If you’ve ever worked with USB as either a designer or during a reverse-engineering effort, you know that it can be difficult to capture USB packets and analyze them. There are some protocol decoders built into oscilloscopes that can decode USB, but often getting the captured packets into an analysis tool like Wireshark is ideal. The tinySniffer USB Packet Capture device can simultaneously capture and pass USB packets, allowing transparent capture and analysis of a USB connection.
The device runs a custom, stripped-down version of Debian called tinyDebian, which is a project originally developed for their ARM single-board computer. After you receive the device, you can set it up for remote usage using Wi-Fi. It’s unclear from the description whether this is required to use the device, or whether it shows up locally as a USB capture interface in Wireshark or as a simple USB to serial device allowing access to the tinyDebian shell. We hope users have the option to not use the remote control software, as this requires registration with their website.
The built-in sniff command seems to be very powerful, allowing automatic detection of endpoint configurations, plus the ability to simulate unplugging and replugging of USB devices. Additionally, it captures all USB traffic, which can then be easily filtered with Wireshark to focus on particular devices, endpoints or packet types. This could be an invaluable tool for any developers who are building a custom USB stack or integrating an existing stack into a project. Issues with USB can sometimes be difficult to track down, and just like with other serial protocols, seeing what’s really happening on the wire can be a powerful debugging tool!
source https://blog.tindie.com/2024/07/tinysniffer-usb-packet-capture-passthrough/
No comments:
Post a Comment