Txhua leej txhua tus paub tias cov XNUMX bytes no, feem ntau tshwm sim hauv hexadecimal hom, raug xa mus rau daim npav network ntawm lub Hoobkas, thiab zoo li qhov tsis sib xws. Qee tus neeg paub tias thawj peb bytes ntawm qhov chaw nyob yog tus neeg tsim khoom ID, thiab qhov seem peb bytes raug muab rau lawv. Nws tseem paub tias koj tuaj yeem tsim koj tus kheej arbitrary chaw nyob. Ntau tus neeg tau hnov txog "qhov chaw nyob tsis sib xws" hauv Wi-Fi.
Cia peb kawm seb nws yog dab tsi.
MAC chaw nyob (chaw nyob tswj hwm xov xwm) yog tus cim tshwj xeeb uas tau muab rau lub network adapter, siv nyob rau hauv tes hauj lwm ntawm IEEE 802 tus qauv, feem ntau Ethernet, Wi-Fi thiab Bluetooth. Raws li nws yog hu ua "EUI-48 hom cim". Los ntawm lub npe nws pom tseeb tias qhov chaw nyob yog 48 ntsis ntev, piv txwv li. 6 bytes. Tsis muaj tus qauv lees paub feem ntau rau kev sau qhov chaw nyob (tsis yog qhov chaw nyob IPv4, qhov twg octets ib txwm sib cais los ntawm cov dots). 00, txawm tias qee cov khoom lag luam nyiam cov ntawv sau 11 -AB-CD-EF-22-00 thiab txawm tias 11ab.cdef.22.
Keeb kwm, chaw nyob tau flashed rau hauv ROM ntawm lub network card chipset tsis muaj peev xwm hloov kho lawv yam tsis muaj flash programmer, tab sis tam sim no qhov chaw nyob tuaj yeem hloov pauv los ntawm lub operating system. Koj tuaj yeem teeb tsa MAC chaw nyob ntawm daim npav network hauv Linux thiab MacOS (ib txwm), Windows (yuav luag ib txwm, yog tus tsav tsheb tso cai), Android (tsuas yog hauv paus); Nrog iOS (tsis muaj hauv paus) xws li ib tug ua kom yuam kev yog tsis yooj yim sua.
Chaw nyob qauv
Qhov chaw nyob muaj ib feem ntawm cov chaw tsim khoom tus cim, OUI, thiab tus cim uas tau muab los ntawm cov chaw tsim khoom. Kev ua haujlwm ntawm OUI (Organizationally Unique Identifier) tus cim IEEE lub koom haum. Qhov tseeb, nws qhov ntev tuaj yeem tsis tsuas yog 3 bytes (24 khoom), tab sis 28 lossis 36 khoom, los ntawm cov blocks (MAC Chaw Nyob Block, MA) ntawm qhov chaw nyob ntawm hom Loj (MA-L), Nruab Nrab (MA-M) thiab Me me yog tsim (MA-S) raws. Qhov luaj li cas ntawm cov ntawv thaiv, qhov no, yuav yog 24, 20, 12 khoom lossis 16 lab, 1 lab, 4 txhiab chaw nyob. Tam sim no muaj txog 38 txhiab blocks faib, lawv tuaj yeem saib tau siv ntau cov cuab yeej online, piv txwv li los yog .
Leej twg yog tus tswv ntawm qhov chaw nyob?
Kev ua tau yooj yim ntawm pej xeem muaj IEEE muab cov ntaub ntawv ntau heev. Piv txwv li, qee lub koom haum tau siv ntau OUI thaiv rau lawv tus kheej. Nov yog peb tus phab ej:
Tus neeg muag khoom
Number of blocks/cov ntaub ntawv
Tus naj npawb ntawm chaw nyob, lab
Cisco Systems Inc
888
14208
Kua
772
12352
Samsung
636
10144
Huawei Technologies Co., Ltd
606
9696
Intel Corporation
375
5776
ARRIS Group Inc.
319
5104
Nokia Corporation
241
3856
private
232
2704
Texas seev
212
3392
zte koom
198
3168
IEEE Registration Authority
194
3072
Hewlett Packard
149
2384
Hon Hai Precision
136
2176
TP LINK
134
2144
Dell Inc.
123
1968
Juniper tes hauj lwm
110
1760
Sagemcom Broadband SAS
97
1552
Fiberhome Telecommunication Technologies Co., Ltd. LTD
97
1552
Xiaomi Communications Co., Ltd
88
1408
Guangdong Oppo Mobile Telecommunications Corp. Ltd
82
1312
Google tsuas muaj 40 ntawm lawv, thiab qhov no tsis yog qhov xav tsis thoob: lawv tus kheej tsis tsim ntau yam khoom siv hauv network.
MA blocks tsis tau muab pub dawb, lawv tuaj yeem muas tau rau tus nqi tsim nyog (tsis muaj tus nqi xaj) rau $ 3000, $ 1800 lossis $ 755, raws li. Interestingly, rau cov nyiaj ntxiv (ib xyoos) koj tuaj yeem yuav "zais" ntawm cov ntaub ntawv pej xeem txog kev faib thaiv. Tam sim no muaj 232 ntawm lawv, raws li tau pom saum toj no.
Thaum twg peb yuav khiav tawm ntawm MAC chaw nyob?
Peb txhua tus nkees nkees ntawm cov dab neeg uas tau mus rau 10 xyoo uas "IPv4 chaw nyob tab tom yuav ploj mus." Yog lawm, IPv4 blocks tshiab tsis yooj yim kom tau txais. Nws paub tias IP chaw nyob ; Muaj cov blocks loj heev thiab siv tsis tau los ntawm cov tuam txhab loj thiab tsoomfwv Meskas cov koom haum, txawm li cas los xij, muaj kev cia siab me ntsis ntawm kev faib tawm rau cov neeg xav tau. Kev loj hlob ntawm NAT, CG-NAT thiab IPv6 tau ua rau muaj teeb meem tsis txaus ntawm cov chaw nyob hauv pej xeem tsis tshua muaj mob.
Ib qhov chaw nyob MAC muaj 48 khoom, ntawm 46 tuaj yeem suav tias yog "pab tau" (vim li cas? nyeem rau), uas muab 246 lossis 1014 chaw nyob, uas yog 214 npaug ntau dua li qhov chaw nyob IPv4.
Tam sim no, kwv yees li ib nrab ntawm trillion chaw nyob tau muab faib, lossis tsuas yog 0.73% ntawm tag nrho cov ntim. Peb tseem nyob deb heev los ntawm kev khiav tawm ntawm MAC chaw nyob.
Randomness khoom
Nws tuaj yeem xav tias OUIs raug faib ua ntu zus, thiab tus neeg muag khoom tom qab ntawd kuj muab qhov chaw nyob rau ib tus neeg siv khoom siv network. Puas yog li ntawd? Cia peb saib ntawm kev faib cov khoom hauv cov ntaub ntawv ntawm MAC chaw nyob ntawm 802.11 cov khoom siv ntawm kuv qhov chaw pov tseg, sau los ntawm kev tso cai ua haujlwm hauv wireless networks . Cov chaw nyob yog cov khoom siv tiag tiag uas txuas nrog Wi-Fi ntau xyoo hauv peb lub tebchaws. Tsis tas li ntawd, muaj cov ntaub ntawv me me ntawm 802.3 wired LAN li.
Cia peb rhuav tshem txhua qhov chaw nyob MAC (rau bytes) ntawm txhua qhov qauv rau hauv cov khoom, byte los ntawm byte, thiab saib qhov zaus ntawm qhov tshwm sim ntawm "1" ntsis hauv txhua qhov ntawm 48 txoj haujlwm. Yog tias qhov me me tau teeb tsa hauv qhov tsis txaus ntseeg, ces qhov tshwm sim tau txais "1" yuav tsum yog 50%.
Kev xaiv Wi-Fi No.1 (RF)
Wi-Fi qauv No. 2 (Belarus)
Kev xaiv Wi-Fi No. 3 (Uzbekistan)
LAN Sampling (RF)
Tus naj npawb ntawm cov ntaub ntawv nyob rau hauv lub database
5929000
1274000
366000
1000
Tus naj npawb:
% ntsis "1"
% ntsis "1"
% ntsis "1"
% ntsis "1"
1
48.6%
49.2%
50.7%
28.7%
2
44.8%
49.1%
47.7%
30.7%
3
46.7%
48.3%
46.8%
35.8%
4
48.0%
48.6%
49.8%
37.1%
5
45.7%
46.9%
47.0%
32.3%
6
46.6%
46.7%
47.8%
27.1%
7
0.3%
0.3%
0.2%
0.7%
8
0.0%
0.0%
0.0%
0.0%
9
48.1%
50.6%
49.4%
38.1%
10
49.1%
50.2%
47.4%
42.7%
11
50.8%
50.0%
50.6%
42.9%
12
49.0%
48.4%
48.2%
53.7%
13
47.6%
47.0%
46.3%
48.5%
14
47.5%
47.4%
51.7%
46.8%
15
48.3%
47.5%
48.7%
46.1%
16
50.6%
50.4%
51.2%
45.3%
17
49.4%
50.4%
54.3%
38.2%
18
49.8%
50.5%
51.5%
51.9%
19
51.6%
53.3%
53.9%
42.6%
20
46.6%
46.1%
45.5%
48.4%
21
51.7%
52.9%
47.7%
48.9%
22
49.2%
49.6%
41.6%
49.8%
23
51.2%
50.9%
47.0%
41.9%
24
49.5%
50.2%
50.1%
47.5%
25
47.1%
47.3%
47.7%
44.2%
26
48.6%
48.6%
49.2%
43.9%
27
49.8%
49.0%
49.7%
48.9%
28
49.3%
49.3%
49.7%
55.1%
29
49.5%
49.4%
49.8%
49.8%
30
49.8%
49.8%
49.7%
52.1%
31
49.5%
49.7%
49.6%
46.6%
32
49.4%
49.7%
49.5%
47.5%
33
49.4%
49.8%
49.7%
48.3%
34
49.7%
50.0%
49.6%
44.9%
35
49.9%
50.0%
50.0%
50.6%
36
49.9%
49.9%
49.8%
49.1%
37
49.8%
50.0%
49.9%
51.4%
38
50.0%
50.0%
49.8%
51.8%
39
49.9%
50.0%
49.9%
55.7%
40
50.0%
50.0%
50.0%
49.5%
41
49.9%
50.0%
49.9%
52.2%
42
50.0%
50.0%
50.0%
53.9%
43
50.1%
50.0%
50.3%
56.1%
44
50.1%
50.0%
50.1%
45.8%
45
50.0%
50.0%
50.1%
50.1%
46
50.0%
50.0%
50.1%
49.5%
47
49.2%
49.4%
49.7%
45.2%
48
49.9%
50.1%
50.7%
54.6%
Vim li cas qhov kev tsis ncaj ncees hauv 7 thiab 8 ntsis? Yuav luag ib txwm xoom.
Tseeb tiag, tus qauv txhais cov khoom no tshwj xeeb ():
Qhov thib yim (los ntawm qhov pib) me ntsis ntawm thawj byte ntawm MAC chaw nyob yog hu ua Unicast/Multicast ntsis thiab txiav txim siab seb hom thav duab (thav duab) kis tau nrog qhov chaw nyob no, tsis tu ncua (0) lossis tshaj tawm (1) (multicast lossis tshaj tawm). Rau ib txwm, unicast network adapter kev sib txuas lus, qhov me me no tau teem rau "0" hauv txhua pob ntawv xa mus rau nws.
Qhov thib xya (los ntawm qhov pib) me ntsis ntawm thawj byte ntawm MAC chaw nyob yog hu ua U / L (Universal / Local) me ntsis thiab txiav txim siab seb qhov chaw nyob yog qhov tshwj xeeb hauv ntiaj teb (0), lossis hauv zos tshwj xeeb (1). Los ntawm lub neej ntawd, txhua qhov chaw nyob "chaw tsim khoom-stitched" yog qhov tshwj xeeb hauv ntiaj teb, yog li feem ntau ntawm cov chaw nyob MAC sau muaj qhov thib xya me ntsis rau "0". Nyob rau hauv lub rooj ntawm kev muab OUI cov cim qhia, tsuas yog kwv yees li 130 qhov nkag muaj U / L me ntsis ntawm "1", thiab pom tau tias cov no yog cov blocks ntawm MAC chaw nyob rau cov kev xav tau tshwj xeeb.
