search

robertdavidgraham / masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
GNU Affero General Public License v3.0
23.09k stars 3.03k forks source link

Masscan is broken #297

Open SmirMax opened 6 years ago

SmirMax commented 6 years ago

I have used masscan 1.0.3 without any troubles for months, but it is broken recently, as I think, this is because of system packages update of my Debian GNU/Linux 8.9 (jessie) (core version 3.16.0-4-amd64).

Now, a regular command:

masscan xxx.xxx.xxx.xxx -p10000-65000 -oL result.log

causing an error:

FAIL: failed to detect router for interface: "eth0"
 [hint] try something like "--router-mac 66-55-44-33-22-11"

If I using an "--router-mac" option with MAC address of eth0 interface, scanning begins, but no open ports found, although they exists.

Has anyone encountered a similar problem? How to solve it?

zenware commented 6 years ago

I don't actually know the solution to this particular problem offhand but it seems odd to open an issue called "Masscan is broken" and then in the contents of the issue say, "for me, and someone might know the right argument I need to make it work".

Could you at least try compiling your own version or if you just need an "it works now" solution, roll back to 1.0.3 with your package manager. Here is the guide on Debian's site to roll back a package, it shouldn't be too much trouble since the previous version was statically linked and the new version is dynamically linked, so I imagine the only thing you'll need to downgrade is masscan.

If there is actually a real problem with the new version of masscan and you care about solving it, it would be nice to see more information. I can do my best at setting up a test Debian 8.9 system and trying to run a similar command but I don't even know what kind of network eth0 is attached to or what the actual goals are, so there's really no way to diagnose.

I've just searched the source code for your error message and this is the line of code that decides whether to output that error message. For some reason, your mac address must be 6 null bytes... lets look at where it gets set, looks like it tries to grab it out of some data structure that was already populated, and if that doesn't work it tries to reach out to it over the network with it's IP and get it that way. The control flow in that area of the code honestly feels a bit clunky but that's okay. Basically, I think your NIC must not be associated with a router properly, which is a necessary part of using masscan. If you are properly associated with a router, and you need more tips, it would be awesome to have more information.

SmirMax commented 6 years ago

zenware, thanks for reply. My masscan is already at 1.0.3 version

dpkg -l masscan
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version      Architecture Description
+++-==============-============-============-=================================
ii  masscan        1.0.3-90-g24 amd64        TCP port scanner

my eth0 interface is "hardware", not virtial, and no network changes has been made before masscan broken

 ifconfig
eth0      Link encap:Ethernet  HWaddr 00:30:48:9f:6a:a8
          inet addr:xxx.xxx.xxx.xxx  Bcast:xxx.xxx.xxx.xxx  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:239062974 errors:0 dropped:9 overruns:0 frame:0
          TX packets:770090209 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:2000
          RX bytes:26367466811 (24.5 GiB)  TX bytes:86606653938 (80.6 GiB)
          Interrupt:16 Memory:dc100000-dc120000

eth0:0    Link encap:Ethernet  HWaddr 00:30:48:9f:6a:a8
          inet addr:xxx.xxx.xxx.xxx  Bcast:xxx.xxx.xxx.xxx  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:16 Memory:dc100000-dc120000

I can give any information you need to diagnose, just tell me.

SmirMax commented 6 years ago

removed apt-get package, and when trying to compile own version getting an error

clang -g -ggdb    -Wall -O3 -c src/crypto-base64.c -o tmp/crypto-base64.o
make: clang: Command not found
Makefile:87: recipe for target 'tmp/crypto-base64.o' failed
make: *** [tmp/crypto-base64.o] Error 127
kirit1193 commented 6 years ago

Install clang and try maybe?

SmirMax commented 6 years ago

The masscan is still broken, does anyone help?

skelsec commented 6 years ago

Masscan is not broken. You are missing the "clang", which is defined in the makefile Probably you are not using an OS for which the author stated: "other: I don't know, don't care" (from the readme)

Solution: modify your Makefile so the variable CC will point to your favorite compiler, like:

CC = gcc

SmirMax commented 6 years ago

I've installed clang, compiled masscan, and it works again! Thank you very much.

freeload101 commented 6 years ago

apt-get install clang fixed it HERP DERP

ekodikara commented 4 years ago

I did this on Ubuntu subsystem. apt-get install gcc and works for me.

MasonQAQ commented 4 years ago

Masscan is not broken. Clang is not broken. Anything else is not broken!

The problem is that your target network do not have a router(vitual or physical), so the scan host cannot find a route to send packet, if you don't understand yet, please have a look at the masscan source code. I guess your target network is a single network without gateway, a way to solve this problem is to make a vitual route between your target network and scan host, good luck.

Any problem: xinxiyangyue@163.com

zenware commented 4 years ago

@robertdavidgraham I think this can be closed now