Logging filenames of mass storage file reads

[J005]

How can facedancer be configured to log filenames that are attempted to be read when emulating a mass storage device? Mentioned in @ktemkin's talk here - https://www.youtube.com/watch?v=h3VWvZ162QE&list=LL&index=1

I have tried increasing the verbosity in the mass-storage.py example however only ever see the block reads i.e.

<-- handling READ (IN) 4096:[00 00 03 00 00 00 00 08 00 00 00 00 00 00 00]
<-- performing READ (10), lba 196608 + 8 block(s)
--> handling WRITE (10) (OUT) 12288:[00 00 00 01 08 00 00 18 00 00 00 00 00 00 00]
--> performing WRITE (10), lba 264 + 24 block(s)
--> writing 24 blocks at lba 264

[martinling]

The mass storage protocol only deals with blocks, not files - there's no request where the host says "please give me filename X".

The technique used in that talk involves creating a specially crafted FAT filesystem image. The filesystem has a file allocation table which specifies what filenames are available and where they are stored on the disk. Conceptually that table looks something like:

• aaaaaaaa.bin is stored at block 1
• bbbbbbb.bin is stored at block 2
• ...etc...
• upgrade.bin is stored at block 31337

The script knows the contents of the table, so when the host reads block 31337, it knows it's looking for upgrade.bin.

However, it's not practical to list every possible filename, so there's limitations to what can be done with this approach.