When you are making a pentest sometimes you need to be sneaky and have some tricks in your arsenal to cloak yourself in the network. But some sysadmins are skillfull in their incident response and, sometimes (not many in my experience) they found you and try to block your access creating some ACLs for the IP you are using, maybe for your MAC Address.
This script runs on linux and helps you changing your MAC Address in a blink of an eye, this is how it works: you invoke the command and automatically see if you are root, if not it sudo itself to get the needed priviledges, generates a new random mac and installs it in the interface.
-=:)> changemacrandom.sh
For example:
-=:)> changemacrandom.sh eth0
Only root can do that! sudoing...
eth0 Link encap:Ethernet HWaddr 00:15:c5:3d:e9:82
Interface eth0 has new mac:
eth0 Link encap:Ethernet HWaddr 70:e7:84:ca:b2:c5
Restart dhcp client to get a new IP.
The code is really simple:
#!/bin/bash
# Script by Adrian Puente Z. apuente _AT_ hackarandas _dot_ com
# Powered by Hackarandas www.hackarandas.com
# Licensed by GNU GPLv3
# http://www.gnu.org/licenses/gpl-3.0.txt
[ $# -eq 0 ] && echo "Sintax: `basename $0` " && exit 0
[ `id -u` -ne 0 ] && echo "Only root can do that! sudoing..."
if [ "$EUID" != 0 ]; then sudo `which $0` $1; exit; fi
INT=$1
function gennewmac
{
hexdump /dev/urandom | head -3 |\
cut -d' ' -f2 | while read -n 2 i
do echo -n $i:
done | sed 's/::/:/g;s/:$//g'
}
if ifconfig ${INT} 2> /dev/null 2>&1 | head -1
then
NEWMAC=`gennewmac`
sleep 3
if ifconfig ${INT} down hw ether ${NEWMAC} 2>/dev/null
then
echo Interface ${INT} has new mac:
ifconfig ${INT} 2> /dev/null 2>&1 | head -1
ifconfig ${INT} up
echo Restart dhcp client to get a new IP.
else
echo "Error changing MAC to ${NEWMAC}!"
echo "Try again with the same command."
exit 1
fi
else
echo "Interface ${INT} doesn't exists!"
exit 1
fi
exit 0
You can download the script or check other projects i’ve made.
So that’s it. Leave your comments please and happy hacking!
Adrián Puente Z.
hackarandas, hacker, mac changer, Adrian Puente Z., Linux, backtrack, pentest