WiFi Pineapple Definition & Pineapple Router Uses
A WiFi Pineapple is a small piece of equipment with a silly name and a lot of power. Some people use this tool for a legitimate security purpose. Others use it for hacking.
Whether you work in security or are concerned about the safety of your own data, it pays to know what a Pineapple router is. Chances are, you'll encounter it at least once during your lifetime.
What Is a WiFi Pineapple?
The size and shape of this device give the WiFi Pineapple its name. It's a small, black device with several spikes. Developers thought it looked a bit like tropical fruit, so they named it accordingly.
The WiFi Pineapple was developed by Hak5, a private company. For about $100, you can purchase one for yourself or your company. And you're not required to disclose what you'd like to use it for.
Hak5 is known for creating testing tools. When the WiFi Pineapple was released in 2008, most people assumed testers would find it useful and everyone else would ignore it. The reality is a bit different.
How a WiFi Pineapple Works
< Open a WiFi channel on your computer, and the device will make a connection to an available router. A WiFi Pineapple is positioned between the device and the router, and with the proper programming, it can inspect all the data as it moves from one location to another.
Setting up a WiFi Pineapple isn't always easy. Bloggers who detail their work create posts that take up dozens of screens. But when the work is done, you'll be able to look over all the traffic moving to and from a device and a WiFi router.
The device makes use of the underlying technology in any WiFi system. When you connect to a WiFi, your device remembers the service set identifier (SSI) of that router. When you're in the same location, your device seeks out a router with the right SSI.
A WiFi Pineapple imitates the proper SSI, and that means anyone preprogrammed to connect will link with the Pineapple router instead.
Legitimate Uses of a Pineapple Router
Computer security experts must understand how their systems work, where they are breaking, and why they might be vulnerable to an attack. A Pineapple WiFi router makes that work much easier.
During a penetration test (or pentest), experts attempt to hack a system, and they document their work for fixes and corrections. Typically, a pentest requires specialised software and operating systems. But a WiFi Pineapple makes it really easy.
A security analyst might set up a Pineapple WiFi and then:
- Look for hookups. Do people from your company attach to it automatically rather than using your authorised WiFi?
- Watch for disclosures. During a man-in-the-middle attack, a hacker watches all the data that passes between a device and a server. A WiFi Pineapple mimics this approach. How much would an attacker see?
- Seek out access. Can a hacker who sets up a man-in-the-middle attack gain further access to your system?
- Watch for alarms. Do your automated systems catch the intruder? How long does it take?
WiFi Pineapple software makes monitoring easy. You'll get email alerts throughout the simulated attack, and you can even tag interesting devices and follow them after they've been tapped by the program.
Some