Human Interface Devices is the science way of saying (in this case) keyboard! Now that doesn’t sound amazing but then we look at the details. What we are talking about here is a wireless remote controlled programable keyboard emulator disguised as a USB cable or a cable between a real USB keyboard (must be detachable). This provides attack opportunities to both key log and hijack inputs to PC devices covertly and remotely (within WIFI range). Just imagine what you could do with one of these.
A key misconception appears to be that these are to attack mobile devices, they are to attack PC/MAC devices primarlily from my pov (ok and keyboards so you can put these in scenarios where mobile devices are targeted via keyboards, or you could use OTG and HID attack mobiles as well). As you can probably imagine anything that can take a keyboard is a potential target. There are both USBA/C cables with lightening, miro USB connectors but you can also get USB C – USB C (think about augmenting a keyboard by using an implanted interface between keyboard and device). You could clearly potentially physically modify kit to hide these as well.
Ok so I may have got a range of cables, I ordered the kit with the carry bag 🙂 so I litterally have lots of OMG cables. The actual requirement is a cable for the programmer and then a single OMG cable would suffice for simple setups/demos. But you never know what you might find so having a selection isn’t a bad thing.
Ok so the first thing you are going to need is a programmer. The programmer interfaces via a USB C adaptor (programmer side) and can use a USB A or C on the PC/MAC side.
The original OMG Cable is a cable that has a wireless remote-control interface that can be either in AP mode or can attach to an existing wireless network.
The original cable has a custom Hak5 Ducky payload setup. It includes a number of examples scripts, but you need to create and bring your own payloads for this to be effective in an engagement.
The keylogger cables have the same functionality as above but can also MITM keyboard devices that are physically connected to the cable.
You will want to read before you start just plugging in all the things! (ok I didn’t but that’s why I’m also writing this!)
- Download firmware
- Download programmer driver
- Install driver
- Update firmware using python3 (you will clearly need python3 installed) script (you may need to “pip3 install pyserial” before you attempt to flash as well)
- During the upgrade/setup process you will have options to configure, flash, backup etc. You also now have to decide how you want to interface with WIFI Network (as a AP or as a client)
- Here you can configure an SSID and passphrase.
Once the setup is complete you will need to attach to the device’s access point (or network, you need to locate the IP with this method) and the navigate to its web UI.
For AP mode connect to: http://192.168.4.1
From here we can load example scripts (via help) or we can write our own payloads. Clearly this area is a whole blog (or blogs) in itself.
The OMG cables look just like a normal cable, I’ve not got a micrometre out but honestly if you were given one you wouldn’t think “ooh this seems a bit suss” you would just plug it in. The fact that MG has managed to fit all this wizardry into the space just seems like dark magic to me. Pry0c had one of these ages ago so this wasn’t my first view of these IRL but I’m super excited to see what scenarios we can develop for. I’ll try to update with my progress but otherwise just find my on twitter, I’ll be posting stuff using them there for sure! oh and also, mabye don’t ask for to borrow a cable… you never know… 😉