Search the Community

Hello everyone! I have a couple of questions that I hope you guys might be able to answer. My boss has given me a Pineapple Nano to tinker with and see what the possibilities are with the device and what the risks are for his network if someone with given device would go drink some coffee next to his building and plan his attack. He also wants to know if it's possible to use some of these features for recognition. So after I've been playing around with the Pineapple Nano for about a week now, trying to hack into the companies wi-fi to see if it's possible to get some results, only I've come up with absolutely nothing, or atleast, nothing that would be able to penetrate his network. I mean I can find all of the SSID's around here, Spoof them, etcetera which is the basic stuff this thing can do, but if I for example try to de-authorize someone they automatically reconnect to another wireless AP that's in the building. Pretty much negating almost the entire point of this device. I've been leaving it on for the whole week without any connection being made by a co-worker meaning I basically have no access whatsoever. When this didn't work out the way I wanted and I figured that I have almost no way of accessing the network ( Also tried catching the handshake and decrypting in Kali but it's a pretty big pass (12+ symbols) so this was quite pointless. So I made my own little test environment consisting of a wireless access point and a company laptop. So what I did was connect the laptop to the access point and then doing the same things I did before which to my surprise actually worked! I managed to de-authorize the laptop and it connected to my "rogue AP". Now comes the next point: There is almost nothing I feel is actually possible looking at all the different security measurements the web takes nowadays. Almost all access to webservers is encrypted leaving some of the modules almost completely pointless and when you're using SSLstrip you end up with around 5 (!!!) warnings before you can actually enter a website. I figured the only "bad stuff" this thing could do to the network is, if I'm lucky and someone actually connects ever, is scan the computers with nmap to see some vulnerabilities and then maybe exploit those. Which would also only work combined with very good social engineering ( Since the employees are trained in safe computer use ) to even get the exploit on said computer. So what I'm wondering is what are the options that maybe I missed? I know this might sound quite strange and my story is a bit long only we want to make a pretty solid risk assessment on the Pineapple Nano. Furthermore, would it be possible for a Pineapple to log Bluetooth signals? Or is this only an option in other Pineapples since my boss was talking about hearing this at a convention he went to. Sorry for the long post, I hope you guys can help me out a little here! TL:DR Question 1: What are the possibilities of the Pineapple with these circumstances: 1. A secure network using 5-6 Access Points encrypted with a 12+ pass WPA2 encryption 2. After you manage to get a connection with a client Question 2: Would it be possible to track people using a Mac-address consistently (When they walk into the front door)

I am asking is this because security is changing rapidly. You can no longer use ssltrip on the sites that contain juicy info because of hsts and I heard Karma will no longer be effective for newer devices do to driver patches. That being said can it do: Ssl split to get around the hsts Create evil twin? Cookie collect/session hijack? Run airmon-ng or the aircrack suite? Apr spoof a connect Ap?