cover

Introduction

Lichee-Jack is a low-cost, fully open-source, DIY LAN attack & penetration-testing gadget, inspired by tools like the Hak5 Shark Jack, but redesigned from the ground up for RISC-V, Linux, and hackability-first principles.

It is built around the Sipeed LicheeRV Nano (SG2002, RISC-V) platform and runs a custom Debian GNU/Linux system, turning a tiny Ethernet-connected device into a powerful social-engineering and post-exploitation assistant.

Lichee-Jack is not a clone of Shark Jack. It is an independent open-source project, focusing on:

  • Transparency over black-box firmware
  • Linux-native workflows
  • DIY hardware and reproducible builds
  • Community-driven development

Why Lichee-Jack?

Many commercial penetration-testing gadgets are:

  • Closed-source
  • Expensive
  • Difficult to customize at a low level
  • Locked to vendor ecosystems

Lichee-Jack aims to be the opposite:

  • Fully open-source (software, hardware, PCB, 3D models)
  • Low-cost and accessible to students, makers, and researchers
  • Real Linux system, not a stripped-down RTOS
  • Hackable by design, from bootloader to payload scripts

If you are comfortable with Linux, shell scripts, networking, and embedded devices, Lichee-Jack is meant for you.

Hardware Overview

  • SoC: SG2002 (RISC-V)
  • Board: Sipeed LicheeRV Nano
  • Ethernet: 10/100 Mbps onboard GMAC
  • USB: USB 2.0 device (USB gadget mode)
  • Storage: microSD
  • Power: USB-powered
  • Form factor: Compact, pocket-sized

The hardware design, PCB files, and accessories are all released as open hardware.

Software Stack

Lichee-Jack runs a custom Debian GNU/Linux (stable) image with:

  • Custom bootloader (DAS U-Boot)
  • Minimal kernel configuration
  • Systemd init system
  • Modular startup services
  • Payload-driven execution model

USB Gadget Functions

Powered by gt (linux-usb-gadgets), Lichee-Jack supports:

  • CDC-ECM
  • RNDIS
  • HID
  • Mass Storage (payload-dependent)

The USB role is dynamically switched based on hardware mode and payload logic.

Core Concept: Payload-Driven Attacks

Lichee-Jack operates using payload scripts, similar in spirit to BashBunny or Shark Jack, but with fewer restrictions.

Payloads can:

  • Scan and fingerprint local networks
  • Perform ARP, DHCP, or DNS-based attacks
  • Act as a USB Ethernet or HID device
  • Exfiltrate data over LAN or USB
  • Control LEDs and system behavior

Because it is a full Linux system, payloads are just shell scripts, Python, or native binaries.

LEDs, Shared Memory & Daemons

Lichee-Jack includes lightweight system daemons such as:

  • shmled – shared-memory LED controller
  • jackstart – core system control logic
  • Optional networking and utility services

These components communicate via shared memory, allowing fast state updates without heavy IPC overhead.

DIY-Friendly by Design

This project is intentionally designed for:

  • Makers
  • Students
  • Security researchers
  • Open-source contributors

You can:

  • Build the system image from source
  • Modify kernel configs
  • Add your own daemons
  • Design your own enclosure
  • Manufacture PCBs independently

Even partial builds (software-only or hardware-only) are supported.

Licensing & Open Source

Lichee-Jack is a fully open-source project:

  • Software: GPLv3
  • PCB & hardware design: GPLv3
  • 3D models / STL: CC-BY-SA 4.0

This ensures that all derivatives remain open and community-friendly.

Lichee-Jack is intended only for legal security testing, education, and research.

You are responsible for:

  • Obtaining proper authorization
  • Complying with local laws
  • Using this device ethically

The author and contributors take no responsibility for misuse.

Project Status

  • Active development
  • System images available
  • Features evolving rapidly
  • Contributions welcome

Sales and distribution are still being prepared. This remains a community-first open-source project.

Learn More

If you love Linux, open hardware, and hands-on security research — welcome aboard.