One of the online shows I enjoy is Hak5.org’s podcast (http://hak5.org). Hak5 also manufactures tools for penetration testers. WiFi Pineapple (https://wifipineapple.com/) is one of the devices they manufacture. It is a “hotspot honeypot” and its most powerful feature is something called a Karma attack.
What is Karma Attack?
Simply put when our wireless devices keep sending out probe requests searching for the networks they “know” to re-associate. Normally all APs that don not have the SSID that’s probed for simply ignore these packets. But not WiFi Pineapple! It runs a modified firmware and replies to all probe requests claiming that it is the network our device is looking for. The modified firmware is called Jasager (yes-man in German) which explains a lot I think.
Build or Buy One
Base WiFi Pineapple costs $99. You can buy one from here: http://hakshop.myshopify.com/collections/gadgets/products/wifi-pineapple
If you like getting your hands dirty to dig deeper you can build one on your own. The firmware is a free download. The router inside WiFi Pineapple is an Alfa AP121U which costs around £40 or you can go with the bare board which costs around £20 (here on Amazon) Also you need to flash it via serial port and you need a USB TTL cable (here on Amazon) They have a great step-by-step tutorial (see References down below). After following the instructions you can have your own homemade WiFi Pineapple within 20 minutes.
So what is the risk?
If you have a habit of using unsecured wireless networks than you are under risk. As by default most devices try to connect to previous networks automatically, there is a chance to connect to attacker’s AP as it is faking to be your old friendly network that you used to be connected. Good news is that pineapple doesn’t support Karma attack for protected networks. So if you manage to stay away from open networks then you are off the hook. But still it doesn’t hurt to be careful and watch out closely to where you are connecting.