Spoofing/Changing your MAC Address

Spoofing/Hiding your MAC Address

Introduction
Windows: BackTrack3 Method
Windows: Clone MAC Addresses Method
Windows: Registry Method (LONG METHOD)
Linux
MAC OS X
MAC OS X 10.5 Leopard

Introduction:
Spoofing is the art of making something appear like something else, in the case of MAC Address it means you hide behind a fake address as to not be seen.
Why would you want to do this? Well... say I was hacking a Network... if I accidently started hacking a skilled computer user's Network, they might get pissed off, find my MAC Addy and suddenly start hacking me back! Or worse yet, report me!
So yes, it can be a very useful technique... and it's relatively easy to do also!

Windows: BackTrack3 Method:
Now, the easiest way to do this is probably with BT3 (Backtrack3) seeing as all you have to do is type in these few commands:
1.) Click the black box in the bottom left corner to open the Konsole window.
2.) Type: "airmon-ng", you should now see the name of your wireless card, remember this.
3.) Type: "airmon-ng stop YourCardName".
4.) Type: "ifconfig wifi0 down".
5.) Type: "macchanger -- mac XX:XX:XX:XX:XX:XX wifi0". (The XX:XX:XX:XX:XX:XX can be any letter/number string, even just X's)
6.) Type: "airmon-ng start wifi0".

Windows: Clone MAC Addresses Method:
Let's check if you have a NIC that supports a method called Clone MAC addresses:
1.) Go to Start>Settings>ControlPanel then go to Network and Dial-up Connections.
N.) In VISTA go to ControlPanel>NetworkandInternet>NetworkandSharingCenter>ManageNetworkConnections.
2.) Right click on the NIC you want to spoof the MAC address of.
3.) Click the Configure button on the General tab.
4.) Click on the Advanced tab.
5.) Under Property you should see a category called either Network Address or Locally Administered Address, click on it.
6.) Now change the Value to the MAC address you want.
7.) Now go into cmd.exe (Run>cmd.exe) and type "ipconfig /all"
If the MAC Address value is now what you just changed it to, Wahey! You get off easy! Just reboot and you're ready to start!
If (more likely) it's not changed/you can't find any of these options go onto the next method.

Windows: Registry Method (LONG METHOD)
This is the Registry method, it's quite a lot more complex but is almost 100% effective.
(Note: This method can destroy your system if done wrong so make sure you have a recent registry backup! [See Step6])
1.) Go into cmd.exe (Start>Run>cmd.exe) and type: "ipconfig /all"
2.) Copy the description of you NIC (It should be under the heading Wireless LAN adapter Wireless Network Connection).
N.) Your current MAC address is also listed here (Physical Address), it'd be useful to know later on!
3.) Now type: "net config rdr" in cmd.exe.
4.) Copy the GUID (long string between the NetBT_Tcpip_{ & }'s).
N.) If you have more than one you need to copy the one that has your MAC address between ( & )'s at the end.
5.) Now go to regedt32 (Start>Run>regedt32).
6.) Now go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}
7.) Now click on the folder 0000 and check: - that the DriverDesc is the Description you copied in Step.2.
                                                     that the NetCfgInstanceID is the GUID you copied in Step.4.
N.) If it doesn't match go to folder 0001, then 0002, then 0003 etc till you find it.
8.) Now look for a value called NetworkAddress and click on it.
N.) If it's not there then click the Add Value menu (Edit>Add_Value) and add this value:
    Value Name: NetworkAddress
    Data Type: REG_SZ
9.) A window called String Editor should now pop-up, in this window type the MAC address you wish to change to.
10.) Now you need to tell your NIC/computer that changes have been made, the easiest way to do this is just to restart your computer.
11.) Now go into cmd.exe and check if you MAC Address has changed using the "ipconfig /all" command.

Linux
1.) Run the following script commands, first take down the network interface: "ifconfig interface down".
2.) Now change the MAC Address: "ifconfig interface hw class XX:XX:XX:XX:XX:XX" (The XX:XX:XX:XX:XX:XX can be any letter/number string, even just X's)
3.) Now bring the network interface back up: "ifconfig interface down".

MAC OS X
1.) Go to Terminal.app.
2.) Type: "sudo ifconfig en0 ether XX:XX:XX:XX:XX:XX" (The XX:XX:XX:XX:XX:XX can be any letter/number string, even just X's)

MAC OS X 10.5 Leopard
1.) Go to Terminal.app.
2.) Type: "sudo ifconfig en0 lladdr XX:XX:XX:XX:XX:XX" (The XX:XX:XX:XX:XX:XX can be any letter/number string, even just X's)

If you have another OS like BSD, Solaris, OpenBSD etc then Google "MAC Spoofing for Operating System" as I've never used these OS' and thus have no idea of how they work.