Difference between revisions of "Hak5 Shark Jack"
Line 26: | Line 26: | ||
* loot | * loot | ||
The payloads folder is the place where the code is located which you want to be executed when the Shark Jack is in Attacking Mode. The filename of the code needs to be <code>payload.sh</code>. | The payloads folder is the place where the code is located which you want to be executed when the Shark Jack is in Attacking Mode. The filename of the code needs to be <code>payload.sh</code>. | ||
The loot folder is the place where you can save the results of the network attack. | |||
=== Installing/updating packages (optional) === | === Installing/updating packages (optional) === |
Revision as of 11:36, 19 December 2021
Summary
The Shark Jack is a penetration tool for penetration testers and system administrators looking like a simple USB-Stick. It consists of three main components: a LAN-Port for configuration and executing pentests (which also uses a RGB-LED for visual responses), a USB-C port for charging and a slider to change modes. It provides possibilities to perform network audits and information gathering attacks. These functions are provided by the packages which are installed on the Shark Jack. The packages are provided by the OpenWRT platform, which means that users can add other packages than the preinstalled ones.
Description
Modes
- OFF (Slider is in position nearest to USB-C) - charging
- Arming (Slider is in middle position) - configurating
- Attack (Slider is in position nearest to LAN) - pentesting
Setting up the Shark Jack
- Change mode to arming.
- Plug the Shark Jack into one of the LAN ports of your computer.
- Your PC will get an IP-address in range 172.16.24.0/24.
- Connect via SSH to 172.16.24.1.
- You are now connected to the Shark Jack.
Folder structure
The Shark Jack folder structure consists of two predefined folders:
- payloads
- loot
The payloads folder is the place where the code is located which you want to be executed when the Shark Jack is in Attacking Mode. The filename of the code needs to be payload.sh
.
The loot folder is the place where you can save the results of the network attack.
Installing/updating packages (optional)
- Connect to your Shark Jack to your PC.
- Enter the command
NETMODE DHCP_CLIENT
- The Shark Jack will now act as a normal client waiting for an IP-address from an DHCP-Server.
- Connect the Shark Jack to your router.
- Gather the IP-addres of the Shark Jack (Web interface of the router or form the DCHCP-Server).
- Connect via SSH to the new IP addres (e.g., 192.168.0.153).
- Use
opkg upgrade [package]
for updating packages oropkg install[package]
for installing new packages.
Updating firmware (optional)
- Download latest update from https://downloads.hak5.org/shark
- Connect to your Shark Jack to your PC and also connect the USB-C port to a reliable power source.
- Copy the firmware file to the Shark Jack (e.g., with scp)
- Change to the directory where the firmware file is located.
- Execute following command
sysupgrade -n [filename]
- Wait 5-10 minutes while the firmware is flashed.
- DO NOT unplug the Shark Jack during the update process!