iOS 10.3 and MAC-address about mmlanscan HOT 135 CLOSED

Here is my solution, it is only test code, not something, I would use direct in a product .But I am sure Apple will block it in the next release.

` for (int a=0;a<255;a++) {
NSString * myhost = [NSString stringWithFormat:@"192.168.1.%d",a];
[self jan_mac_addr_test:[myhost UTF8String]];

}`

`
-(void) jan_mac_addr_test:(const char*) host
{
#define BUFLEN (sizeof(struct rt_msghdr) + 512)
#define SEQ 9999
#define RTM_VERSION 5 // important, version 2 does not return a mac address!
#define RTM_GET 0x4 // Report Metrics
#define RTF_LLINFO 0x400 // generated by link layer (e.g. ARP)
#define RTF_IFSCOPE 0x1000000 // has valid interface scope
#define RTA_DST 0x1 // destination sockaddr present
int sockfd;
unsigned char buf[BUFLEN];
unsigned char buf2[BUFLEN];
ssize_t n;
struct rt_msghdr *rtm;
struct sockaddr_in *sin;
memset(buf,0,sizeof(buf));
memset(buf2,0,sizeof(buf2));

sockfd = socket(AF_ROUTE, SOCK_RAW, 0);
rtm = (struct rt_msghdr *) buf;
rtm->rtm_msglen = sizeof(struct rt_msghdr) + sizeof(struct sockaddr_in);
rtm->rtm_version = RTM_VERSION;
rtm->rtm_type = RTM_GET;
rtm->rtm_addrs = RTA_DST;
rtm->rtm_flags = RTF_LLINFO;
rtm->rtm_pid = 1234;
rtm->rtm_seq = SEQ;


sin = (struct sockaddr_in *) (rtm + 1);
sin->sin_len = sizeof(struct sockaddr_in);
sin->sin_family = AF_INET;
sin->sin_addr.s_addr = inet_addr(host);
write(sockfd, rtm, rtm->rtm_msglen);

n = read(sockfd, buf2, BUFLEN);
if (n != 0) {
    int index =  sizeof(struct rt_msghdr) + sizeof(struct sockaddr_inarp) + 8;
    // savedata("test",buf2,n);
    NSLog(@"IP %s :: %2.2x:%2.2x:%2.2x:%2.2x:%2.2x:%2.2x",host,buf2[index+0], buf2[index+1], buf2[index+2], buf2[index+3], buf2[index+4], buf2[index+5]);
    
}

}
`

from mmlanscan.

I've opened radar with ID 29481116. Waiting for reply from Apple

from mmlanscan.

ndenlinger, if the iOS arp table is empty, you get zero values. You could select first in your code to ping the IP address, as to get the iOS to do the arp protocol, before "reading" a mac address using my code example.

from mmlanscan.

Right, they do get the MAC Address on 10.2 and even 10.2.1 Beta, but my only question to them is; if they update their app...will that functionality break on 10.2+? iNet posted an update indicating that they are working hard to resolve that issue. So maybe they are developing the next feature, and discovered that in development that specific feature broke. Here's the link to their blog..

Actually I have an update while I was getting the link for you guys. They found a work around. They just posted earlier today that they found a fix and to update the app to 3.0.3, which is the version I'm running on 10.2.1 Beta 1.

Anyways, here is the link: http://www.bananaglue.de

Once I've received a response from them, if anything, I'll post that response here.

I'm also going to perform a NCAP to see if I can see anything from a networking perspective.

from mmlanscan.

It is true, this solution are not working with iOS 10.3 betas. Also I have noticed that Fing does not show MAC address with this version...

from mmlanscan.

This is the official answer from Apple: "We hide MAC addresses from apps for privacy reasons. No application should be able to get MAC addresses for any purpose.". So I think no matter what solution we find they will hide the MAC Address on the next update.

from mmlanscan.

@mochasoft Hi I have use this block of code in iOS 10.3 beta 3 but it doesn't work.

• (void)PingSelf {
  fillARPTable([FindMac deviceIPAdress]);
  [SimplePingHelper ping:[FindMac deviceIPAdress] target:self sel:@selector(pingResult:)];
  }
  // ping result

• (void)pingResult:(NSNumber*)success {
  if (success.boolValue) {
  NSString *macADDr = [FindMac ipToMac:[[FindMac deviceIPAdress] cStringUsingEncoding:NSASCIIStringEncoding]];//after ping get mac address
  NSLog(@"%@",macADDr);
  } else {
  NSLog(@"fial");
  }
  }

• (NSString*) ipToMac:(const char*) host
  {
  int sockfd;
  unsigned char buf[BUFLEN];
  unsigned char buf2[BUFLEN];
  ssize_t n;
  struct rt_msghdr *rtm;
  struct sockaddr_in *sin;
  memset(buf,0,sizeof(buf));
  memset(buf2,0,sizeof(buf2));
  sockfd = socket(AF_ROUTE, SOCK_RAW, 0);
  rtm = (struct rt_msghdr *) buf;
  rtm->rtm_msglen = sizeof(struct rt_msghdr) + sizeof(struct sockaddr_in);
  rtm->rtm_version = RTM_VERSION;
  rtm->rtm_type = RTM_GET;
  rtm->rtm_addrs = RTA_DST;
  rtm->rtm_flags = RTF_LLINFO;
  rtm->rtm_pid = 1234;
  rtm->rtm_seq = SEQ;
  sin = (struct sockaddr_in *) (rtm + 1);
  sin->sin_len = sizeof(struct sockaddr_in);
  sin->sin_family = AF_INET;
  sin->sin_addr.s_addr = inet_addr(host);
  write(sockfd, rtm, rtm->rtm_msglen);
  n = read(sockfd, buf2, BUFLEN);
  if (n != 0) {
  int index = sizeof(struct rt_msghdr) + sizeof(struct sockaddr_inarp) + 8;
  return [NSString stringWithFormat:@"%2.2x:%2.2x:%2.2x:%2.2x:%2.2x:%2.2x",buf2[index+0], buf2[index+1], buf2[index+2], buf2[index+3], buf2[index+4], buf2[index+5]];
  } else {
  return nil;
  }
  }

Is anything wrong with this code? Thank U

from mmlanscan.

The dialogue I have had with apple states the following:
It is by design, and motivated by privacy concerns rdar://problem/28755242.
Given that this was a deliberate change to impose a specific restriction for privacy reasons, any attempt to get around that restriction is likely to fail in the long term rdar://problem/29683195.

Annoyingly we can not see the content of these rdr problems as it is for apple employees only. There is no written statement anywhere else from what I can see. This would imply that although Fing et al can see MACs just now, that it is only a matter of time before the door is fully shut.

It also would seem that the statement on the removal of MAC address was missed from the release notes, hence why people found out the hard way. What I do not understand is why this was not done over a release by sending out a deprecation notice and allowing some discussion. A similar thing happened with SSID capture for Wi-Fi which was removed on privacy grounds but fortunately got put back.

IMHO, a better approach would have been to add an entitlement for applications which sign up to only using the MAC address for identifying LAN devices. A second mechanism could be added for the user to allow the application to correlate devices on the LAN on the understanding that these are not shared externally.

from mmlanscan.

@mochasoft thank you very much for your solution. Also, I would like to thanks anyone here for your contribution and feedback. I will update the project as soon as I have some free time. Pull request are welcome :)

from mmlanscan.

I have tested my code (mocha ping) and mmlanscandemo with iOS 10.3 beta 5 (14E5296a, mar 8 2017) on an iPad (compiled with 8.3 beta 4 (8w143q) and I can read the mac address with both Apps. Only difference I see is: the IP address for my iPad cannot be listed, it has mac address 02:00...

from mmlanscan.

@mochasoft That makes sense! It seems that Apple will restrict the device's MAC address but they will allow as to use ARP Table for other devices. It's not perfect solution but it's something.

from mmlanscan.

I'm able to get other devices mac address in 10.3.2 but not the device the code is running on.

from mmlanscan.

Hi, I didn't install the 10.2 beta yet. I will do a research and check how we should retrieve mac addresses on 10.2. I will let you know

from mmlanscan.

Apple has removed the ability to ready MAC Addresses from iOS completely. Even if the MAC Address could be pulled, you'll see what was defined above as "02:00:00:00:00:00". Apple replaced this functionality with a UUID on a per app basis, and a UUID for Advertiser Identifying. The only way I know of pulling a MAC Address is through an API Call from a Mobile Device Management Solution that has a tight relationship with Apple within an enterprise setting. I work in an enterprise environment on our Mobility Team, I've built a network diagnostic tool for our field environment only to find out that the only way for me to obtain the MAC address is through our MDM Solution.

from mmlanscan.

