Masscan Empty/Blank Results on Scan

[SICKFREDO]

Currently Running Kali 2.0, When I Do a Scan using masscan I get no results, I have also tried using my raspberry pi running Raspian and still get the same results. Wireshark running on the same machine shows traffic been sent but nothing returning. Wireshark running on a remote machine on the same network does not see that traffic. below is a scan/output. Please advice!

Also Tried with out the Rate Option and full 1-65535 port scans with same results. Nmap does show open ports on the target machine.

Example of issue:

Sample #1 sudo masscan --max-rate 1000 172.16.151.2/32 -p1-2000

Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2016-04-25 04:55:29 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 1 hosts [2000 ports/host]

---

Sample #2 with Verbose switch on

masscan 172.16.151.2 -p1-1000 --router-mac 64:66:b3:5d:8a:9e --interface wlan0 -v initializing adapter wlan0: type=0x 1 pcap: libpcap version 1.7.4 pcap:'wlan0': successfully opened adapter initialization done. xmit: starting transmit thread #0

Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2016-04-26 00:36:24 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 1 hosts [1000 ports/host] recv: start receive thread #0, 0:00:00 remaining, found=0
begin receive thread maxrate = 100.00 Transmit thread done, waiting for receive thread to realize this
xmit: stopping transmit thread #0aiting 0-secs, found=0
recv: end receive thread #0one, waiting 0-secs, found=0
EXITING main thread00.00% done, waiting -1-secs, found=0

[ghost]

Try using --rate 1000 instead of --max-rate 1000 and see if that does anything.

[Greyh4t]

Did you resolved that? I got similar problem, use same command, masscan in windows is normal, but in kali it‘s always lost some result. Wireshark shows traffic been sent but in kali some host not returning.

[SICKFREDO]

Nothing has worked so far i'm still having issues.

[ghost]

Howdy, First of all, are you sure that there are any hosts inside 172.16.0.0/12 you can reach, this is a reserved / private ipv4 block. Second, I notice that you are using wlan (im guessing wifi), have you tryed with wired. Third try doing the same towards a know public range, where you know there are open ports.

Ive just tested with kali-linux-2016.1-amd64.iso and I am finding open ports as expected.

If you still have problems with your distribution of Kali, try to remove the preinstalled on and get the newest from github.

[DrCryptp00n]

I am having the same issue using kali-linux-2016.1-amd64.iso. I am running Kali using VirtualBox and for this test have the network configured as "Host-only Adapter". I am also running Metasploitable 2 using VirtualBox with same network configuration. These guests are able to communicate with each other, in fact running an NMAP scan from Kali against Metasploitable 2 reveals the expected open ports. However with Masscan found=0 with this command: ./masscan -v -e eth0 --router-mac 66-55-44-33-22-11 -p1-1024 192.168.56.102 -oL output.txt Masscan is the newest from Github and installed under /opt/masscan.

[DrCryptp00n]

I re-installed masscan but still get same empty result:

./masscan 192.168.56.102/32 -v --ports 0-1024 --router-mac 66-55-44-33-22-11 --interface eth0initializing adapter eth0: type=0x 1 pcap: libpcap version 1.7.4 pcap:'eth0': successfully opened adapter initialization done.

Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2016-07-12 14:55:07 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 1 hosts [1025 ports/host] THREAD: status: starting thread THREAD: recv: starting thread #0 0:00:00 remaining, found=0
THREAD: recv: starting main loop THREAD: xmit: starting thread #0 maxrate = 100.00 THREAD: xmit done, waiting for receive thread to realize this
THREAD: recv: stopping thread #0waiting 0-secs, found=0
THREAD: xmit: stopping thread #0waiting 0-secs, found=0
THREAD: status: stopping thread waiting 0-secs, found=0

[ghost]

Just to confirm, you don't actually use_ --router-mac 66-55-44-33-22-11 ?

