t H e — C o M p L e T e — I n F o


Wireless: Bypassing Mac Filtering – Tutorial

Sometimes you scan the neighborhood for the wireless connections, you see open connections but can not connect to them. Well this is possible because they use MAC filtering to secure up their network.
I will try to explain how to bypass this protection

NOTE: This is for EDUCATION purpose only to show you it is possible to bypass this security. I am not responsible for unauthorized use of these information.

Requirements :

1- You need some tool for sniffing the traffic. I suggest using Aircrack-ng (http://www.aircrack-ng.org/)
2- You need some tool to change your MAC address. I use MacMakeUp (http://www.gorlani.com/publicprj/macmakeup/macmakeup.asp)

Action On Windows:
First you need to sniff the traffic around you. Open Airodump read the screen and make your selections
For me it is : Interface = 4 Intel Pro® Wireless 2200bg, Interface type =a , Channels=0 (if you want to sniff the traffic in all channels) , Output file prefix : Up to you!, Only Write wep IV’s : y (This will save you some space) then proceed
Edit: ipw2200 will not work under windows, i used an USR usb stick to capture traffic around.

You should see something like this on your screen:
BSSID, First time seen, Last time seen, Channel, Speed, Privacy, Power, # beacons, # data, LAN IP, ESSID
00:**:BF:53:**:**, 2006-12-09 21:29:36, 2006-12-09 21:35:54, 6, 54, OPN , 13, 224, 62, 192.168. 2. 2, AIRTIES
Station MAC, First time seen, Last time seen, Power, # packets, BSSID, ESSID
00:**:F0:BF:**:**, 2006-12-09 21:29:39, 2006-12-09 21:35:40, 16, 79, 00:**:BF:53:**:**, AIRTIES

This tells you that 00:**:F0:BF:**:** is the client connecting to that network so you can confidently assume that it is added on the Allow list. So open MacMakeUp, select your interface and enter this mac adress without the colons. click press and it will cycle your interface.

Next time you try to connect to that network ends up with success smile.gif

In linux you can use
airodump-ng -c 0 -w Prefix eth1
this tells you to monitor all channels on interface eth1 and log them to a file with the Prefix after -w
if you don’t know your wireless cards interface type iwconfig or ifconfig -a

Conclusion :
As you see it is possible to bypass this security precaution. And more important if someone monitors your connection they may be able to get crucial information about you. For example i can see what sites the network clients has been surfing around. MAC filtering must not be trusted for securing your network. You must use password protection in order to secure your network (preferable WPA not WEP, i will explain it in another article). So thats all for today.

desi guy

5 Responses to “Wireless: Bypassing Mac Filtering – Tutorial”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.