So you think your phone or iPad are safe? Rubber Ducky script for mobile targets and Hak5 OMG cables
Vložit
- čas přidán 9. 09. 2021
- It's just crazy scary what these cables can do. They look like normal USB cables, but are not!
==========================
Giveaway ($180 Hak5 gift card):
==========================
Enter here:
======
Scripts:
======
Android Rickroll: davidbombal.wiki/androidrickroll
Android Phone Call: davidbombal.wiki/androidphone...
Android Take Photos: davidbombal.wiki/androidtakep...
iOS Rickroll: davidbombal.wiki/iosrickroll
====================
Buy Hak5 coolness here:
====================
Buy Hak5: davidbombal.wiki/gethak5
=============
Previous videos:
=============
OMG Cable setup: • O.MG: From zero to hero
Hak5 Rubber Ducky setup: • How I did it (hak5 rub...
================
Connect with me:
================
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
CZcams: / davidbombal
hak5
omg cables
omg cable
android
apple phone
apple ios
rubber ducky
hak5 rubber ducky
hak5 omg cable
omg cable android
omg cable ios
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#omgcable #hak5 #rubberducky - Věda a technologie
==========================
Giveaway ($180 Hak5 gift card):
==========================
Enter here: davidbombal.wiki/omg180
======
Scripts:
======
Android Rickroll: davidbombal.wiki/androidrickroll
Android Phone Call: davidbombal.wiki/androidphonecall
Android Take Photos: davidbombal.wiki/androidtakephotos
iOS Rickroll: davidbombal.wiki/iosrickroll
====================
Buy Hak5 coolness here:
====================
Buy Hak5: davidbombal.wiki/gethak5
=============
Previous videos:
=============
OMG Cable setup: czcams.com/video/V5mBJHotZv0/video.html
Hak5 Rubber Ducky setup: czcams.com/video/A2JNBpUotZM/video.html
================
Connect with me:
================
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
CZcams: czcams.com/users/davidbombal
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Hey David, who are the winners of the previous Hack5 giveaway?
@@syedbukhari4761 I have to verify them first because of spammers and then I'll announce them.
Please enter code😊😗
@angel fayola thanks😚😍
Mr Bombal, thank you very much for this new content on malware analysis and phone hacking. Bravo, Sir!
Me: "Dangit, my phone is out of battery and I forgot my charging cable"
Friend: "Here, use mine"
Me: *starts sweating nervously*
Great comment!
Which is why, for charging, one must always use a "USB condom" with the cable.
@@ifodaniell I don't think a USB condom would work here. If the data is going out over wifi then the only pins the omg cable would need is power.
My question is can a malicious script be ran while the phone is locked? Reason I asked if because I left my phone somewhere over night, iPhone 12 good password am I safe or can they still have done something? Thank you I’m advance
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
Great Work, *Metaspyclub* . Thankfully, I have all six of your tips mastered. It's all about self-care. You made me laugh out loud when you put that shaver up to her chats. Keep up the great work.
I have been monitoring your CZcams videos for a week now and I find your lectures very much interested and educational. You programs are making huge difference in my Computer Science Degree aspirations.
Super interested! I've always wanted something very close to this, but a little bit more advanced. In addition to this, *top phaseresolution* can trace (iOS/Smartphone/Ipad) the phone location history timeline (full) by only phone number and I want to thank them because of them I reached the top of my class and my school gets me grants to full courses for me to learn from and now even though I'm young I'm already starting toward studying for certifications.
Thank you, thank you, *top phaseresolution* !! I've been in such turmoil at the pain my husband's infidelity has caused our four children, two of them newly married. We're almost 2 years in from first DD, and inspite of my prompting, he has yet to make this most important apology to our babies for the life he's disrupted by his choices. Holly, you're in my prayers for continued healing and thank you for your bravery in sharing your story. I can't wait to share this video with my friends and hope they gain some comfort from it.
TOTALLY DISCREET AND ANONYMOUS -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- *TOPPHASERESOLUTION* on IG helped me spy on my significant others, I was able to retrieve clear cheating evidence , got access to all phone activities and past deleted ones
OMG, EXACTLY WHAT I NEEDED -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- i got spyware from *TOPPHASERESOLUTION* on IG
The possibilities……THE POSSIBILITIES.
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
I can litrealy but that cable into a Big server and it would be mine 😈
@@Zveenus maybe, but you literally can’t spell ‘literally’!
imagine leaving this somewhere like a mall or airport to link to this video
Glad to see you teaching Cybersecurity related topics. I took your HP network course from Udemy back in 2015. I transitioned to Cybersecurity 2-3 years ago.
