Downgrade works but it does not make the receiver vulnerable again #1
Comments
|
If you have the logitech unifying software installed, it will try to update
your dongle.
…On Tue, May 23, 2023, 7:45 AM phocean ***@***.***> wrote:
As other people report here
<BastilleResearch/mousejack#25>, while the
downgrade operation works, it does not make the device vulnerable again
(after an upgrade).
The only solution so far is to purchase again a vulnerable receiver.
—
Reply to this email directly, view it on GitHub
<#1>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AUICAJQPEZYILJI3ZFH7Q3LXHSPNRANCNFSM6AAAAAAYLYNQZA>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
|
If that doesn't work then you are probably not using the right fw for your
dongle.
…On Tue, May 23, 2023, 8:24 AM Ekadasi Newton ***@***.***> wrote:
If you have the logitech unifying software installed, it will try to
update your dongle.
On Tue, May 23, 2023, 7:45 AM phocean ***@***.***> wrote:
> As other people report here
> <BastilleResearch/mousejack#25>, while the
> downgrade operation works, it does not make the device vulnerable again
> (after an upgrade).
>
> The only solution so far is to purchase again a vulnerable receiver.
>
> —
> Reply to this email directly, view it on GitHub
> <#1>, or
> unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AUICAJQPEZYILJI3ZFH7Q3LXHSPNRANCNFSM6AAAAAAYLYNQZA>
> .
> You are receiving this because you are subscribed to this thread.Message
> ID: ***@***.***>
>
|
|
No, it really does not work, I have no Logitech software installed and reproduced the issue many times on Windows / Linux. I have no idea of what's going on, but apparently something in the firmware cannot be overwritten back with a downgrade. At least not on all dongles, like mine and other people's (I am not the only one to report it so it's probably real). Not a big issue but I thought it was important to document it, so if someone else gets here they will be aware that it might not work. |
|
not all dongles are flashable. ive personally tested and a few others have
on U0007 dongles. nowhere here have you provided any such details on your
device. here is a link to a version that is known to be vulnerable, which
is the preferred type as ive stated before. Logitech Unifying Receiver USB
Dongle TESTED WORKS C-U0007 | eBay
<https://www.ebay.com/itm/266102882494?mkevt=1&mkcid=1&mkrid=711-53200-19255-0&campid=5338904993&toolid=20006&customid=255_255_255&>
~Ekadasi Newton (a.k.a. Scotty)
Wanna know how to pronounce Ēkādasī? Click this link and then click the
Listen (speaker) icon in the lower right hand corner of the right box.
<https://translate.google.com/#en/hi/ekadasi>
I also have a profile HERE <http://www.mormon.org/me/f0pn>
…On Tue, May 30, 2023 at 5:05 AM phocean ***@***.***> wrote:
No, it really does not work, I have no Logitech software installed and
reproduced the issue many times on Windows / Linux.
I found an old, unpatched dongle and it works flawlessly.
I have no idea of what's going on, but apparently something in the
firmware cannot be overwritten back with a downgrade. At least not on all
dongles, like mine and other people's (I am not the only one to report it
so it's probably real).
—
Reply to this email directly, view it on GitHub
<#1 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AUICAJSBLEQP6HTL2ELHX2DXIWZ45ANCNFSM6AAAAAAYLYNQZA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
ive tested a U0008 and apparently there are some with different chipsets
that are not compatible.
~Ekadasi Newton (a.k.a. Scotty)
Wanna know how to pronounce Ēkādasī? Click this link and then click the
Listen (speaker) icon in the lower right hand corner of the right box.
<https://translate.google.com/#en/hi/ekadasi>
I also have a profile HERE <http://www.mormon.org/me/f0pn>
…On Tue, May 30, 2023 at 5:05 AM phocean ***@***.***> wrote:
No, it really does not work, I have no Logitech software installed and
reproduced the issue many times on Windows / Linux.
I found an old, unpatched dongle and it works flawlessly.
I have no idea of what's going on, but apparently something in the
firmware cannot be overwritten back with a downgrade. At least not on all
dongles, like mine and other people's (I am not the only one to report it
so it's probably real).
—
Reply to this email directly, view it on GitHub
<#1 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AUICAJSBLEQP6HTL2ELHX2DXIWZ45ANCNFSM6AAAAAAYLYNQZA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
so maybe follow the readme?
~Ekadasi Newton (a.k.a. Scotty)
Wanna know how to pronounce Ēkādasī? Click this link and then click the
Listen (speaker) icon in the lower right hand corner of the right box.
<https://translate.google.com/#en/hi/ekadasi>
I also have a profile HERE <http://www.mormon.org/me/f0pn>
…On Tue, May 30, 2023 at 5:05 AM phocean ***@***.***> wrote:
No, it really does not work, I have no Logitech software installed and
reproduced the issue many times on Windows / Linux.
I found an old, unpatched dongle and it works flawlessly.
I have no idea of what's going on, but apparently something in the
firmware cannot be overwritten back with a downgrade. At least not on all
dongles, like mine and other people's (I am not the only one to report it
so it's probably real).
—
Reply to this email directly, view it on GitHub
<#1 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AUICAJSBLEQP6HTL2ELHX2DXIWZ45ANCNFSM6AAAAAAYLYNQZA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
The README ? I read it but do not see how it contributes much to the discussion. Yes, I understand you have not tested it on all devices, but I am just reporting that it does not always work, for the sake of documentation as I said. I am not here for debating / complaining / criticizing / looking for help or anything... Just documenting and sharing so don't take it wrongly, please no drama ! True, I did report what my device is : M325 mouse with stock dongle. This was confirmed to be vulnerable, flashed to patched version and then it's impossible to downgrade. I mean, it downgrades without error, but it's not vulnerable anymore. I have no idea where the vulnerable dongle that I found in my stuff comes from, but it happens to be a vulnerable version : 024.001.00023. So, definitely no issue and not needing help, just reporting. That's it for me, I won't comment here anymore. Thank you and have fun. |
As other people report here, while the downgrade operation works, it does not make the device vulnerable again (after an upgrade).
The only solution so far is to purchase again a vulnerable receiver.
The text was updated successfully, but these errors were encountered: