签到成功

(剩下的一题都不会)

趁还有印象,赶紧忙里偷闲把whiteup写了(因为再不写我又不会做了!


1.签到电台

题目内容:豪密,是中国共产党和中国工农红军第一本无线电通讯密码的简称,由周恩来同志亲自编制,以周恩来党内化名“伍豪”命名,它是我党建立机要工作最早也是保密性能最强的一种密码,从二十世纪三十年代到全国解放,都始终未被破译。春秋GAME伽玛实验室团队通过对豪密的加密模式进行分析,并参考已有的文献资料,仿制豪密的加密方法,制作成一道题目,谨以此题致敬情报战线的先辈们。

请点击“下发赛题”,让我们一起穿越百年,追寻红色通信足迹。(关注“春秋伽玛”公众号,回复“签到电台”获取解题提示)

“弼时安全到达了”所对应的7个电码:
1732 2514 1344 0356 0451 6671 0055

模十算法示例:1732与6378得到7000

抓到包之后把密码2531559856662434265545397303重发即可得到flag

flag{5867ebe7-5f96-430f-bd7e-823b967b3721}


2.问卷调查

填问卷,得flag


3.ez_usb

题目描述:简单的流量。

下载下来是一个pcapng流量包,首先binwalk,foremost,010三板斧,无果,然后用wireshark进行分析。

发现Source从2.8.1开始反复横跳,结合题目ez_usb,猜测是键盘流量(鼠标流量十六进制数变化理论上会更大一些,所以考虑键盘流量)。我们一开始把Source为2.8.1和2.10.1的流量全部dump下来,同样是zip文件,但是死活打不开,后来才知道2.8.1是文件,2.10.1是密码,佛了。这里我分别dump2.8.1和2.10.1的流量

输入tshark -r ez_usb.pcapng -T fields -e usbhid.data -Y "usb.device_address == 8" > 8.txt

tshark -r ez_usb.pcapng -T fields -e usbhid.data -Y "usb.device_address == 10" > 10.txt

注意不能是usb.capdata(这样会输出1,2,3...得不到想要的数据),usb.device_address不能等于2.8.1,要等于8。(或许usb.src==2.8.1可行,忘了试了)

我看不懂,但我大受震撼。

画风是这样的

流量与键盘输入字符的关系(53页开始):usb对照表

网上找的脚本

# -*- coding: UTF-8 -*- import os # os.system("tshark -r test.pcapng -T fields -e usb.capdata > usbdata.txt") normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"} shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"} nums = [] keys = open('8.txt')
//第二次改成10.txt for line in keys:     if len(line)!=17: #首先过滤掉鼠标等其他设备的USB流量          continue     nums.append(line[0:2]+line[4:6]) #取一、三字节 keys.close() output = "" for n in nums:     if n[2:4] == "00" :         continue     if n[2:4] in normalKeys:         if n[0:2]=="02": #表示按下了shift             output += shiftKeys [n[2:4]]         else :             output += normalKeys [n[2:4]]     else:         output += '[unknown]' print('output :n' + output)

输入python3 keyboard.py

复制去记事本,把<CAP>和<DEL>删掉,扔去010生成新rar文件
修改keyboard.py中8.txt为10.txt后再次输入python3 keyboard.py
这里要注意一下output最开头的n不是密码的一部分(上面8.txt的时候也有那个字母n)
解得flag{20de17cc-d2c1-4b61-bebd-41159ed7172d}

4.everlasting_night

题目描述:永恒的夜,又隐藏着什么真相?

hint:仔细观察png数据块,通道隐藏的数据可以配合lsb隐写

首先binwalk、foremost、zsteg三板斧,无果,然后扔进stegsolve

非常无语的地方出现了,我用的stegsolve1.3没有放大缩小功能!直接导致我没看到右下角的lsb隐写,佛了,经此教训,已经把stegsolve升级为带zoom功能的stegsolve1.4

注意右下角!

