> For the complete documentation index, see [llms.txt](https://documentation.hak5.org/wifi-pineapple-pager/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://documentation.hak5.org/wifi-pineapple-pager/payloads-1/installing-payloads.md).

# Installing Payloads

Payload installation on the Pineapple Pager is one of the areas which will see significant usability improvements in future firmware updates. Expect revisions to this process and this manual!

### Downloading payloads  <a href="#downloading-payloads" id="downloading-payloads"></a>

The official Hak5 payload repository is available at <https://github.com/hak5/wifipineapplepager-payloads/tree/master>

This includes Hak5 example scripts and community contributed payloads.

Payloads in the repository are organized into `alert`, `recon`, and `user`, with further sub-categories.

{% hint style="danger" %}
Payloads from the Payload Repository are provided for educational purposes only. Hak5 gear is intended for authorized auditing and security analysis purposes only where permitted subject to local and international laws where applicable. Users are solely responsible for compliance with all laws of their locality. Hak5 LLC and affiliates claim no responsibility for unauthorized or unlawful use.\
\
While Hak5 audits payloads before they are accepted into the payload repository, use of third party payloads is at your own risk.
{% endhint %}

{% hint style="warning" %}
Payloads are powerful scripts which can perform many actions on your device. Use caution when installing payloads from *any* source, but *especially* installing payloads from a third party source such as Discord, or any site besides the official Hak5 Payload Repository.\
\
If you do not understand the actions a payload performs, *do not install or run it*.
{% endhint %}

The payload repository can be cloned using standard `git` tools, or [downloaded as a zip file](https://github.com/hak5/wifipineapplepager-payloads/archive/refs/heads/master.zip) containing all payloads in the repository. You can even use `git` on the Pager itself to download the payload repository directly to the device!

info

{% hint style="info" %}
**A note about antivirus and Windows Defender warnings**\
\
It is *never* a good idea to ignore warnings from an antivirus system, and we are *extremely reluctant* to suggest you do so.\
\
\&#xNAN;*However*, a recent trend in antivirus detection has been to rely solely on the detections of a site like VirusTotal. Once a file has been flagged in VirusTotal, all vendors are compelled to copy the signature - even when the original signature is false or of extremely poor quality.\
\
Specifically, it appears recently that a signature for *any file* named `responder.py` has been added, regardless of the contents of the file or if it actually represents a threat. While it would be possible to rename the file in this case, poor detections like these are a constant losing battle.\
\
The contents of the Payload repository are *not Windows executables* and *are not executed on a Windows system at any point*, which means that identifications of them as containing Windows malware are blatantly false.\
\
That said, if you are uncomfortable with the warnings by Windows Defender or other software, we recommend:\
\
1\. File a request or complaint with your antivirus vendor to improve the quality of their detections.\
\
2\. Download the payload repository using a computer you are willing to permit the download on - such as a virtual machine.\
\
3\. Download the payloads directly on the Pager using `git` via `ssh` or the Virtual Pager terminal.\
\
By downloading the payloads directly on the Pager, all risk of executing a flagged file in a Windows environment is removed - but again, payloads are *never* executed in Windows!
{% endhint %}

### Copying payloads to the device  <a href="#copying-payloads-to-the-device" id="copying-payloads-to-the-device"></a>

If you download the payload repository using a computer (via git or zip), payloads can then be copied to the Pineapple Pager using the standard `scp` file copy tool. This is available as a command line tool on all major operating systems. There are also many graphical versions of `scp`, such as [WinSCP](https://winscp.net/eng/index.php) for Windows platforms and [FileZilla](https://filezilla-project.org/) on macOS.

{% hint style="warning" %}
If you are copying payloads from a Windows system, be sure to set the transfer options correctly!\
\
Windows uses a different format for new lines. If you transfer payloads using Windows linefeeds, they will *not work* on the Pager!\
\
If your file transfer tool contains options for text-mode transfer, make sure that it is configured to use Unix (or Linux) linefeed.\
\
For example, in the WinSCP tool, when copying, click “Transfer Settings”, set “Transfer Mode” to “Text”, enable “Convert line endings”, and choose “Unix (LF)”.
{% endhint %}

#### Copying via graphical tools  <a href="#copying-via-graphical-tools" id="copying-via-graphical-tools"></a>

When connecting to the Pager, select the `scp` or `sftp` protocols. `sftp` is a variant of `scp`; legacy basic FTP is not supported.

Use the `root` user to log in, and the password that you created during setup.

The default `root` home directory - `/root` (or `/mmc/root` - they are the same location) - contains the `payloads` directory.

Copy payloads into the appropriate payloads directory and category.

{% hint style="info" %}
The Pager supports `scp` and `sftp` protocols. These are not the same as traditional `ftp` or `ftp-ssl`; make sure to select the proper protocol in your file transfer program!
{% endhint %}

#### Copying via Command Line  <a href="#copying-via-command-line" id="copying-via-command-line"></a>

First, clone the git repository

```shell
$ git clone https://github.com/hak5/wifipineapplepager-payloads.git
Cloning into 'wifipineapplepager-payloads'...
remote: Enumerating objects: 105, done.
remote: Counting objects: 100% (105/105), done.
remote: Compressing objects: 100% (56/56), done.
remote: Total 105 (delta 20), reused 45 (delta 9), pack-reused 0 (from 0)
Receiving objects: 100% (105/105), 23.79 KiB | 3.96 MiB/s, done.
Resolving deltas: 100% (20/20), done.
```

Next, we’ll copy one of the payloads.

```shell
$ cd wifipineapplepager-payloads
$ scp -r library/alerts/pineapple_client_connected/example root@172.16.52.1:/root/payloads/alerts/pineapple_client_connected/
root@172.16.52.1's password: ******
payload.sh
```

Several things are going on in this command:

1. We change directories to the git repository we cloned. This isn’t required, but makes it easier.
2. We use the command-line `scp` tool.
3. The `-r` argument tells `scp` to copy recursively. We need this because we are copying the entire payload directory.
4. `library/alerts/pineapple_client_connected/example` is the payload we wish to copy.
5. `root@172.16.52.1` indicates the username (root) and address (172.16.52.1, the address of the Pager).
6. The second half of the destination `root@172.16.52.1:/root/payloads/alerts/pineapple_client_connected/` indicates where to place the files; in this case, we put the payload in the `alerts/pineapple_client_connected` directory.

### Payload directories  <a href="#payload-directories" id="payload-directories"></a>

When copying a payload to the Pager, remember that each payload consists of one or more files, such as `payload.sh`. Each payload should be a directory, and placed in the appropriate location for that payload: Alert payloads go in `/root/payloads/alerts/`, user payloads in `/root/payloads/user/`, and so on.

For example,

```none
payloads/
payloads/alerts
payloads/alerts/pineapple_client_connected
payloads/alerts/pineapple_client_connected/example
payloads/alerts/pineapple_client_connected/example/payload
```

If a payload does not appear in the payload list under `Alerts` or `Payloads` from the dashboard, make sure you have placed the payload in the proper location.

{% hint style="info" %}
Remember: **Alert** payloads show up under the `Alerts` icon on the Pineapple Pager dashboard, while **User** payloads show up under the `Payloads` icon!
{% endhint %}


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://documentation.hak5.org/wifi-pineapple-pager/payloads-1/installing-payloads.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.