Wireshark is a packet capture tool that can capture network and USB traffic. API Monitor. This tool can hook a Windows process and print out all calls to specific DLL files. Try to hook as many DLL files as possible and then see what gets called when changing light modes.
If any functions look promising, this tool lets you see the memory before and after each call to try to determine the arguments. To learn this information, there are many reverse engineering techniques and tools which we can use. The first step in reverse engineering a new device is to determine what interface it connects to the PC with. For external devices, this is almost always USB.
If it uses an RGB header, then your device doesn't actually have a controller built in. That leads us to on-board RGB devices, which is where the confusion really starts. Now while these libraries give us a whole lot of power and makes it pretty easy to write our software, there may be times where they just don't quite cover what we need.
That's when we can go deeper into the weird and wonderful world of driver development. I won't cover this too in-depth at the moment as it could be a whole blog series on it's own, but a few resources to get you started:.
Now that you've figured out all of the intricacies of the device, understand it's protocol and wrote some software or even a driver to interface with it.. I haven't dug too deeply into this topic, but a well placed Google search or two github usb over ip , github usb emulation turned up some interesting looking resources and I'm sure there are far more out there.. Once we understand the language these devices speak, how to listen to it, how to emulate it..
And with the prevalence of IoT devices out there now often with woeful security.. After all of that.. Not really anything to see here that we haven't already covered, but for posterity:. What originally started out as me wanting to dump a few links I was collecting as I read into this subject, we seem to have ended up with a rough reference guide to getting started on AllTheThings tm relating to USB reverse engineering and associated hardware hacking.
While this post by itself isn't going to give you all the answers, hopefully it's given you enough of a base that you can branch out and dig deeper into the aspects that interest you. Was there something I missed? A new shiny piece of hardware? An amazing program? Maybe you have some awesome techniques to share?
Or just a story about what you've been able to do with this newfound knowledge? I'd love to hear from you in the comments below! A USB system see also has: A host , with one or more downstream ports, and multiple peripherals Hubs may be included, allowing up to 5 tiers A host may have multiple controllers, each with one or more ports Up to devices can be connected to a single host controller A device may have several logical sub-devices, referred to as 'device functions' A composite device may provide multiple functions eg.
Descriptors sent on default pipe can describe other endpoints. Descriptors form a hierarchy that you can view with tools like lsusb. Isochronous transfers are somewhat similar but less strict; they allow for larger data blocks and are used by web cameras and similar devices, where delays or even losses of a single frame are not crucial.
Bulk transfers are for large amounts of data. Don't want to read through them all? Make sure to look at the facedancer 2. Once identified, this tag can be used to query further information about the device, eg. The following are some additional relatively short reads on how others have approached reverse engineering some devices, including tools they used, and basic methodologies.
If you want to be completely thorough, a hybrid approach may make the most sense eg. It acts as a man-in-the-middle hardware proxy allowing USB traffic to be captured, and later viewed in Wireshark or similar.
You probably just want to look at daisho below. It sounds like there were a lot of delays and other issues. But who knows.. Before I dive in too deeply..
As best I can tell.. Attempting to follow that logic.. You should probably just spend time browsing around this site in general.. Make sure to look at the facedancer 2. The facedancer is less about capturing data, and more about emulating a USB device with software python to be exact!
This has been superceded by the facedancer 2. This is a project designed for monitoring a number of high speed communication technologies at the physical layer, including USB 3.
0コメント