Hey boys and girls I'ma get straight to the point.
I have this missile launcher usb toy and I wanted to put a camera on it so that I can use it as a security camera.
To do this I need to be able to controll the missile launcher in some way.
Ive tried to simulate mouse button clicks directly on to the software that comes with the missile launcher but I found no useful or simple enough of information of Delphi code to do this.
I've tried to find .pas units and components to send hex data directtly to the usb device,
but only to be left with failiure.
I've searched everywhere for SOMETHING that is Delphi+USB related but I couldnt find anything,
nontheless anything about the missile launcher+delphi.
I noticed that in the folder of the missile launcher program there is a file called TenxHID.dll, and with some research I managed to find out that this file was created by the company Tenx and this DLL file does all the data transmission and recievment from and to the missile launcher.
I downloaded DLL Export Viewer and opened the TenxHID.dll to see its exports and found DeviceIni, BufferWrite and BufferRead.
However since I dont know their parameters they're useless to me.
I searched on google for some more hours and I found a site called
specific chip,
I looked at one of the files and I found the following piece of code:
const
DN = 'kiusb.dll';
function usb_close(): Integer; stdcall; external DN;
function usb_dwnload(image: PByte; len: dword): Integer; stdcall; external DN;
function usb_bulk_write(pipe: Integer; buf: PByte; len: Integer): Integer;
stdcall; external DN;
function usb_bulk_read(pipe: Integer; buf: PByte; len: Integer): Integer;
stdcall; external DN;
function cusb_init(): Integer; stdcall; external DN;
And I was like "hmmm, that looks a bit familiar".
So I took the three functions, cusb_init, usb_bulk_read and usb_bulk_write
and I renamed them to DeviceIni, ReadBuffer and WriteBuffer, and then I took their respective code and called DeviceIni to see if I could get any connection with the missile launcher,
and viola, when the missile launcher was connected, I got a "Connection OK" message, and when it was not connected I got a "Connection Fail" message.
All I have to do now is to try to sniff up some hex buffer snippets that is sent from the original software and try to send it through my own software.
The full function of the WriteBuffer looks like this:
function WriteBuffer(pipe: Integer; buf: PByte; len: Integer): Integer; stdcall; external DN;
However I dont know how to work with that PByte thingy, if anybody knows how to use it, please let me know.
Files
USB Missile Launcher (Works on Win7x64) :
Delphi Missile Launcher (Developed in Delphi XE):
i picked up one of these for a quid at a boot fair. i used a USB sniffer to see packets going to it. let me know if you need more info on that. i'm probably just going to connect its motors directly to an arduino and play with it that way.
SvaraRaderaif you have any info on that let me know
SvaraRaderaI have cracked it now!
SvaraRadera