Macchanger Utility, and Usage

Exploring the Command Syntax

Posted by Scott Bollinger / @kfalconspb on July 30, 2018 #Security

Exploring Macchanger

Used it before, but nothing beyond changing the MAC, and moving on? In this lab, the macchanger command syntax is walked through.

The purpose for these exploration labs, is to get familiar with common tools, Operation Systems, and technologies.

Purpose

The purpose of macchanger by Alvaro Lopez Ortega https://github.com/alobbs/macchanger "GNU MAC Changer is an utility that makes the maniputation of MAC addresses of network interfaces easier." README

Usage

One of the most important things to know is how to find more information. Applications will usually have a help syntax to obtain more information.

Executing macchanger with the syntax option of -h will list the options available.

At the prompt type: macchanger -h

macchanger -h

Next, I like to review, is the man page for the application, to learn additional details not generally put in the syntax help.

At the prompt type: man macchanger

man macchanger 01

man macchanger 02

In the below video, I walk through the different options of macchanger.

Macchanger Utility Command Syntax WalkthroughMacchanger Utility Command Syntax Walkthrough

macchanger command syntax

Why

Why change the MAC address? Obviously it's there for a reason. There are reasons to change it as well.

A couple of those reasons are:

  • Blend in - If all the devices on the network are Apple MAC addresses , an attackers machine with another vendor will standout.
  • Masquerade - Pretending to be an device already approved to be on the network, such as in a MAC filtered wireless lan.

The BIA option, seems interesting as it was unknown to me previously. It would be interesting to see if VMware addresses have that locally administered bit set, but that's for another lab.

Thanks,

Scott Bollinger / @kfalconspb