What Is WiFi Pineapple?

WiFi Pineapple Image
WiFi Pineapple Trademark

Pineapple WiFi trademark Owned By Hak5 LLC

Fair Use of Copyright17 USC § 107

What Is Pineapple WiFi?

Is the Internet a Garden of Eden or, as often stated, a jungle? Fruit grows in both gardens and jungles but the Pineapple WiFi is not a fruit. As described by venerable tech writer Peggy Rouse, it’s “a wireless auditing platform… that allows network security administrators to conduct penetration (aka “pen”) tests, a type of ethical hacking (that) seek(s) out security vulnerabilities.”

But the Pineapple WiFi is like fireuseful but dangerous, especially when wielded by hackers for nefarious purposes. It’s “the perfect tool for demonstrating exactly what poor security can lead to,” according to the University of Central Lancaster security researcher Scott Helme.

What does “poor security” actually mean? For software developers, it’s “insufficient transport layer protection in web applications,” per Australian web security expert Troy Hunt, recognized by Microsoft as a Most Valuable Professional (MVP). For us tech laity, it means we’re visiting “HTTP” (instead of “HTTPS“) websites and yes, the “S” stands for “secure.”

In truth, a WiFi Pineapple isn’t that much different from a conventional WiFi access point (AP). A significant difference between the two, however, is that a Pineapple uses multiple radios instead of the single radio configuration found in a typical wireless router. Thus, a Pineapple can simultaneously interface with hundreds, rather than dozens, of devices.

As Hunt points out, the device is an ideal tool for black hats to instigate a type of Man in the Middle (MiTM) attack known as Pineapple MiTM. We’ll delve into the details below. But we start by repeating our frequent admonitions to rely on VPNs when using public WiFi (and even when surfing the web at home). This precautionary measure, as well as eschewing visits to HTTP websites, protects against Pineapple MiTMs.

Meet HAK5 and Darren Kitchen

You may have heard of Hak5, the YouTube channel that chronicles hackers and their exploits. It’s the brainchild of Darren Kitchen who also offers pen testing gizmos worthy of James Bond and Q’s MI6 labs through the hak5.com website. In addition to the Pineapple, there’s also the “Shark Jack,” the “Screen Crab,” the “Signal Owl,” the “Packet Squirrel” and the “USB Rubber Ducky.”

As reported by vice.com, Kitchen invented the WiFi Pineapple after he “saw that WiFi had inherent flaws that made it vulnerable to spoofing attacks.” He added, “I figured if information security people had access to a device that could easily exploit these flaws, it would raise awareness and get things fixed.”

To learn more about Hak5 and its products, go to the Hak5 subreddit, which counts over 3.25 million users among its associated communities. Before moving on, we’ll mention the Wall of Sheep, hosted by the Packet Hacking Village at the annual DEF CON conference in Las Vegas. It’s a blithesome attempt to shame people into understanding the importance of data security.

The “Wall” is typically displayed on a large projector screen at the Packet Hacking Village and shows a running list of devices at the conference connected to insecure networks. Not only can attendees see device IDs, but they can also view any websites users tried to access and any pertinent credentials. Want a Wall of Sheep? You can easily make one using a WiFi Pineapple.

WiFi Pineapple Models

First foisted on the hacking community in 2008, the WiFi Pineapple received pop culture notice due to its impact on story plots found on HBO’s Silicon Valley (Season 4’s “Hooli-Con” episode) and USA Network’s Mr. Robot.

The Pineapple works with all OS platforms including Windows, macOS and Linux. According to outpost24.com, the Pineapple runs “a modified version of OpenWRT, an embedded Linux distro designed for routers.”

