【MAC spoofing】 使用 macchanger 替换你的网卡 MAC 地址

wpadmin~June 16, 2018 /InfoSec




可以映射 MAC 地址到 生产厂商。
需要说明的是,在经过第一个路由器之后, MAC 地址就被替换了。
因此,伪装 MAC 地址 主要是在 局域网(Local Area Network, LAN) 的需求。

在某种程度上可以通过 arp -a 获取局域网内主机/设备的 MAC 地址,映射到生产厂商名称,配合端口开放情况,可以更好的推断设备操作系统。



tar -xvf macchanger-1.6.0.tar.gz
cd macchanger-1.6.0
make install


macchanger --help
macchanger -s eth0
macchanger -r eth0

Windows 环境


This software just writes a value into the windows registry. When the Network Adapter Device is enabled, windows searches for the registry value ‘NetworkAddress’ in the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class{4D36E972-E325-11CE-BFC1- 08002bE10318}[ID of NIC e.g. 0001]. If a value is present, windows will use it as MAC address, if not, windows will use the hard coded manufacturer provided MAC address. Some Network Adapter drivers have this facility built-in. It can be found in the Advance settings tab in the Network Adapter’s Device properties in Windows Device Manager.


1 Starting MAC address changer will list all available network adapters.
2 Select the adapter you want to change the MAC address. You will get the details of your selection below.
3 In the Information tab, find the Change MAC Address frame. Enter new MAC address in the field and click Change Now! button. You may even click Random MAC Address button to fill up a randomly selected MAC address from the vendor list available.
4 To restore the original MAC address of the network adapter, select the adapter, click Restore Original button in the Change MAC Address frame.

NOTE: This tool cannot change MAC address of Microsoft Network Bridge. Network Bridge will automatically use the original MAC address of the first NIC added into bridge with the first octet of MAC address set to 0x02.

Linux bash 方式

NIC (Network Interface Controller, NIC), LAN Adapter, Network Adapter
MAC (Media Access Control) Address
EUI48 (Extended Unique Identifier, EUI)
EUI64 (Extended Unique Identifier, EUI)

MAC 地址前三组(octet)被称为 OUI (Organizationally Unique Identifier, OUI)

ifconfig | grep HWaddr
ifconfig wlan0 down
ifconfig wlan0 hw ether de:ae:fe:ef:c0:ff
ifconfig wlan0 up




HakTip – Media Access Control 101: Fundamentals and Spoofing

Leave a Reply

Your email address will not be published. Required fields are marked *