Menu
We are using the following code for retrieving active MAC address of a windows pc.
private static string macId()
{
return identifier("Win32_NetworkAdapterConfiguration", "MACAddress", "IPEnabled");
}
private static string identifier(string wmiClass, string wmiProperty, string wmiMustBeTrue)
{
string result = "";
System.Management.ManagementClass mc = new System.Management.ManagementClass(wmiClass);
System.Management.ManagementObjectCollection moc = mc.GetInstances();
foreach (System.Management.ManagementObject mo in moc)
{
if (mo[wmiMustBeTrue].ToString() == "True")
{
//Only get the first one
if (result == "")
{
try
{
result = mo[wmiProperty].ToString();
break;
}
catch
{
}
}
}
}
return result;
}
//Return a hardware identifier
private static string identifier(string wmiClass, string wmiProperty)
{
string result = "";
System.Management.ManagementClass mc = new System.Management.ManagementClass(wmiClass);
System.Management.ManagementObjectCollection moc = mc.GetInstances();
foreach (System.Management.ManagementObject mo in moc)
{
//Only get the first one
if (result == "")
{
try
{
result = mo[wmiProperty].ToString();
break;
}
catch
{
}
}
}
return result;
}
It works fine to retrieve the MAC address. The problem is when the MAC address is spoofed then it returns the spoofed MAC address. We want to somehow retrieve the original MAC address which is unique and assigned at the factory. Is there any way to do so?
854
Unfortunately, MAC address spoofing is hard to detect. Most current spoofing detection systems mainly use the sequence number (SN) tracking technique, which has drawbacks. Firstly, it may lead to an increase in the number of false positives.
Although physical MAC (Media Access Control) addresses are permanent by design, several mechanisms allow modification, or “spoofing”, of the MAC address that is reported by the operating system. This can be useful for privacy reasons, for instance when connecting to a Wi-Fi hotspot, or to ensure interoperability.
How does MAC spoofing work on Windows? To mask a MAC address, you just need to access the network settings on the Windows control panel and define a new identification number in the software. The operating system will now send data packets with the user-defined MAC address in the local network.
Unsourced material may be challenged and removed. MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC) address of a network interface on a networked device. The MAC address that is hard-coded on a network interface controller (NIC) cannot be changed.
I wish to give an alternative. I don't know if it really answer to 'a way to uniquely identify any computer'.
However, this method query the Win32_BIOS class in System.Management and return a string with high chances to be unique. (Waiting to be disavowed!!)
/// <summary>
/// BIOS IDentifier
/// </summary>
/// <returns></returns>
public static string BIOS_ID()
{
return GetFirstIdentifier("Win32_BIOS", "Manufacturer")
+ GetFirstIdentifier("Win32_BIOS", "SMBIOSBIOSVersion")
+ GetFirstIdentifier("Win32_BIOS", "IdentificationCode")
+ GetFirstIdentifier("Win32_BIOS", "SerialNumber")
+ GetFirstIdentifier("Win32_BIOS", "ReleaseDate")
+ GetFirstIdentifier("Win32_BIOS", "Version");
}
/// <summary>
/// ManagementClass used to read the first specific properties
/// </summary>
/// <param name="wmiClass">Object Class to query</param>
/// <param name="wmiProperty">Property to get info</param>
/// <returns></returns>
private static string GetFirstIdentifier(string wmiClass, string wmiProperty)
{
string result = string.Empty;
ManagementClass mc = new System.Management.ManagementClass(wmiClass);
ManagementObjectCollection moc = mc.GetInstances();
foreach (ManagementObject mo in moc)
{
//Only get the first one
if (string.IsNullOrEmpty(result))
{
try
{
if (mo[wmiProperty] != null) result = mo[wmiProperty].ToString();
break;
}
catch
{
}
}
}
return result.Trim();
}
There can be two alternatives.
You can get the MAC address using the code snippet you gave before and check if that MAC address belongs to any NIC (Network Interface Card). If it doesn't belong to one, then the MAC address is obviously spoofed. Here is the code that Locates the NIC using a MAC adress
using System.Net.Sockets;
using System.Net;
using System.Net.NetworkInformation;
string localNicMac = "00:00:00:11:22:33".Replace(":", "-"); // Parse doesn't like colons
var mac = PhysicalAddress.Parse(localNicMac);
var localNic =
NetworkInterface.GetAllNetworkInterfaces()
.Where(nic => nic.GetPhysicalAddress().Equals(mac)) // Must use .Equals, not ==
.SingleOrDefault();
if (localNic == null)
{
throw new ArgumentException("Local NIC with the specified MAC could not be found.");
}
var ips =
localNic.GetIPProperties().UnicastAddresses
.Select(x => x.Address);
Get the network card address directly.
a. NWIF = dotnetClass "System.Net.NetworkInformation.NetworkInterface"
b. the_Mac_array = NWIF.GetAllNetworkInterfaces() -- this is an array of all the Networks
c. the_PhysicalAddress_Array = #()
d. for net in the_Mac_array where (net.NetworkInterfaceType.toString()) == "Ethernet" do append the_PhysicalAddress_Array ((net.GetPhysicalAddress()).toString())
e. print the_PhysicalAddress_Array
(( I found it here http://snipplr.com/view/23006/ ))
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
