WiFi Pineapple

The Smartest Man in the Middle

Alex Rippee

WiFi Pineapple

l Passive Scansl Harvest Clientsl SSh and VPN tunnel accessl SSL stripl Beacon Response / KARMA

WiFi Pineapple

Passive Scan

l Wifi Pineapple can perform Passive Scans using Kismet or other tools found in KALI linux.

l Kismet can detect autogroup probes used by wifi devices set to automatically connect to an access point.

l Wireshark can also be used.

Harvest Clientsl WiFi Pineapple can spam beacons to attract clients, spoof SSIDs, and respond using false positives to client requests.

Tunnel Access

l The Pineapple can be left completely unattended and runs on a battery.

l Using a cellular network or a coffee shop access point the pineapple can be accessed from anywhere and uses a simple web GUI.

SSL stripl Pineapple can act as a man in the middle between clients and their intended gateway.

l Using SSL strip, all SSL sessions can essentially be converted into plain text

Beacon Response / KARMAl Pineapple can act as an existing access point to capture authentication keys

l KARMA will authenticate ANYONE trying to access ANY access point

Price tag

l$99

Bibliography

l Wifi Pineapple Images and Specifications: http://hakshop.myshopify.com/

l SSL Strip Image: www.hackerue.com