Macof is a  program designed to break poorly designed Ethernet switches by flooding them with packets with bogus MAC addresses (MAC flooding).

mac of floods the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). A straight C port of the original Perl Net

Macof is a member of the Dsniff suit toolset and mainly used to flood the switch on a local network with MAC addressess . The reason for this is that the switch regulates the flow of data between its ports. It actively monitors (cache)  the MAC address on each port, which helps it pass data only to its intended target. This is the main difference between a switch and passive hub. A passive hub has no mapping, and thus broadcasts line data to every port on the device. The data is typically rejected by all network cards





macof [-s src] [-d dst] [-e tha] [-x sport] [-y dport]  [-i interface] [-n times]


cyborg@cyborg:~$ sudo macof -i eth0
be:0:52:7c:82:c8 23:ee:0:1:b9:1d > S 340023743:340023743(0) win 512
d9:8:3b:3a:5a:bc 96:a7:eb:1:60:5e > S 1655362328:1655362328(0) win 512
da:b6:c8:1b:d2:e a4:6b:5c:39:6c:77 > S 372970006:372970006(0) win 512
6d:9c:20:4c:62:25 c9:87:bb:1a:b2:d7 > S 103471803:103471803(0) win 512
48:7e:86:59:fa:23 e9:e8:8f:5a:50:81 > S 178059333:178059333(0) win 512


Leave a reply


We're are building as a community and a team. Be a part of it.


©2018 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?