tb8367 Posted February 7, 2022 Share Posted February 7, 2022 Trying to use the Key Croc as a dropper and have it call back to the C2. However, there is a public Wi-Fi with a terms agreement that must be agreed to prior to connecting. Can the Key-Croc be configured to accept the terms agreement? Perhaps some sort of curl script configured to run as part of the boot process? Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 7, 2022 Share Posted February 7, 2022 It all depends on how accepting those terms of agreement is done on that specific network. You have to learn how it works and develop any solution based on that. It's most likely possible, but as said, it depends how it is set up. There's no "one size fits all" solution. Link to comment Share on other sites More sharing options...
tb8367 Posted February 7, 2022 Author Share Posted February 7, 2022 1 hour ago, dark_pyrro said: It all depends on how accepting those terms of agreement is done on that specific network. You have to learn how it works and develop any solution based on that. It's most likely possible, but as said, it depends how it is set up. There's no "one size fits all" solution. I have a solution, can I configure the Key Croc to send a curl request on boot? I'm new to Hak5 devices and not seeing much for documentation. Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 7, 2022 Share Posted February 7, 2022 It's a Debian box really, so you could probably use /etc/rc.local to execute curl at boot time. You (of course) need to make sure that it has connectivity, but a loop until you get some kind of response from the network/AP can be used and then issue the curl command. Link to comment Share on other sites More sharing options...
tb8367 Posted February 8, 2022 Author Share Posted February 8, 2022 17 hours ago, dark_pyrro said: It's a Debian box really, so you could probably use /etc/rc.local to execute curl at boot time. You (of course) need to make sure that it has connectivity, but a loop until you get some kind of response from the network/AP can be used and then issue the curl command. Awesome. Appreciate the help. I'll post back if I can get it to work. Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 8, 2022 Share Posted February 8, 2022 You could get some inspiration from, for example, the Shark Jack payload linked below. More specifically the while loops. Keeps looping until getting an IP (interface needs to be changed of course) and, if desired, checks access to a web site. In this case it could be the "captive portal"/landing page that you want to interact with. https://github.com/hak5/sharkjack-payloads/blob/master/payloads/library/util/internet-access-tester/payload.sh Link to comment Share on other sites More sharing options...
lartsch Posted July 28, 2022 Share Posted July 28, 2022 Most of the times captive portals (like I guess this is one) work based on MAC addresses. So if you have no success with doing a curl request, you might also spoof your MAC on another device on the network to the Key Croc's and confirm the ToS Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.