h4de5 · February 4, 2022 17:10
diff --git a/get_rpi_ip.bat b/get_rpi_ip.bat
 @echo off
 REM run on windows in elevated cmd line

 REM clear arp cache
 arp -d

 REM TODO: get correct subnet

 REM bruteforce through the network
 for /L %%a in (1,1,254) do @start /b ping 192.168.0.%%a -w 100 -n 2 >nul

 echo Waiting for pings to return
 ping 127.0.0.1 -n 60 > nul

 REM list arp cache
 REM find IPs with mac like: b8-27-eb-..
 arp -a | find "b8-27-eb-"
diff --git a/get_rpi_ip.sh b/get_rpi_ip.sh
 #!/bin/bash

 if [ "$#" -lt 1 ]
 then
  echo "start with $0 wifi0"
  echo "check with ifconfig to list your interface names"
  exit 1
 fi

 # run on linux
 broadcast=`ifconfig $1 | grep -o --color="never" "cast [0-9\.]*" | sed "s/cast //#g"`

 broadcast_end="${broadcast##*.}"
 subnet="${broadcast%.*}"

 echo Broadcasting: ${subnet}.${broadcast_end}

 echo Enter sudo mode to clear existing arp cache

 # clear arp cache
 sudo ip -s -s neigh flush all 2>&1 >/dev/null 

 # bruteforce through the network
 for ip in $(seq 1 $broadcast_end); do (ping -W 500 -c1 -t 1 ${subnet}.${ip} 2>&1 >/dev/null &) done

 echo Waiting for pings to return
 sleep 1m 

 # list arp cache
 # find IPs with mac like: b8-27-eb-..
 arp -a | grep "b8:27:eb:"
diff --git a/ssh.service b/ssh.service
 # another way to find the rpi is to add a avahi broadcast service to the rpi 
 # this will be broadcast
 # sudo vi /etc/avahi/services/ssh.service

 <service-group>
 <name replace-wildcards="yes">%h</name>
 <service>
 <type>_ssh._tcp</type>
 <port>22</port>
 </service>
 </service-group>

 # restart service on rpi
 systemctl restart avahi-daemon.service 

 # find rpi with
 avahi-browse -t -d local _ssh._tcp --resolve

 ssh <raspiname>.local
	@echo off
	REM run on windows in elevated cmd line

	REM clear arp cache
	arp -d

	REM TODO: get correct subnet

	REM bruteforce through the network
	for /L %%a in (1,1,254) do @start /b ping 192.168.0.%%a -w 100 -n 2 >nul

	echo Waiting for pings to return
	ping 127.0.0.1 -n 60 > nul

	REM list arp cache
	REM find IPs with mac like: b8-27-eb-..
	arp -a \| find "b8-27-eb-"
	#!/bin/bash

	if [ "$#" -lt 1 ]
	then
	echo "start with $0 wifi0"
	echo "check with ifconfig to list your interface names"
	exit 1
	fi

	# run on linux
	broadcast=`ifconfig $1 \| grep -o --color="never" "cast [0-9\.]*" \| sed "s/cast //#g"`

	broadcast_end="${broadcast##*.}"
	subnet="${broadcast%.*}"

	echo Broadcasting: ${subnet}.${broadcast_end}

	echo Enter sudo mode to clear existing arp cache

	# clear arp cache
	sudo ip -s -s neigh flush all 2>&1 >/dev/null

	# bruteforce through the network
	for ip in $(seq 1 $broadcast_end); do (ping -W 500 -c1 -t 1 ${subnet}.${ip} 2>&1 >/dev/null &) done

	echo Waiting for pings to return
	sleep 1m

	# list arp cache
	# find IPs with mac like: b8-27-eb-..
	arp -a \| grep "b8:27:eb:"
	# another way to find the rpi is to add a avahi broadcast service to the rpi
	# this will be broadcast
	# sudo vi /etc/avahi/services/ssh.service

	<service-group>
	<name replace-wildcards="yes">%h</name>
	<service>
	<type>_ssh._tcp</type>
	<port>22</port>
	</service>
	</service-group>

	# restart service on rpi
	systemctl restart avahi-daemon.service

	# find rpi with
	avahi-browse -t -d local _ssh._tcp --resolve

	ssh <raspiname>.local