The basics for this attack comes from Bastille Research. See Github.
In a nutshell: The keyboards are talking encrypted. It is a strong encryption, cracking this would be another topic. But the Mouse is talking unencrypted. It is easy to sniff the mouse moving around the desktop. Yay. You see the movement, but nt the desktops. Inject some random mouseclicks woudn't be uch fun.
The Bastille Research team goes further and injected keyboard key presses to the mouse. This is not verified, so the virtual keypress from the mouse is executed at the system … The wall to perform a BadUSB is fallen.
The Bastille Research Team has released 3 tools. NRF24 Sniffer, NRF24 MouseJacker and NRF24 Scanner. It is maybe a bit confusing: You are scanning for targets with the sniffer app and you could sniff the packets with the scanner app. But the nice guy or gal who is porting this to the Flipper was adapting this naming.
1. Find an USB mouse/keyboard dongle with a Nordic Semiconductor nRF24LU1+ chip. Very popular are the Logitech Unifying C-U0007 sticks. But also some Lenovo or Dell and other 2,4GHz wireless sticks are possible targets.
2. Search for a nRF24L01+ board. There are two, the little ones with the antenna printed on the board. And the larger ones, nRF24L01+PA+LNA, with external antenna, that needs nearly three times more power, but reach nearly 5 times (3 times in real) more distance.
3. Open your flipper, select from ‘Applications - GPIO’ the App ‘[NRF24]Sniffer’. The tool will scan for useable signals around you … Wait and wait and wait … If the LED blinks and the flipper is vibrating, there should be a number higher than 0 in ‘Found:’ on the display.
4. Switch to the app ‘[NRF24]Mousejacker’. the first app should have written the file addresses.txt to the SD card. The MouseJacker is taking this address(es), just choose the right one (I really don’t know how to know which one is the right target by more than one results) and choose a BadUSB script from your SD card …
The address is something between your Unifying (or similar) dongle and your mouse. If the firmware from your C-U0007 is not patched, you will see output on the screen, more or less, depending on the used BadUSB script.
