Fixed Minidwep-GTK Ignores MAC Spoofing

where an argument to the air<>-ng suite need the hardware MAC of the wireless adapter and this has been spoofed with

Code:

Select All

sudo ifconfig wlan0 down
sudo ifconfig wlan0 hw ether 00:11:22:33:44:55
sudo ifconfig wlan0 up

the minidwep-gtk program ignore the spoofed MAC and send the real MAC.

Reproduce by starting minidwep from terminal and observe tty output from /usr/local/bin/minileafdwep/minidwep-gtk.sh when e.g. calling

Code:

Select All

aireplay-ng -F -2 -p 0841 -c ff:ff:ff:ff:ff:ff:ff -b $ap_mac -h $client_mac ...

The -h argument is the TRUE ethernet MAC

Caused by method used to retrieve adapter MAC ?

function monitor_start() in minidwep-gtk.sh

Code:

Select All

        cat /sys/class/net/$interface/address>$path/card_mac
        card_mac=`tail -1 $path/card_mac|cut -c1-17|tr "a-z" "A-Z"`
        echo $card_mac>$path/card_mac
        card_mac=`head -1 $path/card_mac`

Tested on zd1211rw driver. Seen in versions 30419 and 30513 ( same code).

 

I may try macchanger- thank you.

Using minidwep-gtk, I see it try to create first mon0, then mon1 - so it look like it is dirty about unwinding monitor interface for some button presses on the GUI. That may explain why it pick up the real MAC from /sys/class/net/mon0/address not /sys/class/net/wlan0/address. Using

Code:

Select All

sudo ifconfig wlan0 hw ether 00:11:22:33:44:55

change /sys/class/net/wlan0/address but /sys/class/net/mon<x>/address always contain the REAL MAC.

These are not real files - you get an IO error if you try

Code:

Select All

cd /sys/class/net/mon0
sudo chmod 644 address
sudo echo "00:11:22:33:44:55" > address

spoofed MAC manually.