Chromebook Setup 4 OMG Platform
My new Asus CX9 showed up today. I used it as an opportunity to use a clean setup of the Chromebook and performed the following setup instructions to configure it as a control device to program so it could be used for offensive ops with and OMG cable. Feel free to skip the rant I am about to post and go to step 1. Otherwise, I have heard & read several opinions on using Chromebooks for offensive operations and most opinions say don’t use them because they are tied to Gmail accounts during the setup. I say (and can always be wrong) fuck that, if you use good opsec (sock account + burner phone + VPN + TOR, etc...) you can be way more efficient and leave less of a trail using a Chromebook. I won’t argue the point here, but will say that I turned on the Chromebook in less than a second, configured it in minutes, loaded my apps, browser extensions, Linux containers and files shares with effortless TTPs using scripts and know-how. If you combine that with a hosted attack infrastructure, it’s way better than a VM or VDI approach…again, I could be wrong but, really it comes down to good opsec and preference. Here’s how I do it:
First, get the Chromebook set up…I'll assume you know how to do that, it’s super easy and once completed, you can proceed.
Enable Linux for Chrome
Click the clock in the bottom right
Click the settings cog (top right of the menu)
Select Advanced<Developers (left menu option)
Under Developers ‘Turn on” the Linux Development environment
Select ‘Next’ on the prompt
Set your Username, anything you want and set the Recommended disk size, you can choose to accept the default if all you’re doing is using it for OMG stuff, but I use it for more, have tons of space on my Chromebook and set it to 50GB
Select install and let it load…
Once it’s done a Linux container (shel)l will open:
Pin the terminal app to the shelf by alt clicking on the terminal app icon and selecting Pin
The terminal app icon will now stick and be available to open the Linux container environment
Technically, a reboot isn’t required but, I always do just to make sure the environment is set…
After a reboot, open the terminal app and Update & Upgrade your shit using
sudo apt update
ENTER
sudo apt upgrade
ENTER
Let it run, type y ENTER (yes) if prompted to accept
Everyone on the planet should use gimp and at this point, you need to ensure stuff works so install gimp:
sudo apt install gimp
ENTER
select y (yes) if prompted…
At this point you should have the gimp and terminal app icons when you open Launcher on the Chromebook
Let me explain a bit here, there’s many directions you can go from here if you want to play with a bunch of Linux apps, tools, kits and fun stuff here…if you're curious, Google it!! and just know that everything runs in it’s own separate container on the Chromebook when you apt/apt-install it and it gives you a lot of flexibility while, limiting the risk of compromising or corrupting the host…super easy and super extensible…this is what I love about Chromebooks…as a bonus, powerwash the device in seconds, allows you to reset back to ground 0.
But, this is intended to setup the Linux container for working with the OMG platform, so no rabbit trail and back to it then!!
Make sure the terminal app is open and enter:
sudo apt install python3-pip
ENTER
Type y (yes) ENTER if prompted...
sudo apt-get update
ENTER
pip3 install pyserial
ENTER
Set up a file share for Linux!!
Super important step!!! You have to set up a file share for Linux so you can grab what you need in the container environment. This assumes you have a google drive share to do this with, whatever, just use the files app to set up the share.
Click the Launcher and select the files app to open it
For this I am using Google Drive>my drive>OMGKC as the file share
CTRL click on the folder you want to share to the Linux environment, in this example, I am using OMGKC on my Google Drive…why is this important? Welp, I use my Google Drive to download stuff to so I can access it directly from the terminal app…THIS IS A MUST to continue and if you don’t know how to share and map file shares on your Chromebook with the terminal app, Google it!!
Right click on the directory and select Share with Linux:
If you do it right, when you right click on the folder again you will see Manage Linux sharing instead of Share with Linux
Open the terminal app and type the following to confirm your share is there:
cd /mnt/chromeos/GoogleDrive/MyDrive
ENTER
ls
You should see OMGKC or whatever share you created here
IT’S IMPORTANT TO DOWNLOAD YOUR OMG FIRMWARE INTO THIS FOLDER!!
So if you get to this point, you should have a container environment setup and ready to work with the OMG platform.
To be safe and make sure things are up to date, in the terminal app, run:
sudo apt-get update && sudo apt-get dist-upgrade
ENTER
Head on over to the OMG Github (https://github.com/O-MG/O.MG_Cable-Firmware/wiki) and download/extract the latest firmware to the Linux file share on your Chromebook or Google Drive…at the time I am writing this, it’s O.MG_Cable-Firmware-2.0-20211126
You should have a folder under OMGKC that you extracted the latest firmware, in this example, I extracted to the following folder, mr_bungholio@penguin:/mnt/chromeos/GoogleDrive/MyDrive/OMGKC/OMG20211126$
YAY!! Now it’s time to plug in the programmer to the Chromebook! I have a standard USB-A to USB-C cable. Plug the USB-A into the Chromebook and the USB-C into the programmer…
IMPORTANT!! You have to have the terminal app open and the Chromebook will prompt you to connect to Linux…click CONNECT TO LINUX or else it won’t work…This makes the programmer available in the Linux container
Plug in the OMG cable into the programmer and head over to the terminal app
From the folder where you extracted the OMG firmware, in this example I am still in, mr_bungholio@penguin:/mnt/chromeos/GoogleDrive/MyDrive/OMGKC/OMG20211126$, run:
python3 flash.py
ENTER
I am going to program a C to C OMG cable as an AP in the following example:
1
ENTER
1
ENTER
2
ENTER
AP name: SUXCHEESE
ENTER
AP password: MACHEESEMO
ENTER
The programming operation runs and completes...
All set, disconnect the programmer and OMG cable. Deploy the OMG cable implant to your best friends device, connect to the AP from the Chromebook and Duckyscript until your hearts content…don’t be a dick and don’t end up in jail!
NOTE: I did all this direct on the Chromebook and it works!