Skip to content

Home

Jump to bottom
X3n0m0rph59 edited this page May 20, 2023 · 3 revisions

Welcome to the Eruption wiki

Introduction

Here you will find some hopefully useful information on how to get your device supported by Eruption by capturing the traffic of the OEMs Windows-based software.

What is required to get your device supported by Eruption?

We need a Wireshark packet trace file in the pcapng format of the following steps:

  • The initialization sequence of the device, as performed by the OEM driver software
  • The sequence that configures the device to accept RGB color values, e.g. AIMO mode on ROCCAT devices (only necessary if it is not the default mode)
  • A few trace samples of "color setting" operations, as performed by the OEM driver software

Which Software do I need to do this?

On the Linux-side you will basically need Wireshark and a Windows 10 VM or a Windows 11 VM running the OEM software.

  • Loaded the usbmon Linux kernel module
  • A Windows 10 VM or a Windows 11 VM with e.g. ROCCAT Swarm installed
  • Wireshark: Wireshark-qt works great
  • Fully updated device firmware and latest OEM software
  • A second mouse or other pointing device would be very helpful

Steps

Basically we need a *.pcapng file of the initialization sequence of the hardware device, as sent by the OEM software as well as a few samples where it sets the RGB colors.

Please perform the following steps in roughly that order

  • Load the usbmon Linux kernel module that creates a virtual network device which allows for capturing USB traffic using Wireshark
$ sudo modprobe usbmon
  • Determine the USB bus address of the device: You may want to use the lsusb command on the host to find out the USB bus and device number that your device is connected to
$ lsusb
...
Bus 001 Device 006: ID 1e7d:343b ROCCAT ROCCAT Aimo Pad Wide
...

  • Start up Wireshark

  • Boot the Windows VM

  • Start capturing the traffic on the usbmon device for the previously determined USB bus. If you have multiple devices connected to the same USB bus, you may want to narrow down the captured traffic to the specific device. This can be achieved by specifying a filter in wireshark, for example the following filter would only capture USB bus 1 device number 6 (all device-specific endpoints)

usb.addr contains "1.6"

  • Enable USB forwarding of the device to the Windows VM

  • Start the OEM driver software, e.g.: ROCCAT Swarm: This will send the full initialization sequence to the forwarded device (please use factory settings. If the device supports hardware-native effects and software effects as well, you would have to enable software-controlled effects. For ROCCAT devices, the LED mode would have to be AIMO)

  • After the device has been initialized, you should see the OEM driver changing the colors on the device

  • Capture a few seconds of these 'color' packets

  • In Wireshark: Please save the capture as a *.pcapng file

With that captured data, we should be able to reverse engineer a subset of the protocol and get the device initialized and the LEDs up and running.

https://wiki.wireshark.org/CaptureSetup/USB

Clone this wiki locally