Obtenha um identificador de cliente exclusivo dos usuários no meu WiFi

Navegue suas respostas
0

Eu escrevi um arquivo em lote para detectar se algum novo cliente está conectado ao meu WiFi local. Todo o arquivo de lote funciona bem.

O script detecta novos clientes WiFi conectados e mostra seus endereços IP e MAC.

A questão é, eu quero detectar endereços MAC falsificados, ou então identificar clientes de uma maneira única, para que eu possa determinar spoofing ou não, comparando-os com conexões anteriores.

Pesquisei um monte no Google, mas tudo que consigo é software; Eu preciso de alguma maneira de fazer isso em um arquivo de lote.

Alguém sabe como começar isso?

Aqui está o script: (ignore os :: comments, eles estão em holandês) 

@echo off
color E0
Title VerbondenIP vindenmet ARP -a
set wifi=
if exist ArpedIPs.txt del ArpedIPs.txt
if exist connectedIPs.txt del connectedIPs.txt
if exist eerste3.txt del eerste3.txt
if exist Eigen_IP.txt del Eigen_IP.txt
if exist FilteredArpedIPs.txt del FilteredArpedIPs.txt
if exist FilteredArpedIPs1.txt del FilteredArpedIPs1.txt
if exist FilteredArpedIPs2.txt del FilteredArpedIPs2.txt
if exist newIPs.txt del newIPs.txt
if exist newVerbondenmet.txt del newVerbondenmet.txt
if exist previousconnectedIPs.txt del previousconnectedIPs.txt
if exist previousVerbondenmet.txt del previousVerbondenmet.txt
if exist Verbondenmet.txt type nul > "Verbondenmet.txt"
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: eerst arp tabel flushen:
echo flushen van arptabel...
netsh interface ip delete arpcache
:: echo arp tabel geflushed
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:begin
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: kijk met welke wifi verbonden is...
@echo off
@Netsh wlan show interface | for /F "tokens=2 delims=: " %%A in ('findstr /r "^....SSID"') do (
    @set wifi=%%A
    @type nul > "Verbondenmet.txt"
    @echo  %%A>> "Verbondenmet.txt"
        )
@set /p wifi=<"Verbondenmet.txt"
echo Verbondenmet:%wifi%
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: Check of wifi-netwerk veranderd is:

if not exist previousVerbondenmet.txt goto same
@FC previousVerbondenmet.txt Verbondenmet.txt
    @if %errorlevel% == 0 (
    @goto same
    )
@findstr /vxg:previousVerbondenmet.txt Verbondenmet.txt > newVerbondenmet.txt
@echo (Dit was op %date% om %time% uur) >> newIPs.txt
:same
@type "Verbondenmet.txt" > "previousVerbondenmet.txt"   
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: Checken of verbonden met internet:
:: echo checken of er internet beschikbaar is...
SET Connected=false
FOR /F "usebackq tokens=1" %%A IN ('PING google.com') DO (
    IF /I "%%A"=="Reply" SET Connected=true
)
IF "%Connected%"=="true" (
    goto Internet    
    ) ELSE (
    goto Geeninternet
    )
:Internet
echo Internet beschikbaar
goto sub1

:Geeninternet
echo Internet niet beschikbaar
:sub1
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: Echo eigen IP bepalen...
  for /f "tokens=2 delims=:" %%a in (
    'ipconfig ^| find "IP" ^| find "Address" ^| find /v "v6"') do (
    set IPAddr=%%a
    echo %%a > "Eigen_IP.txt"
    goto ipbepaald
    )
:ipbepaald
set /p EigenIP=<"Eigen_IP.txt"
echo Eigen IP is:%EigenIP%
: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: kijk eerste3...
setlocal enabledelayedexpansion
for /f "tokens=1-3 delims=. " %%a in ("%EigenIP%") do (
echo %%a.%%b.%%c > "eerste3.txt"
)
set /p eerste3=<"eerste3.txt"
:: spatie die erachter staat verwijderen:
set eerste3=%eerste3:~0,-1%
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: Na wachttijd van 5 seconden, lokaal wifi-netwerk aanpingen van .1 tot .254 om alles in Arp tabel te krijgen:

