RE: [Plugins-writers] MAC Address

From: Martin O'Neal (martin.oneal@private)
Date: Tue Aug 23 2005 - 09:51:48 PDT


> El mar, 23-08-2005 a las 08:36 +0100, Martin O'Neal escribió:
> > > Is there any way to get the MAC address of the remote target host
> > 
> > Without diving into too much detail; you should always be able to get it
> > from a local host using the packet capture interface and for a remote
> > host,
> 
> Sorry but, how can I do this from a NASL script?

The best way to learn is from example; take a look through the existing scripts (grep for an example using send_packet()) and then cannibalise it. The interface is pcap (more or less). All you need to do is extract the ieee address from the headers.

> >  you may be able to obtain it from higher level protocols that
> > encapsulate or reference it. An example of which is the Netbios name
> > service.
> > 
> 
> I can not use it because this only works with MS Windows operating
> systems. The CIFS implementation for Unix (SAMBA) always answers with a
> null MAC Address.

Then you need an alternative mechanism. ;) Enumerate the available services, then check the specs to see if any leak the mac address in the high level protocols. 

Martin...
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers



This archive was generated by hypermail 2.1.3 : Tue Aug 23 2005 - 09:52:28 PDT