From owner-freebsd-usb@freebsd.org Tue Mar 20 09:07:43 2018 Return-Path: Delivered-To: freebsd-usb@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4EF4DF600E3 for ; Tue, 20 Mar 2018 09:07:43 +0000 (UTC) (envelope-from ingegneriaforense@alice.it) Received: from smtp206.alice.it (smtp206.alice.it [82.57.200.102]) by mx1.freebsd.org (Postfix) with ESMTP id A67F968621 for ; Tue, 20 Mar 2018 09:07:42 +0000 (UTC) (envelope-from ingegneriaforense@alice.it) Received: from portatile1 (93.64.101.74) by smtp206.alice.it (8.6.060.28) (authenticated as ingegneriaforense) id 5AB04F03003BDB10; Tue, 20 Mar 2018 10:07:41 +0100 From: "Vincenzo Di Salvo" To: "'Hans Petter Selasky'" Cc: References: <77f62042-bb44-7b36-0845-b88d233bfed0@selasky.org> <000401d3bfbe$c7f99370$57ecba50$@it> <49bf1a27-e01b-d0fd-91c4-47c18c688290@selasky.org> In-Reply-To: <49bf1a27-e01b-d0fd-91c4-47c18c688290@selasky.org> Subject: R: R: usb's quirks ... how to sniff bios'es messages addressed to usb rom chip Date: Tue, 20 Mar 2018 10:07:25 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Office Outlook 12.0 Content-Language: it Importance: High Thread-Index: AdPAHYkQqwipz2awSU2xsz0HfP426wADSaSw X-Antivirus: AVG (VPS 180319-2, 19/03/2018), Outbound message X-Antivirus-Status: Clean X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Mar 2018 09:07:43 -0000 Hi, probably what you are saying is so important that solves my doubt about a = my misunderstanding about USB protocol and my idea to use the usbdump is to= tally wrong and no more usefull. Foundamentally my goal is only understand if, pluging a usb device, a direc= t writing operation can or not occur from the processor into the usb device= =2E So, please, let me ask another question to exclude all my misunderstanding.= You wrote: =E2=80=9CA processor runs on the USB device replying to this protocol. Ther= e is no direct hardware access. You need to ask the manufacturer which USB = request returns the counter you are asking for=E2=80=9D. 1- If "there is no direct hardware access", this means that the processor c= an only do read-only accesses to the USB device. Is it correct ? yes/no: 2- Speaking of =E2=80=9Cwhich USB request returns the counter=E2=80=9D do y= ou mean that the counter increment occurs "internally" following a request = of the processor, excluding a direct writing operation of the processor int= o the usb device ?. Is it correct ? yes/no: If so, your reply solves my limited knowledges of the usb protocol. Thanks in advance. Regards -----Messaggio originale----- Da: Hans Petter Selasky [mailto:hps@selasky.org] Inviato: marted=C3=AC 20 marzo 2018 08:32 A: Vincenzo Di Salvo Oggetto: Re: R: usb's quirks ... how to sniff bios'es messages addressed to= usb rom chip On 03/19/18 21:13, Vincenzo Di Salvo wrote: > Thanks. > > I have read the usbdump man page ... and I know that is wireshark is able= to sniff usb traffic. > > My problem is how to detect the bit that increment the counter (always th= at the chip of the usb drive allows a such action). > Hi, I think you misunderstand what USB is. USB is a protocol. A processor runs on the USB device replying to this protocol. There is no direct hardware access. You need to ask the manufacturer which USB request returns the counter you are asking for. --HPS > Again: I kindly contact you to know if someone of the list has already do= ne this test, if he can address me on the right street among the numerous i= nformations shown by wireshark or usbdump. > > Tutorials weblink are appreciated (if they exist). > > Regards. > > Vincenzo. --- Questa email =C3=A8 stata esaminata alla ricerca di virus da AVG. http://www.avg.com