In this video I will demo the Hak5 omg cable and explain what this omg cable is commonly used for in industry. I will introduce you to various Hak5 products we are using including the bash bunny, the omg usbc-lighting cable and the omg usb-c to usb-c omg cable. I will demo how you can flash the firmware on the omg cable from Hak5, how to connect to the SSID of the Hak5 cable and how you can start to write some basic scripts for Windows and iOS devices. Use the time codes to skip to particular parts and drop me a line with any questions.
What is an OMG cable?
OMG cable (Offensive MG kit) is a product of the MG (Mischief Gadgets) team. It is a cable that can create a Wi-Fi hotspot connection capable of executing malicious code remotely.
The OMG cable hides a backdoor inside the shell of the USB connector with a Wi-Fi microcontroller. This makes it possible that once this cable is plugged into your computer or phone, you will be a victim of remote attacks over the Wi-Fi.
One bad news about this cable is that it is very difficult to differentiate them from the regular USB cables we use to charge our phones. According to how Hak5 described this cable on their website, “every OMG cable is hand-built. They match the real thing with unbelievable accuracy”. The cable was carefully made to make it difficult to differentiate from normal cables. Keep reading as we will discuss possible ways to detect this malicious cable.
Links from video including how to script
How to write scripts | https://github.com/JeffTadashi/OMDucky
How to flash the firmware | https://github.com/O-MG/O.MG_Cable-Firmware/wiki#flash-the-omg-cable
How to flash the firmware with the Web Flasher | https://o-mg.github.io/WebFlasher/ https://github.com/hak5/
How to write scripts | https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
How to write scripts | https://github.com/robsteamlabs/hak5