STEELSERIES WOW MOUSE FIRMWARE CODE
To compile your custom code correctly you need to choose the correct offset address for where it will end up once pasted into the firmware binary. There are a few useful skills that make taking on this project a worthwhile learning experience. Basically, this builds a USB Rubber Ducky into stock mouse firmware. The injected firmware is designed to enumerate as a USB keyboard, open Notepad, then type out, save, and execute a PowerShell script before throwing back to the stock firmware (ensuring the mouse would still function as a mouse). They first looked through the binary for a large block of zero values signifying unused space in flash. Once the data, clock, and ground pads on the underside of the board were connected to the Discovery board the firmware was easy to dump and the real fun began. Perhaps the biggest leap in this project is that the firmware wasn’t read-protected. They chose the STM32F4DISCOVERY which runs around $20. STM32 chips are programmed over ST-Link, which is available very inexpensively through the ST Discovery boards. With 128 KB of flash the researchers guessed there would be enough extra room for them to add code. The steelseries Sensei mouse was selected for the hack because it has an overpowered mircocontroller: the STM32F103CB. Contestants are allowed to bring their own peripherals which begs the questions: can you alter a stock gaming mouse to do interesting things? The prize pool of $20 million ($19 million of that crowdfunded through in-game purchases) is a big incentive to gain a competitive edge to win. The International 2016 tournament drew 17,000 attendees with 5 million watching online. The scope of esporting events has blown up in recent years. The jumping off point for their work is the esports industry. The process is a crash course in altering a stock firmware binary while still retaining the original functionality. In their Saturday morning talk and walked through the process of adding their own custom code to a gaming mouse. Here’s a DEF CON talk that uses tools you likely have and it should be your next hacking adventure.