CISCN 2022 初赛 ez_usb

还是从第一个 URB向后看
image.png
发现 同时 存在 2.8.1 2.10.1 2.4.1
但是显然 2.4.1 是7个字节 不满足 usb流量要求
只考虑 2.8.1 和 2.10.1
tshark -r ez_usb.pcapng -T json -Y "usb.src == \"2.8.1\"" -e usbhid.data > 281.json
image.png
正常取数据即可

import json
with open('281.json') as f:
    data = json.load(f)
    a=[]
for i in data:
    try:
        a.append(i['_source']['layers']['usbhid.data'][0])
    except:
        continue
#键盘流量
normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}
shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}

nums = []
for line in a:
    if len(line)!=16: # 鼠标流量的话len改为8
         continue
    nums.append(line[0:2]+line[4:6]) #????????×???
print(nums)

output = []
for n in nums:
    if n[2:4] == "00" :
        continue
    if n[2:4] in normalKeys:
        if n[0:2]=="02":
            output.append(shiftKeys[n[2:4]])
        else :
            output.append(normalKeys[n[2:4]])
    else:
        output += '[unknown]'
print(output)


flag=0
for i in range(len(output)):
    try:
        a=output.index('<DEL>')
        del output[a]
        del output[a-1]
    except:
        pass

for i in range(len(output)):
    try:
        if output[i]=="<CAP>":
            flag+=1
            output.pop(i)
            if flag==2:
                flag=0
        if flag!=0:
            output[i]=output[i].upper()
    except:
        pass
print ('output :' + "".join(output))

image.png

image.png
可以发现数据流是rar文件
将16进制流写入文件

import base64
data="526172211a0700Cf907300000d00000000000000c4527424943500300000002A00000002b9f9b0530778b5541d33080020000000666c61672E747874B9Ba013242f3aFC000b092c229d6e994167c05A78708b271fFC042ae3d251e65536F9Ada87c77406b67d0E6316684766a86e844dC81AA2c72c71348d10c43D7B00400700e0"
with open("flag.rar","wb") as f:
    f.write(base64.b16decode(data.upper()))

发现存在压缩包密码
image.png
接着提取 2.10.1的数据
一模一样的操作
tshark -r ez_usb.pcapng -T json -Y "usb.src == \"2.10.1\"" -e usbhid.data > 2101.json

import json
with open('2101.json') as f:
    data = json.load(f)
    a=[]
for i in data:
    try:
        a.append(i['_source']['layers']['usbhid.data'][0])
    except:
        continue
#键盘流量
normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}
shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}

nums = []
for line in a:
    if len(line)!=16: # 鼠标流量的话len改为8
         continue
    nums.append(line[0:2]+line[4:6]) #????????×???
print(nums)

output = []
for n in nums:
    if n[2:4] == "00" :
        continue
    if n[2:4] in normalKeys:
        if n[0:2]=="02":
            output.append(shiftKeys[n[2:4]])
        else :
            output.append(normalKeys[n[2:4]])
    else:
        output += '[unknown]'
print(output)


flag=0
for i in range(len(output)):
    try:
        a=output.index('<DEL>')
        del output[a]
        del output[a-1]
    except:
        pass

for i in range(len(output)):
    try:
        if output[i]=="<CAP>":
            flag+=1
            output.pop(i)
            if flag==2:
                flag=0
        if flag!=0:
            output[i]=output[i].upper()
    except:
        pass
print ('output :' + "".join(output))

image.png
可以拿到字符串 35c535765e50074a
打开压缩包就是flag
image.png
flag{20de17cc-d2c1-4b61-bebd-41159ed7172d}

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:/a/665377.html

如若内容造成侵权/违法违规/事实不符,请联系我们进行投诉反馈qq邮箱809451989@qq.com,一经查实,立即删除!

相关文章

Ubuntu基础使用

快捷键&#xff1a; 命令行打开快捷方式&#xff1a;Ctrl Alt T Ctrl l 清屏 截屏&#xff1a; LinuxOS命令&#xff1a; 显示当前工作目录所有内容&#xff1a;ls &#xff08;-a -l、-lh&#xff09; -a 输入全部内容&#xff08;包括隐藏文件&#xff09; -l 竖向展示…

opencv-python(一)

1. 图片加载与显示 import cv2 import numpy as npif __name__"__main__":rose cv2.imread(./rose.jpeg)print(rose.shape)print(type(rose))cv2.imshow(rose,rose) # 弹出窗口cv2.waitKey() # 等待键盘输入&#xff0c;任意输入&#xff0c;触发这行代码&#xff…

java mybatis处理大数据量,开启二级缓存和配置,及注意事项,已解决

注意事项&#xff1a; 尽量避免使用下面方式写sql否则会降低服务器性能&#xff1a; mybatis二级缓存开启后&#xff0c;避免使用事务注解&#xff08;加上事务注解后二级缓存数据会导致两次访问不一致问题&#xff09;&#xff1a; 3. 返回的对象实体类&#xff0c;要实现Se…

超融合架构下,虚拟机高可用机制如何构建?

作者&#xff1a;SmartX 产品部 钟锦锌 虚拟机高可用&#xff08;High Availability&#xff0c;简称 HA&#xff09;是虚拟化/超融合平台最常用、关键的功能之一&#xff0c;可在服务器发生故障时通过重建业务虚拟机以降低故障对业务带来的影响。因此&#xff0c;为了充分保障…

Ollama+OpenWebUI+Phi3本地大模型入门

文章目录 Ollama+OpenWebUI+Phi3本地大模型入门一、基础环境二、Ollama三、OpenWebUI + Phi3Ollama+OpenWebUI+Phi3本地大模型入门 完全不懂大模型的请绕道,相信我李一舟的课程比较适合 Ollama提供大模型运行环境,OpenWebUI提供UI,Phi3就是那个大模型。 当然,Ollama支持超级…

单片机串口接收负数的处理方法

dp80中有很多外设处理相关的都是有符号数据。 如dpm计算的结果&#xff0c;插入dpm后有时候会得到0xFFFFFFFE-2&#xff08;从调试界面也可以看到&#xff09;。

JS-09-es6常用知识1

目录 1 模板字符串 1.1 模板字符串基本用法 1.2 模板字符串解决了一些痛点 2 解构赋值 2.1 对象的解构赋值 2.2 函数参数的解构赋值 2.3 补写&#xff1a;属性的简写 3 rest参数 3.1 arguments 3.2 rest参数 3.3 补充&#xff1a;判断数据类型 4 箭头函数 4.1 …

AI大模型的生命周期:从开发到退役的全面解析

前言 人工智能大模型&#xff08;AI大模型&#xff09;是当前AI领域的一大热点&#xff0c;它们具有强大的计算能力和广泛的应用前景。本文将全面介绍AI大模型的基础知识、训练过程、使用方法和应用场景。 一、初步了解AI大模型 AI大模型&#xff0c;通常指的是参数量达到亿…

Superset二次开发之Github项目推送到GitLab仓库

以下是从GitHub克隆Superset项目并将其推送到GitLab的详细操作步骤 lab 地址: xxx lab 配置: 生成SSH密钥 ssh-keygen -t rsa -b 4096 -C "邮箱地址" 默认情况下密钥会生成在~/.ssh (/c/Users/Administrator/.ssh/id_rsa)目录下。 公钥添加到GitLab: 打开公钥文件…

通过Excel,生成sql,将A表数据插入B表

文章目录 投机取巧的方式,进行表数据初始化通过navicat搜索A表数据,然后复制进excel中通过excel的函数方式,将该批量数据自动生成插入B表的sql语句然后一次性拷贝生成的sql语句,放进navicat中一次执行,直接完成数据初始化

K210视觉识别模块学习笔记3:内存卡写入拍摄图片_LED三色灯的操作_按键操作_定时器的配置使用

今日开始学习K210视觉识别模块: LED三色灯的操作_按键操作_定时器的配置使用_内存卡写入拍摄图片 亚博智能的K210视觉识别模块...... 本文最终目的是编写一个按键拍照的例程序&#xff1a; 为以后的专用场景的模型训练做准备&#xff0c;因为训练自己的模型需要大量的图片&a…

算法简单笔记4

5月31号&#xff0c;明天决赛&#xff0c;今天脑子也是一滩浆糊&#xff0c;踏马的一道题也做不出来&#xff0c;超级难受&#xff0c;只好简单复盘一下两道之前的题目&#xff0c;看完就差不多了&#xff0c;再学也没啥用了&#xff0c;写完这两题题解我就回去打把steam绝地求…

TH方程学习(3)

一、编程实现 根据论文给出的案例&#xff0c;使用TH方程进行数值仿真 1.初始化条件 %% 参考文献<New State Transition Matrix for Relative Motion on an Aribitrary Elliptical Orbit> %% 作者 Yamanaka Koji clc;clear global miu Re miu 3.986e5; Re 6378.137;…

使用pkg打包了一个使用了sqlite3的nodejs项目,启动后闪退

从截图来看&#xff0c;问题出在 sqlite3 模块上。说明在打包过程中&#xff0c;sqlite3 模块的 .node 文件没有正确加载。 紧急解决方法&#xff1a; 其实就是exe文件还需要node_modules中的sqlite3 依赖&#xff0c;我们直接在系统顶级放一个node_modules&#xff0c;且其中只…

Vue3项目练习详细步骤(第五部分:用户模块的功能)

顶部导航栏个人信息显示 接口文档 接口请求与绑定 导航栏下拉菜单功能 路由实现 退出登录和路由跳转实现 基本资料修改 页面结构 接口文档 接口请求与绑定 修改头像 页面结构 头像回显 头像上传 接口文档 重置密码 页面结构 接口文档 接口请求与绑定 顶部导航…

docker部署owncloud进行管理

目录 一.拉取镜像 1.使用mysql和owncloud最新版镜像&#xff0c;构建个人网盘 2.查看是否已经正确监听端口 二.使用浏览器进行测试 1.使用IP:8080进行访问&#xff0c;用admin运行容器时设置的密码登录 2.查看到已经有的文件 3.文件上传对应的位置 4.在web页面进行简单…

基于RFID技术的烟草在线监测系统在烟草仓库温湿度监测中的应用。

在现代工业生产中&#xff0c;精准高效的在线监测系统对于产品质量控制至关重要。尤其是在高价值且对环境敏感的产品制造过程中&#xff0c;如烟草加工&#xff0c;实时准确的数据采集与分析直接关系到最终产品的品质及安全标准达标程度。 烟草行业在我国属于传统轻工业之一&am…

【kubernetes】探索k8s集群的存储卷、pvc和pv

目录 一、emptyDir存储卷 1.1 特点 1.2 用途 1.3部署 二、hostPath存储卷 2.1部署 2.1.1在 node01 节点上创建挂载目录 2.1.2在 node02 节点上创建挂载目录 2.1.3创建 Pod 资源 2.1.4访问测试 2.2 特点 2.3 用途 三、nfs共享存储卷 3.1特点 3.2用途 3.3部署 …

WiFi串口服务器与工业路由器:局域网应用的协同之力

在工业物联网&#xff08;IIoT&#xff09;迅猛发展的当下&#xff0c;局域网&#xff08;LAN&#xff09;作为连接工业设备与数据中心的桥梁&#xff0c;其重要性日益凸显。WiFi串口服务器与工业路由器作为局域网中的关键组件&#xff0c;以其独特的性能和功能&#xff0c;为传…

网络分层与各层网络协议介绍

一.OSI七层模型 1.OSI&#xff08;Open Systems Interconnection&#xff09;七层模型是由国际标准化组织&#xff08;ISO&#xff09;提出的一种网络通信协议的参考模型&#xff0c;用于标准化网络通信的过程。 OSI模型将网络通信分为七个层次&#xff0c;每个层次负责不同的…