Wiebe Posted December 31, 2008 Share Posted December 31, 2008 After seeing the episode(s) about the Pineapple, im wondering about something.. If someone with a Pineapple would be in Wifi range of my computer and the network i want to connect to would also be in Wifi range, to wich router would my Computer connect to ? Even when the network is password protected with WPA2 ? Is there a way to check if the router im connected to really is the router i think it is ? Thanks. And a happy new year btw! (Forgot about the topic name, wich sucks, is there a way to edit it?) Quote Link to comment Share on other sites More sharing options...
ax0n Posted December 31, 2008 Share Posted December 31, 2008 If Karma mode on Jasager is active, you'd almost certainly get roped into the Jasager network. Even though the network you want to join is encrypted. This is because before the encryption is established, the protocol says 'I want to join "HOME-NET". What's your BSSID?' and just like that, Jasager transmits "HOME-NET is at BSSID xx:xx:xx:xx:xx:xx" where it inserts its own BSSID. It then never asks for your encryption key, and you're now Pineapple'd. Technically, it's a race condition, whoever transmits the BSSID to you first will "get" you, but in the lab, I've seen that if you're in range of Jasager, it pretty much always gets the response back to you faster than the real access point. Quote Link to comment Share on other sites More sharing options...
ax0n Posted December 31, 2008 Share Posted December 31, 2008 Also, this thread probably belongs in the Jasager forum. Mods? Quote Link to comment Share on other sites More sharing options...
Wiebe Posted December 31, 2008 Author Share Posted December 31, 2008 Thanks for the information :) Is there a way to check if it is the router you suspect it to be ? I already thought of checking the MAC adress.. but thats spoofable too if the hacker would want it.. (Wifi is pretty insecure, even if its password protected... ) Quote Link to comment Share on other sites More sharing options...
ax0n Posted December 31, 2008 Share Posted December 31, 2008 By default, the MAC isn't spoofed. And if it's spoofed, there will probably be other problems. I have spoofed a computer's wireless MAC before and it ends up with flaky communication for both. Access points with the same MAC would probably end up with similar results. Although, all you really need to do is know is if your access point is encrypted, you know you got pineapple'd if your current connection is in the clear and not WEP/WPA/WPA2 etc. Quote Link to comment Share on other sites More sharing options...
ax0n Posted December 31, 2008 Share Posted December 31, 2008 Also, if you're really paranoid, you can force all your traffic through VPN or SSH. Even if the Jasager does get you, your session is tunneled and encrypted. So long as you don't let it MITM you (i.e. accept a forged SSH key or VPN Cert) you'd be relatively secure. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.