buuctf misc USB
USB
题目地址 : https://buuoj.cn/challenges#USB
题目一共两个文件一个233.rar 一个key.ftm 文件,先解压rar文件得到一个flag.txt 来自作者的嘲讽
用010editor 打开发现 rar的文件块应该是74 而不是7A ,把7A修改为74
修复完解压后得到一个 233.png ,用stegsolve打开, 发现二维码
扫码得到
ci{v3erf_0tygidv2_fc0}
在 key.ftm 文件中发现zip文件,提取zip压缩包解压得到key.pcapng
用UsbKeyboardDataHacker 解密usb流量
#!/usr/bin/env pythonimport sys
import osDataFileName = "usb.dat"presses = []normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}def main():# check argvif len(sys.argv) != 2:print("Usage : ")print(" python UsbKeyboardHacker.py data.pcap")print("Tips : ")print(" To use this python script , you must install the tshark first.")print(" You can use `sudo apt-get install tshark` to install it")print("Author : ")print(" WangYihang <wangyihanger@gmail.com>")print(" If you have any questions , please contact me by email.")print(" Thank you for using.")exit(1)# get argvpcapFilePath = sys.argv[1]# get data of pcapos.system("tshark -r %s -T fields -e usb.capdata 'usb.data_len == 8' > %s" % (pcapFilePath, DataFileName))# read datawith open(DataFileName, "r") as f:for line in f:presses.append(line[0:-1])# handleresult = ""for press in presses:if press == '':continueif ':' in press:Bytes = press.split(":")else:Bytes = [press[i:i+2] for i in range(0, len(press), 2)]if Bytes[0] == "00":if Bytes[2] != "00" and normalKeys.get(Bytes[2]):result += normalKeys[Bytes[2]]elif int(Bytes[0],16) & 0b10 or int(Bytes[0],16) & 0b100000: # shift key is pressed.if Bytes[2] != "00" and normalKeys.get(Bytes[2]):result += shiftKeys[Bytes[2]]else:print("[-] Unknow Key : %s" % (Bytes[0]))print("[+] Found : %s" % (result))# clean the temp dataos.system("rm ./%s" % (DataFileName))if __name__ == "__main__":main()
用二维码得到的字符串,进行
Vigenere
解码,key是xinan
Vigenere : https://atomcated.github.io/Vigenere/
然后进行 Railfence解密 栏数为2
buuctf misc USB相关推荐
- BUUCTF misc 二维码1解题思路
BUUCTF misc 二维码1解题思路 1题目 2打开后发现是一个二维码,首先我们将它放到010中分析发现藏有pk开头的压缩包,然后我们使用kali把压缩包分离出来 dd if=QR_code.pn ...
- CTF题之BUUCTF系列:BUUCTF Misc 二维码
一.名称 BUUCTF Misc 二维码 二.题目链接:https://buuoj.cn/challenges#%E4%BA%8C%E7%BB%B4%E7%A0%81 解压缩后是一个二维码 三.解题步 ...
- BUUCTF Misc杂项前十二道题的思路和感悟
title: BUUCTF Misc date: 2021年8月18日 17点27分 tags: MISC categories: MISC 1.BUUCTF 签到题 直接告诉了flag. 2.BUU ...
- BUUCTF - misc [HDCTF2019]你能发现什么蛛丝马迹吗
BUUCTF - misc [HDCTF2019]你能发现什么蛛丝马迹吗 打开一个镜像文件 分析镜像,看一下文件的profile值,确定内存镜像的版本 volatility -f memory.img ...
- buuctf Misc 镜子里的世界
buuctf Misc 镜子里的世界 1.stegsolve打开 2.lsb隐写 1.stegsolve打开 切换通道之后没什么效果 2.lsb隐写 得到flag flag{st3g0_saurus_ ...
- BUUCTF MISC刷题笔记(五)
BUUOJ Misc [MRCTF2020]摇滚DJ(建议大声播放 [SCTF2019]Ready_Player_One [XMAN2018排位赛]file [INSHack2019]gflag [X ...
- BUUCTF | Misc 二维码 -- BUUOJ WriteUP
导语: 日刷,日省,日益也.我们要从最简单的题目开始做起,一点一点的培养我们的网络安全技术.网络信息化建设突飞猛进,互联网基础环境全面优化,网络空间法治化快速推荐,为促进网络空间日渐清朗.网络文化全面 ...
- ctfshow misc buuctf misc
目录 steghide的使用 ctfshow misc 杂项签到 misc2 buuctf 神秘龙卷风 数据包中的线索 假如给我三天光明 后门查杀 webshell后门 来首歌吧 荷兰宽带数据泄露 面 ...
- BUUCTF MISC刷题笔记(一)
BUUOJ Misc 喵喵喵 弱口令 [安洵杯 2019]easy misc [XMAN2018排位赛]通行证 蜘蛛侠呀 [RCTF2019]draw [MRCTF2020]Hello_ misc [ ...
最新文章
- Mac拷贝/复制文件夹路径快捷键
- Ubuntu 14.04环境变量修改
- 可扩展且侵入性最小的脑机接口平台
- python 更新数据库历史_python 实现数据库中数据添加、查询与更新的示例代码
- java 几个实用的小工具
- anaconda pip 命令报错
- oracle 修改字段长度_Oracle修改字符集前如何找出可能出现问题的数据?
- python怎么写运维脚本_python运维脚本实例
- SAP澄清概念、理清思路、组织机构
- 关于MSHTML控件使用的问题
- 好用文件整理工具,需要速来
- 零中频数字接收机原理
- OSChina 周四乱弹 ——今天家里只有我和女室友,我想……
- 更好玩的跑步机,还有丰富课程资源,赤兔Air跑步机体验
- win10不兼容中文版的vc++ 6.0解决办法
- Validform_v5.3.2 自定义规则
- 你管这叫操作系统源码(一)
- 计算机的开机自检是在 里完成的,计算机的开机自检是在()里完成的。
- SPV与Paymail的结合将永久性地改变数字支付的体验
- JavaScript获取文本框内容,select选择的值(jsp内实现)