Pineapple has arrived. & Quick Peek on Throwing Star.
The much-anticipated hardware has landed on my doorstep today!
So what is WiFi Pineapple? Visit: https://wifipineapple.com/.
This Package includes:
1 WiFi Pineapple MARK IV
1 WiFi Pineapple Handbook (The Hotspot HoneyPot)
1 Antenna RP-SMA
1 Retractable RJ45 LAN cable
1 AC to DC power adaptor (Taiwan Standard Socket, adapted required)
1 set of Throwing Star LAN Tap
Note: Angry Bird NOT INCLUDED
I will be doing a review on the Pineapple Mark IV soon. But in the meantime, I have already started with my Throwing Star.
What is a Throwing Star LAN Tap?
It is an unpowered hardware LAN tap to conduct passive monitoring between two nodes. Since it is passive, it is impossible for the monitoring station to accidentally transmit data packets onto the target network.
For more information visit: http://greatscottgadgets.com/throwingstar/.
The Throwing Star comes in a packet with all the parts required. Half the fun would have to be soldering parts together. I was surprised to discover that there were no instructions and no spare parts. Meaning you cannot afford to make any mistake with the parts. Thankfully, there are only 36 points to solder. The design is pretty intuitive. No instructions needed after all. Just pop the parts into the PCB and start soldering.
Throwing Star In Action
The Throwing Star was placed between my EEE PC (Victim PC on the Right) and Router (hidden from the picture), intercepting traffic flow from my Router to the EEE PC is my HP Laptop (Monitoring PC on the Left). Packet Monitoring can be done by simply connecting the LAN Cable and launching Wireshark.
Note: A total of 3 LAN cables were used. Monitoring on the Throwing Star is limited to one direction per interface. Meaning if you want to monitor traffic from the Victim to the Router and Router to the Victim, you will need to have 2 LAN interfaces on your machine (one on each traffic flow direction)
Essentially anything that passes through the Throwing Star can be monitored. I have yet to sniff passwords or monitor unencrypted data (ON MY OWN NETWORK) yet. But I believe you get the idea on what it can potentially be used for.
Until next time, Hack responsibly.
Shared by Andre Ng, First Mate of Div0.