Writing a simple payload for the Shark Jack

One of the simplest but most useful payloads you can rock on a Shark Jack is a simple port tester. With it you can tell at a glance from the multi-color LED whether a port is active, if it gets an IP address, and whether it has a connection to the Internet. In this article we'll write this basic yet powerful payload.

 

If you've worked in IT for a while you've come across this conundrum. Is this thing on? Without breaking out ye-olde-laptop, we're going to use the Shark Jack to test just this. Let's see how 5 simple lines of bash will give us instant feedback from the RGB LED.


Let's start out payload with the LED command. Even without perusing the official Shark Jack documentation you'll pick up how this command works just by example.


LED R SOLID

It pretty much writes itself. It's an RGB LED, and go figure the R parameter to the LED command tells it to light up Red. The second parameter, solid, said, huh, not to blink. The alternative would be SLOW, FAST or VERYFAST depending on how rapidly you'd want the LED to blink. 


So in this state, the first thing the Shark Jack is going to do is make its LED red. Meanwhile, the framework is going to attempt to obtain an IP address from the target LAN via DHCP. What we'll want to do next is check to see if that's been successful – and if it has we'll change color. Otherwise, this Shark's staying red, and it'll be quite aparent when using that the port is a no-go.


while ! ifconfig eth0 | grep "inet addr"; do sleep 1; done

This little bash one-liner continuously checks the eth0 interface for the existance of the line "inet addr" – which is what you'll get when running the "ifconfig" command when your interface has an IP address. If it doesn't return any results, it'll "do" the command between "do" and "done", forever. That command? Sleep for one second, before checking again. The trick to this command is the exclamation point before the command – that's the magic that says "do this (sleep for a second) if it IS NOT true". Once the statement IS true (the grep for "inet addr" returns something), the command will be passed and our next command will run. Which in this case, will be:


LED Y SOLID

You can see where this is going. Once the Shark Jack gets an IP address, it's going to light – you guessed it – yellow. Our next command will use the same while loop logic as before to block the script from continuing – in this case until its able to download an HTTP web page.


while ! wget http://example.com -qO /dev/null; do sleep 1; done

I love example.com – don't you? It's always there for us. In this case, just as before, the script won't continue until it's able to complete this action. You can replace example.com with any HTTP site of your choosing – I just prefer to use the site that was reserved by the Internet Engineering Task Force back in 1999.


And finally, the command that has me quoting Dr. Raymond Stantz (played by Dan Aykroyd in 1984):


LED G SOLID

It may not be an Ecto-Containment System, but this payload will quickly answer the age old question – is this thing on?


And that's it. Find a prettied-up version ready to go. Love it? Chat with us on the forums. Want more for your Shark Jack? Nab some other sweet payloads. Cheers!



Also in Shark Jack

Two key commands for Shark Jack users
Two key commands for Shark Jack users

Whether on Windows, Mac or Linux – working with the Shark Jack is most convenient from the command line. Best of all, since modern versions of Windows ship with PowerShell, these work identically on all three platforms.
Getting started with shackjack.sh
Getting started with shackjack.sh

So you've gotten the basics down, tried out a few payloads, and now you're ready to take your Shark Jack game to the next level.

Unboxing and setting up the Hak5 Shark Jack!
Unboxing and setting up the Hak5 Shark Jack!

So your Shark Jack just arrived, you've had a moment to appreciate the sweet metal case it comes in, and now you're eager to dig in and get your hack on! Keep reading.

Sign up for sales, new releases, payloads and more…

Sign up today