Mana vs Airgeddon

Detailed comparison of features, pros, cons, and usage

Mana is a more specialized toolkit focused on creating rogue access points and man-in-the-middle attacks, while airgeddon is a broader, more user-friendly wireless auditing suite with a wider range of attack options, though Mana may offer more depth for certain advanced techniques.

Mana

*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM

1,095

Airgeddon

This is a multi-use bash script for Linux systems to audit wireless networks.

7,072

Mana Pros and Cons

Pros

Comprehensive Wi-Fi attack toolkit: Mana offers a wide range of tools and techniques for Wi-Fi penetration testing and security assessment.
Easy to set up and use: The project provides pre-configured scripts and images, making it accessible for both beginners and experienced security professionals.
Actively maintained: Regular updates and contributions from the community help keep the toolkit current with the latest attack vectors and vulnerabilities.
Customizable: Users can modify and extend the toolkit to suit their specific needs and testing scenarios.

Cons

Potential for misuse: As with any powerful security tool, Mana can be used maliciously if it falls into the wrong hands.
Legal and ethical considerations: Users must ensure they have proper authorization before using Mana on any networks they don't own or manage.
Learning curve: While easier to use than some alternatives, Mana still requires a solid understanding of networking and security concepts to use effectively.
Resource intensive: Some of the more advanced attacks and techniques may require significant computational resources to execute successfully.

Airgeddon Pros and Cons

Pros

Comprehensive Wi-Fi auditing tool: airgeddon offers a wide range of features for wireless network security testing, making it a versatile tool for penetration testers and security researchers.
Active development: The project is regularly updated and maintained, ensuring compatibility with the latest wireless technologies and security standards.
User-friendly interface: Despite its powerful capabilities, airgeddon provides a relatively easy-to-use interface, making it accessible to both beginners and advanced users.
Extensive documentation: The repository includes detailed documentation and a wiki, helping users understand and utilize the tool's features effectively.

Cons

Potential for misuse: As with any powerful security tool, airgeddon could be used maliciously by individuals with harmful intentions.
Limited cross-platform support: The tool is primarily designed for Linux-based systems, which may limit its accessibility for users of other operating systems.
Dependency on external tools: airgeddon relies on various external tools and dependencies, which may complicate the installation process and increase the potential for compatibility issues.
Legal and ethical considerations: Users must be cautious about using the tool in compliance with local laws and regulations, as unauthorized network testing can be illegal in many jurisdictions.

Mana Code Examples

Configuring MANA Access Point

This snippet shows how to configure the MANA access point in the start-nat-simple.sh script:

#!/bin/bash
upstream=eth0
phy=wlan0
conf=/etc/mana-toolkit/hostapd-mana.conf
hostapd=/usr/lib/mana-toolkit/hostapd

service network-manager stop
rfkill unblock wlan

ifconfig $phy up

sed -i "s/^interface=.*$/interface=$phy/" $conf
$hostapd $conf &
sleep 5

Launching MANA with Firelamb

This snippet from the start-nat-full.sh script demonstrates how to start MANA with Firelamb for advanced packet manipulation:

iptables -t nat -A PREROUTING -i $phy -p udp --dport 53 -j DNAT --to 10.0.0.1
iptables -t nat -A PREROUTING -i $phy -p tcp --dport 80 -j DNAT --to 10.0.0.1:80
iptables -t nat -A PREROUTING -i $phy -p tcp --dport 443 -j DNAT --to 10.0.0.1:443
python /usr/share/mana-toolkit/firelamb/firelamb.py -i $phy &
dnsspoof -i $phy -f /etc/mana-toolkit/dnsspoof.conf &

Setting Up MANA NOUPSTREAM Mode

This snippet from start-noupstream.sh shows how to configure MANA in NOUPSTREAM mode:

echo '1' > /proc/sys/net/ipv4/ip_forward
ifconfig $phy 10.0.0.1 netmask 255.255.255.0
route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1

dnsmasq -z -C /etc/mana-toolkit/dnsmasq-dhcpd.conf $phy
dnsspoof -i $phy -f /etc/mana-toolkit/dnsspoof.conf &

Airgeddon Code Examples

Wireless Interface Selection

This snippet demonstrates how the script allows users to select a wireless interface for performing attacks:

function select_interface() {
    debug_print

    if [ ${#wireless_interfaces[@]} -eq 1 ]; then
        interface=${wireless_interfaces[0]}
        echo -e "${green_color}Only one wireless interface detected. Using ${interface}${normal_color}"
        return 0
    fi

    echo -e "${green_color}Select the wireless interface to use:${normal_color}"
    i=0
    for item in "${wireless_interfaces[@]}"; do
        echo -e "${green_color}$i) ${item}${normal_color}"
        i=$((i + 1))
    done
}

Evil Twin Attack Setup

This snippet shows how the script sets up an Evil Twin attack:

function et_setup() {
    debug_print

    if [[ "${current_menu}" != "evil_twin_attacks" ]]; then
        return 1
    fi

    echo
    language_strings "${language}" 91 "title"
    language_strings "${language}" 296 "green"
    echo
    language_strings "${language}" 297 "yellow"
    language_strings "${language}" 298 "yellow"
    echo
}

Handshake Capture

This snippet illustrates the process of capturing a WPA handshake:

function capture_handshake() {
    debug_print

    rm -rf "${tmpdir}handshake"* > /dev/null 2>&1
    recalculate_windows_sizes
    manage_output "+j -bg \"#000000\" -fg \"#FF0000\" -geometry ${g1_topright_window} -T \"Capturing Handshake\"" "airodump-ng -c ${channel} --bssid ${bssid} -w \"${tmpdir}handshake\" ${interface}" "Capturing Handshake" "active"
    if [ "${AIRGEDDON_WINDOWS_HANDLING}" = "xterm" ]; then
        et_xterm_pid=$!
    fi
}

Mana Quick Start

Installation

Clone the repository:

git clone https://github.com/sensepost/mana.git

Change to the mana directory:
```
cd mana
```

Install dependencies:

sudo apt-get update
sudo apt-get install -y hostapd dnsmasq iptables

Run the installation script:
```
sudo ./install.sh
```

Basic Usage

To start a basic MANA attack:

Edit the configuration file:

sudo nano /etc/mana-toolkit/hostapd-mana.conf

Set the desired SSID and channel:

interface=wlan0
ssid=FreeWiFi
channel=6

Start the MANA attack:
```
sudo mana-toolkit-simple-ap
```

This will create a rogue access point with the specified SSID. Clients connecting to this AP will have their traffic intercepted and analyzed.

Advanced Usage

For more advanced features and attack scenarios, refer to the official documentation in the project's wiki.

Airgeddon Quick Start

Installation

Clone the repository:

git clone https://github.com/v1s1t0r1sh3r3/airgeddon.git

Change to the airgeddon directory:
```
cd airgeddon
```
Make the script executable:
```
chmod +x airgeddon.sh
```

Basic Usage

Run the script with root privileges:
```
sudo ./airgeddon.sh
```
Follow the on-screen menu to select your desired attack or tool.

Example: Scanning for Wi-Fi Networks

From the main menu, select option 1 for "Explore for targets".
Choose your wireless interface from the list.
Wait for the scan to complete and view the results.

Requirements

Ensure you have the following dependencies installed:

Bash (>= 4.2)
Wireless tools (iwconfig, ifconfig, etc.)
Aircrack-ng suite
xterm
curl

You can install most of these on Debian-based systems using:

sudo apt-get install aircrack-ng curl xterm

For a complete list of dependencies and compatibility, refer to the official documentation.

Top Related Projects

wifiphisher

14,023

The Rogue Access Point Framework

Pros of Wifiphisher

More focused on social engineering attacks with customizable phishing pages
Easier setup and usage for beginners
Actively maintained with regular updates

Cons of Wifiphisher

Limited to Wi-Fi attacks compared to the broader feature sets of Mana and Airgeddon
Less flexibility in customizing attack scenarios

Code Comparison

Wifiphisher (Python):

def start(self):
    self.template = phishinghttp.TemplateManager(self.target_ap_conn)
    self.template.start()
    self.phishinghttp = phishinghttp.SecureHTTPServer((self.ip, self.port), phishinghttp.HTTPRequestHandler)
    self.phishinghttp.serve_forever()

Airgeddon (Bash):

function set_interface_mode() {
    if [ "${1}" = "monitor" ]; then
        ${airmon} start "${interface}" &> /dev/null
    elif [ "${1}" = "managed" ]; then
        ${airmon} stop "${interface}" &> /dev/null
    fi
}

Mana (C):

int main(int argc, char *argv[]) {
    parse_args(argc, argv);
    setup_sockets();
    start_mana();
    return 0;
}

The code snippets show different implementation approaches: Wifiphisher uses Python for its HTTP server, Airgeddon employs Bash scripting for interface management, and Mana utilizes C for lower-level control. Each tool's code reflects its focus and design philosophy.

WiFi-Pumpkin-deprecated

3,125

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Pros of WiFi-Pumpkin

More comprehensive GUI interface for easier use
Supports a wider range of attack vectors and plugins
Active development with frequent updates

Cons of WiFi-Pumpkin

Steeper learning curve due to more complex features
May require more system resources compared to lighter alternatives
Less focus on specific rogue AP attacks compared to MANA

Code Comparison

MANA (start.sh):

#!/bin/bash
source config.ini
iptables -t nat -A POSTROUTING -o $internet -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

airgeddon (airgeddon.sh):

#!/usr/bin/env bash
set -u
if [ -f "${scriptfolder}${rc_file}" ]; then
    source "${scriptfolder}${rc_file}"
fi

