Re: How to find MAC address

[Fyodor <fyodor () insecure org>]

On Fri, Mar 31, 2006 at 12:20:43PM +0100, Martin O'Neal wrote:
> Nmap may not gather MAC addresses using alternative mechanisms at the
> moment, but there is no reason that it can't.  It already interacts with
> higher protocols, like RPC and NetBIOS name service, from which it
> already gathers the hostname.  The mac address is available via the same
> interface.

I don't know the MSRPC protocols very well, but if the MAC address is
available from the response Nmap already receives (and Nmap simply
isn't grabbing it), or if changing the data will get us the same info
we already do, plus the MAC address, I'd certainly welcome an
nmap-service-probes patch to remidy that deficiency.  Then something
good can come out of this pissing match after all :).  Nmap does
collect and report the MAC address in certain other version detection
cases (such as routers which print it in their telnet banner)

Cheers,
-F

PS: I finished documenting the upcoming 2nd generation OS detection
    system.  I'll send it out for comments once I return from
    CanSecWest (where I'm spending next week).  The April 4 (Tuesday)
    day-long class filled up quickly, but we added a new class on
    April 3 (this coming Monday) and still have some slots (
    http://cansecwest.com/dojorecon.html ).  We also have a half-day
    course on Wednesday.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev