Two Key Commands

Whether on Windows, Mac or Linux – working with the is most convenient from the command line. Best of all, since modern versions of Windows ship with PowerShell, these work identically on all three platforms. In this article I'll show you two commands that'll make working with the Shark Jack a breeze, and how exactly they work.

Outside of the occasional firmware update, the two biggest functions you'll face when using your Shark Jack in arming mode – the devices management mode – are uploading payloads to the device and downloading loot (log files generated by payloads) from the device.

As you know from the official documentation, in arming mode the Shark Jack runs as a server – both a DHCP server, which will assign your computer an IP address on its network (a network of two, you and it) as well as an SSH server. The SSH server, or Secure Shell, lets you securely access the Shark Jack's command-line. When you 'ssh into' the Shark Jack, you'll get a bash shell on this tiny Linux box – from which you can manage the payload file in /root/payload, and the captured loot in /root/loot. But SSH has another function, and with it you may never need to drop into the Shark's bash shell.

SCP, or Secure Copy, works just like the cp command locally – except over the Secure Shell (SSH). Using it you can copy files to and from remote devices, just as you would locally using 'cp' in Bash or PowerShell, or 'copy' in CMD. And with that, here are the two scp commands that'll make your Shark Jack life a breeze.

I'll show you from the Windows users perspective in PowerShell – but the same commands will hold true for the terminal on MacOS and Linux.

COPYING A PAYLOAD TO THE SHARK JACK

I like to keep an up to date copy of the Shark Jack payload repository on my computer – so I can try out the latest creations from the Hak5 community. In this example I'll show you how to copy the ipinfo payload, in the form of a shell script or payload.sh file, to the Shark Jack. It's on my hard disk in C:\Users\bob\SharkJack\payloads\ipinfo, so if I navigate there in PowerShell I can use the scp command to ferry that file over to the Shark Jack's payload folder - overwriting anything that may already exist there.

scp .\payload.sh root@172.16.24.1:payload/

The first part invokes the 'scp' command to securely copy the file. This command takes two parameters – from and to. In this case the first parameter, from, is the payload.sh file in this local working directory. In Windows PowerShell this is prefixed with .\. The next parameter, to, specifies where on the Shark Jack in the form of three elements: the user, the IP address, and the directory. In this case the user is root, the IP address of the Shark Jack is 172.16.24.1, and the directory is :payload/.

A remote host with scp takes the form of user@host:directory – with @ separating user and host, and : separating host and directory. If no directory is specified after the :, the default will be the user's home directory. In this case, the root user's home directory is /root/ – so specifying :payload/ is the same as specifying :/root/payload/ (just with less typing).

Keep in mind this command is going to copy the local payload.sh file over to the Shark Jack in /root/payload/, overwriting any payload.sh file that's already there.

COPYING LOOT FROM THE SHARK JACK

Using the same method as above, we're going to reverse the from and to fields to recursively copy loot from the Shark Jack to the local computer.

scp -r root@172.16.24.1:loot/ .

In this case the -r argument is specified so say to recursively copy the files. This means it'll copy files from all of the nested directories, since each payload saves loot to its own folder. The rest of the command is similar to the previous, only reversed. In this case the from field is the remote host – again in the form of user@host:directory. The to field is the current working directory, as represented by '.' – or it could be any path such as c:\Users\bob\SharkJack\loot\