usbsnoop

From LinuxTVWiki
Jump to navigation Jump to search

usbsnoop is a small but very useful utility program which can sniff/monitor, and log to file, all data exchange between an USB device and its driver under a Windows OS environment.

There are actually several such, highly related, utility programs and derivative works that are often casually referred to by the name "usbsnoop". Though such usage is technically incorrect, it is understandable due to their somewhat confusing and intertwined developments. An attempt to differentiate between these different apps, and illuminate their shared history is provided below.

History

USB Snoopy was released, in April 2000, by "Tom and Roland" (from "wingmanteam.com"), as a small utility for monitoring a USB device's communications traffic under a Windows 98 environment (see archived webpage). The USB Snoopy release consisted of three parts:

  • a simple GUI program, SniffUSB.exe, to install and remove the filter driver
  • a filter driver, UsbSnoop.sys, that monitors the actual USB traffic
  • A debug viewer, dgbview.exe, was included to catch the output from the filer driver. (dgbview was written by Mark Russinovich from Sysinternals, which later went on to become a part of Microsoft)


Inspired by USB Snoppy, Benoit Papillault releases, in Mar 2001 usbsnoop v1.1, [1], which he describes simply as an "USB sniffer for Windows 2000".


Note: This section is still a WIP. The following bullet points currently serve just as reminders to expand upon some other development milestone points and/or history -- to be cont'd
  • Aug 28, 2001 - Roland registers the project "usbsnoop" at sourceforge
  • Oct 07, 2001 - 0.13 [wingman] ... interesting comment about the spin off project
  • Aug 19, 2002 - Roland puts SnoopyPro 0.20 on CVS at sourceforge
  • Jan 15, 2003 - usbsnoop Version 1.8, Benoit
  • Dec 27, 2006 - SniffUSB V2.0, Thomas F. Divine [2]

Downloads

usbsnoop

Supports Windows 98 / 2000 / XP (32-bit only)

  • direct download of v1.8 from here

SniffUSB 2.0

Supports only Windows XP or later

* 32-bit version - direct download from here
* 64-bit version - direct download from here

A brief "How to use usbsnoop" v1.8

 1) Make sure that your device and drivers are installed on Windows
 2) Start usbsnoop
 3) Plug your device and press refresh button in usbsnoop
 4) Select and install filters for your device in usbsnoop
 5) Restart your Windows
 6) Start your favorite application for some seconds, then stop the program and close usbsnoop.

External Links