Moving this here from the Tools Request forum since I think its a better fit.
OUI (MAC address) lookup script
I couldn't find a tool in BackTrack 4 that allowed me to lookup OUIs (Organizationally Unique Identifier), so I decided to write one myself. Of course it could just be me and that I overlooked a tool already present in BackTrack to do this, in that case, please react on this post telling which tool.
The tool I wrote is a small Perl script that uses the OUI list of aircrack-ng located in /usr/local/etc/aircrack-ng/airodump-ng-oui.txt, the code of the tool is listed below together with some example outputs.
I have no idea if anyone else thinks this is useful, but I decided to post it here in case anyone can use it.
Code:#!/usr/bin/perl # MAC address OUI checker # Thijs (Thice) Bosschert # http://www.thice.nl # v0.1 24-06-2010 # Print header print "\n MAC address OUI checker v0.1\n". " by Thijs (Thice) Bosschert\n\n"; # Check if argument has been given if (!$ARGV[0]) { &error; } # Removing seperators from MAC address and uppercase chars $ARGV[0] =~ s/[:|\s|-]//g; $ARGV[0] =~ y/a-z/A-Z/; # Get OUI from MAC if ($ARGV[0] =~ /^([0-9a-f]{6})/i) { $OUI = $1; print " Checking OUI: ".$OUI."\n"; } else { &error; } # Open OUI file from aircrack-ng open(FILE,"/usr/local/etc/aircrack-ng/airodump-ng-oui.txt"); while (<FILE>) { ($checkoui,$company) = split(/\(hex\)/,$_); $checkoui =~ s/[-|\s]//g; # Check if OUI can be found in the list if ($OUI eq $checkoui) { $company =~ s/\t//g; # Output found OUI print " Found OUI: ".$OUI." - ".$company."\n\n"; exit; } } close(FILE); # Show if OUI was not found print " Could not find OUI: ".$OUI."\n\n"; # Error messages sub error { print " Error: No MAC address or OUI specified or could not recognize it.\n". " Usage: perl OUI_lookup.pl <MAC/OUI>\n". " MAC can be submitted as:\n". " 001122334455\n". " 00:11:22:33:44:55\n". " 00-11-22-33-44-55\n". " OUI can be submitted as:\n". " 001122\n". " 00:11:22\n". " 00-11-22\n\n"; exit; }
Output:
Code:root@bt:~/WiFi# perl OUI_lookup.pl test MAC address OUI checker v0.1 by Thijs (Thice) Bosschert Error: No MAC address or OUI specified or could not recognize it. Usage: perl OUI_lookup.pl <MAC/OUI> MAC can be submitted as: 001122334455 00:11:22:33:44:55 00-11-22-33-44-55 OUI can be submitted as: 001122 00:11:22 00-11-22 root@bt:~/WiFi# perl OUI_lookup.pl 00:11:22 MAC address OUI checker v0.1 by Thijs (Thice) Bosschert Checking OUI: 001122 Found OUI: 001122 - CIMSYS Inc root@bt:~/WiFi# perl OUI_lookup.pl 001122334455 MAC address OUI checker v0.1 by Thijs (Thice) Bosschert Checking OUI: 001122 Found OUI: 001122 - CIMSYS Inc root@bt:~/WiFi# perl OUI_lookup.pl FF:FF:FF MAC address OUI checker v0.1 by Thijs (Thice) Bosschert Checking OUI: FFFFFF Could not find OUI: FFFFFF
Re: OUI (MAC address) lookup script
Moving this here from the Tools Request forum since I think its a better fit.
Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".
The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.
Re: OUI (MAC address) lookup script
Ah I like it. Much better than manually grepping for it and I can see some code changes in my scripts already.
On that note though, some slight improvements to the code - it happened to me so I'm passing on the knowledge. Some of it available here: Ancient Perl / Perl 5 Wiki and other bits just my experience in the past. I've cleaned up the sanitation code at the top, cut out the use of variables to help speed things up a little.
In terms of other tools I'm not familiar with any, I usually just grep the nmap OUI file if I need to look one up.
