/* NETBIOS name lookup tool - by eSDee of Netric (www.netric.org)
* yeh.. i was really bored :-)
*
* [esdee@pant0ffel] gcc -o nbtstat nbtstat.c && ./nbtstat 10.0.0.4
* Request sent, waiting for reply... [ctrl-c to abort]
* Name Type
* ----------------------------------
* HOEPELKO-ESPU0B <00> UNIQUE Workstation Service
* HOEPELKO-ESPU0B <20> UNIQUE File Server Service
* WORKGROUP <00> GROUP Domain Name
* WORKGROUP <1e> GROUP Browser Service Elections
* HOEPELKO-ESPU0B <03> UNIQUE Messenger Service
* ADMINISTRATOR <03> UNIQUE Messenger Service
* WORKGROUP <1d> UNIQUE Master Browser
* ..__MSBROWSE__. <01> GROUP Master Browser
* MAC-addres = 00-02-a5-e1-fd-b7
* [/home/esdee/nbtstat] */
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <unistd.h>
char
nbtname[]= /* netbios name packet */
{
0x80,0xf0,0x00,0x10,0x00,0x01,0x00,0x00,
0x00,0x00,0x00,0x00,0x20,0x43,0x4b,0x41,
0x41,0x41,0x41,0x41,0x41,0x41,0x41,0x41,
0x41,0x41,0x41,0x41,0x41,0x41,0x41,0x41,
0x41,0x41,0x41,0x41,0x41,0x41,0x41,0x41,
0x41,0x41,0x41,0x41,0x41,0x00,0x00,0x21,
0x00,0x01
};
int
display();
int
main(int argc, char *argv[])
{
char temp[16];
unsigned char recv[256];
unsigned char *ptr;
struct sockaddr_in server;
struct hostent *hp;
int s;
int total;
unsigned int nb_num;
unsigned int nb_type;
int i = 0;
if (argc < 2) {
fprintf(stderr, "Usage: %s <hostname>\n", argv[0]);
exit(1);
}
if ((hp = gethostbyname(argv[1])) == NULL) {
fprintf(stderr,"Error: Unable to resolve %s\n", argv[1]);
exit(1);
}
if ((s = socket(PF_INET, SOCK_DGRAM, 17)) < 0) { /* 17 = UDP */
perror("socket");
exit(1);
}
memset(recv,0x0, sizeof(recv));
bzero((char *) &server, sizeof(server));
bcopy(hp->h_addr, (char *) &server.sin_addr, hp->h_length);
server.sin_family = hp->h_addrtype;
server.sin_port = htons(137); /* netbios-ns */
if (sendto(s, nbtname, sizeof(nbtname), 0, (struct sockaddr *) &server, sizeof(server)) < 0) {
perror("sendto");
exit(1);
} else {
fprintf(stdout, "Request sent, waiting for reply... [ctrl-c to abort]\n");
read(s, recv, sizeof(recv) - 1);
fprintf(stdout,"Name Type\n"
"----------------------------------\n");
ptr=recv+57;
total=*(ptr - 1); /* max names */
while(ptr < recv + sizeof(recv)) {
memset(temp,0x0, sizeof(temp));
strncpy(temp, ptr, 15); /* copies the name into temp */
ptr+=15;
nb_num = *ptr;
nb_type = *(ptr + 1);
ptr+=3;
if (i==total) { /* max names reached */
ptr-=19; /* sets the pointer to the mac_addres field */
fprintf(stdout,"\nMAC-addres = %02x-%02x-%02x-%02x-%02x-%02x\n\n",
*(ptr + 1), *(ptr + 2), *(ptr + 3),
*(ptr + 4), *(ptr + 5), *(ptr + 6));
break;
}
display(temp,nb_num,nb_type);
i++;
}
}
close(s);
return 0;
}
int
display(char *name, unsigned int number, unsigned int type)
{
char description[256];
int i;
memset(description, 0x0, sizeof(description));
/* list taken from http://support.microsoft.com/default.aspx?scid=KB;EN-US;q163409& */
/* 0x04 - UNIQUE */
/* 0x80 - GROUP */
switch(number) {
case 0x00:
if (type <= 0x80) {
strncpy(description, "UNIQUE Workstation Service", sizeof(description) - 1);
} else {
strncpy(description, "GROUP Domain Name", sizeof(description) - 1);
