shark-files/usr/bin/shark_framework

#!/bin/bash

LOG="logger -t Shark [*]"
LOG_ERR="logger -t Shark -p 3 [!]"

MODE="OFF"
SWITCH_POSITION=$(/usr/bin/SWITCH)

function upgrade_leds() {
    /usr/bin/LED OFF
    while true
    do
        echo 1 > /sys/class/leds/shark:red:system/brightness
        sleep 0.2
        echo 0 > /sys/class/leds/shark:red:system/brightness
        echo 1 > /sys/class/leds/shark:blue:system/brightness
        sleep 0.2
        echo 0 > /sys/class/leds/shark:blue:system/brightness
    done
}

# $1: Upgrade file
# $2: MD5 file
# $3: Upgrade file size in bytes
function extract_md5() {
    dd if=$1 of=$2 skip=$3 bs=1 count=33
}

# $1: Upgrade file
# $2: MD5 file
function verify_md5() {
    expected=$(cat $2)
    checksum=$(md5sum $1 | awk '{print $1}')
    [[ $expected = $checksum ]] && {
        return 0
    }
    return 1
}

# $1: Upgrade file
# $2: Upgrade file size in bytes
function truncate_upgrade() {
    dd if=/dev/null of=$1 bs=1 seek=$2
}

function execute_upgrade() {
    # Check for upgrade file in default location
    $LOG "Checking for firmware upgrade"
    upgrade_file=$(ls /root/upgrade-*.bin 2>/dev/null | tail -n1)

    [[ -f $upgrade_file ]] && {
        # Upgrade file found
        $LOG "Firmware upgrade found"

        $LOG "Verifying firmware upgrade"
        upgrade_file_size=$(( $(ls -l $upgrade_file | awk '{print $5}') - 33 ))

        # Extract md5sum from upgrade file
        extract_md5 $upgrade_file /tmp/upgrade.md5 $upgrade_file_size

        cp $upgrade_file /tmp/upgrade.bin
        truncate_upgrade /tmp/upgrade.bin $upgrade_file_size

        # Verify upgrade file
        verify_md5 /tmp/upgrade.bin /tmp/upgrade.md5 || {
            # Upgrade file not verified; exit
            $LOG "Firmware upgrade not verified. File may be corrupt"
            LED FAIL &
            return 1
        }
        $LOG "Firmware upgrade verified"
        LED OFF && LED SUCCESS

        # Check battery state first
        $LOG "Checking device power state"
        battery_state=$(/usr/bin/BATTERY)
        [[ $battery_state = "discharging" ]] && {
            # Device is not plugged in
            $LOG "Device is not powered. Do not attempt firmware upgrade"
            return 1
        }
        $LOG "Device is powered"

        # Remove upgrade file
        rm -rf $upgrade_file
        sync

        # Upgrade file verified; run upgrade
        $LOG "Executing UPGRADE"
        sleep 2 && upgrade_leds &
        echo "sysupgrade -n /tmp/upgrade.bin" | at now

        exit
    } || {
        # Upgrade file not found; enter arming mode
        $LOG "Firmware upgrade not found"
        return 1
    }
}

function wait_for_link() {
    LED LINKSETUP
    until swconfig dev switch0 port 0 get link | grep -q 'link:up'; do
        sleep 1
    done
    LED SETUP
}

function configure_network() {
    cp "/usr/lib/hak5/shark/config/${SWITCH_POSITION}/network" /etc/config/network
    /etc/init.d/network restart
}

function start_http() {
    /etc/init.d/uhttpd start
}

function stop_http() {
    /etc/init.d/uhttpd stop
}

function start_ssh() {
    /etc/init.d/sshd start
}

function stop_ssh() {
    /etc/init.d/sshd stop
}

function enter_attack_mode() {
    $LOG "Entering ATTACK mode"
    MODE="ATTACK"
    /usr/bin/LED OFF

    configure_network
    stop_http
    stop_ssh

    wait_for_link
    echo "execute_payload" | at now

    enter_idle_mode
}

function enter_arming_mode() {
    $LOG "Entering ARMING mode"
    MODE="ARMING"
    /usr/bin/LED OFF

    configure_network
    start_http
    start_ssh

    enter_idle_mode
}

function enter_off_mode() {
    $LOG "Entering OFF mode"
    MODE="OFF"
    /usr/bin/LED OFF

    stop_http
    stop_ssh

    enter_idle_mode
}

function enter_idle_mode() {
    $LOG "Entering IDLE mode"
    while true
    do
        if [[ $MODE = "ARMING" ]] || [[ $MODE = "OFF" ]]; then
            #ARMING mode is basically always idle which means this overrides user LED
            #status once per second.  Don't override user status with idle status.
            #pgrep LED > /dev/null || /usr/bin/LED whatever
            BATTERY_STATE=$(/usr/bin/BATTERY)
            case $BATTERY_STATE in
                "charging")
                    pgrep LED > /dev/null || /usr/bin/LED B SLOW
                    ;;
                "full")
                    pgrep LED > /dev/null || /usr/bin/LED B
                    ;;
                *)
                    pgrep LED > /dev/null || /usr/bin/LED Y SLOW
                    if [[ $MODE = "OFF" ]]; then
                        sleep 2 && halt
                    fi
                    ;;
            esac
        fi

