Beyond MAC spoofing

Ibland har man behovet av att spoofa sin MAC adress vid t.ex Wardriving eller om vid avlyssning i switchade nät.

1
# ifconfig eth0 hw ether 00:01:02:03:04:05

Dock läser kärnan in mac adressen ur eeprom vid varje uppstart så spoofen är bara tillfällig.
Vill man gå ett steg längre kan man skriva till eeprom dirket och ändra mac adressen permanent.
Detta fungerar dock inte på alla kort och man behöver “magic value key” för sitt NIC som kan fås av tillverkaren eller google.

Info om eeprom:
EEPROM

Innan vi börjar modifiera något så tar vi en dump av hela eeprom

1
2
3
# ethtool -e eth0 &gt; eth0.eepromdump</bash>
Nu tar vi reda på vår MAC adress
<pre lang="bash" line="1" colla="+"># ifconfig | grep eth0

När vi hittat vår mac letar vi upp den i eeprom med hjälp av ethtool

1
2
3
4
5
6
7
8
9
10
11
# ethtool -e eth0
Offset		Values
------		        ------
0x0000		xx xx xx xx xx xx 03 1a 00 00 01 02 01 47 00 00
0x0010		00 00 00 00 b0 49 6c 33 62 14 dc 27 86 80 00 00
0x0020		00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0030		00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0040		00 00 00 00 00 00 dc 27 00 00 00 00 00 00 00 00
0x0050		00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0060		20 01 00 40 13 41 00 00 00 00 00 00 00 00 00 00
0x0070		00 00 00 00 00 00 30 40 00 00 00 00 00 00 55 46

Ändra sedan värdet så här

1
2
3
4
5
6
# ethtool -E eth0 magic 0x10d38086 offset 0 value 0xaa
# ethtool -E eth0 magic 0x10d38086 offset 1 value 0xbb
# ethtool -E eth0 magic 0x10d38086 offset 2 value 0xcc
# ethtool -E eth0 magic 0x10d38086 offset 3 value 0xdd
# ethtool -E eth0 magic 0x10d38086 offset 4 value 0xee
# ethtool -E eth0 magic 0x10d38086 offset 5 value 0xff>

eller scripta det om du kommer ändra ofta.

1
2
3
4
5
6
7
8
9
10
11
12
13
#!/bin/bash
#
# Script for changing the mac in eeprom
#
 
numbers=(`echo $1 | tr ':' ' '`)
 
ethtool -E eth0 magic 0x10d38086 offset 0 value 0x${numbers[0]}
ethtool -E eth0 magic 0x10d38086 offset 1 value 0x${numbers[1]}
ethtool -E eth0 magic 0x10d38086 offset 2 value 0x${numbers[2]}
ethtool -E eth0 magic 0x10d38086 offset 3 value 0x${numbers[3]}
ethtool -E eth0 magic 0x10d38086 offset 4 value 0x${numbers[4]}
ethtool -E eth0 magic 0x10d38086 offset 5 value 0x${numbers[5]}

Sedan kör bara ./macscript.sh aa:bb:cc:dd:ee:ff eller liknande för att byta.

3 thoughts on “Beyond MAC spoofing

  1. Furthermore, my experience includes identifying the competitive advantage to get a few different companies
    and crafting that advantage into a online strategy to develop new
    company. The the fact is, people join MLM opportunities as a result
    of who introduced them. If you’re still at a loss, you’ll be able to contact the client care team either by email, live chat, or phone
    during standard west coast business hours.

    Here is my page metoxos.co.jp

  2. You probably have to have a refresher about
    the useful tips every online business proprietor should be familiar with.
    An appealing attractive website is essential within the technologically advanced and highly
    competitive market of current age, for the success of business.
    The business degree raises one’s social standing: in short, it opens for you personally
    doors that might have otherwise remained closed for your requirements.

    My web-site http://intra.ntumems.net/modules/profile/userinfo.php?uid=8657

Leave a Reply

Your email address will not be published.