As of April 2020, hak5 offers two separate “6th generation” WiFi Pineapple models: the “pocket-sized” NANO ($100) and the TETRA ($200). Deploy the NANO for its portability and the TETRA for stationary use within the home or office. Compare the features of the two in the table below:

TETRANANO
Dual Band 2.4/5 GHzSingle Band 2.4 GHz
533 MHz Network SoC 400 MHz Network SoC
Four Long Range Antennas
up to 800mW per radio
Two Standard Antennas
up to 400mW per radio
USB Ethernet, USB Serial,
USB Host and Ethernet Ports
USB Ethernet Plug,
USB Host Port
2 GB NAND FlashMicroSD Expansion
Power via USB or DCPower via USB

Table adapted from Hak5

Per outpost24.com, here are hardware specs for the NANO “revision 5,” updated on 29 January 2020:

We skip the nuts-and-bolts of activating and deploying a Pineapple. Plenty of online tutorials abound for those interested in learning how these pentest platforms work; see here and here. Hak5 also offers “an incredibly robust series of tutorials” should you want to discover more specifics on device utilization.

WiFi Pineapple Video Tutorial

Take a look at this video tutorial on the WiFi Pineapple from Certified Information Systems Security Professional (CISSP) Loi Liang Yang, an Adjunct Lecturer for Cybersecurity at the University of Singapore:

WiFi Pineapple MiTM Attacks

The Pineapple MiTM attack surveils data when a hacker inserts a Pineapple between a user device and a licit WiFi AP. Data is first routed through the Pineapple, which “fools” devices into believing that they’re interfacing with a legitimate AP, before moving onward to the Internet.

Conceptualize a MiTM attack by comparing your data packets to letters left in your mailbox for the mail carrier. But before the carrier retrieves the letters, an intruder reads your mail, records its contents and then returns it back to the mailbox for delivery.

The Pineapple exploits the fact that users are blithely habituated to connecting to multiple APs while in public places. Say you’re at a grocery store and see a Service Set Identifier (SSID) called “Free Grocery Store WiFi.” Do you consider that it could be a Pineapple siren song or reflexively assume it’s legitimate WiFi service provided by the grocer? We thought so.

A Pineapple also dupes wireless devices into illicit connections by scamming device software that automatically remembers its previous connections to APs. While convenient, it’s a highly insecure practice.

Once activated, a device’s wireless radio emits requests for any WiFi network within range. It specifically seeks out networks to which it connected to previously. The Pineapple “convinces” devices into “believing” that they’re connecting to a legitimate AP used in the past. Thus, you may reconsider the wisdom of utilizing apps such as Passpoint WiFi.

As vice.com’s Daniel Oberhaus aptly states, it’s “like walking around with a set of keys to your house and asking every stranger you meet if they are your roommate… You… run the risk of running into an ill-intentioned stranger who will lie to you and say, ‘Yes, of course I am your roommate. Please let me in,’ and then… steal(s) all your stuff.”

Coda

The Pineapple is capable of much more mischief than just MiTM attacks. It can generate fake website certificates, capture WPA/WPA2 handshake steps and insert raw data frames. It also collects leaked SSIDs from potential clients (i.e., devices), crucial to its ability to spoof networks.

Besides connecting to only HTTPS websites (look for the padlock icon on the left side of a webpage’s address bar) and using a VPN, another best practice you can follow to protect your devices and sensitive data from the havoc a Pineapple can wreak is configuring your device to “forget” any public WiFi network.

This prevents your device from continually broadcasting SSIDs you’ve previously visited. Thus, a Pineapple can’t spoof the SSID and dupe your device into an automatic connection.

Other steps to take? Turn off your device’s WiFi functionality when not in use, don’t permit your device to automatically connect to open WiFi networks and verify any website SSL certificate for authenticity. Unfortunately, some precautions such as forgetting WiFi networks and turning off WiFi functionality can be a hassle when using Android or iOS devices.

Of course, to prevent any Pineapple attack, the most foolproof protection is to use a hardwired Ethernet connection to the Internet. We presume you remember how to connect an Ethernet cable from your device to a wall outlet.

Leave a Comment