Remote browser access via SJ? (maybe SSH remote forwarding)

[hachiman]

Hey there, 

brief question for your help (my brain seems a bit lost here). 

I conducted an audit of our enterprise network and discovered sensitive websites. 

Second step would be to deploy a SJ and somehow be able to remotely connect to it, using it as a bridgehead, and then access some of these websites. 

Could this be done with some ssh -r remote forwarding config? I used this to access local webservers where the ssh is running, but would this work to connect like this:

Browser on internet server -> Internet -> SharkJack -> Website?

This is more like a demo case for our conference, so OPSEC is not a big matter here. 

 

Thanks everyone!

[chrizree]

I'm not that sure I would use the Shark for such a scenario. That device is more of a "hit and run" thing rather than being persistent. Battery life also needs to be considered (even though it's possible to run the Shark with a power adapter while it's operating). In terms of Hak5 devices, I would probably use the Packet Squirrel in combination with some OpenVPN AS setup. Then, from a remote computer, go via the OpenVPN AS further on via the Squirrel and to the internal network.

[hachiman]

Good idea. Just to be more specific on this case. I dont require long battery runtime. It is more a "proof of concept". Plug it in, get remote access to demo the vulnerability and then unplug it again. 
I dont have Packet Squirrel, but I have a LAN Turtle. Which I think also provides C2 integration and OpenVPN, right? So I could use the RJ45 to plug it into our network and use a normal power bank to keep it up and running while doing the demo. 
Do you think this would make sense? 

PS: A public server with c2 installed and running is available also.

[chrizree]

Yes, the LAN Turtle should work since Darren based a video on that specific setup some years ago using OpenVPN AS as a "gateway" into a LAN from outside.

https://www.youtube.com/watch?v=b7qr0laM8kA