本文主要是介绍bugku misc 花点流量听听歌,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
下载得到,花点流量听听歌.mp3文件
用audactity打开,查看到
百度一下得知这是一种类似于维吉尼亚密码的古典替换密码,这种密码是需要解密key的
用010editor打开查看到
用010查看时发现文件内隐藏压缩文件的标识头,foremost分离得到一个压缩包解压得到whereiskey
都是USB的流量,提取一下 ,也可以用工具:https://github.com/WangYihang/UsbKeyboardDataHacker
不过工具有点问题,将UsbKeyboardDataHacker.py修改成这样就可以了
#!/usr/bin/env pythonimport sys
import osDataFileName = "usb.dat"presses = []normalKeys = {"04": "a", "05": "b", "06": "c", "07": "d", "08": "e", "09": "f", "0a": "g", "0b": "h", "0c": "i","0d": "j", "0e": "k", "0f": "l", "10": "m", "11": "n", "12": "o", "13": "p", "14": "q", "15": "r","16": "s", "17": "t", "18": "u", "19": "v", "1a": "w", "1b": "x", "1c": "y", "1d": "z", "1e": "1","1f": "2", "20": "3", "21": "4", "22": "5", "23": "6", "24": "7", "25": "8", "26": "9", "27": "0","28": "<RET>", "29": "<ESC>", "2a": "<DEL>", "2b": "\t", "2c": "<SPACE>", "2d": "-", "2e": "=", "2f": "[","30": "]", "31": "\\", "32": "<NON>", "33": ";", "34": "'", "35": "<GA>", "36": ",", "37": ".", "38": "/","39": "<CAP>", "3a": "<F1>", "3b": "<F2>", "3c": "<F3>", "3d": "<F4>", "3e": "<F5>", "3f": "<F6>","40": "<F7>", "41": "<F8>", "42": "<F9>", "43": "<F10>", "44": "<F11>", "45": "<F12>"}shiftKeys = {"04": "A", "05": "B", "06": "C", "07": "D", "08": "E", "09": "F", "0a": "G", "0b": "H", "0c": "I","0d": "J", "0e": "K", "0f": "L", "10": "M", "11": "N", "12": "O", "13": "P", "14": "Q", "15": "R","16": "S", "17": "T", "18": "U", "19": "V", "1a": "W", "1b": "X", "1c": "Y", "1d": "Z", "1e": "!","1f": "@", "20": "#", "21": "$", "22": "%", "23": "^", "24": "&", "25": "*", "26": "(", "27": ")","28": "<RET>", "29": "<ESC>", "2a": "<DEL>", "2b": "\t", "2c": "<SPACE>", "2d": "_", "2e": "+", "2f": "{","30": "}", "31": "|", "32": "<NON>", "33": "\"", "34": ":", "35": "<GA>", "36": "<", "37": ">", "38": "?","39": "<CAP>", "3a": "<F1>", "3b": "<F2>", "3c": "<F3>", "3d": "<F4>", "3e": "<F5>", "3f": "<F6>","40": "<F7>", "41": "<F8>", "42": "<F9>", "43": "<F10>", "44": "<F11>", "45": "<F12>"}def main():# check argvif len(sys.argv) != 2:print("Usage : ")print(" python UsbKeyboardHacker.py data.pcap")print("Tips : ")print(" To use this python script , you must install the tshark first.")print(" You can use `sudo apt-get install tshark` to install it")print("Author : ")print(" WangYihang <wangyihanger@gmail.com>")print(" If you have any questions , please contact me by email.")print(" Thank you for using.")exit(1)# get argvpcapFilePath = sys.argv[1]# print(pcapFilePath)# get data of pcapos.system("tshark -r %s -T fields -e usbhid.data > %s" % (pcapFilePath, DataFileName)) # read datawith open(DataFileName, "r") as f:for line in f:presses.append(line[0:-1])# handleresult = ""# print(presses)for press in presses:if press == '':continueif ':' in press:Bytes = press.split(":")else:Bytes = [press[i:i + 2] for i in range(0, len(press), 2)]if Bytes[0] == "00":if Bytes[2] != "00" and normalKeys.get(Bytes[2]):result += normalKeys[Bytes[2]]elif int(Bytes[0], 16) & 0b10 or int(Bytes[0], 16) & 0b100000: # shift key is pressed.if Bytes[2] != "00" and normalKeys.get(Bytes[2]):result += shiftKeys[Bytes[2]]else:print("[-] Unknow Key : %s" % (Bytes[0]))print("[+] Found : %s" % result)# clean the temp dataos.remove("./%s" % DataFileName)if __name__ == "__main__":main()
再根据和txt的内容
得出keyisusb
用密码解开压缩包即可获得flag
这篇关于bugku misc 花点流量听听歌的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
