RebelCork

It does AFAIK, but my idea above really is a thought experiment, it just needs a POC. How many people will actually search their own hotspot? End users will automatically think 'Hey, this is supposed to just work, right?' My above example is only meant to be there 60 seconds tops, quick and dirty

How about a spot of phishing/social engineering. Let's say your target hotspot is 'BigISPxxxx' - it's the way they name it here in Ireland. Set up karma & a MDK3 card. Design a nice simple webpage with your target ISP logo, two little textboxes and a message along the lines of "We here at BigISP are upgrading your router. Please enter in your username and password (or just WPA2 key, hey enter it twice for security :) ) The update process will take approximately 90 seconds, after which, you will need to power cycle your router." Bingo - WPA2 key in hand and the target will connect back to his network none the wiser. Turn off MDK3 and karma - victim seamlessly connects to their own network none the wiser.

You would be surprised at the amount of people having difficulty with this...

Have you tried building a svartkast (Irongeek.com - props to Adrian Crenshaw, I'm just reposting ) Basically it's a modified Pogoplug, ebay is full of them. You can get them for next to nothing and stick in a low profile usb stick. They are fairly inconspicuous (apart from being bright pink :) ) I use it a fair bit for testing and packet captures - you can install debian and all of its tools. http://forums.hak5.org/index.php?/topic/26512-pineapple-fun/

\ [Mark IV: Ver 2.8.0 ] ``+': \ \ `+'+#` \ \ \ . ...--. .-.. . +.+,+; ) ) ) ) |/\|.|- . |-'..-..-,.-. .-..-.| .-, `+`+++,'+ / / / ' ''' ' ' '' '`'-`-`-|-'|-''-`'- `++.;+;` / / ' ' `+; / #:##;#` Zombie :::;+#'# 1/2 oz Bacardi® 151 rum #:+;;#'# 1 oz pineapple juice `,';#''#'' 1 oz orange juice ;'#;++''+# 1/2 oz apricot brandy #;;#''+;;# 1 tsp sugar ##+'++''#' 2 oz light rum '++'+''#++ 1 oz dark rum .''+;'#;;# 1 oz lime juice +'''+;+;, ,';#;;;' Shake together. [ 119 105 102 105 112 105 110 101 97 112 112 108 101 46 99 111 109 ] Bonus easter egg included :)

Better stick to an ethernet connection if you are downloading, just in case there are any issues - cannot stress the increased risk of bricking your device if your connection drops. I hate saying, but look around the forums here, there are lots of guides on connection issues

virtualbox doesnt see your nic directly. It installs a bridge on your pc and traffic is directed through that. Best result is get a cheap usb nic online and use that (virtualbox will see your usb device and access that directly), just as you would your own nic. Plenty of help around the forums - its what anyone with a MacBook Air has to do

Pentesting is not simply using 1 'hack' The java applet attack may work if you know the victim's machine is susceptible to the attack, but to be honest, the worst thing you can do on a pentest is try and throw everything at a target.

As a member of the forum for over a year, and admitingly, not posting a great deal, all I can think of is one thing.. In fairness though, there does seem to be a large amount of kiddies recently, but that's kind of expected as the popularity of the pineapple reaches a bigger audience. In my opinion, although it goes against my own personal beliefs, is simply just ignore the "How do I hack FB ?" type posts. Looking through reddit, these posts simply disappear soon enough. Look also at the posters, they post between 1 and 5 posts like this and go away. If they are genuine noobs (I was one too) then they'll hopefully go away and learn how to code, how to hack responsibly and when they come back mature a bit. As stated above, genuine Pentesters will often create phish pages on the fly. It really isnt hard. Sorry for adding to the debate, but I really hate it when the community frangments over an issue like this. The openness and genuine help that I have received from users here has been fantastic. It'd be harmful to the community if we couldn't genuinely help newcomers with genuine problems (ICS problems, etc)

hamachi (logmein) give 5 free licences Its compatible with linux (arm, 32- & 64bit machines) and windows. Handy for creating tunnels Have yet to try it with the Pineapple though (hamachi for linux is a beta, and will probably be forever)

And this And this is the aftermath... http://beaglenetworks.net/post/42828595476/what-i-learned-from-being-a-fleeting-internet-celeb

iOS is a bit scarce. so here's mine: Terminal (daddy needs a command prompt) Metasploit (installable through command prompt) Fing (Network Discovery) SugarSync iNet (Network Discovery & Portscanner) WiFiFoFum (oldie - good for wardriving - do people still do this??? Useful for finding & locating networks nearby) Have recently got my hands on a MK802 android stick, so looking for suggestions for that. :)