WiFi Pineapple Attack Demo [ThreatLocker Webinar]

[Music]

Thank you for joining us everybody. Good

morning. We're this is going to be a

pretty quick webinar. We want to try and

get it done in 15 20 minutes. Um we're

joined by Rob Allen who's the VP of

operations for Threat Locker in Europe.

So Rob, thank you for joining us.

No problem at all. We're also joined by

uh Jason Ebanks, which is sitting at the

other side of my office. You have to

come around because I can't turn the

camera around and give everyone a wave.

Jason is our resident pilot for the day.

So, he's going to

say he's going to be responsible for any

accidents that happen, not me. Um, so we

want to show you and introduce you to a

pineapple. For those who don't know, we

have a conference in February, February

1 through 3, which is a essentially a

cyber security conferences that teaches

you how to protect yourself from cyber

security threats. It also teaches you

how to break into systems, hack, use

rubber duckies, use pineapples, use

metas-ploit and write malware. Not

because we want you to do that, because

we want you to understand what the

threats are. And every time we learn

something we about hacking, we learn

something about defending. at the same

time. Uh, one of the things we're going

to be demonstrating and doing a lot of

courses on there is the pineapple. So,

this is a Wi-Fi pineapple box. It comes

like this. It is about $150. I can't

remember the exact price, but Gabby

might correct me if I'm wrong. Um, it

comes in a box and it's a pretty small

box. I'm going to open this one up and

um, we've got a few of them here. So,

we've attached one to the drone for the

for the real

life hack. And if I can open up the

plastic here.

Looks a little bit like this. Pretty

boring. And look, Rob's got one already

pre-made because he's trying to shower.

Ariel's coming. Three antennas. And

essentially what this device does is it

broadcasts a Wi-Fi signal. Now, it's a

little bit smarter than that. It can

actually read uh it can track um Wi-Fi

hotspots that people are trying to

connect to. So every time you connect to

something on your phone, your phone

keeps retrying to connect to that

hotspot just in case you go back in that

area. I didn't know that until actually

this morning.

And what we managed to pick up was a

list of hotspots of everybody in our

office had previously connected to. So

it'll actually broadcast scan for what

people are trying to connect to and then

it'll actually broadcast those hotspots

as well. Um if you want to do these

demonstrations, you need to make sure

you have an Ethernet cable connected as

we do. Uh because things can go horribly

wrong if you try and use Zoom over Wi-Fi

while doing this. So you build this

together. It's a pretty simple box and

basically you plug it in in a location.

It will broadcast uh Wi-Fi SS IDs and it

will allow you to get people to connect

to your Wi-Fi instead of theirs. And

once they connect to your Wi-Fi, you

Wi-Fi, you can do various things. So,

examples of use might be you got fed up

with an airline charging you for credit

card usage. So, you plug in your

pineapple on the plane and you take down

their Wi-Fi and you broadcast SSID. Do

not do that. That is highly illegal.

Plus, don't mess around with wireless

technologies on planes because we're not

really sure how much will take down the

plane. But you could, if you're an

attacker in an airport want to steal

people's credit cards from paying for

Wi-Fi, you could host a fake credit card

page, you could you could um put

a fake uh Wi-Fi welcome page and say,

"Here, you got to pay for premium Wi-Fi,

enter your credit card name, or you can

even present Office 365 or G Suite

login." Rob's going to show you some of

it. Now, the problem is with this is you

really want to be as close to the person

as possible you want to get on your

Wi-Fi because their computer is going to

try and connect to their Wi-Fi and it's

going to try and connect to your Wi-Fi.

Now, you can do a deorth attack to keep

kicking them off their Wi-Fi, but it's

going to try and connect to the SSID and

it's probably going to connect to the

closest one. The best way to get closest

to a person is probably walk up to them.

But, we want to do something a little

bit cooler today. So, we have this thing

here. This is going to make your

experiment a little bit more expensive

if you want to do it. So, this is a

Maverick 3 drone. Cost about $2,600 at

Best Buy. Three things.

Can I just That That is what I would

call an accident waiting to happen.

Danny,

accident already happened.

