Just seen this over on twitter ... was quite shocked.
https://twitter.com/_MG_/status/949684949614907395
USB-C Cable even without charger, that has other rogue wiring and chipset to load mini terminal code. Not sure the full extent but it is interesting.
GitHub.
https://t.co/vJcoG2NeD4
Sorry about the lengthy tweet thread.
https://twitter.com/_MG_/status/949684949614907395
USB-C Cable even without charger, that has other rogue wiring and chipset to load mini terminal code. Not sure the full extent but it is interesting.
GitHub.
https://t.co/vJcoG2NeD4
Sorry about the lengthy tweet thread.
BadUSB Cable #2. HID attack through an Apple MacBook USB-C charger. Great for shared workspaces! Build info coming this month. Still working out some things. These cables work on just about any device with a USB port (Mac/Win/Linux, phones too)
0:55
188K views
12:51 PM - 6 Jan 2018
100 replies3,525 retweets4,721 likes
Tweet text
MG @_MG_ Jan 6
Art/FX credits for those asking: FX: http://github.com/bartobri/no-more-secrets … (I absolutely love Sneakers). ASCII: http://asciiworld.com/-Death-Co-.html Music: from the now defunct NIN remix site (CC license). The Great Destroyer (dark star mix).
1 reply35 retweets194 likes
New conversation
Frédéric Kaƴser @frksr Jan 10
Replying to @_MG_
Do you plan to make the same kind of video targeting a Windows PC?
1 reply0 retweets0 likes
MG @_MG_ Jan 10
Don't have a windows machine handy. Else I would. These cables are agnostic. You just change the specific key sequence.
2 replies0 retweets0 likes
MG @_MG_ Jan 10
Kind of wish I did though. Too many people think this is Apple specific despite me saying it's not.
0 replies0 retweets0 likes
End of conversation
New conversation
Jordan Holberg @eviljordan Jan 6
Replying to @_MG_
Yeah, we need a separate post about the art you’ve been using!
1 reply0 retweets16 likes
MG @_MG_ Jan 6
The music, terminal effects, ascii, or? Was going to cite all in writeup, but good to know what is of interest.
1 reply0 retweets15 likes
Jordan Holberg @eviljordan Jan 6
Terminal effects and ascii for me, but it’s all great!
1 reply0 retweets8 likes
MG @_MG_ Jan 6
MG Retweeted MG
Here you go.
MG added,
MG @_MG_
Art/FX credits for those asking: FX: http://github.com/bartobri/no-more-secrets … (I absolutely love Sneakers).…
Show this thread
0 replies1 retweet9 likes
End of conversation
New conversation
Privacy Punk @PrivacyPunks Jan 6
Replying to @_MG_ @josephfcox
ist it easier to use preloaded powerbank.
1 reply0 retweets0 likes
MG @_MG_ Jan 6
I actually started to do exactly that. It's possible but a pain to do. Plus you are then locked to the power brick. This cable method translates to most of the USB-C peripherals & dongles.
0 replies0 retweets7 likes
End of conversation
New conversation
Jerry Träskelin @Jers1_ Jan 6
Replying to @_MG_
wasn't that a Magsafe charger you left in the conference room though?
1 reply0 retweets1 like
MG @_MG_ Jan 6
Nah. May look like it due to the cable being a bit worn. You can see the USB-C end at 0:59-1:01.
0 replies0 retweets1 like
End of conversation
New conversation
Cesar Del Solar @14domino Jan 7
Replying to @_MG_
A faster attack would be to literally get on the unlocked computer and do whatever you want
1 reply0 retweets4 likes
MG @_MG_ Jan 7
Faster than what? This was an intentionally visual demo. You can't type as fast as this thing types. That's one of the big values in BadUSB attacks.
1 reply0 retweets10 likes
Christoph Rödiger @Christoph_Ro Jan 7
Ok. SO didn’t get it.
0 replies0 retweets0 likes
End of conversation
New conversation
Joseph Cox @josephfcox Jan 6
Replying to @_MG_
Loving this hardware/cable work you've been doing, man.
1 reply0 retweets25 likes
MG @_MG_ Jan 6
Appreciate it! This was only supposed to be a one-off but I keep seeing new opportunities.
1 reply0 retweets19 likes
UKcryptocurrency @uk_c_c Jan 6
Have you looked into hacking @TREZOR or @LedgerHQ products? Would be interested to see.
0 replies0 retweets1 like
End of conversation
New conversation
D̒͂̕ᵈăᵃn̕ᶰ Ť̾̾̓͐͒͠ᵗe͗̑́̋̂́͡ᵉn̅ᶰtᵗl̀̓͘ᶫe̓̒̂̚ᵉrʳVerified account @Viss Jan 6
Replying to @_MG_
wuhhhhh wait how.
1 reply1 retweet6 likes
David Bern @_drobban Jan 6
I'm guessing https://www.obdev.at/products/vusb/index.html … and a very tiny chip?
1 reply1 retweet12 likes
Christian Mock @ChristianMock Jan 6
I tried that with the ATTINY85,but USB didn't work reliably across the PCs in the office. Wanted to use it for pen testing...
1 reply0 retweets0 likes
MG @_MG_ Jan 6
What was the circuit? Was it detection or timing issues? USB is a mess of specs. Not universal at all. Throw off a resistor or some voltage and some machines freak. Hak5's ducky uses a similar but beefier Atmel chip.
1 reply0 retweets6 likes
Christian Mock @ChristianMock Jan 6
detection; failed to enumerate on some machines, mostly on USB3 ports. hardware: https://www.fasttech.com/products/5054500 … . I think ducky uses a chip with "real" USB support. (I built a gadget which runs VUSB on mega8, has been running 24/7 for 10 years).
0 replies0 retweets4 likes
End of conversation
Liked
Liked
Liked
MG @_MG_
Frédéric Kaƴser @frksr
Jordan Holberg @eviljordan
Privacy Punk @PrivacyPunks
Jerry Träskelin @Jers1_
Cesar Del Solar @14domino
Christoph Rödiger @Christoph_Ro
Joseph Cox @josephfcox
UKcryptocurrency @uk_c_c
D̒͂̕ᵈăᵃn̕ᶰ Ť̾̾̓͐͒͠ᵗe͗̑́̋̂́͡ᵉn̅ᶰtᵗl̀̓͘ᶫe̓̒̂̚ᵉrʳVerified account @Viss
David Bern @_drobban
Christian Mock @ChristianMock
