Jump to content

spywill

Active Members
  • Posts

    114
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by spywill

  1. This will scan for what OS the keycroc is plug into and start a ssh session automatically for that OS.

    The scan takes about 30-40 sec for the OS detection then the ssh session will start.

    Edit the payload for your keycroc passwd default is (hak5croc)

    tested on Windows,MacOS,Linux

    Thanks to Darren Kitchen video 

     

     

    # Title:         KeyCroc_ssh
    # Description:   Start ssh session automatically (takes about 30-40 sec to start because of OS detection)
    # Author:        Spywill / RootJunky
    # Version:       1.0
    # Category:      Key Croc
    #
    #
    MATCH crocssh
    LED ATTACK
    ATTACKMODE AUTO_ETHERNET
    GET TARGET_OS
    case $TARGET_OS in
        WINDOWS)
            ATTACKMODE HID
            LED R
            sleep 1
            Q GUI r
            sleep 1
            Q STRING "powershell"
            Q ENTER
            sleep 5
            Q STRING "ssh root@$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-)"
            Q ENTER
            sleep 2
            Q STRING "hak5croc"  #<--Edit KEYCROC_PASSWD_HERE
            Q ENTER
            sleep 2
            # press control + c to exit
            Q STRING "echo -e \"\033[33;4;1mcontrol + c to exit this live key log\033[0m\""             
            Q ENTER
            sleep 2
            Q STRING "cd loot"
            Q ENTER
            sleep 1
            Q STRING "tail -f croc_char.log"
            Q ENTER;;
        MACOS)
            ATTACKMODE HID
            LED G
            sleep 1
            Q GUI-SPACE
            sleep 1
            Q STRING "terminal"
            Q ENTER
            sleep 2
            Q STRING "ssh root@$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-)"
            Q ENTER
            sleep 2
            Q STRING "hak5croc"  #<--Edit KEYCROC_PASSWD_HERE
            Q ENTER
            sleep 2
            # press control + c to exit
            Q STRING "echo -e \"\033[33;4;1mcontrol + c to exit this live key log\033[0m\""             
            Q ENTER
            sleep 2
            Q STRING "cd loot"
            Q ENTER
            sleep 1
            Q STRING "tail -f croc_char.log"
            Q ENTER;;
        LINUX)
            ATTACKMODE HID
            LED B
            sleep 1
            Q ALT F2
            sleep 1
            Q STRING "xterm"
            Q ENTER
            sleep 2
            Q STRING "ssh root@$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-)"
            Q ENTER
            sleep 2
            Q STRING "hak5croc"  #<--Edit KEYCROC_PASSWD_HERE
            Q ENTER
            sleep 2
            # press control + c to exit
            Q STRING "echo -e \"\033[33;4;1mcontrol + c to exit this live key log\033[0m\""             
            Q ENTER
            sleep 2
            Q STRING "cd loot"
            Q ENTER
            sleep 1
            Q STRING "tail -f croc_char.log"
            Q ENTER;;
    esac

     

  2. sorry I don't know what gta is but what i can tell is that you want to open up a menu by using SHIFT-~ and this will open up some type of search bar then you want to type in painkiller and this will start what ever you are trying to start is this right?

    If so this is how i would do it

    Be careful with using MATCH words because everytime you enter the number 10 this will start this payload even if you are not using this gta.

    MATCH 10
    LED ATTACK
    sleep 1
    Q SHIFT-~
    sleep 1
    Q STRING "painkiller"
    Q ENTER
    LED FINISH

     

  3. 21 minutes ago, RedJ0ka said:

    I was thinking about to get both, but when i can use the key-croc for keystroke injection like a rubber-ducky (or bash bunny) - without a plugged in Keyboard, i will buy the key-croc. I would love to use the Keylogger features and payloads, but the most time im facing some Laptops in my workplace, so there is not often the possibility / need to plug in a keyboard.


    Thanks for your reply!

    the keycroc was not design for a Laptop more for Desktop so you can hide it yes you need a keyboard plug in the keycroc

    I have not tested this yet but if you get your keycroc online then ssh into it you may be able to run payloads with out a keyboard 

    or run them from Cloud C2

  4. 2 hours ago, RedJ0ka said:

    Hey Dudes,

    at the Moment im struggelging to buy a bash bunny OR a key croc. I understand, that the Key - Croc perform key-logging and execute payloads when keyboard inputs macht against the script. But will the key croc work without an Keyboard ? Can i perform the execution of scripts without an Keyboard (like bash bunny or rubber ducky)? It would be great to use the key-logging features, but i need a device wich works without a connected keyboard too... i cant find any hint in the documentation.


    Thanks in advantage

    Dom

    This is just my opinion get them both they are great working gear it's all depend what you want to do with them and for payloads make them yourself for what you want them to do

    hope this helps

  5. Hi

    been play around with payloads with my keyCroc

    when i use the STRING " " with numbers it will not print the number.

    as you can see with the output no numbers get printed 

    I tried without the quotient and i get the same result

    so how do you get to print number in a string?

    this is the payload 

    MATCH 12
    QUACK STRING "1"
    QUACK ENTER
    QUACK STRING "2"
    QUACK ENTER
    QUACK STRING "3"
    QUACK ENTER
    QUACK STRING "100"
    QUACK ENTER
    QUACK STRING "\100"
    QUACK ENTER
    QUACK STRING "\$300"
    QUACK ENTER
    QUACK STRING "\$1"
    QUACK ENTER
    QUACK STRING "$1"
    QUACK ENTER

    this is the output in terminal
    └──╼ $12 - this is the match
    └──╼ $
    └──╼ $~
    └──╼ $^[[2~
    └──╼ $\^[[2~
    └──╼ $$~^[[2~
    └──╼ $$

    this is the output in text editor notepad

    12

     

     

     

     

     

    \

    $

    $

     

    I know about

    "1234"   - str - string

    1234     -int - intrgers

    int()        -convert a str to a int

    and so on

    does this work the same for the croc?

     

    can anyone else get the 

    QUACK STRING " " with any numbers between the quotient to print back or is it just my croc?

    any help thanks

     

     

     

     

     

     

     

×
×
  • Create New...