Pineappleis a mastermind wireless allowing the user to undertakeman-in-the-middle attacks. It is regarded as an auditing platformthe sixth generation manufactured by Hak5. Karma Attack is anauthoritative feature in wireless pineapple. Karma attack operates byjust ignoring the packets of the Apps that does not have SSID whenprobed.
PineApis the center of Wireless Pine Apple. It is an improved wirelesssuite penetrating to test for tracking, survey, man-in-the-middle,logging, and reporting. The PineAp is built with a simple proberequest respond in Karma nature. Its recon feature gives thepenetration tester the framework sight of the wireless landscape. Italso shows the access points and their relevant client in theparent-child table view (Oriyano, 2014). An engine at the Centre ofPineAp combines various components to convey customized attacks.
Monitoringthe wireless landscape is made easier through the reporting componentthat allows penetration tester at a set interval to capture, receivemail, and automate reports. A limited scope of engagement is enabledby limiting penetration to particular clients of interest. The PineApsuites also disallow unwanted devices from accessing the honey pot.
Atthe core of Pineapple lies a method of attack known as Karma. Itexploits trusting devices to probe response and requests and alsoregularly attempt to connect to the last network. The probe requestsare sent out from the wireless card once the computer is turned on.This is enabled by frequently scanning its surrounding and sendingprobe requests. The access point that does not produce the requiredSSID ignores the probe request. The exact Access point will respondto the probe request, and the client initiates the connection again.Unlike other wireless devices such as smartphones and laptops, whichconnect automatically to the access point, they remember.
Thewireless Pineapple can penetrate into the unsecured wirelessconnections. Information flowing through the internet such as emails,browser session, and messages can be viewed and modified by theclient.
Karmaassesses the security of the wireless clients at numerous levels. Thesniffing tool identifies the preferred networks by responses to thesent probe requests. Rogue Access point of one of the networks can beused to create targeted clients.
Therisk of using wireless Pineapple occurs because a honeypot isdesigned to attract traffic. One is open to many attackers once thedata starts being sent through the attacker`s system. Secure socketlayer strip is a downgrade attack that prevents the client fromseeing secure HTTPS links thereby connecting with the insecure links.HTTP links are replaced by unsecure links from unencrypted web pages.
DNScache poisoning: spoofing is also an attack where data is launched inthe domain name System cache database of the name server divertingthe traffic to another computer by making the name server to returnan incorrect IP Address.
WirelessPine Apple has been improved over the years with new features andmodules added. To improve security, a setup screen was designed andbefore connecting the pineapple, a random LED pattern has to beentered. The recon mode feature allows the client to scan all thesurrounding Access points and identify a threat attack by clicking onthe client. Management network can set up a secured wireless accesspoint. By using one`s mobile phone, one can check who is connected tohis/her network.
Inconclusion, wireless network comes with a lot of vulnerabilities andrisks despite giving one much convenience. It is important forindividuals to be aware of the kind of risks in existence and learnhow to overcome them. Wireless pineapple is becoming more powerfuleach day.
Oriyano,S. P. (2014). Hackertechniques, tools, and incident handling, second edition.Burlington, MA: Jones & Bartlett Learning.