使用Ubuntu下usb抓包工具(usbmon)进行数据抓取的一次记录

前言

使用反汇编还原的库调试打印机网络作业设置,打印出来的日志与原库有出入,在usb传输处始终有偏差。

调用反汇编还原的库:

DEBUG: Net_OnlyGetDataSizeFromReplyHdr:: In 
DEBUG: getNetDataByPrinterPipe:: No data need to readback 
DEBUG: getNetDataByPrinterPipe:: Out. rc = 1 

调用原库:

DEBUG: Net_OnlyGetDataSizeFromReplyHdr:: In 
DEBUG: getNetDataByPrinterPipe:: readByte = 344 
DEBUG: getNetDataByPrinterPipe:: malloc revBuf 344 bytes success. 
DEBUG: getNetDataByPrinterPipe:: Read Data Success 
DEBUG: getNetDataByPrinterPipe:: Receive Data, transferred = 344 
DEBUG: getNetDataByPrinterPipe:: Out. rc = 1 

usb传输 原库汇编片段:

.text:0000000000046C4E                 mov     esi, [lpPrinter+220h]
.text:0000000000046C54                 lea     rdi, aGetnetdatabypr_12
.text:0000000000046C5B                 xor     eax, eax
.text:0000000000046C5D                 call    _DbgMsg
.text:0000000000046C62                 movzx   esi, byte ptr [lpPrinter+220h]
.text:0000000000046C69                 mov     rdi, [rsp+0B8h+handle]
.text:0000000000046C6E                 mov     r9d, 1388h
.text:0000000000046C74                 mov     ecx, [rsp+0B8h+bufSize]
.text:0000000000046C78                 mov     r8, r12
.text:0000000000046C7B                 mov     rdx, r13
.text:0000000000046C7E                 call    _libusb_bulk_transfer
.text:0000000000046C83 errcode = rax                           ; int
.text:0000000000046C83                 test    eax, eax
.text:0000000000046C85                 mov     esi, eax
.text:0000000000046C87                 lea     rdi, aGetnetdatabypr_13
.text:0000000000046C8E                 js      short loc_46CCF
.text:0000000000046C90                 lea     rdi, aGetnetdatabypr_14
.text:0000000000046C97                 xor     eax, eax
.text:0000000000046C99 errcode = rsi                           ; int
.text:0000000000046C99                 call    _DbgMsg
.text:0000000000046C9E                 movzx   esi, byte ptr [lpPrinter+21Ch]
.text:0000000000046CA5                 mov     rdx, [rsp+0B8h+readBack]
.text:0000000000046CAA                 mov     r9d, 1388h
.text:0000000000046CB0                 mov     rdi, [rsp+0B8h+handle]
.text:0000000000046CB5                 mov     r8, r12
.text:0000000000046CB8                 mov     ecx, 20h
.text:0000000000046CBD                 call    _libusb_bulk_transfer
.text:0000000000046CC2 errcode = rax                           ; int
.text:0000000000046CC2                 test    eax, eax
.text:0000000000046CC4                 jns     short loc_46CDE
.text:0000000000046CC6                 lea     rdi, aGetnetdatabypr_15
.text:0000000000046CCD                 mov     esi, eax
.text:0000000000046CCF
.text:0000000000046CCF loc_46CCF:                              ; CODE XREF: getNetDataByPrinterPipe+2D0↑j
.text:0000000000046CCF                 xor     eax, eax
.text:0000000000046CD1 errcode = rsi                           ; int
.text:0000000000046CD1                 call    _DbgMsg
.text:0000000000046CD6
.text:0000000000046CD6 loc_46CD6:                              ; CODE XREF: getNetDataByPrinterPipe+343↓j
.text:0000000000046CD6                 xor     r14d, r14d
.text:0000000000046CD9                 jmp     loc_46D92
.text:0000000000046CDE ; ---------------------------------------------------------------------------
.text:0000000000046CDE
.text:0000000000046CDE loc_46CDE:                              ; CODE XREF: getNetDataByPrinterPipe+306↑j
.text:0000000000046CDE inBuf = r14                             ; BYTE *
.text:0000000000046CDE errcode = rax                           ; int
.text:0000000000046CDE                 lea     rdi, aGetnetdatabypr_16
.text:0000000000046CE5                 xor     eax, eax
.text:0000000000046CE7                 call    _DbgMsg
.text:0000000000046CEC                 cmp     [rsp+0B8h+transferred], 20h
.text:0000000000046CF1                 jz      short loc_46D03
.text:0000000000046CF3                 lea     rdi, aGetnetdatabypr_17
.text:0000000000046CFA                 xor     eax, eax
.text:0000000000046CFC                 call    _DbgMsg
.text:0000000000046D01                 jmp     short loc_46CD6
.text:0000000000046D03 ; ------------------------------------------------------------------
  • 1
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 1
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值