Vulnerability Development mailing list archives

Re: is any one sniffing comports on win2k or XP?

From: yatima <sa7ori () broken blackroses com>
Date: Fri, 26 Jul 2002 18:28:47 -0400 (EDT)

I am not altogether familiar with your predicament. But with a bit of
elbow grease/common sence I am sure you can whip up a simple hardware
splitter. then you can watch the datastream from both machine to device
without conflicts/etc. I imagine the only difficult part (if not
documented with the device) will be determining comm parameters (baud
rate, etc). Another issue is getting the pinouts right (if the cable is
fixed on the device it might cross (or not) pins within the cable that
convert it from null to otherwise. You can trial/error this, or use a
serial LED device (device with bi-color leds for each pin). Using the
device you can test your splitter by putting it between the device and the
computer (as normally connected) noting the led states. Using the LED
states as a reference build a splitter to replicate the pin
configuration. If the device isnt entirely  proprietary, you shouldnt have
any problems intializing by replicating  the init sequences, however the
possibility does exist that drivers/etc for the software has an abstract
layer above the commport connection where the
device itself may handshake with the machine. For ps/2 AT
barcode/magstripe/etc devices this wouldnt be an issue, but with a serial
device this is a possibility, and as such should be a consideration.
Just an idea from a ranting neophy
I am not an electrical engineer, nor do I have similar inclinations,
Infact, I am made entirely of cheese.

On Fri, 26 Jul 2002, KF wrote:

I have an application that I need to steal data from. This application
is initalizing a bar code reader and I would like to see the escape
sequences that are used to initialize this particular device. There are
bajillions of DOS apps that claim to spy on a com port but I have had no
luck with them. Every app I try to use results in a com port in use
error when I fire up the app I want to sniff. Does anyone have any
applications to try? I need one that will allow me to monitor a comport
passively in win2k or XP and it must at the same time allow another
application to query or connect to the com port. I need to be able to
see the data being passed back and forth between the application and the
device.
-KF

Current thread:

is any one sniffing comports on win2k or XP? KF (Jul 26)
- RE: is any one sniffing comports on win2k or XP? Dom De Vitto (Jul 26)
- Re: is any one sniffing comports on win2k or XP? yatima (Jul 26)
  - Re: is any one sniffing comports on win2k or XP? KF (Jul 26)
- Re: is any one sniffing comports on win2k or XP? Catfish (Jul 26)
- Re: is any one sniffing comports on win2k or XP? julian linton (Jul 28)
- <Possible follow-ups>
- Re: is any one sniffing comports on win2k or XP? wozz (Jul 29)
- RE: is any one sniffing comports on win2k or XP? Brian Brotschi (Jul 29)