Greetings null-bytians. Say you have been able to penetrate your neighbour's AP, and of course you had spoofed your MAC address. Now you go on and test to see with excitement if the password really works and the MAC is still spoofed. You login successfully and you browse the web forgetting to check what your current MAC is. Well, if you may do an ifconfig command, you will see that your permanent MAC is being used. Oh!! and guess what, ... your real MAC has been logged. Even though there is the nifty setting for spoofing your MAC in the network settings, once you had logged in the first time, your MAC has been logged.
Step 1: Create the AP with All the Settings Before Login
Firstly, before you connect to the AP, add the access point without making a successful login. We do that by selecting the AP on the networks list, input a wrong password, so that after it has tried to authenticate, the AP settings will be saved on your machine. To check if the AP is has been saved, goto to the network settings. In kali2.0 goto settings - network - wifi - History. The AP should be there.
Step 2: Setting Up the AP with a Fake MAC
Now that we have the AP settings, we will now select that AP and navigate to Identity. There you will find Cloned Address. Just type in a MAC address you want, 00:11:22:33:44:55 as an example. But I would suggest you use macchanger for maybe a known MAC. You can do that by entering
- kali > macchanger -A wlan0
Now just copy that new MAC address and paste it on the Cloned Address. Save the settings and connect to the wifi.
But before that, there is a reason why I used the -A in the command for macchanger. As you would have seen, in parenthesis next to the MAC, there is a device name.
Step 3: Change Your Hostname to That Device Name
Well that is so easy. Just type nano /etc/hostname in a terminal. After that remove the text in there, and type in the device name. Save the file with Ctrl+X and press y.
Now you can connect to the access point and only your the spoofed MAC will be logged and the device name as the hostname. Now the logs will have something like Samsung XX:xx:xx:XX:xx:XX. So if your neighbour or somewhere you usually goto to access the wifi, sees that log, they will be diverted by the hostname: samsung, while you are using your HP, or Dell laptop, and well you won't be a suspect for a bit while, I hope.
Sorry there are no pictures/screenshots. Hope this will help.
-BlackErpeton
Just updated your iPhone? You'll find new emoji, enhanced security, podcast transcripts, Apple Cash virtual numbers, and other useful features. There are even new additions hidden within Safari. Find out what's new and changed on your iPhone with the iOS 17.4 update.
5 Comments
Good tutorial, something that many people don't think about is post exploitation yet its one on the steps were your the most vulnerable.
Cheers,
Washu
if we add the spoof command to rc.local, there is no need to repeat it after system login. I was using sproof hostname, but changing the mac i use ifconfig hw eth0
Truly appreciate it guys.
Remember to input the password, then save your settings, this is in under security.
Excellent info and food for thought. Much appreciated.
How about changing your wifi adapter vendor name ? I tried to use your idea and it is good . but when i tried to use "netcut" application installed on my android and windows pc ,the vendor name of my wifi adapter is different from the wifi itself and it is very noticeable . Do you have even more tips ? Thanks mate
Share Your Thoughts