![]() ![]() Going through app.html, we find the following interesting information. The following kernel patch has more information about the specific fields we're interested in : patch/10761581/. ![]() ![]() Pla圜AP.pcapng -e usb.idProduct -e usb.idVendor -Tfields | less IRP information: 0x00, Direction: FDO -> PDOĬhecking the vendor ( 0x57e) and product ( 0x2009) ids of the USB device with help from google tells us the traffic is from a Nintendo Switch controller : 360Controller/issues/632. URB Function: URB_FUNCTION_GET_DESCRIPTOR_FROM_DEVICE (0x000b) IRP USBD_STATUS: USBD_STATUS_SUCCESS (0x00000000) Interface name: \\.\pipe\wireshark_extcap_\\.\USBPcap1_20190918154451Įncapsulation type: USB packets with USBPcap header (152) Pla圜AP.pcapng -V | lessįrame 1: 36 bytes on wire (288 bits), 36 bytes captured (288 bits) on interface 0 More information about the USB filter fields can be found at the Wireshark USB reference page. The packet capture file has a bunch of USB traffic ( URB Interrupt packets). We are given an HTML5 application and a pcagng. ![]()
0 Comments
Leave a Reply. |