[kismac] Re: MAC spoofing...

  • From: Michael Rossberg <mick@xxxxxxxxxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Tue, 4 Mar 2003 15:17:09 +0100

> if you just want  to inject traffic there a other way call nemesis .
> http://www.packetfactory.net/Projects/nemesis/
> the problem is that they claim not to support mac os x during the
> compilation (but they claim to support it in there web site ...).
> I was not able to succesfully compile it (libnet was ok but not 
> nemesis) ,
> if you succed , please let me know.

this wont help you with mac authentication. nemsis expects a working 
connection, and this connection has to be authenticated using a faked 
mac address. so it wont get you anywhere. what we need is an opensource 
airport driver.

>>>>> I'm wondering if it would be possible to add MAC Spoofing 
>>>>> capability
>>>>> to KisMAC? Or if anyone knows of any way to spoof the MAC on a OS X
>>>>> system. I'm interested in using it for some wireless testing.
>> actually macjack has this capability. but it does not help you, since
>> there is no way to open a connection.
>> there is no way to do this on a airport card.
>> what can you do:
>>     -  patch the wireless driver to support mac spoofing. i always
>> wanted to do that.
>>     -  upgrade the firmware of a prism2 card and burn another MAC
>> address into it.
>> what probably wont work:
>>     -  patching your kernel. ( because the airport driver is not part 
>> of
>> the kernel and not opensource either )
>> ==> if you have an airport card you are screwed. if you have a prism
>> card, there is some work todo.
>>>> In order to spoof a MAC address on the mac you need to rebuild your
>>>> kernel, but DHCP is not supported, so it is pretty much rendered
>>>> useless.  Also, your airport card has its own MAC, so I'm not sure
>>>> that
>>>> this would be of any use for wardriving.
>>> This is of great use for accessing BaseStations that are using MAC
>>> Address-based authentication.  Awesome part is with a wireless 
>>> sniffer
>>> like KisMAC you can also see the MAC addresses of users on that
>>> basestation to clone, so you know where to start.  And if DHCP is not
>>> available... well then shit, it's not like every basestation happens 
>>> to
>>> work on 192.168, or 10.10, and it's not like all of their basestation
>>> IP
>>> addresses aren't the base-ip of that range ( /
>>> that
>>> would be ludicrous, lol.  Go wardriving a bit man, you'll see.  =)
>>> When
>>> you come to a odd basestation you can't associate with properly, and 
>>> it
>>> doesn't require a password, 4 times out of 5 it is using MAC
>>> authentication.
> "Doigt de pied ... "

Other related posts: