StackZero
  • Homepage
  • Categories
    • Basics
    • Cryptography and Privacy
    • Ethical Hacking
      • Web Security
      • Network Security
    • Reverse Engineering
      • Malware Analysis
  • Contacts
No Result
View All Result
StackZero
No Result
View All Result

How to easily change your Windows Mac Address in Python

October 2, 2021
in Ethical Hacking, Network Security
0 0
Mac changer in python
0
SHARES
23
VIEWS
Share on FacebookShare on Twitter

In this article, we are going to write a python script that teaches how to you easily change your Windows Mac Address in Python to a random value on a Windows 7 Ultimate x64 system.
Depending on the operating system there may be small differences in the method.

Table of Contents

  • Attack plan
  • Get subkeys
  • A solution to get the right interface
  • How to change your Windows Mac Address
  • How to make your MAC address changes active.
  • Conclusion
  • Further readings

Attack plan

What we are interested in, however, is being able to manipulate the registry with a script, so once we have succeeded we should be able to:

  • find a key.
  • list subkeys.
  • add and delete a value.

There are various methods to change your Windows MAC address with python, the one we are interested in consists of the following steps:

  • Open the registry (just type “regedit.exe” in the search from the start menu)
  • Look for the key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class{4D36E972-E325-11CE-BFC1-08002BE10318}“.
  • Insert a “REG_SZ” value (this is a string) with the name “NetworkAddress” and a string containing the MAC Address without separating it.
  • Restart the network interface.

The only purpose of the script is just illustrative, open to later modification, but the structure of the code is basic.
Said that we have no input control whatsoever since it would only be a kind of semi-automation.

Get subkeys

But let’s get our hands dirty with the code now and see the support methods that we are using.
The first three, which are self-explanatory, are a kind of wrapper methods for winreg library:

  • inserting a value in the register
  • deleting a value
  • generate a MAC address
import winreg
from contextlib import suppress
import itertools
import random
import subprocess

def restore_old_mac(key):
    winreg.DeleteValue(key, 'NetworkAddress')

def set_new_mac(key, mac):
    winreg.SetValueEx(key, 'NetworkAddress', 0, winreg.REG_SZ, mac)

def generate_random_mac():
    chars = "1234567890ABCDEF"
    return ''.join(random.choices(chars, k=12))

At this point we need a method to list the subkeys instead, let’s see the code before commenting.

reg_path = "SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}"


def get_subkeys(reg_path):
    root = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE)
    subkeys = []
    with suppress(WindowsError), winreg.OpenKey(root, reg_path) as n_key:
        for i in itertools.count():
            subkeys.append(winreg.OpenKey(n_key, winreg.EnumKey(n_key, i), access=winreg.KEY_ALL_ACCESS))
    return subkeys

The method performs the following steps:

  • Defines the path of the key that contains all the potential network interfaces that we will connect to.
  • Initialises an empty list containing the subkeys
  • Iterates through the list until a WindowsError is generated indicating the end of the subkeys by adding each subkey to the list
  • Returns the list of subkeys

A solution to get the right interface

Now a problem arises, it becomes difficult to know which interface is of interest and to avoid complicating our lives, we are going to make the choice “more manual”, but to do this we need a method that looks for the description (found in the DriverDesc value of each key) and shows it to us so that we can select the right interface-index to work on, so let’s look at this method!

def print_driver_desc(subkeys):
    
    for k, i in zip(subkeys, range(len(subkeys))):
        with suppress(WindowsError):
            for j in itertools.count():
                val = winreg.EnumValue(k, j)
                if val[0] == 'DriverDesc':
                    print(f"[{i}]", val[1])

The method iterates through the list of subkeys and for each subkey it searches for the value “DriverDesc” in a nested loop. as soon as it finds it, it prints out the value and index of the corresponding subkey. As with the subkey search, for the values until generating a WindowsError at the end of the list.

How to change your Windows Mac Address

Now we can put the pieces together and write our main, which:

  • obtains all the subkeys representing the interfaces
  • print the descriptions with their indexes on the screen
  • asks you to enter the index of the interface
  • asks you to choose whether to generate a random MAC or restore the original one.

Remember that if the value “NetworkAddress” does not exist in the key, the value will remain its original one,
but let’s see the code

if __name__ == "__main__":
    subkeys = get_subkeys(reg_path)

    print_driver_desc(subkeys)

    print("\n\nChoose your Network interface...\n")
    
    interface_index = int(input())

    print("\nChoose your option\n[0] I want to restore my original MAC address\n[1] I want to generate random MAC address\n")

    option = input()

    if option == "0":
        with suppress(FileNotFoundError):
            restore_old_mac(subkeys[interface_index])
        
    elif option == "1":
        
        random_mac = generate_random_mac()
        set_new_mac(subkeys[interface_index], random_mac)
        print("Value set at: ", random_mac)

    else:
        print("[-] Wrong Choice Try again!")

How to make your MAC address changes active.

If we try to run it, we notice that the changes are not active, this is because we need to restart the interface, and it may be interesting to do this directly from our script using the netsh tool. So the commands that we are interested in are:

  • The one to see all the available interfaces
netsh interface show interface
  • The one to enable/disable the interface
netsh interface set interface "<INTERFACE_NAME>" enable
netsh interface set interface "<INTERFACE_NAME>" disable

Let us see how to use these commands via the subprocess module and since it becomes complex to select the correct interface, we will again make sure that
user can enter it via input:

    result = subprocess.check_output(["netsh", "interface", "show", "interface"], shell=True)    
    print(result.decode())
    iface_name = input("\nPlease write the name of your interface:\n")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" disable")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" enable")

Conclusion

Now let’s see the complete code:

import winreg
from contextlib import suppress
import itertools
import random
import subprocess


reg_path = "SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}"


def restore_old_mac(key):
    winreg.DeleteValue(key, 'NetworkAddress')

def set_new_mac(key, mac):
    winreg.SetValueEx(key, 'NetworkAddress', 0, winreg.REG_SZ, mac)
    



def get_subkeys(reg_path):
    root = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE)
    subkeys = []
    with suppress(WindowsError), winreg.OpenKey(root, reg_path) as n_key:
        for i in itertools.count():
            subkeys.append(winreg.OpenKey(n_key, winreg.EnumKey(n_key, i), access=winreg.KEY_ALL_ACCESS))
    return subkeys

def print_driver_desc(subkeys):
    
    for k, i in zip(subkeys, range(len(subkeys))):
        with suppress(WindowsError):
            for j in itertools.count():
                val = winreg.EnumValue(k, j)
                if val[0] == 'DriverDesc':
                    print(f"[{i}]", val[1])

def generate_random_mac():
    chars = "1234567890ABCDEF"
    return ''.join(random.choices(chars, k=12))

if __name__ == "__main__":
    subkeys = get_subkeys(reg_path)

    print_driver_desc(subkeys)

    print("\n\nChoose your Network interface...\n")
    
    interface_index = int(input())

    print("\nChoose your option\n[0] I want to restore my original MAC address\n[1] I want to generate random MAC address\n")

    option = input()

    if option == "0":
        with suppress(FileNotFoundError):
            restore_old_mac(subkeys[interface_index])
        
    elif option == "1":
        
        random_mac = generate_random_mac()
        set_new_mac(subkeys[interface_index], random_mac)
        print("Value set at: ", random_mac)

    else:
        print("[-] Wrong Choice Try again!")


    result = subprocess.check_output(["netsh", "interface", "show", "interface"], shell=True)    
    print(result.decode())
    iface_name = input("\nPlease write the name of your interface:\n")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" disable")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" enable")

To execute, save the file with “main.py”, launch a terminal as an administrator in the same directory as the script and type:

python main.py

Further readings

If you found it interesting to read, I recommend the following articles:

  • How to create a host port scanner in Python in just a few lines of code!
  • Domain scanner made easy – with Python!
How to create network scanner tool in few lines of code!
Trending
How to create network scanner tool in few lines of code!

Tags: keymac addressnetshpythonregistrywindows
Previous Post

How to embed shellcode payload into an executable

Next Post

How malware evasion works – 2 simple techniques in practice

Next Post
Malware Evasion Featured

How malware evasion works - 2 simple techniques in practice

You might also like

Hack File Inclusion in DVWA: A Full Walkthrough

Hack File Inclusion in DVWA: A Full Walkthrough

January 18, 2023
How To Exploit File Inclusion Vulnerabilities: A Beginner’s Introduction.

How To Exploit File Inclusion Vulnerabilities: A Beginner’s Introduction.

December 15, 2022
What is unrestricted file upload vulnerability? And How to exploit it on DVWA!

What is unrestricted file upload vulnerability? And How to exploit it on DVWA!

November 29, 2022
How To Exploit CSRF In DVWA

How To Exploit CSRF In DVWA

November 23, 2022
CSRF intro featured

CSRF Introduction: What you need to know!

November 15, 2022
Bruteforce attack

How to Brute Force DVWA login with Python

November 3, 2022

StackZero

StackZero is a technical coding blog that focuses on cybersecurity. It mainly offers articles and tutorials that teach readers how to write security tools.
The blog covers a wide range of topics, from the basics of cryptography to the more advanced topics of exploitation and reverse engineering.

Tags

application security blind sqli blind sql injection bruteforce c certification command injection csrf csrf attack cybersecurity dom-based xss dvwa ethical-hacking exploitation file inclusion file upload hacking injection javascript kali linux local file inclusion malware malware analysis network-security penetration testing pentesting lab python reflected xss registry remote file inclusion security shellcode sql sqli sql injection stored xss virtual machine vulnerable application web application security web exploitation web security windows windows api windows virtual machine xss
  • Contacts
  • HomePage
  • Privacy Policy
  • Terms and Conditions

No Result
View All Result
  • Homepage
  • Categories
    • Basics
    • Cryptography and Privacy
    • Ethical Hacking
      • Web Security
      • Network Security
    • Reverse Engineering
      • Malware Analysis
  • Contacts

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In