oscaringosv Posted September 11, 2019 Posted September 11, 2019 Is there possible to change the MAC address of the Shark?
Didier Stevens Posted September 28, 2019 Posted September 28, 2019 I just did some packet captures of a Shark Jack nmap scanning (using my Packet Squirrel 🙂 ), and to me it looks like the MAC address of the Shark Jack is randomized.
Didier Stevens Posted September 28, 2019 Posted September 28, 2019 Confirming it is random. First I have this: Quote root@shark:~# ifconfig eth0 Link encap:Ethernet HWaddr 86:72:96:71:C3:3C inet addr:172.16.24.1 Bcast:172.16.24.255 Mask:255.255.255.0 inet6 addr: fe80::8472:96ff:fe71:c33c/64 Scope:Link Then after Shark Jack reboot this: Quote root@shark:~# ifconfig eth0 Link encap:Ethernet HWaddr 2E:AF:43:F2:3E:22 inet addr:172.16.24.1 Bcast:172.16.24.255 Mask:255.255.255.0 inet6 addr: fe80::2caf:43ff:fef2:3e22/64 Scope:Link
Darren Kitchen Posted October 1, 2019 Posted October 1, 2019 Yes, the Shark Jack MAC address is randomized at boot 🙂
PaPPy Posted October 29, 2019 Posted October 29, 2019 Can something like macchanger be used to change it?
Cap_Sig Posted November 1, 2019 Posted November 1, 2019 On 10/29/2019 at 7:24 AM, PaPPy said: Can something like macchanger be used to change it? Are you wanting to set the address to a specific MAC for access to a restricted network?
PaPPy Posted November 1, 2019 Posted November 1, 2019 Yes. The network uses port security. So the idea is get the mac of a plugged in system (been looking into this via other posts on this forum). Then set it on the shark jack, to run payloads.
Darren Kitchen Posted November 1, 2019 Posted November 1, 2019 Yes, this is doable using the macchanger utility. If it's not included in 1.0.1, it will be included in the forthcoming 1.0.2 which will introduce the NETMODE command for dhcp server, dhcp client, and transparent modes.
UnshakeableSalt Posted January 22, 2020 Posted January 22, 2020 On 11/1/2019 at 11:53 PM, Darren Kitchen said: Yes, this is doable using the macchanger utility. If it's not included in 1.0.1, it will be included in the forthcoming 1.0.2 which will introduce the NETMODE command for dhcp server, dhcp client, and transparent modes. An upvote if this could be included please I have tried using the jack on an engagement for where I knew a trusted lansweeper machine - where the jack's portscan and exfil would have been whitelisted by the SIEM
InfoSecREDD Posted January 22, 2020 Posted January 22, 2020 11 hours ago, UnshakeableSalt said: An upvote if this could be included please I have tried using the jack on an engagement for where I knew a trusted lansweeper machine - where the jack's portscan and exfil would have been whitelisted by the SIEM Uhh you can already change the MAC.. Just needs a work around in the payload..
Recommended Posts
Archived
This topic is now archived and is closed to further replies.