fgsect
scat S10 basics
Hi . I am trying to figure out how to use this tool to improve my understanding of Mobile devices and telecom. I have S10 Sm-G975F, rooted, and DNDIS +ACM+DM+ADB", lsusb gives me following output. root@ubuntu:/home/vmware/Desktop/scat-master# lsusb Bus 001 Device 027: ID 04e8:6862 Samsung Electronics Co., Ltd SAMSUNG_Android Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 002 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub Bus 002 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
python3 scat.py -t sec -m e303 -u gives me following output and eror . Please guide.
root@ubuntu:/home/vmware/Desktop/scat-master# python3 scat.py -t sec -m e303 -u
CONFIGURATION 1: 64 mA ===================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x2 Configuration
wTotalLength : 0xbb (187 bytes)
bNumInterfaces : 0x6
bConfigurationValue : 0x1
iConfiguration : 0x4 Conf 1
bmAttributes : 0x80 Bus Powered
bMaxPower : 0x20 (64 mA)
INTERFACE 0: Wireless Controller =======================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x0
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0xe0 Wireless Controller
bInterfaceSubClass : 0x1
bInterfaceProtocol : 0x3
iInterface : 0x5 RNDIS Communications Control
ENDPOINT 0x82: Interrupt IN ==========================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x82 IN
bmAttributes : 0x3 Interrupt
wMaxPacketSize : 0x8 (8 bytes)
bInterval : 0x9
INTERFACE 1: CDC Data ==================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x1
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xa CDC Data
bInterfaceSubClass : 0x0
bInterfaceProtocol : 0x0
iInterface : 0x6 RNDIS Ethernet Data
ENDPOINT 0x81: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x81 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x1: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x1 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 2: CDC Communication =========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x2
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0x2 CDC Communication
bInterfaceSubClass : 0x2
bInterfaceProtocol : 0x1
iInterface : 0x9 CDC Abstract Control Model (ACM)
ENDPOINT 0x84: Interrupt IN ==========================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x84 IN
bmAttributes : 0x3 Interrupt
wMaxPacketSize : 0xa (10 bytes)
bInterval : 0x9
INTERFACE 3: CDC Data ==================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x3
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xa CDC Data
bInterfaceSubClass : 0x0
bInterfaceProtocol : 0x0
iInterface : 0xa CDC ACM Data
ENDPOINT 0x83: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x83 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x2: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x2 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 4: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x4
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x10
bInterfaceProtocol : 0x1
iInterface : 0x0
ENDPOINT 0x85: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x85 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x3: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x3 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 5: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x5
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x42
bInterfaceProtocol : 0x1
iInterface : 0xd Samsung Android DM
ENDPOINT 0x4: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x4 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x86: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x86 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
2020-01-03 20:25:03,104 scat.samsungparser (stop_diag) INFO: Stopping diag
Traceback (most recent call last):
File "scat.py", line 149, in
Sorry for checking this late. In this case, could you please try with -t sec -m e333 -i 4 or -t sec -m e333 -i 5option? One USB device can expose multiple interfaces, and diagnostic interface is usually classified as bInterfaceClass : 0xff Vendor Specific. I am seeing two interfaces with the said value, the DIAG interface should be one of them.
Thanks for your reply. Sorry for checking it so late. It is still not working . I tried to connect with both the interface with follow result.
- with int 4 nothing happens. even after trying for 30 mins and switching airplane mode on and off.
- with int 5 the mobile disconnect from the usb port and connect back. https://user-images.githubusercontent.com/59494950/104130905-2b806780-5395-11eb-8576-0235c1a5e2ea.mp4
please advise. also if connecting on WhatsApp is possible it will be very much appreciated.
Thanks
https://user-images.githubusercontent.com/59494950/104130883-04c23100-5395-11eb-8c26-9fb034729add.mp4
Fresh Error 10-Jan-2021 ..
┌──(kali㉿kali)-[~/scat] └─$ sudo python3 scat.py -t sec -m e333 -i 5 -u -F sim1.pcap
CONFIGURATION 1: 64 mA ===================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x2 Configuration
wTotalLength : 0xbb (187 bytes)
bNumInterfaces : 0x6
bConfigurationValue : 0x1
iConfiguration : 0x4 Conf 1
bmAttributes : 0x80 Bus Powered
bMaxPower : 0x20 (64 mA)
INTERFACE 0: Wireless Controller =======================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x0
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0xe0 Wireless Controller
bInterfaceSubClass : 0x1
bInterfaceProtocol : 0x3
iInterface : 0x5 RNDIS Communications Control
ENDPOINT 0x82: Interrupt IN ==========================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x82 IN
bmAttributes : 0x3 Interrupt
wMaxPacketSize : 0x8 (8 bytes)
bInterval : 0x9
INTERFACE 1: CDC Data ==================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x1
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xa CDC Data
bInterfaceSubClass : 0x0
bInterfaceProtocol : 0x0
iInterface : 0x6 RNDIS Ethernet Data
ENDPOINT 0x81: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x81 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x1: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x1 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 2: CDC Communication =========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x2
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0x2 CDC Communication
bInterfaceSubClass : 0x2
bInterfaceProtocol : 0x1
iInterface : 0x9 CDC Abstract Control Model (ACM)
ENDPOINT 0x84: Interrupt IN ==========================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x84 IN
bmAttributes : 0x3 Interrupt
wMaxPacketSize : 0xa (10 bytes)
bInterval : 0x9
INTERFACE 3: CDC Data ==================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x3
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xa CDC Data
bInterfaceSubClass : 0x0
bInterfaceProtocol : 0x0
iInterface : 0xa CDC ACM Data
ENDPOINT 0x83: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x83 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x2: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x2 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 4: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x4
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x10
bInterfaceProtocol : 0x1
iInterface : 0x0
ENDPOINT 0x85: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x85 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x3: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x3 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 5: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x5
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x42
bInterfaceProtocol : 0x1
iInterface : 0xd Samsung Android DM
ENDPOINT 0x4: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x4 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x86: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x86 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
2021-01-10 12:37:57,282 scat.samsungparser (stop_diag) INFO: Stopping diag
2021-01-10 12:37:57,285 scat.samsungparser (init_diag) INFO: Initialize diag
Traceback (most recent call last):
File "scat.py", line 160, in
Thanks for your reply. Sorry for checking it so late. It is still not working . I tried to connect with both the interface with follow result.
- with int 4 nothing happens. even after trying for 30 mins and switching airplane mode on and off.
- with int 5 the mobile disconnect from the usb port and connect back. https://user-images.githubusercontent.com/59494950/104130905-2b806780-5395-11eb-8576-0235c1a5e2ea.mp4
please advise. also if connecting on WhatsApp is possible it will be very much appreciated.
Thanks
Scat.Capture.mp4