Course: Hacker High School

by Mr. Flower

Room:  /dev/null

Prerequisites:  Curiosity, disrespect for authority, basic terminal fluency.

Warning:  This course may violate district policy, state standards, and the laws of physics.

Course Description

This document was not approved by the school board.  It was not submitted for review, not listed in Google Classroom, and as far as your parents are concerned, doesn't exist.  If you're reading it, you either made a wrong turn in the curriculum database or you know exactly where you're supposed to be.

Hacker High School is a semester-long immersion into subversive computing, inspired by over four decades of 2600: The Hacker Quarterly.  Every lesson is real.  Every exploit has been tested in the field - often by teenagers with too much time and too little supervision.  This is not about theory.  This is about doing.

The syllabus below outlines a full 18-week course blending system intrusion, digital disguise, network manipulation, and physical bypass - taught from behind a desk covered in stickers and caffeine residue.  It is structured, thorough, and deeply unethical in the most ethical way possible.

If anyone asks, we're teaching "digital literacy."

Week 2: MAC Daddy

This week introduces the concept of identity at the hardware level.  If last week was about controlling what you reveal, this week is about controlling who you appear to be - on the network, anyway.  Students will learn how MAC addresses work, how they're used to fingerprint devices, and how to break that chain of trust.

We're not asking permission to be on the network.  We're showing up in disguise.

Themes

Identity vs. identification.

Fingerprinting and tracking.

The futility of hardware-based trust.

Warm-Up

Run ip link in your terminal.  What brand is your network interface broadcasting?  How often do you think it changes?
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether d8:9d:6f:a3:c3:87 brd ff:ff:ff:ff:ff:ff
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
    link/ether d8:9d:6f:a3:c3:86 brd ff:ff:ff:ff:ff:ff
Tool of the Week

macchanger - The classic utility for changing MAC addresses.

Alt:  ip link + ifconfig combo - Because it's good to know what's underneath the wrappers.

Required Reading

DHCP is Your Friend!   - Volume 19, Number 4 (Winter 2002-2003)

Vulnerabilities in Subscription Wireless   - Volume 21, Number 4 (Winter 2004-2005)

MAC Address Changer  - Volume 25, Number 2 (Summer 2008)

Hands-On Objectives

By the end of this week, you will have:

Identified your device's hardware MAC address.

Spoofed it to impersonate another device.

Used your new identity to bypass a basic access.

Prompt for Reflection

If you can change your device's identity at will, what's left of trust on the network?

Assignment

Use macchanger or a manual method to spoof your MAC address.

Connect to a restricted or captive portal network (in a sandboxed lab).

Document how the network treated you differently - or didn't.

Reflect on the ease or difficulty of being someone else, digitally.

Bonus:  Set up a cron job to randomize your MAC address on a regular interval.  Then write a reflection on whether this has improved or hindered your experience online.

Return to $2600 Index