Ready to Start Your Career?

NoobSec Toolkit v2: MAC Address spoofing for Anonymity and Security

Krintoxi 's profile image

By: Krintoxi

October 29, 2015

Hello, today i will be showing you a small guide to using the NoobSecToolkit tool to Spoof the MAC Address of your device for Anonymity ,Security, and confidentiality reasons.When Nick meets Mack!Every NIC has a hardware address that's known as a MAC, for Media Access Control. Where IP addresses are associated with TCP/IP (networking software), MAC addresses are linked to the hardware of network adapters.  Remember all this is, is hardware and software working together, IP addresses and MAC addresses working together.The MAC address is sometimes referred to as a networking hardware address, the burned-in address (BIA), or the physical address. Here's an example of a MAC address for an Ethernet NIC:00:0a:95:9d:68:16.A MAC address itself doesn't look anything like an IP address. The MAC address is a string of usually six sets of two-digits or characters, separated by colons.Having such a unique identifier used on the local network can harm your privacy. for example:If you use your laptop to connect to several Wi-Fi networks, the same MAC address of your Wi-Fi interface is used on all those local networks. Someone observing those networks can recognize your MAC address and track your geographical location.  Using your own computer on a network that you use frequently, for example at a friend's place, at work, at university, etc. You have a strong relationship with this place but MAC address spoofing hides the fact that your computer is connected to this network at a particular time

NoobSecToolkit will call a script that will change the MAC address of your network interfaces to random values for the time of a working session. This is what we call "MAC address spoofing". MAC address spoofing hides the serial number of your network interface, and somewhat, who you are, to the local network.

Please keep in mind on some network interfaces, MAC address spoofing is not possible due to limitations in the hardware or in Linux.

We will want to start by cloning NoobSecToolkit Version 2 to our file system to do this

(1) CTRL + ALT + T (Open Terminal)(2) git clone cd NoobSecToolkit/NoobSecToolkit/(4) python
Once the Toolkit launches, it will ask  "What do you want to do : " in this case, we will type: macspoofthis will launch the Mac Spoofing script, which will ask you if you want to continue, type : y and hit enterThis will temporarily spoof your device Mac Address for the current session hiding who you are on the local network , and show you the results. Keep in mind that once your device is rebooted , your spoofed address will reset itself.------------------------Real World Example.-------------------------The NSA , FBI, among other agencies actively use MAC Address identification to target groups and objectives. A main example would be how they used this tactic to hunt down and arrest Lulzsec hackers!

According to the complaint against Jeremy Hammond, aka “sup_g” his physical residence in Chicago (US), was under continuous surveillance after being identified as a LulzSec member, FBI agents measured his wireless router signal strength and determined that it was located towards the rear of his home.They then applied for a court order to monitor all traffic coming in and out of that router with a trap and trace device identifying all unique MAC addresses connected to the router, an FBI expert then linked the suspect’s computer MAC address with an IP connected to the tor network (first node).

 I hope this information was useful to some of you, thank you. 
Schedule Demo