[kismac] Re: Spoofing MAC Address on Tiger

  • From: "Jorge Laranjo" <jorge.laranjo@xxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Sat, 2 Sep 2006 11:32:08 +0100

So, I do a de-auth with DWL-122 and try to join usign the AirPort? :-D

On 9/2/06, devnullian@xxxxxxx <devnullian@xxxxxxx> wrote:

That is a possiblity, but... have you tried looking at the traffic in ethereal? It's not uncommon for people to run APs completely open (i.e., no WEP, WPA, etc.) but then use VPN software and limit access to only clients authenticated by VPN. If you can join the AP, but you can't do anything after that, try portscanning the default gateway, and check to see if those ports correspond to known VPN ports. OpenVPN, for example, uses port 1194 by default. If the target network is using a VPN, and you look at it in ethereal, it should tell you that the traffic is SSLed or IPsec'ed.

On the other hand, if there is no VPN involved, then the AP is probably
ignoring your attempts to connect because of the client already on there.
If the client is 802.11b and you're feeling rude, you can try to de-auth
them with KisMAC

devnullian


On Sep 1, 2006, at 8:03 PM, Jorge Laranjo wrote: I've tryed that. Is it possible that since one of those clients is connect to the AP I can't connect using it MAC ?

I'm on a PPC iBook G4 12'' 1Ghz runnig Tiger 10.4.7

On 9/2/06, devnullian@xxxxxxx <devnullian@xxxxxxx> wrote:
>
>
> Oh, if you were asking what MAC to set your airport to, you want one that
you've seen sending traffic to that AP (look in KisMAC's details screen).
>
>
> Devnullian
>
>
>
> On Sep 1, 2006, at 6:35 PM, Jorge Laranjo wrote:
>
>
> Ok, I tryed that and since the network was on the auto-join list.
>
> But if it is not? And how can I have 100% sure the MAC address to spoof?
Thanks.
>
>
> On 9/2/06, Jorge Laranjo <jorge.laranjo@xxxxxxxxx > wrote:
> >
> > But the questions is: I was probing the networks with my DWL-122 and AE.
> > Then, when I found a open network I spoofed my AE but then the icon of
the AE turn into the usual icon with a arrow on it (on the menu).
> >
> > And I can't join a network. So I need to do it with the AE turned off?
I'll try that.
> >
> >
> >
> >
> >
> > On 9/2/06, devnullian@xxxxxxx <devnullian@xxxxxxx> wrote:
> > > Yes, this is most likely your problem.  To elaborate, SpoofMac will
> > > not work if you have connected to any networks since your last
restart.
> > > Depending on your level of paranoia, deleting all of your auto-joined
> > > networks can be a good idea. Why?  Because some crafty guys created a
> > > wireless attack program called "karma" that can attack you if you
> > > have auto-join networks.  Karma works by listening as your wireless
> > > card probes for the networks in your auto-join list.  It then creates
> > > a network with the same SSID as one of your auto-join networks, which
> > > your Mac will dutifully connect to.  At this point you may be subject
> > > to driver exploits (if they exist... this is an open question, as
> > > anyone who subscribes to the securityfocus wireless list will know)
> > > or anything else the attacker wants to do.
> > > So, think about wether the convenience of auto-joining networks is
> > > worth this risk (which it very well could be, it's your decision).
> > >
> > > Devnullian
> > > On Sep 1, 2006, at 4:32 PM, John Warren wrote:
> > >
> > > > if yo uautomatically join networks then spoof mac has
problems.  Many
> > > > people say to delete all of your auto-joined networks.  Search
online
> > > > about it, but my suggestion is to turn off airport, restart machine,
> > > > run spoofmac, turn on airport.  Works for my iBook G4 w/ AE.
> > > >
> > > > On 9/1/06, Jorge Laranjo < jorge.laranjo@xxxxxxxxx> wrote:
> > > >> Hi! How to spoof my MAC address using Tiger? is that some networks
> > > >> are MAC
> > > >> Address controled or safe...
> > > >>
> > > >> SpoofMac is not useful since I think that does the spoofing but
> > > >> turns my
> > > >> AirPort in something strange and I can't connect to a network.
> > > >>
> > > >> Many thanks.
> > > >>
> > > >> --
> > > >> Atentamente,
> > > >> Jorge Laranjo
> > > >>
> > > >> email> jorge.laranjo@xxxxxxxxx
> > > >> gTalk > jorge.laranjo@xxxxxxxxx
> > > >> msn > jorgelaranjo@xxxxxxxxxxx
> > > >> aim > jorge.laranjo@xxxxxxx
> > > >> skype> jorge.laranjo
> > > >>  http://www.olhares.com/fueg0/
> > > >> http://www.flickr.com/photos/fueg0/
> > > >
> > >
> > >
> > >
> >
> >
> >
> >
> > --
> >
> > Atentamente,
> > Jorge Laranjo
> >
> > email> jorge.laranjo@xxxxxxxxx
> > gTalk > jorge.laranjo@xxxxxxxxx
> > msn > jorgelaranjo@xxxxxxxxxxx
> > aim > jorge.laranjo@xxxxxxx
> > skype> jorge.laranjo
> > http://www.olhares.com/fueg0/
> > http://www.flickr.com/photos/fueg0/
>
>
>
> --
> Atentamente,
> Jorge Laranjo
>
> email> jorge.laranjo@xxxxxxxxx
> gTalk > jorge.laranjo@xxxxxxxxx
> msn > jorgelaranjo@xxxxxxxxxxx
> aim > jorge.laranjo@xxxxxxx
> skype> jorge.laranjo
> http://www.olhares.com/fueg0/
> http://www.flickr.com/photos/fueg0/
>
>



--
Atentamente,
Jorge Laranjo

email> jorge.laranjo@xxxxxxxxx
gTalk > jorge.laranjo@xxxxxxxxx
msn > jorgelaranjo@xxxxxxxxxxx
aim > jorge.laranjo@xxxxxxx
skype> jorge.laranjo
 http://www.olhares.com/fueg0/
http://www.flickr.com/photos/fueg0/



--
Atentamente,
Jorge Laranjo

email> jorge.laranjo@xxxxxxxxx
gTalk > jorge.laranjo@xxxxxxxxx
msn > jorgelaranjo@xxxxxxxxxxx
aim > jorge.laranjo@xxxxxxx
skype> jorge.laranjo
http://www.olhares.com/fueg0/
http://www.flickr.com/photos/fueg0/

Other related posts: