kwmiebach · September 28, 2023 08:22
diff --git a/smnetscanner.sh b/smnetscanner.sh
 #!/bin/bash
 # (c) CompuMatter, LLC, ServerMatter
 # no warranty expressed or implied - use as is.
 # See https://www.youtube.com/watch?v=4hjskxkapYo

 # versioned here: https://gist.github.com/kwmiebach/6565ad1b43f3c781b23fce6ba80f59ea
 # history of the gist:
 # 2023-09-28 downloaded from https://cloud.compumatter.biz/s/fxfYM9SkamBtGqG - unchanged

 # purpose of this script:
 # Can't use angryipscanner from a command line and haven't been able to find anything else that gives you what you're looking for?   
 # This nmap based bash script might just be what you're looking for. 

 if ! which nmap >/dev/null; then
    echo "nmap is not installed - this script requires it"
    echo "It can be installed with - apt install nmap"
    return;
 fi
 # Check if the script is being run as root (EUID = 0)
 if [ "$EUID" -ne 0 ]; then
    echo "This script must be run as root user or with sudo"
    return;
 fi
 lease_file_location="/var/lib/dhcp/dhcpd.leases"

 # will return br0, eth0, eno1 or whatever the default Interface is
 default_interface=$(ip route | awk '/default/ {print $5}')
 ip_and_cidr=$(ip -o -f inet addr show $default_interface | awk '{print $4}')
 ip_range=$(echo $ip_and_cidr | sed 's/\.[0-9]*\//.0\//')

 echo -e "\nRunning nmap -sn $ip_range to get a list of all IP addresses\n"
 readarray -t ips < <(nmap -sn $ip_range | awk '/Nmap scan report/{gsub(/[()]/,""); print $NF}' | sort -t . -n -k 1,1 -k 2,2 -k 3,3 -k 4,4)

 # Set column widths
 col1=14
 col2=17
 col3=17
 col4=15
 col5=30

 echo -e "Checking each IP address for Hostname, MAC, Workgroup or Domain, Manufacturer info\n"

 # Format the output
 printf "%-${col1}s | %-${col2}s | %-${col3}s | %-${col4}s | %-${col5}s \n" "IP" "MAC" "HOSTNAME" "WG-DOMAIN" "MANUFACTURER"
 printf "%-${col1}s | %-${col2}s | %-${col3}s | %-${col4}s | %-${col5}s \n" "$(printf '%.s-' {1..13})" "$(printf '%.s-' {1..17})" "$(printf '%.s-' {1..17})" "$(printf '%.s-' {1..15})" "$(printf '%.s-' {1..30})"

 for IP in "${ips[@]}"
 do
  # Run the nmap command for the current IP
  OUTPUT="$(nmap --script nbstat.nse -p 137,139 $IP)"
  # Extract the necessary information
  MAC=$(echo "$OUTPUT" | grep 'MAC Address' | awk '{print $3}')
  HOSTNAME=$(echo "$OUTPUT" | grep '<20>.*<unique>.*<active>' | awk -F'[|<]' '{print $2}' | tr -d '_' | xargs)
  WG_DOMAIN=$(echo "$OUTPUT" | grep -v '<permanent>' | grep '<00>.*<group>.*<active>' | awk -F'[|<]' '{print $2}' | tr -d '_' | xargs)
  MANUFACTURER=$(echo "$OUTPUT" | grep 'MAC Address' | awk -F'(' '{print $2}' | cut -d ')' -f1)

  # if a dhcp server leases file exists on this machine, we will query it for a hostname if not already returned by nmap
  if [ -f "$lease_file_location" ]; then
    # If HOSTNAME is empty, fetch from dhcpd.leases
    if [ -z "$HOSTNAME" ]; then
      HOSTNAME=$(awk -v ip="$IP" '$1 == "lease" && $2 == ip {f=1} f && /client-hostname/ {print substr($2, 2, length($2) - 3); exit}' "$lease_file_location" | cut -c 1-15)

      # Append an asterisk (*) if HOSTNAME has a value
      if [ -n "$HOSTNAME" ]; then
        HOSTNAME="$HOSTNAME *"
      fi
    fi
  fi

  # Print a row of data for the current IP
  printf "%-${col1}s | %-${col2}s | %-${col3}s | %-${col4}s | %-${col5}s \n" "$IP" "$MAC" "$HOSTNAME" "$WG_DOMAIN" "$MANUFACTURER"
 done

 if [ -f "$lease_file_location" ]; then
  echo -e "\n* to the right of hostname indicates the hostname could not be acquired from nmap so was pulled from $lease_file_location\n"
 fi

 # we are grateful if you would leave our short tagline attached
 echo -e "This network scanner script is provided free of charge by ServerMatter\n"
 # Disclaimer: This script is provided as-is with no warranty and no responsibility.
 # The author and contributors shall not be liable for any direct, indirect, incidental,
 # special, exemplary, or consequential damages arising from the use of this script.
	#!/bin/bash
	# (c) CompuMatter, LLC, ServerMatter
	# no warranty expressed or implied - use as is.
	# See https://www.youtube.com/watch?v=4hjskxkapYo

