I second Wireshark/tshark for software USB pcaps. And the Total Phase Beagle USB protocol analyzers are fantastic for exactly this situation.
Another potentially useful tool is the FaceDancer designed by Travis Goodspeed. With this, you can emulate the target USB device. Connect the appliance to the FaceDancer and see what happens when emulating various states similar to what you have observed from the USB HID device. Now you can observe what the hardware does when you are running a custom helper program, and you can test what the Windows helper program will do when interacting with emulated hardware. Chances are good you can get everything you need done with software-only captures. Let me know if you want help pulling some hardware captures to compare with what you are getting in software. -- Kenny -+---+++-++-++++--+------+-+-++--++--+-+-++--+++-++----+-++-+++---+----+--+----+ On Wed, 2015-04-08 at 14:26 -0700, David Madden wrote: > On 4/8/15 2:02 PM, Pavel Kirkovsky wrote: > > What’s the best way to capture USB traffic on Windows so that it can > > later be viewed & analyzed on a *nix system? So far Wireshark + > > USBpcap seems like the best solution but I’m wondering if there’s a > > better way… > > Wireshark is the best software-only way I know about. I've tried it a > couple of times, but more out of curiosity than necessity. The hardware > method is to use something like the TotalPhase analyzers. I just > borrowed one of those (the low-end, 12MBPS model) and it worked great. > It's $400, though, and I wouldn't use it near enough to justify that. > > It'd be interesting to build an open-source dongle that could feed > Wireshark. That would be a genuine contribution to the cause. > > Regards, > _______________________________________________ > dorkbotpdx-blabber mailing list > [email protected] > http://music.columbia.edu/mailman/listinfo/dorkbotpdx-blabber
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dorkbotpdx-blabber mailing list [email protected] http://music.columbia.edu/mailman/listinfo/dorkbotpdx-blabber
