当前位置:网站首页>CTF stegano practice stegano 9

CTF stegano practice stegano 9

2022-07-05 03:52:00 qq_ twenty-nine million five hundred and sixty-six thousand six

  1. First step , First use TrID The tool identifies the types of two files :
    Insert picture description here
    among ,ELF File is Linux Main executables under . A more accurate analysis can use linux Under the file command , See is coredump file :
    Insert picture description here
    As for what is coredump, You can see here

  2. Change suffix to open pcap file , adopt Ctrl+F find server hello In the bag session_id:
    Insert picture description here
    Client ( Browser side ) Through a named ssl_session_st Structure storage of SSL Related key parameters , among ssl_session_st Some data structures of are shown as follows :
    Insert picture description here

  3. Use C32Asm open file2 And search for 16 Base number :
    Insert picture description here
    Check out session-id, Forward should be 0x00000020, The length is 32, It should be master-key 了 :
    Insert picture description here

  4. Insert picture description here

  5. Get flag:
    Insert picture description here

原网站

版权声明
本文为[qq_ twenty-nine million five hundred and sixty-six thousand six]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/02/202202140723031334.html

边栏推荐

猜你喜欢

随机推荐