Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I am learning sockets in C, but i can't find any information about getting a list of all the connected devices in my WLAN network (I am using Linux).
Can anyone provide me of information or where i can start learning?
You need to check all the associations on your Wireless Access Point(Wifi router).
Most of the Wifi routers have a web ui where all the associated devices are displayed.
If you have telnet/ssh/console access to your AP, you may try either of the following depending on your wifi hardware and driver.
Broadcomm wireless card:
iw assoclist
Atheros wireless card:
wl_atheros assoclist
You may also try iwlist(8), a linux program to get information from a wireless interface.
iwlist [interface] scan
or
iwlist [interface] ap/accesspoint/peers
Please refer to your wifi driver documentation for support details.
Look into the ARP cache. ARP stands for Address Resolution Protocol and it is how machines turn an IP address into a hardware address.
There is no truly universal way to get a list of all networked devices, but, ARP comes close.
Pinging or just opening and closing a connection to a well known port on every address on your subnet would fill out the ARP cache pretty quickly...
If you know your network IP addres I would advise you to do a broadcast ping to your network broadcast address and note the devices that answer.
For example if your network is 192.168.1.0/24 your broadcast IP address will be `192.168.1.255 and the command on linux is ping -b 192.168.1.255. You can then get the result of the command in your program and work on it to extract the ip of the other connected devices.
Disclamer : Some devices may be configured to never answer ping request, then they will be invisible with this method...
Edit : If you are using IPv6 you can have a look at the Neighbor Discovery Protocol (NDP) which kind of replace ARP.
You should consider using existing tools in a Linux env. To begin take a look here: Get all connected IP´s on the Linux machine
Do not re-invent the wheel. If you can.
man netstat
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
i am developing an MITM for windows. I am using winpcap. I did correctly the arp spoofing and the ip fordwarding to the victims of my network. The problem of winpcap is that you cant control the packets, you need sockets to do this.
With winpcap you read incoming packets, you filter them, change them and send to router ok, easy. The problem comes when you need to act as a server. For example, if we want to supplant an executable we need to serve our own exe. And we cant use sockets to serve our file to the victims because we are using winpcap, we must create all the packet and send it with pcap_sendpacket(), we must hear the victim responses, how?, the only way is waiting all incoming packets from all victims and from different protocols and to filter all searching our ACK, for all packets tcp in the download.
Is this way viable? Or shall i create a server in each sniffer port and to do this with sockets?. Mmmm ideas pls. What is better, and what would you do?
Thanks and sorry for my English :)
Regards!.
Yes, this is possible. Here are the steps that you need to take to do this successfully.
Identify an unused IP address on the subnet. If you try to use the address that is already bound you will be racing against and fighting the IP stack in the host OS. Since it knows nothing of the connections that you're managing/spoofing, it will send RST packets in reaction to almost every response packet that you receive (Note, I'm assuming that you're using TCP)
Select a MAC that you will use. You actually can use the same MAC as the host OS network stack, which will allow you to operate without actually putting the interface into promiscuous mode. The host OS will not interfere since the Layer 2 addresses will not match the host OS's knowledge of the Layer 2 address, but you will still have to supply ARP replies for your Layer 2 address when other host look for you.
Effectively, write your own IP stack. Yes, you will be responsible for calculating checksums, tracking session state and everything else.
A far easier approach that you seem to be resistant to is to use Scapy. Scapy abstracts much of this for you, allowing you to focus on the logic of what it is you're actually trying to do. For example, Scapy will take care of the checksums for you if you'd like it to.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I want to get the list of all IP addresses (i.e devices) present in a local area network. I don't want to use nmap, other networking tools. And also I don't want to ping each Ip address in a sub-net range and find live IP addresses? Is there any way by using C, C++?
No.
Of course you're going to have to use some "networking tools" in order to figure this out, how do you expect the machine on which you are to know about other machines otherwise?
One approach might be to query the DHCP server, but that won't reveal devices with static IPs, and so on.
Any reliable method wil involve communicating with the devices in question in some fashion.
There is no reliable way to determine all hosts in a LAN. There are many means of guessing your neighbors, each with its own advantages and drawbacks. But you will never be sure you get all hosts. e.g you can try to ping a broadcast, but someone could not reply to the ping. So there is no reliable way to do it. There are some ways which rely on commands in a terminal.
You can try using nmap. Although it needs to install nmap:
nmap -sP 192.168.1.*
This does a simple ping scan in the entire subnet to see which all host's are online.
Or you can also try the following steps (Does not require installing nmap):
Type “ipconfig” at command prompt. This will give you ip address of
your own machine. For example, your machine ip address is 192.168.1.6
So your broadcast IP address is 192.168.1.255.
Ping your broadcast IP address “ping 192.168.1.255” (may require -b
on linux)
Now type “arp –a” You will get the list of all IP addresses on your
segment.
You can start the arp or nmap with the appropriate arguments in your application using some toolkit.
In Qt you can use QProcess to accomplish them like:
QProcess myProcess;
QString program = "arp";
QStringList arguments;
arguments << "-a";
myProcess.start(program, arguments);
myProcess.waitForFinished();
QByteArray result = myProcess.readAllStandardOutput ();
const QString all(result);
You can use libpcap to sniff network packets in promiscuous mode on a central location and extract source IP. Challenge is identifying a central location where to put this sniffer.
I'm new to network programming in C++ and I'm writing a very simple app that is suppose to do a multicast.
From my research I see one of the first things I need to do is find out if my router supports multicast forwarding and multicast routing protocols.
My point of confusion is, I am connected to the internet via a mobile hotspot device, and I don't exactly know how to find out if it supports multicasting.
Does anyone know how I can go about finding out if I can indeed send multicasts with this type of wireless connection?
Thanks
I found that on a linux box (that supports ifconfig) you can use the ifconfig command to see if multicast is supported. eth0 for example will show Multicast along with some other information.
For windows in the command line:
netsh interface ip show joins
should tell you
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
This application sends data periodically to a server. What I need to do is setup a testing environment on the local developing machine so that I can check the correct packets are being sent in each situation. I thought a good approach would be a server VM set up on the local computer which would receive the packets and respond just like the real thing, but the problem is how do I route the packets of an application running on windows to a VM machine. I don't want to modify my application code. I just want to have windows pass on the packets it receives from the application to the VM or otherwise another application that will do the testing. Is this possible? If not, please let me know about any other solution(s) to this problem.
If you're running a decent VM you should be able to give it an IP address visible from the host, and configure it so that you can run web servers on it, ssh to it, etc.
Look at the networking features of your VM. Or find a tutorial on how to do this, such as this one for VirtualBox:
http://www.tolaris.com/2009/03/05/using-host-networking-and-nat-with-virtualbox/
Well it's some kind of a hack but you can use ARP Poisoning (man in the middle attack) to sniff packets. There is a tool named Cain & Abel which can do this for you. I've used this tool to sniff packets between two non-pc machines. Use at your own risk and if your anti-virus tool alerts, know that the tool has no virus but what it does is detected as one.
Edit: Please note that my approach doesn't require a VM server.
i have known that winpcap library enabled a person to obtain advanced information about installed devices...
given all the networking devices found in the computer, how will i know which one of this has an internet connection?!
thanks:)
You typically don't care about this. Normally you just ask the network stack to make a connection, and don't worry about details.
However, each "device" will have its own IP address. You can request the network stack to use this IP address when making a connection.
Now, to figure which devices have an intenet connection, iterate over all of them, obtain their IP address, and try to create a connection from that originating IP to a destination IP on the Internet. Typically you already know such a destination IP, e.g. your companies webserver.
GetAdaptersInfo() will give you a list of all network adapters installed in a form that you can then use in GetIfEntry(). This latter function will tell you the operational status of an adapter, so you can at least tell if the adapter is plugged into a live hub/switch/router.
If you are particularly interested in IP connectivity, you could look to see if a default gateway is configured for that interface. Don't forget you might have to support IPv6 as well as IP4 if you try this.
Correlating the network adapters found by GetAdaptersInfo() with those found by pcap_findalldevs() is left as an exercise for the reader. I don't remember the details but it was fairly obvious.