Skip to content

Introduction

This is the updated (2023 - USB-A + C) version of the product.

The O.MG Cable resembles an ordinary USB-cable with a highly covert secret. Invisibly concealed in the cable is a USB exploit framework allowing for HID-attacks remote via local or remote triggering of custom payloads.

While dormant, the O.MG cable functions as a regular USB Cable: Data Transfer, Recharging, etc. However, when triggered (via smartphone / computer / plugging in) - it executes its preprogrammed payload on the host device.

Emulating keyboard and mouse actions, payloads are completely customisable, and can be highly targeted.

Undetectable by firewalls, AV software or visual inspection, the O.MG is an ideal tool for penetration testers, police and government.

Usage Instructions

The O.MG Cable has three distinct modes:

  1. Programming
    Because the device acts as a standard USB cable, it needs to be pushed into programming / DFU mode. This is done by using the "Cable Programmer".

    The Cable Programmer is connected to a host device, and the O.MG cable is plugged into the Cable Programmer.

    The O.MG Cable can now be programmed: Its WIFI settings can be configured, and payloads and trigger settings can be uploaded to the device.

    Programming is possible via a web-interface or smartphone app.

  2. Deployed
    The device is 'Deployed' when it is connected to the target machine.
    It will operate as a standard USB cable, allowing for data transfer and power transfer. It is able to stay in this state indefinitely until it is triggered.

  3. Triggered
    The device is triggered wirelessly via Wifi. It can be triggered by smartphone, or by dedicated remote control.

      Technical Specifications

      • Compatibility
        • All USB-A+C O.MG Cables
      • Programming
        • Payload Script: DuckyScript compatible with additional features.
        • Smartphone interface
        • In-Browser interface

      Technical Resources: