root: Update default payload

fix_package_url
Marc 2021-08-17 21:36:39 +01:00
parent 1fe19cb021
commit ed8d755436
No known key found for this signature in database
GPG Key ID: 0657563F705ACAAE
1 changed files with 27 additions and 67 deletions

View File

@ -2,81 +2,41 @@
# #
# Title: Sample Nmap Payload for Shark Jack # Title: Sample Nmap Payload for Shark Jack
# Author: Hak5 # Author: Hak5
# Version: 1.0 # Version: 1.2
# #
# Scans target subnet with Nmap using specified options. Saves each scan result # Scans target subnet with Nmap using specified options. Saves each scan result
# to loot storage folder. # to loot storage folder. Includes SERIAL_WRITE commands for Shark Jack Cable.
# #
# Red ...........Setup # LED SETUP ... Obtaining IP address from DHCP
# Amber..........Scanning # LED ATTACK ... Scanning
# Green..........Finished # LED FINISH ... Scan Complete
# #
# See nmap --help for options. Default "-sP" ping scans the address space for # See nmap --help for options. Default "-sP" ping scans the address space for
# fast host discovery. # fast host discovery.
echo "started payload" > /tmp/payload-debug.log
NMAP_OPTIONS="-sP --host-timeout 30s --max-retries 3" NMAP_OPTIONS="-sP --host-timeout 30s --max-retries 3"
LOOT_DIR=/root/loot/nmap LOOT_DIR=/root/loot/nmap
SCAN_DIR=/etc/shark/nmap
# Setup loot directory, DHCP client, and determine subnet
function finish() { SERIAL_WRITE [*] Setting up payload
LED CLEANUP
# Kill Nmap
wait $1
kill $1 &> /dev/null
# Sync filesystem
echo $SCAN_M > $SCAN_FILE
sync
sleep 1
LED FINISH
sleep 1
# Halt system
halt
}
function setup() {
LED SETUP LED SETUP
# Create loot directory mkdir -p $LOOT_DIR
mkdir -p $LOOT_DIR &> /dev/null COUNT=$(($(ls -l $LOOT_DIR/*.txt | wc -l)+1))
# Create tmp scan directory
mkdir -p $SCAN_DIR &> /dev/null
# Create tmp scan file if it doesn't exist
SCAN_FILE=$SCAN_DIR/scan-count
if [ ! -f $SCAN_FILE ]; then
touch $SCAN_FILE && echo 0 > $SCAN_FILE
fi
# Find IP address and subnet
NETMODE DHCP_CLIENT NETMODE DHCP_CLIENT
SERIAL_WRITE [*] Waiting for IP from DHCP
while [ -z "$SUBNET" ]; do while [ -z "$SUBNET" ]; do
sleep 1 && find_subnet sleep 1 && SUBNET=$(ip addr | grep -i eth0 | grep -i inet | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}[\/]{1}[0-9]{1,2}" | sed 's/\.[0-9]*\//\.0\//')
done done
} echo "Recieved IP address from DHCP" >> /tmp/payload-debug.log
function find_subnet() {
SUBNET=$(ip addr | grep -i eth0 | grep -i inet | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}[\/]{1}[0-9]{1,2}" | sed 's/\.[0-9]*\//\.0\//')
}
function run() {
# Run setup
setup
SCAN_N=$(cat $SCAN_FILE)
SCAN_M=$(( $SCAN_N + 1 ))
# Scan network
LED ATTACK LED ATTACK
# Start scan SERIAL_WRITE [*] Starting nmap scan...
nmap $NMAP_OPTIONS $SUBNET -oN $LOOT_DIR/nmap-scan_$SCAN_M.txt &>/dev/null & nmap $NMAP_OPTIONS $SUBNET -oN $LOOT_DIR/nmap-scan_$COUNT.txt
tpid=$! echo "scanned network" >> /tmp/payload-debug.log
LED FINISH
finish $tpid SERIAL_WRITE [*] Payload complete!
} sleep 2 && sync
# Run payload
run &