Sep 17, 2017 It would not change the MAC address for either wlan0 or eth0 and every attempt would return ' Could not change MAC: interface up or insufficient SOLVED Could not change MAC. & Setup Macchanger auto spoofing/randomization in Kali.
This article gives several methods to spoof a Media Access Control (MAC) address.
Manually
There are two methods for spoofing a MAC address: installing and configuring either iproute2 or macchanger. Both of them are outlined below.
iproute2
First, you can check your current MAC address with the command:
where
interface is the name of your network interface.
The section that interests us at the moment is the one that has 'link/ether' followed by a 6-byte number. It will probably look something like this:
The first step to spoofing the MAC address is to bring the network interface down. It can be accomplished with the command:
Next, we actually spoof our MAC. Any hexadecimal value will do, but some networks may be configured to refuse to assign IP addresses to a client whose MAC does not match up with any of known vendors. Therefore, unless you control the network(s) you are connecting to, use MAC prefix of any real vendor (basically, the first three bytes), and use random values for next three bytes. For more information please read Wikipedia:Organizationally unique identifier.
To change the MAC, we need to run the command:
Where any 6-byte value will suffice for
XX:XX:XX:XX:XX:XX .
The final step is to bring the network interface back up. This can be accomplished by running the command:
If you want to verify that your MAC has been spoofed, simply run
ip link show interface again and check the value for 'link/ether'. If it worked, 'link/ether' should be whatever address you decided to change it to.
macchanger
Another method uses macchanger (a.k.a., the GNU MAC Changer). It provides a variety of features such as changing the address to match a certain vendor or completely randomizing it.
Install the package macchanger.
The spoofing is done on per-interface basis, specify network interface name as
interface in each of the following commands.
The MAC address can be spoofed with a fully random address:
To randomize only device-specific bytes of current MAC address (that is, so that if the MAC address was checked it would still register as being from the same vendor), you would run the command:
![]()
To change the MAC address to a specific value, you would run:
Where
XX:XX:XX:XX:XX:XX is the MAC you wish to change to.
Finally, to return the MAC address to its original, permanent hardware value:
Note: A device cannot be in use (connected in any way or with its interface up) while the MAC address is being changed.
Automaticallysystemd-networkd
systemd-networkd supports MAC address spoofing via link files (see systemd.link(5) for details).
To set a static spoofed MAC address:
To randomize the MAC address on every boot, set
MACAddressPolicy=random instead of MACAddress=spoofed MAC .
systemd-udevd![]()
Udev allows you to perform MAC address spoofing by creating udev rules. Use
address attribute to match the correct device by its original MAC address and change it using the ip command:
where
XX:XX:XX:XX:XX:XX is the original MAC address and YY:YY:YY:YY:YY:YY is the new one.
systemd unitCreating unit
Below you find two examples of systemd units to change a MAC address at boot, one sets a static MAC using ip and one uses macchanger to assign a random MAC address. The systemd
network-pre.target is used to ensure the MAC is changed before a network manager like Netctl or NetworkManager, systemd-networkd or dhcpcd service starts.
iproute2
systemd unit setting a predefined MAC address:
macchanger
systemd unit setting a random address while preserving the original NIC vendor bytes. Ensure that macchanger is installed:
A full random address can be set using the
-r option, see #macchanger.
Enabling service
Append the desired network interface to the service name (e.g.
eth0 ) and enable the service (e.g. [email protected] ).
Reboot, or stop and start the prerequisite and requisite services in the proper order. If you are in control of your network, verify that the spoofed MAC has been picked up by your router by examining the static, or DHCP address tables within the router.
netctl interfaces
You can use a netctl hook to run a command each time a netctl profile is re-/started for a specific network interface. Replace
interface accordingly:
Make the script executable:
Source: akendo.eu
NetworkManager
See NetworkManager#Configuring MAC address randomization.
TroubleshootingConnection to DHCPv4 network fails
If you cannot connect to a DHCPv4 network and you are using dhcpcd, which is the default for NetworkManager, you might need to modify the dhcpcd configuration to obtain a lease.
See also
Retrieved from 'https://wiki.archlinux.org/index.php?title=MAC_address_spoofing&oldid=563556'
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |