| blog | tools | publications | media |
subscribe to site updates: rss feed
contact Wesley McGrew: | email - wesley@mcgrewsecurity.com | gpg key | aim - wesleymcgrew | twitter - mcgrewsecurity |
Travesty
Introduction
Travesty is an interactive program for managing the hardware addresses (MAC) of Ethernet devices on your computer. It supports manually changing the MAC, generating random addresses, and applying different vendor prefixes to the current address. It also allows the user to import their own lists of hardware addresses and descriptions that can be navigated from within the Travesty interface. Travesty is written in Python, and is very simple to add functionality to, or modify.
Travesty was developed to scratch an itch for penetration testers who wish to make modifications to the network settings interactively when starting up the machine they wish to test/attack from. Placed in the startup scripts before rc.network (or equivalent), Travesty allows for the hardware address to be changed easily to appear as any specific brand of card, or even, in a limited way, spoof the hardware and IP addresses of a system that is currently down on a dhcp network.
Travesty uses the 'manuf' list of vendor prefixes from the Ethereal project.
Things that are made easier with Travesty:
A degree of anonymity on larger networks by presenting a false MAC
Impersonating other computers by taking on their MAC
Not sticking out like a sore thumb on a homogeneous network of a specific vendor's Ethernet cards by applying a similar prefix
Setting up quick replacements for servers on a network that expects the downed server at a particular MAC and IP.
Managing different profiles of network settings by custom scripts using the add-on interface
Requirements
Any variety of Linux, or other operating systems that use ifconfig for network configuration. Only a couple of functions would need to be ported for other operating systems that have different methods of getting and setting hardware addresses. (Developed and tested on Arch Linux)
Python (Developed and tested on Python 2.4)
Root privileges on your system
Download
Current Release: travesty-1.0.tar.gz
CHANGELOG
01/31/05 - Version 1.0, initial public release
Add ons
I will place add on scripts for Travesty here as they are developed or sent to me. Developing add ons is very simple, and an example can be seen in the helloworld.py file in the Travesty distribution.