Uncategorized

Batch MAC Spoofer

Windows has always been restrictive compared to Linux. While Linux developers are benefiting from the power of pure hardware, Windows users, on the other hand, were given GUI based user experience, which depends on API calls, not giving the vibe of full control. Even though Windows doesn’t seem like an OS with ultimate customizability, there are still ways for achieving some Linux-ish tasks on Windows. Talking about tasks, this project is based on the tool “macchanger“, which is working on Linux, to give similar functionality to Windows machines. You can eventually download the source code immediately but I recommend you to take a look at the information about MACs and this script below. πŸ˜€

Disclaimer

This tool is intended to teach IT Security enthusiasts about network security implementations. Any illegal activity is not our responsibility.

What Is A MAC Address?

The MAC ( Media Access Control ) is a unique identifier number for network interface cards ( NIC ). MACs are used to detect the location where a network packet should go along with the IP on networks. The difference between IPs and MACs is MACs are always static while IPs can be dynamic according to how and where you connect to the Internet.

The “ipconfig /all” command showing the information about network interfaces on Windows.

Every MAC follows the same rules:

  • Each character is represented in hexadecimal numbers.
  • There are a total of 12 characters, or 6 pairs.
  • Every pair is separated from another with a semicolon.

An example for a MAC Address -> 0E:BF:C8:25:FF:9A:B6

  • If you are a Windows user, you can check yours from the command prompt by typing: ipconfig /all or getmac
  • If you are a Linux user, you can use ifconfig command on the terminal.

Technically, a MAC Address is not alterable. Each one of them is burned into your network interface card. Even though they cannot be changed directly on the hardware, the software side can spoof it. The potential power of spoofing MAC addresses is so valuable since a MAC Address gives a lot of information to anyone who has a technical understanding.

What Can You Infer From A MAC?

MAC Addresses are consist of 2 parts. Each part includes 3 pairs of characters. The first 3 pairs are the most valuable ones because they reveal the information about your device’s manufacturer. A hardware company sets the same pairs onto their similar hardware. Because of this, you can predict what the device is. There is a database that consists of MAC pairs and manufacturer names on the website wireshark.org. The last 3 pairs are for identifying unique devices. This information can still be useful.

With this web-based tool, you can query yours or other people’s MAC address.

MAC Spoofing On Windows

The trick behind scenes depends on the Windows Registry, where much information is stored about the machine and users. The script simply finds where the information about your network card is stored which you selected. And then changes the value in the registry with the one you specified in the script.

Registry is the location of many information about the machine and the users. Many things can be altered or viewed.

Including MAC Addresses. πŸ™‚

The Usage

You have to run the script with administrator privileges. Writing to registry requires admin rights.

The script simply welcomes you with the interface selection screen, where you specify the interface you wish to use if you have more than one. If you have only a single interface, the script automatically sets it as default.

Note: This script only works with wireless interfaces, do not expect any functionality with ethernet cards.

Detection and selection of the interface.

Then the main menu pops up. You have the option to select your interface later. You can also plug in any new/external interface and select it later on the interface selection page.

The look of the main menu.

After typing “macspoof”, you have 3 options, you can randomize the MAC, define it with your custom MAC, or revert to its original static form. Be careful when typing the custom MAC, Windows accepts only some patterns for new MACs. Do not put semicolons between pairs, and do not use any character different than E, A, 2, or 6 while typing the second character. Example:

0ABBCCDDEEFF -> The second char is A so it is valid.

EXBBCCDDEEFF -> The second char is X so it is invalid.

a6bbccddeeff -> The second char is 6, and lower case values are also accepted so it is valid.

aa11bb22cc33dd -> Length is longer than 12 chars so it is invalid. Shorter lengths are also not accepted.

The spoofing screen showing options.

A Demonstration Video By TUX

Note: This video shows the script version 1.0.0 which doesn’t include the custom-defined MACs. This feature came after the update 1.1.0.

GitHub Repository

6 thoughts on “Batch MAC Spoofer

  1. This type of program can be used maliciously, especially when the source code is visible and can be used by others. I have temporarily delisted the article. If you can update it and remove any download link as well as disclaim it’s potentially malicious usage, we can re-consider uploading it to our site. Thank you for your cooperation.

    1. Thanks for your feedback. I understand your concerns but if I remove the download link, this article will mean nothing in my opinion. This tool is intended for the network enthusiastics, and it is much more innocent compared to brute forcer. If you are certain that this project cannot be shared in this website, than I will remove the brute forcer too. Sorry for my tough manner but I really wanted to share this project.

  2. What a great creation.

    what is most enjoyed is… the creation, its simplicity, user friendly usage, The Design and looks of the output on screen is amazing. Really loved the video demo as well.

    keep up the good work.

Leave a Reply