Results 1 to 4 of 4

Thread: Bypassing Mac filter

  1. #1
    Junior Member Isohump's Avatar
    Join Date
    Sep 2009
    Posts
    63

    Exclamation Bypassing Mac filter

    Now I have been researching this for a while and no luck .. also lately I've decided to give back everything useful I find to the backtrack community before I go on i want to thank everyone for all their contributions and effort into making all this happen..

    Now like I said before I have been researching this for a while and can't find any useful info.. Now I know that I can use a mac changer but I'm not trying to do that at the moment.. I was also wondering if I can use wireshark to just sniff the arp packets?
    One day your life will flash before your eyes. Make sure its worth watching.

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Yes to the wireshark, but if there is a Mac filter in place you wouldn't have been able to fakeauth to the AP in the first place. That is not your problem (I am, by the way, assuming this is a post related to the other thread I've made posts in - Edit: Didn't see the post you made after mine - the below info is still useful, but I can remove the assumption).

    macchanger is only useful if Mac filtering is actually in place from the start - if you can fakeauth, there is no mac filtering in place because the idea is to stop everything. I cannot, for example, crack my own dev wep network because my hacktop's wifi card is not in the permitted list.

    But, in the event fakeauth fails at the beginning (and it's not SKA), a macfilter may be pertinent - in which case just let airodump run for a while and then read the .cap file to see what you can find coming from the lan*. Or you have to wait for a real client to show.

    *Some routers don't do their mac filtering properly and will permit ethernet-side Mac address' on the wifi interface. I see this about 10% of the time on small business (i.e. "cheap-ass") routers, but never on better end stuff.

    Have a play with macfiltering on your own dev network before you head back out to the client, there are some neat tricks (some of them, for example, fear non-corporate address' like 11:22:33:xx:xx:xx)
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Junior Member
    Join Date
    Sep 2009
    Posts
    43

    Default

    Basically mac Filter works this way: "Check if your mac is in the authorized Mac addresses, if not then byebye"

    Conclusion: Your mac address must be in the authorized list, or you have to user an authorized mac address -> that's the solution we will explore.

    First, you have to sniff Mac addresses connected to the network.

    Once you get a valid address you have two options:

    1- Wait untill the user disconnects and use his addres.
    2- Use a tool such as aireplay-ng to force the user's disconnection and use his address.

  4. #4
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    2

    Question

    Quote Originally Posted by mortis View Post
    Basically mac Filter works this way: "Check if your mac is in the authorized Mac addresses, if not then byebye"

    Conclusion: Your mac address must be in the authorized list, or you have to user an authorized mac address -> that's the solution we will explore.

    First, you have to sniff Mac addresses connected to the network.

    Once you get a valid address you have two options:

    1- Wait untill the user disconnects and use his addres.
    2- Use a tool such as aireplay-ng to force the user's disconnection and use his address.
    any tutorial how to do it

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •