UGN Security

QwertyScan (Wireless Keyboard Scanner)

Posted By: jonconley

QwertyScan (Wireless Keyboard Scanner) - 01/24/03 05:23 AM

Over 65,000 wireless keyboards in Europe (less were sold in the US) are transmitting an unsecure signal at ranges up to ~500 ft. Anyone with a reciever can capture every single keystroke.

The company has been made aware of this and are now making a 256 channel wireless keyboard that will switch channels on every reboot. Also supposed to limit the range to 60 ft or so. However, the previous model was supposed to do that too.

Of course if you are close to where it is being used and know the user, you know when computer is usually rebooted, if at all. Ex. Office. Turn computers on in morning and leave on all day. Now you have office away from the bosses and get curious.

Getting some ideas now?

Well, I have seen a few hardware keystroke loggers. They use flash memory and store the keystrokes in looped memory.

I am looking for individuals with the knowledge to aid/lead a hardware development group interested in making a "QwertyScan", hardware that will scan for and log wireless keyboard signals.

With the technology already out there, it seems it will take some though and a fair amount of modifications to existing hardware. Please let me know if you are interested in leading or joining such a project.
Posted By: sinetific

Re: QwertyScan (Wireless Keyboard Scanner) - 01/25/03 11:05 AM

Hmm sounds interesting. Pick up and post some schematics for recievers. I need some technical info behind it. Like is it transmited digitally? does it use parity? What frequency range does it operate under? I know not every brand operates at the same range. I've seen devices that just intercept certain signals and save them into memory. Certain 'garage door hackers' or 'car alarm hackers' operate under the same principal as the device your thinkig of. They capture a displayed signal, store it, and have a 'replay' button.

yeah i'm interested jon if you can get ahold of the info I need.
Posted By: nomel

Re: QwertyScan (Wireless Keyboard Scanner) - 05/01/03 07:09 PM

instead of building a reciever (unless you want the experience points) I recommend getting a radio scanner. Or finding someone who has one. If you got a radio would be all software from that point on. You *could* make an interface to extract the ones and zeros, or you could go completely software and use the sound card to extract the data. I recommend hardware, since it will drastically reduce the software's complexity, and give you some nice easy electronics experience.

I'm also interested. My friend has a wireless keyboard and mouse, so I'll try to see what I can find.
Posted By: nomel

Re: QwertyScan (Wireless Keyboard Scanner) - 05/01/03 07:23 PM

It seems that they use a wide range of frequencies, depending on the product.



902-928MHz describes one of the products as having 256 id codes. I'm realy betting that this is just so similar products don't interefere, and not to keep people from ease-dropping.
Posted By: nomel

Re: QwertyScan (Wireless Keyboard Scanner) - 05/01/03 07:23 PM

Posted By: jonconley

Re: QwertyScan (Wireless Keyboard Scanner) - 05/01/03 10:55 PM

There are some ppl working on this project already. Hope to have it for a website of mine. I will look for their PM, its on one of these damn webboards, and post their progress.
Posted By: nomel

Re: QwertyScan (Wireless Keyboard Scanner) - 05/02/03 06:41 AM


how long they been working on it?

I'm sure the hardest part is going to be figuring out the protocol for each...assuming they are different. I doubt they would be different though...the all probably use the same encoder/decoder.
Posted By: nomel

Re: QwertyScan (Wireless Keyboard Scanner) - 05/05/03 06:00 AM

Well, I had company this weekend, so I didn't get a chance to recieve and record any data. I should be able to this week or next weekend.
© 2018 UGN Security Forum