If you’re doing any wireless penetration testing these days, odds are you have a WiFi Pineapple Mark IV from Hak5 in your toolkit. If you’re not a professional penetration tester or are just starting out with wireless hacking, the Pineapple is a device that will save you a considerable amount of headaches and is easily the best “all-in-one” tool for the job. This first article in a series of three tutorials is all about walking you through those first baby steps of configuration to get your new toy up and running. Part 1 starts with the Mark IV since many shops have this device already. Part 2 of this series covers the new Mark V, and Part 3 will show the device in action on a real pen test.
The first step to being successful in any endeavor is preparation, and the pineapple is no different. This tool packs a considerable amount of options into a small frame, and getting your new device up and running prior to “game time” is critical. We’ll show you how to set up your host computer’s network interfaces, the communication options to talk to the device, installing and configuring modules (known as Infusions), and more. So let’s get to it.
Figure 1: WiFi Pineapple Mark IV
Hardware Basics of the WiFi Pineapple Mark IV
Taking a look at the Pineapple, you’ll notice it has a few different ports, including one USB port and two Ethernet ports. We’ll be using the USB port primarily for extended storage memory, as the Pineapple itself has very limited memory, and we’ll want to load software extras via the GUI to extend our ability to do fun things. The Ethernet ports will be used to both manage the Pineapple from a PC as well as to provide direct internet access, should we choose. It should be noted that while power can be provided by both AC and battery, the Mark IV suffers from some issues when driven by battery that may affect its ability to power an attached USB device. When using a USB flash drive for storage, this presents an obvious problem, so my recommendation is to stick to using AC when possible.
Figure 2: Ethernet Ports on the Pineapple
Let’s get this baby running! The easiest way to access the Pineapple is by tethering it to a PC that has two network interfaces. This can be done either through two separate NICS or, as in our example, by using one NIC and a wireless connection (as found on most laptops). We’ll be connecting the Pineapple to the laptop via the “PoE LAN” port and our laptop’s NIC and using the wireless card to connect our laptop to the Internet. By sharing the wireless connection and setting a static IP address on the laptop NIC, we not only communicate with the Pineapple, but allow it to talk to the outside world as well.
In Windows, first open your Network Connections, right-click on your wireless adapter, and choose Properties. Next, click the Sharing tab and check the “Allow other network users to connect through this computer’s Internet connection” box. Make sure to choose your LAN adapter in the dropdown under “Home networking connection”.
Figure 3: Wireless Network Connection Properties
Figure 4: Sharing the Wireless Network Connection
The next step is to configure the LAN with a static IP to talk to the Pineapple. Right-click on the Local Area Connection and choose properties. Click on “Internet Protocol Version 4 (TCP/IPv4)” and again click properties. In the box that pops up, choose “Use the following IP address” and enter the following settings.
IP Address: 172.16.42.42
Subnet Mask: 255.255.255.0
Preferred DNS Server: 220.127.116.11
Figure 5: Local Area Network Properties
Figure 6: Editing IPv4 Settings
Figure 7: Setting a Static IP Address
You can verify that the settings are correct and we can talk to both the internet and the Pineapple through a command window using “ipconfig” and “ping”.
Figure 8: Verifying Network Settings
Figure 9: Verifying Connectivity to Pineapple and Internet
If you’re using Linux, the following commands can be run to achieve the same results that we did above with Windows.
- wget wifipineapple.com/wp4.sh
- chmod +x wp4.sh
- firefox http://172.16.42.1/
Accessing the WiFi Pineapple Mark IV
Now that we’re all configured, let’s start talking to the Pineapple. There are two options here: Web interface (HTTP) and Secure Shell (SSH). You’ll be using the web interface for all of the “hacking” features that the Pineapple offers, but being able to manage the Linux operating system that the device runs on is best done over SSH.
To access the web interface, fire up your browser and navigate to the Pineapple’s default IP address of 172.16.42.1 and default port 1471 (http://172.16.42.1:1471). You’ll immediately be prompted to log in, which is done using the default credentials “root / pineapplesareyummy”.
Figure 10: Logging into the Pineapple Web Interface
Figure 11: Logged In!
Gaining access to the Pineapple over SSH requires using Putty or a similar tool. All you need to do here is enter the Pineapple’s default IP address of 172.16.42.1 and go.
