Anonymize Yourself on a Network (Change Your MAC Address)

June 22, 2016 | Views: 17988

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Welcome! Let’s get started…

Changing the MAC Address with the MAC Changer in Kali Linux

As a Hacker, you should know that being anonymous is really important. In some great hacking books, they write that hiding yourself is the first step of hacking. Especially when you’re attacking a network, you should know that your physical address or MAC address is broadcast in the list of computers connected to that network. You don’t want expose your real MAC address and get caught.

 

For Complete Beginners

What’s a MAC Address?

The MAC address or “Media Access Control address” (or we can even say physical address of a computer) is as its assigned on the network interfaces for communication on the physical network segments. MAC is used as a network address for IEEE 802 network technologies like WiFi and Ethernet. It’s given to your computer when it’s manufactured in the factory. It’s permanent, hard-wired and hard-coded on your network card. ARP (Address Resolution Protocol) translates IP addresses into MAC addresses.

 

How to Find Your MAC Address

In Windows

Step 1. Open command prompt, then press windows + r. Next, simply type cmd press okay.

run

 

Step 2. Type “get mac” and you’ll get your MAC address

getmac

 

In Linux

Step 1. Open your terminal

Step 2. Type in “ifconfig” and press enter

ipconfig

Step 3. Look for HWaddr

macaddrNow we know what MAC is and how we can check our MAC address.

 

Lets Change The Mac!!!

Step 1. Open your Kali Linux terminal type in “macchanger” For the wireless interface, I’m going to write eth0, because I don’t have a wireless card on this computer

“macchanger eth0 –s” to show the permanent MAC address

macs

 

Step 2. Type in “macchanger –r” and hit enter. BOOM!!!! – one last time and you did it.

macr

 

Extra Things

You can do macchanger your-interface –l to get a list of MAC address of 15,000 different vendors around the world including Cisco routers. If you’re on a network where your MAC address is from unknown vendors, this could cause suspicion. You can change your MAC on the routers though which the network usually runs (which could decrease your chances of getting caught, getting noticed and getting blocked by the network admin).

macl

If you get blocked, you can change your MAC again and invade the network again :p  – as simple as that!

 

Thanks. Your appreciation will keep me motivated!

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
54 Comments
  1. thank you for great artice

  2. i got that, perfectly……. i appreciate it.

  3. @saltydog399, You are confusing IP spoofing with MAC spoofing. First, I would never recommend performing hack’s from your home/work network anyway…because yes, even if MAC doesn’t give you away, IP will.

    I read this article because of a recent experience I had: I was in a bar, on their wifi (they provided the password), and got bored. On my iphone, which carries the host name ‘iPOD’ instead, I opened Fing and ran a network scan. I found their router presenting services on port 80, so opened its console in my browser. I guessed (first try!) their login/pw, it was ‘Administrator’ and ‘Password’. Now sitting with full control over their network at their router, I had a decision to make: commit a felony, or look-but-don’t-touch. I chose the latter, because I realized I had no way of masking my MAC on this device, and didn’t want to fire up Kali from the parking lot, these guys had never done me wrong after all. If I had changed my MAC, masked my host name, and possibly even have spoofed my IP so that the router’s logs showed a login from what looked like someone other than me or my devices, I might have proceeded. The guys I was with wanted the awful music shut down, so I was tempted to just change their default gateway to some invalid IP, and take the whole network down, but again, I showed restraint.

  4. I don’t understand. If you are on an ATT DSL line and you change your MAC couldn’t ATT still determine your subnet and pretty easliy find you. I suppose if you cahnged your MAC until you did your work and then change it back to the real MAC that may work before the ISP becomes aware of who you are. But I would imagine they may be monitoring your MAC after that. Are they that good or do they not care that much?

    • this was a simple article sir about how to change mac and i wrote my first article

    • **I DO NOT CONDONE OR SUPPORT ANY ILLEGAL TESTING OR ACTIVITY OF ANY TYPE**

      Q: I don’t understand. If you are on an ATT DSL line and you change your MAC couldn’t ATT still determine your subnet and pretty easliy find you.

      My answer:
      Changing your MAC is simply going to hide you after the traffic your generating ends. So long as you revert back to your original MAC afterwards. Like committing a crime with someone else’s identity. You can still be caught in the act, however afterwards when the crime has been committed they will be looking for someone else. The logs you generate will show your IP, MAC, GEO codes, detecting device, original agent, source/dest usernames etc… This is why you should also be using a VPN with a foreign IP and be working from a public IP in the first place. The company providing your VPN generally has a choice to release your IP or not based on their policies. Having a public IP (coffee shop) and fake MAC through your VPN is another layer separating you. Scripts to change your MAC and VPN IP periodically while adventuring will throw off an analyst looking at your logs. Working through a VM and rebuilding such VM often can help to reduce the chances of you getting spyware which if contracted on your host machine would make your efforts to hide useless.

      Q: before the ISP becomes aware of who you are.

      My answer: Your ISP is aware of who you are. Key would be to hide your ISP IP from your target in the first place. With a changed MAC address your ISP can’t directly say that it is YOU however they CAN say that it is your household (router). You don’t want a target to realize what ISP your using let alone what country you are in.

      Q: But I would imagine they may be monitoring your MAC after that. Are they that good or do they not care that much?

      My answer: They would not be monitoring your MAC address afterwards. If your doing something bad to a company they would contact your ISP (granted they figured it out) and the authorities (depending the level of badness). Your ISP will then send you a cease and desist letter, this they do track. A household can only receive a few cease and desist letters before it is banned from using the ISP entirely. Other ISP’s may ask if you have received such letters from other ISP. You don’t want to receive those letters. Actively monitoring your MAC would bog down defense systems an excessive amount however it is likely that your MAC would be added to an IPKB along your routers IP. A ticketing system regarding warnings sent is the probable answer for tracking your activity.

      Q: Are they that good or do they not care that much?

      My answer: The ISP doesn’t really care, the target your after DOES. Your target MAY be that GOOD. Depending on what your after and what your doing it is most likely the target will simply block you at a firewall or their IPS. If you steal something or leak PII be prepared to be hunted and know that forensic equipment can do wonders on the files you ‘deleted’. Drills and microwaves.

      Lastly if you connect to your target with your real mac address for ANY amount of time and then spoof it. A decent security analyst can find this change immediately and correlate your traffic making this useless. Mac should be spoofed before any connection to the internet, traffic is easy to correlate. Use a VPN IP originating from a foreign country that does not play nice with sharing information. Knowing what your logs will display is knowing how you can be found.

Page 4 of 6« First...«23456»
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel