Scribd Logo
Upload

Welcome to Scribd!

  • Sensepost - Mana GitHub

    Uploaded by

    j.manitra3578
    73 views3 pages
    Sensepost_mana

    Original Title

    Sensepost_mana · GitHub

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Sensepost_mana

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    73 views3 pages

    Sensepost - Mana GitHub

    Uploaded by

    j.manitra3578
    Sensepost_mana

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    4/10/2015

    sensepost/mana GitHub

    Thisrepository

    Explore

    Search

    Features

    Enterprise

    sensepost / mana

    Blog

    Watch

    Signup

    Star

    43

    166

    Signin

    Fork

    45

    OurmanatoolkitforwifirogueAPattacksandMitMseehostapdmanatoo
    Code
    58commits

    branch:master

    1branch

    2releases

    3contributors

    mana/

    Issues

    Pullrequests

    Readmefixups
    latestcommit74175de985

    singeauthored15daysago

    apache

    AddaMakefiletoinstalleverythinginaproperlocation

    7monthsago

    crackapd

    AddaMakefiletoinstalleverythinginaproperlocation

    7monthsago

    firelamb

    AddaMakefiletoinstalleverythinginaproperlocation

    7monthsago

    hostapdmana@b13c76a

    Addedhostapdmanafromthesensepost/hostapdmanarepositoryasasu

    16daysago

    netcreds@30b16c0

    Addedinitialnetcredsintegration

    16daysago

    runmana

    Fixedbyreportedbyraz3kwhereDHCPispushing8.8.8.8asDNSbutn

    15daysago

    sslstriphsts

    Switchedtomyownforkofdns2proxy

    16daysago

    .gitmodules

    Switcheddns2proxyrepoproperly

    16daysago

    LICENSE

    Updatedsslstrip2anddns2proxytopointtoLeonardoNVE'srepository

    16daysago

    Makefile

    Addedinitialnetcredsintegration

    16daysago

    Readme.md

    Readmefixups

    15daysago

    kaliinstall.sh

    Addedinitialnetcredsintegration

    16daysago

    ubuntuinstall.sh

    AddaMakefiletoinstalleverythinginaproperlocation

    Pulse
    Graphs

    HTTPScloneURL

    https://github.com/se
    nsepost/mana.

    YoucanclonewithHTTPSor
    Subversion.

    DownloadZIP

    7monthsago

    Readme.md

    TheMANAToolkit
    byDominicWhite(singe)&IandeVilliers@sensepost(research@sensepost.com)

    Overview
    Atoolkitforrogueaccesspoint(evilAP)attacksfirstpresentedatDefcon22.
    Morespecifically,itcontainstheimprovementstoKARMAattacksweimplementedintohostapd,as
    wellassomeusefulconfigsforconductingMitMonceyou'vemanagedtogetavictimtoconnect.
    Youcanreadmoreonourblogathttp://www.sensepost.com/blog/11823.html,orwatchthetalkat
    https://youtu.be/i2jReLBSVkorseethetextheavyslideversionat
    http://www.slideshare.net/sensepost/improvementinrogueaccesspointssensepostdefcon22

    Contents
    https://github.com/sensepost/mana

    1/3

    4/10/2015

    sensepost/mana GitHub

    Itcontains:
    kali/ubuntuinstall.shsimpleinstallersforKali1.0.9andUbuntu14.04(trusty)
    slidesanexplanationofwhatwe'redoinghere
    runmanathecontrollerscripts
    hostapdmannamodifiedhostapdthatimplementsournewkarmaattacks
    crackapdatoolforoffloadingthecrackingofEAPcredstoanexternaltoolandreaddingthem
    tothehostapdEAPconfig(autocrack'nadd)
    sslstriphstsourmodificationstoLeonardoNVE's&moxie'scooltools
    apachetheapachevhostsforthenoupstreamhacksdeployto/etc/apache2/and/var/www/
    respectivley

    Installation
    Thesimplestwaytogetupandrunningisit"aptgetinstallmanatoolkit"onKali.Ifyouwanttogo
    manual,checkbelow.Makesuretoeditthestartscripttopointtotherightwifidevice.
    TogetupandrunningsetupaKalibox(VMorotherwise),updateit,thenrunkaliinstall.sh
    TogetupandrunningsetupaUbuntu14.04box(VMorotherwise),updateit,thenrunubuntu
    install.sh
    Ifyou'reinstallingfromgit,youcanusethefollowingcommandsafteryouhavegrabbedthenecessary
    dependencies:
    gitclonehttps://github.com/sensepost/mana
    gitsubmoduleinit
    gitsubmoduleupdate
    cdmana
    make
    makeinstall

    PreRequisites
    Software
    Checktheubuntuinstallerformoredetailsonsoftwareprerequisites.
    Hardware
    You'llneedawificardthatsupportsmastermode.Youcancheckwhetheritdoesbyrunning:iwlist
    Youwanttosee"AP"intheoutput.Somethinglike:
    Supportedinterfacemodes:
    *IBSS
    *managed
    *AP
    *AP/VLAN
    *monitor
    *meshpoint

    Moreinformationat
    https://help.ubuntu.com/community/WifiDocs/MasterMode#Test_an_adapter_for_.22master_mode.22
    Threecardsthathavebeenconfirmedtoworkwell,inorderofpreferenceare:
    https://github.com/sensepost/mana

    2/3

    4/10/2015

    sensepost/mana GitHub

    UbiquitiSR71(notmadeanymore:(,chipsetAR9170,drivercarl9170
    http://wireless.kernel.org/en/users/Drivers/carl9170)
    AlfaBlackAWUS036NHA(chipsetAtherosAR9271,buyathttp://store.rokland.com/products/alfa
    awus036nha80211nwirelessnusbwifiadapter2watt)
    TPLinkTLWN722N(chipsetAtherosAR9271)
    Note,thesilverAlfadoesnotsupportmastermodeandwillnotwork.

    Running
    Manahasseveralcomponents,thesecanbestartedusingtheexamplestartscripts,oryoucanuse
    theseastemplatestomixyourown.
    Manawillbeinstalledtoseveraldirectories:
    Themanatoolsareinstalledto/usr/share/manatoolkit
    Thestartscriptsarein/usr/share/manatoolkit/runmana
    Thecapturedtrafficwillbein/var/lib/manatoolkit
    Thedifferentstartscriptsarelistedbelowandmustbeeditedtopointtotherightwifidevice(defaultis
    wlan0,thismaynotberightforyourinstallation):
    startnatfull.shWillfireupMANAinNATmode(you'llneedanupstreamlink)withalltheMitM
    bellsandwhistles.
    startnatsimple.shWillfireupMANAinNATmode,butwithoutanyofthefirelamb,sslstrip,
    sslsplitetc.
    startnoupstream.shWillstartMANAina"fakeInternet"mode.Usefulforplaceswherepeople
    leavetheirwifion,butthereisnoupstreamInternet.Alsocontainsthecaptiveportal.
    startnoupstreameap.shWillstartMANAwiththeEAPattackandnoupstreammode.
    Whiletheseshouldallwork,it'sadvisablethatyoucraftyourownbasedonyourspecificneeds.

    2015GitHub,Inc. Terms Privacy Security Contact

    https://github.com/sensepost/mana

    Status API Training Shop Blog About

    3/3

    You might also like