- 00:00 Intro
- 06:49 Demonstration
- 11:49 What are MAC Addresses
- 16:50 Resolve Vendor with REST API
- 19:10 ARP Table Dump to Resolve Numerous MAC Addresses
- 32:30 Ping and Resolve Vendor for Specific IP Address
- 40:10 Final Thoughts
Setup:
This is a Free REST API so you just need the URL. Please note that there is a rate limit of one request per second.
https://www.macvendorlookup.com
1-mac.py
This lab will print out the vendor of a specific MAC Address that you provide.
import requests
mac_text = 'dc:a6:32:69:98:98'
url = f'https://www.macvendorlookup.com/api/v2/{mac_text}'
vendor = requests.get(url).json()
vendor_text = vendor[0]['company']
print(vendor_text)
2-re.py
This lab will dump the ARP table and then find the IP address, MAC Address and Vendors for each record in the table. We use Regular Expressions to pull out the IP and MAC Addresses.
import subprocess
import requests
import re
from time import sleep
command = 'arp -a'
response = subprocess.check_output(command , shell=True)
#print(response)
response = str(response).split('\\n?')
for line in response:
ip_text = ''
mac_text = ''
vendor_text = ''
try:
ip = re.search(r'(\d{1,3}\.){3}\d{1,3}', line)
ip_text = ip.group()
ip_text = ip_text.replace('(', '')
ip_text = ip_text.replace(')', '')
except:
pass
try:
mac = re.search(r'([0-9A-Fa-f]{1,2}[:-]){5}[0-9A-Fa-f]{1,2}', line)
mac_text = mac.group()
url = f'https://www.macvendorlookup.com/api/v2/{mac_text}'
try:
vendor = requests.get(url).json()
vendor_text = vendor[0]['company']
except:
pass
except:
pass
print(f'Record:\t{ip_text}\t{mac_text}\t{vendor_text}')
sleep(2)
3-ping.py
This lab has you ping a specific IP Address to find it’s MAC Address and then shows you it’s vendor.
import subprocess
import requests
import re
mac_text = 'Not Found'
vendor_text ='Not Found'
host = input('IP Address:')
print(f'IP Address: {host}')
try:
command_ping = f'ping -c 1 {host}'
response_ping = subprocess.check_output(command_ping, shell=True)
#print(response_ping) #For Troubleshooting Purposes to Test Ping
command = f'arp -a | grep -w {host}'
response_arp = subprocess.check_output(command, shell=True)
response_arp = str(response_arp)
mac = re.search(r'([0-9A-Fa-f]{1,2}[:-]){5}[0-9A-Fa-f]{1,2}', response_arp)
mac_text = mac.group()
try:
url = f'https://www.macvendorlookup.com/api/v2/{mac_text}'
try:
vendor = requests.get(url).json()
vendor_text = vendor[0]['company']
except:
pass
except:
pass
except:
pass
print(f'MAC Address: {mac_text}')
print(f'Vendor: {vendor_text}')
Be the first to comment