neither is that range pineapple exclusive nor should ppl use public wifi without a proper vpn.
so the meme makes no sense. if you recognize the pineapple default range but yet dont use a vpn..then you re a dumbass.
this post was submitted on 06 Jul 2024
854 points (100.0% liked)
196
16224 readers
3019 users here now
Be sure to follow the rule before you head out.
Rule: You must post before you leave.
founded 1 year ago
MODERATORS
Does that anime still hold up today? I've thought of watching it at times.
if you're looking for something ambient and trippy, i'd say it's worth the watch
Thank you Lain.
This is why I force my browser to warn me when SSL isn't available. Makes me at least a little safer when I have to use public wifi
Thank you, Lain
The only part of this I didn't immediately realize is the wifi pineapples default IP range.
From now on, I'm going to set that as my clients default public IP range to troll anyone who knows.
Thank you Lain!
thank you lain
also omw to set up my dhcpv4 server to use that network whenever I create a hotspot
Thank you lain
Thank you Lain.
My ass, Lain.
Does this matter if the traffic is encrypted, such as an https website instead of http? Like, really how often is internet traffic unencrypted?
Not often. For web browsing - and the majority of apps - your session is encrypted and certified. Breaking SSL is possible but you'll know about it due to the lack of certs.
Yes, back when I was playing around with my WiFi pineapple there were a wide variety of tricks to break SSL authentication without it being obvious to users. Easiest was to terminate the SSL connection on the pineapple and re-encrypt it with a new SSL cert from there to the users browser, so to the user it looked like everything was secure but in reality their traffic was only encrypted from them to the pineapple, then decrypted, sniffed and re-encrypted to pass along to the target websites with normal SSL.
Man in the middle attacks really do give the attacker tons of options
That kind of ssl interception would normally be quite visible without your client device having the pineapples cert in your devices trust store, or am I wrong?
I'm sure a lot has changed in 10 years ago so this won't be relevant today, but back when I was last playing with this, sslstrip was the tool I was using on the pineapple to enable SSL mitm attacks - https://github.com/moxie0/sslstrip
I'd imagine there are new techniques to counteract new defenses - this stuff is always cat & mouse
Thank you Lain!
Thank you lain.
Thank you Lain.
Thank you lain.
Isn’t that how the setup works for any relatively large company? I admittedly haven’t worked in many, but that’s usually the case for corporate computers at least.
I think the idea there is that the whole Class B private range starts at 172.16.0.x so it's unlikely, that any hotel you're at would be using 172.16.42.x because it's so far irom the start of that range unless it's a chain that needs to keep its ranges separate between sites for VPN or documentation reasons.
Basically, seeing 172.16.42.x doesn't inherently mean something's wrong, and I'm sure people using the pineapple for nefarious reasons would be smart enough to change its default LAN, but if you see it, maybe be more cautious.
Also if you bring one onto a real network to pwn it you're probably deliberately not replacing it's DHCP server so you don't break static IP assignments (but you might fake the routes so traffic goes through you anyway with ARP spoofing, etc)
Public WiFi is just PvP enabled
[x] Client isolation on
This is now a safe zone
view more: next ›