如何在 Windows 下嗅探 USB 端口?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/117474/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to sniff a USB port under Windows?
提问by dpavlin
From time to time, I need to dump USB traffic under Windows, mostly to support hardware under Linux, so my primary goal is to produce dump files for protocol analysis.
有时,我需要在 Windows 下转储 USB 流量,主要是为了支持 Linux 下的硬件,所以我的主要目标是生成转储文件用于协议分析。
For USB traffic, it seems that SniffUsbis the clear winner... It works under Windows XP (but notlater) and has a much nicer GUI than earlier versions. It produces hugedump files, but everything is there.
对于 USB 流量,似乎SniffUsb是明显的赢家......它在 Windows XP 下运行(但不是更高版本)并且具有比早期版本更好的 GUI。它产生巨大的转储文件,但一切都在那里。
However, my device is in fact a USB serial device, so I turned to Portmonwhich can sniff serial port traffic without the USB overhead.
然而,我的设备实际上是一个 USB 串行设备,所以我转向Portmon,它可以在没有 USB 开销的情况下嗅探串行端口流量。
采纳答案by Charles Duffy
Personally, I'd use QEMUor KVMand instrument their USB passthrough code, and then use libusbto prototype the replacement driver in user space (this latter bit I've done before; writing USB device drivers in Pythonis fun!).
就我个人而言,我会使用QEMU或KVM并检测它们的 USB 直通代码,然后使用libusb在用户空间中对替换驱动程序进行原型设计(后一点我以前做过;用 Python 编写 USB 设备驱动程序很有趣!)。
回答by jamkomo
Since people don't seem to realize it, Wiresharkdoes monitor USB traffic and has a parser for it; but the catch is it only works under Linux. Wireshark on Windows will not do this.
It may be possible to plug the USB device you want to monitor, along with a Linux machine (with Wireshark running) and your Windows machine and just use the USB device under Windows.
Problem with the above? I don't know how the Linux machine or the Windows machine will detect each other.
由于人们似乎没有意识到这一点,Wireshark确实会监控 USB 流量并为其提供解析器;但问题是它只能在 Linux 下工作。Windows 上的 Wireshark 不会这样做。
可以插入您想要监控的 USB 设备,以及一台 Linux 机器(运行 Wireshark)和您的 Windows 机器,然后在 Windows 下使用 USB 设备。
上面有问题吗?我不知道Linux机器或Windows机器将如何相互检测。
回答by albfan
After five years waiting, now it's possible to sniff usb packets on windows
经过五年的等待,现在可以在 Windows 上嗅探 USB 数据包了
See http://desowin.org/usbpcap/tour.htmlfor a quick tour. It works pretty well
有关快速浏览,请参阅http://desowin.org/usbpcap/tour.html。它运作良好
回答by gbjbaanb
回答by Kurt Fitzner
Busdog, an open source project hosted on github, has worked well for me. It has a driver it installs to allow it to monitor USB communications. The config window allows you to reinstall or remove the device at any time.
Busdog 是一个托管在 github 上的开源项目,对我来说效果很好。它安装了一个驱动程序以允许它监视 USB 通信。配置窗口允许您随时重新安装或删除设备。
You can select the USB device you want from an enumerated list. A nice feature is to have it automatically trace a new device that is plugged in:
您可以从枚举列表中选择所需的 USB 设备。一个不错的功能是让它自动跟踪插入的新设备:
Data communications to and from an SWR analyzer I was reverse engineering were captured flawlessly:
与我进行逆向工程的 SWR 分析仪之间的数据通信被完美捕获:
回答by Renat
Microsoft Message Analyzer was able to capture USB traffic, with Device and Log Fileparser from MS: link
Microsoft Message Analyzer 能够使用Device and Log FileMS 的解析器捕获 USB 流量:链接
Update: as mentioned by @facetus, MS Message Analyzer has been retired on November 25 2019.
更新:正如@facetus 所提到的,MS Message Analyzer已于 2019 年 11 月 25 日停用。
