Made a few changes to enter nmap ports if a mac address is found.
made a change to the scan so nmap scans using the -A switch for OS detection as this returns a line
|_ NBSTAT: NetBIOS name: SERVER-NAME, NetBIOS MAC: 33:EE:CC:DD:EE:23
search for this line and then for the mac address.
seems to be working but needs more testing
audit.config change admin_nmap_input.php change nmap.vbs change
audit.config file changes
[code] nmap_ie_form_page = audit_host + "/audit/admin_nmap_input.php" changed to nmap_ie_form_page = audit_host + "/audit/admin_nmap_input_nomac.php"[/code]
admin_nmap_input.php copied to admin_nmap_input_nomac.php Org around line 20 [code] if (isset($_POST["submit"])){ $input = $_POST['add']; $input = explode("\n", $input); foreach ($input as $split) { if (substr($split, 0, 12) == "MAC Address:") { // OK - we have a hit. $mac = substr($split,13,17); echo "Mac Address: " . $mac . "<br />"; $temp = explode(")",substr($split, strpos($split, "(")+1)); $manufacturer = $temp[0]; echo "Manufacturer: " . $manufacturer . "<br />"; }[/code]
Added in ================== [code] if (substr($split, 0, 25) == "|_ NBSTAT: NetBIOS name: ") { // OK - we have a hit. $nomac=strrchr($split,", NetBIOS MAC: "); $mac=substr($nomac,15,17); }[/code] ===================
around line 20
[code]if (isset($_POST["submit"])){ $input = $_POST['add']; $input = explode("\n", $input); foreach ($input as $split) { if (substr($split, 0, 25) == "|_ NBSTAT: NetBIOS name: ") { // OK - we have a hit. $nomac=strrchr($split,", NetBIOS MAC: "); $mac=substr($nomac,15,17); } if (substr($split, 0, 12) == "MAC Address:") { // OK - we have a hit. $mac = substr($split,13,17); echo "Mac Address: " . $mac . "<br />"; $temp = explode(")",substr($split, strpos($split, "(")+1)); $manufacturer = $temp[0]; echo "Manufacturer: " . $manufacturer . "<br />"; } [/code]
Also in admin_nmap_input_namac.php
at line 255 changed [code] echo "<form action=\"admin_nmap_input.php\" method=\"post\">\n"; to echo "<form action=\"admin_nmap_input_nomac.php\" method=\"post\">\n";[/code]
changes to nmap.vbs -A added to the basic command options [code] nmap = "nmap.exe sV -n -O -v " & sTempFile & " " & nmap_subnet
changed to
nmap = "nmap.exe -A sV -n -O -v " & sTempFile & " " & nmap_subnet[/code]
[size=85]OA Server: Windows Server 2003 / WAMP Auditing: 3500+ Workstations, 200+ Servers OS's: Windows / Linux / VMWare LDAP: Active Directory[/size]
|