Jump to content

PS MAC address visible in mode 1

biob

By biob
in Packet Squirrel

Recommended Posts

biob Newbie

biob

Posted
  • Author
Posted
9 hours ago, Decoy said:

Are you performing any attacks in the network? Or just running tcpdump?

Just running tcpdump. Technically is not a major problem for me, as I only use them at home. 

It doesn’t pick an IP address up(which I expect) , but I can see it in my logs as an active client.

Link to comment
Share on other sites
Decoy Newbie

Decoy

Posted
Posted

You could use CLONE as opposed to TRANSPARENT to see if that resolves your issue. Modify  the payload and try it?

 

Here is a description of CLONE: 

NETMODE CLONE

This network mode clones the MAC address of the target device from the Ethernet In port, spoofing it for use on the LAN from the Packet Squirrel’s Ethernet Out ports.

In practice, when deploying a Packet Squirrel payload with NETMODE CLONE, the MAC address is sniffed from the target (IN) and will change the MAC address on the LAN (OUT) side. This is done by inspecting sniffed packets from the target device and is typically done in just a few seconds.

For stealth deployments, have the Packet Squirrel clone the MAC address of the target device from its Ethernet IN port before connecting the cable to the Ethernet OUT port. The Packet Squirrel will indicate that the MAC address has been successfully cloned by several seconds of rapid white blinking on its LED.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...