明显的lsb隐写痕迹

stegsolve-Analyse-Data Extract,参数选Alpha 2,Column(因为这里痕迹为一列,如果是一横应该选Row,猜的),LSB First,RGB,即可看到

得到一串字符串:f78dcd383f1b574b

刚好16位,考虑md5,发现不是。png隐写试试cloacked-pixel

确实是,然后扔进010看看是个什么东西

504b0304,明显zip文件头,把文件后缀改成zip

有密码,这时注意到everlasting_night.png文件尾部在png文件尾标识AE 42 60 82之后还有一段字符FB3EFCE4CEAC2F5445C7AE17E3E969AB,刚好32位,考虑md5

CMD5还解不出来,绷不住了,换个网站

SOMD5,行。随后把flag解出来扔进010看看是个啥

发现它虽然有png的文件头文件尾,但是内容完全不像png该有的样子,随后经高人指点是原始数据,把文件后缀改为.data,扔进软件GIMP(GUN图形处理程序,可以打开.data文件)中,原来宽高都为350,把宽度改成352即为正常图像,得到flag

flag{607f41da-e849-4c0b-8867-1b3c74536cc4}

又学到很多


5.babydisk

题目描述:小明在路边捡到了一块硬盘,你可以帮助小明分析里面有什么好东西吗?

这题是这次最难的一道Misc,首先题目给到一个vmdk文件,马上用7z把虚拟硬盘里面内容dump出来,发现有一个wav音频。按惯例先binwalk,foremost来分离,audacity看波形图和频谱图,顺便再接耳机听一下音频内容,一切正常。随后开始考虑wav文件的隐写:deepsound,silenteye,DeEgger Embedder等,发现deepsound要求输入密码,那基本可以确定用了deepsound进行隐写

后来学到可以脚本撞wav文件的hash值,随后再用脚本爆破出密码

deepsound教程

以下是deepsound2john.py代码(注意要用python3)

#!/usr/bin/env python3 ''' deepsound2john extracts password hashes from audio files containing encrypted data steganographically embedded by DeepSound (http://jpinsoft.net/deepsound/). This method is known to work with files created by DeepSound 2.0. Input files should be in .wav format. Hashes can be recovered from audio files even after conversion from other formats, e.g., ffmpeg -i input output.wav Usage: python3 deepsound2john.py carrier.wav > hashes.txt john hashes.txt This software is copyright (c) 2018 Ryan Govostes <[email protected]>, and it is hereby released to the general public under the following terms: Redistribution and use in source and binary forms, with or without modification, are permitted. ''' import logging import os import sys import textwrap def decode_data_low(buf): return buf[::2] def decode_data_normal(buf): out = bytearray() for i in range(0, len(buf), 4): out.append((buf[i] & 15) << 4 | (buf[i + 2] & 15)) return out def decode_data_high(buf): out = bytearray() for i in range(0, len(buf), 8): out.append((buf[i] & 3) << 6 | (buf[i + 2] & 3) << 4 \ | (buf[i + 4] & 3) << 2 | (buf[i + 6] & 3)) return out def is_magic(buf): # This is a more efficient way of testing for the `DSCF` magic header without # decoding the whole buffer return (buf[0] & 15) == (68 >> 4) and (buf[2] & 15) == (68 & 15) \ and (buf[4] & 15) == (83 >> 4) and (buf[6] & 15) == (83 & 15) \ and (buf[8] & 15) == (67 >> 4) and (buf[10] & 15) == (67 & 15) \ and (buf[12] & 15) == (70 >> 4) and (buf[14] & 15) == (70 & 15) def is_wave(buf): return buf[0:4] == b'RIFF' and buf[8:12] == b'WAVE' def process_deepsound_file(f): bname = os.path.basename(f.name) logger = logging.getLogger(bname) # Check if it's a .wav file buf = f.read(12) if not is_wave(buf): global convert_warn logger.error('file not in .wav format') convert_warn = True return f.seek(0, os.SEEK_SET) # Scan for the marker... hdrsz = 104 hdr = None while True: off = f.tell() buf = f.read(hdrsz) if len(buf) < hdrsz: break if is_magic(buf): hdr = decode_data_normal(buf) logger.info('found DeepSound header at offset %i', off) break f.seek(-hdrsz + 1, os.SEEK_CUR) if hdr is None: logger.warn('does not appear to be a DeepSound file') return # Check some header fields mode = hdr[4] encrypted = hdr[5] modes = {2: 'low', 4: 'normal', 8: 'high'} if mode in modes: logger.info('data is encoded in %s-quality mode', modes[mode]) else: logger.error('unexpected data encoding mode %i', modes[mode]) return if encrypted == 0: logger.warn('file is not encrypted') return elif encrypted != 1: logger.error('unexpected encryption flag %i', encrypted) return sha1 = hdr[6:6+20] print('%s:$dynamic_1529$%s' % (bname, sha1.hex())) if __name__ == '__main__': import argparse parser = argparse.ArgumentParser() parser.add_argument('--verbose', '-v', action='store_true') parser.add_argument('files', nargs='+', metavar='file', type=argparse.FileType('rb', bufsize=4096)) args = parser.parse_args() if args.verbose: logging.basicConfig(level=logging.INFO) else: logging.basicConfig(level=logging.WARN) convert_warn = False for f in args.files: process_deepsound_file(f) if convert_warn: print(textwrap.dedent(''' --------------------------------------------------------------- Some files were not in .wav format. Try converting them to .wav and try again. You can use: ffmpeg -i input output.wav --------------------------------------------------------------- '''.rstrip()), file=sys.stderr)

这是kali的官方用法:deepsound2john.py

终端输入python3 deepsound2john.py voipNewRing.wav > 1.txt

再用kali自带john脚本获取密码

输入john 1.txt

若提示No password hashes left to crack (see FAQ),其实是因为我们已经对该文件爆破过,则不会进行二次爆破,可以通过命令来查看已经爆破出来的密码。

输入john 1.txt --show

得到密码feedback,扔回deepsound,得到key.txt

得到字符串e575ac894c385a6f,然后把vmdk文件扔进取证大师,发现被删除的文件SECRET

怀疑是TrueCrypt,那用VeraCrypt试试,发现是VeraCrypt

需要密码,考虑前面解出来的字符串e575ac894c385a6f,解出一个名为spiral的文件

扔进010瞅瞅是啥

504b0304,显然 zip文件,修改文件后缀

有张图片但打不开,提示压缩文件末端有问题,去看看,发现除了文件头是对的,其他地方的16进制字符似乎被打乱了,这里要看到文件的名字——sprial,翻译过来就是螺旋,里面内容竟然经过了螺旋矩阵的加密!

这里并不是无迹可寻,可以看到字节总数为7569,7569=87^2,是一个标准的行列式

螺旋矩阵

我这里用的是mumuzi大佬的脚本

def function(n): matrix = [[0] * n for _ in range(n)] number = 1 left, right, up, down = 0, n - 1, 0, n - 1 while left < right and up < down: # 从左到右 for i in range(left, right): matrix[up][i] = number number += 1 # 从上到下 for i in range(up, down): matrix[i][right] = number number += 1 # 从右向左 for i in range(right, left, -1): matrix[down][i] = number number += 1 for i in range(down, up, -1): matrix[i][left] = number number += 1 left += 1 right -= 1 up += 1 down -= 1 # n 为奇数的时候,正方形中间会有个单独的空格需要单独填充 if n % 2 != 0: matrix[n // 2][n // 2] = number return matrix f = open('spiral.zip','rb').read() s = function(87) # print(s) s = sum(s,[]) #print(s) f1 = open('fla.zip','wb') arr = [0]*7569 # print(arr) for i in range(len(s)): arr[i] = f[s[i]-1] #print(arr) # print(arr) for i in arr: print(hex(i)[2:].zfill(2),end='')

输入python3 spiral.py

将十六进制数据新建一个文件,得到图片

图片依然不是最终的flag

ohhhhhhf5–410f3f969bl696
}6–a-1eb59ge1–4d3{f9af107

注意到这段字符串长度为49,那就再来一次螺旋矩阵,这次我选择手撕

得到flag{701fa9fe-63f5-410b-93d4-119f96965be6}


经此一赛,总结:

我回家种田得了