Jump to content

_MG_

Global Moderators
  • Content Count

    29
  • Joined

  • Last visited

  • Days Won

    2

4 Followers

About _MG_

  • Rank
    Hak5 Fan

Contact Methods

  • Website URL
    https://o.mg.lol

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. 😄 For those who stumble on this thread: all the O.MG stuff has a single url that points you at the specific setup info for any given product: https://o.mg.lol/setup While the keylogger is under pre-release development, we are keeping everything isolated into the pre-release channels. Those little orange clips in the envelopes help visually tag your cables, as it sounds like you found out. We are about to release a unified firmware that works on all cable models so you don’t have to keep track of which is which. The firmware will just know! Then those
  2. thanks! Yep, the resonance of the wire length is what is used for a very primitive RF trigger on DemonSeed EDU. The data passthrough technique will be using a trick that completely violates the USB spec as well 🙂The idea with the DemonSeedEDU kit is to stretch every little bit out of the little ATTiny that you can while adding as few external components as possible. It gets you thinking about how to leverage everything at your disposal when thinking about malicious implants. Hardware implants usually encounter all kinds of odd constraints that force you to think about making things work in w
  3. It uses DuckyScript. It’s as capable as the DuckyScript you know how to make.
  4. It uses DuckyScript. It’s as capable as the DuckyScript you know how to make.
  5. _MG_

    Cable range

    It depends. There are lots of options due to how flexible the O.MG Cable is. If you just care about triggering a payload at maximum range, a higher powered antenna with the IF_PRESENT SSID payload trigger will get over 1000 feet. In AP mode, the last time I tested outdoor line-of-sight, I saw ~300 feet using a smartphone (which is going to have a weak antenna compared to other options) In client mode, effectively infinite range depending on how the wireless network is setup. As with all things wireless, it depends on things in your environment that interfere with
  6. Thank you! The pandemic basically took away my ability to have enough space to do the videos the way I had been. And it’s massively limited my available time. It’s been 8 solid months with no end in sight. I may have to make a jarring shift in how they are done (not that they are a high quality production thus far). Anyway, I’ve been giving tailored instructions on the next step inside the Slack channel for DemonSeed, if you are interested. In short, the final physical assembly depends on decisions you will make around the RF trigger. If you don’t want the RF trigger, then the physi
  7. Sorry, just saw this. FYI the Slack community tends to have much faster response times. Without seeing the exact problem... The jig has no active components on it, so it is fairly safe to rework the soldering. I would just clean up the solder with some flux and maybe desoldering braid/wick. If you want to share pictures, I can give better advice.
  8. The question is what is your need and what are your constraints? O.MG is for field use. DemonSeedEDU is for learning. DemonSeedEDU is basically the bare minimum for a malicious cable by using very primitive techniques. Everyone who has assembled the kit has had an increased appreciation for O.MG. O.MG looks identical to the target cable (better for Evil Maid/leave behind/etc), has 250x more storage space for payloads, 802.11 radio, onboard web server, payloads you can modify and trigger via wifi, boot payloads, location awareness, controllable via web UI/python/etc, self destruct, p
  9. all of those are answered on the blog entry found at https://o.mg.lol/ The exact differences have not fully been disclosed, and the features will likely continue to grow and evolve as we work on the firmware. That is a pattern seen with almost all of the O.MG hardware because we tend to develop the firmware with the community by providing very early access to those who are interested. In short, it took over 1 year to squeeze in keylogger functionality on top of the O.MG Cable without losing the existing functionality or increasing the physical size. But we realize not everyone needs all
  10. correct! Been extremely overwhelmed lately. But I am walking people through some next steps (basically ep7) on the slack server if you want to get an early start.
  11. That's a good option! We still have a pending project for adding multi layout to the Web UI. We did release a lightweight python frontend that makes it pretty easy to add your own keymaps if you are comfortable in python:https://github.com/O-MG/O.MG_Cable-Firmware/blob/master/omgtool.py
  12. _MG_

    Needs More Work

    Thanks for the update! Yeah, that sounds like a non-breaking enumeration scenario. I'm still happy to chase the machine-specific issue in slack. We actually do a lot of firmware work based on customer feedback. Who knows, maybe you have a specific USB controller that wants to see some basic communication on the data lines when a device comes up. I'd be curious if the enumeration issue goes away if you plug the cable in with a device attached to the other end. We have avoided putting anything on the data lines in the name of stealth, but adding a custom option to "pacify" the the controller whe
  13. _MG_

    Needs More Work

    Head over too the #omg-cable-support slack channel if you would like help debugging. This may be a windows specific issue, as it doesn't happen on Linux or OS X. I'm not quite sure what you are trying to do with AP Mode and Station mode in terms of "masquerading as an iphone" but maybe it will be easier to figure out the confusion in Slack.
  14. The usage of the O.MG Cable is much easier than any keyboard injection tool you have experience with. It's easy to think you must be missing something, but you aren't! It really is that easy. Check the help menu for a full listing of the payload syntax (it's basically all duckyscript with some custom commands). And there are some example payloads in the load menu. Don't be afraid to browse around the UI. And remember, you can always re-flash the firmware so don't be afraid to use things like the self destruct functions.
×
×
  • Create New...