LambdaConcept USB2 Sniffer

_images/sniffer.jpg

Hardware features

  • FPGA Chipset: Xilinx XC7A35T Artix 7 Series

  • USB3 Chipset: FT601 USB 3.0 w/ 5Gbps bandwidth

  • RAM: 256MB DDR3

  • USB2: 2 High Speed USB ULPI

  • USB2 MUX: for active/passive switching

  • User Interfaces: 2 RGB LEDs

  • Input Voltage: 5V, from USB3

  • JTAG: 6 pins JTAG connector for FPGA programming

Use cases

  • USB2 Sniffing

  • USB2 MitM

  • FaceDancer-like attacks

  • High Speed USB IP design…

Hardware vs Software sniffer

USB2Sniffer is a hardware-based sniffer. This is different than a software-only sniffer (For ex. Wireshark):

Software-only limitations:

  • Capture is done at a higher level (URB)

  • Depends on the host PC hardware USB controller

  • Can only monitor USB traffic from/to the host PC

Hardware-based sniffer capabilities:

  • Capture is done at the wire level (DP/DM).

  • Ability to capture low level events such as: VBUS states, Speed negotiation Chirps, NAK or Incomplete transactions, PING, SPLIT, Start of Frames (SOF), errors, retransmissions, etc.

  • Non intrusive: ULPI PHY are set to passive (non driving, no pull-up, no pull-down) mode and have no effect on the monitored USB bus.

  • Accurate timings: each data byte or bus event is timestamped with a 60 MHz timestamp clock (16 ns precision)

  • Capture between any host/device: a phone and its accessory, embedded systems, etc.