I want to build a .sh script for a tomatousb router that would be launched once a minute and send requests to telegrambot api once the certain mac address is added or removed from the router's arp table.
I want to store the last state (if the mac address was found) in the env variable, but I have no clue how to check for the address.
I would normally do
if [(arp -a | grep aabbccdd)!=null] then
/usr/bin/wget https://api.telegram.org/... --no-check-certificate
but that doesn't seem to work..
arp -a | egrep -o '(\w{1,2}:){5}\w{1,2}' will return all the available MAC addresses.
Related
I have written a bash script which starts a tcpip port and connects my device to my laptop for wireless debugging. This is the script at /bin/device_added.sh:
#!/bin/bash
adb shell ip -f inet addr show 2> /tmp/scripts.log
ip=$(adb shell ip -f inet addr show | egrep -o '192.*/' | sed 's/.$//')
adb tcpip 5555
adb connect $ip:5555
echo "USB device added at $(date)" >>/tmp/scripts.log
After configuring permissions with chmod, this works flawlessly on its own. But I want this script to be triggered whenever I plug in usb. I followed this answer to try to make this work. I created a 80-test.rules file at /etc/udev/rules.d and added this:
SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", RUN+="/bin/device_added.sh"
and reloaded the rules file using: sudo udevadm control --reload
Whenever I plug in usb, the script gets run(the date gets logged in scripts.log) but my device doesn't get connected. What am I doing wrong? Why does the script work properly when I run it manually but not when it is triggered through udev?
Edit: On basis of #markp-fuso's and #Charles Duffy's comment, I tried logging the error to /tmp/scripts.log file. Turns out I am getting this error:
line 3: adb: command not found
Now the strange part is, I got this error earlier but I solved it by placing the shell command before the tcpip command(atleast that worked when I ran the script directly). How am I supposed to deal with this error now?
Update:
As #markp-fuso pointed out, the problem was that environment variables weren't accessible to that script. Hence I created a the adb's location as a variable in the script and then made that used that variable as throught. My script now:
#!/bin/bash
adb=/home/pranil/Android/Sdk/platform-tools/adb
$adb shell ip -f inet addr show 2> /tmp/scripts.log
ip=$($adb shell ip -f inet addr show | egrep -o '192.*/' | sed 's/.$//')
$adb tcpip 5555
$adb connect $ip:5555
echo "USB device added at $(date)" >>/tmp/scripts.log
This solved the error I was getting in logs but still the adb doesn't get connected at the required port. I have no idea where I am going wrong now. One more thing, after my script runs, the offline emulator is no longer shown as an output of abd devices command.
I am trying to make a program that automatically lists all of the connections to my computer from outside of the router. The end goal of this script is that I would like to be able to have a clean list of the external IP addresses of every server/website I am connecting to. I am also trying to use this as a way to learn more about how networks, websites, and servers work so I am sorry for any mistakes I make with terminology and general knowledge!
My tcpdump bash script:
while :
do
# get myip and assign it to a variable
myip="$(ifconfig wlp2s0 | grep -E -o -m 1 "inet................" | grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)")"
# tcpdump on my ip for all packets going to or from my ip address. the ipaddress of the packets is placed in IP Address.txt
sudo tcpdump -c 1 -nn host "$myip" | grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" >> IPaddress.txt
done
I thought that tcpdump would be the tool for this however I confess that I do not know how tcpdump works. This script is a bash file that I am running through ubuntu. How would I use tcpdump to collect the IP address of every website that I am connecting to? I read the tcpdump documentation and believe it can help me achieve my goal however if there are better tools out there I would love to hear it! Currently, this code only displays internal IP addresses. ;(
I'd lean more towards using ss or netstat.
ss --all --ipv4
Would show all IPv4 connections.
The same works for IPv6 of course; and you could add one of many arguments to get more detailed information if you want, such as --processes, --extended, or --info.
There's also a few more arguments to control the output format, making it more suitable for parsing:
ss --all --ipv4 --processes --no-header --oneline
Suggest to follow ss command .
Learn about ss command here.
I made some research and can't find a solution, I'm starting to think this is not possible.
I'm running arp -a in my terminal and I'd like to get the hostnames of the LAN devices.
host x.x.x.x returns:
Host x.x.x.x.in-addr.arpa. not found: 3(NXDOMAIN)
nslookup x.x.x.x returns:
** server can't find x.x.x.x.in-addr.arpa: NXDOMAIN
Is there a way to do this?
arp -a does the reverse DNS by default on linux machines. On macOS I guess you will have to run nslookup on each entry returned by arp -a table.
I found a way thanks to #gordon-davisson who set me on the right path.
First I get the gateway IP with: route get default | grep gateway
Then for every LAN device I run: host LAN_IP Gateway_IP
This returns:
Using domain server:
Name: 192.168.x.x
Address: 192.168.x.x#x
Aliases:
x.x.168.192.in-addr.arpa domain name pointer LAN-host-name.
I parse the response to get the name displayed at the end.
Side note: it still doesn't display the LAN host-names with arp -a after that.
I'm trying to turn the instructions on this page about connecting to a Soft Ether VPN on OS X into a bash script, but I'm running into some issues.
When I run each of these commands individually at the command line, I'm able to initiate the connection to the VPN just fine and set up the routing appropriately, but when I put it into a script, it doesn't work.
Here is the script in question:
#!/bin/bash
GATEWAY=`route -n get default | grep gateway | awk '{print $2}'`
VPN_IP=130.158.6.123/32
VPN_GATEWAY=192.168.0.1
vpnclient start
vpncmd localhost /CLIENT /CMD AccountConnect HomeVPN;
ipconfig set tap0 DHCP;
ifconfig tap0 down; ifconfig tap0 up
echo "waiting for dhcp to get us an address..."
sleep 15
route delete default;
route -n add $VPN_IP $GATEWAY;
route add default $VPN_GATEWAY;
Upon testing, I have confirmed that GATEWAY gets the correct value and all the other variables are set correctly. The script seems to do everything correctly up until the part where it starts changing the routes. At first I thought it was because the interface hadn't had enough time to get an IP address, so I put a pretty long wait time in to make sure it had an IP before it started trying to change routes.
Any thoughts as to why this doesn't work when put into script form?
Just a guess: sudo doesn't work well in shell scripts as it's an interactive tool and need to prompt for a password. You might consider removing the sudo commands and running the entire script using sudo.
Is there a way a send custom (and event undemanded) arp responses via shell (e.g. by hand or by a shell script) on MacOS X or any other UNIX?
In addition, is there a way of making the software ask for the MAC representation for all IPs in the current subnet without sending pings the anyone?
Yes there is. This kind of activity is used in ARP Spoofing and ARP Poisoning attacks and is preformed for ex. by arpspoof. If You want to discover host's MAC, when You know its IP and it is located in Yours broadcast domain (LAN), use arping. ARP is layer 2 protocol, so it's packets are not forwarded by routers but it's much more reliable then ICMP echo (ping).
Some tools:
arp - standard program (win/unix)
used to list host's IP-MAC address
association cache, which contains
already learnt IPs
arping - unix program which sends ARP
Request for a given IP and displays
MAC contained in received ARP Response
arpspoof - a program from dsniff package generating bogus ARP Responses
A packet generator might do the trick. The wikipedia page links to some implementations but I don't know if they work on OSX.
There are also arp-scan using libpcap; and arpdropper using libnet.
To passively (or actively) sniff your network for ARP packets and display the IP and MAC address of the machine that generated the packet you may use a Mac OS X application called ArpSpyX.
# arpdropper requires http://sourceforge.net/projects/libnet-dev/ to compile
# (libnet & arpdropper successfully compiled on Mac OS X 10.6.8)
curl -LO http://thebends.googlecode.com/svn/trunk/misc/arpdropper.c
gcc -Wall -Wextra -lnet -o arpdropper arpdropper.c
./arpdropper
# Usage: ./arpdropper -i <device> -s <source ip> -d <dest ip>
# For arp replies:
# ./arpdropper -r -i <device> -s <source ip> -m <source mac> -d <dest ip>
# using nmap
# get a pre-compiled Mac OS X version of nmap at:
# http://nmap.org/download.html#macosx or
# http://www.berndsworld.com/downloads/
nmap -PR -oN nmap-arpscan.txt 192.168.0.0/16