It's just crazy scary what these cables can do. They look like normal USB cables, but are not! In this video we login to Apple MacOS and Linux computers :) ====== Scripts: ====== Apple macOS Rickroll: davidbombal.wiki/applerickroll Linux Rickroll: davidbombal.wiki/linuxrickroll ======================= Buy Hak5 coolness here: ======================= Buy Hak5: davidbombal.wiki/gethak5 ================================ Hacking Android and iOS devices: ================================ OMG with Android and Apple iPad: kzbin.info/www/bejne/bYrTe4SKapqSj5o ============= Setup Videos: ============= OMG Cable setup: kzbin.info/www/bejne/jGbQc31-pNmNrJJ8ak5 Rubber Ducky setup: kzbin.info/www/bejne/d2Otf3WmitSnkK8 ================ Connect with me: ================ Discord: discord.com/invite/usKSyzbTwitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombalKZbin: kzbin.info Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

It's scary how clueless I am about things like this. Thanks Mr Bombal for educating people about the danger of technology. This can help keep me and my family safe from dangers like this. 🙏😁

Yes please!! A video on how to get a reverse shell would be awesome! Also, this is extremely scary. Never leave your laptop/phone unattended in a public place. Amazing content as always!!

This is the most frustrating thing to happen, getting hack and Rick rolled at the same time. Thanks David for this kind of video, so people realize the danger of a random USB cable that they pick up somewhere.

This is the only technology based channel that I watch. How the hell do you stay on top of all this hacking stuff? Lol, I love it! Kali is really the best OS for hacking, cracking, sniffing!

Word of advice: do not "shove" an "innocent" pen drive or an "innocent" cable that you just found into any of your devices. Be also aware that an "innocent" charging point may be not as innocent as it seems...

3:30 This is not a problem with any OS, and using it against a Linux or Mac computer says nothing whatsoever about the OS capabilities. The cable is a hardware device that requires physical access to install. If a bad actor has physical access to your computer to install that cable, there are any number of ways to get past all operating systems. Physical access generally means game over.

0:01 I am pretty sure we all just got trolled by David! It is not about the cable, but the MONITOR!!!! Looks at that MONSTER!

This is because you plugged the OMG cable, Hacking or Keylogging for many is only a danger when it is done remotely, by having access phisically and putting a device which records and replay would be last thing for me . . . because nobody has so much access to my device. Sure great work and information. Cheers!

Well, a hacker would have to have physical access to the device, or get you to use their cable: Being a Linux user, I never heard anyone saying that Linux can prevent all attacks from anyone with physical access to the device, but I have seen plenty of times people reporting on vulnerabilities in Linux as a "Big Problem" and leaving out the part that it can only happen with physical access! Linux can also be penetrated otherwise, but for the most part only if the user does not use good security practices. With Windows even that's not enough: It's not like you can keep Microsoft out!

For some reason, the explaining the same technique, finishing with the tagline "as you can see, I've been able to Rickroll you" reminded me of Patrick Stewart on Extras, explaining various plots to Ricky Gervais' character, ending with the tagline: "then all of their clothes fall off" followed by "but it's too late... ...I've seen everything"

the miniaturization to be able to put it in a cable is incredible

Rewatching this video 1 year later I think if you buy a mechanical keyboard it could have a keylogger hardware software inside. Maybe its too much crazy ....but are weird times 😮

You are the best David

Amazing, now I know why u need to be careful while downloading any file or copying from usb

Being an IT admin, I'm going to buy 20 of these and replace all the employees USB cables at their desks just to Rick roll everybody at once.

Best advice from David Bombal "Learn how to hack but do not go to jail".

If you have access to the machine, many Ubuntu etc. can be accessed as root through the repair console. I won't describe it here, but easy enough to find out. Ubuntu is as secure as you want to make it, which may mean disabling this under grub.

Yes David bombol again with the beast videos

Amazing vid! I would love a msfconsole and msfvenom tutorial coming from you.

Ah Jokes on the O.MG i never connect my phone via cable to my PC work or the leisure one :D this looks like a fun gadget though.

Holy begeebus! How can this be allowed? Huge props for telling us about it

Excellent video!!! I'll see the reverse shell video too..

So, we have to have to have the user connected by the OMG cable and we can capture the keystrokes wirelessly via the app on our phone. What if the user has a wireless keyboard? Wouldn't it be a little ominous if suddenly a cable was running from it?

Realy scary how people belive in the "safe" technology! Great video as always.

This is why some secure orgs I've worked at superglue the cables in. Cost is higher if there's a fault, but sometimes it's worth it

Since this is layer 1 attack I cant find reason why it should NOT work on any OS and even device. This cable is dope tho , since it does not require major interruption of the victim .

