Two great tastes that taste great together
The r00tabaga from ACE Hackware is a combination of the ever popular MiniPwner and WifiPineapple pentesting devices. In an incredibly small form factor (and with its own battery!), you can turn the r00tabaga into either device with a simple reboot.
The Minipwner: The MiniPwner is a “dropbox” used by pentesters. It is physically connected to the target network so that the pentester can maintain local network access remotely (usually via openVPN or ssh). Typically, the dropbox is surreptitiously plugged into an emtpy ethernet port, perhaps in an empty cube or a seldom used confernece room. For this reason size is a concern. The smaller the drop box, the easier it is to conceal or camouflage.
The WiFiPineapple: The WiFiPineapple uses a collection of tools to perform a wifi man-in-the-middle attack. The pentester connects the Pineapple to the internet in one of two ways, either by connecting the ethernet port to an internet connected laptop or the usb port to a tethered cell phone or “myfi” type of device. On the wifi side the Pineapple starts listening for other devices.
Most wireless devices constantly look for Access Points that they have connected to in the past. The Pineapple is happy to provide any nearby device with any wifi connection they’re looking for. If your iPad once connected to “FreeWiFi” or “linksys” the Pineapple will respond as such and connect you to the internet through itself. This allows the pentester to perform all kinds of man-in-the-middle attacks. Beyond the basic tools installed, the Pineapple also includes a nice set of plugins, called “infusions”, for additional tools like SSLstrip.
By default, the r00tabaga is configured in MiniPwner mode. It will automatically create a wireless network named r00tabaga_NNNN (where NNNN = last 4 digits of device MAC address). To get started, connect to the wireless network and login via SSH at 192.168.5.1 You will use the following credentials:
To switch between the pineapple and minipwner modes you use the ‘activate’ command and reboot the device.
activate pineapple OR activate minipwner
When booted to WiFiPineapple mode you typically connect the ethernet port to your laptop. You will need to set that port to a static IP address of 172.16.42.42/24. You will then be able to pull up the WiFiPineapple’s Web interface at: htt p://172.16.42.1:1471/index.php?
Rather than duplicate information that’s already out there you can find more on the r00tabaga, MiniPwner and the WiFiPineapple in the following locations:
The ACE r00tabaga
Buy it here: http://acehackware.com/products/ace-r00tabaga-multipwner
Online forum (where you can learn to build your own): http://acehackware.com/r00tabaga-support