Who Am I?

it ain't me babe, I'm not the Mac you're looking for

Posted by vgrsec on December 19, 2016


How to change your hostname and mac address to random values on Debian 8 (Jessie) to appear to be a Macbook Pro, on boot.

Background & Story Time:

Lately I've been working out of a lot of public wifi locations, however, I've been frequently the same ones over and over. Starbucks is great, because they're everywhere, the wifi is fast, and free. However, it's run by Google (who also host this blog! Thanks!). One can be certain that all that data is being vacuumed up into the great big googlesphere.

Of course VPN helps, that's obvious and how to do that is everywhere, but I wanted to go a step further. I wanted to psudo-anonymize my connection.

I started by using macchanger to change my mac to a random mac on boot. However, I realized since my hostname didn't change, it wouldn't take much to figure out who I was.

After a trip to a trendy local coffee shop where I was the only non Macbook user in the room I realized, in order to blend into the noise, I needed to look like a Macbook.

Hence, I created two 1 liners, one to change hostname, one to change the mac to appear to be an Apple device

For the hostname, I relied on google to tell me what a MBP looked like on DHCP, and it appears it's sMBP# so BillsMBP3.

For the mac address , thanks to a clever stack overflow solution I was able to create a shell script that parsed macchanger for a vendor (Apple), then generated a random mac based on that vendor. (http://stackoverflow.com/questions/29082719/how-to-select-vendor-when-using-macchanger-in-linux).

While my 1 liner is selecting Apple, it could be used for other things however, for instance in setting up SCADA honeypots, it may be useful to appear as a GE device, you could use this same script, and just modify the vendor.

Click for Details > #!/bin/sh
name1=$(shuf -n 1 /etc/identchange-names.cfg) && name2=sMBP && name3=$(shuf -i 1-9 -n 1) && hostnamectl set-hostname $name1$name2$name3
ifconfig wlan1 down
Vendor=$(macchanger -l | grep Apple | shuf -n 1 | awk '{print $3}') && Tail=$(echo $RANDOM | md5sum | sed 's/.\{2\}/&:/g' | cut -c 1-8) && macchanger --mac=$Vendor:$Tail --bia wlan1
ifconfig wlan1 up