๐Ÿ“ฆ cyrozap / tools-for-tdc

Reverse engineering and documenting the ".tdc" capture file format used by Total Phase Data Center (TPDC) / Beagle USB analyzers.

โ˜… 4 stars โ‘‚ 0 forks ๐Ÿ‘ 4 watching โš–๏ธ GNU General Public License v3.0
tools-for-tdc
๐Ÿ“ฅ Clone https://github.com/cyrozap/tools-for-tdc.git
HTTPS git clone https://github.com/cyrozap/tools-for-tdc.git
SSH git clone git@github.com:cyrozap/tools-for-tdc.git
CLI gh repo clone cyrozap/tools-for-tdc
ZIP Desktop VS Code
cyrozap cyrozap Add handler for record 0x031d 82eafce 29 days ago ๐Ÿ“ History
๐Ÿ“‚ master View all commits โ†’
๐Ÿ“ doc
๐Ÿ“ tools
๐Ÿ“„ COPYING.txt
๐Ÿ“„ README.md
๐Ÿ“„ README.md

Tools for TDC

This project is an effort to reverse engineer and document the .tdc capture file format used by Total Phase Data Center. Total Phase Data Center (TPDC) is proprietary software needed to use Total Phase's protocol analyzer products, including their Beagle USB 5000 SuperSpeed Protocol Analyzer.

The goal of this project is to understand enough of the .tdc capture file format to write a tool to be able to convert them to PCAP-NG format, to enable users of Beagle USB protocol analyzers to take advantage of Wireshark's wide array of protocol dissectors and plugin ecosystem.

This project was started in large part because Total Phase has a webpage that "explains" how to export USB captures to PCAP, but their "explanation" leaves the writing of the code to do the conversion as an exercise to the reader.

Disclaimer

This project is not affiliated with, sponsored by, endorsed by, or in any way associated with Total Phase, Inc., the developer of Total Phase Data Center and associated protocol analyzer products. This project makes no claim to ownership of the proprietary rights (including patents, trademarks, copyrights, trade secrets, etc.) of Total Phase, Inc. and its products or software.

Project Status

Done:

  • The header format of the .tdc files is partially understood and documented with Kaitai Struct in doc/tdc.ksy.
  • The format of the compressed capture data in .tdc files is (nearly) completely understood, and can be correctly decompressed using the algorithm described in doc/Compression.md. The algorithm is FastLZ.
  • The format of the decompressed data is partly understood, and is described in doc/Decompressed-Data.md.
To do:

  • Finish reverse engineering the format of the decompressed capture data.
  • Write a tool to parse a .tdc file and generate a .pcapng file from it.

License

Except where stated otherwise: