Jump to content

MAC Spoofing


oscaringosv

Recommended Posts

  • 3 weeks later...
Posted

Confirming it is random.

First I have this:

Quote

root@shark:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 86:72:96:71:C3:3C  
          inet addr:172.16.24.1  Bcast:172.16.24.255  Mask:255.255.255.0
          inet6 addr: fe80::8472:96ff:fe71:c33c/64 Scope:Link

Then after Shark Jack reboot this:

Quote

root@shark:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 2E:AF:43:F2:3E:22  
          inet addr:172.16.24.1  Bcast:172.16.24.255  Mask:255.255.255.0
          inet6 addr: fe80::2caf:43ff:fef2:3e22/64 Scope:Link

 

  • 4 weeks later...
Posted
On 10/29/2019 at 7:24 AM, PaPPy said:

Can something like macchanger be used to change it?

Are you wanting to set the address to a specific MAC for access to a restricted network? 

Posted

Yes. The network uses port security. So the idea is get the mac of a plugged in system (been looking into this via other posts on this forum). Then set it on the shark jack, to run payloads. 

Posted

Yes, this is doable using the macchanger utility. If it's not included in 1.0.1, it will be included in the forthcoming 1.0.2 which will introduce the NETMODE command for dhcp server, dhcp client, and transparent modes.

  • 2 months later...
Posted
On 11/1/2019 at 11:53 PM, Darren Kitchen said:

Yes, this is doable using the macchanger utility. If it's not included in 1.0.1, it will be included in the forthcoming 1.0.2 which will introduce the NETMODE command for dhcp server, dhcp client, and transparent modes.

An upvote if this could be included please 

I have tried using the jack on an engagement for where I knew a trusted lansweeper machine - where the jack's portscan and exfil would have been whitelisted by the SIEM   

Posted
11 hours ago, UnshakeableSalt said:

An upvote if this could be included please 

I have tried using the jack on an engagement for where I knew a trusted lansweeper machine - where the jack's portscan and exfil would have been whitelisted by the SIEM   

Uhh you can already change the MAC.. Just needs a work around in the payload..

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...