Installing Payloads
Payload installation on the Pineapple Pager is one of the areas which will see significant usability improvements in future firmware updates. Expect revisions to this process and this manual!
Downloading payloads
The official Hak5 payload repository is available at https://github.com/hak5/wifipineapplepager-payloads/tree/master
This includes Hak5 example scripts and community contributed payloads.
Payloads in the repository are organized into alert, recon, and user, with further sub-categories.
Payloads from the Payload Repository are provided for educational purposes only. Hak5 gear is intended for authorized auditing and security analysis purposes only where permitted subject to local and international laws where applicable. Users are solely responsible for compliance with all laws of their locality. Hak5 LLC and affiliates claim no responsibility for unauthorized or unlawful use.
While Hak5 audits payloads before they are accepted into the payload repository, use of third party payloads is at your own risk.
Payloads are powerful scripts which can perform many actions on your device. Use caution when installing payloads from any source, but especially installing payloads from a third party source such as Discord, or any site besides the official Hak5 Payload Repository.
If you do not understand the actions a payload performs, do not install or run it.
The payload repository can be cloned using standard git tools, or downloaded as a zip file containing all payloads in the repository.
Copying payloads to the device
If you download the payload repository using a computer (via git or zip), payloads can then be copied to the Pineapple Pager using the standard scp file copy tool. This is available as a command line tool on all major operating systems. There are also many graphical versions of scp, such as WinSCP for Windows platforms and FileZilla on macOS.
Copying via graphical tools
When connecting to the Pager, select the scp or sftp protocols. sftp is a variant of scp; legacy basic FTP is not supported.
Use the root user to log in, and the password that you created during setup.
The default root home directory - /root (or /mmc/root - they are the same location) - contains the payloads directory.
Copy payloads into the appropriate payloads directory and category.
The Pager supports scp and sftp protocols. These are not the same as traditional ftp or ftp-ssl; make sure to select the proper protocol in your file transfer program!
Copying via Command Line
First, clone the git repository
$ git clone https://github.com/hak5/wifipineapplepager-payloads.git
Cloning into 'wifipineapplepager-payloads'...
remote: Enumerating objects: 105, done.
remote: Counting objects: 100% (105/105), done.
remote: Compressing objects: 100% (56/56), done.
remote: Total 105 (delta 20), reused 45 (delta 9), pack-reused 0 (from 0)
Receiving objects: 100% (105/105), 23.79 KiB | 3.96 MiB/s, done.
Resolving deltas: 100% (20/20), done.
Next, we’ll copy one of the payloads.
$ cd wifipineapplepager-payloads
$ scp -r library/alerts/pineapple_client_connected/example root@172.16.52.1:/root/payloads/alerts/pineapple_client_connected/
root@172.16.52.1's password: ******
payload.sh
Several things are going on in this command:
- We change directories to the git repository we cloned. This isn’t required, but makes it easier.
- We use the command-line
scptool. - The
-rargument tellsscpto copy recursively. We need this because we are copying the entire payload directory. library/alerts/pineapple_client_connected/exampleis the payload we wish to copy.root@172.16.52.1indicates the username (root) and address (172.16.52.1, the address of the Pager).- The second half of the destination
root@172.16.52.1:/root/payloads/alerts/pineapple_client_connected/indicates where to place the files; in this case, we put the payload in thealerts/pineapple_client_connecteddirectory.
Payload directories
When copying a payload to the Pager, remember that each payload consists of one or more files, such as payload.sh. Each payload should be a directory, and placed in the appropriate location for that payload: Alert payloads go in /root/payloads/alerts/, user payloads in /root/payloads/user/, and so on.
For example,
payloads/
payloads/alerts
payloads/alerts/pineapple_client_connected
payloads/alerts/pineapple_client_connected/example
payloads/alerts/pineapple_client_connected/example/payload
If a payload does not appear in the payload list under Alerts or Payloads from the dashboard, make sure you have placed the payload in the proper location.
Remember: Alert payloads show up under the Alerts icon on the Pineapple Pager dashboard, while User payloads show up under the Payloads icon!