Keykeriki release v2 in the wild : exploiting the wireless devices

Remote-Exploit is proud to present the universal wireless keyboard sniffer: Keykeriki. This opensource hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only). The hardware itself is designed to be small and versatile, it can be extended to currently undetected/unknown keyboard traffic, and/or hardware extensions, for example, a repeating module or amplifier

Keykeriki is build around the Texas Instruments TRF7900 chip controlled by an ATMEL ATMEGA 8-bit microcontroller. For logging abilities, an SDCard interface is built into the board layout, as well as an additional USART channel for future hardware extensions, that we’d like to call "backpacks". The whole board can be powered directly via the USB bus or a stable 5V power source. Keykeriki is not USB certified :-).

When connected to a USB port, one can use either a decent terminal application or the keyctrl software which is part of included in the software package of this project. One can download all the schematics in Eagle and PDF format as part of the projects software package. The following interfaces are available on the board:

  • Mini-B USB connector (USB to serial + power supply)
  • SDCard slot
  • External Antenna Connector
  • USART connector for Backpacks
PNG - 33.5 kb

Because of the flexible hardware design, most features are built within software. We wanted to provide more than just decoding of the collected data in this initial release, and we have. Please see the following feature list:

  • Radio frequency channel switching
  • Signal strenght (RSSI) display
  • Data logging to SDCard
  • Dumping content of SDCard to terminal
  • Encryption key handling
  • On-the-fly deciphering of Microsoft’s XOR based encryption
  • Hardware signal filter state configuration
  • Feature state configuration incl. persistent storage
  • Activation and usage of backpack USART interface
  • Sniffing and decoding of keystrokes of Microsoft 27Mhz based keyboards

Update submitted by Wingro

Post scriptum


Comments

Related Articles

Exploitation
Keykeriki
Wireless