@TIMEOUT /T 5 /NOBREAK
if "%ip%"=="" (
    echo Pingen van alle IP's in lokaak netwerk (dat begint met %eerste3%)
    for /L %%N in (1,1,254) do (
    start /b ping -n 1 -w 200 %eerste3%.%%N >nul
    echo Ping naar %eerste3%.%%N
    )
    timeout 1 >nul
)
@echo off
:: echo Lokaal Wifi-netwerk gepingd.
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: Echo Arp-tabel opvragen...
if exist "ArpedIPs.txt" type nul > "ArpedIPs.txt"
for /F "tokens=1,2,3" %%d in ('Arp -a') do echo %%d %%e %%f >> "ArpedIPs.txt"
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: Regels die GEEN "  %eerste3%" bevatten verwijderen, resultaat schrijven naar "FilteredArpedIPs.txt":
findstr "%eerste3%" ArpedIPs.txt > FilteredArpedIPs.txt
:: 1e regel verwijderen:
More +1 "FilteredArpedIPs.txt" > "FilteredArpedIPs1.txt"
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: %eerste3%.255 verwijderen:
findstr /v "  %subnet%.255" FilteredArpedIPs1.txt > FilteredArpedIPs2.txt
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
type nul > connectedIPs.txt
for /F "tokens=1,2,3 delims= " %%a in (FilteredArpedIPs2.txt) do (
@echo %%a %%b %%c
@echo IP-adres:%%a Type verbinding: %%c MAC-adres: %%b wifinetwerk: %wifi% >> connectedIPs.txt 
@echo off
)
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:: Bepaal 1e loop of niet:
if not exist previousconnectedIPs.txt goto eersteloop
    :: echo bestaat
    :: echo vergelijken...
    :: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    :: check of previousconnectedIPs groter is of connectedIPs:

        :: bepaal grootte van "previousconnectedIPs.txt:
        for %%I in (previousconnectedIPs.txt) do (
        :: echo %%~zI
        echo %%~zI > pCIPs
        set pCIPs=%%~ZI
        )
        set /p pCIPs=<pCIPs
        :: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

        :: bepaal grootte van "connectedIPs.txt:
        for %%J in (connectedIPs.txt) do (
        :: echo %%~zJ
        echo %%~zJ > CIPs
        set CIPs=%%~ZJ
        )
        set /p CIPs=<CIPs
        :: echo grootte previousconnectedIPs.txt is: %pCIPs%
        :: echo         grootte connectedIPs.txt is: %CIPs%
    :: Als PReviousconnectedIPs groter is, dan naar weggegaan, anders naar bijgekomen:
            if %pCIPs% GTR %CIPs% (
            set eerstegrotertweede=1
            ) else (
            set eerstegrotertweede=0
            )
        if %eerstegrotertweede% == 1 (
        goto weggegaan
        ) else (
        goto bijgekomen
        )
    :: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:bijgekomen
    @FC previousconnectedIPs.txt connectedIPs.txt
    if %errorlevel% == 0 (
    goto wrote
    )
    :: Bij verschil, dit verschil wegschrijven naar "newIPs.txt"        
        findstr /vxg:previousconnectedIPs.txt connectedIPs.txt >> newIPs.txt
        echo (Deze is erbij gekomen op %date% om %time% uur) >> newIPs.txt
        :: echo vergeleken
        goto wrote
:weggegaan
    @FC connectedIPs.txt previousconnectedIPs.txt
    if %errorlevel% == 0 (
    goto wrote
    )
    :: Bij verschil, dit verschil wegschrijven naar "newIPs.txt"        
        findstr /vxg:connectedIPs.txt previousconnectedIPs.txt >> newIPs.txt
        echo (Deze is weggegaan op %date% om %time% uur) >> newIPs.txt
        :: echo vergeleken
        goto wrote

:eersteloop
type connectedIPs.txt > newIPs.txt
echo (Dit was op %date% om %time% uur) >> newIPs.txt
:wrote
:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
type connectedIPs.txt > previousconnectedIPs.txt
:einde
:: echo klaar, nogmaals?
:: pause
goto begin
    
por Sicko 22.11.2016 / 22:02

0 respostas

Tags

O lote recente de atualizações fez com que o Windows Update parasse de funcionar Virtualização na vitória 10