Overview
hostapd-mana is a patched version of hostapd that adds rogue AP capabilities. It responds to client probe requests to capture WPA2 handshakes from clients probing for offline networks, and captures MSCHAPv2 credentials from WPA Enterprise clients that connect to a rogue 802.1X server.Install
Usage
Config: WPA2 PSK Handshake Capture
Captures handshakes from clients probing for a WPA2 network that is not currently in range.hostapd.conf:
CTRL+C when AP-STA-POSSIBLE-PSK-MISMATCH appears.
Config: WPA Enterprise Credential Capture
Runs a rogue 802.1X/RADIUS server. Captures MSCHAPv2 hashes from connecting clients. Requires FreeRADIUS certificates, see FreeRADIUS section below.network.conf:
/etc/hostapd-mana/mana.eap_user):
Key Config Options
| Option | Description |
|---|---|
mana_wpe=1 | Enable WPE (credential capture) |
mana_credout=<file> | Path to write captured credentials |
mana_eapsuccess=1 | Send EAP-Success to keep client connected |
mana_eaptls=1 | Enable EAP-TLS capture |
mana_wpaout=<file> | Write WPA handshakes to hccapx file |