The formatting may have changed slightly (I use different tab stops), but here it is:It is also possible to install it to /bin/ if you wish:Code:#!/usr/bin/env perl # MAC address OUI checker # Thijs (Thice) Bosschert # http://www.thice.nl # v0.1 24-06-2010 # Print header print "\n MAC address OUI checker v0.1\n". " by Thijs (Thice) Bosschert\n\n"; # Check if argument has been given if (!$ARGV[0]) { fatal_error(); } # Removing seperators from MAC address and uppercase chars my $OUI = uc($ARGV[0]); $OUI =~ s/[^0-9A-F]//g; # Get OUI from MAC if ($OUI =~ /^[0-9A-F]{6}/) { print " Checking OUI: ".$OUI."\n"; } else { fatal_error(); } # Open OUI file from aircrack-ng open(my $fh, "<", "/usr/local/etc/aircrack-ng/airodump-ng-oui.txt") || die "Fatal: Can not find airodump file"; while (<$fh>) { ($checkoui,$company) = split(/\(hex\)/,$_); $checkoui =~ s/[-|\s]//g; # Check if OUI can be found in the list if ($OUI eq $checkoui) { $company =~ s/\t//g; # Output found OUI print " Found OUI: ".$OUI." - ".$company."\n\n"; exit; } } close($fh); # Show if OUI was not found print " Could not find OUI: ".$OUI."\n\n"; # Error messages sub fatal_error { print " Error: No MAC address or OUI specified or could not recognize it.\n". " Usage: perl $0 <MAC/OUI>\n". " MAC can be submitted as:\n". " 001122334455\n". " 00:11:22:33:44:55\n". " 00-11-22-33-44-55\n". " OUI can be submitted as:\n". " 001122\n". " 00:11:22\n". " 00-11-22\n\n"; exit; }Which means you can just type:Code:sudo cp OUI_lookup.pl /bin/OUI_lookup && sudo chmod +x /bin/OUI_lookupAnyhow good job Hawkje, not a bad first post to these forums.Code:OUI_lookup 00:11:22:33:44:55
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
Re: OUI (MAC address) lookup script
Autsj! Thanks for that, I have been writing Perl for years but always the same way since I learned it, I have read the link and will try to keep it in mind from now onOriginally Posted by Gitsnik
I really like that, I just did it to my install.
I adjusted the code a bit further to display different error messages in case it is installed in the bin directory instead of ran from command line with Perl. I further made some minor adjustments and placed the OUI file location at the beginning as a variable for easier adjustment for when someone would want to change this.
Code:#!/usr/bin/env perl # MAC address OUI checker # Thijs (Thice) Bosschert # http://www.thice.nl # v0.3 25-06-2010 $ouifile = "/usr/local/etc/aircrack-ng/airodump-ng-oui.txt"; # Print header print "\n MAC address OUI checker v0.3\n". " by Thijs (Thice) Bosschert\n\n"; # Check if argument has been given if (!$ARGV[0]) { fatal_error(); } # Removing seperators from MAC address and uppercase chars my $OUI = uc($ARGV[0]); $OUI =~ s/[^0-9A-F]//g; # Get OUI from MAC if ($OUI =~ /^[0-9A-F]{6}/) { print " Checking OUI: ".$OUI."\n"; } else { fatal_error(); } # Open OUI file from aircrack-ng open(my $fh, "<", $ouifile) || die " Error: Can not access OUI file: $ouifile"; while (<$fh>) { ($checkoui,$company) = split(/\(hex\)/,$_); $checkoui =~ s/[-|\s]//g; # Check if OUI can be found in the list if ($OUI eq $checkoui) { $company =~ s/\t//g; chomp($company); # Output found OUI print " Found OUI: ".$OUI." - ".$company."\n\n"; exit; } } close($fh); # Show if OUI was not found print " Could not find OUI: ".$OUI."\n\n"; # Error messages sub fatal_error { print " Error: No MAC address or OUI specified or could not recognize it.\n"; if ($0 =~ /^\/bin\/(.*)/) { print " Usage: $1 <MAC/OUI>\n"; } else { print " Usage: perl $0 <MAC/OUI>\n"; } print " MAC can be submitted as:\n". " 001122334455\n". " 00:11:22:33:44:55\n". " 00-11-22-33-44-55\n". " OUI can be submitted as:\n". " 001122\n". " 00:11:22\n". " 00-11-22\n\n"; exit; }
As extra information: To update the aircrack-ng OUI file you can run the command "airodump-ng-oui-update"
Code:root@bt:~# airodump-ng-oui-update [*] Downloading IEEE OUI file... [*] Parsing OUI file... [*] Airodump-ng OUI file successfully updated
Thanks for your feedback!
