View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0006537Kali LinuxQueued Tool Additionpublic2020-06-30 16:422020-11-11 23:49
ReporterMister_X Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Version2020.4 
Summary0006537: hostapd-mana
Description

  • [Name] - Hostapd-mana

  • [Version] - Latest, likely git master, latest version is 1.5 years old

  • [Homepage] - Where can the tool be found online? Where to go to get more information?

  • [Download] - https://github.com/sensepost/hostapd-mana

  • [Author] - Sensepost

  • [Licence] - BSD license for the most part. It uses hostapd, which is BSD as well

  • [Description] -
    hostapd-mana is a featureful rogue wifi access point tool. It can be used for a myriad of purposes from tracking and deanonymising devices (aka Snoopy), gathering corporate credentials from devices attempting EAP (aka WPE) or attracting as many devices as possible to connect to perform MitM attacks.

  • [Dependencies] - build-essential pkg-config git libnl-genl-3-dev libssl-dev

  • [Similar tools] - hostapd-wpe, freeradius-wpe

  • [How to install] -
    git clone https://github.com/sensepost/hostapd-mana
    cd hostapd-mana
    make -C hostapd

  • [How to use] - Here is one example, from https://github.com/sensepost/hostapd-mana/wiki/Creating-PSK-or-EAP-Networks

Use the following configuration to create a WPA AP that exports handshakes to /tmp/hostapd.hccapx:

interface=wlan0
ssid=PSKNet
channel=6
hw_mode=g
wpa=3
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
wpa_passphrase=ASecurePassword
auth_algs=3
mana_wpaout=/tmp/hostapd.hccapx

From there, run hostapd-mana followed by the path of this configuration file. Now connect a client to it (passphrase in the hostapd configuration doesn't matter). It will then export handshakes to /tmp/hostapd.hccapx which can then be cracked with hashcat.

Additional Information

While the mana toolkit has been deprecated, hostapd-mana is still being developed, along with berate_ap, which will be in another ticket

After compiling, the hostapd binaries should be changed to hostapd-mana (same goes for the cli tool, hostapd-mana_cli). I would also rename the default socket to which hostapd-mana_cli connects to in the code, and likely in the config file as well. Certificates should be generated too: https://github.com/sensepost/hostapd-mana/wiki/Creating-PSK-or-EAP-Networks

Documentation can be found at https://github.com/sensepost/hostapd-mana/wiki/

Activities

g0tmi1k

g0tmi1k

2020-09-01 21:35

administrator   ~0013360

@kali-team, please could this be packaged up.
sbrun

sbrun

2020-09-10 07:58

manager   ~0013410

hostapd-mana version 2.6.5+git20200121-0kali2 is available for test in kali-rolling.
There are 2 binaries: hostapd-mana and hostapd-mana_cli
Config files are in /etc/hostapd-mana. I kept the upstream hostapd-mana.eap_user.
Certs are generated in /etc/hostapd-mana/certs/

Issue History

Date Modified Username Field Change
2020-06-30 16:42 Mister_X New Issue
2020-09-01 21:35 g0tmi1k Note Added: 0013360
2020-09-01 21:35 g0tmi1k Status new => acknowledged
2020-09-01 21:35 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-09-01 21:35 g0tmi1k Product Version 2020.2 =>
2020-09-10 07:46 sbrun Assigned To => sbrun
2020-09-10 07:46 sbrun Status acknowledged => assigned
2020-09-10 07:58 sbrun Note Added: 0013410
2020-09-23 14:53 sbrun Status assigned => resolved
2020-09-23 14:53 sbrun Resolution open => fixed
2020-11-11 23:49 g0tmi1k Fixed in Version => 2020.4