本文主要是介绍2021津门杯misc之m0usb,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
- 首先下载这个文件,可以看到是一个压缩包,然后打开是一个pcapng流量格式的文件,先用wireshark打开,
- USB协议数据部分在Leftover Capture Data域中,数据长度为八个字节。其中键盘击键信息集中在第三个字节中。所以从这里可以推断是键盘流量,所以直接用键盘流量脚本进行解密
3. 最后我们得到这样一串数字,看起来像是某种编码或加密,我们通过观察,此串由数字01248组成,我们搜一下
4. 发现是云影密码,然后用脚本跑一下,得到flag
附:
键盘流量脚本keyboard:
import osfilename = input("请输入流量文件名(包括后缀)").strip()
os.system("tshark -r {} -T fields -e usb.capdata > usbdata.txt".format(filename))
normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}nums = []
keys = open('usbdata.txt')
for line in keys:#print(line)if len(line)!=17: #首先过滤掉鼠标等其他设备的USB流量continuenums.append(line[0:2]+line[4:6]) #取一、三字节#print(nums)
keys.close()
output = ""
for n in nums:if n[2:4] == "00" :continueif n[2:4] in normalKeys:if n[0:2]=="02": #表示按下了shiftoutput += shiftKeys [n[2:4]]else :output += normalKeys [n[2:4]]else:output += '[unknown]'
print('output :' + output)
云影密码yunying.py:
#!/usr/bin/python
# -*- coding=utf8 -*-
"""
# @Author : pig
# @CreatedTime:2019-11-2423:54:02
# @Description :
"""def de_code(c):dic = [chr(i) for i in range(ord("A"), ord("Z") + 1)]flag = []c2 = [i for i in c.split("0")]for i in c2:c3 = 0for j in i:c3 += int(j)flag.append(dic[c3 - 1])return flagdef encode(plaintext):dic = [chr(i) for i in range(ord("A"), ord("Z") + 1)]m = [i for i in plaintext]tmp = [];flag = []for i in range(len(m)):for j in range(len(dic)):if m[i] == dic[j]:tmp.append(j + 1)for i in tmp:res = ""if i >= 8:res += int(i/8)*"8"if i%8 >=4:res += int(i%8/4)*"4"if i%4 >=2:res += int(i%4/2)*"2"if i%2 >= 1:res += int(i%2/1)*"1"flag.append(res + "0")print ("".join(flag)[:-1])def yunying_to_string():c = input("输入要解密的数字串:")print (de_code(c))
def string_to_yunying():m_code = input("请输入要加密的数字串:")encode(m_code)if __name__=="__main__":print("====云影数字解码输入1====")print("====普通字符转云影数字2====")choice = input("请输入:")if choice == '1':yunying_to_string()else:string_to_yunying()
原题文件:
m0usb
这篇关于2021津门杯misc之m0usb的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
![[SWPUCTF 2021 新生赛]web方向(一到六题) 解题思路,实操解析,解题软件使用,解题方法教程](https://i-blog.csdnimg.cn/direct/bcfaab8e5a68426b8abfa71b5124a20d.png)
