» mac address spoofing

[TheXero]

well if your using unix/linux then you can use ettercap (much better than c&a) and i believe wireshark is cross platform

ettercap is like a menu based program from what i remember but haven't used it much recently may have changed

[Zero Cold]

to get a mac address for all the machines on the network using backtrack u can use netdiscover -i device name

or nmap will also give u the mac address

[ne011]

i always use cain in windows

[MaXe]

Netdiscover is definitely one of my favorite tools Zero Cold, it's very cool and very effective ;-)

[p3nt3st]

actually..the mac address belong to the Manufacturer


why you want to spoof the mac address and why ?? the mac address

like AA:AA: this section like name the company

BB:BB the serial nu ..

aa:aa :aa:aa
company serial

what should spoof can do on the hardwear ??
it dosnt realy matter how and why ;)

but it dosnt work even u cant change it

[MaXe]

@p3nt3st: The reason why you spoof your mac adress, is usually when attacking Wire-
less networks (801.11 B/G/N) or when you're doing insider attacks so it is harder to trace
where the attack is coming from.

It is very much possible to spoof the whole mac address, my MAC-address when InterN0T
was in the early stages and before that (Teh Unkwon) was set to an "Echelon"-MAC.

Search for: "macchanger" in BackTrack or on the Internet. (without quotes)

[Zero Cold]

MaXe he knows what macchanger for lolz i think he was being sarcastic

[securityxxxpert]

Quote:

Originally Posted by p3nt3st

actually..the mac address belong to the Manufacturer


why you want to spoof the mac address and why ?? the mac address

like AA:AA: this section like name the company

BB:BB the serial nu ..

aa:aa :aa:aa
company serial

what should spoof can do on the hardwear ??
it dosnt realy matter how and why ;)

but it dosnt work even u cant change it

I agree with everything you said except why you would want to change. Let's view this from a blackhat perspective for a second. Let's say you fancy rooting this webserver that you have been enumerating for months now. It would not do to simply try to attack the box directly as this will most likely get you caught. More than likely their are a plethora of options to engage your target. Personally I would recommend compromising someone's wireless network passively. Then before you connect to said network do macchanger -r before you connect to your new wireless access point. Seeing how we never sent so much as a packet to the victim, is alls they would see if they monitor the logs is a wireless mac adddress that is on the LAN. They could create a wireless mac filter, but we all know that this only slows a hacker down. When such a filter is created you need only to ddos a client on the network, change your mac to that mac, and continue with whatever you were doing.

Hopefully everyone makes sense of my rant

Securityxxxpert

[britfat]

macchanger is good, simply for its ease of use. Allows random addresses and all that good jazz.

I can't say I'm that into changing it for the sake of it. I think some people think it does more that it really does, but still very handy nonetehless.

It's more interesting to manipulate NAT if you're goining into someones LAN.

[krink]

in my opinion the easiest way to get mac address of computers on your network if your using linux is to just fire up an nmap command such as this

nmap -sP 192.168.1.*