How to check if IP exists with bat

10

I can ping all network addresses with something like this:

for /l %%x in (1, 1, 100) do ping 10.1.1.%%x

However, not all addresses are valid, and in that case, it's timeout. Is there any way I can check if the IP exists, to only then ping it?

Explaining more in detail, here is an example of what I wanted to do more or less (in a sample language)

for(int i = 1; i < 256; i++)
{
    var ip = formataip(i);
    if(ip_existe(ip))
       ping_ip(ip);
}
    
asked by anonymous 23.05.2017 / 16:17

4 answers

10
  

obscure way kkk

I do not know how obscure this is, but everything indicates that the RFC, unsolicited%% packets should be answered with TCP ACK (connection refused), which can be "abused" (and is) by programs that do network scans, known as SYN SCANs.

They start a TCP RST but do not end - only parse the handshake response.

There are a number of these, one of them is Microsoft's own, and it's called psping .

Using the following .bat:

@echo off
for /L %%a in (1,1,255) do (
   psping -n 2 192.168.10.%%a:3389
)

Note the port usage of host , 3389 - I got response from remote desktop windows and mac that had the service enabled and disabled.

TCP connect to 192.168.20.26:3389:
3 iterations (warmup 1) ping test:
Connecting to 192.168.20.26:3389 (warmup): from 0.0.0.0:63028:
The remote computer refused the network connection.
  

In this case, if the computer is refusing the connection, we can assume that it exists ... xD

And in the case of this old friend of mine, who blocks ICMP:

Pinging 192.168.10.200 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

He did not expect this:

PsPing v2.10 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2016 Mark Russinovich
Sysinternals - www.sysinternals.com
TCP connect to 192.168.10.200:3389:
11 iterations (warmup 1) ping test:
Connecting to 192.168.10.200:3389 (warmup): from 192.168.10.192:63049: 0.64ms
Connecting to 192.168.10.200:3389: from 192.168.10.192:63050: 0.47ms
Connecting to 192.168.10.200:3389: from 192.168.10.192:63051: 0.54ms
Connecting to 192.168.10.200:3389: from 192.168.10.192:63052: 0.53ms
Connecting to 192.168.10.200:3389: from 192.168.10.192:63053: 0.54ms
Connecting to 192.168.10.200:3389: from 192.168.10.192:63054: 0.53ms
  

This technique will not always work, obviously - and it is possible to test other ports (I have not been particularly lucky with them), but say that the SYN SCANs have ...;)

Sources:
ping alternative for tcp #

26.05.2017 / 22:45
8

One suggestion is to do the ping command and look for a string in the response.

For example:

When the ping is executed successfully something like Resposta de 10.1.1.1: bytes=32 tempo<1ms TTL=255 is returned and when there is something like Esgotado o tempo limite do pedido. and etc ...

In this case, if the response string contains something like TTL= , it means that ping was executed successfully. So we can use the following code to analyze the return on the command:

@echo off
set "host=10.1.1"
setlocal
for /L %%I in (1,1,10) do (
    ping -n 1 -w 1000 %host%.%%I | find /i "TTL=" >NUL && (
        echo %host%.%%I: ONLINE
    ) || (
        echo %host%.%%I OFFLINE
    )
)
pause

In the code above the number of requests was limited to only one with ping -n 1 and the timeout period for each 1000ms response with ping -w 1000 . To learn more, type ping /? .

    
23.05.2017 / 19:57
3

It is not the solution to your problem, but it can help you.

There is a program called Nmap, it is used to scan the network and several other functions related to scanning ips ...

Follow the link to the site: link

Installer: link

With the command below you get all hosts that responded:

nmap -sP 192.168.1.1/24 | find /i "scan report"

You can output this command to a file and then loop through the logs.

Command output example:

Nmap scan report for 192.168.1.38
Nmap scan report for 192.168.1.41
Nmap scan report for 192.168.1.45
Nmap scan report for 192.168.1.62
Nmap scan report for 192.168.1.67
Nmap scan report for 192.168.1.68
Nmap scan report for 192.168.1.87
Nmap scan report for 192.168.1.90
Nmap scan report for 192.168.1.92
Nmap scan report for 192.168.1.95
Nmap scan report for 192.168.1.96
Nmap scan report for 192.168.1.97
Nmap scan report for 192.168.1.99
Nmap scan report for 192.168.1.102
Nmap scan report for 192.168.1.104
Nmap scan report for 192.168.1.110
Nmap scan report for 192.168.1.111
    
26.05.2017 / 22:44
2

Unfortunately, can not do this on a common network.

There is nothing on the net that will tell you what IPs exist. But even if it existed, to find out if the address is online you would need to make the least possible communication with the machine and wait for the answer to know if it is online.

This less communication is ping .

Now if you need to run multiple pings faster, one thing you can do is create an application that runs multiple simultaneous pings and return only those that succeed to you. Here's an example: link

When we are dealing with infrastructure, there are tools for it. One much used is Nmap .

    
26.05.2017 / 19:50