Wednesday, October 12, 2016

[MACchanger] Spoofed MAC address changes back to original permanent MAC before connecting to WiFi

Written by Pranshu Bajpai |  | LinkedIn

So I needed to spoof my machine's MAC / hardware address as part of a routine penetration test. One problem that I keep facing when using Kali Linux utility, 'macchanger', to do this is that the MAC does successfully spoof but changes back to the original MAC address right before I attempt to connect to a wireless access point. Good thing that years of working in security / hacking has made me paranoid enough to constantly check if the new spoofed MAC address is being used. 'ifconfig' in terminal tells me that it is not. Instead, right before connecting to the wireless access point my machine went back to it's original MAC address on 'wlan0'. Not good.

Solution to retain the spoofed MAC address on wlan0 in Kali Linux:

I've discovered that these 3 commands will help:

ifconfig wlan0 down
ifconfig wlan0 hw ether 00:11:22:33:44:55
ifconfig wlan0 up

Additionally, you may have to turn your WiFi off / on using the graphic panel in the top right. But now, you can connect to the wireless access point and then 'ifconfig wlan0' should reveal that your machine is using the spoofed MAC address: 00:11:22:33:44:55 as shown in image below.

No comments:

Post a Comment