RedJ0ka Posted August 3, 2020 Share Posted August 3, 2020 Hey Dudes, at the Moment im struggelging to buy a bash bunny OR a key croc. I understand, that the Key - Croc perform key-logging and execute payloads when keyboard inputs macht against the script. But will the key croc work without an Keyboard ? Can i perform the execution of scripts without an Keyboard (like bash bunny or rubber ducky)? It would be great to use the key-logging features, but i need a device wich works without a connected keyboard too... i cant find any hint in the documentation. Thanks in advantage Dom Link to comment Share on other sites More sharing options...
spywill Posted August 3, 2020 Share Posted August 3, 2020 2 hours ago, RedJ0ka said: Hey Dudes, at the Moment im struggelging to buy a bash bunny OR a key croc. I understand, that the Key - Croc perform key-logging and execute payloads when keyboard inputs macht against the script. But will the key croc work without an Keyboard ? Can i perform the execution of scripts without an Keyboard (like bash bunny or rubber ducky)? It would be great to use the key-logging features, but i need a device wich works without a connected keyboard too... i cant find any hint in the documentation. Thanks in advantage Dom This is just my opinion get them both they are great working gear it's all depend what you want to do with them and for payloads make them yourself for what you want them to do hope this helps Link to comment Share on other sites More sharing options...
RedJ0ka Posted August 3, 2020 Author Share Posted August 3, 2020 4 minutes ago, spywill said: This is just my opinion get them both they are great working gear it's all depend what you want to do with them and for payloads make them yourself for what you want them to do hope this helps I was thinking about to get both, but when i can use the key-croc for keystroke injection like a rubber-ducky (or bash bunny) - without a plugged in Keyboard, i will buy the key-croc. I would love to use the Keylogger features and payloads, but the most time im facing some Laptops in my workplace, so there is not often the possibility / need to plug in a keyboard. Thanks for your reply! Link to comment Share on other sites More sharing options...
spywill Posted August 3, 2020 Share Posted August 3, 2020 21 minutes ago, RedJ0ka said: I was thinking about to get both, but when i can use the key-croc for keystroke injection like a rubber-ducky (or bash bunny) - without a plugged in Keyboard, i will buy the key-croc. I would love to use the Keylogger features and payloads, but the most time im facing some Laptops in my workplace, so there is not often the possibility / need to plug in a keyboard. Thanks for your reply! the keycroc was not design for a Laptop more for Desktop so you can hide it yes you need a keyboard plug in the keycroc I have not tested this yet but if you get your keycroc online then ssh into it you may be able to run payloads with out a keyboard or run them from Cloud C2 Link to comment Share on other sites More sharing options...
RedJ0ka Posted August 3, 2020 Author Share Posted August 3, 2020 1 hour ago, spywill said: the keycroc was not design for a Laptop more for Desktop so you can hide it yes you need a keyboard plug in the keycroc I have not tested this yet but if you get your keycroc online then ssh into it you may be able to run payloads with out a keyboard or run them from Cloud C2 Thanks for your support. I have ordered a Bash Bunny, I think this device should match my criterias for the beginning. Link to comment Share on other sites More sharing options...
soh_hos Posted January 1, 2021 Share Posted January 1, 2021 You can use the KeyCroc also without a Keyboard. Just remove the "Match" keyword from your payloads and the attack will be executed right after pluging in the KeyCroc at the USB Port of your Laptop Link to comment Share on other sites More sharing options...
lartsch Posted August 21, 2021 Share Posted August 21, 2021 Like soh_hos said, the Key Croc can be used like a Bash Bunny by omitting any MATCH commands in the payload. Also see my framework fix for more reliable matchless payload detection. You can basically do anything with the Key Croc you can do with Bash Bunny, but Key Croc can additionally be used as a hardware keylogger and features a WiFi module, opening some more possiblities for exploitation / red teaming scenarios. By modifying the firmware you can also host a AP on the Key Croc, really useful. Just the firmware/framework has its problems, also the 2GB udisk is too small for today's requirements. The Bash Bunny Mark II though has a low energy BT module for geofencing and remote triggering, something a Key Croc Mark II will hopefully get as well Link to comment Share on other sites More sharing options...
chrizree Posted August 22, 2021 Share Posted August 22, 2021 WAIT and REQUIRE_TOOL isn't implemented in the Croc, right?! Not WAIT_FOR_PRESENT or WAIT_FOR_NOTPRESENT since the Croc has no BT, not SWITCH either, but that's all understandable and logic since the Croc has no physical switch. So they are not 100% similar. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.