Many Internet Service Providers which offer internet access via local area networks (LAN) have very basic user authentication, they distinguish their users only on MAC/IP address pair basis. Of course many use more complex techniques based on PPPoE, PPTP, VLAN, port security; this article does not apply to them.Since the MAC address of the network interface card (NIC) can be easily changed this could lead to account hijacking in no time. The only condition is thay you have to know the MAC and IP addresses of an existing computer in your network.
Fortunately the Ethernet protocol which is used in LAN makes both addresses public and anyone whithin the same ethernet segment can see them. That’s why I wrote a script which automates the gathering process and writes all the MAC/IP pairs to a text file. This file is used as a database for another script which autmatically sets one of the pairs to your NIC.
Usage:
- Download http://systemv.eu/fisp-0.3.tar.gz
- Uncompress it using # tar xvzf fisp-0.3.tar.gz; cd fisp
- Edit the file scan.pl and put in the @networks list the IP networks of your ISP (you can easily see them with tcpdump). In the $db variable set the filename where the gathered information will be stored or you can leave it by default.
- Execute scan.pl (It is recommended to put it in a cron job or startup script), it will find the computers in the specified networks which are online.
- Now execute the assign.pl script. It will get the first entry (or the first random one if used with -r option) and set your NIC’s MAC and IP addresses and the gateway. Then it will check if internet connection is present and if this fails it will go to the next entry in the db file and repeat the process. If you use the -c option then the script will exit if it finds existing internet connection.
Note: The script assumes that the gateway address ends with xxx.xxx.xxx.1 of the same network, if in your case this is different you have to change it in the source.
And that’s it. Enjoy 
No comments:
Post a Comment