Let's follow the instructions to get started:
Let's first configure our access point to use MAC filtering and then add the client MAC address of the victim laptop. The settings pages on my router looks as follows:
Once MAC filtering is enabled, only the allowed MAC address will be able to successfully authenticate with the access point. If we try to connect to the access point from a machine with a non-whitelisted MAC address, the connection will fail.
Behind the scenes, the access point is sending authentication failure messages to the client. The packet trace resembles the following:
In order to beat MAC filters, we can use
airodump-ng
to find the MAC addresses of clients connected to the access point. We can do this by issuing theairodump-ng -c 10 -a --bssid <mac> wlan0mon
command. By specifying thebssid
command, we will only monitor the access point, which is of interest to us. The-c 10
command sets the channel to10
, where the access point...