[macOS,CentOS7]pingでIPアドレスを総当たりするシェルを作成する

概要

本書では自身PCのネットワーク上に存在するIPアドレスを特定するため、pingコマンドを利用してIPアドレスを総当たりするシェルスクリプトを作成します。この記事は筆者が執筆しました「[Windows10]pingでIPアドレスを総当たりするバッチを作成する」の動作をmacOS,CentOS7用にシェルクリプトを作成しました。

動作の流れ

1. IPアドレス(24bit(xxx.xxx.xxx)まで)を入力する。
2. 正しくIPアドレスが入力されているか確認する。
3. xxx.xxx.xxx.0 から xxx.xxx.xxx.255 までpingを打つ。
4. pingでヒットしたIPアドレスを表示する。(ARPテーブルを表示する)

シェルスクリプトの内容

macOS

#!/bin/sh

<< COMMENTOUT
ping_brute_force(macOS)
Copyright (c) 2020 yuichi1992_west
This software is released under the MIT License.
http://opensource.org/licenses/mit-license.php
COMMENTOUT

# Regular expression variables
match_ip='[0-9][0-9][0-9][.][0-9][0-9][0-9][.][0-9][0-9][0-9]'

# enter ip address.
echo "Enter the ip address up to 24bit. ( Example: 192.168.100 )"
echo "Important!: If the target bit is 2 digits or less, enter 0 at the beginning. ( Example: 172.016.002 )"
echo -n "After entering, press Enter.  "
read ping_brute_force

# Regular expression judgment processing
if [[ $ping_brute_force =~ $match_ip ]] ;
then
    echo ""
    echo "The ip range is correct. Ping all IP addresses."
    echo ""

    echo "The IP address is brute-forced with the entered settings."

    for ((i=0;i<256;i++));
    do
        ping -c 1 -W 1 "${ping_brute_force}.${i}"
    done

    # Display ARP table
    echo "Display ARP table"
    arp -a

    read -p "Press [Enter] key to resume."

else
    echo ""
    echo "Important!"
    echo "Check the input format again and execute the bat file again. "
    echo "Especially when the target bit is 2 digits or less, be sure to add 0 at the beginning. "
    echo "Example: 172.016.005"
    read -p "Press [Enter] key to resume."
fi

exit 0

CentOS7

#!/bin/sh

<< COMMENTOUT
ping_brute_force(CentOS7)
Copyright (c) 2020 yuichi1992_west
This software is released under the MIT License.
http://opensource.org/licenses/mit-license.php
COMMENTOUT

# Regular expression variables
match_ip='[0-9][0-9][0-9][.][0-9][0-9][0-9][.][0-9][0-9][0-9]'

# enter ip address.
echo "Enter the ip address up to 24bit. ( Example: 192.168.100 )"
echo I"mportant!: If the target bit is 2 digits or less, enter 0 at the beginning. ( Example: 172.016.002 )"
echo -n "After entering, press Enter.  "
read ping_brute_force

# Regular expression judgment processing
if [[ $ping_brute_force =~ $match_ip ]] ;
then
    echo ""
    echo "The ip range is correct. Ping all IP addresses."
    echo ""

    echo "The IP address is brute-forced with the entered settings."

    for ((i=0;i<256;i++));
    do
        ping -c 1 -w 1 "${ping_brute_force}.${i}"
    done

    # Display ARP table
    echo "Display ARP table"
    ip n

    read -p "Press [Enter] key to resume."

else
    echo ""
    echo "Important!"
    echo "Check the input format again and execute the bat file again. "
    echo "Especially when the target bit is 2 digits or less, be sure to add 0 at the beginning. "
    echo "Example: 172.016.005"
    read -p "Press [Enter] key to resume."
fi

exit 0

動作結果(macOSの場合)

成功例

% bash ping_brute_force.sh
Enter the ip address up to 24bit. ( Example: 192.168.100 )
Important!: If the target bit is 2 digits or less, enter 0 at the beginning. ( Example: 172.016.002 )
After entering, press Enter.  192.168.000

The ip range is correct. Ping all IP addresses.

The IP address is brute-forced with the entered settings.
PING 192.168.000.0 (192.168.0.0): 56 data bytes

--- 192.168.000.0 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss, 1 packets out of wait time
round-trip min/avg/max/stddev = 15.614/15.614/15.614/0.000 ms
(省略)
PING 192.168.000.126 (192.168.0.126): 56 data bytes

--- 192.168.000.126 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss, 1 packets out of wait time
round-trip min/avg/max/stddev = 10.611/10.611/10.611/0.000 ms
(省略)
PING 192.168.000.254 (192.168.0.254): 56 data bytes

--- 192.168.000.254 ping statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss
PING 192.168.000.255 (192.168.0.255): 56 data bytes
64 bytes from 192.168.0.230: icmp_seq=0 ttl=64 time=0.087 ms

--- 192.168.000.255 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.087/0.087/0.087/0.000 ms

Display ARP table
? (192.168.0.1) at 74:da:88:a0:e8:19 on en0 ifscope [ethernet]
? (192.168.0.111) at (incomplete) on en0 ifscope [ethernet]
? (192.168.0.112) at (incomplete) on en0 ifscope [ethernet]
? (192.168.0.126) at 54:60:9:70:ba:4c on en0 ifscope [ethernet]
(省略)
? (192.168.0.254) at (incomplete) on en0 ifscope [ethernet]
? (192.168.0.255) at ff:ff:ff:ff:ff:ff on en0 ifscope [ethernet]
Press [Enter] key to resume.

失敗例

% bash ping_brute_force.sh
Enter the ip address up to 24bit. ( Example: 192.168.100 )
Important!: If the target bit is 2 digits or less, enter 0 at the beginning. ( Example: 172.016.002 )
After entering, press Enter.  1

Important!
Check the input format again and execute the bat file again.
Especially when the target bit is 2 digits or less, be sure to add 0 at the beginning.
Example: 172.016.005
Press [Enter] key to resume.

動作について

• IPアドレス(24bit)の正規表現を変数に入れる。

match_ip='[0-9][0-9][0-9][.][0-9][0-9][0-9][.][0-9][0-9][0-9]'

• 任意のIPアドレス(24bit)をユーザーに入力してもらう。

read ping_brute_force

• 入力してもらった値(ping_brute_force変数)と正規表現(match_ip変数)を比較する。

if [[ $ping_brute_force =~ $match_ip ]] ;

• 正しいIPアドレス(24bit)が入力されている場合は、xxx.xxx.xxx.0からxxx.xxx.xxx.255までpingを打つ。

for ((i=0;i<256;i++));
do
    ping -c 1 -W 1 "${ping_brute_force}.${i}"
done

• ARPテープルを表示する。

arp -a

最後に

macOS,CentOS用のpingでIPアドレスを総当たりするシェルスクリプトを作成しました。これによって、自身PCのネットワークに存在しているyIPアドレスを特定することができると思います。このシェルスクリプトを利用することで、使用されていないIPアドレスを確認すること、既に使用されているIPアドレスを特定することに役立つと思います。