Cheat Engine

[Fronzel]

I have recently got my Luxeed Keyboard http://fronzeltech.blogspot.com/2008/11/my-luxeed-keyboard-finally-arrived.html and the included driver STINKS. Well generally speaking it is not really a driver, its all about the binary that communicates with the USB Keyboard. STill as it is kinda directly communicating with the hardware i use the term "driver".


The idea is obvious - write a better software yourself. Well should be easy, but to mimic the crap software by luxeed one would need to understand what the original is doing. This is my current problem.


So the first step is to just haul dependency walker over the exe which immediately reveals what kind of terrible code grave the exe is. It contains obviously DOZENS of modules and functions that arent even used at all. For example it includes many winamp plugin sources, some even with copyright marks of the original authors - but as the program doesnt have any interface or plugin or options for winamp i assume they just pasted all kinds of modules/sources they could grab in the project - never used it and compiled without removing these.

So the dependency walker comes up with like 50 dlls being linked - but it is also obvious that not even half of these really get used.

Another peek into the exe with resorce hacker reveals that there are also some forms that dont seem to be used as well as unused graphics, etc.


However - i have been unable to really track down the interesting part, like "where does it send the command to the keyboard to light up key XY or start the rainbow animation".


I tried debugging - but if you dont think and dream in assembler it seems to be of very limited use for me. I turned on IdaPro and hell yeah - i can see at what offeset i would find the entry point and blah - well i dont think i need to mention that all these valuable infos have limited use unless you REALLY understand assembler.


Can anyone here give me some general hints on an approach to this problem? I thought about sniffing the USB device itself with USB Snoop, but that crappy tool simply didnt work for me. It looked like it sniffed but never produced any result.

Or is there a tool to sniff IPC (Inter process communication)???


Any help, idea or tip appreciated, thanks in advance!!!

[sloppy]

I've used http://openlibsys.org/ in the past to write directly to the keyboard port. Example code,

[Fronzel]

Yeah i think with openlibsys i could communicate with the hardware. My problem is that i lack the knowledge what the program is actually sending to the keyboard to activate the lights and animations. The normal scancode is not the problem, that the keyboard send a keydown when you press a key is obvious, what i want to find out is what the soft sends to the USB driver to say like "Hey keyboard, please turn on the rainbow animation" or "hey keyboard, now turn on green lighting for the keys R and V at intensity 7".

This is actually all i need to know. I am dangerous enough to utilize the same dlls the included crap tool uses and send the same commands, i just need to know what commands it actually sends.

As i said i still think the USB Snoopy would be the right tool to sniff a USB device - however it doesnt seem to work on my Win XP 64 or i just dont understand it. I hoped someone knows a super tool that does something similar. Thanks however for your kind help!

[sloppy]

Ahh whoops, I didn't actually check your blog link.. funky new keyboard you got there. Try googling for alternatives to USB Snoopy, Advanced USB Port Monitor, USB Monitor (DMS), etc. Shouldn't really matter which you use, once you can read the packets it's just a matter of sending them back with libusb.

[Fronzel]

Man that advanced USB monitor was exactly what i was looking for. Thanks a lot, you really made my day.