WiFi Pineapple (DIY) Project

Intro

I'm always looking to expand my toolkit, and one essential item is the WiFi Pineapple 🍍. This device is invaluable for WiFi network audits, but its price can sometimes be too high. Fortunately, we can build our own version for just around $30. While there are multiple tutorials available online, I'll share my experience with this project.

But, What is a WiFi Pineapple?

The WiFi Pineapple, developed by Hak5, is primarily used for penetration testing and WiFi network audits. Its main function is to act as a rogue access point and capture wireless network traffic, allowing security researchers to assess network security and discover potential vulnerabilities. With a user-friendly interface and powerful analysis capabilities, it has become an indispensable tool in the arsenal of many cybersecurity professionals.

Components Overview

Original WiFi Pineapple Hardware

Let's delve into the WIFI PINEAPPLE NANO, a portable iteration of the WiFi Pineapple crafted by Hak5. This version is tailored with specific features essential for network penetration testing and audits. Although the Pineapple NANO reached its end of life in 2020, it remains excellent security hardware. Despite being discontinued, it is still highly regarded in the security community. Below are its detailed specifications:

Specification

Details

CPU

400 MHz MIPS Atheros AR9331 SoC

Memory

64 MB DDR2 RAM

Disk

16 MB ROM + Micro SD (not included, supports up to 200GB)

Wireless

Atheros AR9331 (wlan0) + Atheros AR9271 (wlan1), IEEE 802.11 b/g/n

Antennas

(2) RP-SMA Antennas

Ports

Ethernet over USB (ASIX AX88772A), USB 2.0 Host, Micro SD card reader

Power

SB 5V 1.5A, includes USB Y-Cable

Indicators

LED

Reset Button

Yes

Mini Router for Nano Version

The idea is to find a router that closely matches the specifications of the Nano version of the WiFi Pineapple. Among enthusiasts of these tools, GL-iNet routers have gained popularity. While there are several versions available, I opted for the 'Shadow Mini Smart Router (GL-AR300M16-ext)'.

To be honest, when I bought the router, I didn't conduct thorough research and relied on the tutorials I used. However, the truth is there are multiple versions of this router that could work, some with better support for this project than others.

I got the Shadow Mini Smart Router with OpenWRT pre-installed, an open-source firmware that offers advanced customization and full control over network settings. This makes it a great base for turning the router into a DIY pentesting tool by installing essential security tools.

Key Specifications Comparison

Specification

WiFi Pineapple NANO

Shadow Mini Smart Router

CPU

400 MHz MIPS Atheros AR9331 SoC

650MHz QCA9531 SoC

Memory

64 MB DDR2 RAM

128MB DDR2 RAM

Disk

16 MB ROM + Micro SD (not included, supports up to 200GB)

16MB NOR Flash

Wireless

Atheros AR9331 (wlan0) + Atheros AR9271 (wlan1), IEEE 802.11 b/g/n

IEEE 802.11a/b/g/n

Antennas

(2) External Antennas

Ports

x WAN port 1 x LAN port 1 x USB 2.0 1 x Micro SD card reader

1 x WAN port 1 x LAN port 1 x USB 2.0

Power

5V 1.5A, USB Y-Cable

5V 2A, MicroUSB Cable

Indicators

LED

Reset Button

Yes

The Shadow Mini Smart Router outperforms the WiFi Pineapple NANO in CPU, RAM, and wireless compatibility but lacks a second WiFi adapter and expandable storage, which could limit its pentesting capabilities. However, since it runs OpenWRT, it is highly customizable. With a USB WiFi adapter in monitor mode and the right tools, we will turn it into a DIY alternative to the Pineapple Nano, unlocking powerful wireless auditing features with some extra configuration.

From Router to Pineapple

Now, let's get to work. In this section, we will begin transforming our Shadow Mini Smart Router into a DIY WiFi Pineapple. We will download and install the firmware, and then set up the software.

Downloading the Pineapple Firmware

For this project, we will be using the WiFi Pineapple Cloner v4, a highly versatile solution that has been refined and tested over several years of development. From 2018 to 2022, the creator of this project successfully ported the WiFi Pineapple NANO and TETRA models to various hardware platforms, ensuring compatibility with a wide range of devices. This version includes an optimized file system patching method, an updated panel, and a comprehensive repository of modules, including essential tools like PMKIDAttack and Terminal. The project also focuses on maximizing device performance by reducing unnecessary dependencies and freeing up space on the main partition. With support for 211 identified devices, the WiFi Pineapple Cloner v4 provides a reliable foundation for transforming our router into a fully functional DIY WiFi Pineapple.

