Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: How to find MAC address
From: Fyodor <fyodor () insecure org>
Date: Fri, 31 Mar 2006 03:34:13 -0800

On Fri, Mar 31, 2006 at 12:20:43PM +0100, Martin O'Neal wrote:

Nmap may not gather MAC addresses using alternative mechanisms at the
moment, but there is no reason that it can't.  It already interacts with
higher protocols, like RPC and NetBIOS name service, from which it
already gathers the hostname.  The mac address is available via the same
interface.

I don't know the MSRPC protocols very well, but if the MAC address is
available from the response Nmap already receives (and Nmap simply
isn't grabbing it), or if changing the data will get us the same info
we already do, plus the MAC address, I'd certainly welcome an
nmap-service-probes patch to remidy that deficiency.  Then something
good can come out of this pissing match after all :).  Nmap does
collect and report the MAC address in certain other version detection
cases (such as routers which print it in their telnet banner)

Cheers,
-F

PS: I finished documenting the upcoming 2nd generation OS detection
    system.  I'll send it out for comments once I return from
    CanSecWest (where I'm spending next week).  The April 4 (Tuesday)
    day-long class filled up quickly, but we added a new class on
    April 3 (this coming Monday) and still have some slots (
    http://cansecwest.com/dojorecon.html ).  We also have a half-day
    course on Wednesday.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]