pinecone Posted January 20, 2012 Share Posted January 20, 2012 Hi all, I just recently discovered this site and have enjoyed learning about the pineapple. I was considering building/buying one sometime in the near future. I was wondering, what exactly makes the Pineapple device different than jut setting up your laptop as a rogue hotspot? Also, does anyone know if there are going to be any more Pineapple devices put back in stock anytime soon? Building one seems fairly straightforward but I'd rather just purchase if they are gonna be available again soon. Look forward to being a part of this forum :) Also, thanks for the info ahead of time! -Pinecone Quote Link to comment Share on other sites More sharing options...
pinecone Posted January 20, 2012 Author Share Posted January 20, 2012 OH one more question. Is there a SINGLE page with the full tutorial on how to convert a fonera router to a pineapple device? I have come across several pages but it seems kinda scattered. Is there is a single consolodated resource? If not what is the best page? I currently have just been browsing these forums and watched this video on configuration: http://www.viddler.com/explore/hak5/videos/56/ Thanks! Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 20, 2012 Share Posted January 20, 2012 The fon routers are the older versions. The mark III is the Alfa AP51. Not sure if they will get any Mark III in stock so you might be better off buying an AP51 and building your own for now. Rumor has it that Mark 4 is being looked into. The pineapple will respond to any open non encrypted probe for clients to connect. A laptop with just a rogue AP will not (unless you have the correct scripts running). Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted January 20, 2012 Share Posted January 20, 2012 Think it depends on what you want to do. If you're trying to use meterpreter on your victims or get some type of client/server connection as directly and simple as possible, it might be better to use a laptop. It has more resources than a small router and IMO easier to control. But if you want to do phishing type stuff then it would probably be easier to use a router. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 20, 2012 Share Posted January 20, 2012 Think it depends on what you want to do. If you're trying to use meterpreter on your victims or get some type of client/server connection as directly and simple as possible, it might be better to use a laptop. It has more resources than a small router and IMO easier to control. But if you want to do phishing type stuff then it would probably be easier to use a router. If you are using a pineapple, chances are you have a laptop doing ICS. So that kind of makes your statement invalid because there is (in most cases not all) a laptop involved for ICS. Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted January 20, 2012 Share Posted January 20, 2012 (edited) I nor the op said anything about ICS. I said it depends what you want to do. When I said "use a laptop" I was implying to use it as a rogue hotspot as the op asked. Way I see it, end goal is either to obtain credentials or install malware, both of which don't require ICS or a router, just a decent laptop with a good card. Edited January 20, 2012 by bobbyb1980 Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 20, 2012 Share Posted January 20, 2012 The pineapple without ICS is pretty limited. Yes you can make up a phishing site, but they will suspect something is up when they cannot reach anything after their "login attempt". It was an assumption to use a laptop with ICS because that is how even mark I was used. Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted January 21, 2012 Share Posted January 21, 2012 Using a good laptop and the various rogue ap tools you can accomplish everything the pineapple does without the need for a router/ICS and only on the laptop. Once the attack is complete client is deauthed from the rogue ap (laptop), no longer given probes, then allowed to connect to their natural AP. It may not be as technically discreet as having ICS setup, but it does eliminate the need to be the only person in a cafe with an antenna sticking out their bag. It also simplifies meterpreter attacks therein increasing their probability of success. Much love for the pineapple though, and probably better for phishing. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 21, 2012 Share Posted January 21, 2012 If you just have a laptop with hostapd + karma you still still need another interface to do ip forwarding/ICS. Quote Link to comment Share on other sites More sharing options...
telot Posted January 21, 2012 Share Posted January 21, 2012 Laptop can easily respond to any probe request and respond by initializing a authentication request and then an association request. See airbase-ng. The pineapple is just so damn convenient and awesome. I can attach a high db gain antenna, I can automate it easier, as it's purpose is focused, and there's a great community based around it (ahem). Yes, there's lots of reasons to go with the pineapple. telot Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 21, 2012 Share Posted January 21, 2012 Pineapple runs hostapd instead of airbase-ng due to stability if I'm not mistaken. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted January 22, 2012 Share Posted January 22, 2012 Telot hit the nail on the head. Sure your laptop can do the same thing, but it may not be purpose built for this function, small enough to conceal or as portable. If the rumors are correct the Mark 4 should make it absolutely clear which is the more convenient attack platform. We'll find out at Shmoocon ;) Quote Link to comment Share on other sites More sharing options...
telot Posted January 22, 2012 Share Posted January 22, 2012 Pineapple runs hostapd instead of airbase-ng due to stability if I'm not mistaken. And I can understand why. I've been playing with airbase-ng for a few days now, and I've found it to be very unreliable. Sometimes my dhcp server plays nice, sometimes it doesnt. When it doesn't, sometimes certain devices will autoassign themselves an IP (169.xxx.xxx.xxx range) and sometimes that same device refuses, and other devices simply will not play ball at all. Whilst wiresharking all these inconsistencies I noticed erratic behavior from airbase as the common denominator. Its a great tool, but I don't think its nearly as refined as other tools in the aircrack suite (such as airmon, airodump, and of course aircrack). Its definitely best to stick with the pineapple. You can use the butt end of a screw driver to pound in a nail, and still use that screwdriver for many other things (screwing screws, pry bar, inner ear scratcher) but using a tool that was built with pounding a nail in mind works much better and is worth the cost. telot Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.