[DrCryptp00n]

initializing adapter eth0: type=0x 1 pcap: libpcap version 1.7.4 pcap:'eth0': successfully opened rawsock: looking for default gateway FAIL: failed to detect router for interface: "eth0" [hint] try something like "--router-mac 66-55-44-33-22-11"

But have tried with other "MAC formats" e.g. --router-mac 66:55:44:33:22:11 or --router-mac 64:66:b3:5d:8a:9e but makes no difference

[ghost]

Documentation for --router-mac can be found at: https://github.com/robertdavidgraham/masscan/blob/master/doc/masscan.8.markdown

If you are scanning something in your local subnet, there should be no reason to use either --router-mac nor --interface - try with a simple:

/masscan 192.168.56.102 -p0-1024

When testing make it simple and then build on if need be.

[DrCryptp00n]

Thanks but same zero result. This evening I am going to run some tests using VirtualBox with the guest network adapter configured with NAT, Bridged and Internal and see what results I get.

[SICKFREDO]

I have upgraded my entire PC (Hardware) and did a fresh kali install and is now working, not sure if it was related to the hardware or a bad install.

[DrCryptp00n]

Hi SickFredo do you have Kali running as a virtualized Guest or natively as primary OS on your hardware?

[SICKFREDO]

I was having issues with both, have a dual boot partition and on my windows I tried running a Kali vm with the same results.

[cblanto7]

I was this same issue on most recent versions of masscan and kali linux 2 running on VMWare Workstation 12.5; no results from any scan, even scans where I know there are open ports (because I already scouted them with nmap). but if you reduce the rate to something like --rate 1000 then masscan will start to work.

[mahatah]

I'm going to post my solution here to a very similar problem as I suspect this may solve this problem too. That discussion is at: https://github.com/robertdavidgraham/masscan/issues/43. In none of the above examples did I see anyone explicitly state they used "--router-ip" for the gateway IP of a desired interface and "-e" specifying the desired interface at the same time. In my example, I use a "tap0" interface but you should be able to substitute that with the interface you want masscan to use. Would someone whom is having trouble with this issue please attempt the following to verify whether this solution is valid for you?

[MY SOLUTION] I recently had this problem with a 'tap0' interface which was accessed by an OpenVPN client. Disabling the interface was not an option.

Original Error: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 FAIL: failed to detect router for interface: "tap0" [hint] try something like "--router-mac 66-55-44-33-22-11"

Verbose Original Error: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 -vv pfring: error: dlopen('libpfring.so'): No such file or directory initializing adapter auto-detected: adapter-ip=10.1.0.153 tap0: type=0x 1 auto-detected: adapter-mac=5*-**-**-**-**-** pcap: libpcap version 1.7.4 pcap:'tap0': opening... pcap:'tap0': successfully opened rawsock: looking for default gateway auto-detected: router-ip=0.0.0.0 arp: opcode=1, not reply(2) ^C

I stopped the output at "router-ip=0.0.0.0" since I knew 0.0.0.0 to be incorrect for my tap0 interface. Once I specified the correct gateway IP with "--router-ip", all was well. Here's how:

First, find the gateway IP for the interface you want masscan to use.

Finding Gateway IP for All Interfaces: root@kali:~# ip route default via 192.168.1.1 dev wlan0 proto static metric 600 10.1.0.0/16 dev tap0 proto kernel scope link src 10.1.0.153 10.31.31.0/24 via 10.1.0.1 dev tap0 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.10 metric 600

In my case, the gateway IP I needed for tap0 was "10.1.0.1", which is shown above as 10.31.31.0/24 via 10.1.0.1 dev tap0. Setting the "--router-ip" parameter value to "10.1.0.1" when calling masscan fixed the issue for me as shown:

