Host discovery with ARP Sweep
ARP Sweep allows us to enumerate live hosts in the local network using ARP requests, providing us with a simple and fast way to identify possible targets.
Getting ready
When your target systems are located on the same LAN as your attacking machine, you are able to enumerate systems by performing an ARP scan.
How to do it...
- To enumerate systems using ARP in Metasploit, you can use the ARP Sweep Local Network Discovery auxiliary module. You just need to set the target address range in
RHOSTS
, set the number of concurrent threads, and run the module:
msf > use auxiliary/scanner/discovery/arp_sweep msf auxiliary(arp_sweep) > set RHOSTS 192.168.216.0/24 RHOSTS => 192.168.216.0/24 msf auxiliary(arp_sweep) > set THREADS 256 THREADS => 256 msf auxiliary(arp_sweep) > run [+] 192.168.216.1 appears to be up (VMware, Inc.). [+] 192.168.216.2 appears to be up (VMware, Inc.). [+] 192.168.216.10 appears to be up (VMware, Inc.). [+] 192.168.216.129 appears to...