Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
while Nmap already allows to set a custom source MAC address via --spoof-mac, there is no command line switch available to set the destination MAC address.
This option might be useful when scanning multihomed devices, on which the target MAC address might not be the one which was derived by earlier ARP responses (or in cases there is no entry in the routing table pointing to the target network).
Since Nmap relies on the routing table of the operating system, the only way to perform such a scan is to manually set a route to the hidden network with the target MAC address as the gateway.
A separate command line switch like "--dst-mac <mac" or similar could help to speed this up. What are your thoughts?
This is an interesting idea, though we would want a solution that scales to multiple targets. As an example of another address mapping that allows local override, DNS names can be mapped to IP addresses in the
The preferred solution at the moment is to manipulate the OS's ARP tables using tools like