initial script and config

hostapd-wpe.conf

@@ -0,0 +1,63 @@
+# the wireless interface in monitor mode
+interface=wlan0
+
+# required for modern WiFi cards
+driver=nl80211
+
+# empty to allow the AP to respond dynamically
+ssid=
+
+# the used channel on the band
+channel=6
+
+# 2.4 GHz
+hw_mode=g
+
+# 5 GHz
+# hw_mode=a
+
+# allows broadcasting of SSID
+ignore_broadcast_ssid=0
+
+# enable Karma mode, meaning to respond to all probe requests
+karma_enable=1
+
+# determines how often the AP sends beacon frames (in time units, TU, where 1 TU = 1024 µs)
+# lower values mean more frequent beacons, making the AP more responsive but increasing channel congestion
+beacon_int=100
+
+# the max number of stations (clients) that can associate with the AP at the same time
+max_num_sta=255
+
+# authentication algorithms to be supported by the AP
+# 1 = Open system authentication (no password)
+# 2 = Shared key authentication (WEP)
+# 3 = Both Open & Shared Key
+auth_algs=3
+
+# WPS (Wi-Fi Protected Setup) mode
+# 0 = WPS disabled
+# 1 = WPS enabled but not configured
+# 2 = WPS enabled and configured
+wps_state=2
+
+# Wi-Fi Protected Access (WPA) mode
+# 1 = WPA
+# 2 = WPA2
+wpa=2
+
+# WPA key management method
+# WPA-EAP enables Enterprise authentication (802.1X)
+wpa_key_mgmt=WPA-EAP
+
+# encryption methods used for WPA/WPA2
+# TKIP (Temporal Key Integrity Protocol) - legacy encryption, insecure
+# CCMP (Counter Mode Cipher Block Chaining Message Authentication Code Protocol) - modern AES-based encryption
+# including both allows compatibility with more clients
+wpa_pairwise=TKIP CCMP
+
+# enable 802.1X authentication (Enterprise mode)
+# ieee8021x=1
+
+# enable the internal EAP (Extensible Authentication Protocol) server required for handling WPA-Enterprise authentication
+# eap_server=1

wpe

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+# Check if script is run as root
+if [[ $EUID -ne 0 ]]; then
+    echo "[!] This script must be run as root!" >&2
+    exit 1
+fi
+
+# Check if hostapd-wpe is installed
+if ! command -v hostapd-wpe &>/dev/null; then
+    read -r -p "[!] hostapd-wpe is not installed. Install it now? (Y/n): " choice
+    choice=${choice:-Y}
+    if [[ $choice =~ ^[Yy]$ ]]; then
+        if ! apt update || ! apt install -y hostapd-wpe; then
+    echo "[!] Installation failed. Exiting."
+    exit 1
+fi
+    else
+        echo "[!] hostapd-wpe is required. Exiting."
+        exit 1
+    fi
+fi
+
+# List network interfaces and their capabilities
+echo "[+] Available network interfaces and capabilities:"
+iw dev | awk '/Interface/ {iface=$2} /type/ {print " - Interface: " iface " (Mode: "$2")"}'
+
+# Prompt user for the network card
+while true; do
+    read -r -p "[?] Enter the interface to use for hostapd-wpe (default: wlan0): " iface
+    iface=${iface:-wlan0}
+    
+    if ip link show "$iface" &>/dev/null; then
+        break
+    else
+        echo "[!] Interface $iface does not exist. Please enter a valid interface."
+    fi
+done
+
+echo "[+] Preparing $iface for hostapd-wpe..."
+if ! nmcli device set "$iface" managed no; then
+    echo "[!] Failed to set $iface unmanaged. Exiting."
+    exit 1
+fi
+
+# Check for hostapd-wpe.conf in the current directory
+if [[ -f "hostapd-wpe.conf" ]]; then
+    echo "[+] Found hostapd-wpe.conf in the current directory. Using it."
+    config_file="hostapd-wpe.conf"
+else
+    echo "[!] hostapd-wpe.conf not found in the current directory. Using the default: /etc/hostapd-wpe/hostapd-wpe.conf"
+    config_file="/etc/hostapd-wpe/hostapd-wpe.conf"
+fi
+
+if ! hostapd-wpe -k "$config_file"; then
+    echo "[!] Failed to start hostapd-wpe. Exiting."
+    exit 1
+fi