Jump to content

KeyCroc will not connect to fully functional, verified CloudC2 instance


P0E

Recommended Posts

I think maybe I have a dud KeyCroc, I've got Cloud C2 configured on AWS LightSail, all working fine.  I've connected my PineApple Mark VII to it in about 5 minutes with no problems but my KeyCroc refuses to connect, the key points:

  • I've updated the firmware
  • I've tried copying the device.config via Windows, via linux and via pscp
  • It's connecting fine and picking up an IP address on the wifi
  • It's on the same wifi as the PineApple (which works with Cloud C2 fine)
  • I can ssh in to it via the wifi (and also via serial) with no problems
  • I've tried copying the config to the /etc/ folder and root (as well as the udisk) just in case
  • It captures keyboard input and save it correctly

Basically, it seems to do everything except the one thing I really need which is connect to my CloudC2 instance (which is working because other Hak5 devices connect ok).

Any suggestions?  Do I start a returns process?

Link to comment
Share on other sites

In one of the tutorial videos, Darren mentioned that some devices have to have a command executed to connect to CloudC2 - they don't do it automatically.  I haven't been able to find that video again (I've been watching so many to try and get this thing working!).  I don't think that's it but anyone any experience?

Link to comment
Share on other sites

Just add, I've not tried repeating all of the above with the older firmware too - still no luck and my PineApple has stayed connected during this time!

Has anyone managed to get KeyCroc working with CloudC2?

Link to comment
Share on other sites

Still no luck with this - my SSL certificate is Let's Encrypt (not self-assigned) but I tried manually adding it to the croc anyway just incase - still no joy.

Darren also suggested I might need to run the C2CONNECT command in my payload, I've tried adding that (though can't see it referenced in docs for KeyCroc) - no luck, I tested the payload to confirm it running but no lock.

The cc-client-error.log is just full of these errors:

[1634554411 !ERR         CURL ]  Error posting update to server...
[1634554411 !ERR     INITSYNC ]  Error in startup sync post
[1634554411 !ERR         MAIN ]  Device startup sync failed. Retrying...
[1634554417 !ERR         CURL ]  Error posting update to server...
[1634554417 !ERR     INITSYNC ]  Error in startup sync post
[1634554417 !ERR         MAIN ]  Device startup sync failed. Retrying...
[1634555716 !ERR         CURL ]  Error posting update to server...
[1634555716 !ERR     INITSYNC ]  Error in startup sync post
[1634555716 !ERR         MAIN ]  Device startup sync failed. Retrying...
[1634555721 !ERR         CURL ]  Error posting update to server...
[1634555721 !ERR     INITSYNC ]  Error in startup sync post
[1634555721 !ERR         MAIN ]  Device startup sync failed. Retrying...

The device is connected to wifi fine (I can ssh in to it).

I've tried killing the cc-client process and manually executing it: cc-client /root/udisk/device.config (no response - command just appears to hang)

My PineApple continues to keep a stable connection to the C2 instance without any additional steps at all (just downloaded the device.config and off it went).


 

Link to comment
Share on other sites

@Darren Kitchen, I know you mentioned in your email that I need to use the C2CONNECT command in my payload to intiate a connection to my C2 instance from my KeyCroc but I've just tried purging the cc-client-error.log file and restarting the KeyCroc without the C2CONNECT command in the payload and it generates the same connection errors as with (see above).  I'm really stuck now, any suggestions?  (the PineApple connected like a dream)

Link to comment
Share on other sites

Finally, I've installed telnet on the key croc and get a response from my C2 as expected:

root@croc:/tmp# telnet cloudc2.mydomain.com 2022

Trying 123.123.123.123...
Connected to cloudc2.mydomain.com.
Escape character is '^]'.
SSH-2.0-Go


 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...