What is actually patched?

[DKitchen]

For å few months I have wanted to buy the pineapple, but because of the threads I have seen, I'm unsure if I want to order or not. So here is å few questions:

1. Does it still work with all laptops?

2. Which phones does it work with? Since I have heard iOS 9 and lollipop 5 has patched the Pineapple.

3. Will there ever be a Mark VI(6)?

4. Which OSes has patched the pineapple?

[sud0nick]

I'm not sure what you mean by "patched the pineapple". The Pineapple is a modified version of OpenWRT that runs on it's own hardware. You can access it via SSH or the web interface (which supports most browsers, except IE). The Pineapple makes many tasks easier during a pentest but will not provide you with a point-and-click solution for root access on every system around you. I have had much success with it and I think it was well worth the $99 I spent. I haven't heard any rumors of a Mark VI and honestly I would rather see the Mark V continue to be upgraded rather than be forced to buy new hardware.

[ZaraByte]

By patched im sure he means the way karma used to work against older devices the only thing special about PineAP right now is that it can harvest SSID's from devices that come within range of the pineapple it can pretend to be them AP's that devices send out probes asking if that network is around but the device won't auto connect to the pineapple.

It has its pros and cons I'm honestly holding back how I really feel about the pineapple if you like tech toys and gadgets used to auditing or security its something to add to the collection if you have the money to waste.

I hardly use mine because I never leave my parents basement :B

[sud0nick]

I've had many target systems auto connect using PineAP (Dogma + Karma) while harvesting SSIDs. I've seen posts from other people having issues but even newer systems have auto connected when I've run it.

[DKitchen]

I'm not sure what you mean by "patched the pineapple". The Pineapple is a modified version of OpenWRT that runs on it's own hardware. You can access it via SSH or the web interface (which supports most browsers, except IE). The Pineapple makes many tasks easier during a pentest but will not provide you with a point-and-click solution for root access on every system around you. I have had much success with it and I think it was well worth the $99 I spent. I haven't heard any rumors of a Mark VI and honestly I would rather see the Mark V continue to be upgraded rather than be forced to buy new hardware.

Problem is that I need to get the extra equipment as well, and it costs $50 (for shipping to my country) and I have to pay import charges 25%. This will end up with more than 190 dollars (depending on the extra equipment I get). The past few months I have seen a lot of hate towards many of the functions of the pineapple because newer systems are resistable against them. Some say the pineapple works on all devices, some say that most newer devices has patched many of the methods the pineapple uses to attack devices (for example Karma).

[sud0nick]

Only you can decide if you want to buy it. It sucks that you have to pay so much extra and I understand you wanting to be sure the Pineapple is worth the money. My opinion is it is worth $99. Anything you can do on the Pineapple can be ported to a linux distro that has at least two radios but having it in a small device that can easily be concealed adds a lot of value. If you were to use a laptop with some distro of linux, and those antennae sticking out, you might appear suspicious as you sit near your target. However, the Pineapple can be run off a battery for a decent amount of time tucked away in a small hiding spot where it won't easily be found. The web interface allows you to use infusions and monitor operations remotely from your phone, tablet, or laptop so you can remain inconspicuous but still complete your tasks. It isn't the most powerful device around but it is modular and portable. If there is a tool you want for the Pineapple that hasn't been created you are free to create it or at the very least request that someone will.

That ends my little rant. I have not been disappointed by my Pineapple but then again I have a solid background in Linux, networking, and programming in various languages. People may complain that the Pineapple is outdated but, imho, hacking is more troubleshooting than clicking a button in a web interface and expecting to gain root. If you aren't a good troubleshooter, or sysadmin, you won't be a good hacker. The Pineapple will not gather shells for you but it can certainly make them easier to pop open.