Forum: >>> Magnum BBS <<<

Can nmap show 'my' MAC address

From Chris Green@21:1/5 to All on Sat Oct 19 20:00:01 2024

I am using nmap to scan my LAN with:-

sudo nmap -sn 192.168.1.0/24

It works as expected except that it doesn't show the MAC address for
the system that it's being run on:-

chris$ sudo nmap -sn 192.168.1.0/24
...
...
...
Nmap scan report for jrbb.zbmc.eu (192.168.1.227)
Host is up (0.018s latency).
MAC Address: 90:59:AF:7E:E4:3F (Texas Instruments)
Nmap scan report for homepi.zbmc.eu (192.168.1.228)
Host is up (0.0020s latency).
MAC Address: D8:3A:DD:53:83:9C (Unknown)
Nmap scan report for t470.zbmc.eu (192.168.1.128)
Host is up.
Nmap done: 256 IP addresses (15 hosts up) scanned in 3.10 seconds
chris$

So, is there any way to get it to tell me my own MAC address?

--
Chris Green

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Andy Smith@21:1/5 to Chris Green on Sat Oct 19 23:20:02 2024

Hi,

On Sat, Oct 19, 2024 at 06:51:45PM +0100, Chris Green wrote:

I am using nmap to scan my LAN with:-

sudo nmap -sn 192.168.1.0/24

It works as expected except that it doesn't show the MAC address for
the system that it's being run on:-

The reason why it does not show your MAC address is that nmap is
analysing the traffic it receives. When you talk to a local IP address
this does not generate Ethernet frames so it does not involve a MAC
address. As such you are expecting nmap to report things it doesn't
have access to.

You will need to explain what you are trying to achieve and find
another tool to do it with.

If it's as simple as just wanting to know the MAC address of everything�
on your broadcast domain, you will just have to look up the MAC of the
thing you are doing it from separately.

Thanks,
Andy

� Even then it relies upon the things agreeing to respond, which they
might not if they are purposefully hiding.

--
https://bitfolk.com/ -- No-nonsense VPS hosting

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Greg Wooledge@21:1/5 to Timothy M Butterworth on Sun Oct 20 02:30:01 2024

On Sat, Oct 19, 2024 at 20:16:53 -0400, Timothy M Butterworth wrote:

You can display your systems mac address with the following command:

$ ip address

sample output
link/ether d8:c0:a6:f4:cb:fd

Sure, you can *find* that somewhere in the output. But if the OP wants
to include this in a shell script along with nmap, then the -brief
option may be helpful:

hobbit:~$ ip -brief link
lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP>
eno1 UP d0:ad:08:23:8b:79 <BROADCAST,MULTICAST,UP,LOWER_UP>
wlp0s20f3 DOWN 70:d8:c2:1a:1e:a9 <BROADCAST,MULTICAST>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From [email protected]@21:1/5 to Chris Green on Sun Oct 20 08:30:01 2024

On Sat, Oct 19, 2024 at 06:51:45PM +0100, Chris Green wrote:

I am using nmap to scan my LAN with:-

sudo nmap -sn 192.168.1.0/24

It works as expected except that it doesn't show the MAC address for
the system that it's being run on:-

chris$ sudo nmap -sn 192.168.1.0/24
...
...
...
Nmap scan report for jrbb.zbmc.eu (192.168.1.227)
Host is up (0.018s latency).
MAC Address: 90:59:AF:7E:E4:3F (Texas Instruments)
Nmap scan report for homepi.zbmc.eu (192.168.1.228)
Host is up (0.0020s latency).
MAC Address: D8:3A:DD:53:83:9C (Unknown)
Nmap scan report for t470.zbmc.eu (192.168.1.128)
Host is up.
Nmap done: 256 IP addresses (15 hosts up) scanned in 3.10 seconds
chris$

So, is there any way to get it to tell me my own MAC address?

As others have said in this thread, tt's not built for that. But then,
it actually can:

nmap --iflist

Kids, read your man pages ;-)

Cheers
--
t

-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCZxSiFAAKCRAFyCz1etHa RhMOAJ9sZE4vDzUs8+s6HFTG3xij2UQ67gCeNaXGMBExe5f1BttnavX05ZUB7P0=
=KdJ5
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Chris Green@21:1/5 to jeremy ardley on Sun Oct 20 10:00:01 2024

jeremy ardley <[email protected]> wrote:

On 20/10/24 01:51, Chris Green wrote:

I am using nmap to scan my LAN with:-

sudo nmap -sn 192.168.1.0/24

It works as expected except that it doesn't show the MAC address for
the system that it's being run on:-

chris$ sudo nmap -sn 192.168.1.0/24
...
...
...
Nmap scan report for jrbb.zbmc.eu (192.168.1.227)
Host is up (0.018s latency).
MAC Address: 90:59:AF:7E:E4:3F (Texas Instruments)
Nmap scan report for homepi.zbmc.eu (192.168.1.228)
Host is up (0.0020s latency).
MAC Address: D8:3A:DD:53:83:9C (Unknown)
Nmap scan report for t470.zbmc.eu (192.168.1.128)
Host is up.
Nmap done: 256 IP addresses (15 hosts up) scanned in 3.10 seconds
chris$

So, is there any way to get it to tell me my own MAC address?

nmap may not do that but there are any number of ways to find you mac addresses

e.g.

ip link show

Yes, but the output from 'ip link show' wraps a whole lot of other
junk around the MAC address which I'd need to remove for the
application I want it for.

--
Chris Green
·

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Chris Green@21:1/5 to Andy Smith on Sun Oct 20 10:00:01 2024

Andy Smith <[email protected]> wrote:

Hi,

On Sat, Oct 19, 2024 at 06:51:45PM +0100, Chris Green wrote:

I am using nmap to scan my LAN with:-

sudo nmap -sn 192.168.1.0/24

It works as expected except that it doesn't show the MAC address for
the system that it's being run on:-

The reason why it does not show your MAC address is that nmap is
analysing the traffic it receives. When you talk to a local IP address
this does not generate Ethernet frames so it does not involve a MAC
address. As such you are expecting nmap to report things it doesn't
have access to.

You will need to explain what you are trying to achieve and find
another tool to do it with.

If it's as simple as just wanting to know the MAC address of everything¹
on your broadcast domain, you will just have to look up the MAC of the
thing you are doing it from separately.

Thanks Andy, an excellent explanation of what I'm seeing. ... and as
you say I'm just using 'nmap -sn' to provide me with a list of hosts
on my LAN.

--
Chris Green
·

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From George at Clug@21:1/5 to All on Sun Oct 20 10:10:01 2024

On Sunday, 20-10-2024 at 04:51 Chris Green wrote:

I am using nmap to scan my LAN with:-

sudo nmap -sn 192.168.1.0/24

It works as expected except that it doesn't show the MAC address for
the system that it's being run on:-

chris$ sudo nmap -sn 192.168.1.0/24
...
...
...
Nmap scan report for jrbb.zbmc.eu (192.168.1.227)
Host is up (0.018s latency).
MAC Address: 90:59:AF:7E:E4:3F (Texas Instruments)
Nmap scan report for homepi.zbmc.eu (192.168.1.228)
Host is up (0.0020s latency).
MAC Address: D8:3A:DD:53:83:9C (Unknown)
Nmap scan report for t470.zbmc.eu (192.168.1.128)
Host is up.
Nmap done: 256 IP addresses (15 hosts up) scanned in 3.10 seconds
chris$

So, is there any way to get it to tell me my own MAC address?

Can depend on the version of nmap, and also whether running nmap as root.

$ nmap -sn 192.168.1.0/24 does not provide me with MAC addresses on my local network, but running the command as root ...

# nmap -sn 192.168.1.0/24 does provide me with MAC addresses.

as does

# nmap -snP 192.168.1.0/24 (which also finds our wifi connected Android phones)

George.

--
Chris Green

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Andy Smith@21:1/5 to Chris Green on Sun Oct 20 14:20:01 2024

Hi,

On Sun, Oct 20, 2024 at 08:38:45AM +0100, Chris Green wrote:

Yes, but the output from 'ip link show' wraps a whole lot of other
junk around the MAC address which I'd need to remove for the
application I want it for.

$ ip --json link show | jq '.[].address'
"00:00:00:00:00:00"
"10:7b:44:93:fa:c4"
"2e:7d:6c:1d:f7:dd"
"d2:1d:7d:50:18:08"
null

The other output types of "ip" are also amenable to columnar selection.

Thanks,
Andy

--
https://bitfolk.com/ -- No-nonsense VPS hosting

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From [email protected]@21:1/5 to Andy Smith on Sun Oct 20 15:00:01 2024

On Sun, Oct 20, 2024 at 12:12:19PM +0000, Andy Smith wrote:

Hi,

On Sun, Oct 20, 2024 at 08:38:45AM +0100, Chris Green wrote:

Yes, but the output from 'ip link show' wraps a whole lot of other
junk around the MAC address which I'd need to remove for the
application I want it for.

$ ip --json link show | jq '.[].address'
"00:00:00:00:00:00"
"10:7b:44:93:fa:c4"
"2e:7d:6c:1d:f7:dd"
"d2:1d:7d:50:18:08"
null

The other output types of "ip" are also amenable to columnar selection.

+1 for jq. It's really worth the effort to wrap one's brain around that
little gem.