So, so I'll turn on the There's been a

few incidents. Um the painters are

coming back into Threat Locker's new HQ

next week to fix the wall. Um so,

outside my office. Uh but few things you

need on this drone. Um, you needed to be

able to lift enough weight to carry a

pineapple, which is not too heavy. But,

um, the rating, this was the only

Maverick drone that actually had, well,

the lowest level Maverick drone that

would actually lift the pineapple by

their specification. Rob corrected me in

that he did actually lift one with a

lighter one last year. So, if you've got

a light

and a battery and a battery as well.

And a battery as well. But this was the

one we wanted to do this properly. We

were flying it four stories high in a

public area. So, we didn't want it to

come crashing down. Uh, so we got the

right one. It needs to have a USBC

charging port on it that will not just

charge the drone, but will actually

charge the pineapple because the

pineapple does not have a battery in it.

So, you either need to be able to lift a

backup battery or you need to lift you

need to charge it. So, this one here is

handy because it's got USBC in which

means you can plug the pineapple

directly into it and it will power it.

So, I'm going to plug that back in

because we're going to need to power it.

And, uh, pretty much else outside of

that, it needs a pilot. Um, because I

crashed it yesterday, I was told I'm not

allowed to fly in.

I'm barred from my toy. This one has a

cool camera as well. And thankfully, we

might actually be able to see in the

window or at least get some pictures

from in the window because when we tried

it yesterday, the the glass on the

outside of our building reflected the

image, so all they could see was the

drone flying in on the camera. Today, we

are under tornado watch in Orlando,

which means the drone might not actually

make it. So, I'm going to ask Abby to

pull a pull up today because the goal is

here. We're going to take this drone.

We're going to attach this panel to it.

Well, Jason's going down and doing that.

We're going to get you some footage of

him trying to take off. If he crashes,

it's going to be really funny. Um, I'm

going to ask for a poll as what's the

likelihood of this working.

So, we have not rehearsed this hack at

all. We did fly the drone yesterday, but

we haven't rehearsed the hack. We are on

tornado watch. It is looking pretty gray

outside today. It's not raining yet, but

Gabby, if you can start a poll as to

whether we're going to successfully take

over my Wi-Fi or Rob's Wi-Fi using the

drone or we're going to um or we're not

going to. If you can throw that poll up,

we'll see who's right. We may use the

the correct or incorrect answer based on

whether you win the giveaways at the

end. So, make sure you answer the best

you think is going to happen, not Mr.

Positivity or Mr. Negativity or Mrs.

Positivity or Mrs. Negativity. answer

the best one you're having. So Jason,

first of all, I'm gonna hand this over

to you.

And I'm gonna let you Oh, I pressed

something on my keyboard. I'm gonna let

you go and to bring this up to my

window. If he brings it up there, if he

gets up here, I will turn my camera

around so you can see the window as

well.

So

before people vote, I'd just like to add

an addendum to our um anyone who saw the

um hacking webinar we did last week, we

did mention that never work with

children, animals, or hacking tools. Um

I'd just like to add an addendum to that

now, which is never work with children,

animals, hacking tools, but especially

why not Wi-Fi pineapples because they're

really flaky. Um but we will we will do

our best. We will do our best.

So 81% of people think this is going to

work. Now,

I love your optimism, people.

Yeah. So, if you remember last week, Rob

had had lots of time to practice. I

don't get so much time as Rob because my

life's a little bit busier and I didn't

get to practice my my hacking uh tests

and we Rob did his first. He was playing

with Rubber Ducky. And if you recall, we

took over Team Viewer and we completely

tanked his laptop. So, uh what we're

going to give this one to Rob because

see if he can actually get this one to

work. But just for those who weren't

here last week, Rob started uses rubber

ducky, showed us how to steal data using

rubber ducky, showed us how to use Red

Rabbit, and then what we did is I got

him to connect to my machine using Team

View. I didn't connect to his and I

tanked his laptop. Uh the boot sector

has still not been repaired, by the way.

So, uh I completely killed his laptop

just by him connecting to my machine.

So, if you did miss that, um I don't

know, Gabby, maybe you can share where

you can get that webinar from. And what

I'm going to do as well, we have to mute

for a minute while he takes off because

apparently the video only shows although

it seems to be showing all four people

evenly. Oh, he's already taken off.

He's on mute anyway. So, here is Jason

uh taking the drone up outside my office

now. I don't see it. Oh, here it is.

There you go.

Can we see that? Oh, you're right in the

middle of the the bar. So, we need to

There you go. Move a little bit left or

right. There you So, we can see the

drone hovering outside my office. So, um

we basically have him closer to me than

my access point. And that is the goal

here. Now, the question is is how steady

is his hat? Um so, oh, he got even

closer. He's really freaking me out now

cuz he's spying on me.

I wish I could open the window. Oh,

that's getting close to the glass. He's

being brave. Um I'm going to wave just

in case he can see me. He said it won't

reflect because it's Oh, he's waving

back. There you go. There's a drone

wave. So, um Okay. The um So, Rob, now

you're closer to my office.

Yes. Right beside you.

Question is, can you can you make it or

Rob is right next to me in the room next

door. Can we make it? Can we share a

screen? Can we show this how how this

works?

Yes, we can. Bear with me one second and

cross our fingers.

So

really close to the

share my screen.

Okay, should be looking at it now. So

first of all, the pineapple is

broadcasting a wireless network which I

am going to connect to. Okay, so this is

basically a management network. This is

just for configuration of the pineapple.

Now bear with me.

No pressure because if you drop that

drone, Rob loses the signal.

Uh just a second.

Now, the reason this webinar is not

going to be over 20 minutes because

that's about the length of the battery

on that drone. Pineapple. Um, so yeah,

just to um sort of elaborate a little

bit on what you mentioned, Danny. So, I

wasn't previously aware of this either,

but basically when your device is

looking to connect to a wireless

network, it's actually broadcasting what

wireless network it is looking to

connect to. Okay? So if you have a

network at home called Rob's network,

your phone is effectively going, is

there a Rob's network out there? This is

able to pick that up and impersonate

that network. So to encourage your

device to connect to it. So first thing

you'll notice on this uh admin page on

the pineapple CPU is actually pretty

hammered on this. Now there's a really

good reason for that, which is I plugged

this or turned this pineapple on at an

event I was at in London recently. Now,

it was on for probably no more than an

hour, but in that hour, it picked up, as

you can see here, 481

SSIDs.

Okay, so that's 481 separate wireless

networks that it saw devices trying to

connect to. So, added them to its pool

so it can then impersonate those

networks. Bear with me a second. Okay.

Uh but as you can see the CPU on the uh

pineapple is pushed pretty hard because

it's got 481 SSIDs that it's trying to

impersonate.

Um the other let me just go through the

interface a little bit. So it's all very

well and good having SSIDs. It's all

very well and good having machines

connecting to this thinking there's

something else. Question then becomes

what do you do with that? So if you get

devices, if you get people's phones,

people's laptops etc. connect to connect

through the Wi-Fi pineapple. What do you

do with that? Okay, so effectively what

you do with it is a man-in-the-middle

attack. Okay, so you can broadcast and

you can set up what is called an evil

portal. Now an evil portal in Wi-Fi

pineapple terms is basically a it mimics

a Google login, a Facebook login, a

Twitter login, a Office 365 login. So

that loon page that you get when you go

to log into Office 365, this mimics

that. Okay. So basically when you try

and connect to it, you connect through

that network. Next minute you get a

pop-up saying you need to log into

Office 365. Most people see that fairly

regularly. Oh yeah, sorry. As I said,

flaky. Oh, back end seems to be running,

but there's no socket available. That

will be because of the 481 wireless

networks. But yeah, point is it will be

it will broadcast a uh uh SSID. You

connect to that SSID. It then presents a

login page for Gmail or Office 365 or

whatever your target uses. And again the

beauty about this is you can target it

to a particular person. So you know we

knew we know Danny for example uses say

Google. We can pop up a evil portal for

Google. So the question is Rob, if you

connect to that

Wi-Fi now, are you able to connect to

anything on your phone and show us?

Um, I'm not actually broadcasting. So,

as you saw, there was 481 Wi-Fi networks

in the vicinity. Let me just see. Uh,

I'm not broadcasting all 481 at the

moment because the pineapple is

struggling as it is already. Um, bear

with me one second and I will try and do

that.

