MAC spoofing

Of course it's not about spoofing your HP/Dell laptop as a MAC laptop. It is about Media Access Control. But before we understand what that is. What is spoofing?

Among several meanings of spoofing one is to deceive or to forge.

Wikipedia says MAC spoofing is a hacking technique of changing an assigned Media Access Control (MAC) address of a networked device to a different one.

Lets see it in simpler words. Now you may have heard of ethernet cards / lan cards. There are different ways of connecting to the internet. One is dial up(using modem), others are direct cable connection(DVS, CCNA, CityOnline, etc), ADSL(BSNL), wi-fi(klce-wifi, etc).

For the direct cable connection / ADSL, you need an ethernet card. Every ethernet card in the world is suppose to have a different MAC address.

MAC address, also known as Ethernet Hardware Address, is used as an identifier of the ethernet just like IP address are used in case of Internet. It usually encodes the manufacturer's registration number. Here is the mac vendor list if you want to see.

It is 6 bytes and normally written as xx:xx:xx:xx:xx:xx.

Some of the internet service providers control access using MAC address. They allow traffic only if the request is coming from the MAC addresses on their list. This is the place where MAC spoofing is useful.

Suppose you have internet connected to your desktop, you remove the connection and connect it to your laptop, change the ip address. You try to use the internet but you are not allowed. This is because the MAC address is different and your ISP doesn't allow this. Instead of calling your IP address to add you laptops MAC address, you can simply change the laptops MAC address to match to that of your desktops.

First, finding the MAC address:
On windows system type: ipconfig /all in the cmd prompt

On Mac OS X, in the System Preferences -> Network


On Linux, in the terminal type:

# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:60:08:C4:99:AA
    inet addr:131.225.84.67  Bcast:131.225.87.255  Mask:255.255.248.0
    UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    RX packets:15647904 errors:0 dropped:0 overruns:0
    TX packets:69559 errors:0 dropped:0 overruns:0
    Interrupt:10 Base address:0x300

here the HWaddr is the mac address.

Second, changing the MAC address.

Windows

On windows there are several softwares to change the mac address, some of them are amac, smac, tmac, Technitium Mac Address Changer, etc. AMAC is a good software. It also includes a scanner that scans the network and shows the list of computer name, IP address and MAC address of those systems. So you can easily spoof the mac.
Most ethernet card / wifi device manufacturers provide this ability in the driver itself. So you can simply go to the Device Manager (devmgmt.msc in the Start -> Run), double click the ethernet card and check if they allow to type your own MAC address.

Linux

On Linux it is really simple. Open the terminal. Suppose your card is eth0 (if lan card, wireless card may have wlan0) then type the following:

ifconfig eth0 down
ifconfig eth0 ether 11:11:11:11:11:ab
ifconfig eth0 up

You also have a software: MAC changer to do this.

MAC OS X

ifconfig command should also work on MAC OS X. Someone please try and put a comment.

Now that we have successfully changed our MAC, we can enjoy the service. Changing MAC address can be useful in various places. Like if you have one connection of DVS Broadband or CCN Broadband but two systems, you can put the same IP address and MAC address and use internet on both of them. If your friend took an internet account (wifi) but went home, you can spoof his MAC address on your laptop and use internet from his account.

But keep in mind that MAC spoofing is against the Indian law as per the Information Technology Act, 2000. The material provided above is for educational purposes only.

Lost for so many days

I haven't written blogs for sometime now. Lets see what I did last few weeks. I made a mistake, got kicked off for it, lost contact. Then did donkey's work of editing the souvenir and proceedings book for the International Conference of Web Sciences '09 organized at KLCE.

As if that was not enough I was placed at the Registration Desk for the event. I got registration desk :( I would have liked something that involved computer, some tricky things but that was really tiring job. But it is done now. And it was successful, everyone was happy with our reception / registration / help desk. I even got time to pull one of my teachers leg and draw some pictures.

Well sorry to waste your time with this blog.

Forward mails?

Every now and then I get a mail saying "if you don't forward it to at least 10 people then ...." or "to get your true love forward this mail to at least 10 people" or "Mr Sandip Tiwari is a final year student and has a serious Open Source disease, he is in serious need of money to support his group. Google has agreed to support him. Please forward this mail. For every forward he will receive some amount, please do not neglect this email as it is a matter of life and death" or some other nonsense. And people forward these mails.

I remember threatening one of my friends to subscribing his mail account to a porn site if he continued to send me such emails. (He stopped after that)

Surely there can't be a power in those emails to bless you or to punish you. And I doubt google or yahoo will help for such a cause.

On the second thought they have powers. They have a power to punish you by stealing your details, to bless you with viruses or make money for others.

Ever heard of email trackers?
Like the name says, they are programs that track emails. Whether the mail was read or not? The IP address of the reader, the number of times it was read, forwarded, etc. all such details can be collected.

