Didnt quite know how to accurately word the topic title so apologies for any confusion. Its been a good Defcon ^^
So far, the Wifi Pineapple has worked great ever since I got it yesterday and updated it to 2.0.2. However, there is one thing I cant quite grasp.
In the web interface you can configure the SSID and security of the access point. However, it seems like you pretty much have to leave it as an open network for Karma to work, as if you set WPA/WPA2 for the SSID, then the targets wont be able to connect to the networks that Karma provides as they show up as open networks for the clients (And obviously, they dont know the WPA key regardless).
But by leaving it open, then if someone suspects its a Pineapple network, then they can connect to the network, and then either brute force their way into the admin web interface, or sniff the credentials (since the web interface doesnt use SSL). So since the Pineapple has multiple radios, isnt it possible to have one "management" network and one victim network?