Convert Figma logo to code with AI

sensepost logomana

*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM

1,086
275
1,086
49
View on GitHub

Top Related Projects

bettercap's avatar

bettercap

16,239

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

wifiphisher's avatar

wifiphisher

13,190

The Rogue Access Point Framework

FluxionNetwork's avatar

fluxion

4,960

Fluxion is a remake of linset by vk496 with enhanced functionality.

v1s1t0r1sh3r3's avatar

airgeddon

6,450

This is a multi-use bash script for Linux systems to audit wireless networks.

P0cL4bs's avatar

WiFi-Pumpkin-deprecated

3,086

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

s0lst1c3's avatar

eaphammer

2,126

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

Quick Overview

Mana is a toolkit for WiFi rogue Access Point (AP) attacks and MitM (Man-in-the-Middle) attacks. It provides a set of tools and scripts to create fake WiFi networks, capture user credentials, and perform various network-based attacks. Mana is designed for penetration testing and security research purposes.

Pros

  • Comprehensive toolkit for WiFi-based attacks and penetration testing
  • Easy to set up and use with pre-configured scripts
  • Supports various attack scenarios and techniques
  • Actively maintained and updated by the security community

Cons

  • Can be used maliciously if not handled responsibly
  • Requires advanced networking knowledge to use effectively
  • May not work with all WiFi hardware configurations
  • Legal and ethical considerations must be taken into account before use

Getting Started

To get started with Mana, follow these steps:

  1. Clone the repository:

    git clone https://github.com/sensepost/mana.git

  2. Install dependencies:

    cd mana
./install.sh

  3. Configure your WiFi adapter:

    ifconfig wlan0 up

  4. Start a basic rogue AP attack:

    ./start-noupstream.sh

Note: Always ensure you have proper authorization and are complying with local laws and regulations before using Mana or any similar tools.

Competitor Comparisons

bettercap logo

bettercap

16,239

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Pros of Bettercap

  • More actively maintained with frequent updates
  • Broader feature set for network attacks and monitoring
  • Cross-platform support (Linux, macOS, Windows)

Cons of Bettercap

  • Steeper learning curve due to more complex functionality
  • Requires more system resources for advanced features

Code Comparison

Mana (Python):

def start_ap():
    os.system("hostapd /etc/mana-toolkit/hostapd-mana.conf")

Bettercap (Go):

func startAP(s *session.Session) error {
    return s.StartWiFiAP("wlan0", "MyAP", "password", 6)
}

Key Differences

  • Mana focuses specifically on rogue access point attacks, while Bettercap offers a wider range of network security tools
  • Mana is primarily designed for Kali Linux, whereas Bettercap supports multiple operating systems
  • Bettercap provides a more modular and extensible architecture, allowing for easier customization and plugin development

Use Cases

  • Mana: Ideal for quick setup of rogue access points in penetration testing scenarios
  • Bettercap: Suitable for comprehensive network analysis, monitoring, and various attack simulations

Community and Support

  • Mana has a smaller but dedicated community focused on specific use cases
  • Bettercap boasts a larger user base and more extensive documentation due to its broader scope
wifiphisher logo

wifiphisher

13,190

The Rogue Access Point Framework

Pros of Wifiphisher

  • More user-friendly interface and easier setup process
  • Regularly updated with new features and security patches
  • Supports a wider range of attack scenarios and customizable phishing pages

Cons of Wifiphisher

  • Limited to Wi-Fi attacks, while Mana offers broader network exploitation capabilities
  • May require more manual configuration for advanced scenarios
  • Less integrated with other penetration testing tools compared to Mana

Code Comparison

Wifiphisher (Python):

def start(self):
    self.network_manager.start()
    self.template_manager.start()
    self.access_point.start()
    self.phishinghttp.start()

Mana (Bash):

start_mana() {
    start_network_services
    start_hostapd
    start_dhcp_server
    start_dns_server
}

Both projects use different programming languages and approaches, but they share similar high-level concepts for starting their respective services. Wifiphisher uses a more object-oriented approach with Python, while Mana relies on shell scripting for its core functionality.

FluxionNetwork logo

fluxion

4,960

Fluxion is a remake of linset by vk496 with enhanced functionality.

Pros of Fluxion

  • User-friendly interface with a more intuitive workflow
  • Supports a wider range of attack vectors and wireless protocols
  • More frequent updates and active community support

Cons of Fluxion

  • Primarily focused on Wi-Fi attacks, less versatile for other network types
  • May require more system resources due to its graphical interface

Code Comparison

Mana (Python):

def start_ap():
    os.system("hostapd hostapd.conf")
    os.system("dnsmasq -C dnsmasq.conf")

Fluxion (Bash):

function startAccessPoint() {
    xterm -hold -e "hostapd $hostapd_file" &
    sleep 2
    ifconfig $interface up
    ifconfig $interface $ip_address netmask 255.255.255.0
}

Both projects aim to create rogue access points, but Fluxion's implementation is more modular and easier to customize. Mana uses simple system calls, while Fluxion employs functions and variables for better flexibility.

Mana offers a broader range of network manipulation tools, making it suitable for various penetration testing scenarios. Fluxion, on the other hand, excels in Wi-Fi-specific attacks with its streamlined approach and user-friendly interface.

Ultimately, the choice between Mana and Fluxion depends on the specific requirements of the penetration testing task and the user's familiarity with command-line tools versus graphical interfaces.

v1s1t0r1sh3r3 logo

airgeddon

6,450

This is a multi-use bash script for Linux systems to audit wireless networks.

Pros of airgeddon

  • More actively maintained with frequent updates
  • Broader range of wireless attack tools and techniques
  • User-friendly interface with menu-driven options

Cons of airgeddon

  • Requires more dependencies and setup
  • May be overwhelming for beginners due to extensive features
  • Primarily focused on Wi-Fi attacks, less versatile for other network types

Code Comparison

airgeddon uses a modular bash script structure:

#!/usr/bin/env bash
...
function main_menu() {
    clear
    top_banner
    echo -e "${yellow_color}Select your option:"
    echo -e "${green_color}1) Explore wireless networks"
    echo -e "2) Select your target"
    ...
}

mana uses a more straightforward approach:

#!/bin/bash
...
start_mana() {
    echo "Starting MANA..."
    hostapd /etc/mana-toolkit/hostapd-mana.conf &
    dnsmasq -C /etc/mana-toolkit/dnsmasq-mana.conf
    ...
}

Both projects utilize bash scripting, but airgeddon's structure is more complex and modular, while mana's approach is more direct and focused on specific tasks.

P0cL4bs logo

WiFi-Pumpkin-deprecated

3,086

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Pros of WiFi-Pumpkin-deprecated

  • User-friendly graphical interface for easier management of attacks
  • Broader range of attack modules and plugins
  • Built-in reporting and logging features for better analysis

Cons of WiFi-Pumpkin-deprecated

  • Less actively maintained (deprecated status)
  • May have compatibility issues with newer systems
  • Potentially less stable due to lack of recent updates

Code Comparison

MANA (Python):

def start_ap(self):
    os.system("ifconfig {} up".format(self.interface))
    os.system("hostapd {} &".format(self.hostapd_conf))
    os.system("dnsmasq -C {}".format(self.dnsmasq_conf))

WiFi-Pumpkin-deprecated (Python):

def Start(self):
    self.interfaces = Refactor.get_interfaces()
    self.ap_mode.set_interface(self.interfaces['activated'][0])
    self.ap_mode.start()
    self.dhcp.Start()

Both projects aim to create rogue access points for security testing, but they differ in implementation and features. MANA focuses on a more lightweight, command-line approach, while WiFi-Pumpkin-deprecated offers a GUI and additional modules. MANA is generally considered more up-to-date and actively maintained, potentially making it more suitable for current security testing environments. However, WiFi-Pumpkin-deprecated's user-friendly interface and extensive plugin system may be advantageous for less experienced users or those requiring specific attack scenarios.

s0lst1c3 logo

eaphammer

2,126

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

Pros of eaphammer

  • Focused specifically on evil twin attacks and EAP-based Wi-Fi hacking
  • Includes advanced features like hostile portal attacks and captive portal cloning
  • Actively maintained with more recent updates

Cons of eaphammer

  • More limited in scope compared to MANA's broader wireless attack capabilities
  • Requires more manual configuration and setup for some advanced features
  • Less comprehensive documentation and community support

Code Comparison

eaphammer:

def hostile_portal():
    configure_hostapd()
    start_dhcp_server()
    setup_dns_masquerade()
    launch_captive_portal()

MANA:

start_mana() {
    ifconfig $IFACE up
    hostapd /etc/mana-toolkit/hostapd-mana.conf &
    dnsmasq -C /etc/mana-toolkit/dnsmasq-mana.conf
    sslstrip -l 10000 -a -w /var/lib/mana-toolkit/sslstrip.log &
}

Both projects use similar underlying tools (hostapd, dnsmasq) but implement them differently. eaphammer uses Python for higher-level orchestration, while MANA relies more on shell scripting and direct tool execution.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

The MANA Toolkit

by Dominic White (singe) & Ian de Villiers @ sensepost (research@sensepost.com)

Deprecation Notice

At Defcon 26 we talked about how we're deprecating mana-toolkit in favour of bettercap and berate-ap. The core of mana, hostapd-mana is still under active development. This repo isn't going anywhere, and can still be used, but it hasn't been actively maintained for some time. Keep an eye on w1f1.net for more info.

Overview

A toolkit for rogue access point (evilAP) attacks first presented at Defcon 22.

More specifically, it contains the improvements to KARMA attacks we implemented into hostapd, as well as some useful configs for conducting MitM once you've managed to get a victim to connect.

You can read more on our blog at https://sensepost.com/blog/2015/improvements-in-rogue-ap-attacks-mana-1%2F2/, or watch the talk at https://youtu.be/i2-jReLBSVk or see the text heavy slide version at http://www.slideshare.net/sensepost/improvement-in-rogue-access-points-sensepost-defcon-22

Contents

It contains:

  • kali/ubuntu-install.sh - simple installers for Kali 1.0.9 and Ubuntu 14.04 (trusty)
  • slides - an explanation of what we're doing here
  • run-mana - the controller scripts
  • hostapd-mana - modified hostapd that implements our new mana attacks
  • crackapd - a tool for offloading the cracking of EAP creds to an external tool and re-adding them to the hostapd EAP config (auto crack 'n add)
  • sslstrip-hsts - our modifications to LeonardoNVE's & moxie's cool tools
  • apache - the apache vhosts for the noupstream hacks; deploy to /etc/apache2/ and /var/www/ respectivley

Installation

The simplest way to get up and running is it "apt-get install mana-toolkit" on Kali. If you want to go manual to get the latest version, check below. Make sure to edit the start script to point to the right wifi device.

To get up and running setup a Kali box (VM or otherwise), update it, then run kali-install.sh

To get up and running setup a Ubuntu 14.04 box (VM or otherwise), update it, then run ubuntu-install.sh

If you're installing from git, you can use the following commands after you have grabbed the necessary dependencies:

git clone --depth 1 https://github.com/sensepost/mana
cd mana
git submodule init
git submodule update
make
make install

Pre-Requisites

Software

Check the ubuntu installer for more details on software pre-requisites.

Hardware

You'll need a wifi card that supports "access point"/"master" mode. You can check whether it does by running: iw list You want to see "AP" in the output. Something like:

Supported interface modes:
         * IBSS
         * managed
         * AP
         * AP/VLAN
         * monitor
         * mesh point

More information at https://help.ubuntu.com/community/WifiDocs/MasterMode#Test_an_adapter_for_.22master_mode.22

Three cards that have been confirmed to work well, in order of preference are:

Note, the old silver Alfa (AWUS036H) does not support master mode and will not work, but the new silver Alfa (AWUS050NH) does.

Running

Mana has several components, these can be started using the example start scripts, or you can use these as templates to mix your own.

Mana will be installed to several directories:

  • The mana tools are installed to /usr/share/mana-toolkit
  • The start scripts are in /usr/share/mana-toolkit/run-mana
  • The captured traffic will be in /var/lib/mana-toolkit

The different start scripts are listed below and must be edited to point to the right wifi device (default is wlan0, this may not be right for your installation):

  • start-nat-full.sh - Will fire up MANA in NAT mode (you'll need an upstream link) with all the MitM bells and whistles.
  • start-nat-simple.sh - Will fire up MANA in NAT mode, but without any of the firelamb, sslstrip, sslsplit etc.
  • start-noupstream.sh - Will start MANA in a "fake Internet" mode. Useful for places where people leave their wifi on, but there is no upstream Internet. Also contains the captive portal.
  • start-noupstream-eap.sh - Will start MANA with the EAP attack and noupstream mode.

While these should all work, it's advisable that you craft your own based on your specific needs.

These scripts kill NetworkManager as it prevents hostapd from using the wifi card. If you're using NetworkManager for your upstream connectivity, this can cause problems. Ideally, just manually configure the upstream adapter, however, you could also instruct NetworkManager to ignore certain devices by following the instructions at http://askubuntu.com/questions/21914/how-can-i-make-networkmanager-ignore-my-wireless-card/22166#22166