Logitech usb dongle downgrade firmware

#1

Logitech
K360 K400r K750 K830

I want to downgrade the USB firmware of the mouse and keyboard. is it possible ?

#2

I heard that’s possible but I don’t know the details. I recommend you get a USB dongle specifically to use with Flipper. You don’t want other people listening in on your keyboard traffic.

#3

Not sure if downgrade is needed, i think they still have some keying issues after firmware upgrade where they will not be able or no longer will fix stuff so i think most users should have taken the advise on these boards to be replaced by now. Maybe for capturing/injecting part downgrade is mandatory but it should be optional with default flash tools from logitech, not sure if the bluejack stuff included the old firmware if you wanted to use them but i guess it would be more easy to just order the nrf24 board :slight_smile:

#4

can you give a link ?

#5

https://www.bastille.net/research/vulnerabilities/mousejack/affected-devices

Not all of them work, certain products work with certain firmware.

#6

In Most cases you don’t need a downgrade, it works out of the box. Because the upgrade is difficult.

The Bastille team used a special prepared FW, but 9 of 9 tested Dingles (up to date by Unifying Software) are vulnerable for flipper MouseJack in my testings.

See How does Flipper Zero connect to a dongle?

2 Likes
#7

I have this product, I just bought it Logitech
K360 version updated and changed doesn’t work

#8

Yeah i think Logitech tried to fix early attacks, and some seemed fixed at first, but after it turned out to be worse then they hoped for , and no more updater those, from the sniffing part at least should it be easy to fix, i just think they fixed some device injection options , so on certain configurations you can only use sniffing on 360/400 ones. So there could be a potential need to downgrade for the earliest cve’s to still work. But after 2nd bulk of cve’s on those , they said they are no longer fixing it and wish you good luck with the board, so you need to replace it if you do not want to be sniffed, even if you patched the inject new devices part. But i trashed mine already so i can nolonger try to downgrade here, but they where still vulnerable for newer attacks, also the main reason to replace them :smiley:

I did do the upgrades on firmwares, and spawning 2 or more new devices like older firmware was sorta fixed, but you could still clone and read/type on same key so i think it was broken beyond fixing and they just ditched the unifying range as a sollution :smiley: