In this case, we accepted all the default options offered by the script. At this point, the
Pineapple is connected to the Internet. Next, we configure the Smart TV to hop on to the
Trust_Me network (refer to your TV’s manual for instructions on how select a particular WiFi
network). An example of what this looks like is shown in Figure 5-10.
FIGURE 5-10. Configure the Smart TV to hop on to the Pineapple
Now, all network traffic to and from the TV will flow through the Pineapple.
Since the Trust_Me network is not protected by a password, anyone around you can also
connect to it and potentially capture network traffic from your Smart TV that is connected to
the Pineapple, or any other device connected to the Pineapple.
Capturing credentials and stripping TLS
In this section, we will demonstrate the sslstrip tool. This tool strips redirection to secure web-
sites and helps perform a link to man-in-the-middle attack. For example, if you’d like to log in
to Facebook, you are most likely to type facebook.com_ in your web browser (the secure way
to do this is to request the TLS-encrypted version of the website by specifically typing in /
150 CHAPTER 5: THE IDIOT BOX—ATTACKING “SMART” TELEVISIONS