I am wondering how big apps (eg. Fing) will overcome this issue.

from mmlanscan.

I agree. I know a lot of them have just dropped the feature all together, or opted to use a UUID which is given upon when a particular app is installed. Apple removed access to the MAC Address for privacy concerns as the MAC Address is a hardware specific ID. Even to access the SSID, SignalStrength and BSSID of a device's WiFi was difficult and quite the battle with Apple. I know in my network diagnostic tool I've dropped the feature until our MDM solution provides a more elegant means of obtaining the MAC Address for our enterprise environment.

from mmlanscan.

@akaDuality Can you test Fing or any other network scanner on 10.2 and let us the outcome?

from mmlanscan.

Fing has update that fixes it for iOS 10.2 and works pretty well. They said that they use some proprietary technology

from mmlanscan.

Can you open a bug report at Apple with your findings? Last time I opened for MMLanScan and "ping" functionality in a background thread they were quite helpful and gave me tips that solved the issue.

from mmlanscan.

Guys, do you use MacFinder for network scanner?

from mmlanscan.

Is it from the gitHub? Yes, it doesn't work too

from mmlanscan.

Sorry, I thought that this case was opened on MacFinder repo :) My bad. Yes, I am talking about MMLanScan.

from mmlanscan.

@mavris @akaDuality do you ever think about trying some other way such as taking some tricks from https://github.com/samdmarshall/SDMMobileDevice

from mmlanscan.

@leonfu Is it about iOS-to-iOS communication, right?

from mmlanscan.

it's for mac-to-iOS with usbmuxd, so far no luck. @akaDuality
Btw, I tried some ways like ARP request and raw socket packets, no progress

from mmlanscan.

The app "Network Analyzer" shows MAC Addresses under iOS 10.2 as well.

from mmlanscan.

If we could somehow get a tip how to implement it.. I have free time this week so I will look for alternatives

from mmlanscan.

@leonfu Can you share your findings?

from mmlanscan.

@mavris I list what i have done

1. try raw socket failed with permission denied
2. try snmp call to gateway for routing table failed with nothing related return
3. try UDP socket failed with no link layer mac info in data callback

many solutions such as https://github.com/ThomasHabets/arping requires raw socket with root privileges :-(

from mmlanscan.

By using some sniffer tool to monitor "Fing" and "Network Analyzer Lite" apps, I found that both of them try to visit uPnP services located on the surrounding servers within the same WiFi network.

from mmlanscan.

Is there any other open source library for UPNP discovery?

from mmlanscan.

@leonfu I don't think it works successfully on iOS 10.2 because of uPnP. If you stop uPnP service, app works well too. It is possible that Apple cleared ARP cache or rewrited ARP result. I guess maybe they have found some methods to bypass and fetch result from the APR table.

from mmlanscan.

"iNet Network Scanner" also make it work with 10.2 now

As this app can set the scanning range, It's interesting that if scanning a small range at the first time it works but rescaning the same range will fail to get the mac address.

I guess in some way the app can get the mac before it's going to add to the arp cache table. But once it's already in the cache table, it fails as we know

from mmlanscan.

How they manage to retrieve the MAC Address? What we miss here? I will try to test few apps and check what's going on. Hopefully, we will get a hint.

from mmlanscan.

it seems in 10.2, those apps can get the arp response some way when communicating with new ip (never pinged before no matter whether the IP can be reached or not)

from mmlanscan.

I am using iOS Console to monitor the apps. I noticed that querying MAC Address with MacFinder lib produces this log which is the same as Fing(but not for Net Analyzer).

15/12/2016, 10:19:31 AM mDNSResponder[95]:  16: DNSServiceQueryRecord(3.215.168.192.in-addr.arpa., PTR) STOP PID[3344](MMLanScanDemo)
15/12/2016, 10:21:20 AM mDNSResponder[95]:  18: DNSServiceQueryRecord(1.215.168.192.in-addr.arpa., PTR) STOP PID[3247](fing)

Maybe they didn't remove the old code or the modified the existing somehow

from mmlanscan.

Yes, they keep the code for iOS 10.2- . After trying "iNet Network Scanner", I believe for 10.2+ it's not for sure that the mac address can be obtained for every time.
https://itunes.apple.com/cn/app/inet-network-scanner/id340793353?l=en&mt=8

from mmlanscan.

So I visited iNet's website, two days ago (13th of December) they posted that the MAC Address feature doesn't work in 10.2. However, I'm on 10.2.1 Beta 1 and the MAC Address feature is still working. Maybe if the app gets updated, the codebase that they use for the MAC Address gets nullified? I sent them an email on how they achieved obtaining the IP Address to see if I or we can provide support to them in getting the MAC Address from the ARP Table.

from mmlanscan.

@ndenlinger Why we need to know how they get the IP? I mean we can do that already. As @leonfu said they manage to get the MAC Address on 10.2. Let us know if they come back with tips

from mmlanscan.

I've also tried many of the same things as leonfu. I wonder if it's nothing more than a special entitlement or a plist entry like "NSAppTransportSecurity"?

from mmlanscan.

another possibility is to figure out at what point in the process the real mac addresses are being substituted for the bogus ones. For instance, the sysctl() call to get the arp table probably already passes the manipulated data. In that case, it should suffice to not use Apple's sysctl call but build one's own?

https://opensource.apple.com/source/system_cmds/system_cmds-175.2/sysctl.tproj/

---update---

turns out someone already did this (https://github.com/yarshure/sysctl_iOS)

---update---

nope - sandboxed

however: sysctl() also has these sister functions: sysctlbyname() and sysctlnametomib() - perhaps the output of those have not been tampered with?

from mmlanscan.

I have seen an Android implementation where they read from the file directly where the arp table is created in "/proc/net/arp".
They directly read the table data from this file location.Can anyone suggest if we can find anything similar for iOS?

from mmlanscan.

It looks like more than just Fing can read the MAC addresses (e.g. Net Analyzer). I wonder whether it might be the compilation against the latest SDK that enables that sandbox mode? Perhaps Fing and the other apps have been built against an older SDK hence get some kind of compatibility mode?

from mmlanscan.

I'm afraid SDK version is not the problem because I have seen apps compiled with older SDK working wrong.

from mmlanscan.

Hey guys, I found all this 'sysctl' way to get the mac address still works on the simulator. Any clue on this? What is the difference of simulator and real device?

from mmlanscan.

It's a simulator and not emulator. So it's probably using macOS 'sysctl'.

from mmlanscan.

@mavris Hi Mavris, how to get mac address in iOS 10.2.? have you any idea please suggest.

from mmlanscan.

@sushilmishraios Hi, unfortunately, we didn't manage to find a workaround yet. If anyone has a tip where to look it would be nice.

from mmlanscan.

hmm - what about changing certain vars in sysctl before calling it, for example turning on verbose mode (e.g. net.link.ether.inet.verbose)?

from mmlanscan.

I have an observation:

If I ping all devices in the subnet from my iPhone, and read (sysctl(..PF_ROUTE..) the mac list is empty (worked before the iOS was updated). If I wait maybe 10 minutes on this hotel wifi, some Mac addresses show up in the list. It could indicate PF_ROUTE not just simple replace all elements with 0x2:00:....

from mmlanscan.

I got this problem too. Is there any clue now?

from mmlanscan.

Agreed, entitlements are definitely the way to go. That way Apple's team can vet the use scenario before issuing the entitlement.

from mmlanscan.

That's exactly what I was thinking. Entitlements. And if we are not allowed to get MAC Addresses why Fing & others are not rejected from App Store?

from mmlanscan.

Following a TSI (Technical Support Incident) session, here is more clarification from Apple:

"There are no alternative methods supported by Apple, nor there are any special permissions or entitlements you can acquire in order to access MAC address information via the ARP table any more. I cannot comment on other developers’ apps, or how they may have gotten around these restrictions, but given the stance on privacy, any alternate solution you may find right now is likely to fail in the long run."

I see that there is now a bounty on Stack: http://stackoverflow.com/questions/41283688/mac-addresses-in-ios-10-2

from mmlanscan.

That's pretty upsetting. There are definitely some legitimate use cases. I can understand from their privacy, but at the same time there are use use cases in which the MAC Address would be needed. I fully support the idea of entitlements idea granted by Apple just like the network extension framework. I needed to build an enterprise application used for diagnosing an internal environment meant to detect what all was reachable, and the network conditions within that environment. It was quite the battle to finally had gotten approval for use of the NEHotspotHelper object, but seeing that entitlement as being the only way to obtain network info, I believe a similar process should be enabled by Apple.

