Closed mgiaco closed 7 years ago
desowin
commented
10 years ago This feature is currently in the works as part of the extcap interface.
Current extcap implementation gets the individually checkable devices list in Wireshark (please note you'll need development version of Wireshark). The missing part is some of the logic in USBPcapDriver and USBPcapCMD, which I am finishing now.
desowin
commented
10 years ago This feature is implemented in 494bc83f3db254822d2830901bf415a26bc5e0e4.
Please test it on your system.
mgiaco
commented
10 years ago Hi,
I tried to compile it but it doen´t work
C:\workdir\github\usbpcap\usbpcap>build_release.bat
C:\workdir\github\usbpcap\usbpcap>cd C:\workdir\github\usbpcap\usbpcap\
C:\workdir\github\usbpcap\usbpcap>if exist Release RMDIR /S /Q Release
C:\workdir\github\usbpcap\usbpcap>mkdir Release\XP\x86
C:\workdir\github\usbpcap\usbpcap>mkdir Release\XP\x64
C:\workdir\github\usbpcap\usbpcap>mkdir Release\Vista\x86
C:\workdir\github\usbpcap\usbpcap>mkdir Release\Vista\x64
C:\workdir\github\usbpcap\usbpcap>mkdir Release\Windows7\x86
C:\workdir\github\usbpcap\usbpcap>mkdir Release\Windows7\x64
C:\workdir\github\usbpcap\usbpcap>call cmd.exe /c driver_build.bat x86 WXP Release\XP\x86
C:\workdir\github\usbpcap\usbpcap>call C:\WinDDK\7600.16385.1\bin\setenv.bat C:\WinDDK\7600.16385.1\ fre x86 WXP
ERROR: This window already has the DDK build environment set. Please open a new window if you want to change or reset your build environment.
path contains nonexistant c:\mingw64\bin, removing path contains nonexistant c:\program files (x86)\doxygen\bin, removing path contains nonexistant c:\coocox\coide\gcc\bin, removing path contains nonexistant c:\sysgcc\powerpc-eabi\bin, removing BUILD: Compile and Link for AMD64 BUILD: Start time: Wed Oct 08 16:28:08 2014 BUILD: Finish time: Wed Oct 08 16:28:09 2014 BUILD: Done
0 files compiled - 4 WarningsDone Adding Additional Store SignTool Error: File not found: USBPcapCMD\objfre_win7_AMD64\amd64\USBPcapCMD.exe
Number of errors: 1 Done Adding Additional Store SignTool Error: File not found: USBPcapDriver\objfre_win7_AMD64\amd64\USBPcap.sys
Number of errors: 1
desowin
commented
10 years ago It looks like you started the bat file in WinDDK command prompt window. Start it in standard cmd.exe window or simply double click it.
mgiaco
commented
10 years ago c:\workdir\github\usbpcap\usbpcap>call C:\WinDDK\7600.16385.1\bin\setenv.bat C:\WinDDK\7600.16385.1\ fre x64 Win7 WARNING: x64 Native compiling isn't supported. Using cross compilers. OACR monitor running already path contains nonexistant c:\mingw64\bin, removing path contains nonexistant c:\program files (x86)\doxygen\bin, removing path contains nonexistant c:\coocox\coide\gcc\bin, removing path contains nonexistant c:\sysgcc\powerpc-eabi\bin, removing path contains nonexistant c:\mingw64\bin, removing path contains nonexistant c:\program files (x86)\doxygen\bin, removing path contains nonexistant c:\program files (x86)\nmap, removing path contains nonexistant c:\users\lwngim1\appdata\roaming\npm, removing BUILD: Compile and Link for AMD64 BUILD: Start time: Wed Oct 08 22:12:42 2014 BUILD: Finish time: Wed Oct 08 22:12:43 2014 BUILD: Done
0 files compiled - 8 WarningsDone Adding Additional Store SignTool Error: File not found: USBPcapDriver\objfre_win7_AMD64\amd64\USBPcap.sys
Number of errors: 1 ===== BUILD FAILED! ===== Drücken Sie eine beliebige Taste . . .
No that wasn't the problem - have you got another idea?
desowin
commented
10 years ago Which Windows version are you using?
mgiaco
commented
10 years ago Win7 64 Bit Enterprise
desowin
commented
10 years ago I am unable to reproduce this problem on Windows 7 64 Bit Enterprise with SP1 (English).
mgiaco
commented
10 years ago Okay now I can build it :-) So (please note you'll need development version of Wireshark) So can I use the Development Release or do I need to compile it by myself?
desowin
commented
10 years ago How did you fix the problem?
You can either compile by yourself or use latest automated build. Please note that current development release (1.99.0) does not contain Fix extcap boolean flag handling.
mgiaco
commented
10 years ago Okay thx, i will try it this week. I used a fresh install on a virtual machine so i do not know exactly what the problem was.
Hello, USBpcap is pretty cool but it would be great to filter specific devices i think. Because most of the time i think someone would only sniff a specific device not the entry hub or not?
So My USB Ports...
1 .\USBPcap1 \??\USB#ROOT_HUB20#4&37f07056&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8} [Port 1] Generic USB Hub [Port 4] Generic USB Hub [Port 1] Generic USB Hub [Port 1] Generic USB Hub [Port 5] Microsoft-Hardware - USB-Maus Microsoft USB Basic Optical Mouse (Mouse and Keyboard Center) [Port 6] USB-Verbundgerät USB-Eingabegerät HID-Tastatur USB-Eingabegerät HID-konformes Gerät HID-konformes Benutzersteuergerät [Port 4] Generic USB Hub [Port 1] USB-Verbundgerät USB - DAS - IF0 USB - DAS - IF1 [Port 4] USB-Massenspeichergerät FCR-HS3 -0 USB Device FCR-HS3 -1 USB Device FCR-HS3 -2 USB Device FCR-HS3 -3 USB Device [Port 4] Generic USB Hub [Port 2] Silicon Labs CP210x USB to UART Bridge [Port 3] LAP-C-16128 [Port 4] Generic USB Hub [Port 3] D-Link DUB-E100 USB 2.0 Fast Ethernet Adapter [Port 6] Silicon Labs CP210x USB to UART Bridge [Port 7] USB Serial Converter USB Serial Port (COM62) 2 .\USBPcap2 \??\NUSB3#ROOT_HUB30#5&1769d4a8&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8} [Port 4] USB Serial Converter USB Serial Port (COM78)
So if I only want to sniff Port 7 as an example => USBPcap1 (COM62 Serial Port) would it be possible to implement this in the future.
If so can you give me a hint where to start in USBPcap i would like to help.
thx
mathias