Results 1 to 10 of 10

Thread: MAC Spoofing WiFi Device and Surfing The Net - Beware!!!

  1. #1
    Join Date
    2013-Jul
    Posts
    841

    MAC Spoofing WiFi Device and Surfing The Net - Beware!!!

    If you want to spoof your wifi device and then surf the net with kali-linux do not use the following commands!!!!

    !!!DO NOT USE!!!

    ifconfig wlan0 down
    macchanger -m 00:11:22:33:44:55 wlan0
    ifconfig wlan0 up



    When you type ifconfig after the above commands, the spoofed mac in this example 00:11:22:33:44:55, will be shown !!!BUT!!! when you use Net Work Manager and associate to an AP the spoofed mac dissappears and the original hardware mac returns. Uh oh


    We confirmed this with Cain as we ran many man-in-the-middle attacks against ourselves and the HARDWARE MAC was always shown NOT the spoofed mac.


    However to correct the problem we used

    ifconfig wlan0 down
    ifconfig wlan0 hw ether 00:11:22:33:44:55
    ifconfig wlan0 up


    Now the spoofed mac stays expressed after Network Manger associated to the AP

    This was also confirmed with Cain during MITM attacks to test the correction.

    These tests were done with an RTL8187 AWUSO36H Alpha Wifi Device

    If you want to boost to 30 dBm and spoof the mac of your actual device then:

    ifconfig wlan0 down
    ifconfig wlan0 hw ether 00:11:22:33:44:55
    iw reg set BO
    ifconfig wlan0 up
    iwconfig wlan0 channel 13
    iwconfig wlan0 txpower 30
    iwconfig wlan0 rate 1M

    The mac code 00:11:22:33:44:55 and the wlan0 are used as examples and can be changed to fit actual conditions by the user.

  2. #2
    Join Date
    2013-Jul
    Posts
    841
    There is a firmware update for realtek ie makers of the RTL8187 AWUSO36H Alpha Wifi Device.

    apt-get install firmware-realtek

    We are unsure how this will affect mac spoofing with kali linux. Will advise.

    Musket Team A

  3. #3
    Join Date
    2013-Jul
    Posts
    841
    Since the firmware update we have been unable to maintain the spoof using the commands listed above as Network Manager overrides the setting. The only way we have found is to use the entry box in the Network manager/edit connections/wireless/ select name then edit name then enter a mac in the Cloned MAC address block in the drop-down menu.

    MTB

  4. #4
    Join Date
    2014-Jan
    Posts
    6
    I have the AWUS036H and cannot get anymore than 20dBm using driver rt18187 how is this possible?

    Error for wireless request "Set Tx Power" (8B26) :
    SET failed on device wlan1 ; Invalid argument.

  5. #5
    Join Date
    2013-Nov
    Location
    the state of oppression
    Posts
    16
    Quote Originally Posted by mattt View Post
    I have the AWUS036H and cannot get anymore than 20dBm using driver rt18187 how is this possible?

    Error for wireless request "Set Tx Power" (8B26) :
    SET failed on device wlan1 ; Invalid argument.

    You're being restricted by your country code settings, which you need to change. Input these commands.

    Code:
    iw reg set BO
    Code:
    iwconfig wlan0 txpower 30

  6. #6
    Join Date
    2013-Jul
    Posts
    841
    The info here was gleaned from other bloggs found in the aircrack-ng site and the kali-linux site.

    We use these commands in this order and you shouldnot get the error message

    ifconfig wlan0 down
    iw reg set B0 # ie BO for Bolivia
    ifconfig wlan0 up
    iwconfig wlan0 channel 13
    iwconfig wlan0 txpower 30
    iwconfig wlan0 rate 1M

    if you want to spoof your mac code

    ifconfig wlan0 down
    macchanger -r wlan0
    iw reg set B0 # ie BO for Bolivia
    ifconfig wlan0 up
    iwconfig wlan0 channel 13
    iwconfig wlan0 txpower 30
    iwconfig wlan0 rate 1M


    Warning Do not try and spoof your mac code with these commands when using reaver


    MTA

  7. #7
    Join Date
    2014-Jan
    Posts
    6
    Quote Originally Posted by Resistor View Post
    You're being restricted by your country code settings, which you need to change. Input these commands.

    Code:
    iw reg set BO
    Code:
    iwconfig wlan0 txpower 30

    Awesome thanks!

  8. #8
    Join Date
    2013-Nov
    Location
    the state of oppression
    Posts
    16
    musket,

    hi there, I have two questions. I was wondering if you could post a video demo of this?


    Quote Originally Posted by mmusket33 View Post
    If you want to spoof your wifi device and then surf the net with kali-linux do not use the following commands!!!!

    !!!DO NOT USE!!!

    ifconfig wlan0 down
    macchanger -m 00:11:22:33:44:55 wlan0
    ifconfig wlan0 up



    When you type ifconfig after the above commands, the spoofed mac in this example 00:11:22:33:44:55, will be shown !!!BUT!!! when you use Net Work Manager and associate to an AP the spoofed mac dissappears and the original hardware mac returns. Uh oh


    We confirmed this with Cain as we ran many man-in-the-middle attacks against ourselves and the HARDWARE MAC was always shown NOT the spoofed mac.


    also, if the router's connet clients section correctly shows the mac address you set, would the problem still be present?



    Thanks, cheers.

  9. #9
    Join Date
    2013-Jul
    Posts
    841
    We have noticed a number of firmware updates/upgrades for wireless adapters for kali linux (see /etc/apt/sources.list.) Normal mac spoofing techniques seem to be working again however to insure the spoof(cloned mac address) is holding we suggest.

    1. Spoof your mac address then run ifconfig and see if the spoof is present.
    2. Connect to the internet using Network Manager
    3. Run ifconfig again and see if the spoofed mac still remains.

  10. #10
    Join Date
    2014-Feb
    Posts
    3
    I'm having the same issue. Lastest version(1.0.6) of Kali running on VirtualBox 4.3.6(I believe)/Extension Pack with an Alfa USB card. It seems like if I stop Network Manager in the terminal, change the MAC address via the "ifconfig wlan0 hw ether" method, and then start Network Manager again, it will keep the spoofed MAC when I connect to the access point...My AP's logs confirmed it.

    Definitely something you should test for yourself on your own AP before doing anything where you want/need a spoofed mac.

Similar Threads

  1. Targeted device lags during ARP spoofing
    By intvl in forum General Archive
    Replies: 0
    Last Post: 2016-06-25, 19:17
  2. getting information from a polling WiFi device
    By YourMum in forum General Archive
    Replies: 3
    Last Post: 2014-05-06, 07:49

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •