ERROR: unrecognised exe version 'V1.03'

[ifohancroft]

Since I'm struggling with my own firmware reverse engineering, I decided to play with your tool to extract and unscramble the firmware then inspect how the binary looks and play with it, however, running: ./ducky extractkey -o out.key One_TKL_US_L_V1.03.exe I get: ERROR: unrecognised exe version 'V1.03'

[ifohancroft]

This is on Manjaro, 64bit. The software compiled successfully as per the instructions in the README.

[nwithers-ecr]

Same issue with version v1.09 on ubuntu 20.04 64 bit

[usedbytes]

Sorry @ifohancroft I didn't see the notification come in for this. The version checking is very fussy (kinda deliberately out of caution) - I'll try and take a look this weekend, assuming the code works OK on Mac, I haven't tried that before 😕

[usedbytes]

@nwithers-ecr, which specific FW v1.09 are you trying? Can you share a link?

@ifohancroft (if you're still interested) could you give the rewrite-wip branch a go? I did a significant refactor ~1yr ago to support the One2, didn't get around to updating the docs and merging to the main branch.

It worked OK for me just now, it's a bit more flexible about version detection:

$ ./ducky decode One_TKL_US_L_V1.03.exe
Firmware version: V1.1.03
Name:             KB Upgrade
IAP version:      V1.0.0
Layout:           ANSI 108 Keys
File Key:         87 d3 82 15
>>> Device 0, Firmware 0, Image internal
WARNING: Simple key search failed, falling back to heuristics. This may well be incorrect!
WARNING: Some values were ambiguous
>>> Decoded.
Wrote to One_TKL_US_L_V1.03.exe.toml

Note that the .toml file is different from the old code, but that probably doesn't matter for you, I got:

$ cat One_TKL_US_L_V1.03.exe.toml
[exe]
  name = "KB Upgrade"
  file_key = 360895367
  byte_swapping = false
  iap_version = "V1.0.0"

[[device]]
  name = "KB Upgrade"
  [device.application]
    vid = 1241
    pid = 392
    protocol = "one"
  [device.bootloader]
    vid = 1241
    pid = 4488
    protocol = "one"
    extra_crc_data_file = "04d9_1188_extracrc_849681b9.bin"

  [[device.firmware]]
    device_name = "KB Upgrade"
    version = "V1.1.03"
    [device.firmware.images]
      [device.firmware.images.internal]
        check_crc = 13029
        data_file = "image_KB_Upgrade_V1.1.03.3199c695.internal.bin"
        xfer_encoded = false
        xfer_key_file = "xferkey_KB_Upgrade_V1.1.03.b35beaee.internal.bin"

Which means the decoded, unscrambled FW is in image_KB_Upgrade_V1.1.03.3199c695.internal.bin. I think the two warnings are harmless as best as I can remember.

I honestly don't remember what was left to do on the rewrite-wip branch now... I'll probably update the docs and just replace the old implementation at this point.

[nwithers-ecr]

looks like I should try the new branch too. It's a ducky one 2 mini pure white rgb https://www.duckychannel.com.tw/en/Support/Detail/97

[nwithers-ecr]

using go version 1.16.10 and Ducky One2 Mini RGB V1.09 For DKON2061ST.exe ducky extract gives

ERROR: couldn't load using any known versions

same results with Ducky_One2_Mini_RGB_V1.22.exe

[usedbytes]

@nwithers-ecr I had a brief look at "One2 Mini" last December, and my notes say:

uses a totally different brand of microcontroller, so has a totally different updater, different protocol again etc.

I'll take a closer look at that .exe when I'm back at my workstation next week, but if this really is the case, it's going to be very difficult (probably infeasible) for me to reverse engineer without access to the hardware 🙁. I personally only have a One TKL single colour and a One 2 TKL RGB.

That said, Ducky's model naming and hardware seems pretty inconsistent - e.g. the "One2" and the "One2 Mini" are very different, so I wouldn't be surprised if the "One2 Mini RGB" is different from say the "One2 SF", and I don't recall which specific version I looked at before.

[nwithers-ecr]

That makes sense. It's unfortunate but no worries. I'll just have to pass it through to a window virtual machine to update it

[ifohancroft]

@usedbytes Thank you! I will check it later today. If I don't get back to you in 24 hours, then I forgot, so feel free to tag me to remind me.