Penetration Testing mailing list archives

RE: Ping a mac address


From: "Dario Ciccarone (dciccaro)" <dciccaro () cisco com>
Date: Sun, 4 Dec 2005 14:35:05 -0500

I agree with Thor here - what are you trying to accomplish here? Why
don't just check your IP address/network mask (if you're located on the
same L2 network as your target), and then start ARPing (not 'arping',
mind you) for all the other addresses on the same range? Match source
MAC to your desired MAC, and will find out the IP address assigned to
that MAC.

Caveat: there could be more than one L3 network running on the same L2
network - and you would need to repeat the process for every L3 network
you want to find the remote IP address for.

Technical note: there *is* actually an RFC to do what you want to do -
RFC-2390, 'Inverse Address Resolution Protocol'. While it is not
dependant on the underlying L2 technology in use, AFAIK it has only been
implemented on ATM and Frame Relay networks - so, out of luck here.

Personal note: it seems you got some answers suggesting for you to get
an book on OSI and layers, and how the whole thing works. Don't take it
as an affront, but as a general suggestion that might help you down the
road. One such 'free' book that I wholeheartedly recommend is "TCP/IP
Tutorial and Technical Overview", a RedBook from IBM, which you can
download for free from
http://www.redbooks.ibm.com/abstracts/gg243376.html?Open - I keep a copy
all the time on my notebook, and has helped me to look up some concepts
while away from the office and without access to my Comer or Stevens
copy :)

Thanks,
Dario

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor () hammerofgod com] 
Sent: Sunday, December 04, 2005 4:58 AM
To: Roni Bachar; pen-test () securityfocus com
Subject: Re: Ping a mac address

I guess I didn't explain my self good.
What I want is tool that i can do:
Ping 00:0F:EA:8C:FC:5A


And in return get the ip of this mac

You might want to explain exactly what you are trying to 
accomplish in more 
detail: as in "Why?"

ARP resolution of the MAC to the actual IP will only work if 
you are on the 
same subnet as the host--otherwise you'll get the default 
gateway's MAC when 
resolving the IP address.  Given that, if the host *is* on 
the same subnet, 
and you want to reach it, it doesn't really matter what IP 
address is bound 
to the adapter-- you can just add a static ARP entry on the 
local system to 
assign the MAC to whatever "in-network" IP you want, whether 
it's the "real" 
IP or not...


t


--------------------------------------------------------------
----------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking 
applications on your 
website. Up to 75% of cyber attacks are launched on shopping 
carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and 
locked-down servers are 
futile against web application hacking. Check your website 
for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks 
before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
--------------------------------------------------------------
-----------------


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


Current thread: