> For the complete documentation index, see [llms.txt](https://repo.4pfsec.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://repo.4pfsec.com/wireless-penetration-testing/wifi-pineapple-tetra/pineap.md).

# PineAP

## Background

PineAP is a powerful, modular rogue access point suite that helps WiFi auditors collect clients by imitating Preferred Networks. Leveraging PineAP, we are able to see what SSIDs devices are trying to look for. Using that information and PineAP's features, we are able to advertise ourselves as that SSID which the device is looking for.

### Example

Let's say you were authenticated to your home network named `4pfHome` . Your phone will then try to look for that same SSID when you're outside and have your WIFI on. PineAP will then see this and advertise itself as `4pfHome` to your device. If connected, you will be one of Wifi 🍍's many clients, and that's not good. Let's take a look at how it's done!

## Live Attack

Prior to launching the attack, the PineAP first has to be set up to listen.

### PineAP Setup

Enabling the following options to be able to capture and rebroadcast SSIDs

![](/files/-Mga14DZh5YnyQ8H89vf)

### Broadcast Attack

After letting PineAP do its thing for a while, we are able to see a couple of SSIDs in the `SSID Pool` .

![](/files/-Mga4hHSwmyyMjmqOAsa)

Now on my devices, I would be able to see these SSIDs being broadcasted and unprotected. (as shown below)

![](/files/-Mga4imb2zipUQY97jjo)

![](/files/-Mga4jxfqUwvZBhCLNzo)

Now once our "target" connects to our network, we own it :) (kind of)

### Client Connect back

![](/files/-Mga4lL7ZCGlUDcKswcm)

![](/files/-Mga4mVVx8ulUecLh_ss)

### Clients

![](/files/-Mga4wmRY5SfumoGzBrL)

We can see that both the devices are connected to the Wifi 🍍 but they are connected under 2 different SSIDs. My laptop thinks it is connected to `AndroidAP68A2` and my phone thinks it is connected to `Linksys12765_5GHz` .

The connected devices won't realize a thing as the Wifi 🍍 is connected to the internet and acts how any other router would.

Now that we have both devices connected to our bogus network, we can use **Modules (**&#x77;hich will be covered in the next sectio&#x6E;**)** to perform various attacks.&#x20;

This is how we can make use of PineAP to trick users to connect to us.

{% hint style="warning" %}
From my testing, I wasn't able to get the devices to connect to the endpoints automatically. Thus, this attack still depends on the user to make the final decision to connect.
{% endhint %}


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://repo.4pfsec.com/wireless-penetration-testing/wifi-pineapple-tetra/pineap.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.