Macbook can't get network card information

[muddlelife]

Hello, I am using Macbook M1, I found that when using pistol to send syn packets, the source IP address could not be automatically obtained. I also saw in your code that you did not obtain the network card for macOS, could you add this function? If you need my help, please tell me at any time

https://github.com/rikonaka/pistol-rs/blob/013b27543fd86fdb8306385b4a6ff61f200aa29c/src/layers.rs#L610

[rikonaka]

In fact, the biggest problem right now is that I don't have any Apple products to use for testing 😂. That function is actually quite simple, it's just executing a system command to get the default route address in the system, it might be better to do that part of the code and testing on your computer if you can. Or it's fine if you provide the commands and output for getting the system route on a Mac, and I will finish it as soon as possible.

[muddlelife]

I found crates local-ip-address to be very useful, and in my tests it worked perfectly to get my current network card, both linux and Windows supported. The test environment is a MacBook M1 Pro

use local_ip_address::local_ip;

fn main() {
    let my_local_ip = local_ip().unwrap();

    println!("This is my local IP address: {:?}", my_local_ip);
}

This is my local IP address: 192.168.47.242

And I saw his source code and I thought this would be a good fit

[rikonaka]

I took a look at the library, but realized that it can only be used to return local ip addresses and not route addresses.

[rikonaka]

Hi @muddlelife , I added the adaptation for Unix-like systems because I don't have any Apple products, but I tested it on FreeBSD and the results showed no problems, could you please test it on macOS?

[muddlelife]

Here are the results of my tests

But I used the latest pistol-rs crates, version 1.0.6, and still couldn't scan on MacOS, with the following error

warning: `portscan` (bin "portscan") generated 1 warning
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.12s
     Running `target/debug/portscan`
thread 'main' panicked at src/main.rs:27:7:
called `Result::unwrap()` on an `Err` value: Invalid component in a MAC address string

Here's my test code

Cargo.toml

[package]
name = "portscan"
version = "0.1.0"
edition = "2021"

[dependencies]
anyhow = "1.0.86"
pistol = "1.0.6"

[dependencies.pnet]
version = "0.35.0"

main.rs

use pistol::{tcp_syn_scan, Host, Target};
use std::net::Ipv4Addr;
use std::time::Duration;
use anyhow::Result;

fn main() -> Result<()> {
    // When using scanning, please use a real local address to get the return packet.
    // And for flood attacks, please consider using a fake address.
    // If the value here is None, the programme will automatically look up the available addresses from the existing interfaces on the device.
    let src_ipv4 = Some(Ipv4Addr::new(192, 168, 47, 242));
    // If the value of `source port` is `None`, the program will generate the source port randomly.
    let src_port = None;
    // The destination address is required.
    let dst_ipv4 = Ipv4Addr::new(192, 168, 100, 17);
    let threads_num = 8;
    let timeout = Some(Duration::new(3, 0));
    // Test with an open port `22` and a closed port `99`.
    let host = Host::new(dst_ipv4, Some(vec![22, 99]));
    /// Users should build the `target` themselves.
    let target = Target::new(vec![host]);
    let ret = tcp_syn_scan(
        target,
        src_ipv4,
        src_port,
        threads_num,
        timeout,
    ).unwrap();
    println!("{}", ret);
    Ok(())
}

And I can ping 192.168.100.17

[rikonaka]

Ok, I had fixed this problem and released the v1.0.7, please test it again. 😉