WiFi Pineapple - 6th Gen: NANO / TETRA
  • WiFi Pineapple NANO/TETRA
  • Getting Started
    • About the WiFi Pineapple NANO/TETRA
    • The WiFi Auditing Workflow
    • The PineAP Suite
    • The Web Interface
    • Upgrading the Firmware
  • Setup
    • Setup Basics
    • WiFi Pineapple NANO - Linux Setup
    • WiFi Pineapple NANO - Windows Setup
    • WiFi Pineapple TETRA - Linux Setup
  • Internet Connectivity
    • Internet Connectivity Basics
    • Internet Connection Sharing on Kali Linux
    • Internet Connection Sharing over Ethernet in Windows
    • Internet Connection Sharing over Ethernet in Linux
    • Wired Internet Connection
    • WiFi Client Mode
  • Console Access
    • Console Access Basics
    • Secure Shell
    • Serial Access - WiFi Pineapple TETRA
    • Working with PineAP from the CLI
  • Basics of WiFi Operation
    • Basics of WiFi Operation
    • Radios and Chipsets
    • Stations and Base Stations
    • Transmit Power
    • Channels and Regions
    • Protocols
    • Modes of Operation
    • Logical Configurations
    • MAC Address
    • Broadcast Address
    • Service Sets and Identifiers
    • Management Frames
    • Frame Types
    • Frames and Frame Structure
    • Frame Injection
    • Association States
  • FAQ / Troubleshooting
    • Serial Console on the WiFi Pineapple TETRA
    • Ethernet on the WiFi Pineapple TETRA
    • LED Status Indicators
    • Power Considerations
    • Factory Reset
    • Firmware Recovery
    • Manual Firmware Installation
  • Development
    • Legacy WiFi Pineapple Mark V Modules (Infusions)
    • Specifications and Power Considerations
    • WiFi Pineapple NANO/TETRA Module API - Introduction
    • WiFi Pineapple NANO/TETRA Module API - Authentication
    • WiFi Pineapple NANO/TETRA Module API - Modules
    • WiFi Pineapple NANO/TETRA Module API - module.php API
    • Creating WiFi Pineapple NANO/TETRA Modules
Powered by GitBook
On this page
  1. Getting Started

About the WiFi Pineapple NANO/TETRA

The WiFi Pineapple is a powerful and flexible wireless auditing platform. The project is a combination of continuously evolving hardware, software and modules. It caters to and is supported by a passionate and creative community of penetration testers, systems administrators and wireless enthusiasts.

With each generation, the hardware is designed to take advantage of the best available wireless components of the day. The hardware continues to grow as the user experience is refined and components are updated to respond to the ever changing wireless landscape.

The firmware is engineered alongside the hardware to fully exploit 802.11 protocols. Comprising both the embedded Linux base as well as the web-based user interface, it’s in continuous development with free updates delivered over the air.

To further enhance the platform the firmware is designed with an API which enables add-on modules. Modules extend the functionality by providing additional tools and exploits to take advantage of the platform. They can be downloaded and installed over the air from the web interface. In fact, every WiFi Pineapple component is a module which can be updated from the web interface.

WHAT DOES IT DO?

Being a versatile Linux-based wireless auditing platform in development since 2008, it does many things. That said, it is best known for it’s ability to passively gather intelligence, target and track WiFi enabled devices and effectively deploy a rogue access point for man-in-the-middle attacks.

ROGUE ACCESS POINT?

The WiFi Pineapple can be deployed as an extremely effective rogue access point. This is done by thoroughly mimicking the preferred wireless networks of client devices such as laptops, phones and tablets.

For convenience, modern WiFi enabled devices automatically connect to networks for which they have previously joined. Over the years the ways in which devices connect to these preferred networks has changed, and throughout the WiFi Pineapple has stayed effective at capturing these clients using its custom PineAP suite.

As an example, this means that a targeted laptop which has previously connected to an airport WiFi network may automatically connect to the penetration testers WiFi Pineapple thinking it is the legitimate network in its preferred network list. Once the targeted device joins the WiFi Pineapple network as a client, it poises the auditor in the position as the man-in-the-middle.

MAN-IN-THE-MIDDLE?

Network connections are made up of many nodes. When you browse the web from home, for instance, your traffic goes through many “hops”. From your laptop to your wireless access point, your modem and numerous routers between your ISP and the web server of the site you’re accessing – your traffic in the form of packets is handed off to a variety of equipment down the chain.

Any node between you and the destination can be considered a man-in-the-middle, in a way, but the term itself generally refers to an attack. This is where an untrusted third party is poised in such a way as to eavesdrop on the connection. An attacker setup as a man-in-the-middle can both monitor and manipulate the traffic down the line.

It’s a powerful place to be as a penetration tester. The closer you can get in-line to the target, the more successful your attack may become. With the WiFi Pineapple deployed as a rogue access point targeting the individual of interest in an audit, this poises you, the auditor, as the first hop in the chain.

HOW CAN THE WIFI PINEAPPLE HELP MY PENTEST?

With an emphasis on responsible auditing within the scope of engagement, the WiFi Pineapple can be used to passively gather intelligence, as well as actively capture clients in order to monitor and manipulate traffic. Modules such as Evil Portal can be deployed to effectively harvest credentials or inject malware onto targeted devices. When used in conjunction with typical tools of the trade, the WiFi Pineapple can easily integrate into your pentest workflow.

As more organizations embrace Bring Your Own Device (BYOD) policies, endless possibilities emerge for the penetration tester. The focus shifts from breaking into the network to becoming the network.

PreviousWiFi Pineapple NANO/TETRANextThe WiFi Auditing Workflow

Last updated 3 years ago