Introduction!
Everyone has seen the Xbox 360 Kinect hacked in a matter of days after our "open source driver" bounty - here's how we helped the winner and here's how you can reverse engineer USB devices as well!
USB is a very complex protocol, must more complicated than Serial or Parallel, SPI and even I2C. USB uses only two wires but they are not used as 'receive' and 'transmit' like serial. Rather, data is bidirectional and differential - that is the data sent depends on the difference in voltage between the two data lines D+ and D- If you want to do more USB hacking, you'll need to read Jan Axelson's USB Complete books , they're easy to follow and discuss USB in both depth and breadth.
USB is also very structured. This is good for reverse engineering because it means that at least the format of packets is agreed upon and you won't have to deal with check-sums. The bad news is it means you have to have software assistance to decode the complex packet structure. The good news is that every computer now made has a USB host core, that does a lot of the tough work for you, and there are many software libraries to assist.
Today we're going to be reverse engineering the Xbox Kinect Motor, one part of the Kinect device.
Verify the VID & PID
The first place to start is to see what devices and "interfaces" or "configurations" are available for the USB device. The nicest way to do this is to use lsusb (Linux) or system_profiler (Mac) which is a "list usb" program available for Linux and mac. Sadly, it does not exist for windows, so find a mac or linux computer or friend, you'll only need it for a minute!
For linux, run lsusb -vv (ultra verbose) for Mac, run system_profiler SPUSBDataType
Read more: ladyada.net
Everyone has seen the Xbox 360 Kinect hacked in a matter of days after our "open source driver" bounty - here's how we helped the winner and here's how you can reverse engineer USB devices as well!
USB is a very complex protocol, must more complicated than Serial or Parallel, SPI and even I2C. USB uses only two wires but they are not used as 'receive' and 'transmit' like serial. Rather, data is bidirectional and differential - that is the data sent depends on the difference in voltage between the two data lines D+ and D- If you want to do more USB hacking, you'll need to read Jan Axelson's USB Complete books , they're easy to follow and discuss USB in both depth and breadth.
USB is also very structured. This is good for reverse engineering because it means that at least the format of packets is agreed upon and you won't have to deal with check-sums. The bad news is it means you have to have software assistance to decode the complex packet structure. The good news is that every computer now made has a USB host core, that does a lot of the tough work for you, and there are many software libraries to assist.
Today we're going to be reverse engineering the Xbox Kinect Motor, one part of the Kinect device.
Verify the VID & PID
The first place to start is to see what devices and "interfaces" or "configurations" are available for the USB device. The nicest way to do this is to use lsusb (Linux) or system_profiler (Mac) which is a "list usb" program available for Linux and mac. Sadly, it does not exist for windows, so find a mac or linux computer or friend, you'll only need it for a minute!
For linux, run lsusb -vv (ultra verbose) for Mac, run system_profiler SPUSBDataType
Read more: ladyada.net