As stated in the official documentation, you can check the list of supported devices to determine if your router is compatible for flashing (https://github.com/xchwarze/wifi-pineapple-cloner/blob/master/devices.md). Once you've identified if your device is on the list, head over to the downloads section (https://gitlab.com/xchwarze/wifi-pineapple-cloner-builds) and select the MIPS version 19.07.7.

In my case, although the exact version associated with the router wasn't listed, we chose the one with the closest version: GL-AR300M v1.4.0.

Once this file gl-ar300m-universal-sysupgrade.bin is downloaded, we will set it aside to use later.

Powering Up the Router

Let's power on our router! Connect the router to a power source (In my case, I used an external battery), and once it's powered on, we'll connect it to our computer using an Ethernet cable (Make sure to use the router's LAN port).

Once connected via LAN, visit http://192.168.8.1 in your browser to access the router's web configuration interface.

It will ask you to create a password for the 'admin' account. Create a strong password and store it in a safe place, you never know when you'll need it 😅.

Within the administration panel, go to the System > Upgrade section.

Here, we will upload the firmware image (Local Upgrade) of our WiFi Pineapple clone and cross our fingers hoping everything goes well 🙏.

In my case, things didn't go so well, and when uploading the image, the application indicated that it wasn't a valid firmware, so the router couldn't be flashed. BUT not all is lost 😎.

Solving the Invalid Firmware Signature Error

Solving this issue is quite simple, although it does come with some risk. What we will do is force the firmware installation, even though the signature is detected as invalid. To do this, we will go to System > Advanced Settings to find the URL that will allow us to access the OpenWrt (LuCI) interface.

Once we access http://192.168.8.1/cgi-bin/luci from the browser, we will be able to access the OpenWrt administration panel. To log in, it will ask for the admin account credentials that we saved (securely 👀) earlier.

Once inside, we go to the System > Backup/Flash Firmware section, and here we can look for the "Flash New Firmware Image" option.

Without fear of success, we will upload the WiFi Pineapple clone image, and now we’ll really cross our fingers haha. In case you're told that the signature is invalid, simply choose the option to ignore it and proceed anyway.

It is extremely important to uncheck the "Keep settings and retain the current configuration" option.

Bringing the WiFi Pineapple to Life

Once the firmware installation of the WiFi Pineapple clone is complete (a process that may take 3-5 minutes), we will need to access our Pineapple from the browser using the URL http://172.16.42.1:1471/. Here, we will begin the initial setup.

Before proceeding, we will be prompted that, for a secure initial setup, it is recommended to disable WiFi. This can be easily done by simply pressing the reset button for 2 seconds.

By disabling the WiFi, we will quickly see the screen related to the device's initial setup. Here, we will find some sections that we will review next.

Device Configuration

In this section, we will assign a password to the root account (which will be used for SSH access, for example). Create a strong password and store it in a safe place. Additionally, we can configure the time zone for the Pineapple.

Radio Configuration

In this section, we can configure the settings related to the WiFi radios. The available configurations are:

Management AP Setup: Configure the management access point for controlling the WiFi Pineapple. Assign a strong password! This is important for securing access to the management interface.
Open AP Setup: Set up an open access point (without encryption) to allow easy connection for devices.
Radio Country Code: Select the country code to adjust WiFi channels and transmission power according to regional regulations.

Filters & Firewall

Finally, in the "Filter & Firewall" section, we will leave the filters in deny mode as we want to start in stealth mode. These settings can be adjusted later once the Pineapple is up and running. As for the firewall, we won't be modifying any options at this stage.

The Pineapple in Action

And just by spending about $30, we were able to set up our very own homemade WiFi Pineapple, which we can now use to audit WiFi networks.

Conclusion

After setting up our very own WiFi Pineapple, we've taken the first step into the world of network auditing. In the next article, we’ll explore how to make the most of this powerful tool, diving into its various features, installing essential modules, and learning how to perform real-world WiFi network audits.

Stay tuned 🚀🚀

Previous:~/VAULT$ hw-projects NextP4wnP1 A.L.O.A. (DIY) Project

Last updated 9 months ago