Results 1 to 8 of 8

Thread: Trouble connecting after spoofing MAC

  1. #1
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    5

    Default Trouble connecting after spoofing MAC

    Hello, first off I'd just like to say I'm glad to have joined the forums, I've been reading for a couple years now but never bothered to actually join until now...

    Anyways, running BT3 off of an SD card on an Asus EEE 900HA, I am unable to connect to any AP after spoofing my MAC address, whether I am connecting from Konsole or the Wireless Assistant. I have tried several different variations of doing it, such as

    Code:
    wlanconfig ath0 destroy
    ifconfig wifi0 down
    macchanger --mac 00:11:22:33:44:55 wifi0 (i have tried ath0 as well)
    wlanconfig ath0 create wlandev wifi0 wlanmode managed
    ifconfig ath0 up
    ifconfig wifi0 up
    I have also tried

    Code:
    ifconfig ath0 down hw ether 00:11:22:33:44:55
    ifconfig ath0 up
    and a few other variations, all to no avail. Some attempts even leave me with a "connection failed" message from the Wireless Assistant immediately after trying to connect. However, I did notice that as soon as I have logged in to BT3, I am already connected to my neighbor's open AP. Could this be somehow contributing to my problem?

    Any help is greatly appreciated. I'm no stranger to linux, but MAC spoofing is completely new to me.

    Thanks in advance!

  2. #2
    Good friend of the forums
    Join Date
    Feb 2009
    Posts
    356

    Default

    you shouldn't have mentioned the word "neighbour" here.

    And... I don't know where you live but have you checked if what you're doing is legal with yoru police department? Tried calling them asking "hey, I'm trying to steal some traffic here, and some data, passwords, etc, but is that legal?"

  3. #3
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    5

    Default

    In my post, I explained I am merely having trouble connecting to *any* access point, I did not mean that I'm trying to connect to my neighbor's connection. Backtrack is automatically connected to my neighbor's AP as soon as I start up, I didn't mean I was doing it on purpose. I only mentioned it because I thought it may or may not be screwing with my dhcp settings.

    I set up my own AP to test on that has no WEP, only MAC filtering. Purely for my own testing purposes, I'd like to be able to spoof my MAC to match another computer I have on my network and connect to my OWN access point. I am not trying to steal anything.

    Now, does anyone have any helpful pointers on how to get my card able to connect after spoofing? I've searched through the forums quite a bit and found a few suggestions, but none of them have worked for me thus far.

    EDIT: I've partially fixed my problem, but I'm still having a bit of trouble. If I run,

    Code:
    ifconfig wifi0 down
    macchanger --mac 00:11:22:33:44:55 wifi0
    ifconfig ath0 down
    macchanger --mac 00:11:22:33:44:55 ath0
    ifconfig wifi0 up
    ifconfig ath0 up
    wlanconfig ath0 destroy
    wlanconfig ath0 create wlandev wifi0 wlanmode managed
    ifconfig ath0 up
    dhclient ath0
    it will sometimes connect back to whatever it decided to automatically connect to when I first booted. My main concern is that after running wlanconfig ath0 create wlandev wifi0 wlanmode managed, wifi0's mac stays as 00:11:22:33:44:55 while ath0 will switch to something along the lines of 06:11:22:33:44:55. This is good to know that I've successfully spoofed and reconnected, but it does not help me in the sense that if I wanted to connect to my test AP it would be unsuccessful as ath0's mac will be changed just slightly and I will be unable to pass the MAC filter.

    I'm also fairly certain I'm being redundant with some of my commands when it comes to putting my card down, spoofing, and putting it back up, could this be contributing to my problem as well? I'm getting closer, I just need a nudge in the right direction

    Cheers

  4. #4
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    3

    Default

    Depends entirely on the drivers you're using, with Madwifi drivers I've founded with the EEE-PC I've had to use the wlanconfig to destroy the ath0 device, assign the new MAC address to wifi0 and recreate ath0.

    wlanconfig ath0 destroy
    ifconfig wifi0 hw ether 00:11:22:33:44:55
    wlanconfig ath0 create wlandev wifi0 wlanmode managed

  5. #5
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    5

    Default

    My deepest apologies for bumping my own dead thread, but with recent events I put this problem on the backburner for about a month and haven't had time to pick it back up until now.
    Quote Originally Posted by Dionysus View Post
    Depends entirely on the drivers you're using, with Madwifi drivers I've founded with the EEE-PC I've had to use the wlanconfig to destroy the ath0 device, assign the new MAC address to wifi0 and recreate ath0.

    wlanconfig ath0 destroy
    ifconfig wifi0 hw ether 00:11:22:33:44:55
    wlanconfig ath0 create wlandev wifi0 wlanmode managed
    Thanks for the tip, and sorry about that; I should have mentioned that I am indeed using the default supplied Madwifi drivers.

    However, when I try your suggested commands, I run into this error when trying to use ifconfig to change the MAC of wifi0:
    Code:
    SIOCSIFHWADDR: Invalid argument
    Anyone have any other tips? I've got more than plenty of time on my hands now and would appreciate any help I can get

    Thanks again

  6. #6
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default

    What works for me is ;

    (on start up)
    Code:
    airmon-ng stop ath0
    ifconfig wifi0 down
    macchanger --mac 00:11:22:33:44:55 wifi0
    wlanconfig ath0 create wlandev wifi0 wlanmode sta --bssid
    ath0 should then be created with the above mac addy.

    I do get the msg that --bssid is deprecated and I saw in one of the posts here that there is a different
    command which can/should be used instead of --bssid, but for the life of me can't find it anymore..

    then check the spoofed mac, enter details and then activate.
    Code:
    ifconfig ath0 
    iwconfig ath0 channel <channel #> essid <SSID> ap <bssid mac> key <wep key>
    ifconfig ath0 up
    Hope it helps.

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by lolcrack-ng View Post
    My deepest apologies for bumping my own dead thread, but with recent events I put this problem on the backburner for about a month and haven't had time to pick it back up until now.

    Thanks for the tip, and sorry about that; I should have mentioned that I am indeed using the default supplied Madwifi drivers.

    However, when I try your suggested commands, I run into this error when trying to use ifconfig to change the MAC of wifi0:
    Code:
    SIOCSIFHWADDR: Invalid argument
    Anyone have any other tips? I've got more than plenty of time on my hands now and would appreciate any help I can get

    Thanks again
    The madwifi drivers make it a little tricky to change the mac address to a particular value, because it changes the mac address of the VAPs when it creates them. This is working as designed, and is easy enough to get around but it can trip you up if you're not prepared for it.

    To get around this, you need to change the mac address of the wifi0 interface (the VAP MAC is based on this), and then create a VAP but tell it to not change the MAC of the VAP you create.

    The following should work, if you get errors with macchanger then try taking the wifi0 interface down before running it again.

    Code:
    wlanconfig ath0 destroy
    macchanger -m 00:11:22:33:44:55 wifi0
    wlanconfig ath0 create wlandev wifi0 wlanmode sta -bssid

    Edit: Ummm, yeah, what tape said above The bssid switch is deprecated as tape mentioned, but it still works. Check the command help or the man page for wlanconfig to find the new command - I don't have it handy at the moment.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    5

    Thumbs up

    You guys are awesome! Both of your methods worked without a hitch. Many thanks for your speedy responses and detailed explanations. And here I was thinking this was going to take another good week to sort out. This community never ceases to amaze me with how helpful it is, even to lost noobs like me.

    Thanks again! You'll both be receiving your early Christmas presents via UPS within 3-5 days

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •