MAC address spoofing: Difference between revisions
m (fixed link avoid redirect) |
m (→Automatically: simplified section titles + descriptions) |
||
| Line 72: | Line 72: | ||
== Automatically == | == Automatically == | ||
=== Creating | === Creating systemd unit file === | ||
==== | ==== iproute2 + dhcpcd ==== | ||
[[systemd]] unit setting a predefined MAC address while assuming the use of [[dhcpcd]]: | |||
{{hc|/etc/systemd/system/macspoof@.service|<nowiki> | {{hc|/etc/systemd/system/macspoof@.service|<nowiki> | ||
| Line 92: | Line 92: | ||
</nowiki>}} | </nowiki>}} | ||
==== macchanger + NetworkManager ==== | |||
[[systemd]] unit setting a random address while preserving the original NIC vendor bytes while assuming the use of [[NetworkManager]] (ensure that {{Pkg|macchanger}} is [[Pacman#Installing specific packages|installed]]): | |||
{{hc|/etc/systemd/system/macspoof@.service|<nowiki> | {{hc|/etc/systemd/system/macspoof@.service|<nowiki> | ||
| Line 112: | Line 110: | ||
</nowiki>}} | </nowiki>}} | ||
==== | ==== macchanger + dhcpcd ==== | ||
[[systemd]] unit setting a fully random address while assuming the use of [[dhcpcd]] (ensure that {{Pkg|macchanger}} is [[Pacman#Installing specific packages|installed]]): | |||
{{hc|/etc/systemd/system/macspoof@.service|<nowiki> | {{hc|/etc/systemd/system/macspoof@.service|<nowiki> | ||
| Line 131: | Line 129: | ||
=== Enabling service === | === Enabling service === | ||
Append the desired network interface | Append the desired network interface to the service name (e.g. {{ic|eth0}}) and enable the service: | ||
# systemctl enable macspoof@eth0.service | # systemctl enable macspoof@eth0.service | ||
Revision as of 09:29, 4 August 2014
zh-CN:MAC Address Spoofing This article gives several methods to spoof a Media Access Control (MAC) address.
Manually
There are two methods for spoofing a MAC address using either iproute2 (installed by default) or macchanger (available on the official repositories). Both of them are outlined below.
Method 1: iproute2
First, you can check your current MAC address with the command:
# ip link show interface
where interface is the name of your network interface.
The section that interests us at the moment is the one that has "link/ether" followed by a 6-byte number. It will probably look something like this:
link/ether 00:1d:98:5a:d1:3a
The first step to spoofing the MAC address is to bring the network interface down. It can be accomplished with the command:
# ip link set dev interface down
Next, we actually spoof our MAC. Any hexadecimal value will do, but some networks may be configured to refuse to assign IP addresses to a client whose MAC does not match up with a vendor. Therefore, unless you control the network(s) you are connecting to, it is a good idea to test this out with a known good MAC rather than randomizing it right away.
To change the MAC, we need to run the command:
# ip link set dev interface address XX:XX:XX:XX:XX:XX
Where any 6-byte value will suffice for XX:XX:XX:XX:XX:XX.
The final step is to bring the network interface back up. This can be accomplished by running the command:
# ip link set dev interface up
If you want to verify that your MAC has been spoofed, simply run ip link show interface again and check the value for 'link/ether'. If it worked, 'link/ether' should be whatever address you decided to change it to.
Method 2: macchanger
Another method uses macchanger (a.k.a., the GNU MAC Changer). It provides a variety of features such as changing the address to match a certain vendor or completely randomizing it.
Install the package macchanger from the official repositories.
The spoofing is done on per-interface basis, specify network interface name as interface in each of the following commands.
The MAC address can be spoofed with a fully random address:
# macchanger -r interface
To randomize all of the address except for the vendor bytes (that is, so that if the MAC address was checked it would still register as being from the same vendor), you would run the command:
# macchanger -e interface
To change the MAC address to a specific value, you would run:
# macchanger --mac=XX:XX:XX:XX:XX:XX interface
Where XX:XX:XX:XX:XX:XX is the MAC you wish to change to.
Finally, to return the MAC address to its original, permanent hardware value:
# macchanger -p interface
Automatically
Creating systemd unit file
iproute2 + dhcpcd
systemd unit setting a predefined MAC address while assuming the use of dhcpcd:
/etc/systemd/system/macspoof@.service
[Unit] Description=MAC Address Change %I Before=dhcpcd@%i.service [Service] Type=oneshot ExecStart=/usr/bin/ip link set dev %i address 36:aa:88:c8:75:3a ExecStart=/usr/bin/ip link set dev %i up [Install] WantedBy=network.target
macchanger + NetworkManager
systemd unit setting a random address while preserving the original NIC vendor bytes while assuming the use of NetworkManager (ensure that macchanger is installed):
/etc/systemd/system/macspoof@.service
[Unit] Description=macchanger on %I Before=NetworkManager.service After=sys-subsystem-net-devices-%I.device [Service] ExecStart=/usr/bin/macchanger -e %I Type=oneshot [Install] WantedBy=multi-user.target
macchanger + dhcpcd
systemd unit setting a fully random address while assuming the use of dhcpcd (ensure that macchanger is installed):
/etc/systemd/system/macspoof@.service
[Unit] Description=macchanger on %I Before=dhcpcd@%i.service [Service] ExecStart=/usr/bin/macchanger -r %I Type=oneshot [Install] WantedBy=multi-user.target
Enabling service
Append the desired network interface to the service name (e.g. eth0) and enable the service:
# systemctl enable macspoof@eth0.service
Reboot, or stop and start the prerequisite and requisite services in the proper order. If you are in control of your network, verify that the spoofed MAC has been picked up by your router by examining the static, or DHCP address tables within the router.
See also
- Macchanger GitHub page
- Article on DebianAdmin with more macchanger options