StackZero
  • Homepage
  • Cryptography and Privacy
  • Ethical Hacking
  • Reverse Engineering
  • About
  • Contact
No Result
View All Result
StackZero
No Result
View All Result

How to easily change your Windows Mac Address in Python

October 2, 2021
in Ethical Hacking
0 0
Mac changer in python
0
SHARES
117
VIEWS
Share on FacebookShare on Twitter

In this article, we are going to write a python script that teaches how to you easily change your Windows Mac Address in Python to a random value on a Windows 7 Ultimate x64 system.
Depending on the operating system there may be small differences in the method.

Table of Contents

  • Attack plan
  • Get subkeys
  • A solution to get the right interface
  • How to change your Windows Mac Address
  • How to make your MAC address changes active.
  • Conclusion
  • Further readings

Attack plan

What we are interested in, however, is being able to manipulate the registry with a script, so once we have succeeded we should be able to:

  • find a key.
  • list subkeys.
  • add and delete a value.

There are various methods to change your Windows MAC address with python, the one we are interested in consists of the following steps:

  • Open the registry (just type “regedit.exe” in the search from the start menu)
  • Look for the key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class{4D36E972-E325-11CE-BFC1-08002BE10318}“.
  • Insert a “REG_SZ” value (this is a string) with the name “NetworkAddress” and a string containing the MAC Address without separating it.
  • Restart the network interface.

The only purpose of the script is just illustrative, open to later modification, but the structure of the code is basic.
Said that we have no input control whatsoever since it would only be a kind of semi-automation.

Get subkeys

But let’s get our hands dirty with the code now and see the support methods that we are using.
The first three, which are self-explanatory, are a kind of wrapper methods for winreg library:

  • inserting a value in the register
  • deleting a value
  • generate a MAC address
import winreg
from contextlib import suppress
import itertools
import random
import subprocess

def restore_old_mac(key):
    winreg.DeleteValue(key, 'NetworkAddress')

def set_new_mac(key, mac):
    winreg.SetValueEx(key, 'NetworkAddress', 0, winreg.REG_SZ, mac)

def generate_random_mac():
    chars = "1234567890ABCDEF"
    return ''.join(random.choices(chars, k=12))

At this point we need a method to list the subkeys instead, let’s see the code before commenting.

reg_path = "SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}"


def get_subkeys(reg_path):
    root = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE)
    subkeys = []
    with suppress(WindowsError), winreg.OpenKey(root, reg_path) as n_key:
        for i in itertools.count():
            subkeys.append(winreg.OpenKey(n_key, winreg.EnumKey(n_key, i), access=winreg.KEY_ALL_ACCESS))
    return subkeys

The method performs the following steps:

  • Defines the path of the key that contains all the potential network interfaces that we will connect to.
  • Initialises an empty list containing the subkeys
  • Iterates through the list until a WindowsError is generated indicating the end of the subkeys by adding each subkey to the list
  • Returns the list of subkeys

A solution to get the right interface

Now a problem arises, it becomes difficult to know which interface is of interest and to avoid complicating our lives, we are going to make the choice “more manual”, but to do this we need a method that looks for the description (found in the DriverDesc value of each key) and shows it to us so that we can select the right interface-index to work on, so let’s look at this method!

def print_driver_desc(subkeys):
    
    for k, i in zip(subkeys, range(len(subkeys))):
        with suppress(WindowsError):
            for j in itertools.count():
                val = winreg.EnumValue(k, j)
                if val[0] == 'DriverDesc':
                    print(f"[{i}]", val[1])

The method iterates through the list of subkeys and for each subkey it searches for the value “DriverDesc” in a nested loop. as soon as it finds it, it prints out the value and index of the corresponding subkey. As with the subkey search, for the values until generating a WindowsError at the end of the list.

How to change your Windows Mac Address

Now we can put the pieces together and write our main, which:

  • obtains all the subkeys representing the interfaces
  • print the descriptions with their indexes on the screen
  • asks you to enter the index of the interface
  • asks you to choose whether to generate a random MAC or restore the original one.

Remember that if the value “NetworkAddress” does not exist in the key, the value will remain its original one,
but let’s see the code

if __name__ == "__main__":
    subkeys = get_subkeys(reg_path)

    print_driver_desc(subkeys)

    print("\n\nChoose your Network interface...\n")
    
    interface_index = int(input())

    print("\nChoose your option\n[0] I want to restore my original MAC address\n[1] I want to generate random MAC address\n")

    option = input()

    if option == "0":
        with suppress(FileNotFoundError):
            restore_old_mac(subkeys[interface_index])
        
    elif option == "1":
        
        random_mac = generate_random_mac()
        set_new_mac(subkeys[interface_index], random_mac)
        print("Value set at: ", random_mac)

    else:
        print("[-] Wrong Choice Try again!")

How to make your MAC address changes active.

