Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: bypassing mac filters?

  1. #1
    Just burned his ISO
    Join Date
    Jun 2011
    Posts
    7

    Default bypassing mac filters?

    Does anyone know how to bypass a mac filter without spoofing a client, like if there are no clients on the router?

  2. #2
    Member
    Join Date
    May 2011
    Location
    Israel
    Posts
    74

    Default Re: bypassing mac filters?

    It depends on the AP firmware implementation , also in the WPA/WPA2 spoofing and replay attacks are fought with the binding of the keys to the mac addresses.
    Last edited by iliyapolak; 06-19-2011 at 07:09 AM.
    Scientia ac Labore

  3. #3
    Just burned his ISO
    Join Date
    Jun 2011
    Posts
    7

    Default Re: bypassing mac filters?

    Ok, Im testing on my old linksys router and just wanted to try and crack it currently without any protection, new to the whole thing so any help would be great, thanks! I can spoof but wanted to learn how tuo do it withot a client on, and I can't find a lot of info on how to do it.

  4. #4
    Junior Member M00kaw's Avatar
    Join Date
    Oct 2010
    Location
    127.0.0.1
    Posts
    47

    Default Re: bypassing mac filters?

    I dont see how you could connect to an access point with mac-filtering, if you cant find a mac-address to spoof...

  5. #5
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: bypassing mac filters?

    Theoretically you could bruteforce it, however I have not had any luck with that option
    in mdk3, and realistically, its probably better to wait for one to connect ..

  6. #6
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: bypassing mac filters?

    Quote Originally Posted by TAPE View Post
    Theoretically you could bruteforce it, however I have not had any luck with that option
    in mdk3, and realistically, its probably better to wait for one to connect ..
    TAPE is on the ball here, wait or ignore it.

    There have also been flaws in routers in particular routers which may provide their own workarounds - what model is yours?
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  7. #7
    Member
    Join Date
    May 2011
    Location
    Israel
    Posts
    74

    Default Re: bypassing mac filters?

    Theoretically you could bruteforce it, however I have not had any luck with that option
    in mdk3, and realistically, its probably better to wait for one to connect ..
    When WPA/WPA2 is used you cannot impersonate a client because of session tokens binding.
    Moreover spoofing can be prevented easily by simple state machine algorithm for example measuring preamble power of real client over specified time interval and comparing it with spoofed source.
    Last edited by iliyapolak; 06-23-2011 at 06:29 AM.
    Scientia ac Labore

  8. #8
    Just burned his ISO
    Join Date
    Jun 2011
    Posts
    7

    Default Re: bypassing mac filters?

    The router is a linksys WRT54G, and i don't have anyone one in the filter its just an empty list, so would bruteforce work?

  9. #9
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default Re: bypassing mac filters?

    Quote Originally Posted by TAPE View Post
    Theoretically you could bruteforce it, however I have not had any luck with that option
    in mdk3, and realistically, its probably better to wait for one to connect ..
    This sounds like a job for SPIKE and wireshark!

  10. #10
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: bypassing mac filters?

    When WPA/WPA2 is used you cannot impersonate a client because of session tokens binding.
    Moreover spoofing can be prevented easily by simple state machine algorithm for example measuring preamble power of real client over specified time interval and comparing it with spoofed source.
    Well I must be missing something then, I can spoof an approved MAC addy on a WPA2 network just fine,
    just set up a test router (Linksys WRT54G) with hidden SSID, WPA2 AES and no problems spoofing.
    (now connecting straight away with WICD.. thats a different story.. sjeesh.. gotta get back to cli)
    and your 'easy' spoofing prevention... doesnt sound so easy !
    perhaps you have a trial example you would care to share with us .. ?


    The router is a linksys WRT54G, and i don't have anyone one in the filter its just an empty list, so would bruteforce work?
    If you have nothing in the filter.. then there is surely nothing to bruteforce ? All MAC addies should be able to connect ?

    I had a go at it a while ago, forget which type of router I was using at the time, but you should read this
    thread for the response I got from the author of MDK3;
    http://www.backtrack-linux.org/forum...c-filters.html



    Might have another shot with wireshark running to see what's going on exactly.

Page 1 of 3 123 LastLast

Similar Threads

  1. Help bypassing DEP windows XP SP3
    By wasto in forum Experts Forum
    Replies: 4
    Last Post: 01-02-2011, 11:52 AM
  2. Bypassing ASP validaterequest?
    By Liuser in forum Experts Forum
    Replies: 2
    Last Post: 08-18-2010, 05:28 PM
  3. Bypassing Firewalls in Ettercap + Wireshark
    By zals07 in forum Beginners Forum
    Replies: 1
    Last Post: 05-27-2010, 09:11 AM
  4. Bypassing Mac filter
    By Isohump in forum OLD Wireless
    Replies: 3
    Last Post: 01-18-2010, 07:33 PM
  5. Replies: 4
    Last Post: 06-17-2009, 01:04 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •