Jump to content


Photo
- - - - -

Network Breaking


  • Please log in to reply
7 replies to this topic

#1 Absolute Zero

Absolute Zero

    the 0ne

  • Members
  • 1 posts
  • Country:
  • Gender:Male

Posted 06 June 2011 - 06:39 PM

Hello, everyone, I hope you can help :)

There's this network I'm aware of that I would like to use. It has WPA security. Not a problem. A custom IP scheme. Also not a problem. But according to an inside source (I haven't actually checked it out) One has to apply their own MAC address in order to use the network. Can this even be done in Windows 7 or Ubuntu? I've never heard of it. If so, how do I apply a valid MAC address that will work on the network? I know the first half of a MAC has to do with the hardware Vendor, but I don't know how to find the right one, or assign the second half. Any help would be much appreciated. Thanks.

#2 wwwd40

wwwd40

    DDP Fan club member

  • Members
  • 53 posts
  • Gender:Male

Posted 07 June 2011 - 04:37 AM

MAC addresses are the layer 2 addresses used by the NIC and are used for local area network communication where routing isnt ocurring (i.e. switching). Its possible on most wireless kit, and some wired switches, to employ an access list of MAC addresses that are permitted to use the port - cisco and extreme call it port security and can also encompass limiting the amount of MACs that can be learned on a port or handling certain MACs in different ways.

It sounds to me that the wireless network in question emplopys a list of valid MAC addresses that are allowed to associate with the wireless network. So to associate you will need your NIC to have a valid MAC from the wireless MAC list point of view. To find a valid MAC, you could try every combination of MAC addresses until one works, or promiscuously sniff the air and find clients with valid MACs that are associated with the AP. Something like tcpdump, wireshark or kismet will help.

With regard to actually changing your MAC, this is easily done in Ubuntu using ifconfig (example ifconfig eth0 hw ether 00:DE:AD:BE:EF:00) or another program such as macchanger. Not sure on Win 7 as I have no experience with it but I am sure there is an equivilent (macshift?).

Cheers,

WD

EDIT removed quote

Edited by wwwd40, 07 June 2011 - 04:38 AM.


#3 tekio

tekio

    5(R1P7 |<1DD13

  • Binrev Financier
  • 1,115 posts
  • Gender:Male
  • Location:The Blue Nowhere

Posted 07 June 2011 - 06:00 AM

If you can bypass WPA with ease, you should have no trouble circumventing MAC address filtering. You'll just need to sniff, find a valid MAC, and either wait till it's off the network, or DOS it... If you go on with a duplicated MAC, most likely it will receive all your traffic because the other hosts already have it in their ARP cache.

#4 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 12 June 2011 - 02:18 PM

This belongs in the beginner's section, and I'm a little worried about the legality of this.

#5 _ThEcRoW

_ThEcRoW

    SCRiPT KiDDie

  • Members
  • 24 posts
  • Gender:Male

Posted 20 June 2011 - 08:49 AM

Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!

#6 wwwd40

wwwd40

    DDP Fan club member

  • Members
  • 53 posts
  • Gender:Male

Posted 20 June 2011 - 08:52 AM

It doesnt need to be a real MAC address, just of the right format (length, hex characters).

I normally use 00:DE:AD:BE:EF:00 as its easy to spot in my lab outputs.

Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!



#7 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 20 June 2011 - 06:03 PM

It doesnt need to be a real MAC address, just of the right format (length, hex characters).

I normally use 00:DE:AD:BE:EF:00 as its easy to spot in my lab outputs.


Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!


If the number formed by the first two hexdigits is odd you sometimes run into issues. Keep it even.

Edited by serrath, 20 June 2011 - 06:04 PM.


#8 wwwd40

wwwd40

    DDP Fan club member

  • Members
  • 53 posts
  • Gender:Male

Posted 21 June 2011 - 04:06 AM

I think that multicast MAC addresses always start 01 http://en.wikipedia....ayer_2_delivery


It doesnt need to be a real MAC address, just of the right format (length, hex characters).

I normally use 00:DE:AD:BE:EF:00 as its easy to spot in my lab outputs.


Hello guys, a little bit offtopic, but in order to changing the mac(assuming you can do that on your hardware), you need to apply a valid number, i mean, a real number?. I'm aware that the mac address need to be in the router acl list for it, but i'm referring in general, when changing a mac on a network card, does it need to be a valid (real) mac address?.
Thanks in advance and hope you understand what i tried to ask, because english is not my main language.
Cheers!


If the number formed by the first two hexdigits is odd you sometimes run into issues. Keep it even.






BinRev is hosted by the great people at Lunarpages!