Los ntawm qhov thib rau mus rau thawj cov khoom ntawm thawj byte, cov khoom ntawm qhov thib ob thiab thib peb bytes hauv OUI cov cim, thiab ntau dua yog li cov khoom hauv 4-6 bytes ntawm qhov chaw nyob muab los ntawm cov chaw tsim khoom raug faib ntau dua lossis tsawg dua sib npaug. .
Yog li, nyob rau hauv MAC chaw nyob tiag tiag ntawm lub network adapter, cov khoom siv tau sib npaug thiab tsis muaj lub ntsiab lus thev naus laus zis, tshwj tsis yog ob qhov kev pabcuam ntawm cov byte siab.
Prevalence
Xav paub seb cov khoom siv wireless twg yog cov neeg nyiam tshaj plaws? Cia peb muab cov kev tshawb fawb hauv OUI database nrog cov ntaub ntawv los ntawm cov qauv No 1.
Tus neeg muag khoom
Qhia tawm ntawm cov khoom siv, %
Kua
26,09
Samsung
19,79
Huawei Technologies Co., Ltd. Ltd
7,80
Xiaomi Communications Co., Ltd
6,83
Sony Mobile Communications Inc
3,29
LG Electronics (Mobile Communications)
2,76
ASUSTek COMPUTER INC.
2,58
TCT Mobile Co., Ltd
2,13
zte koom
2,00
tsis pom hauv IEEE database
1,92
Lenovo Mobile Communication Technology Ltd.
1,71
HTC Corporation
1,68
Kev tsim khoom ntawm Murata
1,31
InPro Comm
1,26
Microsoft Corporation
1,11
Shenzhen TINNO Txawb Technology Corp.
1,02
Motorola (Wuhan) Mobility Technologies Kev Sib Txuas Lus Co. Ltd.
0,93
Nokia Corporation
0,88
Shanghai Cua Technologies Co., Ltd. Ltd
0,74
Lenovo Mobile Communication (Wuhan) Co., Ltd
0,71
Kev xyaum qhia tau hais tias qhov kev vam meej ntau dua ntawm cov neeg siv wireless network hauv ib qho chaw, qhov ntau dua ntawm Apple li.
Uniqueness
Puas yog MAC chaw nyob tshwj xeeb? Hauv txoj kev xav, yog, txij li txhua lub chaw tsim khoom siv (MA tus tswv thaiv) yuav tsum muab qhov chaw nyob tshwj xeeb rau txhua lub network adapters nws tsim. Txawm li cas los xij, qee qhov chip manufacturers, uas yog:
- 00:0A: F5 Airgo Networks, Inc. (tam sim no Qualcomm)
- 00:08:22 InPro Comm (tam sim no MediaTek)
teeb tsa peb bytes kawg ntawm MAC chaw nyob rau tus lej random, pom meej tom qab txhua lub cuab yeej reboot. Muaj 1 txhiab qhov chaw nyob hauv kuv tus qauv 82.
Koj tuaj yeem, tau kawg, teeb tsa koj tus kheej ib qho chaw nyob txawv teb chaws, tsis yog qhov tshwj xeeb los ntawm lub hom phiaj teeb tsa nws "zoo li koj tus neeg nyob ze", txheeb xyuas nws nrog tus sniffer, lossis xaiv nws ntawm random. Nws kuj tseem tuaj yeem ua teeb meem rau koj tus kheej qhov chaw nyob tsis muaj qhov tshwj xeeb los ntawm, piv txwv li, rov kho qhov kev teeb tsa thaub qab ntawm lub router zoo li Mikrotik lossis OpenWrt.
Yuav ua li cas yog tias muaj ob lub khoom siv hauv lub network nrog tib qhov chaw nyob MAC? Nws tag nrho yog nyob ntawm lub logic ntawm cov khoom siv network (wired router, wireless network controller). Feem ntau yuav, ob qho khoom siv yuav tsis ua haujlwm lossis yuav ua haujlwm tsis tu ncua. Los ntawm qhov pom ntawm IEEE cov qauv, kev tiv thaiv tiv thaiv MAC chaw nyob spoofing yog xav kom daws tau siv, piv txwv li, MACsec lossis 802.1X.
