Reverse Engineering how a USB Switch Switches

[Daniel] found himself with a need to connect a single USB device to two Linux servers. After searching around, he managed to find an inexpensive USB switch designed to do just that. He noticed that the product description mentioned nothing about Linux support, but he figured it couldn’t be that hard to make it work.

[Daniel] started by plugging the device into a Windows PC for testing. Windows detected the device and installed an HID driver automatically.  The next step was to install the control software on the Windows system. This provided [Daniel] with a tray icon and a “switch” function. Clicking this button disconnected the HID device from the Windows PC and connected the actual USB device on the other side of the USB switch. The second computer would now have access to the HID device instead.

[Daniel] fired up a program called SnoopyPro. This software is used to inspect USB traffic. [Daniel] noticed that a single message repeated itself until he pressed the “switch” button. At that time, a final message was sent and the HID device disconnected.

Now it was time to get cracking on Linux. [Daniel] hooked up the switch to a Linux system and configured a udev rule to ensure that it always showed up as /dev/usbswitch. He then wrote a python script to write the captured data to the usbswitch device. It was that simple. The device switched over as expected. So much for having no Linux support!

26 thoughts on “Reverse Engineering how a USB Switch Switches

    1. See the other article about C buffer overflows and wonder at people counting by hand instead of using a computer to do it. Yay Python – Boo Malloc… :) flame war bait for sure :) (no notifications for me)

      1. Perl has more, or used to. But Python is quite simple to read, has good dev tools, good support, good documentation…
        Why make life more complicated than you have to?

    2. I myself have started to use Python for these afternoon micro-hacks.
      Coming from a C-background a large portion of the language is similar enough to just use it and it is very handy that you can use python like a shell for trying out your design in advance (especially when messing with partially unknown things like this USB-thingy).
      Combined with the incredible amount of modules and examples availlabe this makes it nearly ideal for this quick&dirty stuff.
      One of the main arguments against any interpreted language, performance, is also not a problem when working on a command-line level.
      After a few hours of experimenting and adjusting to some of the quirks (like the strange way to do for-loops) and getting used to defining loops with indentation (the biggest drawback in my eyes), I am now able to throw together quick “interface-hacks” like this one (I made something similar to switch my Nexus 7 into accesory-mode to listen to sound via my PC-Speakers) fairly quick.

    3. Really fast and easy to go from “will this work?” to a full blown thing. Huge mature library support facilitates this more than other languages.

      Lot of times that’s bad because while python was a great prototyping language it is too easy to write something totally inappropriate and spend ages solving little bugs caused by poor design(due to the experimental origin) and language limitations.

      The cost of failure in python is cheaper than other languages and that’s why people do wild things in it.

  1. SnoopyPro, eh?

    God I love hearing about tools. I just still haven’t figured out the best way to organize all the ones I’ve heard of, so when I finally have that problem I can say “yeah, I can use this on it” instead of just brain farting and thinking I *know* I heard about something that would do that…

      1. Trello – collaborative lists / tasks / kanban boards. Great for tracking projects or keeping organized. I use it to keep track of all my project ideas, and where I’m at with each one.

  2. “a single message repeated itself until he pressed the “switch” button. At that time, a final message was sent and the HID device disconnected.” How much processing time does that take up? What does the switch do if it’s not continually sent that “single message”?

    1. Nothing; reading between the lines just shows that their windows driver polls for the status of the switch quite a bit too aggressively.

      (Really, polling every 30ms to check whether there’s a device plugged into it??)

          1. Users (average yokels without a clue) are demanding faster responses (while bogging down faster hardware with shitty software) when doing X or Y. It’s like when Homer Simpson says warming a burrito in the microwave for one minute is too long to wait.

            This is probably their answer to a “slow” response time.

  3. Oh wow… I remember the USB phone article of his. I’ve been trying to create new drivers for some USB legacy hardware and it was his article that clued me into USBSnoop and USB Snoppy.

    Still have’t worked out any drivers though… Windows 8 is a real bastard to work with.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.