zxi Posted May 26, 2014 Share Posted May 26, 2014 Hi,I haven't see any solutions as to how to defend against the wifi pineapple, so I made a quick script to do so on os x. It uses a whitelist of networks that you trust (non-open networks) and will check os x preferred networks periodically (you must set a cron job to do so) and remove any non whitelisted entries. #!/bin/bash # prevent automatic ssid association to hotspot honeypots (wifi pineapple) by removing non whitelisted ssids from os x preferred networks (run as cron job) whitelist=('ssidname1' 'ssidname2') if [ ${#whitelist[@]} -eq 0 ]; then echo "you must define ssid names in the whitelist." exit 1 fi IFS=$'\n'; num=0 wifi=`networksetup -listallhardwareports | awk '/Hardware Port: Wi-Fi/,/Ethernet/' | awk 'NR==2' | cut -d " " -f 2` ssids=( $(networksetup -listpreferredwirelessnetworks $wifi | sed -n '1!p' | sed 's/ //g') ) echo "-> starting wifi pineapple defense" echo "-> checking for new preferred networks on $wifi.." for i in "${ssids[@]}"; do if [[ "${whitelist[*]}" =~ $i ]]; then : else networksetup -removepreferredwirelessnetwork $wifi $i let num=num+1 fi done echo "-> finished, removed ($num) entries" Quote Link to comment Share on other sites More sharing options...
digininja Posted May 26, 2014 Share Posted May 26, 2014 A good script. The problem comes when you are connecting to open networks so have to disable it, there is then a window of opportunity for an attacker to go in as an evil twin. Does the listpreferredwirelessnetworks command return the type of network? If so then you could also automatically remove any open networks you'd accidentaly trusted, just make sure you give a warning if you do. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.