WiFi-Pumpkin (core/widgets/default/plugins/dns_spoof.py):

from core.servers.proxy.package.ProxyMode import ProxyMode
from core.utility.collection import SettingsINI
from plugins.extension.base import BasePumpkin
import core.utility.constants as C

eaphammer

2,337

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

Pros of eaphammer

Focused specifically on EAP-based attacks, providing specialized tools for this attack vector
Includes advanced features like hostile portal attacks and indirect wireless pivots
Actively maintained with regular updates and improvements

Cons of eaphammer

More limited in scope compared to the broader feature sets of mana and airgeddon
Steeper learning curve for users not familiar with EAP-based attacks
Less extensive documentation compared to airgeddon

Code Comparison

eaphammer (Python):

def hostile_portal():
    print("[*] Launching hostile portal attack...")
    # Implementation details

mana (Bash):

start_mana() {
    echo "Starting MANA..."
    # Configuration and startup commands
}

airgeddon (Bash):

function start_attack() {
    echo -e "${yellow_color}Starting attack...${normal_color}"
    # Attack execution logic
}

Summary

While eaphammer excels in EAP-based attacks with specialized features, mana and airgeddon offer broader functionality for wireless network auditing. eaphammer's focused approach may be advantageous for specific scenarios, but it lacks the versatility of the other tools. The code snippets highlight the different languages and approaches used by each project, with eaphammer using Python for more complex operations, while mana and airgeddon rely on Bash scripting for their functionality.

fluxion

5,353

Fluxion is a remake of linset by vk496 with enhanced functionality.

Pros of Fluxion

More focused on Wi-Fi security auditing with a user-friendly interface
Regularly updated with new features and bug fixes
Supports multiple languages for wider accessibility

Cons of Fluxion

Limited to Wi-Fi attacks, less versatile than Mana or Airgeddon
Requires more dependencies and setup compared to simpler tools
May trigger antivirus software due to its nature

Code Comparison

Fluxion (bash):

if [ "$WIFI_MONITOR" != "" ]; then
    xterm $HOLD -title "Deauthenticating all clients on $ESSID" $TOPRIGHT -bg "#000000" -fg "#FF0009" -e aireplay-ng --deauth $DEAUTHTIME -a $BSSID $WIFI_MONITOR &
fi

Airgeddon (bash):

function set_chipset() {
    debug_print

    if [ "${current_iface}" = "" ]; then
        echo_error "${current_iface_not_set}"
        return 1
    fi

Mana (python):

def start_ap(self, ssid, channel, enc, passphrase):
    self.ssid = ssid
    self.channel = channel
    self.enc = enc
    self.passphrase = passphrase
    self.start()

airgeddon

7,072

This is a multi-use bash script for Linux systems to audit wireless networks.

Pros of airgeddon

More comprehensive wireless auditing toolkit with a wider range of attack options
Active development and frequent updates
User-friendly interface with menu-driven options

Cons of airgeddon

Steeper learning curve due to more complex features
May require additional dependencies for full functionality
Less focused on specific attack scenarios compared to mana

Code Comparison

airgeddon:

#!/usr/bin/env bash
...
function initialize_script_settings() {
    debug_mode=0
    language="ENGLISH"
    ...
}

mana:

#!/usr/bin/env python
...
def start_ap():
    os.system("ifconfig %s up" % iface)
    os.system("airbase-ng -e '%s' -c %s %s &" % (essid, channel, iface))
    ...

Both projects use scripting languages (Bash for airgeddon, Python for mana) to automate wireless network operations. airgeddon's code structure appears more modular with defined functions, while mana's code is more straightforward with direct system commands.

airgeddon offers a more extensive set of features for wireless auditing, making it suitable for a wider range of scenarios. However, this comes at the cost of increased complexity. mana, on the other hand, focuses on specific attack vectors, making it easier to use for targeted operations but less versatile overall.

wifite2

7,100

Rewrite of the popular wireless network auditor, "wifite"

Pros of Wifite2

Simpler and more straightforward to use, focusing on automated WiFi auditing
Regularly updated with bug fixes and new features
Supports a wide range of wireless attacks and tools

Cons of Wifite2

Less comprehensive than Mana or Airgeddon for advanced network attacks
Limited customization options compared to the other tools
Primarily focused on WiFi, lacking some broader network manipulation features

Code Comparison

Wifite2 (Python):

def crack_handshake(handshake, wordlist, essid=None, show_command=False):
    # Crack logic here

Airgeddon (Bash):

function set_interface_mode() {
    # Interface mode setting logic
}

Mana (C):

int start_mana(const char *interface, const char *ssid) {
    // Mana startup logic
}

Key Differences

Wifite2 is a Python-based tool focused on automating WiFi auditing tasks. It's user-friendly but less flexible than Airgeddon or Mana. Airgeddon, written in Bash, offers a more comprehensive suite of wireless attack tools with an interactive menu system. Mana, primarily in C, specializes in creating sophisticated rogue access points and man-in-the-middle attacks.

While Wifite2 excels in quick WiFi assessments, Airgeddon provides a broader range of network attack options, and Mana offers advanced capabilities for creating deceptive network environments. The choice between these tools depends on the specific requirements of the network security assessment or penetration testing scenario.