Do you need to have any backround to do those courses?
I've always been somewhat of a computer nerd (to a certain extent) and always wanted to get into cyber security but it's so overwhelming to even know where to start
David thank you for clarification on paying attention to cables such as you have covered within this u-tube site.
You open my eyes and truly educate us all.
Thank you sir.
Love how you use an educational video to rickroll us. Good one!
Thanks David for sharing! I hope you will have a new video for advice or solutions to reduce the risk from something like this OMG. I guess there is a lot of devices out there (keyboard, mouse, usb/bluetooh speeker, usb headset,...etc) from cheap vendor can become the target.
I really enjoy these informative videos with a demonstration. Thank you very much.
Really cool idea to have a secret code for the giveaway - That's very fitting.
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
👆🇱🇷👆
Do you need reliable and trusted cell phone monitoring service that is guaranteed to work everything and satisfy all your needs? Contact the name above 👆👆🇱🇷.,.,
fascinating video as always. Thanks a lot David. One important question, at the time of attack do these cable need to be connected or are they capable of connecting them once and still carry out an attack later even when they are not connected
The cable needs to be connected to the device to carry out this attack. But you could scan for WiFi access points if it just had power
i work as a bartender in a fancy Parisian cocktail bar, every night there's at least 4 people who ask me to charge their phone... it's scary what i could do if i had bad intentions ...
Do it 🫡
No you can't, unless they unlock the devices before handing to you. But if they do - they probably have bigger problems
Great program, Thanks so much for the presentation. It is usual for awareness and equal training even other colleagues.
Thank you Yamit. And thank you for your support!
👆🇱🇷👆
Do you need reliable and trusted cell phone monitoring service that is guaranteed to work everything and satisfy all your needs? Contact the name above 👆👆🇱🇷
Thank you from Peru, your videos and courses are excellent. Never stop being the person you are.
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
👆🇱🇷👆
Do you need reliable and trusted cell phone monitoring service that is guaranteed to work everything and satisfy all your needs? Contact the name above 👆👆🇱🇷., ,
One of your best videos David. Waou that was absolutely amazing!
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
Would be interesting if we could get some wifi pineapple videos as part of the Hak5 series you are doing! I think there’s a big gap in online videos of the topic and you would teach about it well!
My job actually has me working with a lot of these commands that cable uses. Not sure what helps that cable think, but probably a small microprocessor inside the cable connections. So let me help with the paranoia. Since the android he used was a Samsung I can let you know the only way that cable was able to take pictures, dial numbers and visit links was because of AT capabilities being enabled. "IF" your phone is locked you'll be fine. The AT commands can still click but it can't bypass your pin (unless that person knew it and scripted the unlock procedure).
When it came down to him visiting a malicious website the script they uploaded had to know where to click for the web browser to come up, then where to click on url address and then the long url to put in. If that script was running on some malicious cable at an airport at mall and someone plugged their random phone in it most likely wouldn't work. Samsung and LG phones are the only ones by default that have AT capabilities. If you want to protect yourself from this cable entirely, two things: USB Mode -> Charge Only and if ADB is enabled, disable.
And it is worth mentioning that range of that access point that is embedded in to the cable is quite small and not strong enough to penetrate a wall.
Excellent information. Thank you.
Thank you David! I was hoping to clarify whether the lightning to usb-A or to usb-c cables can be used to deliver payloads to an iPhone? If I understand correctly the only sides that are active are the USB-c and usb-a sides of the cable correct?
Thanks David for all these informative video.. can't thank you enough
-Great content Professor David Bombal.
-Basically micro-controllers became very small and simple to program, so make a Keylogger that inserts commands into a system via USB in C language or Python for micro devices like the one Raspberry is launching now.
-And they are getting smaller so much that a device with an Arm processor is already the size of a large USB flash drive but soon a complete ARM CPU will fit in one cable like this and with the full capacity of a machine with Kernel literally cables like this will be a rogue computer via USB port.
-Thanks for the knowledge Professor David...!!!
Yeah but this item is still lame.. you cannot do any of that if the phone is locked while plugged in...
@@Gt92279 -The user can configure the USB interface not to allow connection, but how many users you know increase the security of their device.
-A phone locked charging is still with the USB interface active and these cables simulate usb keyboards, so if the user doesn't block the connection of ANY device the cables will run their payload.
-As for it being locked, the user itself feels the device vibrate and will curiously unlock it, so the screen interface lock for these cables is not that whole impediment.
@@educastellini yes but if I have my phone in my hand wouldn't i see the payload running if its unlocked?
If its locked, there isn't many payloads that can be executed that will be of much assistance.
