spoof your MAC address

When you connect your computer to any network, there are typically two options for how it gives you an IP address – a static IP or a dynamic IP (DHCP). The computer remembers who you are by your MAC address, which is an address unique to your hardware. This address typically lasts as long as the hardware does; an example of an address is 00:20:12:34:56:78. By learning how to spoof your MAC address, you’re effectively hiding one of the most frequent ways you’re tracked!

In Windows, open a DOS prompt by going to “Run…” and typing cmd and hitting enter. In that window, type

ipconfig /all

and you’ll see all of your network interfaces listed. Under Ethernet Adapter, note the Description field of the one you want to change. Now go to Control Panel -> System -> Hardware tab -> Device Manager. In Device Manager, open network adapters and choose the network card you want to change, right click and choose “Properties”. Under Advanced click on Network Adapter and choose a value by selecting the text box and writing “001122334455” in it. Once you click OK, when you go back to your DOS prompt and type ipconfig /all you should see your new MAC address listed. I was told there are a few devices that don’t allow you to spoof on Windows, please let me know if you come across one of these.

On any UNIX based-computer you can find yours with the command “ifconfig”. You can type “man ifconfig” for the long manual on the command ifconfig (hit q to exit a man page!).

For MacOSX users, go to Applications ->Utilities -> Terminal and type “ifconfig en0″ to learn your MAC address associated with your current IP.  If you have a wired and wireless card, it will likely show your wireless card as en1. (computers start counting at 0 instead of 1).

Certain changes to your computer should only be authorized by you as the owner of the machine, AKA “superuser.”  Whenever you need to run a command as superuser, you can first state this action as being requested by “sudo” and then enter your password when prompted.  Before following the following steps, you need to disassociate yourself from your access point. For example, if you wanted to change your address, you could type the below:

$ sudo ifconfig en0 ether 00:20:de:ad:be:ef

Then type the command below to confirm:

$ sudo ifconfig en0 | grep ether

ether 00:20:de:ad:be:ef

The first command above changes your hardware address, otherwise known as spoofing it.

The second command verifies if it works or not. the | grep ether part says take the results of the first command and run them through the find/search command (grep) for any lines with the word ether. Now you should be able to reconnect to the access point, and will track you with your new spoofed MAC address. If you’re familiar with obtaining software from github, check out spoofMAC.

For Linux users, the following assumes eth0, it might be wlan0, check the output from “ifconfig” to confirm your device. Then:

$ sudo ifconfig eth0 down
$ sudo ifconfig eth0 hw ether 00:11:22:33:44:55
$ sudo ifconfig eth0 up

and finally run “ifconfig” again to confirm the changes took place. In Debian/Ubuntu you can make this permanent by adding “hwaddress ether 00:11:22:33:44:55″ to your device’s config in /etc/network/interfaces. On Redhat, add MACADDR=12:34:56:78:90:ab to  ifcfg-eth0. To change MAC address during boot time with MACChanger,add the following line to your /etc/network/interfaces

pre-up macchanger -m 12:34:56:78:90:AB eth0

When you spoof your MAC address, you’ll likely have to restart your wireless access point or internet modem… as they use your MAC address to track you as well!
I’ll leave it up to you to figure out how to change your MAC address often, most commonly every time your computer boots.

Comments are closed.