Shark Jack Unboxing and Setup - Hak5 2610
ฝัง
- เผยแพร่เมื่อ 28 ก.ย. 2024
- Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
____________________________________________
Everything from unboxing your Shark Jack to connecting in arming mode, exfiltrating loot, changing out payloads, upgrading the firmware, checking out the new web interface and even connecting it to Cloud C2.
shop.hak5.org/...
VIDEO CHAPTERS:
0:58 - Unboxing
4:22 - Attacking with the default payload
7:08 - Connecting in arming mode
10:40 - Navigating the file system
12:34 - Exfiltrating loot to our local host
14:13 - The sharkjack.sh helper script
17:16 - Upgrading the firmware
19:26 - The new arming mode web interface
20:30 - Loading new payloads
25:19 - Setting up Cloud C2
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → www.hak5.org
Shop → www.hakshop.com
Subscribe → www.youtube.co...
Support → / threatwire
Contact Us → / hak5
Threat Wire RSS → shannonmorse.p...
Threat Wire iTunes → itunes.apple.c...
Host: Shannon Morse → / snubs
Host: Darren Kitchen → / hak5darren
Host: Mubix → / mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong.
I would never have figured that out from your documentation. I was looking for a video like this. Thanks.
and i quote - "Saftey is sexy"
Cameron Reimer ...said no one ever 😉
@@monas.6839 No, pretty sure it was said at timecode 1:43
"best editor in the world" ... Release the flame warriors!
nano is the best text editor on earth!
you are amazing Darren
I feel like the led colors are off from the included documentation or videos. I dont see purple mentioned anywhere. Will have to spend time diggin to figure out how its changed since 3 years ago as battery is no longer included.
Any black Friday / Cyber Monday sales coming up??
You should upgrade this to work with POE.
What about POE based network is it possible to power this device over POE
good question. Please, let me know what you've found
It has a battery so no PoE needed
Very nice indeed
I am not able to connect to the C2 server however I am able to have access to the web portal on 172. I am not sure what am doing wrong, the C2CONNECT command runs successfully but can't connect back to the server. Can anyone help
Lipo yes can start fire Darren. I know :( i started 10 18650 up. But was saved by one dropping out. Sand is your friend lol. Glad I started watching again.
How do i exit the payload
Are you using Kali in a VM?
i think so, specifically VB since he said, "...go on our Kali box". (virtual box)
Does the SSH payload seem to be correctly? i've tried it on my network with dhcp enabled but keeps flashing red..
I just updated the payload for compatibility with v1.1.0 - check the repo again :)
@@DarrenKitchen works like a charm, thanks!
Can anybody help I got a usb rubber ducky I plugged it in like most people do to make the hello script run but it did nothing I looked into it and saw that there was nothing on the micro sd card what can I do?
read the documentation
@@cooller8888 thanks but I found out on my own
@@lg3zamzam930 so I gave you a piece of good advice.. you are welcome bro!
@@cooller8888 thanks!
Dear Hak5
i really want to buy your tools so i hope you have some shopping here in the Philippines
the will ship it worldwide if you ask thru email and pay all the fees.... they didn't ship to my country before my order as well... that was in 2016 so polity might be different now but you can give it a try
I'm gonna tell my kids this is Serj Tankian
@Hak5
Deer Hak5
Please make radio calls and read data hacking and hjacking to TV networks and radio's
Good night
Made in China
You want to be a hacker this ain't it
Darren what about if the network is not configured using DHCP? How is Shark getting an IP?
It would have been even better if you could have used the usb-c port to make it easier to export data, at that point I don't believe you would have to wait for the device to boot to SSH into it
now all you need to do is add a microsd card slot to this and oh boy :)
Why does this make me think of the Magic Jack
I can’t wait to get one! That looks like fun
Can't you just ping for networks then Wireshark packet sniff from there? What other stuff do you got from the Shark Jack that you wouldn't get from the other method I mentioned?
With the Shark Jack you can do all of this without needing authentication to a network. So you could walk into victims house/company and plug into any machine, and not many would know what you are doing. Using Wireshark and nmap to ping for networks will be a manual process that can take long periods of time + authentication to the victims network.
Very bad hak5 support, I'll say no support at all, very unprofessional
'And now I have the best text editor on earth!'
will it work against IDS/ IPS ????
