Another approach would be to use this: http://www.rohitab.com/apimonitor
and just look for the API calls where it writes data out to usb.. On Wed, Apr 8, 2015 at 2:27 PM, Pavel Kirkovsky <[email protected]> wrote: > I came across this earlier, but I realized the LCD module integrated into > the appliance so moving it to another machine would be a major PITA > I’m interested in capturing USB traffic natively on the appliance while I > still have the stock OS installed. > > ---------------- > [email protected] (Email/XMPP) > https://kirkovsky.com > > OTR Fingerprint: 0DC94FB7 CF0F6989 E2746A37 0EADCF54 00145E35 > Key fingerprint: 4328CFD67B46A8FB32270F4F0CE4A0B83F3FC81F > Public Key: https://kirkovsky.com/[email protected] > Public Key (PKA): `gpg --auto-key-locate pka -ea -r [email protected]` > Public Key (Github): > https://gist.github.com/pkirkovsky/01071907297b34829249 > > On Apr 8, 2015, at 2:08 PM, Brian Richardson <[email protected]> wrote: > > > I always wanted to play with this, but never have: > > > > > http://esec-lab.sogeti.com/post/2011/04/06/Sniffing-USB-traffic-with-VMWare > > > > Maybe it'll work for you? > > > > On Wed, Apr 8, 2015 at 2:02 PM, Pavel Kirkovsky <[email protected]> > wrote: > > I have a Windows-based network security appliance that has an embedded > 2x40 LCD + jog dial for displaying status info and controlling various > functions (network configuration, reboot/shutdown, etc) using a helper > program running on the OS. It presents itself as a USB HID device (labeled > “Keyboard + LCD”) and uses a custom Windows-only driver. There is no > documentation whatsoever. > > > > What I’d like to do is gather information on how this device > communicates with the OS in order to add support for it under BSD & Linux. > I’m currently using USBlyzer and it works well, but it’s a Windows-only > program and only exports captures in its own format. > > > > What’s the best way to capture USB traffic on Windows so that it can > later be viewed & analyzed on a *nix system? So far Wireshark + USBpcap > seems like the best solution but I’m wondering if there’s a better way… > > > > Thanks, > > Pavel > > > > ---------------- > > [email protected] (Email/XMPP) > > https://kirkovsky.com > > > > OTR Fingerprint: 0DC94FB7 CF0F6989 E2746A37 0EADCF54 00145E35 > > Key fingerprint: 4328CFD67B46A8FB32270F4F0CE4A0B83F3FC81F > > Public Key: https://kirkovsky.com/[email protected] > > Public Key (PKA): `gpg --auto-key-locate pka -ea -r [email protected]` > > Public Key (Github): > https://gist.github.com/pkirkovsky/01071907297b34829249 > > > > > > _______________________________________________ > > dorkbotpdx-blabber mailing list > > [email protected] > > http://music.columbia.edu/mailman/listinfo/dorkbotpdx-blabber > > > > _______________________________________________ > > dorkbotpdx-blabber mailing list > > [email protected] > > http://music.columbia.edu/mailman/listinfo/dorkbotpdx-blabber > > > _______________________________________________ > dorkbotpdx-blabber mailing list > [email protected] > http://music.columbia.edu/mailman/listinfo/dorkbotpdx-blabber >
_______________________________________________ dorkbotpdx-blabber mailing list [email protected] http://music.columbia.edu/mailman/listinfo/dorkbotpdx-blabber
