USB Sniffing

From flashrom
Revision as of 00:02, 10 July 2013 by Stefanct (talk | contribs) (Initial version)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This wiki is retired

Our website is https://www.flashrom.org, instructions on how to add or update documentation are here

All wiki content available in read-only mode at wiki.flashrom.org

To reverse engineer protocols of proprietary (flashing) USB devices one needs to obtain traces of the communication between the vendor application and the device. Below is a list of possible methods to do so.

usbmon - The Linux way

Capturing native Linux applications

Capturing virtualized applications

Most probably the proprietary device comes with a proprietary application running on a proprietary OS like Windows or OSX. By using a virtual machine we can nevertheless do the capturing and dissecting in Linux. The only difference here is that the virtual machine must support forwarding USB ports and traffic into the virtualized operating system in a way that usbmon can cope with.

USBPcap - Windows

On Windows hosts one can use USBPcap to capture USB traffic natively.

Wireshark supports dissecting USBPcap capture files since version 1.10.

bb_usb_sniffer - Using a BeagleBoard-xM as MITM

Another interesting way is to use an embedded Linux computer between the device and the host. This approach has been implemented using a BeagleBoard-xM [1].

See also

http://wiki.wireshark.org/CaptureSetup/USB