Open puba opened 5 years ago
Hello, I'm experiencing a similar issue with a C-U0012. I'm trying to use it as suggested by L Bongiorni for weaponization there. Uploading firmware went wrong with 1st link but works fine with the 2nd one : Yes I know they don't have the same size nor same hash ! 417637/ SHA256 : 50b55a7167758aa370dbc42ed89c16504801dca5d9706f4fd0df29599231eba8 vs 68352/ SHA256 : 3d87c3bfb66494f1c229010e577a8e5f383dcdb2e5e906da4c9cf5bc1cc08c6e
Here is the result :
Firmware (maj.minor.build): RQR39.06.B0040
Bootloader (maj.minor): 01.08
WPID: 800d
(likely) protocol: 0x0c
Serial: 41:60:90:53
Connected devices: 1
Destination ID: 0x07
Default report interval: 8ms
WPID: 1337
Device type: 0x01 (KEYBOARD)
Serial: 2d:9a:9f:02
Report types: 0000401e (Report types: keyboard mouse multimedia power keys keyboard LEDs )
Capabilities: b3 (not Unifying compatible, link encryption enabled)
Usability Info: 0x09 (power switch location on the top edge)
Name: LOGITacker
RF address: 41:60:90:53:07
KeyData: 00
Key: none (no link encryption in use or key not extractable)
Closing Logitech receiver in Firmware mode (not bootloader)...`
Just questioning myself about the bootloader version (> 2 on Logitec official repo for this firmware). Then i wanted to pair it with Logitacker 👍 I'm unable to accomplish it : when launching the pair command on munifying I've got this result. `I'm unable to pair my devices : when launching the pair command on munifying I've got this result.
Found unknown Logitech dongle in Firmware Mode (not bootloader) Using dongle USB config: Configuration 1 Resetting dongle in order to release it from kernel (connected devices won't be usable) EP descr: ep #1 IN (address 0x81) interrupt - undefined usage [8 bytes] EP descr: ep #2 IN (address 0x82) interrupt - undefined usage [16 bytes] EP descr: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] HID++ interface: vid=046d,pid=c539,bus=4,addr=57,config=1,if=2,alt=0 HID++ interface IN endpoint: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] Enable pairing for 60 seconds USB Report type: HID++ short message, DeviceID: 0xff, SubID: ERROR MESSAGE, Params: 0x80 0xb2 0x05 0x00 Error notification with parameters: 0x80 0xb2 0x05 0x00 param 0 (HID++ command) : 0x80 param 1 (likely register): 0xb2 - 'REGISTER PAIRING' param 2 (error) : 0x05 - 'LOGITECH INTERNAL ERROR' HID++ error response Closing Logitech receiver in Firmware mode (not bootloader)... `
Any advices for debugging it ?
Best regards
PS : if someone knows how to proceed for updating C-U0012 bootloader I'm ok to validate the procedure
@PierreS1
The RQR39 firmware you flashed could only pair a single device (in contrast to RQR24 Unifying firmwares).
You have to unpair the already listed devices, before pairing LOGITacker.
This could f.e. be done with
munifying unpairall
@puba RQR24.00 is the oldest firmware available. The bootloader is not signed.
You should re-flash it with RQR24.06 (unsigned, vulnerable to AES key extraction) or RQR24.10 (unsigned, not vulnerable to AES key extraction)
Hello, may I ask if I have this problem when I brush into RQR44, can I ask me how to solve it?
Tried to pair a receiver, but have this error after unsuccesfull injection:
root@kali:~/munifying# ./munifying pair Logitech Unifying dongle found Using dongle USB config: Configuration 1 Resetting dongle in order to release it from kernel (connected devices won't be usable) EP descr: ep #1 IN (address 0x81) interrupt - undefined usage [8 bytes] EP descr: ep #2 IN (address 0x82) interrupt - undefined usage [8 bytes] EP descr: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] HID++ interface: vid=046d,pid=c52b,bus=2,addr=31,config=1,if=2,alt=0 HID++ interface IN endpoint: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] Enable pairing for 60 seconds USB response timeout Closing Logitech receiver in Firmware mode (not bootloader)...
After munifying info:
root@kali:~/munifying# ./munifying info Logitech Unifying dongle found Using dongle USB config: Configuration 1 Resetting dongle in order to release it from kernel (connected devices won't be usable) EP descr: ep #1 IN (address 0x81) interrupt - undefined usage [8 bytes] EP descr: ep #2 IN (address 0x82) interrupt - undefined usage [8 bytes] EP descr: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] HID++ interface: vid=046d,pid=c52b,bus=2,addr=31,config=1,if=2,alt=0 HID++ interface IN endpoint: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] Dongle Info
Closing Logitech receiver in Firmware mode (not bootloader)...
Once more :
root@kali:~/munifying# ./munifying info Logitech Unifying dongle found Using dongle USB config: Configuration 1 Resetting dongle in order to release it from kernel (connected devices won't be usable) EP descr: ep #1 IN (address 0x81) interrupt - undefined usage [8 bytes] EP descr: ep #2 IN (address 0x82) interrupt - undefined usage [8 bytes] EP descr: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] HID++ interface: vid=046d,pid=c52b,bus=2,addr=31,config=1,if=2,alt=0 HID++ interface IN endpoint: ep #3 IN (address 0x83) interrupt - undefined usage [32 bytes] Error reading dongle info couldn't read dongle info Closing Logitech receiver in Firmware mode (not bootloader)...
Is it possible to somehow reset the receiver, tried to flash it, but it seems not to recognise the firmware anymore..
Thanks for help....