Everything about ffi
Alright. ALRIGHT. I know, we're all excited, but let's think about what we're doing again.
So we've managed to look at real network traffic and parse it completely. We've also taken some ICMP packets, parsed them, and then serialized them right back and we got the exact same result.
Okay, I lied.
I'm deciding - right this instant - that using wmic is cheating too. Oh, it was fair game when we were learning about Windows, but we're past that now.
We've just spent a lot of time abstracting over LoadLibrary, but we still have all the gory details of the Win32 ICMP API straight in our main.rs file! That won't do.
It's time to make
sup, our own take on
ping, use the Win32 APIs to send
an ICMP echo. Earlier we discovered that Windows's
IcmpSendEcho2Ex. But for our purposes, the simpler
IcmpSendEcho will do
So, how does
ping.exe actually send a ping? It seems unrealistic that
ping.exe itself implements all the protocols involved in sending a ping.
So it must be calling some sort of library. Also, since it ends up
talking to the outside world via a NIC (network interface controller),
the kernel is probably involved at some point.