        SWITCH_POSITION=$(/usr/bin/SWITCH)
        case $SWITCH_POSITION in
            "switch3")
                if [[ $MODE != "ATTACK" ]]; then
                    enter_attack_mode
                fi
                ;;
            "switch2")
                if [[ $MODE != "ARMING" ]]; then
                    execute_upgrade || enter_arming_mode
                fi
                ;;
            *)
                if [[ $MODE != "OFF" ]]; then
                    enter_off_mode
                fi
                ;;
        esac
        sleep 1
    done
}


function run() {
    case $SWITCH_POSITION in
        "switch3")
            enter_attack_mode
            ;;
        "switch2")
            execute_upgrade || enter_arming_mode
            ;;
        *)
            enter_off_mode
            ;;
    esac
}


# Start framework after a short wait
sleep 2
run &> /dev/null &
Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00			`#!/bin/bash`

			`LOG="logger -t Shark [*]"`
			`LOG_ERR="logger -t Shark -p 3 [!]"`

			`MODE="OFF"`
			`SWITCH_POSITION=$(/usr/bin/SWITCH)`

			`function upgrade_leds() {`
			`/usr/bin/LED OFF`
			`while true`
			`do`
			`echo 1 > /sys/class/leds/shark:red:system/brightness`
			`sleep 0.2`
			`echo 0 > /sys/class/leds/shark:red:system/brightness`
			`echo 1 > /sys/class/leds/shark:blue:system/brightness`
			`sleep 0.2`
			`echo 0 > /sys/class/leds/shark:blue:system/brightness`
			`done`
			`}`

			`# $1: Upgrade file`
			`# $2: MD5 file`
			`# $3: Upgrade file size in bytes`
			`function extract_md5() {`
			`dd if=$1 of=$2 skip=$3 bs=1 count=33`
			`}`

			`# $1: Upgrade file`
			`# $2: MD5 file`
			`function verify_md5() {`
			`expected=$(cat $2)`
			`checksum=$(md5sum $1 \| awk '{print $1}')`
			`[[ $expected = $checksum ]] && {`
			`return 0`
			`}`
			`return 1`
			`}`

			`# $1: Upgrade file`
			`# $2: Upgrade file size in bytes`
			`function truncate_upgrade() {`
			`dd if=/dev/null of=$1 bs=1 seek=$2`
			`}`

			`function execute_upgrade() {`
			`# Check for upgrade file in default location`
			`$LOG "Checking for firmware upgrade"`
			`upgrade_file=$(ls /root/upgrade-*.bin 2>/dev/null \| tail -n1)`

			`[[ -f $upgrade_file ]] && {`
			`# Upgrade file found`
			`$LOG "Firmware upgrade found"`

			`$LOG "Verifying firmware upgrade"`
			`upgrade_file_size=$(( $(ls -l $upgrade_file \| awk '{print $5}') - 33 ))`

			`# Extract md5sum from upgrade file`
			`extract_md5 $upgrade_file /tmp/upgrade.md5 $upgrade_file_size`

			`cp $upgrade_file /tmp/upgrade.bin`
			`truncate_upgrade /tmp/upgrade.bin $upgrade_file_size`

			`# Verify upgrade file`
			`verify_md5 /tmp/upgrade.bin /tmp/upgrade.md5 \|\| {`
			`# Upgrade file not verified; exit`
			`$LOG "Firmware upgrade not verified. File may be corrupt"`
			`LED FAIL &`
			`return 1`
			`}`
			`$LOG "Firmware upgrade verified"`
			`LED OFF && LED SUCCESS`

			`# Check battery state first`
			`$LOG "Checking device power state"`
			`battery_state=$(/usr/bin/BATTERY)`
			`[[ $battery_state = "discharging" ]] && {`
			`# Device is not plugged in`
			`$LOG "Device is not powered. Do not attempt firmware upgrade"`
			`return 1`
			`}`
			`$LOG "Device is powered"`

			`# Remove upgrade file`
			`rm -rf $upgrade_file`
			`sync`

			`# Upgrade file verified; run upgrade`
			`$LOG "Executing UPGRADE"`
			`sleep 2 && upgrade_leds &`
			`echo "sysupgrade -n /tmp/upgrade.bin" \| at now`

			`exit`
			`} \|\| {`
			`# Upgrade file not found; enter arming mode`
			`$LOG "Firmware upgrade not found"`
			`return 1`
			`}`
			`}`

wait_for_link don't blindly execute the payload, wait for a link first at least 2019-12-12 15:27:59 +00:00			`function wait_for_link() {`
fix indent for my master, foxtrot 2019-12-12 16:43:27 +00:00			`LED LINKSETUP`
okay, that was mii fault mii-tool doesn't work on the SIX PORT SWITCH that the shark thinks it is. Foxtrot was kind enough to point me to swconfig. This is tested and functional :us: :us: :rocket: :gb: 2019-12-13 02:08:17 +00:00			`until swconfig dev switch0 port 0 get link \| grep -q 'link:up'; do`
fix indent for my master, foxtrot 2019-12-12 16:43:27 +00:00			`sleep 1`
			`done`
			`LED SETUP`
wait_for_link don't blindly execute the payload, wait for a link first at least 2019-12-12 15:27:59 +00:00			`}`

Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00			`function configure_network() {`
add extension support 2019-12-12 18:46:46 +00:00			`cp "/usr/lib/hak5/shark/config/${SWITCH_POSITION}/network" /etc/config/network`
Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00			`/etc/init.d/network restart`
			`}`

			`function start_http() {`
			`/etc/init.d/uhttpd start`
			`}`

			`function stop_http() {`
			`/etc/init.d/uhttpd stop`
			`}`

			`function start_ssh() {`
			`/etc/init.d/sshd start`
			`}`

			`function stop_ssh() {`
			`/etc/init.d/sshd stop`
			`}`

			`function enter_attack_mode() {`
			`$LOG "Entering ATTACK mode"`
			`MODE="ATTACK"`
			`/usr/bin/LED OFF`

			`configure_network`
			`stop_http`
			`stop_ssh`

wait_for_link don't blindly execute the payload, wait for a link first at least 2019-12-12 15:27:59 +00:00			`wait_for_link`
this is how it works right ¯\_(ツ)_/¯ 2019-12-28 03:15:11 +00:00			`echo "execute_payload" \| at now`
Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00
			`enter_idle_mode`
			`}`

			`function enter_arming_mode() {`
			`$LOG "Entering ARMING mode"`
			`MODE="ARMING"`
			`/usr/bin/LED OFF`

			`configure_network`
			`start_http`
			`start_ssh`

			`enter_idle_mode`
			`}`

			`function enter_off_mode() {`
			`$LOG "Entering OFF mode"`
			`MODE="OFF"`
			`/usr/bin/LED OFF`

			`stop_http`
			`stop_ssh`

			`enter_idle_mode`
			`}`

			`function enter_idle_mode() {`
			`$LOG "Entering IDLE mode"`
			`while true`
			`do`
			`if [[ $MODE = "ARMING" ]] \|\| [[ $MODE = "OFF" ]]; then`
do not override user led in ARMING mode arming mode basically sits in idle mode all the time, which means led status is set once per second. this makes it impossible to set user led status in arming mode (testing, development, whatever). Add a simple check to not override user set led status. 2019-12-13 20:03:39 +00:00			`#ARMING mode is basically always idle which means this overrides user LED`
			`#status once per second. Don't override user status with idle status.`
			`#pgrep LED > /dev/null \|\| /usr/bin/LED whatever`
Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00			`BATTERY_STATE=$(/usr/bin/BATTERY)`
			`case $BATTERY_STATE in`
			`"charging")`
do not override user led in ARMING mode arming mode basically sits in idle mode all the time, which means led status is set once per second. this makes it impossible to set user led status in arming mode (testing, development, whatever). Add a simple check to not override user set led status. 2019-12-13 20:03:39 +00:00			`pgrep LED > /dev/null \|\| /usr/bin/LED B SLOW`
Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00			`;;`
			`"full")`
do not override user led in ARMING mode arming mode basically sits in idle mode all the time, which means led status is set once per second. this makes it impossible to set user led status in arming mode (testing, development, whatever). Add a simple check to not override user set led status. 2019-12-13 20:03:39 +00:00			`pgrep LED > /dev/null \|\| /usr/bin/LED B`
Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00			`;;`
			`*)`
do not override user led in ARMING mode arming mode basically sits in idle mode all the time, which means led status is set once per second. this makes it impossible to set user led status in arming mode (testing, development, whatever). Add a simple check to not override user set led status. 2019-12-13 20:03:39 +00:00			`pgrep LED > /dev/null \|\| /usr/bin/LED Y SLOW`
Files: Initial commit of Shark files 2019-12-11 21:11:53 +00:00			`if [[ $MODE = "OFF" ]]; then`
			`sleep 2 && halt`
			`fi`
			`;;`
			`esac`
			`fi`

			`SWITCH_POSITION=$(/usr/bin/SWITCH)`
			`case $SWITCH_POSITION in`
			`"switch3")`
			`if [[ $MODE != "ATTACK" ]]; then`
			`enter_attack_mode`
			`fi`
			`;;`
			`"switch2")`
			`if [[ $MODE != "ARMING" ]]; then`
			`execute_upgrade \|\| enter_arming_mode`
			`fi`
			`;;`
			`*)`
			`if [[ $MODE != "OFF" ]]; then`
			`enter_off_mode`
			`fi`
			`;;`
			`esac`
			`sleep 1`
			`done`
			`}`


			`function run() {`
			`case $SWITCH_POSITION in`
			`"switch3")`
			`enter_attack_mode`
			`;;`
			`"switch2")`
			`execute_upgrade \|\| enter_arming_mode`
			`;;`
			`*)`
			`enter_off_mode`
			`;;`
			`esac`
			`}`


			`# Start framework after a short wait`
			`sleep 2`
			`run &> /dev/null &`