hostapd-mana

hostapd-mana is a modified version of hostapd designed as a featureful rogue access point, originally presented at Defcon 22. It includes MANA EAP functionality from SensePost, Karma patches, and other enhancements for advanced wireless attacks. The tool supports creating malicious access points to capture credentials or perform man-in-the-middle attacks in wireless environments.

Use cases include testing WPA Enterprise security, building rogue APs for penetration testing, and demonstrating vulnerabilities in 802.1X authentication. It is referenced in OffSec PEN-210 training for rogue access point configuration and attacking WPA Enterprise.

The package provides both the hostapd-mana daemon and hostapd-mana_cli for management, with control interfaces for interacting with associated stations.

hostapd-mana operates as a user space daemon implementing IEEE 802.11 AP and authenticator functionality for 802.1X/WPA/WPA2/EAP/RADIUS. It uses configuration files to define AP behavior, supports MANA-specific patches for rogue operations like fake EAP responses and taxonomy signatures. The CLI tool communicates via control sockets (default /var/run/hostapd-mana) to query MIB variables, manage stations, and perform actions like deauthentication.