Im new, correct me if im wrong
@@Gt92279 -So if you think you are protected with default device configs without any configuration, keep believing so.
-Now there are several videos here of David Bombal even showing the payloads running in fraction of a second, a script can run in shadow and you don't even see it.
-But if you feel safe ok, go back to David's videos and watch the payloads running and wonder if you would notice a script running in fraction of a second on your device.
-Intrusion by physical access only does not happen with very well configured systems or with the total prohibition of physical access to the device, but as a rule, if any physical access is done, it's over.
-After all, if it wasn't like that, a datacenter like Google or Amazon wouldn't have 5 layers of security to reach the physical layer for nothing just because it's beautiful.
-But keep thinking like that.
@@educastellini his scripts were basic stuff, but you can't actually install a program on a device with this cable
It's unbelievable what's out there. Thank you for this info!
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
Thank you, David. These giveaways are awesome!
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius...,,.
I've been waiting for this type of episode for a long time.. THANK YOU!! ❤️❤️❤️
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius..,.
Hi David! Thank you for all of your videos. I’m on my journey to break into the cyber security field and am very grateful for your videos. As a side question, what would you say is the best password keeper/manager available on apple devices that based on the information you have, may be the best?
i've been dabbling in the cyber security field for a few years now and when it comes to password managers dashlane i would say is the best. even with it's free version it still has no access encryption but i'm sure if you're in cyber security then you already know what that is.
In all of your videos I appreciate the professional summary at the end.
@David What are the requirements on the phone, that this works? ADB enabled? Pre-approved permissions?
Thank you for providing cutting edge information on latest hacks and tech 😁
this is a few years old now lol ...
@@myname-mz3lo hmm
Hello! Good day to you sir! I just passed my CCNA today with a score of around 945 or so thanks to your course on Udemy. Thank you very much for everything!
Congratulations 👏 Well done!
hello, can u guide me? how u take this achievement.I am beginner.
I love a good rickroll, thanks David.
THANKS A LOT DAVID!! Lot of love for You!
"I've been able to Rick Roll both an iPad and an Android phone using the o.mg cable. Really scary what you can do with the o.mg cable" - David Bombal
lol... not been able to do this type of thing in the past :) And that is just the beginning.
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
👆🇱🇷👆
Do you need reliable and trusted cell phone monitoring service that is guaranteed to work everything and satisfy all your needs? Contact the name above 👆👆🇱🇷
I hope you keep making educational videos like this forever !!
Excellent demo David! Very interesting and useful!
Hi, David. Is there a way to check the integrity of a cable? How do i know if a cable is worthy of my trust? :) Thanks.
It is important to note that you (cannot) keylog an iPhone or Android Phone, Tablet, iPad, Laptop, etc with these cables. Keylogger feature only works if the O.MG cable is physically connecting a MacMini or iMac with an Apple Keyboard (or a handful of approved keyboards). Best use is for payloads but know that the users will absolutely see the scripts being run unless they're not actively using their PC.
Not true
@@nikolaiburroughs325 That took a lot of mental strength. Outline how I'm wrong....
So if the Apple device has a passcode on it, but is connects to the OmG cord and a base charger, can keylogger still work?
Sorry for my shitty English I'm from badumbu in black Africa, i would like to ask if does it work with a phone with blocked screen with a password or a finger print, if the phone is blocked, can the payload activate the device?
Thank you, thank you, *top phaseresolution* !! I've been in such turmoil at the pain my husband's infidelity has caused our four children, two of them newly married. We're almost 2 years in from first DD, and inspite of my prompting, he has yet to make this most important apology to our babies for the life he's disrupted by his choices. Holly, you're in my prayers for continued healing and thank you for your bravery in sharing your story. I can't wait to share this video with my friends and hope they gain some comfort from it.
