More useful information

[ifohancroft]

Here is some more information, that I find is helpful when trying to reverse engineer a mouse, that isn't present in the README:

Frequency range: 2.402-2.481 GHz (While the antena itself is capable of 2.4 to 2.4835GHz and the antena type is Ceramic chip Antenna)

Endianness of the MCU: Little Endian The MCU is ARM Cortex M4 (the README does mention it's ARM but it doesn't mention that it's Cortex and which one, while the information can be found by looking for the datasheet for the MCU it's helpful to have it in the README).

Modulation Technology: GFSK

FCC Documents: https://fccid.io/JNZMR0071

I can't find information for the dongle because I can't find its FCC documents because I can't find its product number or FCC ID and the dongle shown in the FCC documents is for the G603 and I don't know if it comes with it or it whether the mouse has its own.

It would be useful if someone can provide USB captures in pcapng format of a firmware update of the mouse (even more useful if captures of the firmware update for two consecutive versions can be provided), as well as the update binaries.

[perigoso]

Thank you, I will add this to the readme

[ifohancroft]

Most welcome!

Unfortunately, I do not own the mouse. If you do, can you please tell me the following so I can hopefully dig up more information: The dongle that it comes with - does it say G305 on it or does it actually say G603 like on the FCC internal photos? If the G305 does have its own dongle - what's its FCC ID or Model/Product Number (should be written on the dongle somewhere)?

It's worth checking out because there is a chance the dongle itself uses a different version or model MCU. For example, on my Viper Ultimate, it turned out that the mouse uses nRF52840, while the dongle uses nRF52810.

Btw, the idea of looking at the hardware side and not just the firmware, and actually overlaying the traces on top of the PCB in GIMP and labeling the pins and functions is brilliant! Kudos!

[perigoso]

I think logitech uses the same dongles for a bunch of products, but I will check it when I can. I also believe they have a couple different compatible dongles, that even use different brand mcus, like a TI, but I not 100% on this, anyway I doubt its the same mcu.

Edit: actually, it for sure is not the same mcu becaus the 810 doesnt have usb

[ifohancroft]

You never know :D My mouse's dongle actually uses the 810 but I am guessing they are using it just for the wireless and the USB itself is either external controller or a separate chip (or implemented in pure software but I doubt it).

Do let me know the number on it when you have a chance to check it out though.

[perigoso]

@ifohancroft

[perigoso]

Just like I said the receiver uses a TI chip, the CC2544

[ifohancroft]

Thank you!

[ifohancroft]

Here's more info about the receiver. Might be worth adding as well:

FCC Documents: https://fccid.io/JNZCU0008A Frequencies: 2.402 to 2.481GHz Modulations technology: GFSK Antenna Type: Printed MCU: TI CC2544

[perigoso]

Merged this new info into the readme

[ifohancroft]

@perigoso Sorry, I forgot to mention something important: Limited Results has recommended to me the ultimate version of the PocketGlitcher https://www.tindie.com/products/limitedresults/pocketglitcher/ as a tool-less and non-destructive way to circumvent APPROTECT and extract the firmware from nRF52* without the needing to solder to the device, remove caps, etc.

However, the documentation needs to be read as I am not sure whether another tool isn't also required and what is the exact operating procedure.

[perigoso]

Thanks! Ill be trying the hard way first though

[ifohancroft]

Same :D