Wednesday, April 26, 2017

Spoofing a Hardware MAC address on MacOS

This post was going to be a note to myself, but then I figured it might be useful to other people.  So, now there's extra description of what's going on.

There you are at the hotel bar, where the wifi has a captive portal.  You want to get your Arduino or Raspberry PI or ZipIt Z2 or something on the wifi, but there's no way you're going to get it to login to a captive portal on its own.  No problem.  Have your MacBook pretend to be the hapless device for long enough to login to the captive portal, and then make your MacBook go back to being itself.  The captive portal doesn't know the difference, and will think your other device is already logged in when it tries to associate.

Open the Terminal app on your Mac.  Run `ifconfig` to see what your wireless adapter's official MAC address is -- it's the "ether" line -- and make a note of it if you don't feel like rebooting later.

  ifconfig en0

Now, set your MacBook's MAC address to whatever your other device's MAC address is ... down the interface ... and up the interface

  sudo ifconfig en0 ether 00:1D:04:01:02:03
  sudo ifconfig en0 down
  sudo ifconfig en0 up

Reconnect to that hotel wifi network -- which will think you're the other device -- and login to the captive portal.

Then, restore your Mac to its proper MAC address -- which you noted when you first ran the `ifconfig` command -- or if you didn't bother reading that part of the instructions, reboot your Mac to restore it to its original MAC address.  However you do it, make sure your Mac stops pretending to be the other device.

  sudo ifconfig en0 ether 00:88:65:01:62:01
  sudo ifconfig en0 down
  sudo ifconfig en0 up

All set.  The other device should be able to associate without needing to login to the captive portal, because your Mac already logged in, pretending to be it.