Sorry, go ahead. I

I was going to say we probably should

have uh made everyone disconnect their

Wi-Fi and not have so many networks

broadcasting.

Yeah. Yes. Um so these are the uh and

again my apologies for being a little

bit slow. It is a outside the window and

b um running a lot of stuff. Um you can

see here you've got different options

for the uh the Pine AP itself. So

passive mode as you can see following

features are enabled. SSI SSID pool

collection and event logging active is

full collection and also broadcasting as

well. And you've got advanced options

there too. Um this pineapple's

struggling badly.

I don't know. 80% of people had

confidence in you Rob.

In confidence in us, Danny. Confidence

in us.

No. No. This one's going on you. If it

doesn't work, it's going on you. You

know what I say to my kids? All your

successes are my successes. All your

failures are your own.

Tell you what, you talk for a minute.

I'm just going to try and reboot this

bad boy.

Yeah. Okay. Well, you know, probably

what I'm going to do is I'm going to

give you a few hips on what you can do

to reduce your likelihood of being

killed by a pineapple um or a drone

outside your office window. It's kind of

weird having this guy looking in my

office window on a camera right now. Um,

so first thing you can do is if you

don't want someone to put a camera

outside your office window is shut the

blinds. So, uh, that's going to be my

thing now. I don't trust people not to

look in from drones. Um, but you can do

a few things to reduce your likelihood

of a successful cyber attack. Now, the

actual pineapple itself, it's very hard

to protect yourself from. You have a

um, you know, because they're boarding

an SSID, you're bing, you're connecting

to an SSID, you really don't know what

you're connecting to. So, it's difficult

for you to say, "I'm not going to

connect to the wrong SSID." Few things

you can do is one is don't connect to

public networks when you don't need to.

Like, use use your hotspot on your phone

and and use that through cable if you

can, but if they don't know that you're

broadcasting on Danny's iPhone, they're

not as likely to just get caught. The

other thing is now Rob's going to show

you hopefully if it works a Google or a

Office 365 login page, which will

obviously steal the credentials of

anyone who logs into it. Um, make as a

user, make sure you're logging into the

page you expect to be. Just because it

pops up on your phone, it doesn't mean

it is what it says it is. But as an IT

professional, you have to protect your

users from them doing things they

shouldn't do. So, make sure you've got

dual factor authentication on your

account. There is so many ways someone

can fish somebody's details. Pineapple

is just one of those ways. They can send

links. People can just log into someone

else's computer with a key logger on it.

I mean, even at Zero Trust World last

year, we had G2 had a booth set up and

they were getting people to write

reviews on Threat Locker, but they

wanted to prove that you're a Threat

Locker client. They were asking people

to log into their Threat Locker accounts

on their computer and they collected

about 50 reviews like that. Now, they

weren't doing it as a stitchup. I didn't

even know they were doing it. And I said

it, why why did people just put their

threat locker password into somebody

else's computer? Even IT people at cyber

security conferences make mistakes. Um,

so there's lots of ways you can be

fished, but using dual factor

authentication is the control that you

have control over in it. It's the thing

you can do to stop your users

having their data eaten. Um, other

things you can do is obviously assume

that someone's going to get on your

network and and make sure you harden

your environment. Make sure that if they

do get onto your Wi-Fi themselves cuz

they potentially get onto your Wi-Fi

using this collecting passwords. Make

sure that your servers have uh firewalls

on them and that only trusted devices on

your network can access your servers. So

if you're using threat lock you can use

our network access controls to allow

only even using DHCP only certain

devices to connect to your servers. It's

a great way of protecting yourself if

someone gets on your network and of

course using um a cable. I mean it's it

sounds really simple. We use cables in

our office for primary computers. We

don't use Wi-Fi for primary computers.

We use them if we're moving our laptops

around, but it reduces your probability

of someone intercepting

your network connection when they need

to. One of the thing you can do, okay,

if you got an iPhone, and I'm going to

show you mine in pure embarrassment, um,

is if you go into your iPhone and you go

to your wireless networks. I'm connected

to just felt like a staff here. Don't

know how well my screen Oh, my camera's

showing. Let me pull up here. So, I'm

connected to like a staff. If you got an

Android, it's slightly different

instructions. Um, if you click the edit

button in the top right, this will show

you a list of all networks you're trying

to connect to. The more networks you're

trying to connect to, the more likely

you're going to connect to someone's

pineapple who just set it up in a

broadcast. If you don't need these

networks, just click the red button and

click delete. Apple did not add a delete

all function. I'm intrigued to know if

Android has a delete all function on

there, but they don't. So, you have to

go through each one. Apparently, I've

connected to a lot of wireless networks.

