Spoofing wifi hotspot with fake MAC Address
The MAC address is a basic underpinning of how most consumer networks communicate. By changing your NICs MAC address, you are essentially telling the world that the old device no longer exists and that a new device wants to make a connection. There isn't really a way to advertise one MAC address but use another. As far as making it easier, there are tools out there for this.
That aside, let's say you want to create an ethernet packet from scratch and send it out into the wild. (While, as pointed out in the comments, wifi is not ethernet, it can be treated as ethernet when it comes to doing these kinds of things. The documentation talking about constructing ethernet packets apply to wifi as well.) Mostly this means assembling the correct data structures and spitting them out. Doing this on Linux is described here. Doing this on Windows is described here. There are some issues with doing this on wifi as opposed to ethernet. The main one is that wifi adapters (especially cheap ones) will often overwrite the source MAC.
Related videos on Youtube
![Hack Hotel, Airplane & Coffee Shop Hotspots for Free Wi-Fi with MAC Spoofing [Tutorial]](https://i.ytimg.com/vi/taAD2z8spP0/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLCFVZjzKd3WLlRjbD5I4XUscBklng)
10 : 19
05 : 56
06 : 59
01 : 27
03 : 32
17 : 10
01 : 31
Tho Nguyen
Updated on September 18, 2022Comments
-
Tho Nguyen over 1 year
Is it possible just to tell the wifi hotspot that I have a different MAC instead of original one.
Normally I would change my mac address and connect to the wifi hotspot. This way is troublesome because there is short duration that my computer got disconnected and reconnected to the hotspot since the mac address has changed. I just want to trick the wifi hotspot that there is a client with specified mac address in the network. It is more or less like a way to do Mac Flooding
-
Ron Maupin over 8 yearsWhy do you think we would help you mount an attack on a Wi-Fi hotspot? This could get you into legal trouble. -
Tho Nguyen over 8 yearsI'm not attacking anything, I think explaining it like that would make it easier to understand. My usecase is much different.
-
Ron Maupin over 8 yearsSpoofing ARP is an attack on the network, and it can cause all sorts of network problems. It's one thing to change your MAC address, but spoofing a MAC address is a network attack.
-
-
Ron Maupin over 8 yearsInstead of ethernet, you should say Wi-Fi since they are two completely separate LAN types, Yes, they both use 48-bit MAC addresses, but the frames and communications are very different, and they are handled by two separate IEEE committees.
-
Tho Nguyen over 8 yearsI don't want to change the mac address of my NIC, I just want to fool the wifi hotspot that there is a device with a specific mac address want to connect to it. I don't really need to establish the connection between my workstation and the hotspot. I think it has something to do with ARP, or IMCP protocol. Actually, there is a lot of tool out there to change the mac address, or a simple command
ifconfig eth0 ....could do it, however, this is not what I want. -
Ouroborus over 8 years@RonMaupin 802.11 is designed such that it can be treated as though it were ethernet.
-
Ron Maupin over 8 years@Ouroborus, what does that even mean? It is a completely separate LAN type (IEEE 802.11) from ethernet (IEEE 802.3), token bus (IEEE 802.4), token ring (IEEE 802.5), FDDI (IEEE 802.8), etc. All are interoperable with translating bridges, and all look, to the OS, like a LAN. You wouldn't call token ring ethernet any more than you would call Wi-Fi ethernet. They are all different LAN types, and they all use 48-bit MAC addresses.
-
Ouroborus over 8 years@RonMaupin And that's the point, isn't it? From the OS's perspective, they behave and can be treated as ethernet. This goes so far as to mean you can code as though you were on ethernet and it'll just work.
-
Ouroborus over 8 years@RonMaupin That said, if you think there could be better phrasing, feel free to submit an edit.
-
Ron Maupin over 8 years@Ouroborus, you are writing about "a basic underpinning of how ethernet works" for something that isn't ethernet. How ethernet or Wi-Fi work have nothing to do with how the OS sees a LAN technology. Ethernet has a single frame type, but Wi-Fi has over a dozen. An ethernet frame has two MAC addresses, while a Wi-Fi frame can have up to four. Ethernet and Wi-Fi frames are incompatible and must be translated when you move from wired to wireless. You are answering an apples question using oranges.
-
Ouroborus over 8 years@RonMaupin I understand your concern about terminology. As for the technologies themselves, what you're talking about about sounds like theory as far as OP's topic is concerned. The practical view is, when creating raw packets to be sent to a driver, a number of the differences you describe are ignored. The only part that really matters in this specific scenario is that you can arrange the correct number of bits in the correct order, ranging from the first of a pair of MAC addresses to the end of the payload. Technical details outside of that aren't relevant in the scenario the OP asks about.
