kurtm Posted January 30, 2012 Posted January 30, 2012 hi again , another thing that concerns me is that, we know hand held devices such as iphone android devices when connected to the internet (some automatically authenticates their emails Gmail Yahoo or messangers) my question is How can we sniff or get does auto authenticating from hand held devices once it got connected to the Pineapple . thanks in advance Quote
Mr-Protocol Posted January 30, 2012 Posted January 30, 2012 It's probably encrypted unless they are using POP which is unlikely. Quote
darkside40 Posted January 30, 2012 Posted January 30, 2012 Normally the traffic generated by devices like the iPhone or Android Smartphones should be encrypted with SSL (App's which need to Authenticate) or with TLS/SSL (Mail Applications). If you are lucky this devices dont use encryption, maybe because a mailserver does not support it or the developer of the app forgot to use encryption. If it is encrypted the Pineapple itself cant do anything about it. Only thing you can try then is to setup your Notebook to use tools like SSLstrip to force these devices to not use SSL, and to sniff the traffic with wireshark. Sometimes this works, sometimes not. Quote
Darren Kitchen Posted February 1, 2012 Posted February 1, 2012 Getting SSLStrip on the pineapple is definitely a goal. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.