Go through and clean it up.

Don't don't auto to connect to networks

if you don't need to because then if

someone broadcasts a random signal,

you're less likely to get hit. But most

importantly, assume you're going to

connect to a bad Wi-Fi. If you're

connecting to public Wi-Fi, assume the

network you're connected to is bad and

put other controls in place. Make sure

you got firewall on your computer and

make sure you're blocking inbound

traffic. Make sure you're doing

everything else. Um, okay, Rob, any

luck?

Uh, yeah, let me show you what I've got

now. It is currently behaving. It may

not behave for too much longer, but

let's see how we get on. So, first of

all, as I mentioned earlier, we've got

482 SSIDs in the pool. They were picked

up from, as I said, that event I was at

in London and everybody trying to

connect to it. Um, interestingly enough,

I did notice some of the wireless

networks here. Park Plaza County Hall,

that is a very pleasant hotel actually

just outside London that I stayed in

about two weeks before this event took

place. Uh likewise Park Plaza, Victoria,

London. So again, my devices had

connected to those networks at some

stage. This picked up the fact that my

devices were trying to connect to those

networks and basically picked them up

and was able to spoof them. So you'll

see here and Dublin airport Wi-Fi is

here as well. Lots of different things,

but these are all individual SSIDs,

individual networks that this has

detected people's devices trying to

communicate with. Collective Canary

Wararf again very nice hotel in London

that we stayed in some time ago. So you

can see here these are all picked up

automatically by the pineapple. Now

you'll notice here we have options. So

if I want to impersonate those networks,

okay, so basically try and get trick

people's devices into connecting to it.

All I do is impersonate all networks.

Now this is probably going to uh to take

a moment. Okay, but what you

can you can you just impersonate one

network?

Uh that is a very good question. Can I

just impersonate I think somebody asked

that question. Bear with me. Uh,

no. We have a we have a lab one set up

called lab something. Can you do that

one or not?

No, probably not. It's a short answer.

Let me just do impersonate all.

The other thing I was going to say by

the way just to show the evil portals

because somebody had asked questions

about the evil portals. So this is how

you impersonate the office 365 loon, the

Google loon, etc. So you will see as

well, bear with me a second. Um I think

this may be posted to the chat as well

where you can actually download these

portals from. So it's basically just a

web server running on the device. Okay,

this is the standard evil portal that

effectively it comes with. Okay, you can

see this is a preview page of it. Okay,

which is basically just a default page.

But again, imagine that as a Google

login page, as an Office 365 Live login

page. You wouldn't know any different to

the real thing. You type in your

username and password and then next

minute they've got it. Um you can look

at the logs on this as well. So if and

when somebody does type in those

credentials, basically it's logged here

and available to uh to use and to

misuse.

Okay. Can you connect to it?

Can I connect to it? Sorry. Let me just

see if we've got some

connects here.

Um

I think it's starting to broadcast

several 482 Wi-Fi networks. So just bear

with me one second.

I'm going to see what I can see.

Oh, I'm starting to see loads of them.

So, I'm just going to pick one. I'm

going to say um UK Sex Summit. Let me

connect to that.

That was the event we were at.

So, it says unable to join UK set

summit.

Try another one.

Uh what about guest? Let's see if any of

these work. Oh, no. Guest looks like a

real one. It's asking for a password.

Um,

[Music]

when you do connect, by the way, we will

see notifications here. So, you'll see

on the interface, it shows me that these

are back from November when I actually

played with this. But you'll see here we

can see the devices that have connected,

disconnected, connected, disconnected.

And again, this is where it's getting

all those SSIDs from.

Okay, I am connected to UK sets summit

and I got congratulations

actually got given I didn't get a

thingy. I just got given the evil portal

screen. You didn't show the Microsoft

one. So immediately it shows me this

screen.

