Key Croc
Search…
The Key Croc by Hak5
Getting Started
Key Croc Basics
Configuration
Files and Directory Structure
Default Settings
Getting the Key Croc Online
Configuring Cloud C²
Understanding Languages
Beginner Guides
Password Sniffing with the Key Croc — Easy, or Super Easy?
New Features in Key Croc 1.3
Payloads and Loot
Payload Primer
Getting Payloads
Activating and Deactivating Payloads
Loot
Advanced Usage
Serial Console Access
Updating the Firmware
Factory Reset
Writing Payloads
Key Croc Payload Development
The MATCH Command
The SAVEKEYS Command
The ATTACKMODE Command
Hardware ID Cloning
The QUACK Command
Advanced QUACK Commands
The LED Command
Ducky Script Commands
Command Quick Reference
Tips & Tricks
Understanding the File System
Interactive Payload Development
Installing Extras like Metasploit
Helpful Payload Snippets
Product Information
Important Safety Information and Warnings
Specifications
Powered By GitBook
Key Croc Basics

DEPLOYMENT

In its most basic state, the Key Croc acts as a keylogger. To deploy, simply plug the Key Croc into a computer – known herein as the target. Within a few seconds the Key Croc will boot, lighting multiple colors along the way to indicate its state (described below). If a keyboard is not attached to the Key Croc at boot, the LED indicates such with a white light. Plugging a standard IBM-PC compatible USB keyboard into the Key Croc will cause the LED to turn off and the device to enter what is known as Attack Mode. The Key Croc will then clone the hardware identifiers of the keyboard and present itself to the target as that keyboard. Keystrokes typed on the keyboard will be passed through to the target, while simultaneously saving to a log file on the Key Croc. Any active payload will execute once the target types a defined matching key sequence.

ARMING MODE

Pressing the hidden arming button on the bottom side of the Key Croc will stop the keystroke passthrough and recording. The Key Croc will enter what is known as Arming Mode, indicated by a blue blinking LED. Instead of emulating the connected keyboard, the Key Croc will now emulate both a serial device and USB flash disk – known as the udisk. Accessing this USB flash disk or udisk, with its drive label "KeyCroc", will present the operator with a number of files and folders.
Among the files and folders present on the USB flash disk is config.txt. Editing this file with a standard text editor (like Notepad on Windows, TextEdit on Mac, vim/nano on Linux) will let you configure settings such as keymap, WiFi, SSH and DNS.
Previous
The Key Croc by Hak5
Next - Getting Started
Configuration
Last modified 8mo ago
Copy link
Contents
DEPLOYMENT
ARMING MODE