Grep MAC and IP address using Regular expression

  • MAC Address
    grep -o -E "([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}" found.txt
  • IP Address
    grep -o -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" found.txt

    [\.]     looks for a literal period.
    ([0-9]{1,3}[\.]) can find the first octet.
    {3} three occurrences of the previous expression.
    [0-9]{1,3} is a manual addition of the fourth octet

Grep known IPs

  • Starting with 192.x.x.x
    cat nmap.txt | grep -E "(192)(\.[0-9]{1,3}){3}"
  • Starting with 192.168.x.x
    cat nmap.txt | grep -E "(192.168)(\.[0-9]{1,3}){2}"
  • Starting with 192.168.32.x
    cat nmap.txt | grep -E "(192.168.32.)[0-9]{1,3}"

IP and MAC on 1 line

  • nmap + awk
    sudo nmap -sn 172.31.201.0/24 | awk '/Nmap scan report for/{printf $5;}/MAC Address:/{print " => "$3;}' | sort

 

Leave a Comment

Your email address will not be published. Required fields are marked *