{ 2009 10 06 }

Defeating MAC Access List on Wireless

Bold indicates a button clicked or key pressed.
“quotes” indicates a value which has been entered.

Grey block quote is a command typed directly into the console.

Purpose

If an 802.11 wireless network ever employs a MAC access list, this is a simple solution for easily defeating this terrible security measure. This already assumes you have BackTrack loaded and a wireless card capable of monitor mode.

Procedures

1.  In a terminal brought up the wireless interface, and turn on airmon as show in Figure 1

figure1
Figure 1: Starting card up in monitor mode.

2. Started airodump-ng to collect a valid MAC address of a collected client as seen in Figure 2.
figure2
Figure 2: Locating an assocated station to mimic.

3.  Copy out a valid MAC address and apply it to the the current wireless interface as seen in Figure 3.

figure3

Figure 3: Mimic the stolen station MAC address.

4. Use this wireless interface to associate to the MAC filtering network with success. If you experience intermittent connection issues, this is because you are sharing a MAC address with another associated client and this can cause unexpected results.

Share
Delicious
Save

Posted by Andrew on Tuesday, October 6th, 2009, at 8:00 pm, and filed under Linux, Network Penetration.

Follow any responses to this entry with the RSS 2.0 feed.

You can post a comment, or trackback from your site.