Jump to content

AP w/ spoofed MAC address doesn't work


lgq1w2e3
 Share

Recommended Posts

Hi all,



I am working on a project that relies (among other things) on:



- Setting an access point in RaspPi that bridges an ethernet connection from my macbook (check! done!).



- Hard-assigning a MAC address to this access point. (this is where I am having problems).



I was able to set up the whole network, and it works fine. I was also able to change my mac address, using (mainly) ifconfig + ether command. And it also worked. However, after changing the MAC address I cannot connect to such access point anymore with any device. I have tried several different methods, and all have failed.



Am I trying to do something impossible here? Is there any work around to such thing?



Just to know. I am changing the MAC address using the following lines:



sudo service ifplugd stop


sudo ifconfig wlan1 down


ifconfig wlan1 hw ether [MAC ADDRESS]


sudo service ifplugd start




And the AP is set up by a bridge between the eth0 and wlan1.



Thank you!


Link to comment
Share on other sites

I would say start by not having the other radio actively monitoring. Only have your one AP radio using its default mac address, start it and try to connect to it. Take things from there.

Link to comment
Share on other sites

Hi Cooper, thanks for your answer.

I already did like you suggested, and even without having the second device running in monitor mode, I still was not able to assign an specific MAC address to my access point that is able to be connected afterwards. Meaning: I do can assign an specific mac address, but when I do so, no other device can connect to it (it appears on the lists, but it can't be connected, seems like the other devices can't gain an ip).

Link to comment
Share on other sites

You're missing the point.

You should first verify that you can connect to the radio running as an AP when you DIDN'T change the MAC.

Once you've verified that this works you try to change the MAC and try again.

The goal is to have a working situation first, then change things 1 item at a time until something doesn't work as expected. You then know where to start looking for a solution.

Link to comment
Share on other sites

Understood, I misinterpreted your suggestion.

I have already done that. Step by step. Without changing the AP's MAC it works perfectly as expected (even when having the other device as Monitor). However I could not, in any circumstance, create a bridge AP with a specific "hand-assigned" MAC address that works.

Maybe I should rephrase my question: is it possible to create an AP with a hand-assigned specific MAC address? If so, how?

An example: I want to be able to enter on wiggle.net, pick up any valid MAC address, assign that to my local Access Point, and make it work as a normal wireless router.

Thanks.

Link to comment
Share on other sites

I wouldn't be surprised if some radios simply don't allow you to change the MAC address at all.

To quote the ifconfig man page on the 'hw' parameter:

Set the hardware address of this interface, if the device driver supports this operation.

See what your system log says when you try to set the MAC address.

You could also see what packets fly by before and after the MAC change when trying to connect and see which side decides it's a no-go. My guess is that once the MAC change fails, it should still work using the original MAC address.

One thing though... Why is changing the MAC address a big deal to begin with? Isn't the correct ESSID (network name) sufficient?

Link to comment
Share on other sites

The MAC changes perfectly, my driver does support this operation. I will try looking at the packets as you have suggested. Thank you!

I am doing a similar application as this one: http://hackaday.com/2013/08/27/spoofing-wifi-ap-based-geolocation/

However, the spoofing does not work so well as described in that post (it only works on some circumstances), so I am trying to, in addition of doing what the above link describes, also make an internet bridge available with a spoofed mac address to see if the geolocation spoofing works better that way.

Link to comment
Share on other sites

Hi Cooper,

I managed to do it. I have discovered that the problem was simply that I needed to reboot HOSTAPD before turning on the ifplugd again. Code:

sudo service ifplugd stop

sudo ifconfig wlan0 down

macchanger --mac=00:00:00:00:00:00 wlan0

/etc/init.d/hostapd restart

sudo ifconfig wlan0 up

sudo service ifplugd start

Although I have solved this (and thus this topic can also be closed), I still wasn't able to spoof the geolocation to connected devices. It seems that this theory here and here are both wrong, or at least they work only in very specific cases, and not general as I've wanted.

Thanks!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...