WiFi Pineapple discovery!
I came across this little jewel at a Kaseya Connect conference in Vegas in 2012, as a victim of this little bastard with my IPad ID up on display for all to see at the conference. I was intrigued . Yes Cubert logged on to a Kaseya Conference Free Wifi the day before and the IPad remembered the network and along comes this security guru guy, plays a little trick on the unsuspecting convention goers by dropping a Jasager WiFi Pineapple “Grenade” (Pineapple + Karma + DNS Spoof + SSLStrip + URL Snarf) in the middle of the conference main gallery. So there I am checking my mail and Ebay’ing for a newly used Harley RoadKing when it got really slow and the connection, all of a sudden seemed like the wifi signal started to suck. I poped open the available networks and found that I was connecting to the Kaseya SID but right beside it was the real SID the guru was using to acces his WiFi Pineapple but the Pineapple would answer for any SID you had ever connected to.
Cubert – “I’ve coined the phrase Pineapple Grenade, You take this this little bastard and lob it into the middle of a pubic room like a grenade and the results can be deadly! Facebook will never be the same.”
Next thing I know I am one of many Vegas conference junkies that was on display for all to see. I will tell you I was bummed… I consider myself a… well an above average computer guy. Linux is an old friend, and I have worked on the platform for almost 2 decades. I remember building for fun over a weekend LFS (Linux from Scratch) when it was in it 1.0 series several times because my programming buddy at college kept formatting my build drive . The makeup of the Pineapple Mark IV is not foreign to me at all, I was so intrigued that I looked up Hak5 and ordered one as soon as I got home from the conference as many I bet did.. $89.00 dollars plus shipping of $6.00 for a total of $92 dollars gets me a nice prebuilt compact wireless linux box with tools to play man in the middle to any public wireless service any where? What a Deal!
So I crack open my package I received from Hak5 and there it was, my very own WiFiPineapple. Well I could not wait to jump in and start playing with all the neat things this little bastard could do. I read over the little pamphlet that came with it. It gave you the basic low down on what this this WIFi Pineapple does and a very simple explanation of how it works. That is pretty good, as a basic Windows Geek will have issues understanding a lot of the routing and backend modifications this basic OpenWRT linux wireless unit will require to make use of the product. With a nice little interface and several tools, the expectations that you have the knowledge to take it to the next level is required.
Warning, Be Smart!
So feel safe some what in he fact that not every kid with a PC has one but “before warned” it is out there and you will need to be mindful that there is no wireless AP that is safe or secure as a connection to the Internet. Never do any banking or other secure service over a free WiFi!! You have been warned! SSL is not secure and is meaningless to a device like this. They will own you if you are not paying attention. Be smart people!
For more information on the WIFI Pineapple Mark IV goto WiFi PineApple
I will be writing up my experiences and sharing the knowledge on how this works and what it can do so watch for my posts on the WiFi Pineapple Mark IV.