Nov 10, 2011

[Article + Tutorial] Mac-Spoofing.

Introduction:

MAC Address: MAC address, Media Access Control address, is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies including Ethernet. 
--source Wikipedia
 eg: 00:16:01:ED:2B:CA, 00:FA:2C:5G:72:95

To check your MAC address you can type ifconfig interface-name  in the terminal.
The MAC address is followed by the word HWaddr
                                     
                  fig: The hilighted portion is the mac-address of interface eth0

Mac-Spoofing is the method of spoofing the MAC address of your network interface for various purposes by changing your original MAC address with a fake one. Purposes of MAC-Spoofing may differ with respect to the user. Some of the basic purposes are listed below:

1) For Anonymity.
2) For Hijacking Someone's Sessions Using Various Tools.
3) For Bypassing MAC-Filter Setup in Some Devices.
4) To Authenticate/Validate as a Valid User Even If He is an Imposter where
     MAC-Address Checks Are Performed, eg: some HOTSPOT providers.

Method:

Tools used:
ifconfig: Pre-installed in majority of linux distros.
macchanger: Pre-installed in BackTrack 5 R1.

If you dont have macchanger then you can install it by typing:

sudo apt-get install macchanger --> for debian based distros

sudo yum install macchanger     --> for red hat based distros

1) First find out your interface by typing ifconfig.

2) Disable your interface, you can never change MAC address while the interface is active. Considering "wlan0" as the interface here, we type:

ifconfig wlan0 down

2) There are various options in macchanger command. Type " macchanger -h"  to find available options. This is what we get as the result:





Our favourite options for now are " -a , -r and -m"

-a  will change the MAC address of our interface to another of the same vendor type.

-r will change our MAC address to some random digits/numbers or both.

-m xx:xx:xx:xx:xx:xx  will change our MAC to our desired one.

3) We issue either of these command to change our MAC:

macchanger -a wlan0
macchanger -r wlan0
macchanger  -m xx:xx:xx:xx:xx:xx wlan0



As shown in the screenshot above, we issued a command with -m option and gave our own desired mac-address for the interface wlan0, the result shows our current MAC which has been faked to the MAC of our choice.

So, basically there is no need of this whole article/tutorial once you get the hang of it. One of the three commands mentioned above is enough, so please dont think that its such a long process just for changing a stupid MAC address.





6 comments:

  1. thumbs up. nice blog. would love see more articles

    ReplyDelete
  2. Thanks Dude!! Surely some new articles will come up!! Just a bit busy nowadays and havent found any suitable thing to create articles on. Maybe you can suggest some. :)

    ReplyDelete
  3. i would love to read about windows based hacking tools and arp spoofing..

    ReplyDelete
  4. sorry, but i dont use windows..
    this one deals soemthing about arpspoofing:

    http://mindfulloftrash.blogspot.com/2011/11/tutorial-directing-all-requests-from.html

    tomorow i have some free time, i will write a small article about arpspoofing + if possible a short tutorial.

    ReplyDelete
  5. I can just say. YOU ARE KING. Please more BackTrack tutorials.

    ReplyDelete
  6. Thanks for positive response, but please, I am not a KING. I am just learning stuffs reading tutorials and articles that interests me.
    Still, much to learn. :)

    ReplyDelete