Jump to content

Finding the Man in the Middle


Recommended Posts

Many of you have deployed a wifi pineapple but have you ever had one deployed against you?  That's where I'm at now and I'm hoping you might have some advice for me.  Even after repeated DOD wipes/rebuilds of my laptop, my passwords continue to be stolen, internet bandwidth is throttled, I can't reach sites I use frequently and I can tell my email is being read by a third party.  The list goes on.

I guess the question is where to start?  I've been scanning for other radios and occasionally spot an unsecured one in operation.  Very unusual for my neighborhood but it's hardly proof of anything.  Any help is definitely appreciated.

Link to comment
Share on other sites

In general with http it is near impossible to detect MitM attacks, but with https your browser should automatically detect and warn you about, unless the attacker has already compromised your system or the system at the other end (including the CA as a system at the other end).

Go to the CMD and type arp -a. If the router MAC address is the same as any other node (device) then that devise is the "MAN in the middle". That simple.

Pineapple uses the fact that your phone / laptop / tablet / washing machine / fridge / toothbrush screams looking for all remembered networks. Pineapple watches, listening to their names. Then, knowing what you need for your thirsty Internet access equipment, creates open networks with the same names. Your naive device does not see anything suspicious in the fact that the remembered network had a password, and this one does not have it - since it is called the same, i.e. you can safely connect to it. Therefore, ask what points you connect to wifi.....

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...