ambor Posted June 23, 2020 Share Posted June 23, 2020 Trying to use the Key Croc for an entirely simple purpose... to put a Mac automatically into recovery mode on a reboot (https://support.apple.com/en-au/HT201314). This is done by rebooting and then holding the COMMAND-R keys until a certain point. I just need the Key Croc to make the Mac see the COMMAND-R. This is being used in conjunction with a KVM to remotely re-build machines that are not easily accessible. The KVM can't send the correct keycode to invoke Recovery Mode and I was hoping that a KeyCroc could fake it a bit better. Something like this would be great - but you can't HOLD the CMD-R (and even with that attack mode command the Mac doesn't see the device as a genuine Apple keyboard) ATTACKMODE HID VID_0X05AC PID_0X0220 HOLD CMD-R Any ideas? Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted June 26, 2020 Share Posted June 26, 2020 Try the QUACK HOLD command, but that might do it. I'll give it a shot soon. See the section on HOLD and RELEASE at https://docs.hak5.org/hc/en-us/articles/360047381354-QUACK-and-Ducky-Script-2-0 Essentially you'd want to determine the scan code from the language json and pass it to QUACK HOLD. It looks like COMMAND-r from the us.json is 12,00,15 – so the command would be: QUACK HOLD 12,00,15 QUACK DELAY 5000 QUACK RELEASE That would hold COMMAND-r for 5 seconds. Quote Link to comment Share on other sites More sharing options...
ambor Posted June 29, 2020 Author Share Posted June 29, 2020 It looks like the COMMAND keys from us.json actually send a "CONTROL-SHIFT" on a Mac. Instead the GUI in us.json seems to be the macOS COMMAND key on the keyboard. But it seems that the HOLD function is not working right... if I run the following (using command-s instead of r, but should make no diff)... it doesn't do anything ATTACKMODE HID VID_0X05AC PID_0X0220 MAN_APPLE SN_0 QUACK HOLD 08,00,16 QUACK DELAY 5000 QUACK RELEASE But this seems to work QUACK GUI-s Of course I'd like it to be held rather than just pressed for an instant. Quote Link to comment Share on other sites More sharing options...
Aaron Outhier Posted July 13, 2020 Share Posted July 13, 2020 I wonder if the problem you are having has anything to do with the boot delay inherent in operating the KeyCroc. Basically, since the KeyCroc is an embedded Linux device, it takes about 15-20 seconds after the host computer turns on before the Croc will “do” anything. The MAC has only a limited window to hold down the CMD-R combo before continuing normal boot-up. As such, by the time the Croc “boots”, it might be too late to enter recovery. If you have access to a USB Y-adapter, such as the one that ships with the WiFi Pineapple Nano, you could try using that along with a USB power brick, so that you can make the KeyCroc power up first, and then power on the Mac. I hope that makes sense? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.