Yuav ua li cas yog tias koj nruab ib lub MAC nrog lub xya los yog yim me ntsis teem rau "1", i.e. chaw nyob los yog multicast? Feem ntau yuav, koj lub network yuav tsis xyuam xim rau qhov no, tab sis ua raws li qhov chaw nyob yuav tsis ua raws li tus qauv, thiab nws yog qhov zoo dua tsis ua li ntawd.
Yuav ua li cas randomization ua haujlwm
Peb paub tias txhawm rau tiv thaiv kev taug qab ntawm tib neeg txoj kev txav los ntawm kev tshuaj xyuas thiab sau cov huab cua, lub xov tooj smartphone MAC kev khiav hauj lwm tau siv tshuab randomization ntau xyoo. Raws li txoj cai, thaum luam theej cov huab cua hauv kev tshawb nrhiav cov xov tooj uas paub, lub xov tooj smartphone xa cov pob ntawv (pab pawg) ntawm 802.11 sojntsuam thov hom nrog MAC chaw nyob raws li qhov chaw:
Enabled randomization tso cai rau koj los qhia meej tsis yog "stitched" ib qho, tab sis qee qhov chaw nyob ntawm pob ntawv, hloov nrog txhua lub voj voog scanning, dhau sijhawm, lossis lwm txoj hauv kev. Nws puas ua haujlwm? Cia peb saib cov txheeb cais ntawm MAC chaw nyob sau los ntawm huab cua los ntawm lub npe hu ua "Wi-Fi Radar":
Tag nrho cov qauv
Qauv tsuas yog nrog xoom 7th ntsis
Tus naj npawb ntawm cov ntaub ntawv nyob rau hauv lub database
3920000
305000
Tus naj npawb:
% ntsis "1"
% ntsis "1"
1
66.1%
43.3%
2
66.5%
43.4%
3
31.7%
43.8%
4
66.6%
46.4%
5
66.7%
45.7%
6
31.9%
46.4%
7
92.2%
0.0%
8
0.0%
0.0%
9
67.2%
47.5%
10
32.3%
45.6%
11
66.9%
45.3%
12
32.3%
46.8%
13
32.6%
50.1%
14
33.0%
56.1%
15
32.5%
45.0%
16
67.2%
48.3%
17
33.2%
56.9%
18
33.3%
56.8%
19
33.3%
56.3%
20
66.8%
43.2%
21
67.0%
46.4%
22
32.6%
50.1%
23
32.9%
51.2%
24
67.6%
52.2%
25
49.8%
47.8%
26
50.0%
50.0%
27
50.0%
50.2%
28
50.0%
49.8%
29
50.0%
49.4%
30
50.0%
50.0%
31
50.0%
49.7%
32
50.0%
49.9%
33
50.0%
49.7%
34
50.0%
49.6%
35
50.0%
50.1%
36
50.0%
49.5%
37
50.0%
49.9%
38
50.0%
49.8%
39
50.0%
49.9%
40
50.0%
50.1%
41
50.0%
50.2%
42
50.0%
50.2%
43
50.0%
50.1%
44
50.0%
50.1%
45
50.0%
50.0%
46
50.0%
49.8%
47
50.0%
49.8%
48
50.1%
50.9%
Daim duab txawv kiag li.
Lub 8 ntsis ntawm thawj byte ntawm MAC chaw nyob tseem sib xws rau Unicast xwm ntawm SRC chaw nyob hauv pob ntawv thov kev sojntsuam.
Qhov thib 7 ntsis yog teem rau Local hauv 92.2% ntawm cov neeg mob, piv txwv li. Nrog rau kev ntseeg siab ntawm kev ncaj ncees, peb tuaj yeem xav tias muaj ntau qhov chaw nyob uas tau sau tseg, thiab tsawg dua 8% yog qhov tiag. Nyob rau hauv rooj plaub no, kev faib cov khoom hauv OUI rau qhov chaw nyob tiag tiag kwv yees li coincides nrog cov ntaub ntawv hauv cov lus dhau los.
Lub chaw tsim khoom twg, raws li OUI, muaj qhov chaw nyob randomized (piv txwv li nrog 7th me ntsis hauv "1")?
Chaw tsim tshuaj paus los ntawm OUI
Qhia rau txhua qhov chaw nyob
tsis pom hauv IEEE database
62.45%
Google Inc.
