![Page 1: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/1.jpg)
Автономный сетевой шпион. WiFi Pineapple usage in the wild
21/08/2012DCG #7812
г. Санкт-Петербург by@ygoltsev@d0znpp@d_olex
![Page 2: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/2.jpg)
Defcon Russia (DCG #7812) 2
Few words about myself
Security expert/
Penetration testing team
Community member
PHDays g00n
Editor
![Page 3: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/3.jpg)
Defcon Russia (DCG #7812) 3
WiFi Pineapple
http://cloud.wifipineapple.com/
by
![Page 4: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/4.jpg)
Defcon Russia (DCG #7812) 4
Functionality
• Stealth Access Point for Man-in-the-Middle attacks • Mobile Broadband connectivity (3g/4g via USB) • Manage from afar with persistent SSH tunnels and
meterpreter • Relay or Deauth attack with auxiliary WiFi adapter • Web-based management simplify MITM attacks • Easily concealed and battery powered • Expandable with community modules
![Page 5: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/5.jpg)
Defcon Russia (DCG #7812) 5
Based on
AP121U (http://bit.ly/NAvaq9)- 45 $
+Jasager (OpenWRT) (http://bit.ly/EgvNV)- free
![Page 6: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/6.jpg)
Defcon Russia (DCG #7812) 6
AP121U
• 93 x 70 x 26mm• 74g• IEEE 802.11b/g/n• 2x Ethernet• USB 2.0• 400 MHz
![Page 7: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/7.jpg)
Defcon Russia (DCG #7812) 7
Jasager
- Linux (kernel 3.2)- hostapd (http://hostap.epitest.fi/hostapd/)
hostapd is a user space daemon for access point and authentication servers.
- Karma (http://www.digininja.org/karma/)Patch for hostapd.Set of patches to access point software to get it to
respond to probe requests not just for itself but for any ESSID requested.
![Page 8: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/8.jpg)
Defcon Russia (DCG #7812) 8
Equalness
=
![Page 9: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/9.jpg)
Defcon Russia (DCG #7812) 9
But
• 93 x 70 x 26mm• 74g
and 100 $...
![Page 10: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/10.jpg)
Defcon Russia (DCG #7812) 10
money - not so important
![Page 11: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/11.jpg)
Defcon Russia (DCG #7812) 11
Yammi!!
![Page 12: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/12.jpg)
Defcon Russia (DCG #7812) 12
Usage
- As a home router- As a tool for penetration testing- As an energy independent network spy
![Page 13: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/13.jpg)
Defcon Russia (DCG #7812) 13
Some statistics
• Location: Big Mall, Food Court• Wi-Fi SSID –
‘Ne_podkluchaytes_k_etoy_to4ke’• Action:
Respond to all probe request.Disconnect.Ignore MAC next time.
![Page 14: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/14.jpg)
Defcon Russia (DCG #7812) 14
Over 9000….
P.S. Over 100
![Page 15: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/15.jpg)
Defcon Russia (DCG #7812) 15
More interesting
~ 189 minutes
![Page 16: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/16.jpg)
Defcon Russia (DCG #7812) 16
More interesting
• Mobile Juice pack
~ More than 6 hours
![Page 17: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/17.jpg)
Defcon Russia (DCG #7812) 17
And what if?
![Page 18: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/18.jpg)
Defcon Russia (DCG #7812) 18
Other stuff
• More than 20 add-ons (modules)• Build in web/dns/ssh services• tcpdump/air*/ettercap/sslstrip
![Page 19: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/19.jpg)
Defcon Russia (DCG #7812) 19
Cover story: fairy tale
![Page 20: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/20.jpg)
Defcon Russia (DCG #7812) 20
Cover story: legendary legend
![Page 21: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/21.jpg)
Defcon Russia (DCG #7812) 21
Cover story: box location
![Page 22: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/22.jpg)
Defcon Russia (DCG #7812) 22
Cover story: box location
![Page 23: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/23.jpg)
Defcon Russia (DCG #7812) 23
Cover story: packing the box
• Pelican boxes – the best choice
![Page 24: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/24.jpg)
Defcon Russia (DCG #7812) 24
Cover story: setting up environment
• Setting up SSH tunnel• …• Do the stuff
![Page 25: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/25.jpg)
Defcon Russia (DCG #7812) 25
Cover story: Catch me if you can
• Wipe all shit!
+ =
![Page 26: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/26.jpg)
Defcon Russia (DCG #7812) 26
Bonus track: Wipe video
![Page 27: Автономный сетевой шпион . WiFi Pineapple usage in the wild](https://reader036.vdocument.in/reader036/viewer/2022081503/56816384550346895dd46a4a/html5/thumbnails/27.jpg)
Defcon Russia (DCG #7812) 27
Bonus track: Wipe