Capturing USB traffic with Wireshark (sniffing USB data) - Viewing LightBurn to Laser Cutter GCode
This video shows how to capture USB data using Wireshark.
Note this is for educational or hobbyist use and for viewing your own data only. This should not be used for monitoring traffic for other users or to view other people's data.
In the video I explain how to install and setup Wireshark using USBMon to monitor data going to a USB device. In this case it's to a laser cutter which uses an Expressif microcontroller running GRBL.
It allows you to see the GCode being transmitted and more importantly (for my example) the error messages being produced by the laser cutter.
The steps taken are:
Install Wireshark
sudo apt install wireshark
Load the usbmon driver
sudo modprobe usbmon
Start wireshark
sudo apt install wireshark
Get details of the USB device that is connected
sudo dmesg
sudo lsusb
or
sudo less /sys/kernel/debug/usb/devices
set the filters in wireshark
usb.src ~ “<bus>.<dev>” or usb.dst ~ <bus>.<dev>”
export the capture
File ... Export Packet Dissections
get the "Leftover information"
grep "Leftover" capture-test1-export.txt > capture-test1-leftover.txt
strip out text label with sed
sed -i 's/Leftover Capture Data: //g' capture-test1-leftover.txt
Add spaces with sed
sed -i 's/.\{2\}/& /g' capture-test1-leftover.txt
Convert from ascii hex to ascii text using xxd
xxd -r -p capture-test1-leftover.txt capture-test1-ascii.txt
Then read the output using less
Chapters:
00:00 Introduction
00:22 Disclaimer / Educational use only
01:29 Why monitor USB traffic with Wireshark
04:01 Sniffing USB data
04:20 Installing Wireshark
04:49 Monitoring USB with usbmon and wireshark
06:32 Extracting and converting ASCII data
09:31 Expressif GBRL error message
10:18 Sending data to USB serial using PUTTY
11:32 Summary
For more details see:
https://www.penguintutor.com/linux/wi...