I'm not exactly sure what all we can do to obtain the MAC Address in this instance, as Apple seems fully committed to patching any and all ways of obtaining the address that were exploited.

It'll be interesting to see if anyone comes up with a way in order to do so, and how quickly Apple patches that ability. I'm keeping a close eye on SO for any potential methods available that have been found to work.

from mmlanscan.

There are a growing number of folks with the temporary workaround. Knowledge wants to be free, so eventually the solution will be shared :)

from mmlanscan.

Agreed.

My only concern is if this information is indeed made free and available to the general public community of developers, Apple will take note and debug/reverse engineer these new found methods. How would we share these solutions that could help prevent unwanted effects of making these sort of things public knowledge?

from mmlanscan.

Valid concern - but I feel it is inevitable. Hopefully by the time Apple gets around to patching this latest workaround, they will also be ready to offer a legit means of accessing the arp table via entitlements, as many have been suggesting. In fact, I think posting the solution might actually accelerate the process of legitimization...

from mmlanscan.

I can agree that in offering a solution to this sort of request could in fact accelerate that process.

from mmlanscan.

a bit more follow-up from Apple today, where the tech acknowledged an ongoing discussion about the issue:

"It is safe to assume that this has been discussed, and there is always room for further discussion. But the case is, security trumps convenience ... Your best bet would be to file an Enhancement Request (https://bugreports.apple.com) on this, to add to the discussion, and to let the decision making teams to hear about the pain points encountered by developers. It is usually more helpful to word the request in terms of how the end users would benefit from such a change, rather than how you as a developer is inconvenienced"

from mmlanscan.

I submitted a report (Bug Report Number: 29935293) with explaining my necessary use case scenario that would require me to use the MAC Address. I hope that other developers follow suit so that we can help to our cause.

from mmlanscan.

@mochasoft It works thanks a lot . And Learn a lot from U.

from mmlanscan.

@mochasoft Cool, thanks a lot!

from mmlanscan.

I just tested your sample code there @mochasoft, the output that I receive is all 00's. That even includes the first octet of the MAC Address. Is your code sample supposed to be for looping through the subnet as a scanner? What about the device that is scanning that network? Please note that I am testing this on iOS 9.3.5, and I also tested with the same results on 10.2.1 Beta 3.

from mmlanscan.

@mochasoft You are my hero! Thank you very much for sharing!

from mmlanscan.

Spot on @mochasoft. That worked beautifully. I suppose that in the future Apple will find out about these exploits and close them. But we'll see.

from mmlanscan.

@mochasoft I think the sample code should add close(sockfd); in the end of the function.

from mmlanscan.

luoshihui, it is just an example, where the goal is to make it easy to read. In a real world application, there should also be checks for different return values for the function calls.

from mmlanscan.

@mochasoft Are you sure this works for iOS? I tried something similar before but I was not able to use SOCK_RAW when creating the socket.

from mmlanscan.

Nvm. I was using the AF_INET protocol instead of AF_ROUTE. Tried your code and works great! Thank you for this solution. Even if it's only temporary. I had attempted to read the link layer off of the callback on the icmp packet but no luck. So luckily I already had that part in place :) Cheers.

from mmlanscan.

Yes thank you everyone!

Has anyone recompiled this solution with Xcode 8.3 Beta and iOS 10.3 Beta Yet? I'm waiting on my IT Security Team to say it's okay to upgrade OS X to macOS Sierra so as of right now I'm unable to install 8.3.

from mmlanscan.

@mochasoft @luoshihui Guys I have updated MacFinder repo which is used by MMLanScan and I will update MMLanScan soon. Please check if we can optimize it a little bit since I am not fully aware what's the code is doing. Let me know or send me a pull request.

from mmlanscan.

ndenlinger; I see no problems with iOS 10.3 beta.

from mmlanscan.

How to get the ethernet address from an IPv6 address?

from mmlanscan.

You might be right @arivas87. This was originally working in a project that I had successfully implemented this method and it's no longer showing the MAC Address. Apple's too quick to patch a function like this.

from mmlanscan.

Would directly sending ARP packets work on iOS 10.3?

from mmlanscan.

Had anyone tested the Code and got the Mac Address on an actual Iphone 6/7 with 10.2.1 OS?

We used Mavris code and include it on a test app, we run it on an ipad with ios 10.2.1 and it worked.

