Wireless Attacksrogue-apwifimanahostapdeapwpa

hostapd-mana

Featureful rogue access point first presented at Defcon 22. User space daemon for IEEE 802.11 AP management and IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator.

Description

hostapd-mana is a modified version of hostapd designed as a featureful rogue access point, originally presented at Defcon 22. It includes MANA EAP functionality from SensePost, Karma patches, and other enhancements for advanced wireless attacks. The tool supports creating malicious access points to capture credentials or perform man-in-the-middle attacks in wireless environments.

Use cases include testing WPA Enterprise security, building rogue APs for penetration testing, and demonstrating vulnerabilities in 802.1X authentication. It is referenced in OffSec PEN-210 training for rogue access point configuration and attacking WPA Enterprise.

The package provides both the hostapd-mana daemon and hostapd-mana_cli for management, with control interfaces for interacting with associated stations.

How It Works

hostapd-mana operates as a user space daemon implementing IEEE 802.11 AP and authenticator functionality for 802.1X/WPA/WPA2/EAP/RADIUS. It uses configuration files to define AP behavior, supports MANA-specific patches for rogue operations like fake EAP responses and taxonomy signatures. The CLI tool communicates via control sockets (default /var/run/hostapd-mana) to query MIB variables, manage stations, and perform actions like deauthentication.

Installation

bash
sudo apt install hostapd-mana

Flags

-hshow this usage
-dshow more debug messages (-dd for even more)
-Brun daemon in the background
-eentropy file
-gglobal control interface path
-Ggroup for control interfaces
-PPID file
-Kinclude key data in debug messages
-p<path>path to find control sockets (default: /var/run/hostapd-mana)
-i<ifname>Interface to listen on (default: first interface found)

Examples

Display usage information and available options for hostapd-mana
hostapd-mana --help
Show the help usage text for hostapd-mana
hostapd-mana -h
Run hostapd-mana with more debug messages using a configuration file
hostapd-mana -d <configuration file>
Run hostapd-mana daemon in the background with a configuration file
hostapd-mana -B <configuration file>
Display help and usage for hostapd-mana_cli
hostapd-mana_cli -h
Ping the hostapd-mana daemon
hostapd-mana_cli ping
Get MIB variables (dot1x, dot11, radius)
hostapd-mana_cli mib
Get MIB variables for one station
hostapd-mana_cli sta <addr>
Updated 2026-04-16kali.org ↗