Four years ago, I wrote a blog post about WiFi Pineapple, a “hack-in-a-box” tool which allows anyone to use an off-the-shelf product to hack WiFi networks by simply flipping a switch.
Back then, I took the makers of WiFi Pineapple to task for creating a hacker tool that has no legitimate use. And with the release of version 2.0, I can say that I still believe wholeheartedly that this is the case.
What is WiFi Pineapple?
In simple terms, WiFi Pineapple is a “honeypot”, which steals the credentials of legitimate WiFi hotspots, so it looks like a real one. When a user logs into what he or she thinks is a real WiFi network, they are actually logging into the fake one set up by WiFi Pineapple.
Then the user of the WiFi Pineapple can carry out Man-in-the-Middle attacks, which means that they can do any number of tricks to the content being sent to them, including altering messages, or stealing credit card numbers or login information.
WiFi Pineapple uses an attack method called Karma. Our mobile devices are programmed to connect to the last network they accessed via SSID (service set identifier, which is a sequence of characters that uniquely identifies a wireless local area network).
To do this, they send out something called “probe requests.” Access points that don’t match simply ignore the probe request. The correct access point, however, does respond and initiates association with the device.
By using Karma, WiFi Pineapple can respond to whatever access point the device is requesting by pretending to be it. And once you are connected, the owner of the WiFi Pineapple has total access to everything you send online.
It’s a very powerful weapon in a very small box.
What’s New in WiFi Pineapple 2.0
The new version of WiFi Pineapple includes a feature called PineAP. As WiFi Pineapple attacks became more common, some device vendors upgraded their security by simply sending a generic probe request that does not include the access point they last accessed. To get around this, WiFi Pineapple came up with PineAP.
The following list contains some of the new modules in WiFi Pineapple 2.0:
- Beacon Response: Instead of sending probe requests, this PineAP module sends beacons, which when paired when a probe request, can make the WiFi Pineapple look more legitimate.
- Dogma: This module sends out beacon frames selected by the hacker, which allows the hacker to make more targeted attacks.
- Auto Harvester: Now that SSID names are more likely to be kept secret, this module collects SSIDs it can find in an SSID pool. It is used by the Dogma module.
WiFi Pineapple: Still Dangerous
As I said four years ago, WiFi Pineapple is a toy that has no legitimate use.
It is, very simply, a hacking device which, for about $100, puts a serious hacking tool in the hands of anyone. And with these new features, it makes it even easier to become a professional data thief.
What is WiFi Pineapple good for? Well, it is a good reminder that you should always protect your communications in WiFi hotspots using a Virtual Private Network like PRIVATE WiFi.
And that’s about it.