Masscan Command Solution Example: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 --router-ip 10.1.0.1 Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2017-04-04 06:11:19 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 256 hosts [1 port/host] Discovered open port 110/tcp on 10.1.1.30
Discovered open port 110/tcp on 10.1.1.140 Discovered open port 110/tcp on 10.1.1.128
Discovered open port 110/tcp on 10.1.1.76
Discovered open port 110/tcp on 10.1.1.215

So in short, the solution that worked for me was as simple as finding the IP address of the gateway for the interface I wanted masscan to use. Then, merely providing the gateway IP and desired interface using the "--router-ip" parameter for the gateway IP and the "-e" parameter for the desired interface. Generically, the command would look like this:

Generic Masscan Command Solution Example: masscan <TARGET_IP_RANGE> -p <TARGET_PORT> -e <DESIRED_INTERFACE> --router-ip <GATEWAY_IP_OF_DESIRED_INTERFACE>

[benichmt1]

I am having the same issue using the version installed with Kali Linux 2016.2 x64 and compiling directly from github. Setting the rate did not fix the problem as mentioned above.

Also tried setting the interface manually with -e and the --router-ip.

[moonD4rk]

I'm going to post my solution here to a very similar problem as I suspect this may solve this problem too. That discussion is at: https://github.com/robertdavidgraham/masscan/issues/43. In none of the above examples did I see anyone explicitly state they used "--router-ip" for the gateway IP of a desired interface and "-e" specifying the desired interface at the same time. In my example, I use a "tap0" interface but you should be able to substitute that with the interface you want masscan to use. Would someone whom is having trouble with this issue please attempt the following to verify whether this solution is valid for you?

[MY SOLUTION] I recently had this problem with a 'tap0' interface which was accessed by an OpenVPN client. Disabling the interface was not an option.

Original Error: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 FAIL: failed to detect router for interface: "tap0" [hint] try something like "--router-mac 66-55-44-33-22-11"

Verbose Original Error: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 -vv pfring: error: dlopen('libpfring.so'): No such file or directory initializing adapter auto-detected: adapter-ip=10.1.0.153 tap0: type=0x 1 auto-detected: adapter-mac=5*-**-**-**-**-** pcap: libpcap version 1.7.4 pcap:'tap0': opening... pcap:'tap0': successfully opened rawsock: looking for default gateway auto-detected: router-ip=0.0.0.0 arp: opcode=1, not reply(2) ^C

I stopped the output at "router-ip=0.0.0.0" since I knew 0.0.0.0 to be incorrect for my tap0 interface. Once I specified the correct gateway IP with "--router-ip", all was well. Here's how:

First, find the gateway IP for the interface you want masscan to use.

Finding Gateway IP for All Interfaces: root@kali:~# ip route default via 192.168.1.1 dev wlan0 proto static metric 600 10.1.0.0/16 dev tap0 proto kernel scope link src 10.1.0.153 10.31.31.0/24 via 10.1.0.1 dev tap0 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.10 metric 600

In my case, the gateway IP I needed for tap0 was "10.1.0.1", which is shown above as 10.31.31.0/24 via 10.1.0.1 dev tap0. Setting the "--router-ip" parameter value to "10.1.0.1" when calling masscan fixed the issue for me as shown:

Masscan Command Solution Example: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 --router-ip 10.1.0.1 Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2017-04-04 06:11:19 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 256 hosts [1 port/host] Discovered open port 110/tcp on 10.1.1.30 Discovered open port 110/tcp on 10.1.1.140 Discovered open port 110/tcp on 10.1.1.128 Discovered open port 110/tcp on 10.1.1.76 Discovered open port 110/tcp on 10.1.1.215

So in short, the solution that worked for me was as simple as finding the IP address of the gateway for the interface I wanted masscan to use. Then, merely providing the gateway IP and desired interface using the "--router-ip" parameter for the gateway IP and the "-e" parameter for the desired interface. Generically, the command would look like this:

Generic Masscan Command Solution Example: masscan <TARGET_IP_RANGE> -p <TARGET_PORT> -e <DESIRED_INTERFACE> --router-ip <GATEWAY_IP_OF_DESIRED_INTERFACE>

thx, setting route ip works for me.