37.54%
so
0.01%
Ntxiv mus, txhua qhov chaw nyob randomized muab rau Google koom nrog tib OUI nrog cov npe ua ntej DA: A1:19. Qhov no prefix yog dab tsi? Cia peb saib hauv .
private static final MacAddress BASE_GOOGLE_MAC = MacAddress.fromString("da:a1:19:0:0:0");Tshuag Android siv qhov tshwj xeeb, sau npe OUI thaum tshawb nrhiav cov tes hauj lwm wireless, ib qho ntawm ob peb nrog lub xya me ntsis teeb.
Xam MAC tiag los ntawm ib qho random
Wb pom muaj:
private static final long VALID_LONG_MASK = (1L << 48) - 1;
private static final long LOCALLY_ASSIGNED_MASK = MacAddress.fromString("2:0:0:0:0:0").mAddr;
private static final long MULTICAST_MASK = MacAddress.fromString("1:0:0:0:0:0").mAddr;
public static @NonNull MacAddress createRandomUnicastAddress(MacAddress base, Random r) {
long addr;
if (base == null) {
addr = r.nextLong() & VALID_LONG_MASK;
} else {
addr = (base.mAddr & OUI_MASK) | (NIC_MASK & r.nextLong());
}
addr |= LOCALLY_ASSIGNED_MASK;
addr &= ~MULTICAST_MASK;
MacAddress mac = new MacAddress(addr);
if (mac.equals(DEFAULT_MAC_ADDRESS)) {
return createRandomUnicastAddress(base, r);
}
return mac;
}
Tag nrho qhov chaw nyob, lossis nws qis dua peb bytes, yog dawb huv Random.nextLong(). "Txoj kev rov qab los ntawm MAC tiag" yog kev dag ntxias. Nrog rau qib siab ntawm kev ntseeg siab, peb tuaj yeem cia siab tias Android xov tooj manufacturers siv lwm yam, tsis tau sau npe OUIs. Peb tsis muaj qhov chaws iOS no, tab sis feem ntau yuav siv cov algorithm zoo sib xws.
Cov saum toj no tsis tso tseg txoj haujlwm ntawm lwm cov txheej txheem rau de-anonymizing Wi-Fi subscribers, raws li kev soj ntsuam ntawm lwm qhov chaw ntawm kev sojntsuam thov thav duab, lossis kev sib raug zoo ntawm cov txheeb ze zaus ntawm kev thov xa los ntawm lub cuab yeej. Txawm li cas los xij, kev ntseeg siab taug qab tus neeg siv khoom siv sab nraud yog qhov teeb meem heev. Cov ntaub ntawv khaws tseg yuav tsim nyog rau kev txheeb xyuas qhov nruab nrab / siab tshaj qhov load los ntawm qhov chaw thiab lub sijhawm, raws li tus lej loj, tsis hais txog cov khoom siv tshwj xeeb thiab tib neeg. Tsuas yog cov "sab hauv", cov tuam txhab OS mobile lawv tus kheej, thiab cov ntawv thov tau teeb tsa muaj cov ntaub ntawv raug.
Dab tsi tuaj yeem txaus ntshai txog lwm tus paub koj lub cuab yeej MAC chaw nyob? Kev tsis lees paub ntawm kev pabcuam kev tawm tsam tuaj yeem tsim tawm rau cov xov tooj cua thiab wireless. Rau cov khoom siv wireless, ntxiv rau, nrog qee qhov tshwm sim nws muaj peev xwm sau lub sijhawm ntawm nws cov tsos hauv qhov chaw uas lub sensor tau teeb tsa. Los ntawm spoofing qhov chaw nyob, koj tuaj yeem sim "ua txuj" ua koj lub cuab yeej, uas tuaj yeem ua haujlwm tsuas yog tsis muaj kev ntsuas kev nyab xeeb ntxiv (kev tso cai thiab / lossis kev nkag mus). 99.9% ntawm cov neeg ntawm no tsis muaj dab tsi txhawj txog.
Qhov chaw nyob MAC yog qhov nyuaj tshaj li qhov nws zoo li, tab sis yooj yim dua li nws tuaj yeem ua.
Tau qhov twg los: www.hab.com