MAC addresses
In this section, we will study MAC addresses. Each network
card, whether it's a Wi-Fi card or a wired card, has a physical, static
address, assigned by the card manufacturer. This is the Media Access Control (MAC)
address. The MAC address is written on the card, and it's physical, so it never
changes. It is used between devices, for identification and to transfer packets
in the right direction. This works because each packet has a source MAC and a
destination MAC, and travels from the source to the destination.
Because the MAC address is static and never changes, it can
be used to trace back and identify a device. Also, since devices use MAC
addresses to identify each other, we can have some networks that only allow
certain MAC addresses to connect to them (by using a whitelist), or that
blacklist MAC addresses so that they cannot connect to the network. Changing
your MAC address can help you to either connect to a network by being on a
whitelist, or to bypass a blacklist. The only way to change the MAC address is
to change it in the RAM—so it will only be changed for the
current session, and once you restart, you will have to change it again.
Now, let's change the MAC address; the procedure is as
follows:
1. We're
going to use a tool called macchanger.
First of all, to get the Wi-Fi card name, just type in iwconfig, and it will show all of
the wireless cards. In the following screenshot, eth0 has no wireless extensions, and the same applies to lo; we can see that
wlan0
is the wireless card:
2. We
are going to disable the wireless card, using the ifconfig wlan0 down command.
3. Now,
we're going to change the MAC address, using a tool called macchanger. With
these tools, it's always a good idea to look at the help section; just go onto
the Terminal and type macchanger
--help, and we'll see all of the options that we can use with the tools.
You can use --help
and --version
to show the help and version, --show
to show our current MAC address, and -e
so that it doesn't change the vendor bytes (the manufacturer of the MAC
address). Another method is to try a random vendor MAC of the same kind (-A is just to set a
random vendor here). The -p
option will reset the original permanent MAC address, so if we changed our MAC
address and we want to use the old one again, we can use -p. The -r option will just
give us a random MAC address, and -l
will just print the known vendors that we can use. The -m option will help us to pick
our own MAC address:
In case there is a whitelist, we will learn how we can see
all connected devices; for example, for your target network, three devices are
connected, and the target network only allows three devices to connect. We can
just take one of the whitelisted MAC addresses, change it, and use it.
4. To
change the MAC address, first we have to disable the wlan0 wireless card by using the ifconfig wlan0 down
command. We can use the --random
option to set up a random MAC address using macchanger. The command is simply macchanger --random wlan0. We can
use m to
specify our own MAC address, if we want. After hitting Enter, we can see that the original MAC address is being changed to
5a:c4:0c:9a:ac:79:
Now, our wireless card is ready, and we've changed its MAC
address.
5. Now
we need to enable the wireless card again, because we disabled it. So, we'll do
the opposite; we're going to use ifconfig
wlan0 up. That's it; the card is enabled, and its MAC address has been
changed. Let's take a look at it in the following screenshot; if we type in ifconfig wlan0, we
can now see the new MAC address:
