Site Tools


marc:linux:hacking

This is an old revision of the document!


Hacking howto

Spoofing Ethernet Mac address:

To spoof the MAC address of the NIC we can use a ifconfig and ip. Remember that spoofing the MAC address using these tools is only done in RAM; a reboot will return the MAC address to the actual hardware address.

using ifconfig:

ifconfig (to find device)
ifconfig wlan0/eth0 down
ifconfig wlan0/eth0 hw ether 00:11:22:33:44:55
ifconfig wlan0/eth0 up
ifconfig (to check)

using ip:

ip link show interface (where interface is the name of the nic)
# this will give you the mac address: link/ether xx:xx:xx:xx:xx
ip link set dev interface down (where interface is the name of the nic)
ip link set dev interface address 11:22:33:44:55:66
ip link set dev interface up
ip link show interface # to check

Capturing traffic:

In order to hack a (wireless) connection we need to be able to sniff the traffic on a network. For this we need the NIC we use to capture all traffic, including traffic for another destination.

iwconfig
eth0    no wireless extensions
wlan0   IEEE 802.11 ESSID:off/any
        Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
        ...
        ...

Mode:Managed means the NIC only captures traffic meant for its address.

ifconfig wlan0 down                      # bring NIC down
airmon-ng check kill                     # to stop any running processes using the NIC

Killing these processes:
  PID  Name
  719  wpa_supplicant
11318  dhclient

iwconfig wlan0 mode monitor              # capture all traffic

ifconfig wlan0 up                        # bring NIC up

iwconfig
eth0    no wireless extensions
wlan0   IEEE 802.11 Mode:Monitor Frequency:2.412 GHz Tx-Power=20 dBm
        ...
        ...

Now the NIC captures all traffic (Mode:Monitor)

marc/linux/hacking.1642332463.txt.gz · Last modified: (external edit)

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki