Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India
In this tutorial we will be looking at how to bypass MAC filtering on a wireless network. MAC filtering is often used as a security measure to prevent non whitelisted MAC addresses from connecting to the wireless network. With MAC filtering you can specify MAC addresses which are allowed or not allowed to connect to the network. For many occasions this might be sufficient as a security measure which makes it a little harder to use the network when the password is known. As a security measure to protect company networks or to prevent networks from being hacked over WiFi, MAC filtering is pretty useless and easy to bypass.
In this tutorial we will be bypass MAC filtering on a TP link router by spoofing the MAC address of a connected client. The connected client’s MAC address is whitelisted, otherwise it would not have been able to connect to the wireless network. We will retrieve the MAC address of connected clients with Airodump-NG on Kali Linux. Then we will be using Macchanger tool to spoof our MAC address, bypass MAC filtering and connect to the wireless network. Hacking the WiFi network password is outside the scope of this tutorial. You can have a look at the following WiFi hacking tutorials and tools to learn how to retrieve the password (and prevent this from happening):
First we will be configuring the MAC filter in the router settings. We will be adding one client to the whitelist:
Let’s try to connect from another client in Kali Linux 2.0:
Even if we use the right password is does not allow us to connect to the wireless network. We end up in an endless loop without authentication. This tells us the MAC filtering is active and working like a charm.
First we have to put our WiFi adapter in monitoring mode using Airmon-ng and kill all the processes Kali Linux is complaining about:
airmon-ng start wlan0
Then we launch Airodump-ng to locate the wireless network and the connected client(s) using the following command:
airodump-ng –c [channel] –bssid [target router MAC Address] –i wlan0mon
Airodump-ng now shows us a list of all connected clients at the bottom of the terminal. The second column lists the MAC Addresses of the connected client which we will be spoofing in order to authenticate with the wireless network.
Now that we know a MAC address that is whitelisted in the TP Link router settings we can use it to spoof our own MAC address in order to authenticate with the network. Let’s spoof the MAC address of your wireless adapter but first we take down the monitoring interface wlan0mon using the following command:
Airmon-ng stop wlan0mon
Now we take down the wireless interface who’s MAC address we want to spoof with the following command:
ifconfig wlan0 down
Now we can use Macchanger to change the MAC address:
macchanger -m [New MAC Address] wlan0
And bring it up again:
ifconfig wlan0 up
Now that we have changed the MAC address of our wireless adapter to a whitelisted MAC address in the router, let’s try to authenticate with the network and see if we can connect:
As you can see we have managed to connect to the wireless network using a spoofed MAC address of a connected client. This tutorial shows us that it was extremely easy to bypass MAC filtering on a wireless network and that MAC filtering in general is useless to protect your network from hackers.
CEHv9 CHFI ECSAv9 CAST ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE , Certified Ethical Hacking , Center For Advanced Security Training in India , ceh v9 course in Pune-India , ceh certification in pune-India , ceh v9 training in Pune-India , Ethical Hacking Course in Pune-India
Extreme Hacking | Sadik Shaikh