When installed and run on iphone, something is crashing the app, has anyone experienced this?

from mmlanscan.

@Andresmtz89 Put a breakpoint here:

//Getting the available IPs to ping based on our network subnet.
    self.ipsToPing = [LANProperties getAllHostsForIP:self.device.ipAddress andSubnet:self.device.subnetMask];

in MMLANScan.m and let me know the range. Also make sure that iPhone is not using IPV6

from mmlanscan.

Many Thanks @mavris

It is working across multiple ios devices!

from mmlanscan.

Heres what I'm using based off the above..
Obviously you'd want to replace the delegate calls with some other sort of callback of your own for when

- (void)scan {
    
    int mib[6];
    size_t needed;
    char *host, *lim, *buf, *next;
    struct rt_msghdr *rtm;
    struct sockaddr_inarp *sin;
    struct sockaddr_dl *sdl;
    struct hostent *hp;
    int _nflag = 0;
    extern int h_errno;
    
    mib[0] = CTL_NET;
    mib[1] = PF_ROUTE;
    mib[2] = 0;
    mib[3] = AF_INET;
    mib[4] = NET_RT_FLAGS;
    mib[5] = RTF_LLINFO;
    if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
        err(1, "route-sysctl-estimate");
    if ((buf = malloc(needed)) == NULL)
        err(1, "malloc");
    if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0)
        err(1, "actual retrieval of routing table");
    lim = buf + needed;
    
    for (next = buf; next < lim; next += rtm->rtm_msglen) {
        rtm = (struct rt_msghdr *)next;
        sin = (struct sockaddr_inarp *)(rtm + 1);
        sdl = (struct sockaddr_dl *)(sin + 1);
    
        if (_nflag == 0) {
            NSDate *hostStart = [NSDate date];
            hp = gethostbyaddr((caddr_t)&(sin->sin_addr),sizeof sin->sin_addr, AF_INET);
            NSDate *hostEnd = [NSDate date];
            
            NSTimeInterval executionTime = [hostEnd timeIntervalSinceDate:hostStart];
            //NSLog(@"Execution Time: %f",executionTime);
            if (executionTime > 1) {
                _nflag = 1;
            }
            
        } else
            hp = 0;
        if (hp)
            host = hp->h_name;
        else {
            host = "";
            if (h_errno == TRY_AGAIN)
                _nflag = 1;
        }
        
        if (sdl->sdl_alen) {
            
            NSString* newAddress = [NSString stringWithFormat:@"%s",inet_ntoa(sin->sin_addr)];
            gethostbyaddr((caddr_t)&(sin->sin_addr),sizeof sin->sin_addr, AF_INET);
            NSString* newHost = [NSString stringWithFormat:@"%s", host];
            
            [self ipToMac:newAddress
                   completion:^(NSString *macAddress) {
                       
                       NSArray *ipSplit = [newAddress componentsSeparatedByString:@"."];
                       if ([ipSplit[0] isEqualToString:@"169"] || [macAddress isEqualToString:@"FF:FF:FF:FF:FF:FF"]) { //Broadcast address and self assigned IP's
                           //skip sending to delegate
                       }  else {
                          // TODO: Replace this code below with a callback of your own
                           if ([self.delegate respondsToSelector:@selector(discoveredGatewaySibling:macAddress:host:)]) {
                               [self.delegate discoveredGatewaySibling:newAddress macAddress:macAddress host:newHost];
                           }
                       }
                       
                   }];
            
        } else{
            if (rtm->rtm_rmx.rmx_expire == 0)
                printf(" permanent");
            if (sin->sin_other & SIN_PROXY)
                printf(" published (proxy only)");
            if (rtm->rtm_addrs & RTA_NETMASK) {
                sin = (struct sockaddr_inarp *)
                (sdl->sdl_len + (char *)sdl);
                if (sin->sin_addr.s_addr == 0xffffffff)
                    printf(" published");
                if (sin->sin_len != 8)
                    printf("(weird)");
            }
        
        }
    }
}

- (void)ipToMac:(NSString *)ip
     completion:(void (^)(NSString* macAddress))completion {
    
