The officially official Devuan Forum!

You are not logged in.

#1 2017-07-02 18:37:16

GNUser
Member
Registered: 2017-03-16
Posts: 441  

automatic mac address spoofer for wireless network card

If you are paranoid about privacy like me, you will like this little creation of mine.

The script does 4 things:
1. Figures out the name of your wireless network device, kernel module used by your wifi device, and real MAC address
2. Creates a random MAC address, preserving the vendor bits (so that the fake MAC address looks plausible)
3. Create a udev rule to change the real MAC address to the random one
4. "Reboot" the wireless card by unloading and reloading its kernel module, so that you pick up the new MAC address right away

#!/bin/bash

# some variables
icon=applications-system
user=$(users | xargs -n1 | uniq | grep -v root)
export DISPLAY=:0

wifi_device=$(cat /proc/net/wireless | perl -ne '/(\w+):/ && print $1') # ex: wlan0
kernel_module=$(ls /sys/class/net/$wifi_device/device/driver/module/drivers | perl -ne '/:(\w+)/ && print $1') # ex: ath9k
real_mac=$(grep $wifi_device /etc/udev/rules.d/*persistent-net.rules | perl -ne '/address}==\"([0-9a-f:]+)/ && print $1')

# construct new mac address
vendor_bits=$(cut -d ':' -f 1-3 <<< $real_mac)
random_dec1=$( min=0; max=255; echo $(( min+($RANDOM)%(max-min+1) )) ); random_hex1=$(printf "%02x" $random_dec1)
random_dec2=$( min=0; max=255; echo $(( min+($RANDOM)%(max-min+1) )) ); random_hex2=$(printf "%02x" $random_dec2)
random_dec3=$( min=0; max=255; echo $(( min+($RANDOM)%(max-min+1) )) ); random_hex3=$(printf "%02x" $random_dec3)
spoofed_mac=$(printf "%s:%s:%s:%s" $vendor_bits $random_hex1 $random_hex2 $random_hex3)

# create udev rule
echo "ACTION==\"add\", SUBSYSTEM==\"net\", ATTR{address}==\"$real_mac\", RUN+=\"/sbin/ip link set dev %k address $spoofed_mac\"" >/etc/udev/rules.d/75-mac-spoof.rules
udevadm control --reload
udevadm trigger

# show notification
su $user -c "notify-send -t 5000 -i $icon \"MAC address spoofer\" \"Randomizing wifi MAC address to $spoofed_mac. Please wait...\""

# reload kernel module (has practically same effect as a reboot)
rmmod $kernel_module; sleep 3; modprobe $kernel_module

The script needs to be run as root and the only dependency is the libnotify-bin package so that the script can show a notification. You can check that it worked by running ifconfig before and after the script and noting the MAC address of your wireless network card. Because of the udev rule, the spoofed MAC address will survive reboots.

Set this up as an anacron job every few days to get a new MAC address every so often.

Last edited by GNUser (2017-07-02 21:11:32)

Offline

#2 2017-07-05 02:57:14

PeteGozz
Member
From: Woodside South Australia
Registered: 2017-06-21
Posts: 72  

Re: automatic mac address spoofer for wireless network card

Thank you.
There is _much_ here that is useful and good smile

Offline

#3 2018-01-25 20:42:15

siva
Member
Registered: 2018-01-25
Posts: 197  
Website

Re: automatic mac address spoofer for wireless network card

Thank you for sharing this.  My only question is, how does this differ from macchanger?


the thomos project
thomos support thread
cynwulf wrote: "You should get some more sleep and spend less time on forums."

Offline

#4 2019-03-08 18:44:39

freenet_bro
Member
Registered: 2018-12-23
Posts: 10  

Re: automatic mac address spoofer for wireless network card

This script doesn't seem to work for computers connected via ethernet.
Is there a similar script for that or how would I need to modify the script you posted?

Last edited by freenet_bro (2019-03-08 18:44:51)

Offline

#5 2019-03-08 20:39:03

GNUser
Member
Registered: 2017-03-16
Posts: 441  

Re: automatic mac address spoofer for wireless network card

@siva: The script gives user complete control, including ability to use a new fake mac address as often as desired.

