grutz
commented
9 years ago def oui_lookup(mac_addr='00:00:00:00:00:00', nmap_os_db='/usr/local/share/nmap/nmap-mac-prefixes'):
"""
Lookup a vendor from the Nmap MAC Prefixes file
>>> oui_lookup('00:00:00:00:00:00')
'Xerox'
>>> oui_lookup('00-00-00-00-00-00')
'Xerox'
>>> oui_lookup(-1)
'Unknown'
>>> oui_lookup('00:00:00:00:00:00', nmap_os_db='/zxvkjaiwe/9234123/zxcvzxvsadf')
'Unknown'
"""
import os
import mmap
try:
oui_fs = open(nmap_os_db, "r")
except IOError, err:
return dict(mac_addr='Unknown')
oui_data = mmap.mmap(oui_fs.fileno(), 0, access=mmap.ACCESS_READ)
def _lookup(mac_addr, oui_data):
oui_result = 'Unknown'
# remove : or - or just accept it as is and be lucky
if mac_addr.find(':') > -1:
mac_lookup = "".join(mac_addr.split(':')[:3])
else:
mac_lookup = "".join(mac_addr.split('-')[:3])
if len(mac_lookup) == 6:
# MAC addresses in nmap db are in upper case and we want start of line (post \n)
location = oui_data.find('\n' + mac_lookup.upper())
location += 1 # remove leading \n
if location > 0:
oui_result = oui_data[location+7:location+oui_data[location:].find('\n')]
return oui_result
result = {}
if isinstance(mac_addr, list):
for addr in mac_addr:
result[addr] = _lookup(addr, oui_data)
if isinstance(mac_addr, str):
result[mac_addr] = _lookup(mac_addr, oui_data)
return result
Would be nice to have the IEEE OUI MAC results displayed in host/details if possible. Can utilize the Nmap OUI database (/usr/local/share/nmap/nmap-mac-prefixes) (PREFERRED) or download it and edit from IEEE (http://standards.ieee.org/develop/regauth/oui/public.html) and include it in etc/ (ugh)