Occasionally in certain situations of LAN exploitation you may need to change your mac address so an attack can't be traced back to your NIC or wireless NIC. Or say for example, you have your system and you are about to enter a LAN, and don't want any logs to trace back to your nic afterwards, then changing your mac address is essential to fool ARP tables.Take note that to do this you need to have sudo privileges on your machine. Then I've written a mac changing script that can help you do just that, the way it works is you call ifconfig to change the address of the interface for you; I use the argparse module to take in arguments and run ifconfig as a subprocess, plain and simple:
def get_arguments():
global interface #pull up the interface global variable
global new_mac #pull up the new mac adress global variable
parser = argparse.ArgumentParser() #call argparse
parser.add_argument("-i","--interface", help = "The name of the interface", dest = "interface")
parser.add_argument("-n","--newMAC",help = "The new MAC address",dest= "new_mac")
args = parser.parse_args() #parse the args
interface =args.interface #set the values for the global variable
new_mac = args.new_mac
def change_mac(interface, new_mac):
print("[+] Changing MAC address for {0} to {1}").format(interface,new_mac)
subprocess.call(["ifconfig",interface,"down"]) #call ifconfig from shell
subprocess.call(["ifconfig",interface,"hw","ether", new_mac])
subprocess.call(["ifconfig",interface, "up"])
result = subprocess.check_output(["ifconfig", interface]) #grab the resulting ifconfig output
new_address = re.search(r"\w\w:\w\w:\w\w:\w\w:\w\w:\w\w",result) # Use a regular expression to filter out the new mac
if new_address:
print(new_address.group()) #choose the the first one in the group of the new object
else:
print("[-] Cannot read MAC address")
get_arguments()
if interface and len(new_mac)==17:
change_mac(interface, new_mac)
else:
print("[*] Error: new MAC address not long enough! Exiting...")
Make sure to chmod +x this!