@freenet_bro: I simplified and improved the script since I opened this thread.
If you want to change your ethernet interface's MAC address to something different each time you boot, run this simple script as root at boot time:

#!/bin/sh

iface=eth0

# create fake mac, preserving vendor bits:
real_mac=$(ethtool -P $iface | awk '{print $3}')
vendor_bits=$(echo $real_mac | cut -d ':' -f 1-3)
random_dec1=$(shuf --input-range=0-255 -n 1); random_hex1=$(printf "%02x" $random_dec1)
random_dec2=$(shuf --input-range=0-255 -n 1); random_hex2=$(printf "%02x" $random_dec2)
random_dec3=$(shuf --input-range=0-255 -n 1); random_hex3=$(printf "%02x" $random_dec3)
fakemac=$(printf "%s:%s:%s:%s" $vendor_bits $random_hex1 $random_hex2 $random_hex3)

# apply fake mac
echo "applying $fakemac to $iface"
ip link set $iface address $fakemac

If you prefer to keep a fakemac for a few days before changing to a new fake one, run this one as root each boot:

#!/bin/sh

iface=eth0
days=7

# calculate time elapsed since a new fakemac was created
timestamp_file=$HOME/.fakemac.timestamp
fakemac_file=$HOME/.fakemac
[ ! -e "$timestamp_file" ] && echo 0 >$timestamp_file
lastrun_time=$(cat "$timestamp_file")
now_time=$(date +%s)
elapsed_time=$(( now_time - lastrun_time ))

if [ "$elapsed_time" -lt $((days * 86400)) ]; then # use existing fakemac
	 fakemac=$(cat $fakemac_file)
else # create new fakemac, preserving vendor bits
	real_mac=$(ethtool -P $iface | awk '{print $3}')
	vendor_bits=$(echo $real_mac | cut -d ':' -f 1-3)
	random_dec1=$(shuf --input-range=0-255 -n 1); random_hex1=$(printf "%02x" $random_dec1)
	random_dec2=$(shuf --input-range=0-255 -n 1); random_hex2=$(printf "%02x" $random_dec2)
	random_dec3=$(shuf --input-range=0-255 -n 1); random_hex3=$(printf "%02x" $random_dec3)
	fakemac=$(printf "%s:%s:%s:%s" $vendor_bits $random_hex1 $random_hex2 $random_hex3)
	echo $fakemac >$fakemac_file
	echo $now_time >$timestamp_file
fi

# apply fake mac
echo "applying $fakemac to $iface"
ip link set $iface address $fakemac

Either way, make sure to install ethtool, as it's what the script uses to find your real mac address.

FYI, the point of faking only the last three bytes is that the first three bytes identify your interface's manufacturer. You don't want the vendor bytes to be random: Doing so would make your MAC address obviously fake and you would stand out. The scripts take care of this for you.

Last edited by GNUser (2019-03-08 20:54:57)

Offline

#6 2019-03-09 16:27:29

freenet_bro
Member
Registered: 2018-12-23
Posts: 10  

Re: automatic mac address spoofer for wireless network card

cool, the script works.

But I don't know how to run it at boot time.
I've used `chmod +x mac-spoofer' to make it executable and copied it to `/etc/init.d/'.

Have I missed something?

Offline

#7 2019-03-10 13:09:53

GNUser
Member
Registered: 2017-03-16
Posts: 441  

Re: automatic mac address spoofer for wireless network card

I revised the scripts so that they no longer depend on ethtool. Now all the utilities that the script needs are part of a standard installation.

Here is the one that generates a random MAC address at each boot:

#!/bin/sh

iface=eth0

# create fake mac, preserving vendor bits:
real_mac=$(ifconfig $iface | grep ether | awk '{print $2}')
vendor_bits=$(echo $real_mac | cut -d ':' -f 1-3)
random_dec1=$(shuf --input-range=0-255 -n 1); random_hex1=$(printf "%02x" $random_dec1)
random_dec2=$(shuf --input-range=0-255 -n 1); random_hex2=$(printf "%02x" $random_dec2)
random_dec3=$(shuf --input-range=0-255 -n 1); random_hex3=$(printf "%02x" $random_dec3)
fakemac=$(printf "%s:%s:%s:%s" $vendor_bits $random_hex1 $random_hex2 $random_hex3)

# apply fake mac
echo "applying $fakemac to $iface"
ip link set $iface address $fakemac

Here is the version that changes the MAC address every few days:

