Jump to content


Global Moderators
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by _MG_

  1. You can check with the laws of your country.
  2. The holes are plated with solder. It sounds like maybe there is just a bit too much inside that one hole. It’s pretty rare but I occasionally see it and I’m able to push the pin through with a little more force while twisting it. You might be able to heat it up with a soldering iron to get it to reflow and redistribute a bit. But usually what I do is take something a bit larger than the hole (like a long tweezers, or a pin, or a nail) and just sort of twist it around to slightly carve out a little more room. If it’s just not happening, jump on the slack server and I will get you sorted out with a new kit.
  3. That depends what you mean. DemonSeedEDU is pretty fundamentally different to keep it easy enough as a DIY teaching tool. But there are some features still not unlocked in the video series. I’m happy to walk you through them in the slack server.
  4. Jump into the dedicated OMG Slack for support. Sounds like you picked the wrong mode, but you can supply more detail in Slack
  5. The new v2 firmware is unified for all OMG cables (1 firmware for all cables) and is currently in beta testing with any owner who wants to use it.
  6. There are way too many variables when adapters are involved for me to give any definitive answer there. I have tested the cable directly on an iPad Pro and multiple Android phones (all of which have Type C connectors). Here is the sales page copy for the C-to-C Directional that should fill in the details there: MOBILE ATTACKS The active end of the cable is discretely marked with a USB logo. Plug the active end into a desktop or laptop to attack it. The cable will support USB 2.0 functionality when the active end is attached to a USB host. For mobile attacks plug just the active end into a smartphone or tablet. No other steps are needed, the payload delivery will automatically work just like with host attacks.
  7. 😄 For those who stumble on this thread: all the O.MG stuff has a single url that points you at the specific setup info for any given product: https://o.mg.lol/setup While the keylogger is under pre-release development, we are keeping everything isolated into the pre-release channels. Those little orange clips in the envelopes help visually tag your cables, as it sounds like you found out. We are about to release a unified firmware that works on all cable models so you don’t have to keep track of which is which. The firmware will just know! Then those little orange clips will just let you identify an evil cable from a normal one 🙂
  8. thanks! Yep, the resonance of the wire length is what is used for a very primitive RF trigger on DemonSeed EDU. The data passthrough technique will be using a trick that completely violates the USB spec as well 🙂The idea with the DemonSeedEDU kit is to stretch every little bit out of the little ATTiny that you can while adding as few external components as possible. It gets you thinking about how to leverage everything at your disposal when thinking about malicious implants. Hardware implants usually encounter all kinds of odd constraints that force you to think about making things work in ways that "you aren't supposed to". The O.MG Cables take that same line of thinking (stretch every bit you can out of the hardware) but using much more powerful hardware and component layouts that are extremely hard to work on by hand. The O.MG Keylogger Cable pushes things even more. When I first started the O.MG project, I planned on it being a DIY thing... but the complexity of it quickly exploded the more we managed to stretch things. I can hand build a full DemonSeed in maybe 20min (soldering components to PCB, inserting it into a cable, etc). When I was fully hand building the original O.MG prototypes for Defcon 2019, it took me at least 4 hours per cable. So now we just keep pushing the limits on something that doesn't have to be DIY hardware. Though, I will say that getting these things "mass produced" has been a huge part of the challenge too. And yeah, the various O.MG Cables currently utilize espressif for radio comms, so you get full 802.11 that lets you push data back and forth. Heck, there is an entire web server inside the cable. The board was designed from the ground up. I used a PCB mill in my garage for the first few months of prototype revisions.
  9. It uses DuckyScript. It’s as capable as the DuckyScript you know how to make.
  10. It uses DuckyScript. It’s as capable as the DuckyScript you know how to make.
  11. _MG_

