Skip to content
Bypass CWRU MAC Whitelisting with default hostname parsing
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
bastille.sh

README.md

Bastille is designed to (very inefficiently) resolve the entire CWRU IP block. Even through multithreaded nameserver queries, this process will take several hours due to rate limiting. By resolving every IP, we are able to find which ones are still logged in the DNS, and therefore have MAC addresses still in the CWRU whitelist. To obtain the MAC addresses, we simply parse the default hostname into its address. Default hostnames are given in the form: tmpMAC, where MAC is a non-delimited hexadecimal string of length 12. Bastille parses these hostnames into their addresses, allowing you to spoof your own address onto the network, by squatting on a MAC address that's on the whitelist.

How do I protect myself?

change your hostname on the CWRU ITS self-service tools, seen here: https://its-serv2.case.edu/NetworkTools/IPDB/hostnameRequestFrame.html

This is a proof-of-concept, and still provides a traceable connection through identification of the physical faceplate interface.

Coverity Scan Build Status
You can’t perform that action at this time.