Releases: desowin/usbpcap
1.5.4.0 - Fix reported endpoint numbers in specific cases
USBPcap 1.5.4.0 is compatible with Windows 7, 8 and 10 - both 32 and 64-bit. Windows XP and Vista are no longer supported because it is no longer possible to obtain SHA-1 Kernel Mode Code Signing certificate. Windows 7 requires KB3033929 or KB4474419 installed.
USBPcapCMD does not feature any changes since 1.5.3.0.
USBPcapDriver changes since 1.5.3.0:
- Update endpoint information on handle reuse (#98). In all USBPcap releases before 1.5.4.0, a series of SET INTERFACE/CONFIGURATION calls could result in handle reuse and in turn captures can contain incorrect endpoint information in captured packets.
1.5.3.0 - USBPcapCMD snapshot length handling fix
USBPcap 1.5.3.0 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD changes since 1.5.2.0:
- Pass snapshot length to elevated worker (#86). In USBPcap 1.2.0.1 - 1.5.2.0, the snapshot length was ignored if USBPcapCMD was called from process that does did not have elevated privileges.
USBPcapDriver does not feature any changes since 1.5.2.0.
1.5.2.0 - Occasional invalid control transfer setup data fix
USBPcap 1.5.2.0 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD does not feature any changes since 1.5.1.0.
USBPcapDriver changes since 1.5.1.0:
- Do not rely on SetupPacket inside URB_FUNCTION_CONTROL_TRANSFER when the URB travels back from PDO. On some Windows/USB Root Hub/USB device configurations the SetupPacket contains invalid data if the URB travelled down the stack with URB function code other than URB_FUNCTION_CONTROL_TRANSFER.
1.5.1.0 - USB 3.0 control transfer capture regression fix
USBPcap 1.5.1.0 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD does not feature any changes since 1.5.0.0.
USBPcapDriver changes since 1.5.0.0:
- Capture URB_FUNCTION_GET_CURRENT_FRAME_NUMBER as USBPCAP_TRANSFER_IRP_INFO
- Fix USB 3.0 control transfer capture regression introduced in USBPcap 1.4.1.0
When USB 3.0 device was connected to USB 3.0 Root Hub on Windows 10, the DEVICE and CONFIGURATION descriptors were not properly captured (they appeared as USBPCAP_TRANSFER_UNKNOWN). This did not happen for USB 2.0 devices connected to USB 3.0 Root Hub or for USB 3.0 devices connected to USB 2.0 Root Hub.
1.5.0.0 - New control transfer capture to solve Wireshark dissection problems
USBPcap 1.5.0.0 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD changes since 1.4.1.0:
- Use new SETUP/COMPLETE control transfer stage designation in injected descriptors
USBPcapDriver changes since 1.4.1.0:
- Add USBPCAP_TRANSFER_IRP_INFO (0xFE) to make it possible to record information that is
generally relevant but does not directly map to any transfer type - Use actual device address for unknown endpoints
- Use new SETUP/COMPLETE control transfer stage designation in control transfers
- Reduce NonPagedPool memory usage when capturing isochronous IN packets
All Wireshark versions aware of USBPcap pseudoheader format will correctly dissect the USB control payload recorded using new control transfer SETUP/COMPLETE mechanism. This change solves multiple issues related to control transfer dissection while breaking relatively few things. Third party tools developers might want to check if their tool correctly handles the new USBPcap control stages.
1.4.1.0 - Capture driver fixes
USBPcap 1.4.1.0 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD changes since 1.4.0.0:
- Remove the 65535 upper limit on Wireshark extcap interface snaplen parameter
- Fix URB function codes of already connected devices injected descriptors
USBPcapDriver changes since 1.4.0.0:
- Capture packets with unsuccessful status codes
- Rework control transfer capture so the captured Setup data is more likely to match what was sent to device
- Correctly capture isochronous OUT data (fixes regression introduced in USBPcap 1.3.0.0)
- Log both FDO->PDO (submit) and PDO->FDO (complete) for bulk and interrupt transfers
1.4.0.0 - Improved Wireshark extcap interface
USBPcap 1.4.0.0 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD changes since 1.3.0.0:
- Inject already connected USB devices descriptors (DEVICE and CONFIGURATION) into capture data at capture start
- Wireshark extcap option to inject (or not) the descriptors into capture data
USBPcapDriver changes since 1.3.0.0:
- Allow unlimited number of unpriviledged handles (capture still is exclusive)
- Stop URB filtering after capture finishes
- Add USB\ROOT_HUB30 to standard HWIDs list
- Do not include control packets with 0-byte DATA stage (there is no DATA stage if there's no data to transfer)
- Generic unhandled URB capture as USBPCAP_TRANSFER_UNKNOWN (0xFF)
1.3.0.0 - USBPcapDriver capture fixes
USBPcap 1.3.0.0 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD fixes:
- Fix stdin problem found by Application Verifier
- Close USBPcap filter handle before enumeration
USBPcapDriver fixes:
- Fix isochronous buffer capture
- Fix control transfers data stage capture
Known bugs:
- USBPcapCMD reports version 1.2.0.4 instead of 1.3.0.0.
1.2.0.4 - USBPcapCMD fixes
USBPcap 1.2.0.4 is compatible with Windows XP, Vista, 7, 8 and 10 - both 32 and 64-bit.
USBPcapCMD fixes:
- Fixed full CPU core utilization during capture when using USBPcapCMD as extcap (#32)
- Extra sanity checks during enumeration in order to prevent freezing Wireshark when used as extcap (#50)
- Reworked command line arguments handling so it works with Wireshark 2.9 (#51)
- Fixed USBPcapCMD on Windows XP (it wasn't working at all)
- Fix synchronization problems on exit, now pressing 'q' in the USBPcapCMD console window should exit pretty much immadietely
- Add version information
- Print note about -A in case of empty capture (#45)
Driver is the same as in USBPcap 1.2.0.3 release.
Windows 10 Attestation signed driver
Contains Windows 10 Attestation signed driver. Otherwise the same as 1.2.0.2.