Luis tejido If it does, you need to fix your IDS/IPS. So yes, I'd say it works
awesome toys you make. Keep up the good work. Please!
vi > nano
nano > vi
notepad > vi
Darren Kitchen you know ... I love linux because this is still a debate. cheers
Nano>vi
You just said "setting up the payloads" twice. Just saying.
PC Planet more like 5x
Im ready to create some new payloads for mine
do know any advice like shark jack but for phone or we can use shark for phone not just comptr ?!
@@ravourd you can use a Bash Bunny to do keystroke injection on a phone, and some will even recognize it by ECM Ethernet. Storage too. There's an Android sub category in the github repo.
Can’t wait to see how many script kiddies get arrested with this .
Im using mine right now for work i have my employees plug it in the network to diagnose if our dvr and printer is online as well as grab the external ip and email it to me so i can update our services. Im making a script to make a list of authorized devices on the network and when they plug it in it scans for all devices on the network and notifies me of any new unauthorized devices
Loving the sharkjack! I expanded on the netrecon payload and added a port scan that pulls from a text file as well as a speedtester via speedtest-cli. The payload is getting pretty heavy though and my run time is pretty high. Add that to the 30sec load time, it gets uncomfortably close to the battery lifespan. Any tips on speeding up the boot time down from the 30 sec current? Also is the default LED status indicator modifiable? I'd like to make boot in Amber vs it's current green.
Awesome to hear! I'd love to see your port scanner and speedtester payload. Are you going to post them to the forums or send a pull request to the github payload repo?The ~30s boot time is already pretty optimized, but we'll take a crack at shaving it down some more now that we've gotten it to a pretty good point with v1.1.0. No - the green blink on boot isn't user configurable. If I'm not mistaken it's set by the bootloader, which isn't something you should be overwriting. We standardized on green for boot across most of the gear for consistency.
@@DarrenKitchen thanks Darren! I have some proprietary info in the script right now but once I'm finished I plan on converting the sensitive stuff to customizable variables in the header then sharing it with y'all.
opkg. Man, I've been installing packages on my router all wrong. :) thanks
Yt desperately recycling 4y old videos..
This device is amazing ..... What is the storage size if the loot data is something big... Does it have upgradable storage?
You've got about 20MB on the / partition with an additional 30MB in /tmp/
@@lmaoroflcopter there should be sd card slot to upgrade the storage ..
@@patrickben3924 there isn't though.
patrick ben I totally agree.
On these notes, could the exfil data be directly uploaded to the C2 and not remain on the Shark?
You said it waits for DHCP, but what if it doesn't get one? Like if a network is using ISE or something
I think it waits for an IP Adress and if it doesn’t detect a DHCP Server it scans the whole network (cha cha not really smooth)
Sadly I can't place an order to Bulgaria, so sad :(
Check our authorized resellers - global link at the bottom of the page
Hello@@DarrenKitchen i want to buy some of tool of hak5 can i buy that in philippines?
Can you essentially plus this into a router?
Yes
for me Shark Jack IP ends in 206 not 51, is there any way to catch what's the IP of Shark Jack when it's connected to switch?
Did you see how Elliot snagged the loot, 408 Request Timeout,. Cool hack 👍🏻
J. N. Yes quite deft.
Is it possible to replace the RJ-45 jack itself if the clip were to break?
Yes
How to get past nac security?
Depends on the security.
Mac based? Clone it.
Agent based? Relay it if possible. Crack it if not.
802.1x based... You done be buggered. Target the client instead.
I’m not a hacker and have never been interested in anything hacker related why is every single video you make being recommended to me now lmao. Is TH-cam telling me to become a hacker???
Join us. We have (your) cookies 🥠😁
Same, I thought it was because I watched some lockpicking videos, analog vs digital security.
Being a Hacker simply means you enjoy exploring the capabilities (both intentional and latent) of technology around you. TH-cam is just telling you to keep exploring :)
My shark never connects 🤔
Update returns "fatal error"
can you make a book? i want to learn but i find it difficult to know what to start with
try with BASICS omg :D ... what's that difficult?
You can find three volumes of The Hackers Playbook by Peter Kim @ Amazon. That's a good book for some beginners.
