当前位置:网站首页>buuctf misc USB
buuctf misc USB
2022-07-07 04:13:00 【[mzq]】
USB
题目地址 : https://buuoj.cn/challenges#USB
题目一共两个文件一个233.rar 一个key.ftm 文件,先解压rar文件得到一个flag.txt 来自作者的嘲讽
用010editor 打开发现 rar的文件块应该是74 而不是7A ,把7A修改为74
修复完解压后得到一个 233.png ,用stegsolve打开, 发现二维码
扫码得到
ci{v3erf_0tygidv2_fc0}
在 key.ftm 文件中发现zip文件,提取zip压缩包解压得到key.pcapng
用UsbKeyboardDataHacker 解密usb流量
#!/usr/bin/env python
import sys
import os
DataFileName = "usb.dat"
presses = []
normalKeys = {
"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}
shiftKeys = {
"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}
def main():
# check argv
if len(sys.argv) != 2:
print("Usage : ")
print(" python UsbKeyboardHacker.py data.pcap")
print("Tips : ")
print(" To use this python script , you must install the tshark first.")
print(" You can use `sudo apt-get install tshark` to install it")
print("Author : ")
print(" WangYihang <[email protected]>")
print(" If you have any questions , please contact me by email.")
print(" Thank you for using.")
exit(1)
# get argv
pcapFilePath = sys.argv[1]
# get data of pcap
os.system("tshark -r %s -T fields -e usb.capdata 'usb.data_len == 8' > %s" % (pcapFilePath, DataFileName))
# read data
with open(DataFileName, "r") as f:
for line in f:
presses.append(line[0:-1])
# handle
result = ""
for press in presses:
if press == '':
continue
if ':' in press:
Bytes = press.split(":")
else:
Bytes = [press[i:i+2] for i in range(0, len(press), 2)]
if Bytes[0] == "00":
if Bytes[2] != "00" and normalKeys.get(Bytes[2]):
result += normalKeys[Bytes[2]]
elif int(Bytes[0],16) & 0b10 or int(Bytes[0],16) & 0b100000: # shift key is pressed.
if Bytes[2] != "00" and normalKeys.get(Bytes[2]):
result += shiftKeys[Bytes[2]]
else:
print("[-] Unknow Key : %s" % (Bytes[0]))
print("[+] Found : %s" % (result))
# clean the temp data
os.system("rm ./%s" % (DataFileName))
if __name__ == "__main__":
main()
用二维码得到的字符串,进行
Vigenere
解码,key是xinan
Vigenere : https://atomcated.github.io/Vigenere/
然后进行 Railfence解密 栏数为2
边栏推荐
- What is the difference between TCP and UDP?
- 知识点滴 - 关于苹果认证MFI
- 聊聊异步编程的 7 种实现方式
- Build personal website based on flask
- Deep learning Flower Book + machine learning watermelon book electronic version I found
- 海思芯片(hi3516dv300)uboot镜像生成过程详解
- 抽丝剥茧C语言(高阶)数据的储存+练习
- 抽絲剝繭C語言(高階)指針的進階
- About binary cannot express decimals accurately
- PostgreSQL source code (59) analysis of transaction ID allocation and overflow judgment methods
猜你喜欢
随机推荐
普通测试年薪15w,测试开发年薪30w+,二者差距在哪?
Solution: could not find kf5 (missing: coreaddons dbusaddons doctools xmlgui)
1、 Go knowledge check and remedy + practical course notes youth training camp notes
Tencent's one-day life
Weibo publishing cases
《动手学深度学习》(四) -- 卷积神经网络 CNN
Outsourcing for three years, abandoned
95后CV工程师晒出工资单,狠补了这个,真香...
外包干了四年,废了...
【Unity】物体做圆周运动的几个思路
Implementing data dictionary with JSP custom tag
Make a bat file for cleaning system garbage
JS decorator @decorator learning notes
Kuboard can't send email and nail alarm problem is solved
在线直播系统源码,使用ValueAnimator实现view放大缩小动画效果
今日现货白银操作建议
深度学习花书+机器学习西瓜书电子版我找到了
Project practice five fitting straight lines to obtain the center line
Why is the row of SQL_ The ranking returned by number is 1
Model application of time series analysis - stock price prediction