Perfect OpSEC - Become Invisible Online

This series is for educational purposes only. To get back to top-level table click here.

Hardware Spoofing

So I'm sure you've heard of a MAC address before, and likely know that it's the unique address attached to every network card. Any network you connect to gets access to this Media Access Control address, which is used in the ARP process for assigning you an IP. Let's say that you've done something of poor taste on a school network that attracts some attention. They can see the MAC address you connected with on that network. Now they're listening on that network, and surrounding networks for the same MAC to start building a profile on you, eventually leading them to you. So anytime we're about to connect to a new network, you need to change:

  • MAC Address
  • Computer Name
  • Hostname This should be done on both your Host machine and whatever VM you're using to actually connect to the network!

Linux

Spoof your Mac Address:

sudo apt-get update && sudo apt-get install macchanger -
sudo macchanger -r wlan0

Note: Obviously only need to install this one, and wlan0 should be replaced for whatever your network interface is. Change Hostname:

sudo hostname MyNewRandomHostname

Windows

Download and install TMAC. GUI is self-explanatory. Change hostname:

  • Go to System and Security settings
  • Change settings under Computer name, domain, and workgroup settings
  • Click change
  • Change to something random

MacOS

Download and install spoof-mac. Then:

sudo spoof-mac randomize en0

Change hostname:

  • System pref
  • Sharing
  • Change Computer Name Then also use terminal to change:
sudo hostname MyNewRandomHostname

Automation

For linux only because, I'm only writing this for a system I care about xoxo. Be sure to change the interface for macchanger to what you need.

### Script
```bash
#!/bin/bash
# Become root
[ "$UID" -eq 0 ] || exec sudo "$0" $@"
# Generate random hostname in Windows format
rnd=$(cat /dev/urandom | tr -dc '[:alpha:]' | fold -w ${1:-7} | head -n 1)
# hostname ctl
hostnamectl set-hostname "DESKTOP-$rnd"
# Overwrite hostname file
echo "DESKTOP-$rnd" > /etc/hostname
sed '/^127.0.1.1/d' < /etc/hosts > tmp$rnd
echo "127.0.0.1        DESKTOP-$rnd" >> tmp$rnd
cat tmp$rnd > /etc/hosts
rm tmp$rnd
macchanger -r wlan0

References