Writing a Simple Payload

One of the simplest but most useful payloads you can rock on a is a simple port tester. With it you can tell at a glance from the multi-color LED whether a port is active, if it gets an IP address, and whether it has a connection to the Internet. In this article we'll write this basic yet powerful payload.

If you've worked in IT for a while you've come across this conundrum. Is this thing on? Without breaking out ye-olde-laptop, we're going to use the Shark Jack to test just this. Let's see how 5 simple lines of bash will give us instant feedback from the RGB LED.

Let's start out payload with the LED command. Even without perusing the official Shark Jack documentation you'll pick up how this command works just by example.

LED R SOLID

It pretty much writes itself. It's an RGB LED, and go figure the R parameter to the LED command tells it to light up Red. The second parameter, solid, said, huh, not to blink. The alternative would be SLOW, FAST or VERYFAST depending on how rapidly you'd want the LED to blink.

So in this state, the first thing the Shark Jack is going to do is make its LED red. Meanwhile, the framework is going to attempt to obtain an IP address from the target LAN via DHCP. What we'll want to do next is check to see if that's been successful – and if it has we'll change color. Otherwise, this Shark's staying red, and it'll be quite apparent when using that the port is a no-go.

while ! ifconfig eth0 | grep "inet addr"; do sleep 1; done

This little bash one-liner continuously checks the eth0 interface for the existence of the line "inet addr" – which is what you'll get when running the "ifconfig" command when your interface has an IP address. If it doesn't return any results, it'll "do" the command between "do" and "done", forever. That command? Sleep for one second, before checking again. The trick to this command is the exclamation point before the command – that's the magic that says "do this (sleep for a second) if it IS NOT true". Once the statement IS true (the grep for "inet addr" returns something), the command will be passed and our next command will run. Which in this case, will be:

LED Y SOLID

You can see where this is going. Once the Shark Jack gets an IP address, it's going to light – you guessed it – yellow. Our next command will use the same while loop logic as before to block the script from continuing – in this case until its able to download an HTTP web page.

while ! wget http://example.com -qO /dev/null; do sleep 1; done

I love example.com – don't you? It's always there for us. In this case, just as before, the script won't continue until it's able to complete this action. You can replace example.com with any HTTP site of your choosing – I just prefer to use the site that was reserved by the Internet Engineering Task Force back in 1999.

And finally, the command that has me quoting Dr. Raymond Stantz (played by Dan Aykroyd in 1984):

LED G SOLID

It may not be an Ecto-Containment System, but this payload will quickly answer the age old question – is this thing on?

#!/bin/bash
#
# Title:        Internet Access Tester
# Author:       Hak5Darren
# Version:      1.0
#
# Description:	This payload tests the port to see if the Shark Jack can
# obtain an IP address from DHCP, and if it can access the Internet by
# testing a specified HTTP URL.
#
# LED SETUP (Magenta)... Setting NETMODE to DHCP_CLIENT
# LED Red... No IP address from DHCP yet
# LED Yellow... Obtained IP address from DHCP, waiting on Internet access
# LED Green... Confirmed access to Internet

PUBLIC_TEST_URL="http://www.example.com"

LED SETUP
# Set NETMODE to DHCP_CLIENT for Shark Jack v1.1.0+
NETMODE DHCP_CLIENT

LED R SOLID
while ! ifconfig eth0 | grep "inet addr"; do sleep 1; done
LED Y SOLID
while ! wget $PUBLIC_TEST_URL -qO /dev/null; do sleep 1; done
LED G SOLID