Jump to content

Preventing Offline Attacks With The Pineapple


P@c_M@n
 Share

Recommended Posts

So, i saw the most recent episode and thought i would make a small script to show if you are connected to a pineapple instead of a real wireless network. its not a large script so here's the code:

#!/usr/local/bin/python
###########################
#Pineapple Preventer.py   #
#a small script to protect#
#from an offline pineapple#
#attack.                  #
###########################

import socket

def ping(IP="74.125.227.19",port=80): #IP is the address of google
	s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
	try:
		s.connect((IP,port))
		print "request accepted. No pineapples here :)"
	except:
		print "The request failed. Are you sure there aren't any pineapples lurking around?"
	s.close()

It basically uses a socket to connect to google and then if it works, it gives the all clear. Now, i dont have a pineapple myself so I am just assuming this will work for an offline pineapple attack like the one that was shown in the last episode.

Link to comment
Share on other sites

Not sure if that's gonna work, but what if the pineapple is only passively monitoring the traffic.

Link to comment
Share on other sites

I actually meant with just an offline attack like the one shown on the latest episode. Because the pineapple wasn't actually connected to the internet was it? Or am i mistaken?

No, it wasn't connected to the internet. It was only redirecting the users to a fake facebook and twitter logon page and harvesting their credentials.

Plus your script should work, as its trying to ping Google.com and since there is no internet connectivity, the end user should receive the warning message.

"The request failed. Are you sure there aren't any pineapples lurking around"

Edited by Infiltrator
Link to comment
Share on other sites

This is fine for the offline attack and something to keep in your aresenal, but like mentioned, if someone was passively monitoring the traffic, you wouldn't be the wiser. Session hijacking liek Hamster and Ferret would be easy to implement without people being the wiser. Using tools like IronGeeks mac address monitor would also be a good idea.

In any case, if you were using ANY kind of wireless that wasn't your own, it should be considered hostile and untrusted. Always tunnel your traffic where possible, or use a VPN when on someone else's wireless.

Link to comment
Share on other sites

This is fine for the offline attack and something to keep in your aresenal, but like mentioned, if someone was passively monitoring the traffic, you wouldn't be the wiser. Session hijacking liek Hamster and Ferret would be easy to implement without people being the wiser. Using tools like IronGeeks mac address monitor would also be a good idea.

In any case, if you were using ANY kind of wireless that wasn't your own, it should be considered hostile and untrusted. Always tunnel your traffic where possible, or use a VPN when on someone else's wireless.

Yeah i was just trying to write this crappy little script more as practice than anything else lol.

Link to comment
Share on other sites

one thing to keep in mind is that (unless I am mistaken) the original Pineapple made you connect to it as if it was a network that you knew, like your home wireless network. so that would be the ssid, I may be wrong on that. but if that is true you could make a script that would check for stuff like that, that if you where not at home and you where getting an outer ip address that is not your home outer ip address then you flag the network and get off. if that make sense.

Link to comment
Share on other sites

one thing to keep in mind is that (unless I am mistaken) the original Pineapple made you connect to it as if it was a network that you knew, like your home wireless network. so that would be the ssid, I may be wrong on that. but if that is true you could make a script that would check for stuff like that, that if you where not at home and you where getting an outer ip address that is not your home outer ip address then you flag the network and get off. if that make sense.

Yeap, there's a video in the Securitytube website that demonstrates just that. That's something to be aware of and cautious about. If you see a wireless network with the same SSID as yours, that's a good indication that someone is trying to attack you. DO NOT connect to the wireless, report if you can and leave.

Link to comment
Share on other sites

The easiest way to stop attacks of the pineapple are to change your wireless settings. Most windows users use the default, which means, whenever it sees an access point its been on before, it will automatically connect to it. You can change this per stored access point, in XP, Vista and 7. You just have to go into the wireless connections stored on your system and uncheck "automatically connect" or something similar. I don't have wireless on this machine in front of me, so I can't pull up the screen for he exact phrase, but its in there as an option for stored connections and access points you have already visited.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...