A reader in the comments on our post Example - Bypassing WiFi MAC Address Restriction made the following comment
"# Obtain a valid MAC address that is allowed on the network - And that right there is the hard bit. Perhaps an article on that before declaring how easy it is."First, I would like to clarify several things
- Every hacker attack requires some amount of specific knowledge, time, effort and resources. If this wasn't the case, they wouldn't have been called hackers, they would be called - everyone!
- it is not the goal of this site to provide step-by-step tutorials on actual hacker attack methods.
- The presented MAC Address restriction protection is very easy and it requires the least amount of knowledge, time and resources compared to bypassing other protection methods and attack types
- If the WiFi network allows for unlisted MAC addresses to associate and then uses some sort of egress filtering, on the router or service selection gateway, just assoicate to the network and run wireshark for 5 minutes to collect other MAC addresses on the network. Results in 5 minutes
- If the WiFi network does not allow for unlisted MAC addresses to associate, then you can
- Download Backtrack and burn it to a LiveCD. Backtrack supports most of modern WiFi laptop cards.
- Boot your laptop from the Backtrack LiveCD. Run Kismet, which will put your wireless adapter into monitor mode. Use airodump to collect packets for analysis and find valid MAC address - Results in around 3 hours
- Create a small Perl program to generate a cycle of possibly valid MAC addressess and cycle them on your WiFi card using macshift. This yields best results paired with a bit of social engineering - to discover the models of laptops connecting to the network, thus reducing the address space to search - depending on skills and preparation, Results in 4 - 24 hours
Example - Bypassing WiFi MAC Address Restriction
5 Rules to Home Wi-Fi Security
Talkback and comments are most welcome