So I guess you didn't change the

content. But what you can do is you can

pretty much get it to show you any HTML

and collect any data. So it says

evil login screen. So this is obviously

the template.

Exactly.

If if I I guess if I click authorize

um it says go away. Um, so

I am connected.

There is a post there. I mean, just

Google evil portals. You'll find the

list of them anyway. There are current

ones there. Instagram, Facebook, Click,

O2, Starbucks, Twitter, Yahoo, um, etc.

And I know there is an Office 365 one

available as well.

So, so what I'm going to do is I'm going

to ask people to put a vote. Do we

consider that a success? Because I

didn't actually get an Office or G Suite

login. I'm going to ask

you a portal login. I got a evil portal

login. I mean,

who listen? Who isn't going to trust an

evil portal login?

Oh, I don't know. Why don't we put a

vote to that? Gabby, I'll let you put

that that out there. Do we consider a

evil portal login a success? Um, despite

the fact it was on a Wi-Fi connection

through probably 3/4 inch glass or at

least half inch glass here. Uh, but

Gabby, I'll let you uh throw that poll

out there. And while she's doing that,

I'm going to answer some questions.

There's a lot here. A lot of great

products. Thanks for continued support.

The test will be such a spectacular if

it takes down Zoom. No such luck. We are

using cables. So um it says here I'm

actually going to correct this one. It

says 80% of people are confident with

Threat Locker. I don't think this is

about Threat Locker. I think you should

be confident in your security if you put

good controls in place. Threat Locker is

a set of tools. Um you know we can allow

you to stop bad software running. We

allow software to be limited what it can

do. We allow network controls. But it

it's it's not so much about being

confident about Threat Locker, but being

confident about tangible controls that

harden your environment. And threat

locker, of course, we're awesome. We

make it easy. We back it up with

support. So, I appreciate people saying

that. Anyway, I don't know the answer to

this question. Do you know does it does

it do full MITM pass through once

authenticated?

Yes,

there you go. Answered. Um, okay. So,

the anti solution, I think we've already

go over that. This isn't something you

can just buy. It's a case of having good

security hygiene in your system. You

making sure people are crashing in your

office. Use Ethernet where you can. Make

sure your phone's not autoconnecting to

other networks. And make sure that

you're aware that when you do connect to

a network, you are potentially

broadcasting.

So, um

I do also have spectacularly amazing

news. Danny,

go on.

Result of the poll is in

Yeah, I saw that. And look, 75% said

yes.

75% people have ran wrong.

So, so, uh,

I'm just going to end the poll now in

case anybody changes their mind.

Yeah, there you go. Could, um,

could you do a team that we're the

fishing email for the evil portal?

I I I'm guessing that's asking, can you

use the evil portal outside of the

pineapple? The answer is yes, you can.

They're just HTML files that can be

hosted on anything. But um okay so

somebody asked will a VPN provide

sufficient security if a user connects

to one of those impostor SSIDs. Um it

the VPN will encrypt traffic throughout.

So it's technically yes is the answer.

They could do man attacks I guess on an

SSL but I think a VPN is going to

provide sufficient where you're going to

have a problem is when the user connects

and it pops up with their G Suite

account. They're not on a VPN at that

point. It's not going to help you

because that's going to go to that local

IP address. Yeah, VPN won't protect you

from the able portal.

Um, so toggle on your device VPN. What

happens when you connect? Um, so again,

if the the VPN won't if you if you turn

on your device VPN, the VPN traffic is

encrypted end to end. So, you should be

good. The and the Pineapple does pick up

all requested SSIDs, both two and four,

but it's um

obviously you don't want to pick up too

many. Normally, you want to target who

you're after. Um, so somebody asked, "Is

it worth turning off the Wi-Fi while I'm

in public?" Look, so I think I think

when we're thinking about security,

we're thinking about how do we balance

security and convenience? Um, generally

turning off Wi-Fi is more secure than

not turning it off, but it it so it's

not a bad idea to do that. Um, if but

it's also useful to use Wi-Fi. I mean,

there's a reason so many of them on my

phone. I generally use my hotspot. I

only use Wi-Fi when I need to use Wi-Fi

and I have a massive list. So, it's not

always possible to just turn off Wi-Fi,

especially if you're in New York City

for the day. Um, because those those

buildings seem to block LTE like mad.

