Open Wi-Fi Login

Discussion in 'privacy problems' started by bazinga, Aug 19, 2014.

  1. bazinga

    bazinga Registered Member

    Joined:
    Aug 16, 2014
    Posts:
    9
    So if I log into a public wi-fi at Starbucks, as soon as I connect and accept their terms don't they have my real IP at that point before I can log into a VPN?
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    It's not that they have your IP address. You have their IP address. Or rather, you're using their IP address, so that websites see that you're coming from an IP address that's been assigned to Starbucks.

    What Starbucks does have from you is your device's MAC address. That could be used as evidence that you used the Starbucks WiFi AP at particular times. The most reliable approach is to use a specific USB WiFi network adapter when you're at Starbucks, and never use it anywhere else. You could have multiple USB WiFi network adapters, one for each WiFi hotspot that you use. Before doing that, make sure to disable your device's built-in USB WiFi network adapter.
     
  3. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,524
    Location:
    USA - Back in a real State in time for a real Pres
    Wouldn't MadMACs work?

    MadMACs: MAC Address Spoofing and
    Host Name Randomizing App for Windows 7 (Should work in Windows Vista and Windows 8 too)

    from Irongeek


    I wrote MadMACs awhile back, as a simple script to randomize my MAC address (and host name) in Windows on every boot. I had not updated it in a long time so it stopped working well in newer versions of Windows (Windows 7, Windows Vista and Windows :cool:. When someone would try to get MadMACs to work on a newer version of the OS, Windows would not always respect the registry setting for what MAC address they were suppose to use. Seems that if it is a wireless interface, the 2nd nibble has to be a 2, 6, A or an E on Windows Vista and newer. I included functionality in the new version of MadMACs to make sure this nibble is correct if you tell it the NIC you are trying to change/randomize the MAC address on is a WiFi card. I've also added a GUI for configuring your MAC addresses on your network cards (the old version used prompts), made the config file more INI like, and made it so that MadMACs itself can reset your adapter and start using the new MAC address immediately (name changes will take a reboot).


    http://www.irongeek.com/i.php?page=security/madmacs-mac-spoofer
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I'd rather use a real hardware MAC for this. USB WiFi adapters don't cost very much.
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    zapjb,

    The easy workaround for some windows hardware is that the MAC's first octet has to be set to 02. There is some interesting reading about bridges to account for why windows WILL be forced to accept those MAC forms internally. When doing that it is very easy to open 7 Pro with a scrambled/spoofed MAC without fail as the machine mounts. My software does it behind the scenes and without fail.

    Mirimir, one advantage to using my auto scrambling method is that you never have the same MAC at the Starbucks from one day to the next. A physical USB dongle transmitter retains the same MAC and is present to be accounted for. The software method means that there is no physical hardware to compare its MAC to any on record at Starbucks (the actual MAC # is never used there). Of course the hard drive is fully encrypted so there is no evidence to view either.

    I use Linux now but I am describing how I handled windows in the past.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    @Palancar

    I'm concerned that a WiFi AP might force an adapter to reveal its true MAC address.
     
  7. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,524
    Location:
    USA - Back in a real State in time for a real Pres
    Is there a tutorial you could link to? Thanks
     
  8. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    Mirimir, trade off of course. Using Linux I have never seen my spoofed MAC ever changed back. My thinking is the "physical presence" of my usb antenna(s) and I have a few for use with Backtrack/Penetration (LOL!), is much more of a risk. My laptop being encrypted will never expose any spoofed MAC because an adversary will only see the original NIC MAC, which I don't use except at home. Clearly a trade off, but I don't want to have a physical MAC to see while at a coffee shop. Hope that makes some sense!

    zapjb,

    I am not at home so I am typing from memory. Take a look at a software program named Macchanger by Technium (guessing on the spelling). It is FREE and I have used it for a long time on 7. I was having an impossible time changing the MAC until I discovered that by changing the MAC where the first octet is 02 will be successful almost always. You will see there is an option to automatically create a MAC using the 02 octet. Windows has many machine NICs locked to the original MAC but an 02 in the first octet causes it to drop its guard so to speak. There is a link on the control panel of the program that speaks about it. If you have a look at it and still have questions post back here. If you are successful do the same so others can learn too.

    The reason I had to guess on the spelling (for the windows 7 application)is that I have left windows completely and only use Linux now. MAC manipulation is handled a bit differently with linux but is still easy to do.

    Back to Mirimir and in a sense you too: The method I just discussed allows for a MAC to be changed but not cloned because the first octet is always 02. If I need to clone a MAC with a normal set of numbers I use a usb dongle to accomplish the penetration exam, or whatever!
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    @Palancar

    Yes, there's a trade-off. Maybe the best approach is using a few USB WiFi adapters, perhaps one for each context (particular hotspot, activity and so on) plus MAC spoofing to hinder profile building.
     
  10. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    Brother, we are two ships passing in the night. LOL!!
     
  11. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,102
    Perhaps you meant Technitium MAC Address Changer?

    -- Tom
     
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Yes, brother :)
     
  13. tom1876

    tom1876 Registered Member

    Joined:
    Jan 4, 2014
    Posts:
    15
    Location:
    England
    @Palancar Thanks for 02 trick.i'll try that.

    one more thing that works on windows 7 is to uninstall your NIC win7 drivers and FORCE install Windows xp drivers for your NIC.This way you can change to any MAC you want to.no need to keep first octet as 02.
     
  14. tom1876

    tom1876 Registered Member

    Joined:
    Jan 4, 2014
    Posts:
    15
    Location:
    England
    one more thing, router/modem can see and log NIC MAC and Computer-Name only, Right? unless it exploits your system using some script.

    And websites and ISP can not see either of these(at least in IPv4)?ISP can see just Mac of your modem,right?
     
  15. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
Loading...