#!/usr/bin/env python3 # run this before the script : `tshark -r access_cards.pcap -Y 'usb.src == "2.2.1"' -T fields -e usbhid.data > access_cards.data` # This is the name of the file that contains the HID data. A line should look like `030000000000000000` file_name = "access_cards.data" # This should cover the most common key codes keys = "\x00\x00\x00\x00abcdefghijklmnopqrstuvwxyz1234567890\n\x00\x00\t -=[]\\#;'`,./" keys_shift = "\x00\x00\x00\x00ABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()\n\x00\x00\t _+{}|~:\"~<>?" # This will contain the converted characters out = list() # Do a barrel roll with open(file_name) as f: line = bytes.fromhex(f.readline()) while line: # Check if left shift or right shift is pressed if line[1] & 0x02 or line[1] & 0x20: c = keys_shift[line[3]] else: c = keys[line[3]] # Append to out if not a null byte if c != '\x00': out += c line = bytes.fromhex(f.readline()) # Spit it out print("".join(out))