic: Discover all IP addresses in a Local network.  (Read 4610 times)

0 Members and 1 Guest are viewing this topic.

Offline m0rph

  • The People's Champ
  • VIP
  • Peasant
  • *
  • Posts: 50
  • Cookies: 44
  • Master Debator
    • View Profile
    • unkn0wn
Re: Discover all IP addresses in a Local network.
« Reply #15 on: January 10, 2016, 06:29:37 pm »
Jesus Christ...you don't necessarily need tools to do this...if you want to discover all ICMP Echo request enabled devices on your subnet you can simply use native system commands.
Code: [Select]
for /L %i in (1,1,254) do @ping -n 1 -w 1 X.X.X.%i | find "from"
Alternatively on linux:
Code: [Select]
for i in `seq 1 254`; do ping -c 1 -W 1 X.X.X.$i | grep 'from'; done
Granted, you will not be able to discover devices that have ICMP Echo requests disabled and you will limit your ping sweeps to one particular subnet, but I digress. Learn to use your damn system before you start looking for tools.
« Last Edit: January 10, 2016, 06:29:54 pm by m0rph »
Report to moderator   Logged
The code is strong with this one.

Offline Matabufalez

  • NULL
  • Posts: 3
  • Cookies: -3
    • View Profile
Re: Discover all IP addresses in a Local network.
« Reply #16 on: January 14, 2016, 01:37:29 pm »
Nmap is your friend.
Report to moderator   Logged

Offline sdksdk

  • /dev/null
  • *
  • Posts: 8
  • Cookies: -3
  • nobody.
    • View Profile
Re: Discover all IP addresses in a Local network.
« Reply #17 on: January 16, 2016, 09:09:04 pm »
You can use wireshark ( for more detailed ) or nmap.
Best tools for the job ;).
Report to moderator   Logged

Offline neom

  • NULL
  • Posts: 4
  • Cookies: 0
    • View Profile
Re: Discover all IP addresses in a Local network.
« Reply #18 on: January 19, 2016, 01:13:47 pm »
Check which IP address your host gets when you plug it in the network. For example, if it is something like 192.168.xxx.xxx, you can use Nmap or any other tools stated above to look after live hosts or at least hosts that respond to ICMP. By doing that you should discovery every responsive IP address in the range of 192.168.

If you are in a at least a decent corporate network you shouldn't be able to connect to others subnets from a regular workstation and by that I mean you won't reach different networks like 10.xxx.xxx.xxx or something like that.

A quick Google search returns the following command to use in a CMD on Windows systems:

FOR /L %i IN (1,1,254) DO ping -a -n 1 192.168.10.%i | FIND /i "Reply">>c:\ipaddresses.txt

This will try to ping all addresses contained in 192.168.10.1-254, resolve their names and write it down on a .txt file at "c:". "%i" is the variable
Report to moderator   Logged

Offline blindfuzzy

  • VIP
  • Peasant
  • *
  • Posts: 86
  • Cookies: 34
    • View Profile
Re: Discover all IP addresses in a Local network.
« Reply #19 on: January 19, 2016, 01:45:51 pm »
Quote from: m0rph on January 10, 2016, 06:29:37 pm
Jesus Christ...you don't necessarily need tools to do this...if you want to discover all ICMP Echo request enabled devices on your subnet you can simply use native system commands.
Code: [Select]
for /L %i in (1,1,254) do @ping -n 1 -w 1 X.X.X.%i | find "from"
Alternatively on linux:
Code: [Select]
for i in `seq 1 254`; do ping -c 1 -W 1 X.X.X.$i | grep 'from'; done
Granted, you will not be able to discover devices that have ICMP Echo requests disabled and you will limit your ping sweeps to one particular subnet, but I digress. Learn to use your damn system before you start looking for tools.

Agreed and when you're done relying solely on tools(they are easier after all) OP...turn the above into a bash script and tweak it to better fit your needs. 

More info on how an attacker can use ICMP for recon: https://www.sans.org/security-resources/idfaq/icmp_misuse.php

Quote from: Matabufalez on January 14, 2016, 01:37:29 pm
Nmap is your friend.
Not always. Tools like this are loud. (It is a good tool though btw...if used effectively)
« Last Edit: January 19, 2016, 01:55:29 pm by blindfuzzy »
Report to moderator   Logged
Pages: 1 [2]