macchanger

简介

可以映射 MAC 地址到 生产厂商。
需要说明的是，在经过第一个路由器之后， MAC 地址就被替换了。
因此，伪装 MAC 地址 主要是在 局域网(Local Area Network, LAN) 的需求。

在某种程度上可以通过 arp -a 获取局域网内主机/设备的 MAC 地址，映射到生产厂商名称，配合端口开放情况，可以更好的推断设备操作系统。

Download

http://www.gnu.org/software/macchanger
https://github.com/alobbs/macchanger

Compile

#
#
wget http://mirrors.ustc.edu.cn/gnu/macchanger/macchanger-1.6.0.tar.gz
tar -xvf macchanger-1.6.0.tar.gz
cd macchanger-1.6.0
./configure
make install

Usage

#
#
macchanger --help
macchanger -s eth0
macchanger -r eth0

Windows 环境

https://technitium.com/tmac/
https://github.com/TechnitiumSoftware

原理

This software just writes a value into the windows registry. When the Network Adapter Device is enabled, windows searches for the registry value ‘NetworkAddress’ in the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class{4D36E972-E325-11CE-BFC1- 08002bE10318}[ID of NIC e.g. 0001]. If a value is present, windows will use it as MAC address, if not, windows will use the hard coded manufacturer provided MAC address. Some Network Adapter drivers have this facility built-in. It can be found in the Advance settings tab in the Network Adapter’s Device properties in Windows Device Manager.

使用方式

1 Starting MAC address changer will list all available network adapters.
2 Select the adapter you want to change the MAC address. You will get the details of your selection below.
3 In the Information tab, find the Change MAC Address frame. Enter new MAC address in the field and click Change Now! button. You may even click Random MAC Address button to fill up a randomly selected MAC address from the vendor list available.
4 To restore the original MAC address of the network adapter, select the adapter, click Restore Original button in the Change MAC Address frame.

NOTE: This tool cannot change MAC address of Microsoft Network Bridge. Network Bridge will automatically use the original MAC address of the first NIC added into bridge with the first octet of MAC address set to 0x02.

Linux bash 方式

NIC (Network Interface Controller, NIC), LAN Adapter, Network Adapter
MAC (Media Access Control) Address
MAC48
EUI48 (Extended Unique Identifier, EUI)
EUI64 (Extended Unique Identifier, EUI)

MAC 地址前三组(octet)被称为 OUI (Organizationally Unique Identifier, OUI)

#
#
ifconfig | grep HWaddr
ifconfig wlan0 down
ifconfig wlan0 hw ether de:ae:fe:ef:c0:ff
ifconfig wlan0 up

参考资料

【FreeBuf字幕组】道德黑客课程-入门到精通<21>-Macchanger(一)
http://open.freebuf.com/subtitle/1266.html

【FreeBuf字幕组】道德黑客课程-入门到精通<22>-Macchanger(二)
http://open.freebuf.com/subtitle/1273.html

HakTip – Media Access Control 101: Fundamentals and Spoofing

• #Network Engineering
• #Penetration Testing
• #内网渗透
• #渗透工具
• #渗透测试
• #网络工程