Uh, I'm just I'm actually going to You

mentioned steal credit card information.

The evil portal is where it's really

useful because one of the things that

attackers use this for is

presenting paid Wi-Fi pages. So, if you

go on to an airline or you go to an

airport where you have to pay for Wi-Fi,

um this is where you can say, "Okay, you

got to pay for Wi-Fi." They'll replicate

those pages and then they'll say, "Here,

give me your credit card number." And

just like logging in, you can see that

data. So, somebody asked, "Can threat

locker mitigate via network controls?"

Um, so it's not going to stop somebody

getting who is it connecting to a rubber

do sorry not rubber ducky a pineapple

but threat locker will allow if someone

gets onto your network by using a

pineapple collecting information getting

onto your LAN or potentially feeling

stealing your Wi-Fi password then once

that device is on your Wi-Fi it won't be

able to talk to your server. If you are

a threat client and you're not already

using our network access controls come

into support talk to your SE and say how

do I get the network access controls to

make sure my server is locked down to

only my devices.

um being you are being used. My wife is

going to kill me because I'm gonna take

one home. You can buy these on Hack

Five, by the way. So, and this is a very

quick learning uh tool on this, but it's

not your wife that's going to kill you.

See what happens when you deth your home

Wi-Fi with your kids.

It's fine. Especially, I mean, I don't

know if you've got your kids aren't

teenagers yet, Rob, but when you take

Wi-Fi away from teenagers, that's evil

portal So, uh but it really is

worth taking Um, a little true story at

Zero Trust World last year, we had

serious problems with the Wi-Fi. Uh,

because we did a demonstration of the

Wi-Fi pineapple and then we went up to

do our other labs, our rubber ducky

labs, our metasloit labs, and no one

could get on the Wi-Fi and we were like,

"Come call the hotel, complain the Wi-Fi

is crap. What's going on?" And it turns

out we were deing everyone from the

Wi-Fi because someone

That might have been me, Danny.

Yeah, I blame you. Um, those guys

downstairs, you can land that drone now.

Uh if the window would open, I'd throw

something at it, but it doesn't. Oh, one

other thing I am going to show you a

couple of things. Um when if we can get

the drone upstairs, you can buy a clip,

which is somewhere here, one of these to

attach things to your drone. Um rather

than strapping it on the back with tie

wraps, um little trick, it doesn't work.

Mine is here. Smash the pieces, it

broke. Um so you don't need to do that.

Just put the white the pineapple

strapped onto the back. The other thing

is um when you do that in the DJI app,

there is a setting that turns off motion

sensor because what happens if you strap

a pineapple onto the top without turning

off obstacle avoidance is it tries to

avoid that obstacle attached to the top

and it smashes up your office which is

what happened yesterday.

So the other thing is which I I I did

learn. So when we use the strap here we

thought I mean this seems like the

logical thing. You can carry various

payloads. You put it in the bottom you

strap it. What we did, and I thought I

had this here somewhere. Oh, yeah. This

what we did. Oh, here's the rest of the

thing. So, here's the broken clip, by

the way. That did not work so well, but

we we had the clip on there, or half a

broken clip, and we had this bag hung

down from tie wraps. Now, little physics

lesson that I learned yesterday, and I

should really know this is when you put

an open bag underneath a propeller

blade, it fills with air, which means

you get a se whatever weight gets pushed

down, it gets pushed pulls the drone up,

also pulls it down. Is that like a

reverse hot air balloon?

Yeah. So, reverse hot air. So, make sure

you close the bag if you do use a bag

and maybe don't use a threat like locker

bag. So, uh but that that was an

interesting fact I learned yesterday.

So, if you are trying to fly this and um

uh hack something, whether you're just

flying for fun and you're trying to

bring payload, I did we did learn a lot

of things yesterday. Um we managed to

hit a door frame. We landed in someone's

lunch and a few people literally lost

their their heads in the office. I also

don't recommend you practice inside. So,

um, thank you everyone for joining us

today and hopefully enjoy the rest of

your weekend. Thank you Jason and Gabby

for organizing and Rob as well.

[Music]