Croc : Easily And Securely Send Things From One Computer To Another

Croc is a tool that allows any two computers to simply and securely transfer files and folders. AFAIK, croc is the only CLI file-transfer tool that does all of the following:

  • allows any two computers to transfer data (using a relay)
  • provides end-to-end encryption (using PAKE)
  • enables easy cross-platform transfers (Windows, Linux, Mac)
  • allows multiple file transfers
  • allows resuming transfers that are interrupted
  • local server or port-forwarding not needed
  • ipv6-first with ipv4 fallback

For more information about croc, see my blog post.

Install

Download the latest release for your system, or install a release from the command-line:

$ curl https://getcroc.schollz.com | bash

On macOS you can install the latest release with Homebrew:

$ brew install croc

On macOS you can also install the latest release with MacPorts:

$ sudo port selfupdate
$ sudo port install croc

On Windows you can install the latest release with Scoop or Chocolatey:

$ scoop install croc

$ choco install croc

On Unix you can install the latest release with Nix:

$ nix-env -i croc

On Arch Linux you can install the latest release with pacman:

$ pacman -S croc

On Ubuntu you can install with snap:

$ snap install croc

On Termux you can install with pkg:

$ pkg install croc

Or, you can install Go and build from source (requires Go 1.12+):

$ GO111MODULE=on go get -v github.com/schollz/croc/v8

Usage

To send a file, simply do:

$ croc send [file(s)-or-folder]
Sending ‘file-or-folder’ (X MB)
Code is: code-phrase

Then to receive the file (or folder) on another computer, you can just do

$ croc code-phrase

The code phrase is used to establish password-authenticated key agreement (PAKE) which generates a secret key for the sender and recipient to use for end-to-end encryption.

There are a number of configurable options (see --help). A set of options (like custom relay, ports, and code phrase) can be set using --remember.

Custom Code Phrase

You can send with your own code phrase (must be more than 4 characters).

$ croc send –code [code-phrase] [file(s)-or-folder]

  • Use pipes – Stdin & Stdout

You can pipe to croc:

$ cat [filename] | croc send

In this case croc will automatically use the stdin data and send and assign a filename like “croc-stdin-123456789”. To receive to stdout at you can always just use the --yes will automatically approve the transfer and pipe it out to stdout.

$ croc –yes [code-phrase] > out

All of the other text printed to the console is going to stderr so it will not interfere with the message going to stdout.

Send Text

Sometimes you want to send URLs or short text. In addition to piping, you can easily send text with croc:

$ croc send –text “hello world”

This will automatically tell the receiver to use stdout when they receive the text so it will be displayed.

Self-Host Relay

The relay is needed to staple the parallel incoming and outgoing connections. By default, croc uses a public relay but you can also run your own relay:

$ croc relay

By default it uses TCP ports 9009-9013. Make sure to open those up. You can customized the ports (e.g. croc relay --ports 1111,1112), but you must have a minimum of 2 ports for the relay. The first port is for communication and the subsequent ports are used for the multiplexed data transfer.

You can send files using your relay by entering --relay to change the relay that you are using if you want to custom host your own.

$ croc –relay “myrelay.example.com:9009” send [filename]

Note, when sending, you only need to include the first port (the communication port). The subsequent ports for data transfer will be transmitted back to the user from the relay.

  • Self-Host Relay (Docker)

If it’s easier you can also run a relay with Docker:

$ docker run -d -p 9009-9013:9009-9013 -e
CROC_PASS=’YOURPASSWORD’ schollz/croc

Be sure to include the password for the relay otherwise any requests will be rejected.

$ croc –pass YOURPASSWORD –relay “myreal.example.com:9009” send [filename]

Note: when including --pass YOURPASSWORD you can instead pass a file with the password, e.g. --pass FILEWITHPASSWORD.

R K

Recent Posts

GitButler : Revolutionizing Branch Management With Virtual Branches

GitButler is a git client that lets you work on multiple branches at the same…

7 hours ago

Minegrief : Unpacking A Crafty Minecraft Malware

Self-spreading to other Minecraft servers using an extendable, module-based lateral movement system. Crafty Controller Auth'd…

7 hours ago

ModTask – Task Scheduler Attack Tool

ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled…

2 days ago

HellBunny : Advanced Shellcode Loader For EDR Evasio

HellBunny is a malleable shellcode loader written in C and Assembly utilizing direct and indirect…

2 days ago

SharpRedirect : A Lightweight And Efficient .NET-Based TCP Redirector

SharpRedirect is a simple .NET Framework-based redirector from a specified local port to a destination…

2 days ago

Flyphish : Mastering Cloud-Based Phishing Simulations For Security Assessments

Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in…

3 days ago