Rajesh Sundram Posted November 9, 2019 Share Posted November 9, 2019 Is it possible to start a netcat session on a target with the shark jack. I’m a real noob, and I don’t know a lot about the shark jack. But, I was wondering if it is possible. Link to comment Share on other sites More sharing options...
Darren Kitchen Posted November 10, 2019 Share Posted November 10, 2019 Netcat is included on the Shark Jack with the command `nc` As for starting netcat on a target, it really depends. There are a few reverse shell payloads for the Bash Bunny, for instance... Link to comment Share on other sites More sharing options...
Gary Miles Posted November 10, 2019 Share Posted November 10, 2019 3 hours ago, Darren Kitchen said: There are a few reverse shell payloads for the Bash Bunny, for instance Hi Darren. Could you potentially use the shark jack to start a nc session. Or is that more of just a Bash Bunny thing. Link to comment Share on other sites More sharing options...
Darren Kitchen Posted November 10, 2019 Share Posted November 10, 2019 I mean, anything is possible but at first glance I'd say it's much easier to invoke with a keystroke injection attack using the Bash Bunny or USB Rubber Ducky. Not sure exactly how you'd pull it off with the Shark Jack, but I'm not going to rule it out since you never know what's possible RCE wise when you have direct network access. Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted November 11, 2019 Share Posted November 11, 2019 Since the Shark Jack is a network device, I see only a few ways of doing the above. Like I preach in the BashBunny threads about how to picture the device, picture the Shark Jack like your laptop and you are plugging it into the network. Difference is when you power it on, it will run something like the local.rc to auto run stuff. What your laptop can do with only a network connect is about true with the shark jack with difference amount of resources of course. So.... - You can manually run netcat from victim to connect to Shark netcat listener. (RubberDuck, BashBunny, by hand or other stager) - You bruteforce a domain account that has local admin access to the victim machine or a local admin account on the victim where the registry key "LocalAccountTokenFilterPolicy" is set to 1, and use it to remotely netcat back to SharkJack. - There is a known vulnerability on the victim device that is remotely exploitable without user intervention that the sharkjack can use to download and run netcat on victim to connect back to Shark netcat listener. Summary, the Shark Jack is not going to do it on its own without manual intervention, credentials or network exploit. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.