I’m trying to hack MacOS to allow spoofing of ethernet MAC addresses. It doesn’t work, yet. I’ve followed the popular advice on the net, but it isn’t quite getting me there"
I’m using a PowerBook G4 12" and I’m trying to spoof with the local ethernet (en0) device. Out of the box, that shouldn’t work. But there are supposedly ways to make it work.
Here are some relevant links
-
The only patches for Darwin I can find. These seem to be referenced all over the place. They add the necessary
bits to the kernel to allow you to spoof source MAC addresses, at least on the hardwired ethernet interface.
-
The source for Darwin. You’ll need this if you try to recompile the kernel.
-
OpenDarwin’s Documentation. There’s a bunch of HOWTOs here, including how to build XNU, the Darwin kernel.
I am using Nemesis to inject packets with spoofed source MACs. Sadly, Nemesis requires an older version of Libnet which is a bit annoying, since they both come from the same place. Libnet, both the latest and the older version, don’t seem to support MacOS X very well.
After seeing this patch from this message on the cfengine mailing list, I decided to change the use of SIOCGIFCONF to OSIOCGIFCONF. This changes the error messages I get, which is interesting. I now get EAFNOSUPPORT Address family not supported by protocol family whatever that means.