HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Rogue access point toolkit : Mana

Status
Not open for further replies.
P

pax01

Leech
User
Joined
Mar 16, 2013
Messages
110
Reputation
0
Reaction score
184
Points
43
Credits
0
‎12 Years of Service‎
37%
wireless-1000x562.jpg


Rogue Access Point Toolkit

It contains:

  • kali/ubuntu-install.sh – simple installers for Kali 1.0.9 and Ubuntu 14.04 (trusty)
  • slides – an explanation of what we’re doing here
  • run-mana – the controller scripts
  • hostapd-manna – modified hostapd that implements our new karma attacks
  • crackapd – a tool for offloading the cracking of EAP creds to an external tool and re-adding them to the hostapd EAP config (auto crack ‘n add)
  • sslstrip-hsts – our modifications to LeonardoNVE’s & moxie’s cool tools
  • apache – the apache vhosts for the noupstream hacks; deploy to /etc/apache2/ and /var/www/ respectivley



Installation

The simplest way to get up and running is it “apt-get install mana-toolkit” on Kali.

To get up and running setup a Kali 1.0.9 box (VM or otherwise), update it, then run kali-install.sh

To get up and running setup a Ubuntu 14.04 box (VM or otherwise), update it, then run ubuntu-install.sh

The ubuntu installer has much more dependency info than the kali one if you’re looking for a template.

Rogue Access Point Evil Rogue Access Point Rogue Access PointPrerequisites

Software

Check the ubuntu installer for more details on software pre-requisites.

Hardware

You’ll need a wifi card that supports master mode. You can check whether it does by running: iw list You want to see “AP” in the output. Something like:

Code: 
>Supported interface modes:
        * IBSS
        * managed
        * AP
        * AP/VLAN
        * monitor
        * mesh point
Running

Mana has several components, these can be started using the example start scripts, or you can use these as templates to mix your own.

Mana will be installed to several directories:

  • The mana tools are installed to /usr/share/mana-toolkit
  • The start scripts are in /usr/share/mana-toolkit/run-mana
  • The captured traffic will be in /var/lib/mana-toolkit



The different start scripts are listed below and must be edited to point to the right wifi device (default is wlan0, this may not be right for your installation):

  • start-nat-full.sh – Will fire up MANA in NAT mode (you’ll need an upstream link) with all the MitM bells and whistles.
  • start-nat-simple.sh – Will fire up MANA in NAT mode, but without any of the firelamb, sslstrip, sslsplit etc.
  • start-noupstream.sh – Will start MANA in a “fake Internet” mode. Useful for places where people leave their wifi on, but there is no upstream Internet. Also contains the captive portal.
  • start-noupstream-eap.sh – Will start MANA with the EAP attack and noupstream mode.


While these should all work, it’s advisable that you craft your own based on your specific needs.

[video=youtube;dFxK5bV-7SA]



Source & Download

[HIDE-THANKS]
This link is hidden for visitors. Please Log in or register now.
[/HIDE-THANKS]

 
Status
Not open for further replies.
Back
Top