Jump to content

Recommended Posts

Posted (edited)

So I was playing with one of my ASUS routers and scanning my home LAN with nmap from my windows box, when I realized I could scan my WAN subnet, but not see the MAC addresses of connected devices. I then logged into my router and was able to issue an arp and see what nmap had triggered in the arp table. In doing so it dawned on me, would be nice to have a port scanner built into the router, but with stock firmware and file space, OS, etc, I wasn't going to be putting nmap on there any time soon. However, ASUS has a nice little tcp utility called "tcpcheck" which takes 3 arguments. A timeout, IP address/domain name, and a port. The following is a little script I put together. It's slow, and takes a really long time if you want to scan the entire 65535 port range, but works a treat. One thing to note, if your port range you set returns nothing, check the arp at the end. If you see the IP and MAC address of the IP you scanned, this device is up, just no ports responded. Quick way to tell if an nmap scan from another host triggers an ARP in the Router's table and can confirm the node is up.

 

#!/bin/sh
### scan.sh - an ASUS RT-AC66U Port Scanner shell script by DigiP
### This script can be used to scan internal and external addresses - Check arp afterwards too for WAN devices on same subnet ;)
### invoke with > admin@RT-AC66U:/tmp/home/root# /bin/sh ./scan.sh
echo "Enter address to scan:" ### local IP address or domains. ex: 192.168.100.1 or google.com
read addr
port=20 ### starting port number
while :
do
port=`expr $port + 1`
tcpcheck 1 $addr:$port | grep alive
if [ $port -eq 1024 ] ##change to max port to scan up to, ex: 65535
 then
  arp | grep ether
  break
 fi
done

 

I've thrown this up on Git as well: https://github.com/digip/scan.sh but don't really plan on making any changes at the moment. There is no /dev/tcp so no way to script a faster scanner that I could find, but figured might come in handy for anyone with an ASUS router and similar utils and limited shell(no /bin/bash, only /bin/sh).

asus-scan.png

Edited by digip

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...