Reverse engineering the Creative Katana soundbar to control it from Linux
4 days ago
- #soundbar
- #reverse engineering
- #usb protocol
- The author purchased a Creative Sound Blaster Katana V2X soundbar and reverse engineered its communication protocol.
- The soundbar uses a proprietary Creative App, only available for Windows, requiring USB communication for configuration.
- USB communication was captured using Wireshark and USBPcap, revealing a CDC ACM serial interface.
- Commands follow a simple framing structure: 0x5A as the start marker, followed by command opcode, length, and payload.
- Authentication involves a challenge-response mechanism using AES-256-GCM encryption with a device-specific key.
- A Rust library and CLI tool called v2x-ctl was created to control the soundbar settings from Linux.
- The firmware update process was analyzed, revealing a CIFF (Creative Image File Format) container with multiple sections.
- The firmware includes bootloader, main firmware (FreeRTOS), audio prompts, and MCU firmware components.