Logitech Hack by piotr_go

Cool, but what's the use for this? It's just about wireless peripherals, and has LOGITECH been found, does it have any specific properties that a colleague uses somewhere?

Frog_Qmak wrote:

but what is the use of it?

For example, you can control a robot you have built with a wireless logitech pad (directly, without using a computer), or you can remotely install spyware or format a disk.
It came to logitech because it is popular and because I have it.

Receiver for Logitech Amiga mouse / pad.

It works with logitech "unifying"?

I don't even have an idea how to approach such a topic without knowing their product from the inside - is the communication used by Logitech described anywhere? After all, in 2.4GHz there is a lot of blah networks, wifi etc. How can you know that some signal is a logitech packet and not, for example, a microwave?

The implementation of something like this is far beyond the reach of my skills, but the topic is very interesting.

You could write a driver to make the unifying hardware from them work with BLE dongles

Pumbas wrote:

It works with logitech "unifying"?

Yes

Pumbas wrote:

is the communication used by Logitech described somewhere?

Not really, there are some scraps of information, but I haven't seen any description of what and how it is sent.
The MS keyboard is better described (about 50% of the info needed) due to the totally messed up encryption (xor with data sent at the beginning of the packet, hehehe).

Pumbas wrote:

How can you know that some signal is a logitech packet and not, for example, a microwave?

The microwave oven does not send CRC :D

Pumbas wrote:

You could write a driver to make the unifying hardware from them work with BLE dongles

There is a chance (but it won't be BLE anymore), BLE is similar to unifying radio (it was designed by the same company after all).

There is a chance that if I lose my unifying receiver, I will fasten it and the keyboard and mouse will work?
Why, for example, the F710 pad has a different receiver than mice and keyboards?

piotr_go wrote:

... or you can remotely install spyware on someone else or reformat the drive.

and you don't need to see that person's screen?

to fire up the console all you need is Win + R, "cmd" and enter.

Tomekkoko wrote:

Why, for example, the F710 pad has a different receiver than mice and keyboards?

The hardware receivers are the same, the limitation is only in the software.

I always wondered why it hadn't happened yet - that wireless mice and keyboards hadn't been hacked for this, always not for the sake of safety, but to save the battery, I turn off the wireless mouse and keyboard when I leave the computer, and now also for the sake of security ;)

greetings
George2002

george2002 wrote:

I turn off the mouse and the wireless keyboard as I leave the computer

Wouldn't it be easier to log out and have a strong password?

Kuniarz wrote:

Wouldn't it be easier to log out and have a strong password?

typing the password (on the wireless keyboard) can be intercepted so it would have to be one-time or ... + capcha

Well done. As you can see, anything is possible, even if someone said it was impossible. Working out this topic is a big step towards using mainly pads as an alternative way of control.

Can this device replace the original receiver for the F710 pad?
Does the device send force feedback to the pad?

Can this device replace the original G602 or G700 receiver?
Is the device able to send key configurations, e.g. to the memory of the G700 mouse?

Is it possible to pair logitech devices with this device (eg F710 or Anywhere MX mouse)?

What happens if several logitech devices work in one room, a few more behind the wall and each has its own receiver:
for example, in one room. 4x F710 pads + 1x Anywhere MX mouse + 1x K800 keyboard + 1x M325 mouse + 1x MK270 keyboard

Since you can take over data from the keyboard and the F710 pad, it means that the hardware of the receiver is the same and only the software differs. After unfolding the older type receiver, the unifying receiver, from the F710, from the 500Hz or 1000Hz G series, I see similar or the same electronics.
I have damaged F710 pads, and more precisely the F710 receivers and the G602 and G700 mice in which the receivers also fell (I do not count other less valuable equipment). I also have working old receivers (with a red border, not unifying) and unifying receivers, but neither pads nor G series mice work with them.
The MK270 keyboard in the NO unifying version has not the best mouse (not very precise) and it is not possible to pair another one with the receiver, but the mouse itself works with another receiver without any problems (the keyboard is not, but the mouse is). The mice are quite flexible, for example the M325 originally intended for unifying works with the old type receiver (with a red border, but not all of them) and with the unifying receiver. The pad can only be paired with the receiver from the pad, and the G series of mice can only be paired with the G receiver for the given type of mouse. Where is the problem ? The receivers fall over time. It is not profitable to buy the F710 receiver or the receiver for the G series of mice. If you use a lot of them (e.g. it rains quite heavily), it is better to buy a new pad and finish off the old pad (joystick) on the new receiver. However, an ordinary unifying receiver can be purchased at a reasonable price, and used old-type receivers (with a red border) for funny money and maybe something can be done.

Since the colleague is proficient in the subject, he may know the answers to the questions.

Is there a way or is it possible to convert (uploading the software) the nano 2.4Ghz logitech receiver (with a red border from before unifying) to a new type of unifying that supports several devices, not just one?

Is it possible to change the software in some way for receivers intended for old mice / keyboards, unifying, f710, g series?

As I understand it, it would be possible to build a device that could be built into the RC apparatus, replacing the original manipulators with the F710 pad or using the pad for direct control. Probably it can be modified somehow with a new transmitting-receiving antenna, but I do not know the signal strength of the transmitter.

Has a colleague tested the range of the F710 pad with this device?

Sas_AS wrote:

Can this device replace the original receiver for the F710 pad?

Yes

Sas_AS wrote:

Does the device send force feedback to the pad?

I didn't need it so I didn't work it out, but it should be possible to do

Sas_AS wrote:

Can this device replace the original G602 or G700 receiver?

probably yes, I don't think it was on another radio, they probably limited to only one device per receiver so that data could be sent faster

Sas_AS wrote:

Is it possible to pair logitech devices with this device (eg F710 or Anywhere MX mouse)?

in the receiver for the amiga I made the pairing of the F710 and unifying mice, so you can add it to that

Sas_AS wrote:

What happens if several logitech devices work in one room, a few more behind the wall and each has its own receiver:
for example, in one room. 4x F710 pads + 1x Anywhere MX mouse + 1x K800 keyboard + 1x M325 mouse + 1x MK270 keyboard

they should get different channels, anyway each sends a different address so a receiver that is not programmed for it will not receive anything

Sas_AS wrote:

Is there a way or is it possible to rewrite (upload software) ...

once you get the binary it's no problem

Sas_AS wrote:

Has a colleague tested the range of the F710 pad with this device?

from what I remember, it was not sensational, within one room

piotr_go wrote:

Sas_AS wrote:

Is there a way or is it possible to rewrite (upload software) ...

once you get the binary it's no problem

Most of these receivers are on the NRF, in order:

Newest Orange: NRF D 24LU1P
500 Hz receiver: NRF F 24LU1P
F710 receiver: NRF D 24LU1P
Unifying 1: CC2544
Unifying 2: NRF D 24LU1P
Old type 1: CC2544
Old type 2: NRF O LUP1PA

From what I read in the datasheet, it has a spi connector and info that it has read protection and it is probably on 2 levels. Extracting the flash content will be rather impossible (and I don't even know what to read NRF), but I can see the reset input. Maybe it is possible to delete and upload alternative software. You can definitely (100%) upload new software via USB, because I had such a case twice. It was updating the DFU software or something, it was done automatically in Logitech Re-Connect. I also have unifying receivers which in the Logitech Unifying software displays in turn:

Receiver Name: Unifying [DFU] Receiver.
Firmware version 000.000.00000.
Associated devices: No devices.

Nothing can be paired, but the text is highlighted:
Update the firmware.

After this procedure: Update ... welcome! ...
The current firmware version is 013.000.00001.
Firmware update version 000.000.00000.
Press Update ... Firmware update failed.

Application:
There is some software (v. 013.000.00001) but it cannot be uploaded to the receiver because it is probably damaged, but how to take over this software and upload it to a functional old type of receiver, so that it becomes a receiver, e.g. unifying, since both the receiver and the other in hardware are identical. Finally, delete the contents of a working receiver and upload flash unifying , and maybe upload an alternative and it will surprise you, it would only have to be compatible with the software, which is probably not feasible. I think it's too much for me ...

Nice collection.
So far, they are all functional, so I have not tried to repair / reload the FW (except for the last update).

