Jump to content

SecurityGuy

Members
  • Posts

    5
  • Joined

Posts posted by SecurityGuy

  1. I spent too much time trying to get my SharkJack to connect to C2. I'm using HTTPS and it turned out to be a time/date issue. Even though NTP was available and there were no egress controls from the network, the time was not being set, and this was breaking certificate validation.

    Adding the following line to the payload after SharkJack connects to the local network resolved the issue:
     

    /usr/sbin/ntpd -q -p 1.openwrt.pool.ntp.org

     

  2. Greetings,

    C2 is offering TLS v1.0, TLS v1.1, and weak SSH MAC algs, all of which are deprecated and create an exception on our vulnerability scans.

    Are these required to communicate with older devices, or can these deprecated protocols and algorithms be disabled?

    Thanks!

     

×
×
  • Create New...