}
break;
case 0x01:
if (type <= 0x80) {
strncpy(description, "UNIQUE Messenger Service", sizeof(description) - 1);
} else {
strncpy(description, "GROUP Master Browser", sizeof(description) - 1);
}
break;
case 0x03:
strncpy(description, "UNIQUE Messenger Service", sizeof(description) - 1);
break;
case 0x06:
strncpy(description, "UNIQUE RAS Server Service", sizeof(description) - 1);
break;
case 0x1b:
strncpy(description, "UNIQUE Domain Master Browser", sizeof(description) - 1);
break;
case 0x1c:
strncpy(description, "GROUP Domain Controllers", sizeof(description) - 1);
break;
case 0x1d:
strncpy(description, "UNIQUE Master Browser", sizeof(description) - 1);
break;
case 0x1e:
if (type >= 0x80) strncpy(description, "GROUP Browser Service Elections", sizeof(description) - 1);
break;
case 0x1F:
strncpy(description, "UNIQUE NetDDE Service", sizeof(description) - 1);
break;
case 0x20:
strncpy(description, "UNIQUE File Server Service", sizeof(description) - 1);
break;
case 0x21:
strncpy(description, "UNIQUE RAS Client Service", sizeof(description) - 1);
break;
case 0x22:
strncpy(description, "UNIQUE Microsoft Exchange Interchange(MSMail Connector)", sizeof(description) - 1);
break;
case 0x23:
strncpy(description, "UNIQUE Microsoft Exchange Store", sizeof(description) - 1);
break;
case 0x24:
strncpy(description, "UNIQUE Microsoft Exchange Directory", sizeof(description) - 1);
break;
case 0x30:
strncpy(description, "UNIQUE Modem Sharing Server Service", sizeof(description) - 1);
break;
case 0x31:
strncpy(description, "UNIQUE Modem Sharing Client Service", sizeof(description) - 1);
break;
case 0x42:
strncpy(description, "UNIQUE Mcaffee Anti-Virus", sizeof(description) - 1);
break;
case 0x43:
strncpy(description, "UNIQUE SMS Clients Remote Control", sizeof(description) - 1);
break;
case 0x44:
strncpy(description, "UNIQUE SMS Administrators Remote Control Tool", sizeof(description) - 1);
break;
case 0x45:
strncpy(description, "UNIQUE SMS Clients Remote Chat", sizeof(description) - 1);
break;
case 0x46:
strncpy(description, "UNIQUE SMS Clients Remote Transfer", sizeof(description) - 1);
break;
case 0x4C:
strncpy(description, "UNIQUE DEC Pathworks TCPIP service on Windows NT", sizeof(description) - 1);
break;
case 0x52:
strncpy(description, "UNIQUE DEC Pathworks TCPIP service on Windows NT", sizeof(description) - 1);
break;
case 0x6a:
strncpy(description, "UNIQUE Microsoft Exchange IMC", sizeof(description) - 1);
break;
case 0x87:
strncpy(description, "UNIQUE Microsoft Exchange MTA", sizeof(description) - 1);
break;
case 0xbe:
strncpy(description, "UNIQUE Network Monitor Agent", sizeof(description) - 1);
break;
case 0xbf:
strncpy(description, "UNIQUE Network Monitor Application", sizeof(description) - 1);
break;
default:
strncpy(description, "UNIQUE Unknown", sizeof(description) - 1);
break;
}
for (i=0; i < strlen(name); i++) /* replaces weird chars with dots */
if (name[i] < 31 || name[i] > 126) name[i] = '.';
if (name) fprintf(stdout, "%s <%02x> %s\n", name, number, description);
return 0;
}
|