TIP
https://facebook.com, but users normally don’t do this). Let’s use the telnet client to see what
happens when the browser connects to facebook.com:
$ telnet http://www.facebook.com 80
Trying 31.13.76.102...
Connected to star.c10r.facebook.com.
Escape character is '^]'.
GET / HTTP/1.0
Host: http://www.facebook.com
HTTP/1.1 302 Found
Location: https://www.facebook.com/
Content-Type: text/html; charset=utf-8
Date: Tue, 09 Dec 2014 04:46:59 GMT
Connection: close
Content-Length: 0
Connection closed by foreign host.
The browser is then redirected to the secure TLS-encrypted version of the website, and the
user logs in. The sslstrip tool intercepts this redirect and never sends the browser any link
starting with https. It also proxies the requests between the server—i.e., it connects to the des-
tination (facebook.com) using TLS. To be able to do this, we require sslstrip to be on a device
that is between the victim and the target destination. And this is exactly the situation we have
in our case: the Smart TV is connected to the Pineapple, and we have full control over the
Pineapple.
The intention of this section is to show how to set up the Pineapple and begin to do preliminary eaves-
dropping on the Smart TV network traffic, so we have willingly connected the Smart TV to this device.
However, someone within the physical vicinity of the Smart TV may also be able to use the Pineapple to
broadcast a “fake” wireless network with the same name as the network the TV is configured to connect to.
This can fool the TV into connecting to the Pineapple instead of the legitimate access point. This can be done
using the built-in Karma tool. Instructions available online detail how to do this.
Let’s enable sslstrip on the Pineapple. From the main section, click on Pineapple Bar and
select the Pineapple Bar: Available tab. Click Show next to the User Infusions section. You
should see a list of infusions populate (these are extensions created by other users to supple-
ment the functionality of the Pineapple). Then click on Install to the right of the sslstrip entry.
Click on “Install to internal storage.” Now go back to the main section and you should see a
new box for sslstrip (Figure 5-11).
INSPECTING YOUR OWN SMART TV (AND OTHER IOT DEVICES) 151