Can there be a Fix to MAC ADDRESS RANDOMIZATION #49
Assignees
Labels
feature
New feature
Comments
|
Sorry for the late answer, I had so little time to work on ProbeQuest during the last few months. Thanks for the links. I will have a look as soon as I get a chance. Note that defeating MAC address randomisation was already part of ProbeQuest's roadmap as you can see in #6. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Since Mac address randomization is on by default on most devices
this make the probe sniffing a bit useless
So i think it can maybe be fixed a bit
like for example if it we catch a mac probing for skyplabs network
then we use that mac address to link the reset of the other probes together to know that they are coming from which device
i don't know actually how to do that but here what i noticed
when deauthing a network for a couple of SECs
and monitoring it with airodump-ng
You can actually see all the probs lined together for each device on that network even that they are using Mac randomization but it still works some how
You can try that by trying to capture a 4-way-handshake manually
There is also these two attacks that uses some form of advanced methods to break the Randomization but i wasn't able to fully understand
Three Years Later: A Study of MAC Address Randomization In Mobile Devices And When It Succeeds PDF
Defeating MAC Address Randomization Through Timing Attacks PDF
RESEARCHERS BREAK MAC ADDRESS RANDOMIZATION AND TRACK 100% OF TEST DEVICES
Thanks
The text was updated successfully, but these errors were encountered: