which one do u think is the best OS now!

Thursday, April 15, 2010

Mac Address spoofing

I noticed people scrubbing head and asking,
"How the hell does the mac id[eth. id] change on Mac with each boot!!"

most have a concept that the NIC id is directly used as the mac id. means, e.g. the lan card's id is supposed to be the physical address of the card[embedded in the card] on the network.

well, after the boot, the eth id is loaded to the registry for this purpose (windows). So people using windows think that physical address is static and not changeable.

if we can modify the registry value for the card, then we can use any id as the physical address.

in a bit older OSs the mothod fr this was to stop the eth. device> edit he id> restart it.
well that seems not to work in vista/w7....

so heres the process to make windows change mac id..

1. Click Start – Run, type “regedit”

2. Navigate to

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318]

HKEY_LOCAL_MACHINE
\SYSTEM
\CurrentControlSet
\Control
\Class
\{4D36E972-E325-11CE-BFC1-08002BE10318}


3. Under this key, you shoud see numbers in sequence as “0000″, “0001″ and so on. Click on one at a time to check the description of the device to match it with that of your network card.

MAC-Address key in Windows Registry

4. Once found, in the right-pane, look for “NetworkAddress” key value. If you find it, right-click and select modify. Enter the desired MAC-Address as a 12 digit number (all in one, no “space” “.” or “-”)

5. If you don’t find the key, right-click in the rightpane, select “New” – “String Value”. Enter the name as “NetworkAddress”. Now modify and set the desired value.

6. Now, disable and enable the Network card from the ControlPanel – Network Connections.

This should reflect the new MAC-Address on your NIC. Should you choose to go back to the original manufacturer set MAC-Address simply delete the key you just created/modified in the Windows Registry.

MAC-Address changed after registry edit


_________________________________________

in new MaC a feature like this is inbuilt..
for old MaCs..

Retrieving your current MAC address

First, you’re going to want your current wireless MAC address so you can set it back without rebooting. Launch the Terminal and type the following command:
ifconfig en1 | grep ether
You’ll know see something like:
ether 00:12:cb:c6:24:e2
And the values after ‘ether’ makeup your current MAC address. Write this down somewhere so you don’t forget it. If you do, it’s not the end of the world, you’ll just have to reboot to reset it from a change.

Spoofing a MAC address

To spoof your MAC address, you simply set that value returned from ifconfig to another hex value in the format of aa:bb:cc:dd:ee:ff

For this example, we will set our wireless MAC address to 00:e2:e3:e4:e5:e6 by issuing the following command:
sudo ifconfig en1 ether 00:e2:e3:e4:e5:e6

The sudo command will require that you enter your root password to make the change.

Verifying the Spoofed MAC address worked

If you want to check that the spoof worked, type the same command as earlier:
ifconfig en1 | grep ether
Now you will see:
ether 00:e2:e3:e4:e5:e6
Meaning your MAC address is now the value you set it to. If you want to further verify the spoof, simply login to your wireless router and look at the ‘available devices’ (or attached devices) list, and your spoofed MAC address will be part of that list.

If you want to set your MAC address back to its real value, simply issue the above ifconfig commands with the MAC address that you retrieved in step 1. You can also reboot your Mac.

Enjoy!

_______________________________________

for linux...


First find the physical MAC address of your machine by running the following command :

$ ifconfig -a | grep HWaddr
eth0  Link encap:Ethernet HWaddr 00:80:48:BA:d1:20

The hexadecimal numbers in blue denote my machine's MAC address. Yours will be different. Learn how to use the ifconfig Linux command.

Next, login as root in Linux and enter the following commands -

# ifconfig eth0 down
# ifconfig eth0 hw ether 00:80:48:BA:d1:30
# ifconfig eth0 up
# ifconfig eth0 |grep HWaddr

Note above that I have changed the MAC address to a different number highlighted in blue. 00:80:48:BA:d1:30 is the new MAC address I have provided for my Linux machine. You can choose any 48 bits hexadecimal address as your MAC address.


Posted by at

1 comment:

  1. UnknownJuly 4, 2013 at 3:41 AM

    The steps for resetting the MAC Address to it's previous values seems to be effective but never tries . I would sure like to try these steps to change my MAC Address to the original values .

    Thanks
    Silvester Norman

    Change Mac Address

    ReplyDelete

Subscribe to: Post Comments (Atom)