InfoSecREDD Posted January 30, 2021 Share Posted January 30, 2021 Payload Library for Web UI/SSH(Unofficial Patch) This (unofficial) Patch provides the Official SharkJack Web UI with a additional Tab on the Web UI (http://172.16.24.1/) to maintain your payloads on the Device itself rather than relying on a PC to switch to your prior used payloads. I personally figured since the SharkJack has not received any Love in over a year, I'd give it a little attention. Since it was missing a Payload Management System on the device (That is accessible via Web UI), I decided to make one. I attempted to "copy" the original style of the original Web UI. - Taking the POST methods and programming style of the previous developer to try to bring features without "adding" dependencies to the SharkJack. I have also included a Patcher for both Windows Machines and Unix/Mac's (Utilizing the current sharkjack.sh tool from Hak5 - Kudos Devs) to make this feature available to everyone. Enjoy! Features: Backup your current Payload to the Library. Download any Payload in the Library. Restore any Payload in the Library. Delete any Payload in the Library. Adds "library" command to SharkJack. - Allows ALL the same features as the WebUI Library Tab and is CROSS-COMPATIABLE! Example Screenshot of the Library via WebUI: Screenshot of Library ("library" command) via SSH: What is needed to Install: Sharkjack with 1.1.0 firmware or higher installed. Ethernet Port on Local Machine to connect the SharkJack. Administrator/Root user on Local Machine. How to Install: Head to https://github.com/InfoSecREDD/sj-webui-patch/releases Download the most current release (.zip or .tar.gz). Unzip the downloaded file to a location of your choice. Connect your SharkJack in ARMING MODE to the Ethernet Port on your local machine. Run the appropriate Patcher for your OS. (Windows: patcher-win.cmd, Linux/Mac: patcher-linux.sh) Select "1" on the menu and follow the Patcher's Instructions. Once Patcher is finished, Head to the SharkJack Web UI to verify it has been installed. (http://172.16.24.1/) Enjoy! How to Remove: (If already downloaded & unzipped. Skip to Step #4) Head to https://github.com/InfoSecREDD/sj-webui-patch/releases Download the most current release (.zip or .tar.gz). Unzip the downloaded file to a location of your choice. Connect your SharkJack in ARMING MODE to the Ethernet Port on your local machine. Run the appropriate Patcher for your OS. (Windows: patcher-win.cmd, Linux/Mac: patcher-linux.sh) Select "2" on the menu and follow the Patcher's Instructions. Once Patcher is finished, Head to the SharkJack Web UI to verify it has been removed. (http://172.16.24.1/) (Your Payloads will remain saved on the device under /root/library/ - We don't want to delete your payloads without your confirmation.) How to use the Web UI Library: Connect the SharkJack in ARMING MODE to the Ethernet Port on your Local Machine. Open up your Browser of choice (Chrome, Firefox, Brave, Opera, Edge (🤮), etc) and go to "http://172.16.24.1/". Navigate to the "Library" tab on the Top Menu. Input your desired Payload Name in the Backup input field box and click the "BACKUP" button. Click "Ok" on the Window Alert. The Page will instantly refresh.(At this point you can choose to "Restore", "Download", and "Delete" that payload.) Enjoy! How to use the Terminal Extension: Connect the SharkJack in ARMING MODE to the Ethernet Port on your Local Machine. Open up your SSH Client of choice (PuTTy, Linux Terminal, PowerShell/CMD(if OpenSSH Client (Beta) Feature is installed on Windows 10)) and connect to 172.16.24.1 with your credentials. Type "library" and hit [Enter] in the shell and follow the prompted Menu. Enjoy! Known Issues: Payload Tab - Payload text that includes certain special characters do not translate in POST Method. (SharkJack 1.1.0 - 1.0.1 WebUI Issue.) This issue has nothing to do with this patcher or project. (See workaround below) Payload Tab - Payload text that exceeds certain character limit stalls and does not post payload content to correct location. (SharkJack 1.1.0 - 1.0.1 WebUI Issue.) This issue has nothing to do with this patcher or project. (See workaround below) Workaround for Payload Tab Issues: Connect to SharkJack via SSH and use SCP to transfer payloads to "/root/payload/payload.sh". It will appear in the "Payload Tab" and you'll be able to backup/restore the payload using the Library Tab. If using a SFTP Client, make sure your Text Editor is formatted for "UNIX Style Formatting" otherwise you will end up with "^M", etc, after each line. - Then transfer the appropriate Payload to "/root/payload/payload.sh". It will appear in the "Payload Tab" and you'll be able to backup/restore the payload using the Library Tab. Source GitHub Repo:https://github.com/InfoSecREDD/sj-webui-patch Patch.sh Source:https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patch.sh Payload Library Source:https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patch/library.sh Patcher-Win Source:https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patcher-win.cmd Patcher-Linux Source:https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patcher-linux.sh Payload Library Shell Extension:https://github.com/InfoSecREDD/sj-webui-patch/blob/main/patch/library Link to comment Share on other sites More sharing options...
InfoSecREDD Posted January 30, 2021 Author Share Posted January 30, 2021 Feb 3rd, 2021: Version 1.11 - Minor fixes to patcher-win.cmd file. Fixes errors with some Windows users having errors with script seeing local files. Feb 3rd, 2021: Version 1.1 - Adds Shell "library" command to the patch. (Formly SharkLib) Adds fixes to library command to make compatible with Patch WebUI Library. Jan 29th, 2021: Version 1.0d - Public Release of Patch. Link to comment Share on other sites More sharing options...
SKiZZ Posted February 2, 2021 Share Posted February 2, 2021 I have to say this a great addon and should of really been in the initial release. SSH'ing may not always be practical especially if your on assignment and need to switch payloads on the fly, you may not have access to SSH on someone else's PC but every PC has a web browser. I can certainly think this would expand the use cases for the SharkJack in any pentesters arsenal. Be sure to check out REDD's C2 Discord payload as well. I hope he continues to develope addons and payloads for ther many Hak5 products. Link to comment Share on other sites More sharing options...
InfoSecREDD Posted February 3, 2021 Author Share Posted February 3, 2021 11 hours ago, SKiZZ said: I have to say this a great addon and should of really been in the initial release. SSH'ing may not always be practical especially if your on assignment and need to switch payloads on the fly, you may not have access to SSH on someone else's PC but every PC has a web browser. I can certainly think this would expand the use cases for the SharkJack in any pentesters arsenal. Be sure to check out REDD's C2 Discord payload as well. I hope he continues to develope addons and payloads for ther many Hak5 products. Thanks! I try to just make the device as easy as I can for everyone.. 😁 Link to comment Share on other sites More sharing options...
wulf Posted February 3, 2021 Share Posted February 3, 2021 Wow a very nice and intuitive way to manage your payloads. Can't wait to see an enhanced version somewhere in time which makes it possible to set the payload configurations via the graphical shell as well. @Darren Kitchen can this or such functionality be integrated in a future firmware? Link to comment Share on other sites More sharing options...
InfoSecREDD Posted February 3, 2021 Author Share Posted February 3, 2021 9 hours ago, wulf said: Wow a very nice and intuitive way to manage your payloads. Can't wait to see an enhanced version somewhere in time which makes it possible to set the payload configurations via the graphical shell as well. @Darren Kitchen can this or such functionality be integrated in a future firmware? "Enhanced Version" will be released in 24-48 hours. - I like the idea. And thanks! Link to comment Share on other sites More sharing options...
SKiZZ Posted February 4, 2021 Share Posted February 4, 2021 15 hours ago, REDD said: Thanks! I try to just make the device as easy as I can for everyone.. 😁 Install was a breeze too and went without a hiccup. Link to comment Share on other sites More sharing options...
Topknot Posted February 4, 2021 Share Posted February 4, 2021 Excited to test it! Will keep you posted. Link to comment Share on other sites More sharing options...
InfoSecREDD Posted February 4, 2021 Author Share Posted February 4, 2021 6 minutes ago, Topknot said: Excited to test it! Will keep you posted. Glad to see your back and still have the device! Link to comment Share on other sites More sharing options...
InfoSecREDD Posted February 4, 2021 Author Share Posted February 4, 2021 18 hours ago, wulf said: Wow a very nice and intuitive way to manage your payloads. Can't wait to see an enhanced version somewhere in time which makes it possible to set the payload configurations via the graphical shell as well. @Darren Kitchen can this or such functionality be integrated in a future firmware? @wulf I added a terminal version to the patch. Let me know what you think.. Download version 1.11 of the patch, "Remove Patch", then "Install Patch" again.. It will give you a library command via SSH. Enjoy! Link to comment Share on other sites More sharing options...
spywill Posted February 4, 2021 Share Posted February 4, 2021 Great work keep up the hard work. Thanks👍 Link to comment Share on other sites More sharing options...
StrangePanda Posted May 20, 2021 Share Posted May 20, 2021 The script worked well on my Mac and the Patch is working. Thank You 🙂 Link to comment Share on other sites More sharing options...
InfoSecREDD Posted February 22, 2022 Author Share Posted February 22, 2022 This project will continue to work on 1.2 firmware. Needs to be reworked to sync with 1.2 "UPDATE_PAYLOADS" command. Enjoy! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.