Jump to content

ISSUES WITH PAYLOADS NOT EXECUTING AS TYPED IN NOTEPAD


Jscott3717
 Share

Recommended Posts

I have written several scripts for the keycroc and when the MATCH is triggered the payload fails because it not typing my STRING correctly or as I have typed it in the file??!!

I have used multiple keyboards and the one I am currently using is a logitech wireless model k360  This is driving me nuts  Any comment or suggestions would be appreciated  Thank

you 

Link to comment
Share on other sites

6 hours ago, Jscott3717 said:

I have written several scripts for the keycroc and when the MATCH is triggered the payload fails because it not typing my STRING correctly or as I have typed it in the file??!!

I have used multiple keyboards and the one I am currently using is a logitech wireless model k360  This is driving me nuts  Any comment or suggestions would be appreciated  Thank

you 

please run my croc info script and give me the output. also can you link one of the scripts you are trying to run on the keycroc. Also what does your config.txt file look like. Having these would be very helpful for trouble shooting. I will try and help if i can. 

  • Like 1
Link to comment
Share on other sites

ok i think i see your problem. You have to remember that the Keycroc is a linux device and some commands are seen as bash on that device when typed with Q STRING in your powershell window. you should try putting those commands that mess up inside of "" or () also you can escape the linux bash with / in front of the part of the sting that messes up.   

good luck let me know if that works for you. 

Link to comment
Share on other sites

RootJunky. Thank you for your reply. I have tried the script with and without “” already.   I have not tried the () or the /.  I will not be at a computer for a few hours as I am working. Is it possible for you to post an example line from my script showing your method of syntax??  Thank you 

Link to comment
Share on other sites

7 hours ago, Jscott3717 said:

RootJunky. Thank you for your reply. I have tried the script with and without “” already.   I have not tried the () or the /.  I will not be at a computer for a few hours as I am working. Is it possible for you to post an example line from my script showing your method of syntax??  Thank you 


MATCH back
Q GUI r
Q STRING powershell
Q ENTER
Q STRING Start-Process "powershell" -Verb RunAs
Q ENTER
Q DELAY 10000
Q KEYCODE 00,00,50
Q ENTER
Q STRING \$Password = Read-Host -AsSecureString p4ssw0rd

 

Here is my script that i added a couple changes to. 

I  gave you the wrong escape before. It is the forward slash \ as you can see in the payload above. The \ escapes the $ which is run on the linux match as a bash command and now with the \ is ignored and types it to the powershell window instead. 

you will need the \ before every $ in your script. 

Q KEYCODE 00,00,50 is the left arrow button 🙂 auto admin permission. 

Link to comment
Share on other sites

On 10/22/2020 at 5:39 PM, Jscott3717 said:

Thank you sir  I will try this after class  Much appreciated

 

well how's it going did that work?  Also just a note the numlock has to be on on your keyboard for these and any payload to work correctly if you didnt already know. 

Link to comment
Share on other sites

so It did not work initially  And I looked into the numberlock issue also  That was not the problem  HOWEVER the problem did happen to be related to the numbers

I noticed after slowing the payload down that every time I tried to execute a number the script would fail  It would not output any numbers on the screen  After further investigation, this problem was related to the fact that I was using the corsair (problem keyboard) to write the script in Notepad...... If i type the numbers in the script using the logitech keyboard INSTEAD of the corsair the script will execute as written  Strange lol

Link to comment
Share on other sites

1 hour ago, Jscott3717 said:

I am now having issue with getting the QUACK LOCK UNLOCK commands to operate

Also the WAIT_FOR_KEYBOARD_INACTIVITY is not operating either

Any suggestions for these?  Thanks

QUACK LOCK is a now bug and doesnt work at this time. 

WAIT_FOR_KEYBOARD_INACTIVITY 10

This command requires the interval at the end like above in seconds. 

 

Link to comment
Share on other sites

  • 4 months later...

In my studies, I learned long ago, that the forward and back slashes were often confused. Someone explained how to keep them straight: We type from left to right. If you imaging a man running from the left side of your screen to right, he can lean back "\" or forward "/".

If I had a nickel for every time I have heard someone say h t t p colon backslash backslash, I'd spend much more time at the nickel arcade, and less time correcting them...

 

Apologies. I don't intend to offend. There are just too many folks spending their "valentimes" day at the "liberry", in my personal opinion.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...