JasonJason Posted February 4, 2022 Posted February 4, 2022 I have a Keycroc and want to connect it to the C2 server. I have many other devices setup without issue (turtle, pineapple, screen crab). I have edited the config.txt and put the wireless settings in the same syntax as the screen crab that works without issues. I have copied the device.config into the root too. No joy. I don't think it is connecting to the wireless either. Any ideas? I am running the latest firmware, but it didn't work with the shipped firmware either.
Irukandji Posted February 4, 2022 Posted February 4, 2022 I found out that My Keycroc didn't like the syntax WiFi configuration.
JasonJason Posted February 4, 2022 Author Posted February 4, 2022 So how did you fix it? Please show an example of what worked
Irukandji Posted February 4, 2022 Posted February 4, 2022 This is a bit of it. But not going link my WiFi here. #!/bin/bash ####################################### # _-^^-_ # # ---=>====<^^.. # # " " Key Croc by Hak5 # ####################################### #This configuration file is used to set default variables DUCKY_LANG us WIFI_SSID Not going to list WIFI_PASS Or this SSH ENABLE ### OPTIONAL CONFIGURATION ###
dark_pyrro Posted February 4, 2022 Posted February 4, 2022 I need some clarification here; is the problem getting the Croc to connect to WiFi or is it C2 connectivity that is the issue? If in doubt of getting WiFi to work, then check if the Croc can be seen on the wireless network it's supposed to connect to. Either using any information in any network equipment (such as the DHCP leases of a home router) or scan the network using nmap. The Croc is known to be a bit picky when it comes to WiFi connections. If having an SSID and/or PSK with special characters or spaces, then I would suggest to try a temporary setup with some simple SSID and PSK, for example using a hotspot on a smartphone. The Croc may also have an old root certificate for Let's Encrypt that will stop it from connecting to the C2 server. This has happened before for other users. Check out my post linked below to verify if this is a part of the problem.
JasonJason Posted February 5, 2022 Author Posted February 5, 2022 I can confirm my device is configured with the correct syntax above and is associating with the AP. It is not connecting to the C2 though. I have the device connected to a Windows 10 system, but when i look at the interfaces i can't see the CROC and hence can't SSH in to try troubleshooting the TLS as per your instructions.
dark_pyrro Posted February 5, 2022 Posted February 5, 2022 Have you tried to connect using serial in arming mode? Or, if you know it is associating with the intended AP, you can SSH into it that way.
JasonJason Posted February 5, 2022 Author Posted February 5, 2022 I am in via serial now and can see it is on wireless. Let me try some of the other solutions for C2 now. Thanks for help
JasonJason Posted February 5, 2022 Author Posted February 5, 2022 The wireless is working fine. I can ping hosts on internet. There is no issue in terms of connecting to the C2 with curl and i get no errors. I think there might be something wrong with the device.config file from the C2. Can someone please provide me with some next steps? I need to resolve this quickly for a project.
dark_pyrro Posted February 5, 2022 Posted February 5, 2022 And what was the result of verifying that the Let's Encrypt root certificate was valid or not, that I previously linked to?
JasonJason Posted February 5, 2022 Author Posted February 5, 2022 Your are right! When i did curl i did not include https:// so it worked. When i did i saw the error and ran your additional tests and fixes for success. The firmware should probably be updated to avoid this confusion. I still have a couple of other issues to resolve. e.g. i have SSH ENABLE set, but no SSH. Also when i run the crocinfo script there is no IP address shown, but when in console i can see the IP address and connect to Internet, etc. Any ideas?
dark_pyrro Posted February 5, 2022 Posted February 5, 2022 Is it SSH ENABLE on one line? Some users misunderstand the examples in the config.txt file and enter it in the format SSH [ENABLE] In what way are you trying to access the Croc using ssh? Using the IP address it gets from the local network it is connected to?
JasonJason Posted February 6, 2022 Author Posted February 6, 2022 I was using SSH ENABLE on a single line without the [ ]. I was trying to access the croc using SSH with the IP address shown in the OS when i serialled in. I also tried the gateway without success. Why does crocinfo script not show the IP address either? its just blank
dark_pyrro Posted February 6, 2022 Posted February 6, 2022 What IP address range is the local network using (that you have connected your Croc to)? When you serial in to the Croc (and the Cloud C2 setup working), what does this command show when you execute it in the Croc shell? ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6- or just simply ifconfig Does it show an IP address for wlan0 that is from the local network to which the Croc is connected? If you run ps ax | grep sshd does the sshd process show?
Recommended Posts
Archived
This topic is now archived and is closed to further replies.