|||
Used it before, but nothing beyond changing the MAC, and moving on? In this lab, the macchanger command syntax is walked through. The purpose for these exploration labs, is to get familiar with common tools, Operation Systems, and technologies.
The purpose of macchanger by Alvaro Lopez Ortega https://github.com/alobbs/macchanger “GNU MAC Changer is an utility that makes the maniputation of MAC addresses of network interfaces easier.” README
One of the most important things to know is how to find more information. Applications will usually have a help syntax to obtain more information. Executing macchanger with the syntax option of -h will list the options available. At the prompt type: macchanger -h
macchanger -h
Next, I like to review, is the man page for the application, to learn additional details not generally put in the syntax help. At the prompt type: man macchanger
man macchanger
In the below video, I walk through the different options of macchanger.
Macchanger Utility Command Syntax Walkthrough
Why change the MAC address? Obviously it’s there for a reason. There are reasons to change it as well.
A couple of those reasons are:
Blend in - If all the devices on the network are Apple MAC addresses , an attackers machine with another vendor will standout.
Masquerade - Pretending to be an device already approved to be on the network, such as in a MAC filtered wireless lan.
The BIA option, seems interesting as it was unknown to me previously. It would be interesting to see if VMware addresses have that locally administered bit set, but that’s for another lab.
