Problem
I have a device that when a particular application is on send data to that application. I need to cheat this data and retrieve certain information that is not displayed. The device is custom and for some reason has no data sheets. So have to sniff the communication and rebuild the commands sent from the application to this device. So I would like to achieve this in C# or C++. Right now I've tried every sniffing software and yes they sniff it, but I want to be able to know and retrieve the data and present it live.
The easiest way to do this is to put your software between the device and the other software. Next, review all the data and capture what you need.
To do this, use serial port loopback software. There's a lot of it out there. See http://virtual-serial-port.org.
A more complicated (but more passive!) Method is to monitor IOCTLs. I can't guide you how to do things that I don't know, but that's something to look at. The software at https://www.com-port-monitoring.com/ uses this method.
An alternative piece of software that gives you virtual serial ports is com0com (http://com0com.sourceforge.net/). However, it also has a hub functionality where the device output can be sent to many applications, which may or may not be useful to you, depending on whether you just need to monitor the output from the device or in both directions.
If nothing else it can give you some open source code to base your own sniffer on if you go down the device filter route. But if you go down this route, you may need to look at the driver's signature if you need it to work on 64-bit versions of Windows 10.
Top comments (2)
CEIWEI SerialPortMonitor
https://www.ceiwei.com/mt/product/showproduct.php?id=26&lang=en
Monitors and records and analyzes all serial port activity in the system and does not occupy the serial port; Ideal tool for tracking down problems that may arise during application or driver development, serial device testing and optimization, etc. It also provides filtering, search, data export and powerful data interception functions, which can intercept data flow and control flow information on specified ports and output monitoring log data to HTML, CSV, Ansi/Unicode text format data, and support automatic saving (redirecting to file) for analysis.
CEIWEI SerialPortMonitor can view the changes in port status (baud rate, data bits, check digits, stop bits), intercept upstream and downstream data, fast processing speed, high interception efficiency, and can display output data in decimal, decimal, base, base, 2, string can be displayed in different encodings, fully support Unicode/UTF8/UTF7 encoding and decoding of device data, support Modbus RTU/ ASCII protocol full resolution function.
CommMonitor functions:
Support monitoring COM port types: standard computer port, kernel virtual COM port, Bluetooth serial port, USB to serial port, etc.;
Can monitor and collect serial port data in real time;
Can monitor multiple serial ports at the same time;
Monitor serial ports that have been opened by other applications;
Support monitoring views: list view, Line view, Dump view, terminal view, Modbus view;
Support monitoring all Write/Read data streams of the serial port;
Supports monitoring of all serial port IOCTL control codes, request information and parameters;
Supports customized monitoring view data record colors, time formats, byte wrap lengths, byte display output in different numeric systems, etc.;
Support monitoring session management: save and load all monitoring data, export and redirect to file functions;
Supports data linkage display among list view, line view, and dump view;
Support custom IRP/IOCTL filtering tools;
Support monitoring serial port Modbus protocol analysis, support RTU, ASCII mode;
Copy all recorded data to the clipboard (requires enterprise version registration);
Supports monitoring view log data export to HTML, CSV, Ansi/Unicode text documents, and supports automatic redirection to files. Log files can be divided and stored by time range, file size, etc. (requires registration for the enterprise version).
Online version users, if there is an Internet connection, use the WeChat applet and scan the CommMonitor serial port monitoring wizard QR code, and they will automatically log in successfully;
Online version users, when there is no network, use the WeChat applet to scan the login QR code of the CommMonitor serial port monitoring wizard software, and then enter the authorization login code to verify the login.
download: ceiwei.com/down/CEIWEI_SerialPortM...
Supports Windows XP, Winsta, Win7, Win8, Win10, Win11 32/64-bit system platforms.
Some comments may only be visible to logged-in visitors. Sign in to view all comments.