Bash one-line command to send wake on LAN magic packet without specific tool

Question

Is it possible to forge a wake on LAN magic packet and send it in just a one-line bash command?

Of course, I know there are specific tools for doing this that solve the problem in one line, but it could be useful to know the minimal requirements for WOL forging. This is: how to deal with wake on LAN without specific tools .

Answer 1

The minimum requirements I can think off:

• Bash supporting brace expansion (I think it is v3.5.1 and above).
• The sed command (1).
• NetCat .

Assuming:

• WOL package for LAN, broadcast to 255.255.255.255.

The command line would be:

echo -e $(echo $(printf 'f%.0s' {1..12}; printf "$(echo $MAC | sed 's/://g')%.0s" {1..16}) | sed -e 's/../\\x&/g') | nc -w1 -u -b 255.255.255.255 4000

Replace $MAC by the destination MAC. Or, this time in a two-liner :-) command:

MAC=11:22:33:44:55:66
echo -e $(echo $(printf 'f%.0s' {1..12}; printf "$(echo $MAC | sed 's/://g')%.0s" {1..16}) | sed -e 's/../\\x&/g') | nc -w1 -u -b 255.255.255.255 4000

So, in a more generic notation:

MAC=11:22:33:44:55:66
Broadcast=255.255.255.255
PortNumber=4000
echo -e $(echo $(printf 'f%.0s' {1..12}; printf "$(echo $MAC | sed 's/://g')%.0s" {1..16}) | sed -e 's/../\\x&/g') | nc -w1 -u -b $Broadcast $PortNumber

Explanations:

• The WOL magic packet is composed of ffffffffffff (12 times f ) followed by 16 times the destination MAC without colons ( : ).
• The sed command is used here to remove colons ( : ) from the MAC and to add the \\x hex specificator (so that 11 becomes \\x11 , 22 becomes \\x22 ... and so on) prior to sending the string to the network stack.
• The forged wake on LAN package is sent to the network stack piping it to NetCat . SoCat can be used instead (syntax will differ, of course).

Tested working on Ubuntu, Kali and even CygWin (Windows 7 SP 1 64 bits ).

To take under consideration:

• CygWin's NetCat version doesn't need for -b parameter.
• NetCat's OpenBSD version has a bug as for today (Juy 2015) on broadcast data sending ( -b ), so you will have to replace it by NetCat Traditional version (netcat-traditional package on apt-get installers).
• This example uses UDP port 4.000. The specific port number seems not to be important on WOL.
• The above one-line bash command should work too for wake on LAN via internet . In this case replace $Broadcast address by the destination public IP, and open/forward the specified $PortNumber (UDP) on destination.
• echo -e can be replaced by printf .

WOL magic packet string for the above example:

FFFFFFFFFFFF112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566112233445566

(1) Well, indeed, sed is not explicitly required. It is used here to remove ':' and add \\x to each pair of characters in the magic packet's forged string. I know there are ways to replace sed by some shell expansion or so.

Answer 2

The default port for the wake-up transmission is UDP port 9.

UDP is the recommended protocol to use for WOL because it can be generated without raw sockets which come with security restrictions, and port 9 is recommended because it maps to the old well-known discard protocol. Sometimes you would see port 7 being used but this maps to the echo protocol.

This means that if there are hosts on your network that support this old simple standard service you will get unnecessary backscatter traffic when using port 7 but none when using port 9. And since Wake-on-LAN is normally broadcasted, you could get backscatter from many hosts.

Further, if you are troubleshooting WoL with a network sniffer such as Wireshark, it will decode WoL packets properly only if they are UDP packets on port 9.

source: https://superuser.com/questions/295325/does-it-matter-what-udp-port-a-wol-signal-is-sent-to