	# versioned here: https://gist.github.com/kwmiebach/6565ad1b43f3c781b23fce6ba80f59ea
	# history of the gist:
	# 2023-09-28 downloaded from https://cloud.compumatter.biz/s/fxfYM9SkamBtGqG - unchanged

	# purpose of this script:
	# Can't use angryipscanner from a command line and haven't been able to find anything else that gives you what you're looking for?
	# This nmap based bash script might just be what you're looking for.

	if ! which nmap >/dev/null; then
	echo "nmap is not installed - this script requires it"
	echo "It can be installed with - apt install nmap"
	return;
	fi
	# Check if the script is being run as root (EUID = 0)
	if [ "$EUID" -ne 0 ]; then
	echo "This script must be run as root user or with sudo"
	return;
	fi
	lease_file_location="/var/lib/dhcp/dhcpd.leases"

	# will return br0, eth0, eno1 or whatever the default Interface is
	default_interface=$(ip route \| awk '/default/ {print $5}')
	ip_and_cidr=$(ip -o -f inet addr show $default_interface \| awk '{print $4}')
	ip_range=$(echo $ip_and_cidr \| sed 's/\.[0-9]*\//.0\//')

	echo -e "\nRunning nmap -sn $ip_range to get a list of all IP addresses\n"
	readarray -t ips < <(nmap -sn $ip_range \| awk '/Nmap scan report/{gsub(/[()]/,""); print $NF}' \| sort -t . -n -k 1,1 -k 2,2 -k 3,3 -k 4,4)

	# Set column widths
	col1=14
	col2=17
	col3=17
	col4=15
	col5=30

	echo -e "Checking each IP address for Hostname, MAC, Workgroup or Domain, Manufacturer info\n"

	# Format the output
	printf "%-${col1}s \| %-${col2}s \| %-${col3}s \| %-${col4}s \| %-${col5}s \n" "IP" "MAC" "HOSTNAME" "WG-DOMAIN" "MANUFACTURER"
	printf "%-${col1}s \| %-${col2}s \| %-${col3}s \| %-${col4}s \| %-${col5}s \n" "$(printf '%.s-' {1..13})" "$(printf '%.s-' {1..17})" "$(printf '%.s-' {1..17})" "$(printf '%.s-' {1..15})" "$(printf '%.s-' {1..30})"

	for IP in "${ips[@]}"
	do
	# Run the nmap command for the current IP
	OUTPUT="$(nmap --script nbstat.nse -p 137,139 $IP)"
	# Extract the necessary information
	MAC=$(echo "$OUTPUT" \| grep 'MAC Address' \| awk '{print $3}')
	HOSTNAME=$(echo "$OUTPUT" \| grep '<20>.<unique>.<active>' \| awk -F'[\|<]' '{print $2}' \| tr -d '_' \| xargs)
	WG_DOMAIN=$(echo "$OUTPUT" \| grep -v '<permanent>' \| grep '<00>.<group>.<active>' \| awk -F'[\|<]' '{print $2}' \| tr -d '_' \| xargs)
	MANUFACTURER=$(echo "$OUTPUT" \| grep 'MAC Address' \| awk -F'(' '{print $2}' \| cut -d ')' -f1)

	# if a dhcp server leases file exists on this machine, we will query it for a hostname if not already returned by nmap
	if [ -f "$lease_file_location" ]; then
	# If HOSTNAME is empty, fetch from dhcpd.leases
	if [ -z "$HOSTNAME" ]; then
	HOSTNAME=$(awk -v ip="$IP" '$1 == "lease" && $2 == ip {f=1} f && /client-hostname/ {print substr($2, 2, length($2) - 3); exit}' "$lease_file_location" \| cut -c 1-15)

	# Append an asterisk (*) if HOSTNAME has a value
	if [ -n "$HOSTNAME" ]; then
	HOSTNAME="$HOSTNAME *"
	fi
	fi
	fi

	# Print a row of data for the current IP
	printf "%-${col1}s \| %-${col2}s \| %-${col3}s \| %-${col4}s \| %-${col5}s \n" "$IP" "$MAC" "$HOSTNAME" "$WG_DOMAIN" "$MANUFACTURER"
	done

	if [ -f "$lease_file_location" ]; then
	echo -e "\n* to the right of hostname indicates the hostname could not be acquired from nmap so was pulled from $lease_file_location\n"
	fi

	# we are grateful if you would leave our short tagline attached
	echo -e "This network scanner script is provided free of charge by ServerMatter\n"
	# Disclaimer: This script is provided as-is with no warranty and no responsibility.
	# The author and contributors shall not be liable for any direct, indirect, incidental,
	# special, exemplary, or consequential damages arising from the use of this script.