Jump to content

Pineapple


Wiebe
 Share

Recommended Posts

After seeing the episode(s) about the Pineapple, im wondering about something..

If someone with a Pineapple would be in Wifi range of my computer and the network i want to connect to would also be in Wifi range, to wich router would my Computer connect to ?

Even when the network is password protected with WPA2 ?

Is there a way to check if the router im connected to really is the router i think it is ?

Thanks.

And a happy new year btw! :lol:

(Forgot about the topic name, wich sucks, is there a way to edit it?)

Link to comment
Share on other sites

If Karma mode on Jasager is active, you'd almost certainly get roped into the Jasager network. Even though the network you want to join is encrypted. This is because before the encryption is established, the protocol says 'I want to join "HOME-NET". What's your BSSID?' and just like that, Jasager transmits "HOME-NET is at BSSID xx:xx:xx:xx:xx:xx" where it inserts its own BSSID. It then never asks for your encryption key, and you're now Pineapple'd.

Technically, it's a race condition, whoever transmits the BSSID to you first will "get" you, but in the lab, I've seen that if you're in range of Jasager, it pretty much always gets the response back to you faster than the real access point.

Link to comment
Share on other sites

Thanks for the information :)

Is there a way to check if it is the router you suspect it to be ?

I already thought of checking the MAC adress.. but thats spoofable too if the hacker would want it..

(Wifi is pretty insecure, even if its password protected... )

Link to comment
Share on other sites

By default, the MAC isn't spoofed. And if it's spoofed, there will probably be other problems. I have spoofed a computer's wireless MAC before and it ends up with flaky communication for both. Access points with the same MAC would probably end up with similar results.

Although, all you really need to do is know is if your access point is encrypted, you know you got pineapple'd if your current connection is in the clear and not WEP/WPA/WPA2 etc.

Link to comment
Share on other sites

Also, if you're really paranoid, you can force all your traffic through VPN or SSH. Even if the Jasager does get you, your session is tunneled and encrypted. So long as you don't let it MITM you (i.e. accept a forged SSH key or VPN Cert) you'd be relatively secure.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...