The fact that the communication between keyboard and computer is not encrypted is hardly surprising. How would you perform this attack if it was encrypted?

this video in itself deserves a subscription

Sir can u tell me that how to enter into a server and inject a bug and hack the servers cloud and get data base please tell me 😭😭😭

We can have meetings online.

Hi David, amazing video… 2 question: how to identify an omg cable from regular ones (what if friends provide you a cable) and how to identify something is fishy on my laptop? Thanks

Would love to see the reverse shell

just 4 seconds in to the vid.... "does this look normal to you?" um, yeah this guy, has a curved TV as a monitor... meanwhile, i move around with a 15inch laptop. i think 22' is the one one my desk..... ahaha. otherwise, by content, this is excellent!

what will they think of next no one is safe /be on your toes protect you life

How come other creators say it won’t work on a locked device, but you clearly show here that it can

This was an awesome video but now I am afraid 😅 if this can happen to me....... Sir can you please make a video on how to be safe from it.

Omg I want that cable. If I'm not in student dept I'll buy it for sure

"I've been able, to Rick Roll you by this laptop" I feel Rick Rolled xD

When you had it plugged in to the laptop, would it still log the keys of the laptop's keyboard if there was no keyboard attached to the other end of the cable? Also, would love to see a reverse shell video

Tried to use keylogger does not work. How do you get it to work

But still: how do you get the OMG there from a mile away..

If you've physical access to a machine, all bets are off. And that cable can't capture the password if it is typed on the keyboard of the laptop, surely? So, it's a HID device and a WiFi point. Very clever, but....

Nice! Where can buy this cable?

Hi David when you say that these omgcables have a range of 1 mile. Do you mean 1 metric mile or 1 imperial/standard mile (US, UK)?

Thanks for this sir

It cracks me up how he pronounces again as "a gain".

that’s crazy to work that far away

What if I plugged my phone into a wall charger?

David to Everyone who wants to learn Networking: Never gonna give you up!! Never gonna let you down!!!

It's a neat cable, but let's get one thing straight: You are not 'attacking' MacOS, nor are you attacking Linux, you are attacking the hardware. Obviously, an operating system can never be more secure than the hardware it runs on.

Now I have to pay really serious attention bcz on of my friend buy some stuffs from hak5 and this cable too while watching your video Help me GOD!! 😅

Does it capture password if it's an auto fill from password manager?

Oh you made me remember an incident! My friend in some governmental sector told me that they brought several new computers..they run some tests and they discovered that some PC cables have antennas in them to send data to the building cross the street. I think this is the same concept

Only attack my own devices for learning purposes ♥️ going to try get one for my Birthday 🎉

Everyone is first until they refresh the comments 😂😂

A very good reason for a CEO to have his own bug sniffer crew that checks new hardware and old ones often.

How interesting 🤔 I wrote a simple Java keylogger a while back that gets deployed within an image and runs on opening. It then runs as a background process and logs chunks of approximately 1000 keystrokes which then get sent to a MySQL database

Shud be a way to detect which cable is an OMG cable or a regular one. Just in case you put 2 cables together.

The cable is what it is .. a keyboard with a low powered wifi *see below why you shouldnt be worried* 1-That keyboard can only get access once it captured your password. Most keyboards are either hardwired or wireless...so this is already limiting its use. I doubt this USB works like a good old software keylogger therefore its useless if not connected inbetween the keyboard. 2-Which OS is running is irrelevant.. except for the attacker who has to program the scripts specifically to execute commands for that OS. Therefore the title is misleading it is not related to macOS, Linux etc now suddenly having a new vulnerability. But the specific keyboard driver could possibly be disabled if uncommon. 3- Any sensible person in 2021 is using a passwd mgr such as Bitwarden, 1Pass, KeePass etc etc. By letting the software input the passwords for you, this bypasses this device. Sure, it grabs your passmgr password but with 2F authentication it prevents a login from a new location/device. For those doing sensitive stuff inside a VM.. the VM itself would not be compromised but key inputs to the VM will be logged, but you'll use your passmgr inside the VM.. so thats covered. 4-The wifi provided is low power, therefore its range is expected to be rubbish. The first concrete wall, electrical equipment etc it encounters will severely cut its range, the attacker will have to remain very close by or come back at a later stage. 5-Use cases, good option in open plan office space, meeting rooms etc.. quick replacement when a client is out the door and the room isnt locked. It would be awesome if it had 4G connectivity with dyndns, making it instantly remote accessible for the attacker. But nobody is gonna randomly leave these cables lying around, and especially now with covid, people have become alienated using stuff thats not theirs. Just my 2c... that I'm not worried about this device at all. It has use cases but its gimmicky at best. Oh, and David. Good video, thanks for this one and the other explaining how it works :)

This really has nothing to do with security of the OS. Remove physical access and we see then. Edit, the logger/typer being embedded into the cable is interesting though.