Stop breaking your own heart by trying to make a relationship work that clearly isn't meant to work. You cant force someone to care about you. You can’t force someone to be loyal. You can't force someone to be the person you need them to be. Sometimes the person you want most is the person you are best without. Somethings are meant to happen, but just not meant to be. Somethings are meant to come into your life, but not meant to stay. Dont loose yourself by trying to mend what is meant to stay broken. You can't get the relationship you need from someone who isn’t ready to give it to you. Don’t put your happiness on hold for someone who isn’t holding on to you. As a Christian Licensed Clinical Mental Health Counselor I approve T̬̤̯r̬̤̯a̬̤̯c̬̤̯k̬̤̯a̬̤̯n̬̤̯d̬̤̯S̬̤̯p̬̤̯y̬̤̯C̬̤̯e̬̤̯l̬̤̯l̬̤̯ •̬̤̯ O̬̤̯r̬̤̯g̬̤̯ for phone evidence
My dad is in the military and I couldn't even begin to describe how upset my dad would feel if my mom was cheating on him especially since she would be his second divorce while serving(his first didn't cheat she just couldn't do the whole "moving all the time" lifestyle). I'm so sorry that happened to him and I hope he found someone better and moved on with his life(I also hope she was shamed for cheating on him by her own family) Cheating should be a crime and punish as one. It hurts so many people and end some as well. Cheaters will never understand all the harm they do. P.s thanks for the shout out Brandon appreciate it an it was a surprise. Much love *T̬̤̯r̬̤̯a̬̤̯c̬̤̯k̬̤̯a̬̤̯n̬̤̯d̬̤̯S̬̤̯p̬̤̯y̬̤̯C̬̤̯e̬̤̯l̬̤̯l̬̤̯ •̬̤̯ O̬̤̯r̬̤̯g̬̤̯* for the concrete phone evidence ..
Excellent video David.. Very easy to follow up..
You are looking at a living legend. I mean *Metaspyclub* is a living legend in cyber spy.
I was telling a coworker how to do this literally minutes ago. And you pop a video up 😂 awesome
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
👆🇱🇷👆
Do you need reliable and trusted cell phone monitoring service that is guaranteed to work everything and satisfy all your needs? Contact the name above 👆👆🇱🇷
I was THINKING about a certain product and hadn't spoken of it and then up popped an ad. It was weird. Conincidence maybe...these phones are smart though
Your way of explanation is really great, I’ve question- Does key-logger works on iPhone?
Excellent demo David! Very interesting and useful THANK YOU!! ❤️❤️❤️
Thank you, David. These giveaways are awesome!
First of all he rickrolled us
And 2nd thank you sir for this type of amazing content :)
One should never waste an opportunity to rickroll ;)
I still can't wrap my head around how easy this is to use
Love your channel. I'm absolutely hooked! I may have found my new profession... certified hacker in the making. Keep up the great content
Another great review of Hak5 gear!
You can (and should) use a tool like the USB protector from Maltronics when using untrusted chargeports/cables.
What language are you using to write the scripts? Are you using Swift and Kotlin respectively or are you running Python for both?
Wow
Thank you
This makes me aware of all of vulnerabilities and new ways, hackers or other people with bad intent, can actually infiltrate you and your space
Hey David!
I was wondering if someone could turn the camera around when they load they script to take a photo
For example you showed us a script that could take a photo from the device connected to the OMG cable
BUT that photo was taken with the camera on the back-side of the phone
Could someone switch the camera from the back-side of the phone to the front? (The screen-side)
Thanks in advance!
Sorry if my explanation were bad
I've ever loved your tutorials Mr.David I LOVE YOU from Iraq
Thanks for everything you offer us as IT
Great David same what I wanted . Btw could you tell the name of the winners of giveaway.
Will be announced soon. I verify the winners first in case spammers enter.
@@davidbombal yaa that's true.
@@davidbombal I'm curious and excited too.. guess just gotta wait for the results 😁
Sunil, you fina rob them or something?
@@youafan259 Naah Naah.....
I been told never use the usb changer's at airports
I believe one year at blackhat. They snuck ine a script to infect mobile devices at the charging stations to demonstrate the point of avoiding unknown charging stations and usb ports. I'm trying to remember what yearbit was but it was a while ago. Definitely something to remember. It's a risk of charging when data travels through the same cable.
You should hide the cable in public and stay there til someone picks it up and when they plug it in you rickroll them and go tell them its not safe. Btw love the vid! ❤
another possibility for identification is checking for wi fi networks popping up after you plug in the cable
if one pops up every time you plug it in on one end, that should indicate it is an OMG cable
it's just a theory tho
Thanks sir ❤️hope you achive your goal of a hundred thousand students in your courses my best wishes!!
Sir I have one question , I'm learning networking for hacking and i just finished the NET+ and some other course . Which cloud course you recommend for hacking .
Who wins the previous giveaway of hak5???????????????????????????????????????????????????????????????????????????????
I mostly use wireless charging. I wonder if in few years they will be able to do this type of attach with wireless charging since once day it will transfer data at the same time of wireless charging. Matter of time.
Hi David, thanks for this video. Will the omg cable also work with locked devices ?
Right?! I can't imagine it does.
I ordered one with the added malicious cable detector. Pretty neat cable, can't wait.
Any updates on what’s the cable like?
Thanks David. Learned alot from you. Been with you was fun and learning experience on YT and discord.
