Lab: MAC Spoofing with macchanger

AITI-KACE, NIS
July, 2017

0 The Lab
0.1 Objectives

In this Lab you are asked to temporarily change the MAC address of the network interface
card of your machine. The permanent MAC address of your PC can be masked with a fake
MAC, an attack known as MAC spoofing. Some AP_routers implement MAC filtering on the
network to allow only legitimate hosts to gain network access. Port security could also be
implemented usually on switches to restrict port ingress traffic by specifying which MAC
addresses are allowed to send traffic into a port.

By doing a MAC spoofing, an attacker can circumvent MAC filtering, firewall rules and port
security on switches.

In this Lab, you are asked to use the macchanger tool to perform a MAC spoofing attack:
- Change your mac to any random MAC
- Spoof a specific MAC address (thus you spoof the MAC of some legitimate network
interface to gain access to a port).

0.2 Tools

A PC with an installed macchanger can complete the task in this Lab.

1 Macchanger

Macchanger is a well-known tool for performing MAC spoofing. With macchanger, you can
change the MAC of your ethernet wired (eth0) or wireless NIC. The tool is preinstalled in
kali, so you are good to go. Otherwise install it on Ubuntu.

Use the command ‘macchanger --help’ for the different options for macchanger
Check your network interface MAC:
Ifconfig

Turn off network interface:

Ifconfig eth0 down

Spoof a random MAC:

macchanger –r <network_interface>

So you have changed your MAC with a random MAC address.

Check your new MAC by bringing the interface up (ifconfig <network_interface> up) and do
ifconfig.

Spoof a specific MAC address:

macchanger –m c1:82:00:0a:cd:ee <network_interface>

Check whether MAC was changed.

Change MAC to your permanent MAC address:

Macchanger –p <network_interface>

Bring interface up:

ifconfig <network_interface> up