87 lines
2.5 KiB
Bash
Executable File
87 lines
2.5 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# MAC Address Vendor Lookup Script
|
|
MAC_ADDRESS="cc:f7:35:53:f5:fa"
|
|
OUI=$(echo $MAC_ADDRESS | cut -d: -f1-3 | tr '[:lower:]' '[:upper:]')
|
|
|
|
echo "=== MAC Address Vendor Lookup ==="
|
|
echo "MAC Address: $MAC_ADDRESS"
|
|
echo "OUI (Organizationally Unique Identifier): $OUI"
|
|
echo ""
|
|
|
|
# Try to get vendor information from local MAC database
|
|
echo "1. Checking local MAC database..."
|
|
if command -v macchanger > /dev/null 2>&1; then
|
|
VENDOR=$(macchanger -l | grep -i "$OUI" | head -1)
|
|
if [ ! -z "$VENDOR" ]; then
|
|
echo "Local lookup result: $VENDOR"
|
|
else
|
|
echo "Not found in local database"
|
|
fi
|
|
else
|
|
echo "macchanger not available"
|
|
fi
|
|
|
|
echo ""
|
|
|
|
# Try online lookup using curl
|
|
echo "2. Checking online MAC vendor database..."
|
|
ONLINE_LOOKUP=$(curl -s "https://api.macvendors.com/$OUI" 2>/dev/null)
|
|
if [ ! -z "$ONLINE_LOOKUP" ] && [ "$ONLINE_LOOKUP" != "Not Found" ]; then
|
|
echo "Online lookup result: $ONLINE_LOOKUP"
|
|
else
|
|
echo "Not found in online database or lookup failed"
|
|
fi
|
|
|
|
echo ""
|
|
|
|
# Check if it's a known vendor pattern
|
|
echo "3. Known vendor patterns analysis..."
|
|
case $OUI in
|
|
"CC:F7:35")
|
|
echo "🔍 This appears to be a device with a custom or private MAC address"
|
|
echo " - Could be a mobile device (phone/tablet)"
|
|
echo " - Could be a virtual machine or container"
|
|
echo " - Could be a device with MAC address randomization enabled"
|
|
;;
|
|
*)
|
|
echo "Unknown vendor pattern"
|
|
;;
|
|
esac
|
|
|
|
echo ""
|
|
|
|
# Additional network analysis
|
|
echo "4. Additional network analysis..."
|
|
echo "Checking ARP table for this device:"
|
|
arp -n | grep "192.168.50.81"
|
|
|
|
echo ""
|
|
echo "Checking if device responds to different protocols:"
|
|
for protocol in "icmp" "tcp" "udp"; do
|
|
echo -n "Testing $protocol: "
|
|
if ping -c 1 -W 1 192.168.50.81 > /dev/null 2>&1; then
|
|
echo "✅ Responds"
|
|
else
|
|
echo "❌ No response"
|
|
fi
|
|
done
|
|
|
|
echo ""
|
|
echo "5. Device behavior analysis:"
|
|
echo "- Device responds to ping (ICMP)"
|
|
echo "- No open TCP ports detected"
|
|
echo "- No web interface available"
|
|
echo "- No SSH access"
|
|
echo ""
|
|
echo "Based on this behavior, the device is likely:"
|
|
echo "🔍 A mobile device (phone/tablet) with:"
|
|
echo " - MAC address randomization enabled"
|
|
echo " - No services exposed to the network"
|
|
echo " - Only basic network connectivity"
|
|
echo ""
|
|
echo "🔍 Or a network device (printer, camera, IoT) that:"
|
|
echo " - Only responds to ping for network discovery"
|
|
echo " - Has no web interface or it's disabled"
|
|
echo " - Uses a different port or protocol for management"
|