Wireshark-dev: [Wireshark-dev] Request for Wireshark Wiki: Two additions to CaptureSetup/USB
Hi there,
as a new registered Wiki user, I cannot add text to the CaptureSetup/USB
wiki page. The page is protected against editing by normal users.
https://wiki.wireshark.org/CaptureSetup/USB
So I hope this is the right place to suggest two additions to that page.
It would be very helpful to have these added, since when I looked for
similar information, I didn't find a MITM hardware solution, but almost
every advice was to sniff USB traffic on the OS itself or using a
virtual machine. Both cannot be done when the USB host cannot be
accessed, e.g. a PS4.
The following two diy-hardware devices can be inserted on a cable
between a USB device and a USB host - and they are much cheaper than
commercial products I found.
I tested SerialUSB and it works fine with Wireshark. I didn't try
USBProxy due to lack of a BB.
-----------------------------------------------------------------------
USB traffic MITM with Linux
If you can't intercept USB traffic on the host, e.g. a game console,
there are projects that facilitate building a simple MITM sniffing device.
SerialUSB by Mathieu Laurendeau
https://blog.gimx.fr/serialusb/
https://github.com/matlo/serialusb
is designed to intercept USB HID traffic. Originally made for the GIMX
project, which aims to convert PC game controller USB messages for the
PS4. You will need a Linux computer to capture the HID messages and an
Arduino-based USB dongle. Parts are cheap. If you don't like soldering,
some enthusiasts sell ready-made "GIMX USB adapters" on eBay and elsewhere.
USBProxy by Dominic Spill
https://github.com/dominicgs/USBProxy
intercepts USB traffic with a Beaglebone Black, which is
reconfigured to act as a USB gadget emulating the device connected
to the 2nd USB port. According to the documentation, it allows sniffing
non-HID traffic, as well.