-=Xploitz=- Tutorial: E-Z Atheros FAKED MAC Internet Connection!

[-=Xploitz=-]

Check your PM andyem...I had a specefic question.

[andyem]

Check your PM andyem...I had a specefic question.

Checked my message and replied.

[andyem]

HEY Xploitz,

I tried it again a few minutes ago and actually at the moment I am surfing using a cloned mac address. I was right.

Here is theory on why it works and how:

My hardware:

Dlink hardware router
Docsis webstar cable modem.

WHY:

1) Your cable modem holds your mac address because this is a feature of docsis modems.

2) Your ISP's DHCP server is setup the following way:
- It assigns an ip address based on your mac address. Reason why this is true is because (supposedly) a NIC address is supposed to be unique. When your booting up using 00:11:22:33:44:55, two things are either happening:

a) The DHCP has a built in blacklist of mac addresses NOT to assign addresses to because the one your using is an obvious fake
b) The address you are using is already in use by another mac in the system, thus it keeps denying you from getting one because the server DOES NOT want to give out the same ip address to two different network cards thus causing an ip address conflict on the network

HOW:

Here are the steps to test a cloned mac:

1) I spoke to you about releasing an ip address back to the dhcp server. In windows the command is ipconfig /release in linux it's: ifconfig eth0 down.

2) EXPERIMENT with a mac address very close to yours by only changing the last hex. For example:

If your address is: 00:13:45:5F:45:45
Change it to: 00:13:45:5F:45:46 <-

Keep experimenting with that last digit only

3) Unplug your modem power and wait a minimum of 30 seconds (1minute to be sure) and then plug it back in. This will remove the association of your previous mac and ip info inside your modems cap file.

4) Plus your modem back in and then execute:

ifconfig eth0 up
dhcpcd eth0

This should now pull an address from your ISP's dhcp server.

DO THE PROCESS over again with only changing the last digit. One of them will work TRUST ME.

[Baxter]

Xploitz
what commands did you use in your script to change mode and mac.
also what commands you using to connect.

[purehate]

andyem,

what your saying makes sense but Im havin the same problem a xploitz. where your theory is off is that I have 3 cards I use with my laptop and when I try to spoof to one of the other cards macs it still doesent work and by your theory it should because a 3 mac address's should be dhcp assigned to my laptop within the cable modem.

[-=Xploitz=-]

Xploitz
what commands did you use in your script to change mode and mac.
also what commands you using to connect.

Im using no script...but these are my EXACT commands from boot up


WITHOUT macchanger COMMANDS OR ifconfig eth0 hw ether COMMANDS!!

ifconfig ath0 down
iwconfig ath0 essid 2WIRE123 key C6E679D9A2 channel 1
ifconfig ath0 up
dhcpcd

I get total internet access this way with my airlink (mac filtering off) ...and the following is what is stored in my dhcpcd-ath0.txt....found in your /etc/resolv.conf file.


IPADDR=192.168.1.101
NETMASK=255.255.255.0
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
GATEWAY=192.168.1.1
DOMAIN='tx.rr.com'
DNS=24.93.41.125,24.93.41.126
DHCPSID=192.168.1.1
DHCPGIADDR=0.0.0.0
DHCPSIADDR=192.168.1.1
DHCPCHADDR=00:18:02:3A:67:14
DHCPSHADDR=00:18:F8:B5:F2: D4
DHCPSNAME=''
LEASETIME=86400
RENEWALTIME=43200
REBINDTIME=75600
INTERFACE='ath0'
CLASSID='Linux 2.6.20-BT-PwnSauce-NOSMP i686'
CLIENTID=00:18:02:3A:67:14


So, with that in hand...I do this with macchanger commands or ifconfig eth0 hw ether COMMANDS!!....

bt ~ # ifconfig ath0 down
bt ~ # macchanger --mac 00:13:10:66:75:E4 ath0
Current MAC: 00:18:02:3a:67:14 (unknown)
Faked MAC: 00:13:10:66:75:e4 (unknown)
bt ~ # iwconfig ath0 essid 2WIRE123 key C6E679D9A2 channel 1
bt ~ # ifconfig ath0 192.168.1.101
bt ~ # ifconfig ath0 netmask 255.255.255.0
bt ~ # route add default gw 192.168.1.1 ath0
bt ~ # ifconfig ath0 up

So I test with firefox...and nothing!
And to top it off,I cant ping a god-damn thing!

[-=Xploitz=-]

4) Plus your modem back in and then execute:

ifconfig eth0 up
dhcpcd eth0

This should now pull an address from your ISP's dhcp server.

DO THE PROCESS over again with only changing the last digit. One of them will work TRUST ME.

Right here is the problem!..you CAN'T, ..(or I've failed to succeed) put macchanger --mac 00:13:10:66:75:e4 ath0 before your ifconfig ath0 up command..EXAMPLE:

Try this andyem and post your results...

When YOU get to step 4...do this instead....

ifconfig ath0 down
macchanger --mac 00:13:10:66:75:E4 ath0
iwconfig ath0 essid 2WIRE123 key C6E679D9A2 (or whatever yours is for your network)
ifconfig ath0 up
dhcpcd ath0

And I promise you you WONT connect because of the god-damn "bug" in macchanger or BT2 FINAL.

Im not arguing about what you said earlier..what you said about your above post...thats true if you power off and unplug your modem you get a new address from your ISP's dhcp server. Im not arguing that at all...But what I am arguing about is the implement of macchanger or ifconfig eth0 hw ether 00:13:10:66:75:e4..THIS is the problem...it seems that you can't connect manually or through dhcpcd with either of the mac changing commands if you use them. Therefore to my knowledge, its IMPOSSIBLE to connect to a network that has MAC filtering enabled..PERIOD.

If anyone can do this...post a video of yourself successfully spoofing a mac and getting online with BT2Final..and I'll pay THE FIRST PERSON posting this video 10 bucks via paypal.

[-~operator~-]

what's the use of the resolv.conf file?

Did you try to change the "DHCPCHADDR" and/or "CLIENTID" field to your spoofed mac? Perhaps the system checks the resolv.conf...

just a suggestion, i am still not that familiar with B|T.

[-=Xploitz=-]

what's the use of the resolv.conf file?

It stores all your dhcp information so you can use it to manually configure your card.

Did you try to change the "DHCPCHADDR" and/or "CLIENTID" field to your spoofed mac? Perhaps the system checks the resolv.conf... just a suggestion

Now thats a good idea...however Im not sure you can change this via BT2 commands except with macchanger or ifconfig ath0 hw ether commands.....HHmmmmm

***EDIT***

Mabey I can edit dhcpcd.info with the fake mac and somehow use it to connect?? But how??

[andyem]

andyem,

what your saying makes sense but Im havin the same problem a xploitz. where your theory is off is that I have 3 cards I use with my laptop and when I try to spoof to one of the other cards macs it still doesent work and by your theory it should because a 3 mac address's should be dhcp assigned to my laptop within the cable modem.

The way I explained is the way I know my ISP works in canada, Bell canada. I'll investigate this further.