Spoof Identity By Changing MAC Address

October 19, 2007 at 7:16 am (Security, Tips n Tricks)

If you want to change your logical and physical identity on network, this is possibly the best way of doing that. Let me introduce you to some basic terms before I explain the trick.

Spoofing – Introducing the network with some other identity. Like changing MAC address

DHCP – This is a protocol which is responsible for allocating IP addresses to terminals for a network. It polls continously and alots an IP for exchange of MAC address

MAC & IP address – These are also called physical and logical address which represent the identity on intranet and internet respectively. MAC address is corresponding to the ethernet card which is used for the connection.

Requirements – MAC address of the machine to be spoofed with.

Spoofing Trick – The trick is to change the MAC address with a machine with higher permissions (like your boss’s terminal) . In this way DHCP will allocate an IP and permissions which are registered for changed MAC address. You can get this by typing ipconfig \all on command prompt.

Windows XP/2000 – There are two ways of doing this in windows platform.  This is depending on the type of Ethernet  Card (NIC) you have. If you have a card that doesn’t support Clone MAC address, then you have to go to second method.
Method1

a) Go to Start->Settings->Control Panel and double click on Network and Dial-up Connections.

b) Right click on the NIC you want to change the MAC address and click on properties.

c) Under “General” tab, click on the “Configure” button

d) Click on “Advanced” tab

e) Under “Property section“, you should see an item called “Network Address” or “Locally Administered Address“, click on it.

f) On the right side, under “Value“, type in the New MAC address you want to assign to your NIC. Usually this value is entered without the “” between the MAC address numbers.

g) Goto command prompt and type in “ipconfig /all” or “net config rdr” to verify the changes. If the changes are not materialized, then use the second method.

h) If successful, reboot your system.

Some versions show the option in LAN properties.

Method 2 – This needs a little manipulation in registry

This should work on all Windows 2000/XP systems

a) Go to Start -> Run, type “regedt32” to start registry editor. Do not use “Regedit“.

b) Go to “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}“. Double click on it to expand the tree. The subkeys are 4-digit numbers, which represent particular network adapters. You should see it starts with 0000, then 0001, 0002, 0003 and so on.

c) Find the interface you want by searching for the proper “DriverDesc” key.

d) Edit, or add, the string key “NetworkAddress” (has the data type “REG_SZ“) to contain the new MAC address.

e) Disable then re-enable the network interface that you changed (or reboot the system).

Linux

1) Bring down the interface: “ifconfig eth0 down

2) Enter new MAC address: “ifconfig eth0 hw ether 00:00:00:AA:AA:AA

3) Bring up the interface: “ifconfig eth0 up

BSD

1) Bring down the interface: “ifconfig xl0 down

2) Enter new MAC address: “ifconfig xl0 link 00:00:00:AA:AA:AA

3) Bring up the interface: “ifconfig xl0 up

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: