This article shows you how to use the USB/HID protocol under Windows to be able to send/receive USB packets from any USB devices connected to the PC. And without using DLL, just an application is needed.
(Visual Studio 2022 project)
Warning
This USB sniffer, because of its user mode method access to hardware, cannot read HID packets with RID at 0, it's due to Windows protection level to prevent keyloggers/spying software.

(Do not add 0x, else the application will crash, I haven't added 0x prefix support)
Introduction
This article shows you how to use the USB/HID protocol under Windows to be able to send/receive USB packets from any USB devices connected to the PC.
And without using DLL, just an application is needed.
Background
This article was possible with this WDK sample:
Basically, it's just a rewrite of this sample, but in a simple form.
Using the Code
Main code:
void Update()
{
while (true)
{
CheckHIDRead();
CheckHIDWrite();
Thread.Sleep(1);
}
}
CheckHIDRead()
and CheckHIDWrite()
are checking if we have press Read or Start button and if entered data (VID-PID-Usa***
) correspond to a connected USB Device.
This function returns the number of USB devices in order to scan them.
Int32 FindDeviceNumber()
{
var hidGuid = new Guid();
var deviceInfoData = new SP_DEVICE_INTERFACE_DATA();
HidD_GetHidGuid(ref hidGuid);
SetupDiDestroyDeviceInfoList(hardwareDeviceInfo);
hardwareDeviceInfo = SetupDiGetClassDevs(ref hidGuid, IntPtr.Zero,
IntPtr.Zero, DIGCF_PRESENT | DIGCF_DEVICEINTERFACE);
deviceInfoData.cbSize = Marshal.SizeOf(typeof(SP_DEVICE_INTERFACE_DATA));
var Index = 0;
while (SetupDiEnumDeviceInterfaces(hardwareDeviceInfo, IntPtr.Zero,
ref hidGuid, Index, ref deviceInfoData))
{
Index++;
}
return (Index);
}
This function returns a data structure of each USB device needed for Read()
and Write()
.
Int32 FindKnownHIDDevices(ref HID_DEVICE[] HID_Devices)
{
var hidGuid = new Guid();
var deviceInfoData = new SP_DEVICE_INTERFACE_DATA();
var functionClassDeviceData = new SP_DEVICE_INTERFACE_DETAIL_DATA();
HidD_GetHidGuid(ref hidGuid);
SetupDiDestroyDeviceInfoList(hardwareDeviceInfo);
hardwareDeviceInfo = SetupDiGetClassDevs(ref hidGuid, IntPtr.Zero,
IntPtr.Zero, DIGCF_PRESENT | DIGCF_DEVICEINTERFACE);
deviceInfoData.cbSize = Marshal.SizeOf(typeof(SP_DEVICE_INTERFACE_DATA));
var iHIDD = 0;
while (SetupDiEnumDeviceInterfaces(hardwareDeviceInfo, IntPtr.Zero,
ref hidGuid, iHIDD, ref deviceInfoData))
{
var RequiredLength = 0;
SetupDiGetDeviceInterfaceDetail(hardwareDeviceInfo, ref deviceInfoData,
IntPtr.Zero, 0, ref RequiredLength, IntPtr.Zero);
if (IntPtr.Size == 8)
{
functionClassDeviceData.cbSize = 8;
}
else if (IntPtr.Size == 4)
{
functionClassDeviceData.cbSize = 5;
}
SetupDiGetDeviceInterfaceDetail(hardwareDeviceInfo, ref deviceInfoData,
ref functionClassDeviceData, RequiredLength,
ref RequiredLength, IntPtr.Zero);
OpenHidDevice(functionClassDeviceData.DevicePath, ref HID_Devices, iHIDD);
iHIDD++;
}
return iHIDD;
}
This function extend FindKnownHIDDevices()
.
void OpenHIDDevice(String DevicePath, ref HID_DEVICE[] HID_Device, Int32 iHIDD)
{
HID_Device[iHIDD].DevicePath = DevicePath;
CloseHandle(HID_Device[iHIDD].Pointer);
HID_Device[iHIDD].Pointer = CreateFile(HID_Device[iHIDD].DevicePath,
GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ |
FILE_SHARE_WRITE, 0, OPEN_EXISTING, 0, IntPtr.Zero);
HID_Device[iHIDD].Caps = new HIDP_CAPS();
HID_Device[iHIDD].Attributes = new HIDD_ATTRIBUTES();
HidD_FreePreparsedData(ref HID_Device[iHIDD].Ppd);
HID_Device[iHIDD].Ppd = IntPtr.Zero;
HidD_GetPreparsedData(HID_Device[iHIDD].Pointer, ref HID_Device[iHIDD].Ppd);
HidD_GetAttributes(HID_Device[iHIDD].Pointer, ref HID_Device[iHIDD].Attributes);
HidP_GetCaps(HID_Device[iHIDD].Ppd, ref HID_Device[iHIDD].Caps);
var Buffer = Marshal.AllocHGlobal(126);
{
if (HidD_GetManufacturerString(HID_Device[iHIDD].Pointer, Buffer, 126))
{
HID_Device[iHIDD].Manufacturer = Marshal.PtrToStringAuto(Buffer);
}
if (HidD_GetProductString(HID_Device[iHIDD].Pointer, Buffer, 126))
{
HID_Device[iHIDD].Product = Marshal.PtrToStringAuto(Buffer);
}
if (HidD_GetSerialNumberString(HID_Device[iHIDD].Pointer, Buffer, 126))
{
Int32.TryParse(Marshal.PtrToStringAuto(Buffer),
out HID_Device[iHIDD].SerialNumber);
}
}
Marshal.FreeHGlobal(Buffer);
}
Then come the two important functions that will make you able to read or write USB packets between a USB device and a PC.
void HIDRead(HID_DEVICE HID_Device)
{
ManufacturerName.Text = "Manufacturer: " + HID_Device.Manufacturer;
ProductName.Text = "Product: " + HID_Device.Product;
SerialNumber.Text = "SerialNumber: " + HID_Device.SerialNumber.ToString();
var HID_Report = new Byte[HID_Device.Caps.InputReportByteLength];
if (HID_Report.Length > 0)
{
var varA = 0U;
ReadFile(HID_Device.Pointer, HID_Report,
HID_Device.Caps.InputReportByteLength, ref varA, IntPtr.Zero);
Read_Output.Clear();
for (var Index = 0; Index < HID_Device.Caps.InputReportByteLength; Index++)
{
Read_Output.Text += HID_Report[Index].ToString("X2");
Read_Output.Text += " - ";
}
}
}
void HIDWrite(HID_DEVICE HID_Device)
{
var HID_Report = new Byte[HID_Device.Caps.OutputReportByteLength];
if (HID_Report.Length > 0)
{
HID_Report[0] = HIDWriteData.ReportID;
for (var Index = 0; Index < WriteData.Length; Index++)
{
if (Index + 1 < HID_Report.Length)
{
HID_Report[Index + 1] = WriteData[Index];
}
}
var varA = 0U;
WriteFile(HID_Device.Pointer, HID_Report,
HID_Device.Caps.OutputReportByteLength, ref varA, IntPtr.Zero);
}
}
To be able to do that, you'd need to set the following data before:
VendorID
ProductID
UsagePage
Usage
ReportID
But be careful, you'd need to set the correct values for all those parameters, if one is false
, you will not be able to send HID packets.
To read HID packets, you just need:
Also, you cannot read if the device cannot send data and you cannot write if the device cannot read data (defined by the HID Report Descriptor).
A device is defined by its VendorID
:ProductID
but shrunk into several functions defined by its UsagePage
, Usage
and ReportID
.
As an example, the first function of a mouse is to send coordinate data, so you can read data from PC and the second function is to receive mouse button customization data, so you can send data from PC.
And to set those variables, you need to read the HID Descriptor of the USB devices that you target, it can be retrieved with a USB sniffer as https://github.com/djpnewton/busdog or http://www.usblyzer.com/usb-analysis-features.htm
The HID Descriptor usually start with 0x05, 0x01.
And to learn to read HID Descriptor, use this tool: http://www.usb.org/developers/hidpage#HID Descriptor Tool
Because this code is just a rewrite of an old C code from the 90s, it works on all Windows Versions.
History
- 2nd October, 2019: Initial version
- 10th September, 2023: Project upgrade from Windows Forms .NET framework to WPF .NET Core
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.