Just bought my SharkJack
Best new Hak5 go device ever!! Thanks ༼ つ ◕_◕ ༽つ
Is this based on openwrt linux? , because you play opkg command
My shark jack doesn’t work if not plugged to a charger, how do I fix that?
Can the usb c be used as a usb host? Soo plug a bluetooth dongle into it so now the air gapped network can send and receive stuff to your phone or just ssh into the shark that's on a air gapped network? Or use the shark as a usb network card...
So many possibilities for plugging usb things into a network let alone the shark as a hole O.O I really have to get a shark now.
yeah, and it learns to fly as well if you drop it from the 100th floor.
What about networks with mac filtering security protocols? Will it disable a network Port based by the mac?
the default password is not working ,,,
wont allow the default password of hak5shark
Pls Can Anyone help me to get this cool stuff in India.
Read all the important safety thingys
-1 for using ssh password instead of ssh key.
can I put it on a raspberry and emulate it?
I want to learn to hack
Hi im from indonesia .. Awam
Can you guys do something like hack around the planet like you and shannon hack eachother Hack wars?
is the black thing he's using jus tthe command prompt?
no but yes, like hes using linux os not mac not windows, just linux and it has its own terminal
Im baby
1:43 🙄 No it's not.
It has been said. It cannot be unsaid.
Hi
please tell me how can i purchase hak5 products, i live in India
It will never be available in places like India since you guys use this stuff to scam people.
@@6977warrior1
please dont jugde every Indian just because of some fools.
@@rishabhtomar2174 If that warrior dude was serious about generalizing well over a billion people as "scammers," then he should be ignored. Unless he is also acknowledging that unfortunately everyone else in the world is a bunch of scammers due to the fact that is how commerce works - that is if they are seeking successful gains. Surely not all business endeavors are equal in how ethical they are.
You're well aware of course, just wanted to shout out to the Indian homie.
Yes good but, its not avalible world-wide shipping only Us, Eu, Aus. Why not shipping worldwide?
Depending on the packages installed on it, it may be illegal to export it to many countries. Otherwise, their shipping provider or payment processor may be the limiting factor.
@@nilpo19 let say its true, there are ways to avoid this kind of problems, amazon products are world wide avalible, l am not having any problem reciving products from amazon. İf they would sale it at amazon wouldn't be any problem. Actually l write email to shop.hack5 their excuse is not about distriction or limitation of export.
You can make all the videos in the world there is only one toolkit that survives updates and technology SET. It's a toolkit that makes a entrepreneur envy
Lol you should not be using that tool if you cannot remember a couple ssh commands.
The man just got hit by a car on a bike and almost died, and probably sustained a brain injury from it. Cut him some slack for forgetting a few commands
Darren I know you're a free-software, free-help type guy but you could make a TON of money by creating a hacking video course(s)! BTW this vid was AWESOME! I'm buying a SharkJack right now...Oh! Sh*t!...you're out of the 'elite' kit...well...later...
I watched a tv show saying a air gap couldn't be hacked lol
I can see you don't use a vpn to upload your TH-cam videos
Men you actually genius how you command this shark jack I appreciate your work & enjoy it
Can I get free Wi-Fi on a cruise with that
take a pineapple
That thing is useless, opssie useful for the creators to pocket some goodies $$$
I hate where this channel is going. You neglect your other devices while you introduce new products. Good luck on your endeavors.
What would you like to see a video on next?
The world is changing.
@@DarrenKitchen I would love if you could make a "replicating our devices with rpi and arduino" series...I do understand you are not going to gain any money with that but that's what I'll like to see
@@DarrenKitchen More pen testing videos. But i hear TH-cam is gonna start cracking down on those types of videos. :(
@Darren Kitchen, please do not get me wrong, I enjoy seeing new devices. But it seems as though with each new device, the older devices are forgotten, which at some point is inevitable, I know. But I went from a MKV with all the bells and whistles to a Tetra, with the thought that if I upgrade that there will be an active community. I was wrong.
I mentioned before that there is a module that would not download, it hangs and was not fixed. Now we are talking about new devices. While fun, they are virtually impractical. Bait for skiddies!
Hak5 is not what it used to be. When there was Systm and The Broken with Kevin, before you joined Rev3, the old Hak point 5, awesome times, but now it is all forgotten and now the content seems to be more commercialized.