Open gyaresu opened 8 years ago
marcnewlin
commented
8 years ago @gyaresu thanks for documenting this.
I see that the failed make install attempts were run without sudo, and one possibility is that the script was silently failing with a permission issue.
https://github.com/RFStorm/mousejack/blob/master/prog/usb-flasher/usb-flash.py#L85
gyaresu
commented
8 years ago hah. of course. I may have way overthought the issue ><
Thanks @marcnewlin
cucrisis
commented
8 years ago Hi, the flashing process completed successfully but after plugin in the CrazyPA i could not see it. The dongle is showing a continues red light ?! any idea what this might be ?
notsoevilweasel
commented
8 years ago Wierd, getting the same fail during a make install i.e "no compatible device"...same fail when using sudo make install
./prog/usb-flasher/usb-flash.py bin/dongle.bin [2016-04-22 22:00:36.620] Looking for a compatible device that can jump to the Nordic bootloader [2016-04-22 22:00:36.706] Device found, jumping to the Nordic bootloader [2016-04-22 22:00:36.752] Looking for a device running the Nordic bootloader [2016-04-22 22:00:37.969] No compatbile device found Traceback (most recent call last): File "./prog/usb-flasher/usb-flash.py", line 92, in <module> raise Exception('No compatible device found.') Exception: No compatible device found. make: *** [install] Error 1
Even after successfully flashing the latest firmware
boaty-MBP:crazyradio-firmware boaty$ python usbtools/nrfbootload.py flash cradio-pa-0.53.bin ('Found nRF24LU1 bootloader version', '18.0') Flashing: Flashing 5810 bytes... Flashing done! Verifying: Reading cradio-pa-0.53.bin... Reading 5810 bytes from the flash... Verification succeded!
marcnewlin
commented
8 years ago After the Device found, jumping to the Nordic bootloader step, the flashing script sends a USB command to the dongle instructing it to run the Nordic bootloader, which exposes the firmware flashing functionality. It would appear that this doesn't complete for some reason, so the flashing script fails.
Can you try running ./prog/usb-flasher/usb-flash.py bin/dongle.bin again, and see what the USB IDs are for the dongle after it fails? That will tell us if it succeeded in entering the Nordic bootloader or not.
Debugging this problem aside, it sounds like the CrazyRadio flashing utility will work in your case to flash the RFStorm firmware onto the dongle. Have you tried this?
notsoevilweasel
commented
8 years ago Cheers for the reply! (unexpected) Ran the script directly and it seemed to do the job. Unsure if I'm going insane at this point, sudo make install failed directly before the below attempt succeeded
boaty-MBP:mousejack boaty$ ./prog/usb-flasher/usb-flash.py bin/dongle.bin [2016-04-23 08:20:54.394] Looking for a compatible device that can jump to the Nordic bootloader [2016-04-23 08:20:54.500] Device found, jumping to the Nordic bootloader [2016-04-23 08:20:54.703] Looking for a device running the Nordic bootloader [2016-04-23 08:20:56.428] Writing image to flash [2016-04-23 08:20:56.915] Verifying write [2016-04-23 08:20:56.955] Firmware programming completed successfully [2016-04-23 08:20:56.955] Please unplug your dongle or breakout board and plug it back in.
marcnewlin
commented
8 years ago It could be a timeout problem. The usb-flash.py script will report No compatible device found after 1000ms if it doesn't see the Nordic bootloader show up.
It would be interesting to see if it works reliably for you if you increase the timeout value here:
https://github.com/RFStorm/mousejack/blob/master/prog/usb-flasher/usb-flash.py#L79
Are you working in a VM by chance?
notsoevilweasel
commented
8 years ago Changed it up to 10 and ran through from scratch. No issues. Seemed to do the trick. Experienced it on both Host and Guest.
sw1337
commented
8 years ago It seems i'm having an issue: The red LED of my Crazyradio PA is constantly on. Is that normal?
Flashing outputted the following:
[2016-09-15 13:17:49.080] Looking for a compatible device that can jump to the Nordic bootloader [2016-09-15 13:17:49.188] Device found, jumping to the Nordic bootloader [2016-09-15 13:17:49.609] Looking for a device running the Nordic bootloader [2016-09-15 13:17:49.619] Writing image to flash [2016-09-15 13:17:50.253] Verifying write [2016-09-15 13:17:50.333] Firmware programming completed successfully [2016-09-15 13:17:50.333] Please unplug your dongle or breakout board and plug it back in.
Any ideas?
yweiss0
commented
8 years ago Hi, just got my Crazyradio PA but i cant get it to work.. Same error as above, I tried with two different Crazyradio PA but not working, also flashed the 0.53 firmware but not working. Please help me
yweiss0
commented
8 years ago Try to reflash the 0.53 crazyradio PA firmware and now i get message "Error, cant find the Crazyradio USB Dongle. Can you please help me? Same error fro both NEW crazyradio PA
evilsocket
commented
5 years ago similar issue on this repo https://github.com/bettercap/bettercap/issues/497
juliocesarfort
commented
5 years ago Hi,
I am having the same issues described by @sw1337 and @yweiss0.
