A collection of proof-of-concept software tools to exploit replay and keystroke injection vulnerabilities in Nordic Semiconductor nRF24-based wireless input devices.
Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
This toolset is primarily used by penetration testers and red teamers to demonstrate and exploit security weaknesses in wireless keyboards, mice, and presenters using nRF24 transceivers. It helps security professionals assess the risk of replay and injection attacks on these devices and develop mitigation strategies.
This tool requires specialized hardware (nRF24LU1+ USB dongle with custom firmware) and Python2 environment, which is deprecated; users should ensure compatibility. The tools are proof-of-concept and intended for authorized security testing only. Usage against unauthorized devices may be illegal. The repository relies on the Bastille Threat Research Team's firmware for hardware interaction.
Obtain an nRF24LU1+ USB radio dongle flashed with nrf-research-firmware (e.g., Bitcraze CrazyRadio PA or Logitech Unifying dongle model C-U0007)
Install Python2 environment
Install PyUSB Python package
Install PyGame Python package for GUI tools
Clone the repository or download the software toolspython2 keystroke_injector.py --help
Displays help and usage information for the keystroke injection tool targeting supported devices like cherry and perixx.
python2 keystroke_injector.py -a <ADDRESS> -c <CHANNELS> -d <DEVICE>
Executes the keystroke injection attack specifying the target device address, RF channels, and device type.
python2 logitech_presenter.py --help
Shows usage instructions for the Logitech wireless presenter attack tool.
python2 logitech_presenter.py -a <ADDRESS> -c <CHANNELS>
Runs the keystroke injection attack against Logitech wireless presenters using specified device address and RF channels.