Don't get it, you expect me to use my PC while someone's USB cable is connected? And you talk about security?

David, do a tour video on your home office setup. Thanks your for your endless effort.

Great content as always David! Would love to see the reverse shell demo with the OMG cable!

Thanks for your Content. It really helps us

Holy scary that can be used for very bad things if it falls in the wrong Hands.

You changed my life sir

David bomba🥰🥰🥰

I wish Facebook will down forever 😂😚😚

Sir on of the frist ones and want to be like Kevin mitnik in future,my role model is Kevin mitnik and you r my inspiration ❤️

Mr.David you are very scary and dangerous man.

A little suspicious if you would connect a cable to someone's computer without the owner of the device not suspecting anything.

This is why u use 2 fator authentication.

It is scary to see how easy it has become to inconspicuously intercept a keyboard - PC link. However, I think this video is misleading with the conclusion that a particular OS is insecure. What's the surprise that one can login in any computer, if one gets hold of the login credentials and has physical access to it? That doesn't imply that the system is insecure. That is the same to say, I watched someone else logging in and now I can also do it, therefore the system is insecure. I suppose that this specific eavesdropping attack could be mitigated with an encrypted keyboard link, but that would require specialized hardware, rather than a safer OS.

Reverse shells are just as possible on Mac OS, you just have to escape the colons in the script

First to watch your video

up to a mile away? really

-Great content Professor David Bombal...!!! -So, these keylogger and reverse shell tools are getting easier to use every day. -About 10 years ago I programmed in devices such as cellular microcontrollers and nini laptops exactly this type of system (keyloggers and reverse shell) for my government operators, nowadays they sell these same tools on the internet that 15 year old boys can buy with his father's credit card on the Internet to take credentials of his colleagues of High school. -Times are really changing...!!! -Thanks for the knowledge Professor David...!!!

Hey David loved the video! Can you please make a video on how to counter & protect outself from this type of stuff?

Can you open this cable in a other Video? I ask me can i destroy this with a Magnet or something else and the cable is normal still working?

Yaaaa

👍👍👍❣️👍🙏🙏

a friend of mine use to build fake usb key like that few years ago but having it so small that it fits into clables is frightening ! I would love to see the circuitboard of this ! (Edit: I found pictures of the inside !) Thanks a lot :)

Thanks this video is very nice

You made the mistake because you allowed this cable to be connected to your computer. That's what I learned from this video thanks so much David.

This woudn't work with Abylon Logon on windows because it uses hardware key (Chip card, RFID token, USB stick or CD DVD)..also uses 2FA.

How you doing Mr.bombal, am from Uganda(Africa) am interested in the separate video on how to create a strong reverse shell to a computer even when its shutdown I can still have access. Thanks

Nice so I can't forget my passcode and what I type yesterday

I would like to see Apple investigate this, because they are pretty good when it comes to fake charger connection, but I believe you would be fully compromised by the time Apple can prevent the attack

how does it communicate with phone over WiFi/Bt/CellData?

This was fascinating, thanks, David. I'm in love with that curved long screen. Where can I buy one? 😊💻

Show me the reverse shell David :D. One problem though I don't have the financial state to buy this. But I would love to see it

Hey, I would like to see if you could do the same key logging and applying payloads on an Mac book, if a usb c to usb c OMG cable is used to charge it. Because I think this might be a really good way to get trapped, especially if your laptop is out of battery like it often happens to students in a library or on campus in general. And if the OMG cable is also capable of key logging your iPhone if you use Face ID to open it up, because you aren’t really typing. Really enjoying your content and definitely never borrowing a cable again!!

Please do a video on reverse shell attack. That's so awesome!!

Mhh... you are constructing the narrative that you could log the keys for this linux notebook and then replay them with the cable. Well, you can´t. this is a notebook. Or can you log keys on a notebook with this?

Think of it what happens if the office cleaning company, walks into the office of an important person, swaps their phone charging cable? Everyone has one on their desk right? Companies need to start implement random checks I suppose?

And so some people cry that Apple does not allow other cables, others displays - as you can see there is something wrong, and as you can see, there is no solution. In fact, the cable emulates the keyboard back and forth + some WiFi - LTE would be better

Good thing that I only have Lightning -> USB-C cables at my home or USB-C -> USB-C cable

how does this work though.. surely the cable must start up some kind of script/program on the pc so should it show up in taskmanager or htop or something? how can you see wether a cable is a undercover keylogger?

Even a simple cable can create disaster for you 😨😨 mindblowing demo