-1

I am developing a network scanner in C++ with the help of libtins library, I can be able to get MAC addresses and IP but I want to go further to know the vendor(eg: Intel Corporate) and Device Name (eg: DESKTOP-TO5P0BD) in C++

codes to get Mac and IP

// Retrieve the ARP layer info

const ARP& arp = pdu.rfind_pdu<ARP>();
std::cout << "Found :" << arp.sender_ip_addr() << ", " << arp.sender_hw_addr() << std::endl;
// Checking if it is an ARP reply?
if (arp.opcode() == ARP::REPLY) {
    // Let's check if there's already an entry for this address
auto iter = addresses.find(arp.sender_ip_addr());
if (iter == addresses.end()) {
    std::cout << "saving " << arp.sender_ip_addr() << ", " << arp.sender_hw_addr() << std::endl;
    // We haven't seen this address. Save it.
    addresses.insert({ arp.sender_ip_addr(), arp.sender_hw_addr() });
    IPv4Address ip = arp.sender_ip_addr();
    NetworkInterface iface(ip);
    //std::cout << iface.name() << std::endl;
}
else {
    std::cout << "already seen " << arp.sender_ip_addr() << ", " << arp.sender_hw_addr() << std::endl;
    // We've seen this address. If it's not the same HW address, inform it
    if (arp.sender_hw_addr() != iter->second) {
        std::cout << "[WARNING] " << arp.sender_ip_addr() << " is at "
            << iter->second << " but also at " << arp.sender_hw_addr()
            << std::endl;
    }
}
}
Gwiza Erick
  • 3
  • 1

2 Answers2

0

In order to get the vendor from the MAC address, you can have a look at this MAC OUI vendor database mantained by Wireshark. It's a text file with a simple format.

In order to get the "device name", you can do a NetBIOS name lookup. This StackOverflow question may help you.

Luca Polito
  • 2,387
  • 14
  • 20
  • The problem is, Can't be able to accomplish the MAC vendor's issue without going through its database? if No, No problem I can go for your answer but also the problem of Device name is still not answered, Please help – Gwiza Erick Aug 19 '21 at 12:32
  • The Wireshark database is easy to parse with C/C++ and it's one of the best databases of MAC vendors (and it's actively maintained), so I don't see any problem for your program to get the MAC vendor from this database. About getting the device name, you can make a NetBIOS name lookup using UDP (this will work with most Windows computers). The fastest solution, however, could be to exec a command line utility from your program (on Windows you have [`nbtstat`](https://www.computerhope.com/nbtstat.htm)) and parse the stdout of the command. – Luca Polito Aug 19 '21 at 12:55
-1

If you'd like the Vendor Name from the MAC, you could get the MAC by reading arp -a (probably via the winapi). Next you need to search a vendor db, the wireshark list is good, there's also this one. As for the "Device Name", you could check this with WMI. Other than the more complex winapi for this, you could use a library like this one, which is much simpler. You'd need to make a request to the Win32_ComputerSystem class, which contains the Device Name and model number, among other things. MAC addresses can also be retrieved by WMI, instead make the query to Win32_NetworkAdapter - it gives all of the interfaces so be sure to find the right one!

Dharman
  • 30,962
  • 25
  • 85
  • 135
AnthonyML
  • 101
  • 4
  • Excellent answer, I managed to get the Vendors database as JSON and loops unto it but I am still failing to get the device name (all the researches I have done, I have seen that I have to go to layer 7 Yet I only want to manipulate datagrams and Dataframes (Layer 2 and Layer 3) – Gwiza Erick Aug 19 '21 at 12:27