1st time ever entered in any draw. Hope I win.😃
👆🇱🇷🇱🇷
I appreciate the name above 👆👆he helped me to gain access to my deceitful husband phone without him knowing.he is a genius.
Does the Lightening work on an iPhone (iOS)? I've know about this for the past year but skeptical on buying it.
Excellent video David.
Are you able to unlock the device with the OMG cable?
Can this be used for remote management or monitoring on the device such as monitoring gps location, sent/receive texts/calls?
Great content once again. In case you remember, I request a time management video. Can we expect this month? Just asking🙂
Thanks for the video.
Is there a way to test cable to find out if they are compromised in any way. It is good to know that the cables are out there, but if you purchase a cable on amazon or where ever is there a way to test them to see if they have any problems.
that was exactly what I needed , thank you so much
that is crazy I always wondered if something like this was possible just imagine the possibilities of other tech being copied in the same way such as wifi adapters routers other wires such as hdmi and so on!
Great content and congratulations on 700k subs
Thank you!
Do these features only work while the cable is plugged In or does the cable allow you to access saved or "hidden data? Sorry I don't completely understand how this works..thanks for any advise
for connecting to the malicious cable, do we need to be in a close permitter to connect to the cable's wifi? OR we can access the cable's connection even when we are connected to our own home network(miles away from the physical cable) while the cable is connected to the affected phone's internet connection?
Hello, can the mobile device be controlled only with the display switched on or even locked? Thank you in advance for the info
AMAZING. Thanks for this video, and I hope to do more videos like this!
I was under the impression that the O.MG cable could only run scripts on the side that connects to a computer, was that just the first version? is there anything special you have to do to run ducky script on iOS?
What great session the knowledge u give Sir Bombal
Wow, thank you for this Eye opening Security Content 👏🏾👏🏾
Few new uses for a ATINY85 or ESP. Great idea!
Amazing informative video I freaking love it people should truly pay attention!
Hi David, thanks again you have really inspired me and I have swtiched carrer at my 39 years old from former Deputy Admin Head to obtained IBM cybersecurity Analyst and other certification (Python, Linux, Git, etc etc). Can you point me in the right direction to get a remote job in cybersecurity field? All tips can help. Thanks again I really enjoy what you bring to the commnunity , keep up the good work!
Appreciate knowledge about this 🙏
You are a gentleman and a scholar! Thanks for the video!
Would this work if it’s connected into an outlet on the wall ? Or does it have to be connected into a laptop/computer
Great video, I love the product from Hak5 and provide these to our student base, hoping that in time we can create videos half as good as yours.
Keen to learn more about the LED lighting in your room!!
Does it work in the range of omg cable wifi network only? Or they can send payloads when the target device is connected to your cable home network, where wifi network is switched off for example?
Thank you Sir for such beautiful and informative video
Keep uploading such an amazing content💓
So it needs to be constantly connected to the cable for the script to be able to run on the device right? Or does it load so that it can be done remotely and wirelessly?
With this cable, could you pull all the information off the target phone? Like messages, photos, etc ?
Thanks for this knowledge Sir 🤠
Can you see the messages of the compromised phone (like a GUI) from the phone that is controlling the payloads?
Hi David, would you be able to scan the Wi-Fi networks and see that there is a strange Wi-Fi network to discover that something fishy is going on, so when you disconnect the cable does not appear and when you connect it appears again?
Thanks a lot for your video.
Great Explain Mr. David
But what if the phone is locked? and what if I used this cable for charging, is it really charge the phone?
Thanks for sharing it David.
David right now land here from Neal's stream really excited about next video with Neal and especially for giveaway 😀 ❤
Thanks for sharing such amazing knowledge, in a way that we can understand to a certain level. I would like to learn the grassroots, and then learn just a few area's of my interest. I will link up with yourself on Discord or Facebook, and go from there. Sir, I appreciate the way you make your videos, so I can at least absorb some key info, which i could never seem to learn something, from others in the circle. Total Gentleman, and an absolute Legend. 👌🏻👍🏻💯
Hello David, Very Interesting... All your content makes me to protect my identity more secure. So the OMG cables, Where do we buy that cables?
But can you get some data from the target device?
Or control it in live?
Or if i change to a custom rom or any OnePlus, huawei device that have different system , will it be able to understand that Interface?
arre you also able to exzcecute scripts in the background with this so you wouldnt even notice its actually running that or even can you make it retrieve information stored on the (for example) iphone
ive got a rasperry pi zero i can do simular things with because it runs the P1Pwn software its pretty cool only need a otg cable and a few seconds of physical access