Well it would appear that this is the 2nd time I
am writing this blog, as I was a complete idiot and somehow managed to delete
the post while it was still in draft I could not find the data, but it does mean
that I get to watch some more Elementary.
Let's look at the WiFi Pineapple, a security auditing tool that exploits the inherent security flaws in unencrypted WiFi security.
The WiFi Pineapple works as a router, this is not to be confused with the Netgear or Linksys router in your house, the Pineapple has two wireless radios, one Ethernet port and one USB.
So I received my WiFi Pineapple on Friday and have been in experiment mode ever since.
The Pineapple arrives completely blank but the latest firmware is included on a microSD card, the whole process is automated and provided you follow the guide that is included or watch the videos on Hak5 you should have no issues.
Applications that run on the Pineapple are called "Infusions" some are included and many are online in the Pineapple Bar.
The particular application I am looking at talking about is Karma.
I won't be going in depth on the theory as this has been covered many times on Hak5.
When your laptop or phone come online they send out probe requests looking for networks that they have attached to previously. This list can be found on a Windows PC by clicking on "Manage Wireless Networks" link within the Network and Sharing Center.
The best way to access Karma is through the Pineapple web interface.
Now let's state the obvious, you click on "Start" Karma will start. Clicking "Enable" will not start Karma but will automatically start the next time the Pineapple reboots, handy if you don't want to get your laptop out and log into the Pineapple. Clicking on "Karma" will open the Karma interface, within the interface there are three pages; Karma Intelligence Report, Karma Log, Karma Configuration.
Karma Intelligence displays the MAC address, assigned IP address, Hostname and the assumed SSID. I have edited the hostnames and MAC addresses to protect myself and the stupid person that connected while I was taking screenshots (first time I managed to pick anyone else up).
Karma Log holds information on all probe requests received and all clients that have connected.
An finally Karma Configuration is where you can set the broadcast SSID of the Pineapple, Client Blacklisting where you can set clients that the Pineapple will not respond to, and SSID Black/White Listings where you can configure what SSID's the Pineapple responds as.
So in conclusion the WiFi Pineapple can make you a man in the middle, you can be the one that people connect to for internet access. And how can you protect yourself from this kind of attack, well don't connect to any unsecured networks, if you do don't all that network to connect automatically. Always make sure you know what you are connecting to.
No comments:
Post a Comment