DEV Community

Cover image for Built an IP Sweeper in Bash to Check Live Hosts on a /24 Network
Eworitse Egbejule
Eworitse Egbejule

Posted on • Edited on

Built an IP Sweeper in Bash to Check Live Hosts on a /24 Network

So just yesterday, I worked on a simple but really useful bash script — an IP sweeper that pings all hosts from 1 to 254 in a /24 network and returns the live ones. Thought I’d share it here in case anyone finds it helpful or wants to build on it.

What is an IP Sweeper?

An IP sweeper is basically a script or tool that checks which devices are currently active on a network. It's like scanning your local network to find all connected devices. It's super useful if you're working with networks, doing some light recon, or just curious about what devices are alive in a network.

Tools I Used

  1. Bash (obviously lol)
  2. Mousepad (text editor for writing the shell script)
  3. Ping (this one's built into most systems by default)

Step-by-step procedures

I'll be adding screenshots here and code blocks to make it easier to follow along if you'd like to try it out.

Step 1 - Create your script

The first step is creating your script. This is an obvious one because you'll need this to write your bash code.

mousepad ipsweep.sh
Enter fullscreen mode Exit fullscreen mode

It is important to use a .sh extension for this file so that you can run it as a shell script i.e. as an executable later

Here's how it should look:

Step 2: Shebang

The next step is adding the shebang operator and the file location to bash so Kali knows that the file is going to be a bash file, and its contents would be bash syntax.

It looks like:
#!/bin/bash

So, copy and paste that into your file.

Step 3:

Writing your ping command. Now ping is a simple tool in Linux that sends out ICMP packets to hosts on a network and checks to see if they are received or not. Here's what a simple ping request looks like:

NOTE: You can also ping an IP address. The example uses a domain name, but the tool also works with IP addresses.

Here's our final ping command:

for ip in `seq 1 254`; do
ping $1.$ip -c 1 | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" &
done
Enter fullscreen mode Exit fullscreen mode

Now calm down, I know this looks very complex, but I'll break it down in a bit. Just go ahead and paste it into your script.

-

for ip in `seq 1 254`; do

-- This is a 'for' loop and what it does is that it tells your computer to iterate through the sequence 1 - 254 and for each run it should do this second part:

ping $1.$ip -c 1| grep "64 bytes" | cut -d " " -f 4 | tr -d ":" &

  • Now you know what ping does, don't you?
    $1 - tells our script to take the first input that comes to the command (this is basically the IP address you write after the command name when executing the script)
    and $ip takes in the number of the current iteration from 1 to 254

  • grep is a tool in Linux to search through a file or directory for a word or group of words and return every instance to the terminal. So grep "64 bytes" has our computer return every line containing the word "64 bytes". Remember we set our count to 1 with ping? So that we know we're only looking at one file and grep helps us to limit the amount of content we are looking at by starting the line from "64 bytes" and cutting off this initial line:

PING dev.to (151.101.2.217) 56(84) bytes of data.

  • cut and tr are tools to help with _cut_ing off the unnecessary parts of the rest of the grep result (to not make this longer than necessary I didn't explain their commands)

  • done ends the if statement.

This is our code now:

for ip in `seq 1 254`; do
ping $1.$ip -c 1 | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" &
done
Enter fullscreen mode Exit fullscreen mode

Try this and it should work perfectly fine.

Now you may see errors like these, but not to worry they are just issues because virtualization platforms sometimes have difficulty synchronizing the guest OS's clock with the host OS's clock, leading to erratic time jumps.

Extra bit

I added an extra bit of code to the tool to make it handle data better.

An if statement to ensure the user types the three octets of their IP range and some prompts to serve as instruction to use the tool.

Final Code:

This is what your final code should look like:

#!/bin/bash

if [ "$1" == "" ]
then
echo "Please add an IP address to the command" 
echo "The syntax is : ./ipsweep.sh X.X.X"

else
for ip in `seq 1 254`; do
ping $1.$ip -c 1 | grep "64 bytes" | cut -d " " -f 4 | tr -d ":" &
done
fi

Enter fullscreen mode Exit fullscreen mode

Thanks for reading! Please leave a comment or suggestions on how you would make this better.

Top comments (0)