rand0m1ze
commented
8 years ago Ok i am a fool... I thought the sniffer automatically decrypted the xor'd dumps. What are people using to decrypt Logitech encryption?
Closed rand0m1ze closed 8 years ago
rand0m1ze
commented
8 years ago Ok i am a fool... I thought the sniffer automatically decrypted the xor'd dumps. What are people using to decrypt Logitech encryption?
Maybe it is just me but I cannot find any valid "keystrokes" in the decoded packets against Logitech keyboard. maybe it's patched? I think it would be cool to add .pcap output or something. I am a noob in this area, every-time I hit the same key I get different values. Could someone explain this output to me? I have done hours of research and cannot find any valid HID events.
This is the result of the "b" key being hit twice on the target device. [2016-02-26 20:38:42.023] 5 22 4A:45:95:F7:07 00:D3:CB:DA:EF:30:11:FD:0D:7C:7A:40:23:42:00:00:00:00:00:00:00:B3 [2016-02-26 20:38:42.024] 5 22 4A:45:95:F7:07 00:40:00:08:B8:00:00:00:00:98:7A:40:23:3F:00:00:00:00:00:00:00:35 [2016-02-26 20:38:42.030] 5 5 4A:45:95:F7:07 00:40:00:08:B8 [2016-02-26 20:38:42.031] 5 5 4A:45:95:F7:07 00:D3:CB:DA:EF [2016-02-26 20:38:42.038] 5 10 4A:45:95:F7:07 00:4F:00:01:18:00:00:00:00:98 [2016-02-26 20:38:42.039] 5 10 4A:45:95:F7:07 00:40:00:08:B8:49:24:1C:C1:02 [2016-02-26 20:38:42.207] 5 5 4A:45:95:F7:07 00:40:01:18:A7 [2016-02-26 20:38:42.208] 5 5 4A:45:95:F7:07 00:D3:CB:DA:EF [2016-02-26 20:38:42.457] 5 5 4A:45:95:F7:07 00:40:01:18:A7 [2016-02-26 20:38:42.457] 5 5 4A:45:95:F7:07 00:D3:CB:DA:EF [2016-02-26 20:38:42.706] 5 5 4A:45:95:F7:07 00:40:01:18:A7 [2016-02-26 20:38:42.707] 5 5 4A:45:95:F7:07 00:D3:CB:DA:EF [2016-02-26 20:38:42.955] 5 5 4A:45:95:F7:07 00:40:01:18:A7 [2016-02-26 20:38:42.956] 5 5 4A:45:95:F7:07 00:D3:CB:DA:EF [2016-02-26 20:38:43.191] 5 22 4A:45:95:F7:07 00:D3:02:0E:C3:13:39:E2:A3:27:7A:40:23:43:00:00:00:00:00:00:00:42 [2016-02-26 20:38:43.192] 5 22 4A:45:95:F7:07 00:D3:CB:DA:EF:30:11:FD:0D:7C:7A:40:23:42:00:00:00:00:00:00:00:B3