Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

RootJunky's Achievements

  1. RootJunkys Video Guides I have created a bunch of video tutorials for the Key Croc. These video will hopefully help those of you on the forum that are having problems or just want to learn more about the devices. Hak5 official docs on the Croc are amazing but some times its hard to translate them to real world use. I hope you guys enjoy these videos. Introduction to the Key Croc Key Logger by Hak5 Key Croc key logger firmware restore and or Upgrade How to Factory Reset the Key Croc Key Logger by Hak5 Key Croc WiFi Setup and SSH shell access Key Croc intro to payloads and Nano editor Key Croc Payload Windows Password Grabber and Num Lock error. If there is something you guys would like to see covered in a video please comment below and I will see what I can do. Remember you can find the Official docs for the Key Croc here. https://docs.hak5.org/hc/en-us/categories/360003797793-Key-Croc Also the latest firmware here. https://downloads.hak5.org/croc RootJunky out.
  2. you got it right but I myself have not fully tested this feature. also what firmware version are you on.
  3. QUACK LOCK is a now bug and doesnt work at this time. WAIT_FOR_KEYBOARD_INACTIVITY 10 This command requires the interval at the end like above in seconds.
  4. well how's it going did that work? Also just a note the numlock has to be on on your keyboard for these and any payload to work correctly if you didnt already know.
  5. I know how to edit the config file as seen here https://github.com/rootjunky/keycroc-payloads/blob/master/library/examples/wifispot.txt that is not what i am asking. I want to know what these do. Framework helpers https://docs.hak5.org/hc/en-us/articles/360048190473-Helpful-Payload-Snippets Run GET_HELPERS on your keycroc.
  6. I just want to know what what they do. you can leave it up to me to figure out if i want to use them.
  7. MATCH back Q GUI r Q STRING powershell Q ENTER Q STRING Start-Process "powershell" -Verb RunAs Q ENTER Q DELAY 10000 Q KEYCODE 00,00,50 Q ENTER Q STRING \$Password = Read-Host -AsSecureString p4ssw0rd Here is my script that i added a couple changes to. I gave you the wrong escape before. It is the forward slash \ as you can see in the payload above. The \ escapes the $ which is run on the linux match as a bash command and now with the \ is ignored and types it to the powershell window instead. you will need the \ before every $ in your script. Q KEYCODE 00,00,50 is the left arrow button 🙂 auto admin permission.
  8. ok i think i see your problem. You have to remember that the Keycroc is a linux device and some commands are seen as bash on that device when typed with Q STRING in your powershell window. you should try putting those commands that mess up inside of "" or () also you can escape the linux bash with / in front of the part of the sting that messes up. good luck let me know if that works for you.
  9. please run my croc info script and give me the output. also can you link one of the scripts you are trying to run on the keycroc. Also what does your config.txt file look like. Having these would be very helpful for trouble shooting. I will try and help if i can.
  10. I would love to have some more explanation of that this commands all do. ENABLE_WIFI ENABLE_INTERFACE START_WLAN_DHCP CLEAR_WIFI_CONFIG CONFIG_PSK_WIFI CONFIG_OPEN_WIFI I see that CLEAR_WIFI_CONFIG will rm /etc/wpa_supplicant.conf but I cant seem to get any of the other commands in my payload to work like ENABLE_WIFI 'SSID' 'PASSWORD' will not edit the /etc/wpa_supplicant.conf or the config.txt file so i am not sure what these commands do. Maybe they are broken. Please help.
  11. This is a simple payload that is used to clear the log files stored in the KeyCroc. This gives you a clean slate to work with on a new machine and not have to look at all of the old key strokes. Great for development and testing. # Title: croc log clear # Description: crocclear = keycroc log files wipe # Author: Rootjunky # Version: 1.0 # Category: Key Croc # MATCH crocclear QUACK LOCK echo > /root/loot/croc_char.log echo > /root/loot/croc_raw.log echo > /root/loot/matches.log QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK UNLOCK LED FINISH Q DELAY 2000 LED OFF Developed by Rootjunky. croc-clear.txt
  12. totally agree this needs to be fixed in firmware version 1.4
  13. yes you nailed it when num lock is on i get 12 1 2 3 When num lock is off i get 12 Nothing as you can see but the enters.
  14. I just tested my Croc for number typing and it works just fine. Payload MATCH 12 QUACK ENTERQUACK STRING "1"QUACK ENTERQUACK STRING "2"QUACK ENTERQUACK STRING "3"QUACK ENTER typed 12 1 2 3 In fact when i typed twelve above it auto ran the Payload and typed the 1 2 3.
  15. something like this might work but if you mess it up you might loose your SSH connection to the croc. https://computingforgeeks.com/create-wi-fi-hotspot-on-ubuntu-debian-fedora-centos-arch/
  • Create New...