If we try to run it, we notice that the changes are not active, this is because we need to restart the interface, and it may be interesting to do this directly from our script using the netsh tool. So the commands that we are interested in are:

  • The one to see all the available interfaces
netsh interface show interface
  • The one to enable/disable the interface
netsh interface set interface "<INTERFACE_NAME>" enable
netsh interface set interface "<INTERFACE_NAME>" disable

Let us see how to use these commands via the subprocess module and since it becomes complex to select the correct interface, we will again make sure that
user can enter it via input:

    result = subprocess.check_output(["netsh", "interface", "show", "interface"], shell=True)    
    print(result.decode())
    iface_name = input("\nPlease write the name of your interface:\n")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" disable")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" enable")

Conclusion

Now let’s see the complete code:

import winreg
from contextlib import suppress
import itertools
import random
import subprocess


reg_path = "SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}"


def restore_old_mac(key):
    winreg.DeleteValue(key, 'NetworkAddress')

def set_new_mac(key, mac):
    winreg.SetValueEx(key, 'NetworkAddress', 0, winreg.REG_SZ, mac)
    



def get_subkeys(reg_path):
    root = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE)
    subkeys = []
    with suppress(WindowsError), winreg.OpenKey(root, reg_path) as n_key:
        for i in itertools.count():
            subkeys.append(winreg.OpenKey(n_key, winreg.EnumKey(n_key, i), access=winreg.KEY_ALL_ACCESS))
    return subkeys

def print_driver_desc(subkeys):
    
    for k, i in zip(subkeys, range(len(subkeys))):
        with suppress(WindowsError):
            for j in itertools.count():
                val = winreg.EnumValue(k, j)
                if val[0] == 'DriverDesc':
                    print(f"[{i}]", val[1])

def generate_random_mac():
    chars = "1234567890ABCDEF"
    return ''.join(random.choices(chars, k=12))

if __name__ == "__main__":
    subkeys = get_subkeys(reg_path)

    print_driver_desc(subkeys)

    print("\n\nChoose your Network interface...\n")
    
    interface_index = int(input())

    print("\nChoose your option\n[0] I want to restore my original MAC address\n[1] I want to generate random MAC address\n")

    option = input()

    if option == "0":
        with suppress(FileNotFoundError):
            restore_old_mac(subkeys[interface_index])
        
    elif option == "1":
        
        random_mac = generate_random_mac()
        set_new_mac(subkeys[interface_index], random_mac)
        print("Value set at: ", random_mac)

    else:
        print("[-] Wrong Choice Try again!")


    result = subprocess.check_output(["netsh", "interface", "show", "interface"], shell=True)    
    print(result.decode())
    iface_name = input("\nPlease write the name of your interface:\n")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" disable")
    subprocess.call(f"netsh interface set interface \"{iface_name}\" enable")

To execute, save the file with “main.py”, launch a terminal as an administrator in the same directory as the script and type:

python main.py

Further readings

If you found it interesting to read, I recommend the following articles:

  • How to create a host port scanner in Python in just a few lines of code!
  • Domain scanner made easy – with Python!
What is malware analysis and why is it important?
Trending
What is malware analysis and why is it important?

Tags: keymac addressnetshpythonregistrywindows
Previous Post

How to embed shellcode payload into an executable

Next Post

How malware evasion works – 2 simple techniques in practice

Next Post
Malware Evasion Featured

How malware evasion works - 2 simple techniques in practice

You might also like

Python Mitmproxy: Unmasking the Fake Wealth of Financial Gurus

Python Mitmproxy: Unmasking the Fake Wealth of Financial Gurus

May 30, 2023
Master the Art of Linux Firewall: Practical Guide to Iptables

Master the Art of Linux Firewall: Practical Guide to Iptables

May 9, 2023
picoctf asm3 featured

PicoCTF asm3 challenge: Master the Art of Reverse Engineering

May 7, 2023
picoctf introduction reverse engineering

A Beginner’s Guide to PicoCTF’s Reverse Engineering: Simple Writeups

April 28, 2023

PicoCTF Unlocked: Mastering Cybersecurity One Step at a Time

April 22, 2023
Unravelling the Secrets of Reverse Engineering: Practical Applications for In-Depth Analysis

Unravelling the Secrets of Reverse Engineering: Practical Applications for In-Depth Analysis

April 16, 2023

StackZero

StackZero is a technical coding blog that focuses on cybersecurity. It mainly offers articles and tutorials that teach readers how to write security tools.
The blog covers a wide range of topics, from the basics of cryptography to the more advanced topics of exploitation and reverse engineering.

Tags

application security assembler blind sqli blind sql injection bruteforce brute force c cesar cipher command injection cryptography ctf cybersecurity dom-based xss dvwa ethical-hacking ethical hacking exploitation file inclusion hacking injection javascript malware analysis network-security penetration testing pentesting lab picoctf python reflected xss registry reverse engineering social engineering sql sqli sql injection ssrf stored xss substitution substitution cipher vulnerable application web application security web exploitation web security windows windows api xss
  • About Us
  • Contacts
  • HomePage
  • Privacy Policy
  • Terms and Conditions

No Result
View All Result
  • Homepage
  • Cryptography and Privacy
  • Ethical Hacking
  • Reverse Engineering
  • About
  • Contact

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In