[badgenes]

You can make life easier by:

Gw=ifconfig tap0 | grep 'inet' | awk '{ print $4}' Masscan target_ip target_port -e tap0 --router-ip $gw

On Sun, Jan 6, 2019, 8:45 PM MoonDark <notifications@github.com wrote:

I'm going to post my solution here to a very similar problem as I suspect this may solve this problem too. That discussion is at: https://github.com/robertdavidgraham/masscan/issues/43 http://url. In none of the above examples did I see anyone explicitly state they used "--router-ip" for the gateway IP of a desired interface and "-e" specifying the desired interface at the same time. In my example, I use a "tap0" interface but you should be able to substitute that with the interface you want masscan to use. Would someone whom is having trouble with this issue please attempt the following to verify whether this solution is valid for you?

[MY SOLUTION] I recently had this problem with a 'tap0' interface which was accessed by an OpenVPN client. Disabling the interface was not an option.

Original Error: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 FAIL: failed to detect router for interface: "tap0" [hint] try something like "--router-mac 66-55-44-33-22-11"

Verbose Original Error: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 -vv pfring: error: dlopen('libpfring.so'): No such file or directory initializing adapter auto-detected: adapter-ip=10.1.0.153 tap0: type=0x 1 auto-detected: adapter-mac=5*-----** pcap: libpcap version 1.7.4 pcap:'tap0': opening... pcap:'tap0': successfully opened rawsock: looking for default gateway auto-detected: router-ip=0.0.0.0 arp: opcode=1, not reply(2) ^C

I stopped the output at "router-ip=0.0.0.0" since I knew 0.0.0.0 to be incorrect for my tap0 interface. Once I specified the correct gateway IP with "--router-ip", all was well. Here's how:

First, find the gateway IP for the interface you want masscan to use.

Finding Gateway IP for All Interfaces: root@kali:~# ip route default via 192.168.1.1 dev wlan0 proto static metric 600 10.1.0.0/16 dev tap0 proto kernel scope link src 10.1.0.153 10.31.31.0/24 via 10.1.0.1 dev tap0 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.10 metric 600

In my case, the gateway IP I needed for tap0 was "10.1.0.1", which is shown above as 10.31.31.0/24 via 10.1.0.1 dev tap0. Setting the "--router-ip" parameter value to "10.1.0.1" when calling masscan fixed the issue for me as shown:

Masscan Command Solution Example: root@kali:~# masscan 10.1.1.0/24 -p 110 -e tap0 --router-ip 10.1.0.1 Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2017-04-04 06:11:19 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 256 hosts [1 port/host] Discovered open port 110/tcp on 10.1.1.30 Discovered open port 110/tcp on 10.1.1.140 Discovered open port 110/tcp on 10.1.1.128 Discovered open port 110/tcp on 10.1.1.76 Discovered open port 110/tcp on 10.1.1.215

So in short, the solution that worked for me was as simple as finding the IP address of the gateway for the interface I wanted masscan to use. Then, merely providing the gateway IP and desired interface using the "--router-ip" parameter for the gateway IP and the "-e" parameter for the desired interface. Generically, the command would look like this:

Generic Masscan Command Solution Example: masscan -p -e --router-ip

thx, setting route ip works for me.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/robertdavidgraham/masscan/issues/220#issuecomment-451805771, or mute the thread https://github.com/notifications/unsubscribe-auth/AbV1xBrrV0gRDJL1Vu7wGIykRphFmGJVks5vArTmgaJpZM4IPY5_ .

[aadarshaddy]

http://blog.poorakkashyap.com/2012/solved-error-unknown-interface-eth0eth0-on-ubuntu/#comment-30401 works well!

[nandy6666]

Adding gateway IP for the --router-ip flag worked for me!!

[dehinde007]

Change your VM network to NAT or double check your network settings.