nRF24LU1: Revision 12 / Dobrica Pavlinušić's random unstructured stuff

Dobrica Pavlinušić's random unstructured stuff

nRF24LU1: Revision 12

{toc}

^ pinout

{image: nRF24L01_pinout.jpg}

It seems that v2.0 devies are 32k while Internet wants us to beleve that they are 16k (v1.0 maybe?)

^ original firmware output

.pre
[11985.181504] usb 2-2.1: new full-speed USB device number 7 using xhci_hcd
[11985.285687] usb 2-2.1: New USB device found, idVendor=1915, idProduct=002b
[11985.285690] usb 2-2.1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[11985.285692] usb 2-2.1: Product: Nordic Semiconductor nRFready Basic Remote Dongle
[11985.285694] usb 2-2.1: Manufacturer: Nordic Semiconductor
[11985.285695] usb 2-2.1: SerialNumber: \xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf\xffffffef\xffffffbf\xffffffbf
[11985.301719] input: Nordic Semiconductor Nordic Semiconductor nRFready Basic Remote Dongle as /devices/pci0000:00/0000:00:14.0/usb2/2-2/2-2.1/2-2.1:1.0/0003:1915:002B.0005/input/input11
[11985.361937] hid-generic 0003:1915:002B.0005: input,hiddev0,hidraw2: USB HID v1.11 Keyboard [Nordic Semiconductor Nordic Semiconductor nRFready Basic Remote Dongle] on usb-0000:00:14.0-2.1/input0
.pre

^ mouse jack tools

https://github.com/BastilleResearch/mousejack

^^ find device address

.pre
dpavlin@nuc:/nuc/nRF24L01/mousejack/nrf-research-firmware/tools$ ./nrf24-scanner.py
[2017-01-07 13:50:59.174] 12 0 65:6F:91:A9:07
[2017-01-07 13:51:07.012] 8 10 65:6F:91:A9:07 00:C2:00:00:F8:FF:FE:00:00:49
[2017-01-07 13:51:15.216] 8 10 65:6F:91:A9:07 00:C2:00:00:17:D0:FF:00:00:58
[2017-01-07 13:51:15.231] 8 0 65:6F:91:A9:07
[2017-01-07 13:51:15.698] 12 0 65:6F:91:A9:07
[2017-01-07 13:51:23.456] 8 10 65:6F:91:A9:07 00:C2:00:00:EB:BF:FF:00:00:95
[2017-01-07 13:51:23.503] 8 10 65:6F:91:A9:07 00:C2:00:00:FF:0F:FF:00:00:31
[2017-01-07 13:51:23.509] 8 0 65:6F:91:A9:07
[2017-01-07 13:51:23.840] 12 0 65:6F:91:A9:07
.pre

^^ sniff

.pre
dpavlin@nuc:/nuc/nRF24L01/mousejack/nrf-research-firmware/tools$ ./nrf24-sniffer.py -c 8 12 -a 65:6F:91:A9:07
[2017-01-07 13:53:34.922] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:34.930] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:34.938] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:34.946] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:34.962] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:34.970] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:34.979] 8 22 65:6F:91:A9:07 00:D3:44:0F:5C:E6:CD:54:B5:71:8C:F9:99:33:00:00:00:00:00:00:00:00
[2017-01-07 13:53:34.986] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:34.994] 8 10 65:6F:91:A9:07 00:4F:00:01:18:00:00:00:00:98
[2017-01-07 13:53:35.125] 8 5 65:6F:91:A9:07 00:40:01:18:A7
[2017-01-07 13:53:35.278] 8 22 65:6F:91:A9:07 00:D3:B0:F4:B3:27:E3:BE:34:72:8C:F9:99:34:00:00:00:00:00:00:00:16
[2017-01-07 13:53:35.285] 8 5 65:6F:91:A9:07 00:40:00:08:B8
[2017-01-07 13:53:35.301] 8 5 65:6F:91:A9:07 00:40:00:08:B8
.pre

^ flashing

https://github.com/BastilleResearch/mousejack/issues/6
https://wiki.bitcraze.io/projects:crazyradio:spi_programming

^^ bus pirate

https://github.com/koolatron/buspirate_nrf24lu1p

| Bus Pirate || nRF24LU1+ |
| 3V3 | -> | VDD |
| AUX | -> | PROG |
| SCK | -> | SCK |
| MOSI | -> | MOSI |
| MISO | -> | MISO |
| CS | -> | CSN |
| GND | -> | GND |

.pre
dpavlin@nuc:/nuc/nRF24L01/buspirate_nrf24lu1p$ ./flasher.pl -device /dev/ttyUSB0 -input ../mousejack/nrf-research-firmware/bin/dongle.bin

.pre

^ bootloader

^^ 512 byte replacement

https://github.com/ahtn/nrf24lu1p-512-bootloader

^^ original bootloader

https://github.com/al177/buspirate_nrf24lu1p

^ Logitech C-U0007

Version with fixed ctrl+c exit bug: https://github.com/cl0udz/mousejack

.pre
dpavlin@x230:/x230/mousejack$ git remote -v
cl0udz https://github.com/cl0udz/mousejack (fetch)
cl0udz https://github.com/cl0udz/mousejack (push)

dpavlin@x230:/x230/mousejack/nrf-research-firmware$ make logitech_install

[Fri Apr 27 22:10:16 2018] usb 1-1.2: new full-speed USB device number 23 using ehci-pci
[Fri Apr 27 22:10:16 2018] usb 1-1.2: New USB device found, idVendor=1915, idProduct=0102
[Fri Apr 27 22:10:16 2018] usb 1-1.2: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[Fri Apr 27 22:10:16 2018] usb 1-1.2: Product: Research Firmware
[Fri Apr 27 22:10:16 2018] usb 1-1.2: Manufacturer: RFStorm

dpavlin@x230:/x230/mousejack/nrf-research-firmware$ ./tools/nrf24-scanner.py
[2018-04-29 14:23:51.370] 5 22 65:6F:91:A9:07 00:D3:D5:D7:4F:76:ED:63:55:70:EC:77:61:0F:00:00:00:00:00:00:00:D4
[2018-04-29 14:23:51.786] 9 5 65:6F:91:A9:07 00:40:00:08:B8

.pre