#define BUFLEN (sizeof(struct rt_msghdr) + 512)
#define SEQ 9999
#define RTM_VERSION	5	// important, version 2 does not return a mac address!
#define RTM_GET	0x4	// Report Metrics
#define RTF_LLINFO	0x400	// generated by link layer (e.g. ARP)
#define RTF_IFSCOPE 0x1000000 // has valid interface scope
#define RTA_DST	0x1	// destination sockaddr present
    const char* host = [ip UTF8String];
    int sockfd;
    unsigned char buf[BUFLEN];
    unsigned char buf2[BUFLEN];
    ssize_t n;
    struct rt_msghdr *rtm;
    struct sockaddr_in *sin;
    memset(buf,0,sizeof(buf));
    memset(buf2,0,sizeof(buf2));
    
    sockfd = socket(AF_ROUTE, SOCK_RAW, 0);
    rtm = (struct rt_msghdr *) buf;
    rtm->rtm_msglen = sizeof(struct rt_msghdr) + sizeof(struct sockaddr_in);
    rtm->rtm_version = RTM_VERSION;
    rtm->rtm_type = RTM_GET;
    rtm->rtm_addrs = RTA_DST;
    rtm->rtm_flags = RTF_LLINFO;
    rtm->rtm_pid = 1234;
    rtm->rtm_seq = SEQ;
    
    
    sin = (struct sockaddr_in *) (rtm + 1);
    sin->sin_len = sizeof(struct sockaddr_in);
    sin->sin_family = AF_INET;
    sin->sin_addr.s_addr = inet_addr(host);
    write(sockfd, rtm, rtm->rtm_msglen);
    
    n = read(sockfd, buf2, BUFLEN);
    if (n != 0) {
        int index =  sizeof(struct rt_msghdr) + sizeof(struct sockaddr_inarp) + 8;
        
        NSString* mac = [NSString stringWithFormat:@"%02X:%02X:%02X:%02X:%02X:%02X",
                                buf2[index+0], buf2[index+1], buf2[index+2], buf2[index+3], buf2[index+4], buf2[index+5]];
        close(sockfd);
        completion(mac);
    }
}

from mmlanscan.

This code does not works on 10.3 iOS version...

from mmlanscan.

Seems strange but after you run the app several times, the mac address is no more retrieved.
Is anyone facing this issue?

from mmlanscan.

Which iOS? 10.3?

from mmlanscan.

It's 10.2.1

from mmlanscan.

I am on 10.2.1 too and I never experienced that issue. I tried it today and seems fine. Can you debug the MacFinder and post your findings? We might be able to reproduce it

from mmlanscan.

I see same behavior on iPhone and iPad. I did debug a little and looked like this is happening after I ran my version of the code which used ipv6 addresses. Now even if I run original code from macfinder it never returns mac

from mmlanscan.

Fing is updated to say compatible with iOS 10.3. Anyone tried?

from mmlanscan.

Yes.
Everything seems fine except when you query for device's MAC Address. Then you will get the 02:00...

from mmlanscan.

from mmlanscan.

Hello, Has anyone been able to make it work on IOS 10.3?

from mmlanscan.

We are using this library and we are able to get mac address in 10.2 and 10.3.2.
Will the app will be rejected if we are going to upload the app on the appstore?
Is anyone using the library in apps on appstore ?

Please let us know
Thanks

from mmlanscan.

I have had an app accepted recently. It did require IPv6 support but that was a small tweak. You should be fine.

from mmlanscan.

@gregpardo Yes,You can get other device mac address no matter which version it is. First of all, the one you want to get mac address must in your arp table. That's trick. Now I can only ping all of the device in private network region.

from mmlanscan.

@Darshanptl7500 & @gregpardo , have you had it running in 10.3.2? because @Darshanptl7500 told that it works on 10.3.2. If you had it working how? Please help :)

from mmlanscan.

@iremkorkmaz It's working for every other device except yours (It cant' retrieve MAC address from arp table for your device). Other than that the scanning is fine

from mmlanscan.

ah ok, I thought it was working also for the running device for them. We had an application that relies on Mac Address, it now worths nothing... :(

from mmlanscan.

Can you tell us more? How/why did it rely on MacAddress? When they blocked the device macaddress, Apple provided other ways to do a lot of things, depending on your purpose.

from mmlanscan.

@jpalten , it was a wi-fi analytic platform supported with an app. so app side is nothing now :)

from mmlanscan.

Why don't you ask the user to enter his mac address manually? He will do that once (Settings-General-About-Wifi Address). (If you just want to display the MAC Address of WiFi, of course, this is not an acceptable solution).

from mmlanscan.

#23
Any one found something about iOS 11?

from mmlanscan.