MAC address change tutorial
What is the trial about?
As part of the Internet Privacy efforts in coordination between IETF(IAB/IESG) and IEEE802, we are performing a trial to randomize the MAC address of some user's Wi-Fi devices. Instructions on how to participate in this trial are described below.
Instructions on how to participate in this trial are described below.
OS L2 randomization instructions
Mac OS X (tested on MacBook Pro 2010 OSX10.9.5 and MacBookPro 2014 OSX10.10)
Open a terminal and execute the following sequence of commands every time you want to connect to a WiFi Network:
MAC_ADDR=`openssl rand -hex 6 | sed 's/\(..\)/:\1/g;s/^.\(.\)[0-3]/\12/;s/^.\(.\)[4-7]/\16/; s/^.\(.\)[89ab]/\1a/;s/^.\(.\)[cdef]/\1e/'`; sudo ifconfig <WLANIFACE> ether $MAC_ADDR; networksetup -setairportnetwork <WLANIFACE> <ESSID> <WiFi KEY>; echo $MAC_ADDR >> <PATH_TO_LOGFILE>
Note that you have to specify the name of your wireless interface (usually en0), the ESSID of the wireless network and specify the WiFi key (if applicable). The path to a log file used to save the randomized MAC addresses used has to also be specified.
You need to select and use a DHCP client identifier that is likely to be unique among all the participants of the trial (e.g., avoid using “test”). To do so, open System Preferences, open Network Then click on the Wireless interface on the left to highlight it and then click Advanced at the lower right.Click the TCP/IP tab. Locate the DHCP Client ID area and type in the name you want. Click OK, then click Apply.
Note that tests with different (older) hardware and software have been reported to fail (OSX10.7.5 MacBook 2006 and OSX10.7.5 MacBook Air 2008).
Linux (tested on Debian testing/unstable, Ubuntu 13.10*, and Fedora 20)
The following instructions make the GNU/Linux’s Network Manager automatically use a random MAC address (a first octet of '0x06') whenever a new WLAN connection is established. In addition to the Network Manager, you need to install the macchanger tool, included on most package repositories. Once installed, download the following , copy it to /etc/NetworkManager/dispatcher.d/random_wlan_mac_local.sh (note that you need root permissions to do that) and make it executable. There are three variables at the beginning of the script that you need to check that are fine with your system (although default values should be fine for most cases):
- WLANIFACE (should match your system’s wireless interface),
- MACCHANGER (should match the path to the macchanger tool).
- LOGFILE (path to the file where tool logs are saved).
Download this  and save it your filesystem. Check that the two first variables defined at the beginning of the file are fine with your system’s configuration. Execute the script with superuser privileges and keep it running for the time you want to participate in this trial.
*Note: The process was also tested on Ubuntu, 12.04, 14.04 and 14.10. In these platforms, the MAC randomization works properly only if the WiFi networking is first completely disabled and then re-enabled from the Network Manager's applet. In the other platforms, the MAC randomization takes places by simply picking a new WLAN from the Network Manager applet, or by clicking on the “disconnect” button.
Windows (tested on Windows 7)
For changing the MAC address in Windows you need to download a script and run it in PowerShell (Windows 7 and PowerShell 2.0 or later versions are required). The script can be found here.
Run PowerShell as administrator and execute the script:
PS C:\TEMP> .\New-MACaddress.ps1 -Wireless
If there are multiple network interfaces (NIC) you will get a prompt asking for which card to change the MAC address. After confirming the NIC (if there are many) the script will change the address and will reload the driver. The process can take several seconds. To delete the registry value for the custom MAC address so that the built-in MAC of the NIC will be used instead (revert to factory default), change the -Wireless switch by -resetdefault. More information about the scripts and the files can be found in Jason Fossen’s blog.
You need to select and use a DHCP client identifier that is likely to be unique among all the participants of the trial (e.g., avoid using “test”). To do so, type the following in the command window:
C:\>ipconfig /setclassid "Wireless Network Connection" MyNewDhcpID
If there are multiple wireless interfaces you might need to change the name of the Wireless Network Connection interface (NIC) you want to use. You can confirm the DHCP client ID (DHCPv4 Class ID) settings and NIC name by typing:
*Note: The script is originally available bundled with other tools at http://www.sans.org/windows-security/files/scripts.zip. Download the scripts archive and look in the Day4-IPSec/Wireless-RADIUS folder for the script named New-MACaddress.ps1.
Download the MAC Spoofer (changer) app from here. The app works only on rooted devices. Open the app and give it root privileges when asked for. Tap the desired MAC address in the input box and apply changes.
The application is tested only on the following devices, it may not work on others.
Nexus 4 (Jelly Bean 4.2.2): the MAC changer works smoothly. Even while connected, the device automatically re-establishes the connectivity using the new MAC. Works also with WPA protected WiFi networks.
Nexus 5 (CyanoGen12 Android 5.0.2). With open non-protected networks the user may need to re-connect manually after the spoof. With protected networks:
- De-activate WiFi.
- Use the spoofer to change MAC. The app will complain that the interface is down. Move on.
- Activate WiFi and connect.
The interface uses the new MAC even if the interface settings may not display it.
- How to install macchanger?
macchanger is available in the package repositories of most GNU/Linux distributions. For .deb based system you can install it by typing:
sudo apt-get install macchanger
while in .rpm based systems the command is:
sudo yum install macchanger
If your system does not support the sudo utility, log in as root and type the commands without the sudo keyword. If macchanger is not available in your repository, you can proceed to the manual installation after downloading the sources available here.
- How is the script-1 for GNU/Linux supposed to work?
The script works in the background with no need to be manually executed by the user. The script detects that a WLAN connection went “down” and generates a random MAC address for the specified interface that will be used for next operations and connections. A connection goes “down” when, from the Network Manager applet, the user clicks on the “disconnect” button, or while connected to a WLAN the user switches to a new one, or when the WiFi networking is disabled.
- The script-1 for GNU/Linux apparently does not work
Check the owner and permissions of script-1, which must belong to and be executed by root:
-rwxr-xr-x 1 root root /etc/NetworkManager/dispatcher.d/random_wlan_mac
- The permissions and ownership are ok, still script-1 is not working
First check if the variables defined in the script's header are ok, then check the log file /var/log/random_wlan_mac.log (or the file you specified for logging) for possible errors. It is likely that macchanger' is not properly executed.
- How is the script-2 for GNU/Linux supposed to work?
The script must be manually executed by root or a user with superuser permissions. The scripts runs in a terminal polling the system's connections. While the WLAN is disconnected the script periodically changes the WLAN interface's MAC address.
- The script-2 for GNU/Linux apparently does not work
Make sure you run it as root or with sudo. The script prints its log in the terminal where it is executed so that the user can quickly see what is going on. If the problem is related to the nmcli utility, check if Network Manager is installed in your system and then the syntax of the nmcli command specific for your system to check the status of the system's interfaces.
- The Windows PowerShell does not allow script execution
By default, script execution is disabled in PowerShell. Enable it by typing:
PS C:\TEMP> Set-ExecutionPolicy Unrestricted
- The Android filesystem is mounted as read-only even if I am root
Re-mount the filesystem with write permissions. Open a shell in the device, either with a shell application with root privileges or through USB debug mode, and type
# mount -o rw,remount /system
More information about the IEEE 802 Privacy group and instructions about how to join the discussion list can be found at the IEEE 802 Privacy SG site: