Wi-Fi Pineapple

Image source: hak5

What exactly is a Wi-Fi pineapple? Well, it is basically a wireless auditing platform from Hak5 that allows network security administrators to conduct penetration tests (Pen test). A pen test is a simple test that involves a white hacker seeking out security vulnerabilities that a black hat attacker could exploit. A black hacker is someone who hacks to steal data and commit crimes. A white hacker is the opposite; someone who hacks to find vulnerabilities in a system to help improve security.

A Wi-Fi Pineapple can be used to conduct man in the middle (MitM) attacks as a rogue access point (AP). Man in the middle attacks are attacks where the hacker secretly intercepts and relays messages between two parties that think they are communicating directly with each other. Wi-Fi pineapples are used by hackers a lot due to their inexpensive price. Its friendly user interface (UI) enable attackers with little technical knowledge to eavesdrop on computing devices using public Wi-Fi networks in order to collect sensitive personal information, including passwords.

Uses of Wi-Fi Pineapple

The Wi-Fi Pineapple was intended to be friendly device was originally invented by engineers at Hak5 to perform pen tests and help network administrators audit network security. Its AP is often compared to a spider inspecting its web, enables network engineers to hack their own network in order to identify vulnerabilities and put mechanisms in place to strengthen the network against potential attackers.

There are different technical jargons used with the Wi-Fi pineapple. If it is used as a device for pen tests and security strengthening, it is called a honeypot. On the other hand, when it is used as a rogue AP to commit crimes and conduct MitM security exploits, it is called an evil twin or pineapple sandwich.

The Wi-Fi pineapple can intercept the connection between the user’s laptop and the network, inspecting the data that flows between the two. The person using the pineapple can read the information being transmitted back and forth between the network and the wireless device that’s using Wi-Fi. With its friendly web UI, the pineapple can be utilised by a raspberry Pi instead of a laptop; much cheaper than a laptop and the best option for a black hat hacker. The pineapple uses OpenWrt, an embedded Linux operating system (OS). Its inbuilt memory is volatile (doesn’t store information for long) but can be upgraded with an SD card.

For Pen testing

The Wi-Fi Pineapple is an essential pen testing tool because its UI is easy to use, and it is fairly cheap. Its pen testing suite is freely downloadable and includes tools for logging, reporting, tracking, reconnaissance and conducting MitM attack exercises.

This easy to use interface can put some powerful hacking capabilities into the hands of some potentially unskilled hackers. This also makes it a really important device for white hat hackers when auditing security systems. The Wi-Fi pineapple is a double edged sword that is equally dangerous or helpful depending on the intent of the user. Yes, Wi-Fi pineapple can be very to sensitive data but that doesn’t mean it’s inherently bad.  It’s a tool that can be used for black hat hacking, it can also be utilised for preventing abuse.

As a powerful Hacking device

When a Wi-Fi pineapple is used to connect to a network, it can project a fake service set identifier (SSID) that is similar to the real name of the network being monitored. This makes it completely transparent unless the end user checks his/her device’s settings and happens to notice the rogue AP. This is however unlikely because the user will still be able to access the internet and he/she will have no reason to doubt the security of the network connection.

There is no other indication when someone is eavesdropping using a Pineapple. The pineapple remains connected even when it is physically removed from its target device. This is because it is controlled remotely over the internet. It can eavesdrop remotely even when it is out of the legitimate network’s range. This can put the victim in danger because the pineapple receives all data passing through the network. The hacker can get access to any sensitive or confidential information over the internet.

People should be cautious and check if their location corresponds with their Wi-Fi network. You might be connected to your office network even when you are at home; this makes it clear that the connection is actually a fake SSID generated by a Pineapple.

Safety measures against the pineapple

If you suspect being spied on by a pineapple, follow these steps.

  • Don’t ever use public networks to share sensitive data; can connect to them, and it is easy for a Pineapple to spoof their SSID. A pineapple first has to connect to a network to monitor the traffic going through said network, so it makes sense that the easier the network is to connect to, the easier it is for a Pineapple to spoof it.
  • Always use a virtual private network (VPN) when sending sensitive data. VPNs protect user’s information from being transferred to a pineapple. A VPN encrypts all data leaving the user’s device so even if the user is connected to the pineapple; the pineapple won’t be able to read the data being transmitted.
  • Opt for wireless networks like a Long-Term Evolution (LTE) network. Wireless networks connect to the internet without going through the Wi-Fi network. This means that a user will never connect to a fake Pineapple-generated SSID.
  • Make sure you check for Hypertext Transfer Protocol Secure (HTTPS) encryption in the sites you visit. Most sites have HTTPS encryption; the lock icon in the left-most position of the web address bar. Their address also has, as opposed to HTTP, in the Uniform Resource Locator (URL).
  • Turn off your Wi-Fi. When you are done using Wi-Fi, turn it off. This eliminates the chance of your device connection to a pineapple when searching for networks to connect to.