Sunday, August 6, 2017

MAC address spoofing Attack

Posted on August 06, 2017 by  with No comments
MAC address spoofing tricks the switch into thinking your computer is something else. You simply change your computer’s MAC address and masquerade as another user.
You can use this trick to test access control systems, such as your IPS/firewall, and even your operating system login controls that check for specific
MAC addresses.

UNIX-based systems :

In UNIX and Linux, you can spoof MAC addresses with the ifconfig utility.
Follow these steps:

1. While logged in as root, use ifconfig to enter a command that disables
the network interface.

Insert the network interface number that you want to disable (usually,
eth0) into the command, like this:

[root@localhost root]# ifconfig eth0 down

2. Enter a command for the MAC address you want to use.

Insert the fake MAC address and the network interface number (eth0)
into the command again, like this:

[root@localhost root]# ifconfig eth0 hw ether
new_mac_address

You can use a more feature-rich utility called GNU MAC Changer (http://cut-urls.com/tmwwB) for Linux systems.




 Windows :

You can use regedit to edit the Windows Registry, but I like using a neat
Windows utility called SMAC (www.klcconsulting.net/smac), which
makes MAC spoofing a simple process. Follow these steps to use SMAC:

1. Load the program.
2. Select the adapter for which you want to change the MAC address.
3. Enter the new MAC address in the New Spoofed MAC Address fields and click the Update MAC button.
4. Stop and restart the network card with these steps:
a. Right-click the network card in Network and Dialup Connections and then choose Disable.
b. Right-click again and then choose Enable for the change to take effect. You might have to reboot for this to work properly.
5. Click the Refresh button in the SMAC interface. To reverse Registry changes with SMAC, follow these steps:
1. Select the adapter for which you want to change the MAC address.
2. Click the Remove MAC button.
3. Stop and restart the network card with these steps:
a. Right-click the network card in Network and Dialup Connections and then choose Disable.
b. Right-click again and then choose Enable for the change to take effect. You might have to reboot for this to work properly.
4. Click the Refresh button in the SMAC interface. You should see your original MAC address again.

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)