These days, the most popular topic is the Xbox Kinect hacks and here we’ve a guide on How to Reverse engineer a USB.
USB is a very complex protocol, much more complicated than Serial or Parallel, SPI and even I2C. USB uses only two wires but they are not used as ‘receive’ and ‘transmit’ like serial, data is bidirectional and differential. What that means is that the data sent depends on the difference in voltage between the two data lines D+ and D-.
The fact that USB is also very structured makes it hackable, easy to reverse engineer — Its easy to grab the format of packets agreed upon and you don’t have to bother about checksums, they are pretty much abstract. Since every computer now made has a USB host core, that does a lot of the tough work for you, and there are many software libraries to assist you in doing a lot with USB.
How to Reverse Engineer Xbox Kinect Motor:
First thing first, you will need a Linux or Mac machine to get your first hands on USB debugging. Both these unix environments has a powerful tool called lsusb.
For linux, run lsusb -vv (ultra verbose) for Mac, run system_profiler SPUSBDataType
First thing you will have to grab is this PID, VID. Every type USB device must have a unique VID and PID. The VID is the manufacturer. In this case, 0x045e is the VID for Microsoft. All Microsoft products will have that VID. Each product has a different PID, so all Kinect Motors use PID 0x02b0 this doesn’t differ between two Kinects, they’ll both have the same PID.
Second thing that goes is the descriptor. A descriptor is a sort of ‘menu’ of what the device can do and how it likes to transfer data. In general, each device has one descriptor.
Learning in detail:
You can read the complete detailed guide at ladyada. It goes into depth on how USB works, how to record the communication, what to look for, how to deconstruct what you’ve found, and how to put it all to use. This is all done with real world data from the Kinect so you could easily follow along at home. There is source code available so you can download example and see how to control the device as well.
This a great tutorial. I’m sure you can become a good usb hacker by the time you are done reading it.