chimpman252
Posts: 6
Joined: Wed Oct 12, 2016 1:34 am

Spoof MAC Address of Edimax WiFi Dongle [PARTIALLY SOLVED]

Tue Jan 02, 2018 1:33 am

EDIT: Solved - see sparkie777's post below
EDIT2: Only sort of solved, since the change of MAC address broke my access point authentication

I have two Edimax EW-7811un wifi dongles connected to my Raspberry Pi 2B on Rasbian Stretch. I want to spoof the MAC address of one of them (wlan1), which is turning out to be more challenging than I expected. This person had basically the same question but the thread didn't offer a definite solution.

One straightforward method that has not worked is the macchanger command. When I run

Code: Select all

sudo macchanger -m XX:XX:XX:XX:XX:XX wlan1
it tells me that

Code: Select all

Network driver didn't actually change to the new MAC!!
I've also tried using ifconfig and ip link commands to change the MAC, but every time I run ifconfig I see my original MAC.

The farthest I've gotten is following this post, which successfully changes my MAC in ifconfig, but it does so for both of my wifi interfaces.

The problem seems to stem from the driver in some way but it's beyond me how to fix it. This is a fairly popular wifi adapter so I'd imagine someone must have figured out a straightforward way to spoof the MAC by now.
Last edited by chimpman252 on Tue Jan 02, 2018 6:05 pm, edited 3 times in total.

User avatar
DougieLawson
Posts: 34141
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: Spoof MAC Address of Edimax WiFi Dongle

Tue Jan 02, 2018 6:31 am

The driver doesn't support that function.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

sparkie777
Posts: 118
Joined: Tue Nov 27, 2012 4:37 am

Re: Spoof MAC Address of Edimax WiFi Dongle

Tue Jan 02, 2018 7:57 am

no worries.
DougieLawson wrote:
Tue Jan 02, 2018 6:31 am
The driver doesn't support that function.
who cares?

to spoof the MAC addresses on my RPi3 (dual WLAN AP) for both the internal and external WLAN adapter I create the following 2 files:

/etc/systemd/network/25-wlan0.link:

Code: Select all

[Match]
MACAddress=60:e3:27:12:34:85

[Link]
Name=wlan0
MACAddress=30:b5:c2:12:34:a0
/etc/systemd/network/25-wlan1.link:

Code: Select all

[Match]
MACAddress=b8:27:eb:12:34:cd

[Link]
Name=wlan1
MACAddress=30:b5:c2:56:78:a0
MACs '60:e3:27:12:34:85' and 'b8:27:eb:12:34:cd' are given by your hardware/firmware. The other items are freely configurable

chimpman252
Posts: 6
Joined: Wed Oct 12, 2016 1:34 am

Re: Spoof MAC Address of Edimax WiFi Dongle

Tue Jan 02, 2018 4:16 pm

sparkie777 wrote:
Tue Jan 02, 2018 7:57 am

/etc/systemd/network/25-wlan1.link:

Code: Select all

[Match]
MACAddress=b8:27:eb:12:34:cd

[Link]
Name=wlan1
MACAddress=30:b5:c2:56:78:a0
Thanks sparkie, that worked! :D ifconfig shows my original MAC address, but iwconfig shows the new one under Access Point. The new MAC also shows up when I use a WiFi analyzer on my phone.

I recall trying to add a link rule previously but the format of what I entered was a bit different from what you suggested.

Thanks again for the simple solution!

sparkie777
Posts: 118
Joined: Tue Nov 27, 2012 4:37 am

Re: Spoof MAC Address of Edimax WiFi Dongle [SOLVED]

Tue Jan 02, 2018 4:44 pm

I had to solve the same problem a few months ago with some of my amd64 based APs (APUs from pc-engines). After reading your question I tried the solution on my RPi APs - and it simply worked. Though there is no initramfs on the RPi. The mechanism to map the MACs seems to be little different here. I don't mind...

cheers :D

chimpman252
Posts: 6
Joined: Wed Oct 12, 2016 1:34 am

Re: Spoof MAC Address of Edimax WiFi Dongle [SOLVED]

Tue Jan 02, 2018 5:53 pm

sparkie777 wrote:
Tue Jan 02, 2018 4:44 pm
I had to solve the same problem a few months ago with some of my amd64 based APs (APUs from pc-engines). After reading your question I tried the solution on my RPi APs - and it simply worked. Though there is no initramfs on the RPi. The mechanism to map the MACs seems to be little different here. Who cares?

cheers :D
I have a new problem - though the new MAC is showing up for my access point, I can no longer connect to it. The devices trying to connect will tell me my password is incorrect. I tried adding bssid=XX:XX:XX:XX:XX:XX with my new MAC to hostapd.conf but that didn't change anything. When I remove the link rule I can connect normally again. Also, if I change hostapd to make the access point have no password I can connect fine, so it's gotta be a conflict between the link rule and hostapd.

EDIT: I found another wifi adapter laying around (Belkin N Wireless) that I plugged in and that one supports MAC address spoofing. I don't need any link rules, I just set my desired bssid in hostapd and it shows up in ifconfig as desired and allows me to connect. However, I really would like to figure out how to emulate this behavior on the Edimax adapter since I bought it for this project.

sparkie777
Posts: 118
Joined: Tue Nov 27, 2012 4:37 am

Re: Spoof MAC Address of Edimax WiFi Dongle [SOLVED]

Tue Jan 02, 2018 8:01 pm

chimpman252 wrote:
Tue Jan 02, 2018 5:53 pm
though the new MAC is showing up for my access point, I can no longer connect to it.
correct. Do you use Android to connect to your AP? You must relearn (forget+enter same passphrase) authentication data after a MAC change. Even if the passphrase did not change. Android somehow gets confused if the MAC changes.

Using a reasonable laptop with Debian Stretch as WLAN client does not show this behavior.

UPDATE:
some more oddities specific to Edimax EW-7811 (I found one around here:-) you can't simply change the MACs on the fly unless you are prepared to expect the unexpected. To stay on the safe side must power cycle the RPI after each MAC change.

chimpman252
Posts: 6
Joined: Wed Oct 12, 2016 1:34 am

Re: Spoof MAC Address of Edimax WiFi Dongle [SOLVED]

Tue Jan 02, 2018 10:47 pm

sparkie777 wrote:
Tue Jan 02, 2018 8:01 pm
Do you use Android to connect to your AP? You must relearn (forget+enter same passphrase) authentication data after a MAC change.
On both my Windows 10 PC and Android phone, after power cycling my pi and forgetting the network I fail authentication when using the Edimax adapter with the .link rule. This is what I have in hostapd.conf:

Code: Select all

interface=wlan1
driver=nl80211
ssid=<my SSID>
bssid=<my spoofed mac>
hw_mode=g
channel=6
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=<my password>
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
The bssid line doesn't seem to have any effect on the Edimax adapter, but it properly spoofs with the Belkin adapter.

sparkie777
Posts: 118
Joined: Tue Nov 27, 2012 4:37 am

Re: Spoof MAC Address of Edimax WiFi Dongle [PARTIALLY SOLVED]

Wed Jan 03, 2018 4:58 am

below my configs that work with Edimax EW-7811un without issues so far (I don't explicitly set bssid):

/etc/network/interfaces:

Code: Select all

auto lo
    iface lo inet loopback

auto br0
    iface br0 inet dhcp
    bridge_ports eth0
/etc/hostapd/hostapd.conf:

Code: Select all

ctrl_interface=/var/run/hostapd
interface=wlan0
bridge=br0
driver=nl80211
ssid=TP-LINK_1234A0

ieee80211n=1 
channel=1
hw_mode=g
ht_capab=[HT40+][HT40-][SHORT-GI-40]

wpa_passphrase=111111111111111111111111111111111111111111111111111111111111111

auth_algs=1
wmm_enabled=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
/etc/systemd/network/25-wlan0.link:

Code: Select all

[Match]
MACAddress=11:11:11:11:11:11

[Link]
Name=wlan0
MACAddress=30:b5:c2:12:34:a0
this configuration fakes a TP-LINK MAC on Edimax.

ifconfig:

Code: Select all

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.100.206  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 30:b5:c2:12:34:a0  txqueuelen 1000  (Ethernet)
        RX packets 7547  bytes 530577 (518.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9636  bytes 2663037 (2.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether b8:11:11:11:11:11  txqueuelen 1000  (Ethernet)
        RX packets 11402  bytes 915805 (894.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13652  bytes 3271729 (3.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1  (Local Loopback)
        RX packets 6  bytes 300 (300.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6  bytes 300 (300.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 30:b5:c2:12:34:a0  txqueuelen 1000  (Ethernet)
        RX packets 4038  bytes 467815 (456.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4472  bytes 571228 (557.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
Generally the AP feature of Edimax EW-7811un appears not to be too stable. Independent of changing MACs or not I occasionally get messages like

Code: Select all

Jan  3 05:36:10 fire-r kernel: [   11.353103] rtl8192cu: Tx queue select: 0x05
Jan  3 05:36:10 fire-r kernel: [   11.369010] rtl_usb: reg 0x80, usbctrl_vendorreq TimeOut! status:0xffffffb9 value=0xa400
Jan  3 05:36:10 fire-r kernel: [   11.385100] rtl_usb: reg 0x80, usbctrl_vendorreq TimeOut! status:0xffffffb9 value=0xa500
Jan  3 05:36:10 fire-r kernel: [   11.400982] rtl_usb: reg 0x80, usbctrl_vendorreq TimeOut! status:0xffffffb9 value=0xa600
Jan  3 05:36:10 fire-r kernel: [   11.416864] rtl_usb: reg 0x80, usbctrl_vendorreq TimeOut! status:0xffffffb9 value=0xa700
Jan  3 05:36:12 fire-r kernel: [   14.066884] rtl_usb:_rtl_tx_complete [rtl_usb]:<100-1> Urb has error status 0xFFFFFFB9
wlan0 does not come up at all after this. after rebooting it mostly works again.

My WLAN dongle recommendation for RPi clearly is: TL-WN722N
Atheros chipsets/ driver support always has been 1st choice for Linux based systems.
Attention: In the meantime there are sold different variants all with the name TL-WN722N. Be careful you get the one with atheros AR9271 / ID 0cf3:9271

MrDontCare
Posts: 2
Joined: Sun May 10, 2015 3:08 pm

Re: Spoof MAC Address of Edimax WiFi Dongle [PARTIALLY SOLVED]

Sat Oct 20, 2018 8:32 pm

Not the same situation, but more like a tip.
Had a similar experience at a hotel I was spending some time in.
But they use something called http://service.thecloud.eu that makes you log in for 24houre before you need to do the same again.
But they lock the mac address to whatever you login with.

So there was no way for me to go to any web site to activate my rpi3 that runs kodi.
So I just took my USB wifi dongle I luckily had with me and plugged it in to my laptop and connected to the hotels wifi and registered it.
Than I just put the same wifi dongle back in to my rpi3 and connects it to the hotels wifi and success.

So now I can use my rpi3 with kodi on the hotels network for the next 24h before I have to do the same again.<

Just move this post to the right place or delete it if it's in the wrong section :)
Hope this help people that stay a lot in Hotels and want to use they're Rpi with kodi.

Return to “Troubleshooting”