Sas_AS wrote:

Maybe it is possible to delete and upload alternative software.

it is possible -> Link

Sas_AS wrote:

Unifying 1: CC2544

ooo good to know it's compatible

Okay, it got a little brighter. You just have to figure out how to take over the flash content, maybe something in the frame or the temp appears at the moment of updating (although logitech is probably not so "stupid") ... and the collection is growing all the time because they fall like flies (of course, taking into account the large amount of equipment , not that they are particularly flawed).

piotr_go wrote:

Sas_AS wrote:

Unifying 1: CC2544

ooo good to know it's compatible

While we're at it, there are also:



Old first versions: NRF D 24L01 and Atmel 90USB162-16MU
Then they appeared on: NRF B 31562A

There is also the latest version which is very short, and it either has a different design or something else is inside. Forgive me, but I will not take it apart, because this receiver is added to quite expensive devices and blowing it cold, I would not like to have problems with maintaining the warranty in the future.

Generally, Logitech's communication is based on the NRF algorithm. The data that is needed is the encryption key and the channel frequency. Earlier receivers could only work with one device, later came out unifying that connect to several devices at once. Using re-connect programs (I know three different ones that work with some receivers and do not want others), you can save the log file, you can read something from it. Interesting topic by the way.

rekinisko wrote:

... Earlier receivers could only work with one device ...

It is 90% correct, as I wrote earlier, but the old one (with a red border) could also work with 2 devices. This is the situation with the MK270 set, which was introduced for sale before the unifying technology, and further produced, but already in the unifying technology. The sets are identical, they differ in the technology used.

Set 1: K270 keyboard adapted to work with older receivers + M185 mouse adapted to work with old receivers + old receiver (red border). The set is seen in Logitech Re-Connect (e.g. v 2.00.3 or v 1.00.23) as TWO devices separately, i.e. KEYBOARD and MOUSE. The receiver is not seen in the unifying software. Interestingly, you can pair another mouse in the old technology with the receiver (let's call it the old type for two devices). I do not know the keyboard, because I do not have any other than the old version of the K270. I used to have an MK320 with a M215 mouse (where the receiver was plugged in with the snap button, such a curiosity), but there was a completely different receiver, as big (as for today) as a pendrive. Then M215 mice appeared in the unifying version.

Set 2: K270 keyboard with unifying badge adapted to work with unifying technology + M185 mouse with unifying badge adapted to work with unifying technology + unifying receiver (white border). The set is seen in the Logitech Unifying program (not seen in the old one anymore) and you can add up to 6 or max 8 devices.

After disassembling the receivers, both the old-type receiver for two devices from set 1 and unifying (not just from the M325 mouse set, but it doesn't matter because you can pair it with the new MK270 set 2) inside are identical.

edit:

And to mix things up, I would like to add that the M325 mouse is the most universal, it works with unifying receivers (except F710 and G series) and with all kinds of old types :D

eidt2:

As if someone else is interested in:



From left:
Rapoo (models and style similar to logitech) new model: R-58D D3721C
Rapop older model: R24-R D3163C
Speedlink: glut type, 12Mhz quartz on the other side
Acer: CC2544
Trust 18519: glut + quartz 12 MHz
The last three are different OEMs: glut + quartz 12Mhz or 16Mhz

As you wrote. There are at least two types with red color without the unifying logo. There are still 500Hz, 1000Hz for gamers, with blue color for headphones, there is a bit of it. Recently, I had a lot of Logitech kits to fix and there was something to test for compatibility. I have a lot of mice and keyboards left without receivers, unfortunately.

Hahahaha, I was able to restore the soft unifying in the receiver I used in this project (from pure flash with its own bootloader).

The ones with the blue color, I think, are rather bluetooth receivers. By the way, instead of them, you can pair the headphones with any bluetooth (for correct operation, at least v 2.1 or 2 + ERD is required), and the pairing password is not too complicated 0000 or 000000 or 1234 or 123456.
They still have the inscription only G-series, but I don't remember if they work instead of 500Hz and 1000Hz.

piotr_go wrote:

Hahahaha, I was able to restore the soft unifying in the receiver I used in this project (from pure flash with its own bootloader).

Respect, i.e. I understand that you can delete the old type of content, load the bootloader and load the unifying software. Baaaa, going further, you can try to delete the content from the damaged receiver and try to repair it :)

So I think they go further, all this unifying technology is a "marketing slog" to retire older products: /.

Sas_AS wrote:

you can try to delete the content from the damaged receiver and try to repair it

unless the flash is broken (pdf gives 1000 cycles) who knows what FW is doing with it

Sas_AS wrote:

unifying technology is a "marketing slog"

you pay extra for a better soft in the receiver and that's it

The K750 harpsichord model, a sunny keyboard with an xmega on board, is interesting. Tempts

piotr_go wrote:

Sas_AS wrote:

you can try to delete the content from the damaged receiver and try to repair it

unless the flash is broken (pdf gives 1000 cycles) who knows what FW is doing with it

and there may be a dog buried here.
Generally:
I have receivers that have died in such a way that there is a USB short circuit, they exceed the consumption of 0.5A or charge close to 0.5A, heating up like a little hell and turning off after a while. There are also those that nothing happens after inserting into USB (measurement data + and data- looks normal, there are no short circuits, just not responding).

Old type for one mouse:
There are those where in the re-connect software there is the inscription "mouse" or "unknown device" and nothing can be paired. They are such that a given mouse art is paired and it cannot be combined with another, as if it is starting, but it cannot save a new one and resetting the computer only helps. There are also those where there is a complete lack of communication after 2.4 GHz.

Unifying:
There are those where in the unifying software you can neither remove (supposedly remove, but after reinserting to the usb the given device reappears) or add another device, despite the fact that it is supposed to pair (but does not work). There are also those where there is a complete lack of communication after 2.4 GHz. There are which, instead of software in some version, displays the DFU receiver.

The new cheapest unifying receiver outside the country is an expense per PLN, min. PLN 25 (+ shipping, in our case PLN 40 + shipping). For the F710 recently it cost min. PLN 60, and there was no or something like PLN 70 in PL, now they are available for PLN 40 in PL (so much better). For MK270 hardly available and not very profitable purchase, they appeared in PL for PLN 70. The G series has dropped to PLN 40 and it is still acceptable. Nevertheless, everything should cost 20 - 25 PLN, since the inside is exactly the same.

rekinisko wrote:

The K750 harpsichord model, a sunny keyboard with an xmega on board, is interesting. Tempts

I like the K800 more, the ATxmega64D3 sits there (writes from memory, I don't remember exactly), it's tempting

And also the NRF24L01 +

Sas_AS wrote:

For MK270 hardly available and not very profitable purchase, they appeared in PL for PLN 70

I have a K270, it is unifying. There is nothing like an ordinary keyboard without frills. I think I'll buy one as a spare
They could only do the same with a touchpad instead of a numeric keypad. Oh, and AA batteries instead of AAA.
I also have a K340 and a K400. I washed the K340 in the dishwasher (after removing the electronics), it cleaned up elegantly, but the keys began to jam .
Now I only use it for testing.

FW repair and other experiments:


Fate rewards the patient.
I was able to pair the keyboard with my own layout and decode the data (AES128).
One receiver on nRF24L01 + works with F710 + keyboard + mouse.
In a few days I will try to make a video of the action.

K270 you say.
It will be found, but in the version without unifying technology (there are two versions of the above mentioned) on the NRF B 31504E (top), and the unifying version is n NRF O 24LE1H (bottom).

Patience pays off, but you still need a lot of free time for education :D





ps. K2xx K3xx K4xx keyboards often have lubricated keys, probably the grease has washed out and they jam. This is not so-called white plastic grease, it is something between a plastic grease (no oil, no acid, e.g. technical petroleum jelly) and grease for constant velocity joints (graphite-free, odorless, expensive crap, yellow / transparent color like standard grease only high viscosity, low resistance (I know hard to understand, it is sticky and slippery, but it is, I do not know how it is, but it is like that), it does not foam with water, resistant to temperature and change of consistency ... similar only once seen as lubricant for head travel in dot matrix or inkjet printers). Because in the original it is not known what it is, I use grease for joints, etc., once purchased (from 15 years ago) from a Peugeot company I did not match any better liniment for keyboards. After a few years (about 7), it has no negative effects on the plastic (it has not dissolved, no pitting).

We have a Logitech rally here - so it's the perfect place to ask if anyone knows the markings of this element from the mouse?