Jump to content

Remote browser access via SJ? (maybe SSH remote forwarding)


hachiman
 Share

Recommended Posts

Hey there, 

brief question for your help (my brain seems a bit lost here). 

I conducted an audit of our enterprise network and discovered sensitive websites. 

Second step would be to deploy a SJ and somehow be able to remotely connect to it, using it as a bridgehead, and then access some of these websites. 

Could this be done with some ssh -r remote forwarding config? I used this to access local webservers where the ssh is running, but would this work to connect like this:

Browser on internet server -> Internet -> SharkJack -> Website?

This is more like a demo case for our conference, so OPSEC is not a big matter here. 

 

Thanks everyone!

Link to comment
Share on other sites

I'm not that sure I would use the Shark for such a scenario. That device is more of a "hit and run" thing rather than being persistent. Battery life also needs to be considered (even though it's possible to run the Shark with a power adapter while it's operating). In terms of Hak5 devices, I would probably use the Packet Squirrel in combination with some OpenVPN AS setup. Then, from a remote computer, go via the OpenVPN AS further on via the Squirrel and to the internal network.

  • Upvote 1
Link to comment
Share on other sites

Good idea. Just to be more specific on this case. I dont require long battery runtime. It is more a "proof of concept". Plug it in, get remote access to demo the vulnerability and then unplug it again. 
I dont have Packet Squirrel, but I have a LAN Turtle. Which I think also provides C2 integration and OpenVPN, right? So I could use the RJ45 to plug it into our network and use a normal power bank to keep it up and running while doing the demo. 
Do you think this would make sense? 

PS: A public server with c2 installed and running is available also.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...