There may be several types of email trackers, one simple one works by embedding an image into the email. The image is kept on some server and the server collects information of people trying to access the image.

How to do it?

Make a image (mostly blank with very small size), store it on your web server. Now create a script that will collect all the information required and return that image. Put this script on the web server. Now type your mail and embed the link to that script. The script will simply return an image whenever the mail is opened. Before returning the image, it will collect the information like IP address, operating system, etc.

Here is an example. Haven't tried it yet. If you try it, please let me know the result.

Now you read that beautiful mail and forward it to your dear friends. What happens? You are simply spreading that threat to new victims, helping some guy sitting somewhere to trap new victims.

The other thing that forward mails do is: Viral advertising
How often do you see at the bottom of the email a name you know. HCL, Infosys, Microsoft, WIPRO, etc. I am not saying that these big companies are sending these messages. I am actually puzzled about how these names get there.

But Viral advertising is the truth. That is how Hotmail, Yahoomail, Paypal, Orkut, YouTube became popular.

Special Interest Group - defHack

Want to be a real hacker and not a Script Kiddie?

def Hack is a Special Interest Group under Twincling Technology Foundation that is focused on technical discussions related to Ethical Hacking, Network & Systems Security, Certification Exams and tools development.

It has been dormant for sometime. But it has been refueled now. Go ahead and join the group. Click here

What is def Hack?
http://groups.google.com/group/defhack/web/what-is-def-hack

openSUSE 11.1

I recently installed openSUSE 11.1 beta 5. Though it is still in beta stage, it is quite stable. It looks much more cooler than openSUSE 11.0 and any other distro out there. It is one of the best and easiest Linux distro to use. With YAST (something like Windows' Control Panel), it beats any other linux distro in terms of configuration from a GUI.

It is very simple to install, one place where one can mess things up is while partitioning the harddisk. If you have trouble then in your windows, open RUN (in the start menu) and type diskmgmt.msc and click Run. Take a screenshot and mail it to me. blvdeer [AT] gmail [DOT] com. I will find the best configuration for partitioning and write step by step tutorial on how to do it in the installer.

After you have install, just open YAST and add software repositories
Goto to the K-Menu (start menu like thing), select Application, System, Administration Settings.
Enter your password. In that you will see different options in the left pane. In Softwares, you will see Software Repositories. Click it.




Click on Add. And choose Community Repositories. Add Packman, KDE-Backport, VideoLAN, KDE-Community, etc repositories. And select OK.

There you are. Now goto Software Management (in YAST > Software) and install the softwares you love.

Some of the things that I installed are:

1. gcc - GNU Compiler Collection C complier
2. make - Make for the compiler
3. automake - Automatically generate Makefile.in
4. autoconf - Automatically configure source code
5. bison - Parse generator
6. flex - Lexical analyser
7. vlc - VLC player
8. mplayer - Mplayer
9. smplayer - A great frontend for mplayer
10. flash - Adobe Flash Player
11. mplayerplug-in - Browser Plugin for mplayer
12. unrar - Adds rar support to Ark
13. p7zip - 7zip but only commandline, adds 7z support to Ark
14. java-1_6_0-sun - Java
15. java-1_6_0-sun-plugin - Java Plugin for Browser
16. gcc-c++ - C++ compiler
17. krita - Picture editing tool
18. gimp - Picture editing tool like photoshop
19. wine - Allows you to run windows programs on Linux
20. isomaster - Lets you edit iso images
21. isomorphin - Lets you mount iso images
22. peazip - Frontend for p7zip
23. dosbox - Dos emulator

I installed MySQL, Qt 4, squid and a few other things as well. Flex & bison are required only if you are planning to compile and install wine.

Thats all for a normal user. You will love openSuSE, it's a great distribution.

Register today

The registration for Open Source Summit 2008 has started. I have already registered. Have you?
Register now. Click here.

Here's a good flash animation showing the venue and explaining the path you will need to take. Lets all meet there.

You can also tell your friend. Simply click here.

Be there. You are either Open Source or vegetable.
I am a vegetarian, beware.

Internet Governance Forum


The establishment of Internet Governance Forum (IGF) by the United Nation (UN) is seen as an innovative new approach to global policy making. It offers a discussion space for multi-stakeholder and offer unique opportunity for bottom-up policy development related to the Internet by linking togethter Governement, Private Sector, NGO/INGOs, civil society, technical and academic community.

The third meeting of IGF is going to be held in Hyderabad from 3-6 December 2008. There are five main subjects of the IGF - access, openness, diversity, security and critical Internet resources - for the management and development of internet.

I think the internet should be left open and away from politics of the different countries, companies trying to change the world in their profit making ways. But that's just my thought.