Change MAC Address on Win2K & XP

From: Kyle Lai (aladin168@hotmail.com)
Date: 11/22/02

  • Next message: Lisa Dokes: "Insurance"
    Date: 22 Nov 2002 22:37:08 -0000
    From: Kyle Lai <aladin168@hotmail.com>
    To: pen-test@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    I konw many of you want to answer "NO" or "ONLY if you can find the
    option in the NIC advanced properties", because that's the answer I heard
    all the time through out my research,

    However, the answer is: YES!!!!!!!!!!

    ALMOST ALL NIC CAN BE SPOOFED, EVEN IF MANUFACTURERS DON'T INCLUDE
    OPTIONS IN THE ADVANCED PROPERTIES.

    I wrote a detailed instruction on how to change MAC address on Windows
    2000 & XP, and you can find it at:

    http://www.kylelai.com/Change_MAC_w2k.htm

    I know there was one discussion before, but that thread offered no
    solutions... I researched for a long time, and I finally discovered the
    solution through Microsoft MSDN Driver Development Kit (DDK) and Win2K
    resource kit. I have many people tested my instructions, and I haven't
    found a NIC that can't be spoofed. Not to say there isn't one out there.

    The method is to call a DDK function - NdisReadNetworkAddress.

    NdisReadNetworkAddress(...) is called by the network adapter driver to
    obtain a user specified MAC address in the registry. After the driver
    confirmed that there's a valid MAC address specified in the registry key,
    the driver then programs the MAC address to its hardware registers to
    override the burn-in MAC address.

    Not all manufacturers support this function I heard, but like I said, I
    haven't seen one NIC that can't be spoofed. I am interested in learning
    which brand and model can't be spoofed. If you know of any, please send
    me an email.

    I think this discovery might not be new to the device driver developers,
    but it certainly is still a well kept secret to lots of security
    professionals out there. Therefore, I decided to reveal this secret
    because there are too many wrong answers out there.

    I am also writing a free tool, SMAC, to change MAC address on Wnidows
    2000 & XP. I basically plan to incorporate the technique I discovered
    with some other functionalities. SMAC 1.0 is due to release in a few
    weeks. Please check www.kylelai.com for updates.

    Cheers,
    /Kyle
    Kyle Lai, CISSP, CISA
    InfoSec Consultant
    kyle@kylelai.com
    www.kylelai.com

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/



    Relevant Pages

    • Re: best antivirus solution for a Mac.
      ... DVD driver doesn't play nice with the printer driver for some reason. ... > updates for Panther in the last year too. ... > packs and several security updates. ... > I think that it is great that you are productive on a Mac. ...
      (microsoft.public.macintosh.general)
    • >>> MAC SECURITY <<<
      ... mac home security ... free security software for mac ... internet security for mac ...
      (rec.equestrian)
    • Re: the exploit that wasnt
      ... The other Mac Book Pro? ... brought Microsoft into a security discussion about Mac OS X. ... The number of security patches, ... if you were to scan random machines on the internet for a week, ...
      (comp.sys.mac.advocacy)
    • Re: 13 MASSIVE holes found in Safari...
      ... And yet Apple releases monthly security updates. ... But most malware use the normal http port, ... that it's OK because he's on a Mac and Macs are 100% safe). ...
      (comp.sys.mac.advocacy)
    • Re: Mac OS X hacked under 30 minutes
      ... a Swedish Mac fan posted a web site that challenged all ... updated it to Mac OS X 10.4.5 and fixed some security issues. ... As there was no cash prize associated with the contest, ... The hacker, known only as "gwerdna," explained what he ...
      (comp.sys.mac.advocacy)