Cheers
--
t

-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCZxT+aQAKCRAFyCz1etHa Rq3/AJ9ybUk3YUvinrWbR0vQFZeVYO5W2ACdGR/H63YDCuKLKdLP1NnEJ++BJ2g=
=PUFa
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Greg Wooledge@21:1/5 to Chris Green on Sun Oct 20 15:20:01 2024

On Sun, Oct 20, 2024 at 08:38:45 +0100, Chris Green wrote:

Yes, but the output from 'ip link show' wraps a whole lot of other
junk around the MAC address which I'd need to remove for the
application I want it for.

ip -brief link show

You can also combine -brief with -json if you'd like to use jq(1) or
some other JSON parser to grab the specific field you want.

Without -json, the -brief format is easily parsed by shell commands.
For example,

hobbit:~$ ip -brief link | awk '$2 == "UP" {print $3}'
d0:ad:08:23:8b:79

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Hans@21:1/5 to All on Sun Oct 20 18:20:01 2024

This is a multi-part message in MIME format.

Am Samstag, 19. Oktober 2024, 19:51:45 CEST schrieb Chris Green:
Another option might be using

nmap --spoof-mac 00:25:de:ad:be:ef -sn 192.168.0.1/24

Doing so, you will not get your REAL MAC address, but you will get your ACTUAL one for the
scanning moment.

Yes, it is not the same, but maybe it might come usefull.

Best

Hans

I am using nmap to scan my LAN with:-

sudo nmap -sn 192.168.1.0/24

It works as expected except that it doesn't show the MAC address for
the system that it's being run on:-

chris$ sudo nmap -sn 192.168.1.0/24
...
...
...
Nmap scan report for jrbb.zbmc.eu (192.168.1.227)
Host is up (0.018s latency).
MAC Address: 90:59:AF:7E:E4:3F (Texas Instruments)
Nmap scan report for homepi.zbmc.eu (192.168.1.228)
Host is up (0.0020s latency).
MAC Address: D8:3A:DD:53:83:9C (Unknown)
Nmap scan report for t470.zbmc.eu (192.168.1.128)
Host is up.
Nmap done: 256 IP addresses (15 hosts up) scanned in 3.10 seconds
chris$

So, is there any way to get it to tell me my own MAC address?

<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>Am Samstag, 19. Oktober 2024, 19:51:45 CEST schrieb Chris Green:
Another option might be using
 nmap --spoof-mac 00:25:de:ad:be:ef -sn 192.168.0.1/24<

 Doing so, you will not get your REAL MAC address, but you will get your ACTUAL one for the scanning moment.
 Yes, it is not the same, but maybe it might come usefull.
 Best
 Hans 
 > I am using nmap to scan my LAN with:-
> >     sudo nmap -sn 192.168.1.0/24
> > It works as expected except that it doesn't show the MAC address for
> the system that it's being run on:-
> >     chris$ sudo nmap -sn 192.168.1.0/24
>     ...
>     ...
>     ...
>     Nmap scan report for jrbb.zbmc.eu (192.168.1.227)
>     Host is up (0.018s latency).
>     MAC Address: 90:59:AF:7E:E4:3F (Texas Instruments)
>     Nmap scan report for homepi.zbmc.eu (192.168.1.228)
>     Host is up (0.0020s latency).
>     MAC Address: D8:3A:DD:53:83:9C (Unknown)
>     Nmap scan report for t470.zbmc.eu (192.168.1.128)
>     Host is up.
>     Nmap done: 256 IP addresses (15 hosts up) scanned in 3.10 seconds
>     chris$
> > So, is there any way to get it to tell me my own MAC address?
 </body>
</html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Bob Worm
  Sun Jun 7 20:58:28 2026
  from Wales, Uk via Telnet
- Michal Wronka
  Sun Jun 7 19:26:28 2026
  from Wroclaw, Poland via SSH
- Centurion
  Sun Jun 7 16:59:51 2026
  from Berea, Ohio via Telnet
- Furryboy
  Sun Jun 7 13:40:29 2026
  from Romania, Galati via SSH
- Krenn
  Sun Jun 7 10:02:33 2026
  from Sydney, Nsw via Telnet
- Spearb0y
  Sun Jun 7 07:41:05 2026
  from Massachusetts via SSH
- Krenn
  Sun Jun 7 03:07:26 2026
  from Sydney, Nsw via Telnet
- Krenn
  Sun Jun 7 01:30:12 2026
  from Sydney, Nsw via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (2 / 14)
Uptime:	06:07:16
Calls:	12,100
Calls today:	8
Files:	15,003
Messages:	6,517,915
Posted today:	1

Can nmap show 'my' MAC address

Who's Online

Recent Visitors

System Info