Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 6045] New: Dissector for the Apple USB Multiplexing (USBMU

Date: Mon, 20 Jun 2011 13:23:45 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6045

           Summary: Dissector for the Apple USB Multiplexing (USBMUX)
                    protocol
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: tyson.key@xxxxxxxxx


Created an attachment (id=6525)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=6525)
Mercurial revision 502 (69f4acb4eed8) of the dissector

Build Information:
Version 1.7.0 (SVN Rev 37346 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.22.0, with GLib 2.26.0, with libpcap
1.2.0-PRE-GIT_2011_03_23, with libz 1.2.5, with POSIX capabilities (Linux),
without libpcre, with SMI 0.4.8, without c-ares, without ADNS, without Lua,
without Python, without GnuTLS, without Gcrypt, without Kerberos, without
GeoIP,
without PortAudio, without AirPcap.

Running on Linux 2.6.35.6-45.fc14.i686, with libpcap version
1.2.0-PRE-GIT_2011_03_23, with libz 1.2.5.

Built using gcc 4.5.1 20100924 (Red Hat 4.5.1-4).

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
I've recently written a basic dissector for the Apple USBMUX protocol (which
encapsulates TCP traffic), as used by devices running the iPhone OS, using a
combination of guesswork/reverse-engineering and consulting various documents
from around the Web.

It currently dissects the first few bytes of the packet header, and a hacky
attempt is made to dissect the actual TCP payload - although despite trying
various techniques for payload extraction, it doesn't quite work as I'd expect.

I'm submitting it in the hope that others find it somewhat useful, or have
better ideas as far as payload extraction is concerned.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.