Simple tool to parse usbsnoop-logs

git-svn-id: svn+ssh://localhost/home/henryk/svn/cyberflex-shell/trunk@168 f711b948-2313-0410-aaa9-d29f33439f0b
2007-01-17 09:15:37 +00:00 · 2007-01-17 09:15:37 +00:00 · 48a204816c
parent a7a36c1dd2
commit 48a204816c
2 changed files with 75 additions and 1 deletions
--- a/cyberflex-shell.e3p
+++ b/cyberflex-shell.e3p
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE Project SYSTEM "Project-3.7.dtd">
 <!-- Project file for project cyberflex-shell -->
-<!-- Saved: 2007-01-12, 12:30:01 -->
+<!-- Saved: 2007-01-17, 10:14:44 -->
 <!-- Copyright (C) 2007 Henryk Plötz, henryk@ploetzli.ch -->
 <Project version="3.7">
  <ProgLanguage mixed="0">Python</ProgLanguage>
@ -84,6 +84,9 @@
      <Dir>cards</Dir>
      <Name>seccos_card.py</Name>
    </Source>
+    <Source>
+      <Name>parse-usbsnoop.py</Name>
+    </Source>
  </Sources>
  <Forms>
  </Forms>
--- a/parse-usbsnoop.py
+++ b/parse-usbsnoop.py
@ -0,0 +1,71 @@
+#!/usr/bin/env python
+# -*- coding: iso-8859-1 -*-
+
+import sys, utils, binascii
+
+def parse_file(fname):
+    fp = file(fname)
+    
+    in_block = False
+    is_rfid = False
+    line_no = 0
+    direction = 0
+    data = []
+    last_was_transfer_buffer = False
+    
+    for line in fp.readlines():
+        if not in_block:
+            if last_was_transfer_buffer:
+                parts = line.split(":")
+                if parts[0] == "    00000000":
+                    if parts[1][:3] == " 6f":
+                        in_block = True
+                        direction = 0
+                        line_no = 0
+                        is_rfid = False
+                        data = []
+                    elif parts[1][:3] == " 80":
+                        in_block = True
+                        direction = 1
+                        line_no = 0
+                        is_rfid = False
+                        data = []
+                    elif parts[1][:3] == " 6b":
+                        in_block = True
+                        direction = 0
+                        line_no = 0
+                        is_rfid = True
+                        data = []
+                    elif parts[1][:3] == " 83":
+                        in_block = True
+                        direction = 1
+                        line_no = 0
+                        is_rfid = True
+                        data = []
+            if in_block and (not is_rfid or line_no > 0):
+                data = [ parts[1][31:] ]
+        else:
+            if not ":" in line:
+                in_block = False
+                data_binary = binascii.a2b_hex("".join("".join(data).split()))
+                if not is_rfid:
+                    print (direction and "<< " or ">> ") + utils.hexdump(data_binary, indent=3)
+                    if direction == 1: print
+                elif len("".join(data).strip()) > (direction == 0 and 8 or 2) and data_binary not in ("\x00"*5, "\x70\x08\x35\x2d\x66\x76", "\x43\x4f\x53\x73\x01\x02\x01"):
+                    print (direction and "«« " or "»» ") + utils.hexdump(data_binary, indent=3)
+                    if direction == 1: print
+            else:
+                line_no = line_no + 1
+                if (not is_rfid or line_no > 1):
+                    data.append( line.split(":")[1] )
+                elif is_rfid and line_no == 1:
+                    data.append( line.split(":")[1][6:] )
+        
+        last_was_transfer_buffer = "TransferBufferMDL" in line
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print >>sys.stderr, "Need one argument"
+        sys.exit(1)
+    
+    parse_file(sys.argv[1])