[Noisebridge-discuss] cheap USB Analyzer, or signal integrity tools?

[Dr. Jesus]

On Mon, Nov 8, 2010 at 3:54 PM, Michael Prados <mprados at gmail.com> wrote:
>> I use a USB to Ethernet extender on one side, have an Overo's host
>> mode port on the other side, and sniff the packets.  Worked fine for
>> the simple device I had to figure out how to talk to.
>
> That's an interesting approach.  Do you mean that you have
> USB->ethernet->USB, which allows USB packets to be transmitted
> essentially unimpeded, but allows you to sniff the ethernet packets
> without affecting the through traffic?

Yes.

> The Overo is a Gumstix board
> acting as an ethernet->USB converter?  Not quite sure I understand how
> this fits together, but it sounds like you efficiently used some
> components you had readily available to address this problem.  Care to
> fill in some details?  I fear part of the issue is that I'm only
> peripherally familiar with Gumstix.

The Gumstix was only used because it runs Linux and has a USB OTG port
to plug into whatever computer has the software that speaks the
proprietary protocol to the device you're reverse engineering.  Most
Linux devices only have a upstream port.

The short version is that it's pretty easy to find devices which have
a USB upstream port on one side and an Ethernet port on the other
side, and you install a driver on a PC somewhere to allow it to talk
to the USB to Ethernet converter over the network.  If that driver is
on a Linux machine and the Linux machine has a host or OTG port, you
can get a physical downstream port by mutilating the sample USB gadget
driver to talk to a netlink socket.  When you put the whole mess
together the result is basically a USB cable with sniffable packets
somewhere in the middle.

If the two things you want to watch talk allow you to run unsigned
code on them, it's usually easier to just install Wireshark and
capture the USB frames using it, though.