Hacking Knowledge – The Power of Spoofing MAC Address

I am going to expose an important topic on hacking knowledge that some of you might know and most of you don’t. When you’re going to hack a computer or server on the Internet, you won’t want your IP address to spill out. That’s because your ISP could easy trace you by two simple information which is the time and IP Address. So you’ll need to use proxy or even chains of proxies to avoid being directly traced by the victim’s firewall.

If you think you’re safe hiding behind a proxy server, bad news is most proxy server has logging enabled and your IP address is definitely listed in the log file when you’re connected to it. It is possible that the administrator of the proxy server passes your information to your ISP and you’ll still get caught at the end of the day. Don’t forget, there are still some other important information that can be obtained from an IP Address if a person knows what tools to use.

One of it is your network adapter’s MAC address.

Every network card contains a unique code called MAC address that is permanently assigned to it, similarly like every computer requires a unique IP address to be connected to a network. Although these information can be configured to have the same, it would cause conflict and connection problems. To view your network card’s MAC address, just run the command “ipconfig /all” in command prompt and refer to the value of Physical Address.

One thing you should know is the MAC address on your computer’s network card will not get passed out to the Internet so there is no way a website or an Internet server can capture this information. Only your Internet Service Provider (ISP) can detect the MAC address of your modem or router. So basically your ISP is capable of tracking your location by your IP address, time and the MAC address of your modem or router.

In another scenario, some people may still be using WEP encryption for their wireless network because some old devices don’t support WPA. WEP encryption is very weak and can be cracked in less than 5 minutes using BackTrack Linux. Most of the time they’d also enable a second line of defense which is the MAC address filtering to only allow authorized devices to connect to their wireless network but they’re wrong. A hacker can easily find out the authorized MAC address, change their network card’s MAC address to the authorized ones and poison the ARP cache to prevent the owner’s machine from connecting to it.

Here’s an example of Belkin Play Max F7D4401 v1 router. It has a MAC Address Filtering feature where you can set up a list of allowed clients and use the wireless connection.

Other than that, some time limited shareware such as Hotspot Shield that uses your MAC address to keep track of the free usage. If the trial period has expired or is pending to reset every month, you can easily bypass this restriction by changing your MAC address. I bet by now you should know the power of spoofing your MAC Address. MAC address can actually be changed directly from Windows but the easiest way is to just a free program called Technitium MAC Address Changer.

To change your MAC address, run the program, click the Random MAC Address button followed by the Change Now! button. The update takes effect immediately without a reboot and stays intact even when you boot up the computer tomorrow. To restore back your original MAC address, click the Restore Original button on Technitium MAC Address Changer program.

Download Technitium MAC Address Changer

To manually change your MAC address in Windows 7 without using a third party software, go to Control Panel > System > Device Manager. Expand Network Adapters and double click on the network card that you want to change the MAC address. Go to Advanced tab and look for Network Address in the Property box. Click on it and you can specify your own value with any random 12 characters of letters and numbers.