Figure 12: Pineapple Default IP in Putty
Figure 13: SSH Access
You’ve finally configured your laptop or PC and connected to the Pineapple, but now what? Good question. The first thing you want to do is update your firmware, install any additional infusions (aka modules) that may interest you, change the default password, and configure the services that start automatically when the Pineapple is powered on.
Let’s start with updating the firmware. From the web interface, after you log in, you’ll find an “Upgrade” link near the top, along with several other navigation links. Click on Upgrade and then click “Check for Upgrades”. If a newer version of the firmware is available, you’ll have the option to flash the newer version. If you choose to, you also have the option to manually download firmware and upgrade by copying the “.bin” file to the Pineapple.
Figure 14: Upgrading Firmware
After flashing new firmware, the Pineapple will reboot and you will have to log in to the web interface again. Be warned that when you flash new firmware, you lose all saved settings and the Pineapple reverts to the default username and password.
The Pineapple supports a wide range of additional infusions, also known as modules, which may be installed. Navigating to “Pineapple Bar” at the top of the web interface will bring you to a screen that has a “List available Infusions” link. Click this link and be amazed at the options! A number of these infusions have been written by the community to extend the functionality of the Pineapple.
Figure 15: Pineapple Bar
Figure 16: Available Infusions
Figure 17: Available Infusions
To install in infusion, simply click the “Install” link to the right of the infusion name. If you’ve configured a USB flash drive as extra storage (highly recommended), you will be prompted on where to install the new infusion. Once again, it’s important to remember that there is limited storage on the Pineapple, so installing multiple infusions can quickly result in the onboard memory quickly filling up.
Figure 18: Infusion Installation
You can view your installed infusions by clicking the “Pineapple Bar” link at any time. You also have the ability to “pin” any of these infusions to the Navigation bar at the top of the web interface for easy access.
Figure 19: Pinning an Infusion to the Navigation Bar
Figure 20: Pinned Infusion
Now it’s time to change the default password. We’d be hard pressed to call ourselves much of a hacker if we made the mistake of leaving the default credentials. Click on the “Advanced” link and scroll down to “Change Root Password”. Enter your new password and click “Change Password” to save.
Figure 21: Click Advanced to Change the Default Root Password
Figure 22: Change the Default Root Password
The final step in our basic configuration is to decide whether you want Karma to start automatically when the Pineapple is powered on. I recommend disabling Karma’s “Autostart” ability to prevent inadvertent “hacking” (and any associated legal problems) unless you know what you’re doing.
Figure 23: Disable Autostart
Our final step in setting up the Pineapple is to configure your local time zone. We have to SSH into the Pineapple for this step, as demonstrated in the “Accessing the Pineapple” section above. Once you have SSH access, enter the following commands to edit the “system” file located in the “/etc/config” directory.
- cd /etc/config
- vim system
Scroll down to “option timezone” and change the default “UTC” value to your appropriate timezone. Your can find a list of all of the available timezone codes at the OpenWrt website.
Figure 24: List of Available Timezones on OpenWrt Website
Figure 25: Eastern Standard Time
Figure 26: Default ‘UTC’ Timezone
Figure 27: Updated Eastern Standard Timezone
After you’ve saved the file, you’ll have to reboot for the updated timezone to take effect.
Congratulations, you’ve now fully configured and ready to start using your WiFi Pineapple Mark IV! Stay tuned for the next articles on the WiFi Pineapple:
- Hacking Airwaves with Fruit Part 2 – The New WiFi Pineapple Mark V
- Hacking Airwaves with Fruit Part 3 – Penetration Testing with the WiFi Pineapple
Required Warnings: It’s important to state that the WiFi Pineapple Mark IV & V are powerful tools for professional penetration testers and for educators who wish to demonstrate wireless security. When using this device, be SURE that you understand what you’re doing and any applicable laws. As the saying goes, “with great power comes great responsibility.”
Erik Frasier (@EvilGeppetto) has spent the past 15 years learning the Information Technology ropes, from working as a Software Engineer to Network Defense to Penetration Testing. He has been a cyber-security subject matter expert (SME) in Security Operations for both the Legislative and Judicial branches of the U.S. Government, as well as performing internal, external, web, wireless, physical penetration testing, and social engineering, for numerous Fortune 500 companies. Erik now calls Knowledge Consulting Group home and works with a small group of elite “good guy” hackers trying to make a difference in the world of security.