Jump to content

Finding the Man in the Middle


Recommended Posts

Many of you have deployed a wifi pineapple but have you ever had one deployed against you?  That's where I'm at now and I'm hoping you might have some advice for me.  Even after repeated DOD wipes/rebuilds of my laptop, my passwords continue to be stolen, internet bandwidth is throttled, I can't reach sites I use frequently and I can tell my email is being read by a third party.  The list goes on.

I guess the question is where to start?  I've been scanning for other radios and occasionally spot an unsecured one in operation.  Very unusual for my neighborhood but it's hardly proof of anything.  Any help is definitely appreciated.

Link to post
Share on other sites

In general with http it is near impossible to detect MitM attacks, but with https your browser should automatically detect and warn you about, unless the attacker has already compromised your system or the system at the other end (including the CA as a system at the other end).

Go to the CMD and type arp -a. If the router MAC address is the same as any other node (device) then that devise is the "MAN in the middle". That simple.

Pineapple uses the fact that your phone / laptop / tablet / washing machine / fridge / toothbrush screams looking for all remembered networks. Pineapple watches, listening to their names. Then, knowing what you need for your thirsty Internet access equipment, creates open networks with the same names. Your naive device does not see anything suspicious in the fact that the remembered network had a password, and this one does not have it - since it is called the same, i.e. you can safely connect to it. Therefore, ask what points you connect to wifi.....

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...