80 likes | 263 Views
Penetration Testing: Bypassing UNCW NetReg. Vince Tran & Howard Kleinberg. UNCW NetReg. NetReg Vulnerability. Media A ccess Control address. 6-octet hexadecimal identifier Unique to every network-enabled device . Vulnerability Exploitation.
E N D
Penetration Testing:Bypassing UNCW NetReg Vince Tran& Howard Kleinberg
Media Access Control address • 6-octet hexadecimal identifier • Unique to every network-enabled device
Vulnerability Exploitation • Obtain the MAC address of a registered device. • Use software to change an ‘attacker’ device’s MAC address to the registered value. • Access the network using the ‘spoofed’ credentials (i.e., the registered MAC address).
Retrieving Targets • Discovers IP & MAC of all machines connected to the local AP
Uses for MAC Address Spoofing • Legitimate:- Creating wireless connections to a network.- Better method - Changing a device’s role, from router to computer and vice-versa. • Illegitimate:- Unauthorized, stealthy access (intrusion) into a targeted restricted-access network.- Network traffic redirection.-> Obtain data from other systems on the network…