Untitled

avatar
unknown
plain_text
a month ago
3.8 kB
3
Indexable
#!/bin/bash
#
# UBNT Device Discovery Script for CentOS (including older versions like CentOS 6)
#
# This script scans the local network to identify Ubiquiti (UBNT) devices.
# It uses 'nmap' for network scans and 'arp' to resolve MAC addresses.
# 
# Usage:
#   ./ubnt_discover.sh [network_subnet]
#   e.g., ./ubnt_discover.sh 192.168.1.0/24
#
# If no subnet is provided, it attempts to auto-detect your local network via ifconfig.
# It writes discovered UBNT device info to 'ubnt_devices_found.txt'.
#

# ----------------------------
# Configuration
# ----------------------------

# Known Ubiquiti OUIs (first three octets in MAC address)
UBNT_OUIs=(
    "00:15:A9"
    "00:17:88"
    "24:E3:AD"
    "34:EA:34"
    "4C:EE:14"
    "74:DA:B9"
    "AC:4B:17"
    "B8:27:EB"  # Also seen in some UBNT boards
)

# Temporary files
TEMP_SCAN_FILE="/tmp/ubnt_scan_results_$$.txt"
RESULT_FILE="ubnt_devices_found.txt"

# ----------------------------
# Functions
# ----------------------------

# Print usage and exit
usage() {
    echo "Usage: $0 [network_subnet]"
    echo "Example: $0 192.168.1.0/24"
    exit 1
}

# Try to auto-detect subnet using ifconfig (common on older CentOS)
detect_subnet() {
    # Grab the first non-loopback IPv4 address
    IP_INFO=$(ifconfig -a 2>/dev/null | grep -m 1 "inet " | awk '{print $2}' | cut -d':' -f2)
    
    if [ -z "$IP_INFO" ]; then
        echo "Could not detect IP address automatically. Please specify subnet manually."
        exit 1
    fi
    
    # We'll assume a /24 subnet from the detected IP
    IFS='.' read -r i1 i2 i3 i4 <<< "$IP_INFO"
    SUBNET="${i1}.${i2}.${i3}.0/24"
    echo "$SUBNET"
}

# Run an nmap ping sweep to find active hosts
perform_scan() {
    local subnet=$1
    echo "Scanning subnet: $subnet ..."
    nmap -sn "$subnet" -oG "$TEMP_SCAN_FILE" >/dev/null 2>&1
}

# Extract active IP addresses from the nmap output
extract_active_ips() {
    awk '/Up$/{print $2}' "$TEMP_SCAN_FILE"
}

# Retrieve the MAC address from ARP cache for a given IP
get_mac_address() {
    local ip=$1
    arp -n "$ip" | awk '/ether/ {print $3}'
}

# Check if the MAC address matches any known UBNT OUIs
is_ubnt_device() {
    local mac="$1"
    # Normalize the MAC to uppercase, extract the first 8 characters
    local mac_prefix=$(echo "$mac" | tr '[:lower:]' '[:upper:]' | cut -c1-8)
    for oui in "${UBNT_OUIs[@]}"; do
        # Convert OUI in the array to uppercase, compare with the MAC prefix
        if [[ "$mac_prefix" == "${oui^^}"* ]]; then
            return 0
        fi
    done
    return 1
}

# ----------------------------
# Main Script
# ----------------------------

# If -h or --help is used, show usage
if [[ "$1" == "-h" || "$1" == "--help" ]]; then
    usage
fi

# Determine subnet to scan
if [ -n "$1" ]; then
    SUBNET="$1"
else
    SUBNET=$(detect_subnet)
fi

# Perform the network scan
perform_scan "$SUBNET"

# Grab active IPs
ACTIVE_IPS=$(extract_active_ips)

if [ -z "$ACTIVE_IPS" ]; then
    echo "No active hosts found on subnet $SUBNET."
    rm -f "$TEMP_SCAN_FILE"
    exit 0
fi

echo "Active hosts found: $(echo "$ACTIVE_IPS" | wc -l)"
echo "Checking for UBNT devices..."

# Prepare result file
echo "UBNT Devices Found:" > "$RESULT_FILE"

# Iterate over active IPs
for ip in $ACTIVE_IPS; do
    mac=$(get_mac_address "$ip")
    if [ -n "$mac" ]; then
        if is_ubnt_device "$mac"; then
            echo "UBNT Device - IP: $ip | MAC: $mac"
            echo "IP: $ip | MAC: $mac" >> "$RESULT_FILE"
        fi
    fi
done

# Check if anything was written
if grep -q "IP:" "$RESULT_FILE"; then
    echo "Discovery complete. UBNT devices listed in '$RESULT_FILE'."
    cat "$RESULT_FILE"
else
    echo "No UBNT devices found on subnet $SUBNET."
    rm -f "$RESULT_FILE"
fi

# Clean up
rm -f "$TEMP_SCAN_FILE"
Leave a Comment