berate-ap
berate-ap is a script for orchestrating mana rogue Wi-Fi Access Points. It can also handle regular hostapd APs and create access points easily.
Description
berate-ap provides a comprehensive toolset for setting up rogue Wi-Fi access points using mana toolkit integration or standard hostapd configurations. It supports various wireless attack scenarios including Mana attacks that respond to device probes, WPA handshake capture, and Enterprise EAP authentication interception. The tool simplifies the creation of malicious APs for penetration testing and wireless security assessments.
Use cases include creating fake access points to capture credentials, performing Karma/Mana attacks to lure devices, and testing WPA/WPA2/WPA3 security by capturing handshakes in hashcat format. It handles both personal and enterprise wireless networks with built-in RADIUS server support or external RADIUS integration.
The tool offers flexible internet sharing methods (NAT/bridge) and extensive customization for SSID, channels, authentication types, and logging. Enterprise options enable sophisticated EAP attacks while Mana WPE mode specifically targets credential interception from various EAP methods.
How It Works
berate-ap orchestrates hostapd-mana to create rogue Wi-Fi access points that respond to device probes (Mana/Karma attacks) and capture authentication attempts. It uses hostapd configuration for standard AP operation and mana-specific modules for advanced attacks like WPA handshake capture (output to hashcat hccapx format) and EAP credential interception. The tool manages network interfaces, creates bridges when needed, sets up dnsmasq for DNS, and handles internet sharing via NAT or bridging. Built-in RADIUS server handles Enterprise EAP authentication, while external RADIUS support is available. Mana logging captures device taxonomy and credentials to specified output files.
Installation
sudo apt install berate-apFlags
Examples
berate_ap wlan0 eth0 MyAccessPoint MyPassPhraseecho -e 'MyAccessPoint\nMyPassPhrase' | berate_ap wlan0 eth0berate_ap wlan0 eth0 MyAccessPointecho 'MyAccessPoint' | berate_ap wlan0 eth0berate_ap wlan0 wlan0 MyAccessPoint MyPassPhraseberate_ap -n wlan0 MyAccessPoint MyPassPhraseberate_ap -m bridge wlan0 eth0 MyAccessPoint MyPassPhraseberate_ap -m bridge wlan0 br0 MyAccessPoint MyPassPhrase