NEWS

The Pineapple Express: Hak5 Builds A Bigger, Better WiFi Honey Pot

By Carlton Purvis

The WiFi Pineapple Mark IV doubles the processing power, doubles the RAM, adds a second Ethernet port, improves the battery, and adds a USB port that allows hackers to give it broadband connectivity and remote access. With a 10-hour battery, the Mark IV is a self-contained system that could be left in a location to collect data and retrieve it later for analysis. The Mark IV sells for $100. 

“As long as the right person can get into the building, hide it under a desk or plug it into a wall, it will connect back to your red team where they can actually do the penetration test there,” Kitchen said.

Companies and individuals can protect against pineapple devices, but it takes away the convenience that comes with automatically connecting, Kitchen says.

One way is to check the SSID or hardware ID on the router or network you’re trying to connect to. If a device is showing that it can connect to a home network or corporate network away from home, there may be a pineapple around.

“One of the things that I do on my own machines to see if there might be a pineapple in the area is manually add a network to my operating system and name it 'Pineapple Alert,' so my laptop is constantly probing looking for a network named Pineapple Alert. If there’s a pineapple around it will say, ‘Oh yeah, I’m around.’ And then, I’ll just turn off WiFi,” Kitchen said.

Security consultants have in the past said that pineapples have no legitimate use. "Previously, the hackers’ tools were developed so network administrators could monitor traffic to help them manage the networks, a real and appropriate use. Unfortunately, the hackers started using an otherwise-legitimate technology for their own nefarious purposes," writes PrivateWifi.com. The blog also raises concerns that the equipment is relatively cheap so now "anyone, with or without much intellect, can become a hacker."

Darren says he hasn't encountered pineapples in the wild, but he has come across them in the “target-rich environment” of hacker conferences.


♦ Photo by Carlton Purvis/Security Management

Comments

View Recent News (by day)

 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.