Monday, January 12, 2009

MAC spoofing

Of course it's not about spoofing your HP/Dell laptop as a MAC laptop. It is about Media Access Control. But before we understand what that is. What is spoofing?

Among several meanings of spoofing one is to deceive or to forge.

Wikipedia says MAC spoofing is a hacking technique of changing an assigned Media Access Control (MAC) address of a networked device to a different one.

Lets see it in simpler words. Now you may have heard of ethernet cards / lan cards. There are different ways of connecting to the internet. One is dial up(using modem), others are direct cable connection(DVS, CCNA, CityOnline, etc), ADSL(BSNL), wi-fi(klce-wifi, etc).

For the direct cable connection / ADSL, you need an ethernet card. Every ethernet card in the world is suppose to have a different MAC address.

MAC address, also known as Ethernet Hardware Address, is used as an identifier of the ethernet just like IP address are used in case of Internet. It usually encodes the manufacturer's registration number. Here is the mac vendor list if you want to see.

It is 6 bytes and normally written as xx:xx:xx:xx:xx:xx.

Some of the internet service providers control access using MAC address. They allow traffic only if the request is coming from the MAC addresses on their list. This is the place where MAC spoofing is useful.

Suppose you have internet connected to your desktop, you remove the connection and connect it to your laptop, change the ip address. You try to use the internet but you are not allowed. This is because the MAC address is different and your ISP doesn't allow this. Instead of calling your IP address to add you laptops MAC address, you can simply change the laptops MAC address to match to that of your desktops.

First, finding the MAC address:
On windows system type: ipconfig /all in the cmd prompt

On Mac OS X, in the System Preferences -> Network


On Linux, in the terminal type:
# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:60:08:C4:99:AA
inet addr:131.225.84.67 Bcast:131.225.87.255 Mask:255.255.248.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:15647904 errors:0 dropped:0 overruns:0
TX packets:69559 errors:0 dropped:0 overruns:0
Interrupt:10 Base address:0x300
here the HWaddr is the mac address.

Second, changing the MAC address.

Windows

On windows there are several softwares to change the mac address, some of them are amac, smac, tmac, Technitium Mac Address Changer, etc. AMAC is a good software. It also includes a scanner that scans the network and shows the list of computer name, IP address and MAC address of those systems. So you can easily spoof the mac.
Most ethernet card / wifi device manufacturers provide this ability in the driver itself. So you can simply go to the Device Manager (devmgmt.msc in the Start -> Run), double click the ethernet card and check if they allow to type your own MAC address.

Linux

On Linux it is really simple. Open the terminal. Suppose your card is eth0 (if lan card, wireless card may have wlan0) then type the following:

ifconfig eth0 down
ifconfig eth0 ether 11:11:11:11:11:ab
ifconfig eth0 up

You also have a software: MAC changer to do this.

MAC OS X

ifconfig command should also work on MAC OS X. Someone please try and put a comment.

Now that we have successfully changed our MAC, we can enjoy the service. Changing MAC address can be useful in various places. Like if you have one connection of DVS Broadband or CCN Broadband but two systems, you can put the same IP address and MAC address and use internet on both of them. If your friend took an internet account (wifi) but went home, you can spoof his MAC address on your laptop and use internet from his account.

But keep in mind that MAC spoofing is against the Indian law as per the Information Technology Act, 2000. The material provided above is for educational purposes only.

Sunday, January 4, 2009

Lost for so many days

I haven't written blogs for sometime now. Lets see what I did last few weeks. I made a mistake, got kicked off for it, lost contact. Then did donkey's work of editing the souvenir and proceedings book for the International Conference of Web Sciences '09 organized at KLCE.

As if that was not enough I was placed at the Registration Desk for the event. I got registration desk :( I would have liked something that involved computer, some tricky things but that was really tiring job. But it is done now. And it was successful, everyone was happy with our reception / registration / help desk. I even got time to pull one of my teachers leg and draw some pictures.

Well sorry to waste your time with this blog.