Getting started with sharkjack.sh

So you've gotten the basics down, tried out a few payloads, and now you're ready to take your Shark Jack game to the next level. One thing you may have noticed in getting your feet wet is the task of copying payloads to, and loot from the device. What's a hacker to do when something is done more than once? Script it, obviously. Enter: sharkjack.sh - now available for MacOS and Linux.

The sharkjack.sh script is a pretty front-end that'll assist it not only loading payloads and getting loot off the Shark Jack, but it'll help you setup SSH keys so you can connect quickly - potentially without having to type a password. Further, it'll check to see if your Shark Jack is up to date, and if not it can upgrade the firmware on your device automatically. 

Let's get started. Begin by downloading sharkjack.sh from the tools section of  downloads.hak5.org/shark. Then, open a terminal and navigate to the directory where you're keeping sharkjack.sh. I like to keep my scripts in my home directory, or ~, so I can quickly get to 'em by typing 'cd' and hitting enter. Next, make the script executable with 'chmod +x ./sharkjack.sh' and run it as root with 'sudo ./sharkjack.sh'

From the sharkjack.sh main menu, pressing C will connect via SSH to the Shark Jack. It'll wait for you to flip the devices switch to arming mode (center positoin) and plug it into your computers Ethernet port. After authenticating with the Shark Jack, you'll have a 'root@shark:~#' prompt.

If you want to make logging in even easier, pressing S a the main menu will copy your SSH public key to the Shark Jack - and if you haven't created SSH keys before, it'll guide you through the process.

The other functions – like upgrading the firmware, pushing payloads to the device, and getting loot saved on its disk work similarly.

So that's how to easily manage your Shark Jack using the sharkjack.sh helper script. We'd love to hear your thoughts on it in the forums, and you're welcome to contribute from the github repository. Cheers!