I bought a brand new Crazyradio PA from Bitcraze directly and when it arrived it blinked red and green LEDs. Shortly after that, I followed all instructions to flash the firmware with the latest nrf-research-firmware.
Flashing seemed to be successful, no error messages:
Chipset info written in the dongle: nrf24lu1p 1829DN
Sample from lsusb (now after flashed firmware):
Sample from dmesg (now after flashed firmware):
Despite the successful flashing, my dongle now displays a solid red LED and I am unable to reflash via USB the original Crazyradio firmware.
Reflashing one more time with prog/usb-flasher/usb-flash.py works and I get the same successful message as above, as it seems to look for RFStorm firmwares with product ID 0x0102 like the one I have now:
Is the red LED supposed to be on all the time?
HachimanSec
commented
5 years ago Hey everyone, I truly hope there is still someone on this thread. It seems like certain people have similar issues.
I was able to patch the Bitcraze PA dongle, at least according to the command line output. It is even recognised as (taken from my Mac OS host):
+-o Research Firmware@14100000 <class AppleUSBDevice, id 0x10000169e, registered, matched, active, busy 0 (2 ms), retain 9>
{
"sessionID" = 9746251445209
"iManufacturer" = 1
"bNumConfigurations" = 1
"idProduct" = 258
"bcdDevice" = 1
"Bus Power Available" = 250
"USB Address" = 7
"bMaxPacketSize0" = 64
"iProduct" = 2
"iSerialNumber" = 0
"bDeviceClass" = 255
"Built-In" = No
"locationID" = 336592896
"bDeviceSubClass" = 255
"bcdUSB" = 512
"USB Product Name" = "Research Firmware"
"PortNum" = 1
"non-removable" = "no"
"IOCFPlugInTypes" = {"9dc7b780-9ec0-11d4-a54f-000a27052861"="IOUSBFamily.kext/Contents/PlugIns/IOUSBLib.bundle"}
"bDeviceProtocol" = 255
"IOUserClientClass" = "IOUSBDeviceUserClientV2"
"IOPowerManagement" = {"DevicePowerState"=0,"CurrentPowerState"=3,"CapabilityFlags"=65536,"MaxPowerState"=4,"DriverPowerState"=3}
"Device Speed" = 1
"USB Vendor Name" = "RFStorm"
"idVendor" = 6421
"IOGeneralInterest" = "IOCommand is not serializable"
"IOClassNameOverride" = "IOUSBDevice"
}I can start various tools, including Jackit, nrf24-playset from SSyS Consulting, but I don't receive any data at all. The presenter is a Logitech R400 R0008, known to be vulnerable.
The Bitcraze is displaying a solid red LED.
Anyone any idea? Is it bricked/dead?
HachimanSec
commented
5 years ago @juliocesarfort have you been able to succeed here?
I have a similar issue, after apparently successful flashing, the LED is constantly red and I am not able to scan any traffic etc.
Hi guys,
not sure if this thread is still active, however I have the same issue.
I was able to flash the FW successfully, according to term output.
I also tried to flash again via the Bitcraze firmware nrfbootload script "sudo python2 ../../crazyradio-firmware/usbtools/nrfbootload.py flash bin/dongle.bin"
I receive an error like
"Error: cannot found the nRF24LU1 bootloader!"
So is there probably an issue and I need a SPI board to flash the bootloader (like a Teensy 2.0 I guess?)
Anyone any ideas?
protopyte
commented
3 years ago Just some more troubleshooting information. lsusb will give you the following identifiers depending on the state the Crazyradio PA dongle is in:
1915:7777: regular Crazyradio firmware1915:0101: bootloader mode1915:0102: mousejackedFor SPI related stuff, I went the RPi way, see the Bitcraze github and a picture of the setup from the author of the script is here. See as well the support provided here. In case it is not clear enough, the dongle is powered over the USB connection.
After flashing, not much happens. I unplugged/replugged, had a solid red LED, checked lsusb. The main difference between "bricked" and properly flashed was USB enumeration (it would stall when bricked, or the dongle would not show up in the lsusb output, and I had some device descriptor read/64, error -110 in syslog).
For permission issues, you are likely already a member of the plugdev group, it is a matter of adding some rules upon plugging the dongle.
I probably bricked mine while fixing some scripts for python3 support, you might want to python -V first.
Just documenting the process getting started with the Crazyradio PA and MouseJack.
If you're using http://macports.org then you'll want to edit the Makefile on line 7 to
gobjcopybecause FSF software names a lot of their tools with a leadingg.You may also need to run
make bin/first before just runningmake. Or at least I needed to on OS X & Ubuntu.Builds fine though.
Then
make install.... hmmm....OS X
Debian:
It's there though right?
$ lsusb:Bus 001 Device 007: ID 1915:7777 Nordic Semiconductor ASASo maybe the PA doesn't come with firmware installed?
https://github.com/bitcraze/crazyradio-firmware/releases
Ah...
So download the correct firmware:
https://github.com/bitcraze/crazyradio-firmware/releases/(lastest is currently:cradio-pa-0.53.bin)Then follow the instructions to USB firmware upgrade: https://wiki.bitcraze.io/projects:crazyradio:programming
And you should be on a winner.