Attacks on WiFi networks are well known in the cybersecurity world, as an established technique for penetrating a target. The Hak5 WiFi PineAppple Nano just makes it easy to target WiFi access points, as well as employee’s WiFi-enabled devices.
A few weeks ago I bought a WiFi Pineapple. It has a small form-factor, relatively low power draw, low heat generation and boasts a simple web interface to operate the device, even from a mobile phone. A secondary nicety is the ability to install community-made modules to add more functionality. The first thing I notice when starting to use the device is that most of the functionality I thought was included in the device actually requires third-party modules, which Hak5 does not support.
Hak5 seems to essentially market the device functionality around these modules but flatly does not support them. Without installing any modules, that’s pretty much it. You’ll need a module for that. The problem is these modules largely don’t function well or, in some cases, at all. The WPS module fails to do anything, right out of the box.
WiFi Pineapple: It’s Not a Fruit
The Pineapple is a pen-testing tool, originally created in order to allow IT professionals to test the vulnerability of their networks.
WiFi is Inherently Flawed
Any time you connect to a WiFi network from your phone or computer, your device saves that network’s SSID. After you’ve left the airport, your device will broadcast a signal asking if WiFi access points around the device are ‘Airport WiFi’. Your device does this for any network you’ve connected to in the past. WiFi Pineapples take advantage of this feature by scanning for all the SSIDs being broadcast by devices in its vicinity.
It then rebroadcasts these SSIDs to trick devices into thinking it is an access point that has been connected to in the past. The WiFi Pineapple sees your device asking, «is this network ‘Airport WiFi’?» And then starts broadcasting its own signal that says «Yes, I am ‘Airport WiFi’, connect to me».
HOW CAN THE WIFI PINEAPPLE HELP MY PENTEST?
With an emphasis on responsible auditing within the scope of the engagement, the WiFi Pineapple can be used to passively gather intelligence, as well as actively capture clients in order to monitor and manipulate traffic. Modules such as Evil Portal can be deployed to effectively harvest credentials or inject malware onto targeted devices. When used in conjunction with typical tools of the trade, the WiFi Pineapple can easily integrate into your pentest workflow.
You may be interested in...
As more organizations embrace Bring Your Own Device (BYOD) policies, endless possibilities emerge for the penetration tester. The focus shifts from breaking into the network to becoming the network.
To get a great deal on the Hak5 Pineapple Nano visit the Amazon store here