October 17, 2020

Logitech R400 Keystroke Injection Attack



In this SySS ( proof-of-concept video, SySS IT security expert Matthias Deeg demonstrates how a computer system that is operated with a vulnerable Logitech R400 wireless presenter [1] can be attacked remotely via radio communication by exploiting a keystroke injection vulnerability.

The fact that wireless input devices like wireless presenters can be prone to this kind of attack is not new. For example, Niels Teusink demonstrated this kind of attack back in 2010 in his talk “Owned Live on Stage” at the IT security conference Hack in the Box in Amsterdam [2] and in his blog article “Hacking wireless presenters with an Arduino and Metasploit” [3].

In 2016, Matthias Deeg reported and later publicly disclosed a keystroke injection vulnerability in a newer model (R-R0008) of the wireless Presenter Logitech R400 with the SySS security advisory SYSS-2016-074 [4]. This newer product version of the Logitech R400 used a different radio technology (nRF24 by Nordic Semiconductor instead of CYRF69103 by Cypress Semiconductor), but still had a keystroke injection vulnerability. And the security analysis of a Logitech R400 device that was bought in January 2019 using a freely available software tool of the SySS nRF24 Playset [5] showed that this keystroke injection vulnerability is still there.

Thus, the wireless presenter Logitech R400 is a good example that a security vulnerability, which has been publicly known for several years, may not be fixed by the manufacturer in newer product versions, even if there is a significant change in used technology like using a different radio transceiver.

Besides this demonstrated keystroke injection vulnerability of the Logitech R400 wireless presenter, the two SySS IT security experts Matthias Deeg and Gerhard Klostermeier have found more security issues and collected interesting tales about different wireless input devices of different manufacturers which they are going to tell at the CONFidence IT security conference in Kraków on June 4, 2019 [7].

A couple of weeks ago, Marc Newlin (@marcnewlin) also published first results of his research regarding different presentation clickers that are vulnerable to keystroke injection attacks on GitHub [8].

[1] Product website for Logitech R400

[2] Niels Teusink, Owned Live on Stage – Hacking Wireless Presenters, presentation slides HITB Amsterdam 2010

[3] Niels Teusink, Hacking wireless presenters with an Arduino and Metasploit, 2010

[4] SySS Security Advisory SYSS-2016-074

[5] SySS GitHub Repositry of nRF24 Playset

[6] SySS GmbH, SySS Responsible Disclosure Policy

[7] New Tales of Wireless Input Devices, CONFidence IT Security Conference, 2019

[8] Marc Newlin’s GitHub Repository about vulnerable presentation clickers

Nguồn: https://landzone.net

Xem thêm bài viết khác: https://landzone.net/cong-nghe/

Related Posts

Logitech G25 vs G27 – Noisy FFB? Sound test | Assetto Corsa + DTM Experience

May 6, 2020

May 6, 2020 45

I got myself a new G27 Get it here: BUT! even though it is more silent vs G25, the FFB...

Top 04 Chuột Chơi Game FPS NGON NHẤT Tầm Giá 1 Triệu Đồng | TNC Channel

May 6, 2020

May 6, 2020 48

Top 04 Chuột Chơi Game FPS NGON NHẤT Tầm Giá 1 Triệu Đồng | TNC Channel Game FPS Luôn đòi...

JBL Flip 4 vs Logitech Z506 surround sound

May 21, 2020

May 21, 2020 2

Thanks for watching! 🙂 The hardware i use: Headphones: Keyboard: Mouse: Microphone: Mic arm: Monitor 1: Monitor 2: Surround sound...

Logitech G Pro X Keyboard Review! Bring on the Mech.

May 24, 2020

May 24, 2020 40

The new Logitech G Pro X keyboard has a major upgrade from year’s past…kiss Romer-G goodbye and say hello to...

The Logitech Killer? Razer Basilisk Ultimate Review

May 19, 2020

May 19, 2020 29

The Razer Basilisk Ultimate aims to be the best wireless gaming mouse for gamers who like heavy mice. But it...

Asus ROG RGB Spotlight Minimal Unboxing – Droga Digital

April 19, 2020

April 19, 2020 21

¿Te interesan los artículos que vestimos en Droga Digital? Encuéntralos en Tlaloc Store: SUSCRÍBETE YA a nuestro canal para ver...

XTmobile | Sự thật đằng sau chiếc Samsung Note 8 khởi động lên logo LG

April 27, 2020

April 27, 2020 22

Trong video trước có rất nhiều bạn thắc mắc vì sao chiếc Samsung galaxy Note 8 lại khởi động lên...

Create LOGO DESIGN from FLAT DESIGN Illustration ( Adobe Illustrator )

May 12, 2020

May 12, 2020 17

👉👉👉 GET MY STUFF AND SUPPORT THE CHANNEL: Hey Hey, today I will show you how to create logo design...

Flat minimal logo Design – Adobe Illustrator cc I Designhob

April 27, 2020

April 27, 2020

#Designhob #New Design #crteative Design Flat minimal logo Design – Adobe Illustrator cc I Designhob Lightness by Nomyn Creative Commons...

Logitech G433 [Unboxing and Complete Setup]

May 7, 2020

May 7, 2020 38

#geekstreet #logitech #g433 A detailed unboxing video of the G433 💲Check prices / 🛒Purchase here: US – Canada – UK...

UE BOOM Bluetooth Speaker – REVIEW

April 26, 2020

April 26, 2020 46

►CHECK UPDATED PRICES or Buy from Amazon Here◄ ►PLACES I HANGOUT◄ ►INFO◄ UE Boom UE Boom Review UE Boom sound...

[ Full HD ] RAP FPT Shop

May 5, 2020

May 5, 2020 1

Xem với chất lượng tốt nhất 720p ( HD ) [ Riêng cái này có 1080p ( Full HD )...

The Best Mouse for Laptops!

May 20, 2020

May 20, 2020 20

The best laptop mice and mousepads I’ve used over the years. MX Anywhere 2 – MX Anywhere 2S – MX...

G703 HERO – My First Wireless Mouse! – First Impression

May 19, 2020

May 19, 2020 14

A special thanks to my Friend, Subscriber, and Viewer Mayhem for gifting this mouse to me! You’re an absolutely sexy...

lofi hip hop radio – beats to relax/study to

April 28, 2020

April 28, 2020

Thank you for listening, I hope you will have a good time here 🙂 🎼 Listen to the playlist on...

Comments
  • Because I know you do independent research on the topic, I can't blame you for copying.

    Anyways, I demoed this on May 8th here:

    https://twitter.com/mame82/status/1126038501185806336?s=19

Leave a Reply

Your email address will not be published. Required fields are marked *