insecurityofthings/jackit

Just a question

Opened this issue · 4 comments

I'm gonna buy a mousejack vulnerable wireless keyboard/mouse for testing purposes, so that I can practice attacking it, but I'm not sure which one I should buy. I know there are lists out there of vulnerable keyboards, but I'm looking for what's the best option of those listed keyboards to buy for testing.

Does anyone have a recommendation as to which vulnerable keyboard/mouse to buy?

Also, if I happened to buy one and it comes with an updated firmware that's already patched, can it be downgraded back to a vulnerable state?

found this on the readme
https://github.com/insecurityofthings/jackit/blob/master/README.md

is this what you want?

We have successfully tested with the following hardware:

Microsoft Wireless Keyboard 800 (including keystroke logging)
Microsoft Wireless Mouse 1000
Microsoft Wireless Mobile Mouse 3500
Microsoft All-In-One Media Keyboard
Microsoft Sculpt Ergonomic Mouse
Logitech Wireless Touch Keyboard K400r
Logitech Marathon M705 Mouse
Logitech Wave M510 Mouse
Logitech Wireless Gaming Mouse G700s
Logitech Wireless M325 Mouse
Logitech K750 Wireless Keyboard
Logitech K320 Wireless Keyboard
Dell KM636 Wireless Mouse and Keyboard
AmazonBasics MG-0975 Wireless Mouse
Known to not work with:

Logitech M185 and M187 mice (red unifying dongle C-U0010)
All older 27MHz devices, such as:
Microsoft Wireless Optical Mouse 2.0
Microsoft Wireless Notebook Optical Mouse 3000
Dell KM632 (on the roadmap)
HP wireless devices (on the roadmap)
Lenovo wireless devices (on the roadmap)

found this on the readme
https://github.com/insecurityofthings/jackit/blob/master/README.md

is this what you want?

We have successfully tested with the following hardware:

Microsoft Wireless Keyboard 800 (including keystroke logging)
Microsoft Wireless Mouse 1000
Microsoft Wireless Mobile Mouse 3500
Microsoft All-In-One Media Keyboard
Microsoft Sculpt Ergonomic Mouse
Logitech Wireless Touch Keyboard K400r
Logitech Marathon M705 Mouse
Logitech Wave M510 Mouse
Logitech Wireless Gaming Mouse G700s
Logitech Wireless M325 Mouse
Logitech K750 Wireless Keyboard
Logitech K320 Wireless Keyboard
Dell KM636 Wireless Mouse and Keyboard
AmazonBasics MG-0975 Wireless Mouse
Known to not work with:

Logitech M185 and M187 mice (red unifying dongle C-U0010)
All older 27MHz devices, such as:
Microsoft Wireless Optical Mouse 2.0
Microsoft Wireless Notebook Optical Mouse 3000
Dell KM632 (on the roadmap)
HP wireless devices (on the roadmap)
Lenovo wireless devices (on the roadmap)

Sort of, but not quite. That's a good list of vulnerable devices, but what I'm looking for is more like, of those devices, which one is the best to buy and practice attacks on? Because I know some devices are only vulnerable to keystroke injections, while others are vulnerable to injections and keylogging. I'd also imagine some devices are able to have they're firmware downgraded as well as upgraded, while others cannot be downgraded...

Basically, which ones support the most attack vectors (hopefully one device vulnerable to all attack vectors), and which one of those also supports downgrading the firmware if needed (i.e. if it comes pre-patched with a newer firmware I need to be able to downgrade it to be vulnerable again).

I dont believe an exquisite list such as that exists.

and the reflashing would require access to the exact vulnerable firmware then the ability to interface with the device to be able for it to get flashed.

Im afraid you will just need to start at the top of the list provided and work your way down. Those devices are not getting updates and will have the vulnerability you need to key inject

I dont believe an exquisite list such as that exists.

and the reflashing would require access to the exact vulnerable firmware then the ability to interface with the device to be able for it to get flashed.

Im afraid you will just need to start at the top of the list provided and work your way down. Those devices are not getting updates and will have the vulnerability you need to key inject

Ok thanks. That gives me a place to start then.