Hak5 – The longest running YouTube show defines Technolust
ThreatWire – News on security, privacy, and internet freedom!
Metasploit Minute – The break down on breaking in with Mubix
HakTip – Essentials for new hackers, enthusiasts, and IT pros
TRUST YOUR TECHNOLUST
Since 2005 we've proclaimed our love for technology with this simple mantra – and we invite you to share in our passion. Welcome!
One of the simplest but most useful payloads you can rock on a Shark Jack is a simple port tester. With it you can tell at a glance from the multi-color LED whether a port is active, if it gets an IP address, and whether it has a connection to the Internet. In this article we'll write this basic yet powerful payload.
If you've worked in IT for a while you've come across this conundrum. Is this thing on? Without breaking out ye-olde-laptop, we're going to use the Shark Jack to test just this. Let's see how 5 simple lines of bash will give us instant feedback from the RGB LED.
Let's start out payload with the LED command. Even without perusing the official Shark Jack documentation you'll pick up how this command works just by example.
LED R SOLID
It pretty much writes itself. It's an RGB LED, and go figure the R parameter to the LED command tells it to light up Red. The second parameter, solid, said, huh, not to blink. The alternative would be SLOW, FAST or VERYFAST depending on how rapidly you'd want the LED to blink.
So in this state, the first thing the Shark Jack is going to do is make its LED red. Meanwhile, the framework is going to attempt to obtain an IP address from the target LAN via DHCP. What we'll want to do next is check to see if that's been successful – and if it has we'll change color. Otherwise, this Shark's staying red, and it'll be quite aparent when using that the port is a no-go.
while ! ifconfig eth0 | grep "inet addr"; do sleep 1; done
This little bash one-liner continuously checks the eth0 interface for the existance of the line "inet addr" – which is what you'll get when running the "ifconfig" command when your interface has an IP address. If it doesn't return any results, it'll "do" the command between "do" and "done", forever. That command? Sleep for one second, before checking again. The trick to this command is the exclamation point before the command – that's the magic that says "do this (sleep for a second) if it IS NOT true". Once the statement IS true (the grep for "inet addr" returns something), the command will be passed and our next command will run. Which in this case, will be:
LED Y SOLID
You can see where this is going. Once the Shark Jack gets an IP address, it's going to light – you guessed it – yellow. Our next command will use the same while loop logic as before to block the script from continuing – in this case until its able to download an HTTP web page.
while ! wget http://example.com -qO /dev/null; do sleep 1; done
I love example.com – don't you? It's always there for us. In this case, just as before, the script won't continue until it's able to complete this action. You can replace example.com with any HTTP site of your choosing – I just prefer to use the site that was reserved by the Internet Engineering Task Force back in 1999.
And finally, the command that has me quoting Dr. Raymond Stantz (played by Dan Aykroyd in 1984):
LED G SOLID
It may not be an Ecto-Containment System, but this payload will quickly answer the age old question – is this thing on?
So your Shark Jack just arrived, you've had a moment to appreciate the sweet metal case it comes in, and now you're eager to dig in and get your hack on! Keep reading.
Get the inside scoop on the latest releases, events, popular payloads and Hak5 Gear tips!