Hello, I'm working on an open-source project called USBGuard (Fedora package:
https://admin.fedoraproject.org/pkgdb/package/rpms/usbguard/) which aims to
provide an user-space framework that complements the USB device authorization
feature[1] in the Linux kernel. There are parts which deal with USB descriptor
data and I would like to test them thoroughly (fuzzing, etc.). For that I need
some samples of the USB descriptor data. I can generate some samples but it's
always a good idea to have real world samples.
Now to my actual request. I wrote a script[2] for collecting USB descriptor
data from a Linux based system and I would like you to help me by running this
script on your system (should work without root) and send me the results to
dnk.usb...@gmail.com or by other means, whatever is convenient for you. The
script is very simple and it should be easy to check that it doesn't do
anything malicious.
Here's a short description of what the script does:
1. It looks for usb devices in /sys/bus/usb/devices
2. For each device it:
- computes the sha1 of the USB descriptors (the "descriptors" file in the
device sub-directory)
- copies the "descriptors" file into a temporary directory
- counts the number of configuration, interface and endpoint descriptors
using lsusb and saves this information in the temporary directory
3. Compresses the temporary directory -- the archive is the result.
4. Removes the temporary directory
[1] https://www.kernel.org/doc/Documentation/usb/authorization.txt
[2]
https://raw.githubusercontent.com/dkopecek/usbguard/master/scripts/usb-descriptor-collect.sh
Thank you!
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