#!/bin/sh

iface=eth0
days=7

# calculate time elapsed since a new fakemac was created
timestamp_file=$HOME/.fakemac.timestamp
fakemac_file=$HOME/.fakemac
[ ! -e "$timestamp_file" ] && echo 0 >$timestamp_file
lastrun_time=$(cat "$timestamp_file")
now_time=$(date +%s)
elapsed_time=$(( now_time - lastrun_time ))

if [ "$elapsed_time" -lt $((days * 86400)) ]; then # use existing fakemac
	 fakemac=$(cat $fakemac_file)
else # create new fakemac, preserving vendor bits
	real_mac=$(ifconfig $iface | grep ether | awk '{print $2}')
	vendor_bits=$(echo $real_mac | cut -d ':' -f 1-3)
	random_dec1=$(shuf --input-range=0-255 -n 1); random_hex1=$(printf "%02x" $random_dec1)
	random_dec2=$(shuf --input-range=0-255 -n 1); random_hex2=$(printf "%02x" $random_dec2)
	random_dec3=$(shuf --input-range=0-255 -n 1); random_hex3=$(printf "%02x" $random_dec3)
	fakemac=$(printf "%s:%s:%s:%s" $vendor_bits $random_hex1 $random_hex2 $random_hex3)
	echo $fakemac >$fakemac_file
	echo $now_time >$timestamp_file
fi

# apply fake mac
echo "applying $fakemac to $iface"
ip link set $iface address $fakemac

Offline

#8 2019-03-11 01:01:46

GNUser
Member
Registered: 2017-03-16
Posts: 441  

Re: automatic mac address spoofer for wireless network card

@freenet_bro: There are several ways to run the mac-spoofer script (either version) at boot, as root, before connecting to the internet. The two most obvious ones are via cron or via init.

Option 1: Via cron
Open up a terminal and run this command as root: EDITOR=nano crontab -e then add these two lines to the bottom of the file:

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
@reboot /path/to/mac-spoofer

Reboot and enjoy.

Option 2: Via init
There are four steps required, freenet_bro: Put the script in the /etc/init.d directory, make it executable, add LSB headers to top of script, install script links in the /etc/rc?.d directories. You missed the last two steps.

Here is what the script looks like with LSB headers (if you use a network manager other than network-manager, adjust the X-Start-Before line accordingly):

#!/bin/sh
### BEGIN INIT INFO
# Provides:          mac-spoofer
# Required-Start:    $network
# Required-Stop:
# Should-Start:	     
# Should-Stop:       
# X-Start-Before:    network-manager
# Default-Start:     2 3 4 5
# Default-Stop:
# Short-Description: simple mac-spoofer
# Description:       spoof mac address before connecting to internet
### END INIT INFO

iface=eth0

# create fake mac, preserving vendor bits:
real_mac=$(ifconfig $iface | grep ether | awk '{print $2}')
vendor_bits=$(echo $real_mac | cut -d ':' -f 1-3)
random_dec1=$(shuf --input-range=0-255 -n 1); random_hex1=$(printf "%02x" $random_dec1)
random_dec2=$(shuf --input-range=0-255 -n 1); random_hex2=$(printf "%02x" $random_dec2)
random_dec3=$(shuf --input-range=0-255 -n 1); random_hex3=$(printf "%02x" $random_dec3)
fakemac=$(printf "%s:%s:%s:%s" $vendor_bits $random_hex1 $random_hex2 $random_hex3)

# apply fake mac
echo "applying $fakemac to $iface"
ip link set $iface address $fakemac

To install the script links, open up a terminal and type this as root (assuming you named the script mac-spoofer):

update-rc.d mac-spoofer defaults

Reboot and enjoy.

Last edited by GNUser (2019-03-11 12:29:09)

Offline

#9 2019-03-11 10:21:08

freenet_bro
Member
Registered: 2018-12-23
Posts: 10  

Re: automatic mac address spoofer for wireless network card

@GNUser: Thank you very much for the script and the explanation. I really appreciate it.

Offline

#10 2019-03-11 11:42:33

GNUser
Member
Registered: 2017-03-16
Posts: 441  

Re: automatic mac address spoofer for wireless network card

@freenet_bro: You're welcome, glad I could help. It was also good to make the script more general and less complicated.

Offline

Board footer