Krknc
The Krkn Client can be used to interface with the Krkn Server
Configuration
- username: Your username for authentication
- server: Server address (e.g., localhost:8443)
- tailscale: Use Tailscale (true/false)
- quic: Use QUIC protocol (true/false)
- insecure: Skip TLS verification (true/false)
- debug: Enable debug mode (true/false)
- webhook-port: Webhook listener port (number)
- hostname: Tailscale hostname (string)
Get
Required Permissions: N/A
get command can be used to view your current settings.
Set
Required Permissions: N/A
set command can be used to set a configuration value
Unset
Required Permissions: N/A
unset command can be used to remove a value from a single key
Clear
Required Permissions: N/A
clear command can be used to clear all entries in the configuration.
Logs
Logs can be queried to facilitate troubleshooting and debugging both remotely on the Krkn Server and locally.
Remote
Required Privileges: Admin
Local
Required Privileges: Admin
Users
Users are the primary driver behind the Krkn Server. To access the Krkn Server a user needs to have their Username saved to their config and their token saved as an environment variable. Users fall into three different roles:- Admin - Unfettered access to all gRPC commands
- User - Access to Job Creation, querying and status’
- Reader - Query access only
List
Required Privileges: Admin
list command
Create
Required Privileges: Admin
user create command. A token will be sent to their email address.
Delete
Required Privileges: Admin
delete subcommand can be used to delete a user from the Krkn Server.
Files
The files subcommand can be used to upload, download, delete, head, tail and perform checksums for Rules, Wordlists and Mask files.
Upload
Required Privileges: Admin
upload subcommand can be used to upload a file from your host to the Krkn Server.
Download
Required Privileges: Admin
download subcommand can be used to prompt the Krkn Server to download a file from a given url.
List
Required Privileges: Admin, User
list subcommand can be used to list files of the specified type on the Krkn Server.
Head
Required Privileges: Admin
head subcommand can be used to read the first N lines in the specified file.
Tail
Required Privileges: Admin
tail subcommand can be used to read the last N lines in the specified file.
Sum
Required Privileges: Admin
sum subcommand can be used to determine if the Sha256 sum of the downloaded or uploaded file matches what is expected.
Delete
Required Privileges: Admin
delete subcommand can be used to delete the specified file from the Krkn Server.
Hashes
Thehashes subcommand can be used to query or upload hashes to the Krkn Server.
Upload
Required Privileges: Admin
Query
Required Privileges: Admin, User, Reader
Jobs
Thejobs subcommand encompasses the distributed KCat hash cracking system incorporated into the Krkn Service.
Create
Required Privileges: User, Admin
create subcommand can be used to create a new job and place it into the queue on the Krkn Server.
Get
Required Privileges: Job Owner, Admin
get subcommand can be used to get the status and configuration of a specific job by its id .
List
Required Privileges: Job Owner, Admin
list subcommand. can be used to list jobs and their status’.
Delete
Required Privileges: Job Owner, Admin
delete subcommand can be used to delete an enqueued job.
Download
Required Privileges: Job Owner, Admin
download subcommand can be used to retrieve all cracked hashes from a completed job.
Webhooks
Krkn Clients can create webhooks to manage jobs and updates. For the client to register for Webhooks when using tailscale, a new node will need to be added to the Tailscale network. When the-t flag is passed, a TSNet node will be created for listening with the name <hostname>-krknc.
Webhook Types
Webhooks can be configured in one of three ways.Toasts
Webhooks can be configured to use OS Specific Toast messages, which appear on a grpahical desktop interface for user alerts. Toasts can also be queried using the toast subcommand if they are missed.Append File
Webhooks can be configred to append results to a file. This is ideal for when you submit a job and want the results to be added without having to check in on the job regularly.Realtime
Webhooks can also be configured in realtime mode. This will block your session and update you on the status of the job as it goes through the process.Listen
The listen subcommand can be used to register and listen in realtime for job updates.Service
The service subcommand can be used to create and start a webhook listener service.Server
Theserver subcommand can be used to query active workers for the conductor
Workers
Theworkers subcommand can be used to query the Krkn Server for worker information
List
The list subcommand can be used to query tentacle workers and their status.
Tailscale
When connecting over Tailscale, you must supply the Tailscale<hostname\>-krkn of the destination server. You may supply just the hostname and the -krkn will be appended to the end.
The client will also have to be registered separately on Tailscale as its own node. The client will appear on Tailscale as <hostname>-krkncusing the hostname supplied in the config, otherwise the systems default hostname will be used.
On first use, and periodically, the host will need to be authenticated. A URL will be provided that can be used to authorize the node for use on the Tailscale Network. It must be approved by an admin and given proper ACLs to access the Krkn Server and be access back for Webhooks if required.
Auto-Completion
Autocompletion scripts can be added to your profile to allow tab completion and other features of the Krkn Client application.
Bash Sample