    Cable range

    It depends. There are lots of options due to how flexible the O.MG Cable is. If you just care about triggering a payload at maximum range, a higher powered antenna with the IF_PRESENT SSID payload trigger will get over 1000 feet. In AP mode, the last time I tested outdoor line-of-sight, I saw ~300 feet using a smartphone (which is going to have a weak antenna compared to other options) In client mode, effectively infinite range depending on how the wireless network is setup. As with all things wireless, it depends on things in your environment that interfere with or block signal.
  12. Thank you! The pandemic basically took away my ability to have enough space to do the videos the way I had been. And it’s massively limited my available time. It’s been 8 solid months with no end in sight. I may have to make a jarring shift in how they are done (not that they are a high quality production thus far). Anyway, I’ve been giving tailored instructions on the next step inside the Slack channel for DemonSeed, if you are interested. In short, the final physical assembly depends on decisions you will make around the RF trigger. If you don’t want the RF trigger, then the physical assembly is about as simple as you expect. But you will need some additional code to get data passthrough properly working
  13. Sorry, just saw this. FYI the Slack community tends to have much faster response times. Without seeing the exact problem... The jig has no active components on it, so it is fairly safe to rework the soldering. I would just clean up the solder with some flux and maybe desoldering braid/wick. If you want to share pictures, I can give better advice.
  14. The question is what is your need and what are your constraints? O.MG is for field use. DemonSeedEDU is for learning. DemonSeedEDU is basically the bare minimum for a malicious cable by using very primitive techniques. Everyone who has assembled the kit has had an increased appreciation for O.MG. O.MG looks identical to the target cable (better for Evil Maid/leave behind/etc), has 250x more storage space for payloads, 802.11 radio, onboard web server, payloads you can modify and trigger via wifi, boot payloads, location awareness, controllable via web UI/python/etc, self destruct, payload compiling happens on-the-fly, uses DuckyScript, etc
  15. all of those are answered on the blog entry found at https://o.mg.lol/ The exact differences have not fully been disclosed, and the features will likely continue to grow and evolve as we work on the firmware. That is a pattern seen with almost all of the O.MG hardware because we tend to develop the firmware with the community by providing very early access to those who are interested. In short, it took over 1 year to squeeze in keylogger functionality on top of the O.MG Cable without losing the existing functionality or increasing the physical size. But we realize not everyone needs all of this extra functionality of O.MG Keylogger Cable, so we will absolutely be keeping the O.MG Cable. Much like a Bash Bunny or Key Croc did not replace the Rubber Ducky. Right tool for the job.
  16. correct! Been extremely overwhelmed lately. But I am walking people through some next steps (basically ep7) on the slack server if you want to get an early start.
  17. That's a good option! We still have a pending project for adding multi layout to the Web UI. We did release a lightweight python frontend that makes it pretty easy to add your own keymaps if you are comfortable in python:https://github.com/O-MG/O.MG_Cable-Firmware/blob/master/omgtool.py
  18. _MG_

    Needs More Work

    Thanks for the update! Yeah, that sounds like a non-breaking enumeration scenario. I'm still happy to chase the machine-specific issue in slack. We actually do a lot of firmware work based on customer feedback. Who knows, maybe you have a specific USB controller that wants to see some basic communication on the data lines when a device comes up. I'd be curious if the enumeration issue goes away if you plug the cable in with a device attached to the other end. We have avoided putting anything on the data lines in the name of stealth, but adding a custom option to "pacify" the the controller when there is no device using the cable could be an option. Hard to answer the question about normal operation. There are so many different attack approaches. OS detection needs would be handled in a similar fashion as most keyboard injection attacks. And yes, we are actually working with Hak5 on C2 integration for both O.MG Cable and O.MG Keylogger Cable. If you are looking for more advanced network controls and automations, check out the light weight python frontend we published last month.
  19. _MG_

    Needs More Work

    Head over too the #omg-cable-support slack channel if you would like help debugging. This may be a windows specific issue, as it doesn't happen on Linux or OS X. I'm not quite sure what you are trying to do with AP Mode and Station mode in terms of "masquerading as an iphone" but maybe it will be easier to figure out the confusion in Slack.
  20. The usage of the O.MG Cable is much easier than any keyboard injection tool you have experience with. It's easy to think you must be missing something, but you aren't! It really is that easy. Check the help menu for a full listing of the payload syntax (it's basically all duckyscript with some custom commands). And there are some example payloads in the load menu. Don't be afraid to browse around the UI. And remember, you can always re-flash the firmware so don't be afraid to use things like the self destruct functions.
  21. You go to the web UI and start typing your payload. Then run it and/or save the payload.
  22. Which step of the setup instructions are you stuck on? https://github.com/O-MG/O.MG_Cable-Firmware/blob/master/README.md
  23. Yeah errors are needed or it’s impossible to say. I do know that Windows 10 has been extra painful for some people in relation to the USBAsp.
  24. As with all things RF, this starts with a big disclaimer: you will want to stick to the laws of where you live. There is a lot of flexibility with which radio you choose as you will calibrate to the frequency you choose. The biggest difference in performance will come down to transmit power of the radio you chose. More power is better, if you want range. I currently have a few common and low cost radios that I will be using to demo: 465MHz, 433MHz, 144MHz. You can see the results I had in the video below: https://twitter.com/_MG_/status/1229676873325498368?s=20
  • Create New...