In this work, we introduce a powerful hardware-based rogue access point (PrAP), which can relay traffic between a legitimate AP and a wireless station back and forth, and act as a man-in-the-middle attacker. Our PrAP is built of two dedicated wireless routers interconnected physically, and can relay traffic rapidly between a station and a legitimate AP. Through extensive experiments, we demonstrate that the state-of-the-art time-based rogue AP (rAP) detectors cannot detect our PrAP, although effective against software-based rAP. To defend against PrAPs, we propose PrAP-Hunter based on intentional channel interference. PrAP-Hunter is highly accurate, even under heavy traffic scenarios. Using a high-performance (desktop) and low-performance (mobile) experimental setups of our PrAP-Hunter in various deployment scenarios, we demonstrate close to 100% of detection rate, compared to 60% detection rate by the state-of-the-art. We show that PrAP-Hunter is fast (takes 5-10 sec), does not require any prior knowledge, and can be deployed in the wild by real world experiments at 10 coffee shops.