buuctf misc USB

USB

题目地址 : https://buuoj.cn/challenges#USB

题目一共两个文件一个233.rar 一个key.ftm 文件，先解压rar文件得到一个flag.txt 来自作者的嘲讽

用010editor 打开发现 rar的文件块应该是74 而不是7A ，把7A修改为74

修复完解压后得到一个 233.png ，用stegsolve打开，发现二维码

扫码得到 ci{v3erf_0tygidv2_fc0}

在 key.ftm 文件中发现zip文件，提取zip压缩包解压得到key.pcapng

用UsbKeyboardDataHacker 解密usb流量

#!/usr/bin/env pythonimport sys
import osDataFileName = "usb.dat"presses = []normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}def main():# check argvif len(sys.argv) != 2:print("Usage : ")print("        python UsbKeyboardHacker.py data.pcap")print("Tips : ")print("        To use this python script , you must install the tshark first.")print("        You can use `sudo apt-get install tshark` to install it")print("Author : ")print("        WangYihang <wangyihanger@gmail.com>")print("        If you have any questions , please contact me by email.")print("        Thank you for using.")exit(1)# get argvpcapFilePath = sys.argv[1]# get data of pcapos.system("tshark -r %s -T fields -e usb.capdata 'usb.data_len == 8' > %s" % (pcapFilePath, DataFileName))# read datawith open(DataFileName, "r") as f:for line in f:presses.append(line[0:-1])# handleresult = ""for press in presses:if press == '':continueif ':' in press:Bytes = press.split(":")else:Bytes = [press[i:i+2] for i in range(0, len(press), 2)]if Bytes[0] == "00":if Bytes[2] != "00" and normalKeys.get(Bytes[2]):result += normalKeys[Bytes[2]]elif int(Bytes[0],16) & 0b10 or int(Bytes[0],16) & 0b100000: # shift key is pressed.if Bytes[2] != "00" and normalKeys.get(Bytes[2]):result += shiftKeys[Bytes[2]]else:print("[-] Unknow Key : %s" % (Bytes[0]))print("[+] Found : %s" % (result))# clean the temp dataos.system("rm ./%s" % (DataFileName))if __name__ == "__main__":main()

用二维码得到的字符串，进行Vigenere解码，key是 xinan

Vigenere : https://atomcated.github.io/Vigenere/

然后进行 Railfence解密栏数为2

buuctf misc USB相关推荐

BUUCTF misc 二维码1解题思路
BUUCTF misc 二维码1解题思路 1题目 2打开后发现是一个二维码,首先我们将它放到010中分析发现藏有pk开头的压缩包,然后我们使用kali把压缩包分离出来 dd if=QR_code.pn ...
CTF题之BUUCTF系列：BUUCTF Misc 二维码
一.名称 BUUCTF Misc 二维码二.题目链接:https://buuoj.cn/challenges#%E4%BA%8C%E7%BB%B4%E7%A0%81 解压缩后是一个二维码三.解题步 ...
BUUCTF Misc杂项前十二道题的思路和感悟
title: BUUCTF Misc date: 2021年8月18日 17点27分 tags: MISC categories: MISC 1.BUUCTF 签到题直接告诉了flag. 2.BUU ...
BUUCTF - misc [HDCTF2019]你能发现什么蛛丝马迹吗
BUUCTF - misc [HDCTF2019]你能发现什么蛛丝马迹吗打开一个镜像文件分析镜像,看一下文件的profile值,确定内存镜像的版本 volatility -f memory.img ...
buuctf Misc 镜子里的世界
buuctf Misc 镜子里的世界 1.stegsolve打开 2.lsb隐写 1.stegsolve打开切换通道之后没什么效果 2.lsb隐写得到flag flag{st3g0_saurus_ ...
BUUCTF MISC刷题笔记(五)
BUUOJ Misc [MRCTF2020]摇滚DJ(建议大声播放 [SCTF2019]Ready_Player_One [XMAN2018排位赛]file [INSHack2019]gflag [X ...
BUUCTF | Misc 二维码 -- BUUOJ WriteUP
导语: 日刷,日省,日益也.我们要从最简单的题目开始做起,一点一点的培养我们的网络安全技术.网络信息化建设突飞猛进,互联网基础环境全面优化,网络空间法治化快速推荐,为促进网络空间日渐清朗.网络文化全面 ...
ctfshow misc buuctf misc
目录 steghide的使用 ctfshow misc 杂项签到 misc2 buuctf 神秘龙卷风数据包中的线索假如给我三天光明后门查杀 webshell后门来首歌吧荷兰宽带数据泄露面 ...
BUUCTF MISC刷题笔记(一)
BUUOJ Misc 喵喵喵弱口令 [安洵杯 2019]easy misc [XMAN2018排位赛]通行证蜘蛛侠呀 [RCTF2019]draw [MRCTF2020]Hello_ misc [ ...

buuctf misc USB

USB

buuctf misc USB相关推荐

最新文章

热门文章