Project

General

Profile

Bug #11931

MAC Spoofing is broken in Stretch

Added by anonym almost 3 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
High
Assignee:
Category:
Spoof MAC
Target version:
Start date:
11/16/2016
Due date:
% Done:

100%

Feature Branch:
bugfix/11931-network-manager-vs-mac-spoofing
Type of work:
Code
Blueprint:
Starter:
Affected tool:

Description

The automated test suite noticed that the even though MAC spoofing is enabled and reportedly succeeds, the MAC address is not spoofed. I see this in the journal:

Nov 16 00:00:31 amnesia spoof-mac[2654]: Trying to spoof MAC address of NIC eth0...
[...]
Nov 16 00:00:31 amnesia spoof-mac[2719]: Successfully spoofed MAC address of NIC eth0

However:

$ macchanger eth0
Current MAC:   52:54:00:d7:d3:0f (unknown)
Permanent MAC: 52:54:00:d7:d3:0f (unknown)

Related issues

Related to Tails - Feature #11293: Check if/how we should use NetworkManager's new MAC address spoofing capabilities Confirmed 03/31/2016
Blocked by Tails - Bug #11937: Rebase our NetworkManager package on 1.4.2-2 Resolved 11/16/2016

Associated revisions

Revision 73e43275 (diff)
Added by intrigeri almost 3 years ago

Configure NetworkManager to not touch MAC addresses (refs: #11931).

Its default behaviour on Debian Stretch is to reset the MAC address to the
permanent one, and we did not make up our mind yet wrt. replacing
our custom MAC spoofing system with NM's own one (refs: #11293).

Revision d15e007b
Added by intrigeri almost 3 years ago

Merge branch 'bugfix/11931-network-manager-vs-mac-spoofing' into feature/stretch

Closes: #11937
Refs: #11931

Revision 82c40ead (diff)
Added by intrigeri almost 3 years ago

Test suite: check that the MAC address is spoofed for manually added persistent NetworkManager connections (refs: #11931).

Revision 62713d63 (diff)
Added by intrigeri almost 3 years ago

Capture network traffic before checking for the corresponding logs (refs: #11931).

Revision 078ef30a
Added by intrigeri almost 3 years ago

Merge branch 'bugfix/11931-network-manager-vs-mac-spoofing' into feature/stretch

refs: #11931

Revision 6c83cd3f (diff)
Added by intrigeri almost 3 years ago

Test suite: check that MAC spoofing works for pre-existing persistent connections from the Tails 2.x area.

refs: #11931

Revision 9f499b83
Added by intrigeri almost 3 years ago

Merge branch 'bugfix/11931-network-manager-vs-mac-spoofing' into feature/stretch

Closes: #11931

History

#1 Updated by intrigeri almost 3 years ago

  • Priority changed from Normal to High

#2 Updated by intrigeri almost 3 years ago

I've verified that tails-spoof-mac does what it claims to do; but then NetworkManager resets the MAC address to the permanent one: device (eth0): set-hw-addr: set-cloned MAC address to 52:54:00:2D:92:10 (permanent).

#3 Updated by intrigeri almost 3 years ago

  • Related to Feature #11293: Check if/how we should use NetworkManager's new MAC address spoofing capabilities added

#4 Updated by intrigeri almost 3 years ago

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 10
  • Feature Branch set to bugfix/11931-network-manager-vs-mac-spoofing

I'm fixing this in NM's default settings, but it may be that some connections will get the default settings (reset to the permanent MAC address) anyway:

  • the "Wired connection" we ship by default (easy to fix ourselves, but won't apply to users with persistent NM settings)
  • existing connections already stored in persistent NM settings

#5 Updated by intrigeri almost 3 years ago

  • Blocked by Bug #11937: Rebase our NetworkManager package on 1.4.2-2 added

#6 Updated by intrigeri almost 3 years ago

intrigeri wrote:

I'm fixing this in NM's default settings,

It works.

but it may be that some connections will get the default settings (reset to the permanent MAC address) anyway:

  • the "Wired connection" we ship by default (easy to fix ourselves, but won't apply to users with persistent NM settings)

That works too: using the "Wired connection" gives me a spoofed MAC.

  • existing connections already stored in persistent NM settings

This remains to be tested.

#7 Updated by intrigeri almost 3 years ago

  • % Done changed from 10 to 20
  • existing connections already stored in persistent NM settings

This remains to be tested.

Added an automated test for that in 82c40ea.

#8 Updated by intrigeri almost 3 years ago

intrigeri wrote:

  • existing connections already stored in persistent NM settings

This remains to be tested.

Added an automated test for that in 82c40ea.

Note that this is useful for persistent connections added from Tails 3.x, but persistent connections that were added with Tails 2.x must be tested by hand.

#9 Updated by intrigeri almost 3 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 20 to 100

Also available in: Atom PDF