Trying to collect samples of USB descriptor data
Hello,
I'm working on an open-source project called USBGuard (currently in
the process of being packaged for Debian[1]) which aims to provide an
user-space framework that complements the USB device authorization
feature[2] in the Linux kernel. There are parts which deal with USB
descriptor data and I would like to test them thoroughly (fuzzing,
etc.). For that I need some samples of the USB descriptor data. I can
generate some samples but it's always a good idea to have real world
samples.
Now to my actual request. I wrote a script[3] for collecting USB
descriptor data from a Linux based system and I would like you to help
me by running this script on your system (should work without root)
and send me the results to dnk.usbdev@gmail.com or by other means,
whatever is convenient for you. The script is very simple and it
should be easy to check that it doesn't do anything malicious.
If you own some "exotic" USB devices, please connect them before
running the script.
Here's a short description of what the script does:
1. It looks for usb devices in /sys/bus/usb/devices
2. For each device it:
- computes the sha1 of the USB descriptors (the "descriptors" file in
the device sub-directory)
- copies the "descriptors" file into a temporary directory
- counts the number of configuration, interface and endpoint
descriptors using lsusb and saves this information in the temporary
directory
3. Compresses the temporary directory -- the archive is the result.
4. Removes the temporary directory
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825302
[2] https://www.kernel.org/doc/Documentation/usb/authorization.txt
[3] https://raw.githubusercontent.com/dkopecek/usbguard/master/scripts/usb-descriptor-collect.sh
Thank you!
Reply to: