Monday, July 15, 2013

Good Pineapple, Bad Pineapple, Educational Pineapple

Years ago, I got certified in CWSP and also taught wireless security for a while. I took an amazing class from SANS back in 2008, and had the honor of having Joshua Wright as the instructor. I've written a fair amount of wireless policy, designed networks that use 802.1x, VPN, Encryption Gateways and almost any other mainstream (or slightly off the beaten path) security method available, and have done the PCI and HIPA wireless things. I got really good at finding rogue APs through network clues, combined with "other" elements of information that many in wireless might find atypical (thank you, ten years in a fascinating Air Force career field). I like to think that even though it's not my current core competency, I generally "get it" when it comes to wireless security.

But my goodness, what a pineapple is teaching me.

OK, it's not a real pineapple- it's a cute little router warmed over with bastardized Open-WRT firmware. And it's teaching me (and reminding me of many things I'd forgotten) a lot about general wireless security.

Part of the experience, as I contemplate why I'm enjoying this evil little toy so much, is where it falls on my own timeline. My Linux skills used to be a lot stronger than they are now for lack of use, phishing is becoming commonplace, and I'm part of a society that is generally both more mobile and hyper-willing to jump on any open WLAN they can find. For me, the Wi-Fi Pineapple is providing hours of entertainment and serving as a self-guided training course of sorts in wireless security, penetration testing, and being an absolute pain in the ass to those nearby.

Once you get set up (spring for the thumb drive, it's pretty much essential), there are roughly a couple of dozen "infusions" or packages to install. Some amount to stand alone hacks/tricks, others work in concert to pull off the likes of a sophisticated phishing attack.

I'm basically working through the list, getting competent in each infusion as I go. This is accomplishing the following for me:

  • making me dust off past Linux command skills

  • making me think about why what I'm doing is working, or not

  • taking my brain to wireless places that I don't have to think about day to day

  • making me much more paranoid and careful about using public Wi-Fi

  • helping me to understand the mechanics of a number of wireless attacks

  • putting me in a better position to participate in, defend against, and converse about wireless pen testing by making the attacks easy to do and demonstrate

  • providing great fun- who doesn't like Rick-rolling family members?


Those who are deeper into real wireless security or have good scripting skills might wave off the Pineapple as something you can do yourself for cheaper and without the pre-packaging. I don't debate the point, but I also know that I find great value in the support forums and slew of Pineapple related videos available all over the Internet. I like that the Pineapple is a starting point, and that lots of people who try to use it get frustrated- it shows that you still need to think and experiment at least somewhat. Your experience, curiosity, threshold for cheap-thrills, and general knowledge will have direct bearing on how much value you get out of the experience.

This little unit is great fun, but after playing with it I can say this: the thought of a secret army of Pineapple soldiers out among the common folks in public wireless cells is a bit disturbing. It's worth reading about, if for nothing more than knowing what kind of relatively-easy-to-use potentially bad stuff (it's just a tool, it only becomes bad when the user opts to go that way with it) is out there.
Posted by at
Labels: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)