stephengeorgewest The usb hub has 2 un-connected ports. the 4 CH440G look to be the actual switches. CH9884 doesn't seem to have any data sheets online.
When the port is selected, it connects a generic usb hub. same Vendor/Product as a Monoprice "aquamini".
When the main hub is disconnected, it connects a device to the bus instead:
idVendor: 0x1A86 = Nanjing Qinherg Electronics Co., Ltd.
idProduct: 0xE041
Which I'm guessing is CH9884
The "Drivers" cd was a burned cd rom with USBShare.exe, and an installer, that I assume puts it somewhere and adds it to startup. I didn't run the installer. Running strings on the exe showed some usb.
VID_1A86&PID_E041
VID_1A86&PID_E040
VID_5131&PID_2007
I ran the exe through ghidra, to see if I could find anything, but I didn't find much. the USB identifiers, and some other strings. \(〇_o)/ I don't have the patience for this. I just decided to run the exe, and wireshark it.
Build: May 14 2011
Maybe it still works
Well, it puts a it turns green when connected to the usb hub, and ... well it turns green when not connected too. Turns red, then yellow when switching away.
In yellow state, the program continuously asks (I think it is just connected checks?):
Frame 31356: 44 bytes on wire (352 bits), 44 bytes captured (352 bits) on interface wireshark_extcap2440, id 0
USB URB
[Source: host]
[Destination: 2.4.0]
USBPcap pseudoheader length: 28
IRP ID: 0xffff898c72c27010
IRP USBD_STATUS: USBD_STATUS_SUCCESS (0x00000000)
URB Function: URB_FUNCTION_CLASS_INTERFACE (0x001b)
IRP information: 0x00, Direction: FDO -> PDO
0000 000. = Reserved: 0x00
.... ...0 = Direction: FDO -> PDO (0x0)
URB bus id: 2
Device address: 4
Endpoint: 0x00, Direction: OUT
0... .... = Direction: OUT (0)
.... 0000 = Endpoint number: 0
URB transfer type: URB_CONTROL (0x02)
Packet Data Length: 16
[Response in: 31357]
Control transfer stage: Setup (0)
[bInterfaceClass: HID (0x03)]
Setup Data
bmRequestType: 0x21
0... .... = Direction: Host-to-device
.01. .... = Type: Class (0x1)
...0 0001 = Recipient: Interface (0x01)
bRequest: SET_REPORT (0x09)
wValue: 0x0200
ReportID: 0
ReportType: Output (2)
wIndex: 0
wLength: 8
bRequest: 9
wValue: 0x0200
wIndex: 0 (0x0000)
wLength: 8
Data Fragment: 5501000000000000
In yellow state, "Switch" gets enabled,
and Upon clicking "switch", it fires off:
Frame 31702: 36 bytes on wire (288 bits), 36 bytes captured (288 bits) on interface wireshark_extcap2440, id 0
USB URB
[Source: host]
[Destination: 2.4.0]
USBPcap pseudoheader length: 28
IRP ID: 0xffff898c81fc6970
IRP USBD_STATUS: USBD_STATUS_SUCCESS (0x00000000)
URB Function: URB_FUNCTION_SELECT_CONFIGURATION (0x0000)
IRP information: 0x00, Direction: FDO -> PDO
0000 000. = Reserved: 0x00
.... ...0 = Direction: FDO -> PDO (0x0)
URB bus id: 2
Device address: 4
Endpoint: 0x00, Direction: OUT
0... .... = Direction: OUT (0)
.... 0000 = Endpoint number: 0
URB transfer type: URB_CONTROL (0x02)
Packet Data Length: 8
[Response in: 31705]
Control transfer stage: Setup (0)
Setup Data
bmRequestType: 0x00
0... .... = Direction: Host-to-device
.00. .... = Type: Standard (0x0)
...0 0000 = Recipient: Device (0x00)
bRequest: SET CONFIGURATION (9)
bConfigurationValue: 1
wIndex: 0 (0x0000)
wLength: 0So, I guess that is it.
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.