[2022CISCN]ez_usb
[2022CISCN]ez_usb:键盘提取压缩包和密码流量分析
首先题目给的提示是这个是键盘流量,那么我们搜索8个字节长度的数据包,这里发现有两个Destination的数据包的长度是8,说明键盘给两个地方输入了值
tshark分别提取出压缩包和压缩密码
tshark -r ./ez_usb.pcapng -Y 'usb.data_len == 8' -Y 'usb.src =="2.8.1"' -T fields -e usb.capdata > 1.txt
tshark -r ./ez_usb.pcapng -Y 'usb.data_len == 8' -Y 'usb.src =="2.10.1"' -T fields -e usb.capdata > 2.txt
再利用脚本
normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}
shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}def out(file):keys=open(file)output = []for line in keys:try:if line[0]!='0' or (line[1]!='0' and line[1]!='2') or line[3]!='0' or line[4]!='0' or line[9]!='0' or line[10]!='0' or line[12]!='0' or line[13]!='0' or line[15]!='0' or line[16]!='0' or line[18]!='0' or line[19]!='0' or line[21]!='0' or line[22]!='0' or line[6:8]=="00":continueif line[6:8] in normalKeys.keys():output += [[normalKeys[line[6:8]]],[shiftKeys[line[6:8]]]][line[1]=='2']else:output += ['[unknown]']except:passkeys.close()flag=0print("".join(output))for i in range(len(output)):try:a=output.index('<DEL>')del output[a]del output[a-1]except:passfor i in range(len(output)):try:if output[i]=="<CAP>":flag+=1output.pop(i)if flag==2:flag=0if flag!=0:output[i]=output[i].upper()except:passprint ('output :' + "".join(output))print()out("1.txt")
out("2.txt")
得到output:
526172211a0700<CAP>c<CAP>f907300000d00000000000000c4527424943500300000002<CAP>a000000<CAP>02b9f9b0530778b5541d33080020000000666c61672<CAP>e<CAP>747874<CAP>b9b<CAP>a013242f3a<CAP>fc<CAP>000b092c229d6e994167c05<CAP>a7<CAP>8708b271f<CAP>fc<CAP>042ae3d251e65536<CAP>f9a<CAP>da87c77406b67d0<CAP>e6316684766<CAP>a86e844d<CAP>c81aa2<CAP>c72c71348d10c4<CAP>c<DEL>3d7b<CAP>00400700
output : 526172211a0700Cf907300000d00000000000000c4527424943500300000002A00000002b9f9b0530778b5541d33080020000000666c61672E747874B9Ba013242f3aFC000b092c229d6e994167c05A78708b271fFC042ae3d251e65536F9Ada87c77406b67d0E6316684766a86e844dC81AA2c72c71348d10c43D7B0040070035c535765e50074a
output :35c535765e50074a
然后用Notepad++打开转ASCII保存,再用rar打开,输入密码即可拿到flag
output :35c535765e50074a
然后用Notepad++打开转ASCII保存,再用rar打开,输入密码即可拿到flag[2022CISCN]ez_usb相关推荐
- EZ_USB salveFIFO
本文实现一种FPGA与PC通信的方法,采用USB2.0,即Cypress公司的EZ_USB FX2LP系列的CY7C68013A芯片.下面先介绍一下这款芯片. CY7C68013A是一款含高速USB2 ...
- 第15届全国大学生知识竞赛 2022ciscn初赛 部分wp
Misc ez_usb 1.键盘流量 USB协议数据部分在Leftover Capture Data域中,数据长度为八个字节.其中键盘击键信息集中在第三个字节中. 如图,发现击键信息为0x06,即对应 ...
- 第15届全国大学生知识竞赛场景实操 2022ciscn线上初赛 部分writeup
文章目录 ez_usb everlasting_night 问卷调查 签到电台 Ezpop **基于挑战码的双向认证1.2** 基于挑战码的双向认证3 Iso9798 Login-nomal Baby ...
- 第15届全国大学生知识竞赛场景实操 2022ciscn初赛 部分writeup
文章目录 Crypto 签到电台 基于挑战码的双向认证1 基于挑战码的双向认证2 基于挑战码的双向认证3 Misc ez_usb everlasting_night 问卷 babydisk Web E ...
- 2021年中国工业互联网安全大赛核能行业赛道writeup之usb流量分析
目录 一.USB协议 二.键盘流量 三.鼠标流量 四.writeup 附件题:usb流量分析 题目描述: 具体描述忘记了o(╯□╰)o 大概意思是有个U盘插到电脑上,然后经过一些操作导致该电脑重启了. ...
- GPIF II designer使用说明+CYUSB3014芯片基本信息介绍——英文文档学习记录
这篇文章是基于之前FX3实现FPGA与USB3.0通信的内容.本人新手,写的不好如有错误请原谅.今天来记录一下官方文档的学习. 一.基本信息讲解 1.1 GPIF II Designer和CYUSB3 ...
- 2020ciscn wp
目录 1.签到电台 2.基于挑战码的双向认证(1,2) 3.web Ezpo 4.基于挑战码的双向认证3 5.ISO9798 6.问卷调查 7.ez_usb 8.login-nomal 1.签到电台 ...
- CY68013 FPGA通信联调总结
1. 简介 CY68013是一款USB 2.0芯片,常用作fpga与pc的接口芯片,其硬件可以自动处理USB协议,也可以在里面下载对应的固件程序,由固件程序来完成USB协议的通信.我们只关心USB数据 ...
- 第十五届全国大学生信息安全竞赛创新实践能力赛
基于挑战码的双向认证1 这两个应该是属于非预期,查找文件内容,两个flag都出了: find / |xargs grep -ri flag{ 2>/dev/null flag{34f5fda ...
最新文章
- Layui框架 中table解决日期格式问题
- 《Spring设计思想》AOP设计思想与原理(图文并茂)
- VS Code 和 Sublime Text 3 安装及常用插件安装
- JavaScript高级之ES5 中的新增方法
- Lua5.1中的API函数
- [PHP] 解决:hex2bin(): Hexadecimal input string must have an even length
- 大一计算机基础ppt练习题,计算机基础知识PPT练习题及答案DOC
- 漫画 | 前端发展史的江湖恩怨情仇
- 袁亚湘 《如何做好一名研究生》 讲座笔记
- 第1关:MapReduce综合应用案例 — 电信数据清洗
- IE、FF、Safari、OP不同浏览器兼容报告
- 【编程题】【Scratch三级】2019.06 幻影小猫
- 高温熔融玻璃液位检测用激光玻璃液位计
- python把英语句子成分字母_有没有那种能分析英语句子成分的APP?
- ubuntu开机停留在(initramfs)页面
- xml 标签带有符号php,php-如果元素每个记录有相似的标记,则获取正确的xml值
- 2021高考数学成绩查询,吐血整理!2020高考数学评分细则参考,2021高考这样准备少丢分!...
- python入门读书笔记
- itchat 调用微信网页版 python 调用微信
- [HEOI2012]采花