[mdlug] Capturing USB events for reverse-engineering?

Dan Pritts danno at dogcheese.net
Sat Sep 21 00:42:03 EDT 2013 

Looks like you might be able to sniff USB on windows.  That would be the easy way.

http://usbsnoop.sourceforge.net/

software old, but recent reviews good.

On Sep 21, 2013, at 12:07 AM, David Hensley <nezsez2 at gmail.com> wrote:

> David,
>  Did you make any progress? The lsusb/wireshark suggestions will help you
> figure out the data streams the button push, et. al., trigger, but you are
> going to have to find out about the software in windows and what
> libraries/functions it is using if you want to reproduce it's behavoir.
> This can be done with a debugger or disassembler but it's much easier if
> you can get the "symbols" from the producer, and that seems unlikely in
> your case. You can disassemble it to assembly, which if you understand,
> would allow you to re-create the operation in *nix with whatever language
> you like, but it would be quite a bit of work without the debugging symbols
> and a debugging compiled version of the windows software (usually these are
> "stripped" out for a production release for size and performance reasons;
> try 'man strip' in linux for more info).
>  FTR in *nix you can use commands like ldd, objdump, yasm/nasm,
> ltrace/strace, dtrace, strings, readelf, gdb, ar, ranlib, nm, and many
> others to get all sorts of info on a compiled executable.  There are
> similar commands in windows, but I don't know their names off the top of my
> head anymore.
> 
> 
> On Sun, Sep 15, 2013 at 4:50 PM, Mark Thuemmel <ldaphelp at thuemmel.com>wrote:
> 
>> On 09/13/2013 03:28 PM, David McMillan wrote:
>> 
>>> 
>>> So, I've got this cheap USB microscope that both Windows and Linux
>>> recognize as a standard webcam. But it has a button on it to trigger
>>> taking images, which only works with the Windows-only proprietary
>>> software that came with the 'scope. And it occurred to me that detecting
>>> this button push under Linux and using it to trigger a capture probably
>>> shouldn't be too hard (this unit is too cheap for the mfgr to have spent
>>> much effort on anti-hacking measures). But then I realized -- I have no
>>> idea how one goes about this kind of thing. It's just never come up in
>>> my "Linux life" before.
>>> So... anyone know a good "idiot's guide" place to start?
>>> 
>> 
>> do a lsusb from a terminal prompt and look for the ID of your device. If
>> you don't know which one it is, try it unplugged and then plugged in and
>> see what appears.  Looks like this:
>> 
>> Bus 007 Device 002: ID 045e:0040 Microsoft Corp. Wheel Mouse Optical
>> 
>> Then Google the numbers with the colon (045e:0040 in this case) that and
>> see if you can identify it.
>> 
>> 
>> 
>> I wonder if http://www.lirc.org/ could read it and act on button....
>> 
>> ______________________________**_________________
>> mdlug mailing list
>> mdlug at mdlug.org
>> http://mdlug.org/mailman/**listinfo/mdlug<http://mdlug.org/mailman/listinfo/mdlug>
>> 
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug

More information about the mdlug mailing list