hackerzero000 Posted October 13, 2023 Share Posted October 13, 2023 Hello so ive just got a brand new keycrock already updated everything fine but it cant connect to cloud c2 the wifi setup and everything seems to work the config file also doesnt show any problems what could i do in this situation? The lights which the keycrock shows are green for a few seconds then white for a few seconds then it goes abck to green then magenta for less then 4 seconds then Cyan for about 3-5 seconds if someone could help me that would be pretty nice Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 16 minutes ago, hackerzero000 said: updated everything fine Just to be sure; you are on firmware version 1.4 then I assume Do you have any other Hak5 devices that already is successfully connected to your C2 server? If you ssh into your Croc, can you ping your C2 server from the Croc (assuming that your C2 server accepts ping)? If you can't ping the server, what happens if you try to try to ssh into your C2 server using port 2022 from the Croc? Are all necessary ports open on your C2 server? Are you starting your C2 server using an IP address (or a domain name) that can be reached from the network to which your Croc is connected? (That IP address should of course also be the IP address where the C2 server is running) If using a domain name, is that linked to the proper IP address using a dns A record? Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 Yes i already have the packet squirrel mark 2 and the wifi pineapple mark 2 connected successfully(and work also without lags or progblems). And i dont know how to ssh into the keycrock or how to ping it im a noobie. Can you tell me how to do that? Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 The C2 server is reachable over an ip adress not a domain and yes i think all neccessary ports are open but im on with cehcking that im not the manager of the Server a friend of mine hosts it Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 i cannot find a firmware 1.4 im on 1.3 is there a 1.4? Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 There's no need to check opened ports on the server if you have other devices that has successfully been connected. 1.4 is available here https://downloads.hak5.org/croc Not sure it will solve your issue though. If you were using a domain name along with https/Letsencrypt, then it would probably fix things since there was a certificate issue in fw 1.3. Instead of ssh, you can serial into the Croc when it's in arming mode. https://docs.hak5.org/key-croc/advanced-usage/serial-console-access Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 thanks is there any default pass and login cant find it in the doc? Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 And from there hwo do i set up the crock for the c2 server? Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 3 minutes ago, hackerzero000 said: And from there hwo do i set up the crock for the c2 server? Well, reading that sentence, it indicates that you haven't even tried to set it up for C2. If so, then it's not at all strange that it doesn't work. You need to create the C2 device.config file for the Croc and transfer it to the Croc file system. I'd suggest that you read all of the documentation; both for the Croc and Cloud C2 Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 No i now what you mean and i already had it on the udsik installed it didnt work im just asking for the way from the ssh menu i already installed the device.config file so could you maybe help me with the way? Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 Regarding ssh, I assume that it's for the Croc (since there's none for C2). In that case, it's available in the docs https://docs.hak5.org/key-croc/getting-started/default-settings Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 My previous comment about trying to ssh is just that; trying. You shouldn't be able to login, but the C2 server should respond. Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 You shouldn't use ping like that, just ping and the IP address, i.e. ping 10.0.0.1 But, since you seem to use a VPS on Amazon, it won't respond to ping anyway (if set up using "defaults") (And, don't post your real address, keep that to yourself just to be sure) If you ssh, try; ssh root@<ip address> -p 2022 Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 You can also try to use wget from the Croc wget <serverIP>:2022 if the Croc can communicate with the C2 server it will produce an index.html with the content "SSH-2.0-Go" (you will need to Ctrl+C out of the wget "session") Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 that's when you press Ctrl + C and then look at the content of the index.html file Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 if i tzry to ssh this is the response: Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 It doesnt show up in the udisk and in the ssh menu its not accessable what do i do there? I mean the index.html Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 The index.html file should be created in the same directory as where you started the wget command Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 how can i open it when i saved it to the udsik over the serial terminal cause in the normal graphiocal menu from the keycrock in the file manager it doesnt show up it only shows up in the udsik in the ssh serial terminal so how should i open it? Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 Why would you transfer it? Just execute the wget command, let it run for a couple of seconds, hit Ctrl+C, then list the contents of the file using the cat command directly on the Croc. Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 Okay thanks so it said SSH-2.0-Go what can i do now i rellay dont have a clue so that means that the croc can communicate with the server right? Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 The server responds in a way that should make it possible for the Croc to access the C2 server. Since you have other Hak5 devices that are successful in connecting to your C2 server, I don't think there's anything wrong with the C2 server setup. And, in addition to that, it's obvious that the Croc can reach the C2 server. I would probably check the cc-client error log in /tmp (if any) and also try to run cc-client manually with the path to the device.config file as a command line parameter. Also check that the device.config file actually has been placed in /etc I would probably also verify that the port and the IP address is correct in the device.config file Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 is the /etc/ not the udisk of the crock i mean the first thing you see when you opne the keycrock isnt thta the /etc / direrctory just making sure? and how do i run the cc client manueally with the path to the device.confgig as a commandline parameter how do i do that? Link to comment Share on other sites More sharing options...
dark_pyrro Posted October 13, 2023 Share Posted October 13, 2023 The udisk is just the part of the Croc file system that is exposed/mounted to the device it's connected to when in arming mode (or ATTACKMODE STORAGE). To access /etc you need to either ssh into the Croc or connect to it using serial. However, I just remember that the Croc handles the device.config a bit different than other Hak5 devices. The croc_framework stores the file in /etc but is actually using the one on the udisk, so try /usr/bin/cc-client /root/udisk/device.config or /usr/bin/cc-client /root/udisk/device.config & (to start it in the background) Link to comment Share on other sites More sharing options...
hackerzero000 Posted October 13, 2023 Author Share Posted October 13, 2023 So when i try this the output is: root@croc:/# /usr/bin/cc-client /root/udisk/device.config terminate called after throwing an instance of 'std::runtime_error' what(): CC-Config does not exist at the path given as argument Aborted : So i triedgoing path by path and there is no such thing as a cc-client what there is though are lots of files and the files C2EXFIL and C2NOTIFY what does that mean? Is there any way i can install this cc-client on the Keycrock? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.