How to Build and Deploy an Evil Twin Attack with a Raspberry Pi Pineapple

Welcome back, cyber‑security enthusiasts! In this second installment of the Pineapple Attacks series, we shift our focus from exploiting technical flaws in wireless protocols to targeting the most vulnerable element in any network: the user. By combining wireless impersonation with social engineering, the Evil Twin method turns a seemingly harmless Wi‑Fi hotspot into a credential‑stealing trap. Below you’ll find a step‑by‑step guide to setting up a Raspberry Pi‑based Pineapple for this attack, along with practical tips, legal reminders, and a quick FAQ to help you stay on the right side of the law.

What Is an Evil Twin Attack?

At its core, an Evil Twin attack is a form of phishing that operates over Wi‑Fi. The attacker creates a rogue access point (AP) that mimics a legitimate network—often by using the same SSID (network name) and, in some cases, the same BSSID (MAC address). Users, trusting the familiar name, connect to the fake AP and unknowingly expose their credentials to the attacker.

Unlike brute‑force or dictionary attacks that target encryption keys, the Evil Twin relies on human error. It exploits the fact that many people will connect to any open network that looks familiar, especially in public spaces or when their device is out of battery and prompts for a password.

Setting Up the Pineapple for an Evil Twin

Below is a practical workflow for turning a Raspberry Pi‑based Pineapple into a fully functional Evil Twin platform. The process is broken into three phases: configuration, deployment, and data capture.

1. Configuration

Start by installing the latest Pineapple firmware on your Raspberry Pi. Once the OS is up and running, you’ll need to edit the startup.sh script to define the rogue AP’s parameters.

• SSID: Choose a name identical to the target network. If you’re targeting a corporate Wi‑Fi, use the exact SSID the employees see.
• Security: Set the network to open (no password). This forces