Tracing laptop?
I've been wondering, that if you'd go to a public wlan (or just some random open or maybe even protected wlan) and had your MAC spoofed and wouldn't use cookies or anything that are unique to you, then how could you be traced if you do something that makes someone want to trace you? Like if you would mess someones site (bad example :D) and they'd have some logs of your visit, how could they trace it to you? And don't get me wrong this isn't like "yay i'm gonna go 'n do something stupid because i can't be caught" I was just wondering about this, because I think it would be bigger thing if you really can't be traced o.O So what am I missing here?
Depends… courts can convict with enough circumstantial evidence so if they know you have the knowledge to pull it off, a history of such activities, with a laptop while noone else is around then the court as enough to reasonably conclude that it was you. Case law for "hackers" have been rather one sided so judges don't give much slack.
And why worry about it if you did something incredibly heinous to warrant law enforcement getting involved when you can toss the NIC in the nearest body of water and purchase a new one? New cards are cheap and thus can be disposable as needed.
Went for the prosecution since I wasn't sure if the original post was wanting the purely technical or if there was more to the question.
Tracking the user and figuring out the actual MAC address are 2 different issues, once the admin knows what the MAC address is in use, he can just watch for that. As for tracking, the only thing I can think of is the use of NetStumbler/Kismet but not sure how effective they are. Then, it's a matter of finding a tool to find the legit MAC address, of which there's a few out there but the entire process is rather lengthy just for everyday use.
Part of the answer to your question comes down to what you are hacking. If you are attacking an internal application from the wlan, even with a spoofed MAC and no cookies you are still more vulnerable to tracking. From your example tho, I'd assume you're talking about an external web application.
In the case of the external web application, I'd say in general, you're probably going to be pretty safe doing it that way for a one-shot. The way may get caught is repeatedly using the same access point over and over. By doing such you build a profile that could be detected using correlation software and verbose logging (as well as a trained engineer to do the real work).
Another thing to consider is the wlan you are on. If we're talking a network that's funded (like a corporate network) and has sensitive data, you may also get caught not by the site you are attacking, but the network you've hijacked. It's possible the network could be monitored by an IDS or IPS and your hacking attempt could be detected on-site while it was on-going. This gives the network administrators running the wlan you've connected to increase the verbosity of logging (assuming they want to catch you, rather than boot you) as well as take other steps, like physically trying to find you.