Re: OUI (MAC address) lookup script
I am afraid one of the changes of Gitsnik introduced a little bug in the code, it only would work on OUIs and no more on full MACs. I fixed that in the code below.
Code:#!/usr/bin/env perl # MAC address OUI checker # Thijs (Thice) Bosschert # http://www.thice.nl # v0.4 25-06-2010 $ouifile = "/usr/local/etc/aircrack-ng/airodump-ng-oui.txt"; # Print header print "\n MAC address OUI checker v0.4\n". " by Thijs (Thice) Bosschert\n\n"; # Check if argument has been given if (!$ARGV[0]) { fatal_error(); } # Removing seperators from MAC address and uppercase chars my $OUI = uc($ARGV[0]); $OUI =~ s/[^0-9A-F]//g; # Get OUI from MAC if ($OUI =~ /^([0-9A-F]{6})/) { $OUI = $1; print " Checking OUI: ".$OUI."\n"; } else { fatal_error(); } # Open OUI file from aircrack-ng open(my $fh, "<", $ouifile) || die " Error: Can not access OUI file: $ouifile"; while (<$fh>) { ($checkoui,$company) = split(/\(hex\)/,$_); $checkoui =~ s/[-|\s]//g; # Check if OUI can be found in the list if ($OUI eq $checkoui) { $company =~ s/\t//g; chomp($company); # Output found OUI print " Found OUI: ".$OUI." - ".$company."\n\n"; exit; } } close($fh); # Show if OUI was not found print " Could not find OUI: ".$OUI."\n\n"; # Error messages sub fatal_error { print " Error: No MAC address or OUI specified or could not recognize it.\n"; if ($0 =~ /^\/bin\/(.*)/) { print " Usage: $1 \n"; } else { print " Usage: perl $0 \n"; } print " MAC can be submitted as:\n". " 001122334455\n". " 00:11:22:33:44:55\n". " 00-11-22-33-44-55\n". " OUI can be submitted as:\n". " 001122\n". " 00:11:22\n". " 00-11-22\n\n"; exit; }
Re: OUI (MAC address) lookup script
Yes, it certainly did. I missed a line in my text entry:Either way of doing it will work.Code:$OUI = substr($OUI, 0, 6);
Sorry about that
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
Re: OUI (MAC address) lookup script
awesome work!
If you get tired of listening to your music... cat /vmlinuz > /dev/audio
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
Macbook 2.4Ghz Dual Core, 4GB Ram, Edimax EW-7318USG, BT4
Thanks for the script
I wanted a quick way to do multipul OUI's so i did this little edit not knowing perl all that well.
Perl | #!/usr/bin/env perl # MAC add - Anonymous - ZYk57yZz - Pastebin.com
Random idea, and maybe its been done / suggested.
Would be cool if airodump did this, and like posted the name below or in front of the mac if you did a --showmac switch or something.
Last edited by Archangel-Amael; 07-06-2010 at 06:01 PM.
Re: OUI (MAC address) lookup script
Good script, if anyone is after alternatives for whatever reason:
You could just use curl or wget to grab: http://standards.ieee.org/regauth/oui/oui.txt then use grep.
or
You use use curl or wget to do the lookup via: Manufacturer to Network Card Cross-Reference (or similar)
Edit: http://standards.ieee.org/cgi-bin/ouisearch could also be scripted.
Last edited by thorin; 07-08-2010 at 03:41 PM.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Re: OUI (MAC address) lookup script
Yeah, aircrack-ng suite can do this, the script is located under ~/aircrack-ng/scripts or so on BT. I don't remember the exact name of it off hand though.
Posting Permissions