Forum Thread: Do a MITM-Attack on a Public Wifi Using a Pineapple

Hello my ambitious hackers,

In this short tutorial I want to show you how you can spy on data traffic (also called a Man-in-the-Middle attack) on a public Wifi using a Pineapple Mark or Nano (you didn´t really think that I mean the pineapple fruit;)?

The Man-in-the-Middle attack:

https://en.wikipedia.org/wiki/Man-in-the-middle_attack

So, first of all you need to buy one. You can do a Man-in-the-Middle attack without one, but i´ll show you this in an other tutorial. In case you can do a lot more with the Pineapple, but these things are coming later. I know, you can spy the traffic with Wireshark or else, but as I said: The Pineapple can do a lot more.

I just want to say: If you know how to use a Wifi Pineapple, then it´s a really, really powerful tool!

You can buy one here:

https://hakshop.com/products/wifi-pineapple

Step 1: Configure the Wifi Pineapple on Windows, Linux and Android

Follow these instructions:

https://www.wifipineapple.com/pages/setup

Be sure that you download the correct firmware for the Wifi-Nano, the Wifi-Tetra or the Wifi-Mk4/5.

Step 2: (Optional) Download Modules

For a successful attack you dont need to install modules.

But if the traffic is encoded with HTTPS or SSL, you can download and install this:

Click on "Modules" on the site bar > Manage Modules > Get Modules from WIFIPINEAPPLE.com

Install SSLsplit. It shows you the decoded TCP and SSL traffic if your Pineapple can´t decode it into HTTP.

You want to have an account with the password?

Download Site Survey. With this module you can make a fake login-site to get email-addresses, other logins and passwords!

Step 3: Find a Public Wifi and Setup the Pineapple

So, now you are equipped with the most useful stuff.

Go to a public Wifi, sit down (best on a wall), start your laptop and connect with your Wifi Pinapple.

Click on "Recon" on the site bar and scan for SSID´s

If you found one, click on it and click on "Add SSID".

Now wait for some people to connect to the Wifi ( or now to your Pineapple). What you are doing now, you are redirecting the Network traffic to your Pineapple.

Step 4: Finished!

Now you can spy on anyone in this network!

You can send a report on the time you want and you can choose how (on Email, SSD, etc.)

I hope you liked my first tutorial on Null-Byte. I am really sorry if my English isn´t that good. When I did something wrong or you want to update this post, just write a comment!

1 Response

Thanks for writing this!

Share Your Thoughts

  • Hot
  • Active