-- Leo's gemini proxy

-- Connecting to airmack.de:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini

░█▀█░▀█▀░█▀▄░█▄█░█▀█░█▀▀░█░█░░░░█▀▄░█▀▀
░█▀█░░█░░█▀▄░█░█░█▀█░█░░░█▀▄░░░░█░█░█▀▀
░▀░▀░▀▀▀░▀░▀░▀░▀░▀░▀░▀▀▀░▀░▀░▀░░▀▀░░▀▀▀


CSAW CTF 2012 dongle.pcap(net300) writeup


Aus der Kategorie Hacking


Begin


Download and wireshark dongle.pcap. We get to know the device in package number 67: Teensy Keyboard/Mouse/Joystick. There is a working c implementation from http://www.pjrc.com/teensy/usb_keyboard.zip to figure out how the hardware is being used. Extract packages 102-2811 in human readable form and make it parsable.


Code


grep -r Leftover blobb.tx | cut -d " " -f4 | grep -v 0000000000000000 > clean.txt

>> and solvable through


Code


#!/usr/bin/env python
import os
import sys


def trans(key, mod):
  int_mod = int(mod, 16)
  key = int(key, 16)
  returnvalue = "WARNING" + str(key) + "WARNING"
  if key <= 29:
    if int_mod == 0x02:
      returnvalue = chr(key - 4 + ord("A"))
    elif int_mod == 0x00:
      returnvalue = chr(key - 4 + ord("a"))
    else:
      returnvalue = "<" + str(mod) + ">" + chr(key - 4 + ord("a"))

  elif key > 29 and key <= 39:
    returnvalue = str((key - 29) % 10)
  elif key == 40:
    returnvalue = "\n"
  elif key == 44:
    returnvalue = " "
  elif key == 45:
    returnvalue = "-"
  elif key == 46:
    returnvalue = "+"
  elif key == 47:
    returnvalue = "{"
  elif key == 48:
    returnvalue = "}"

  return returnvalue


f = open("/tmp/clean.txt", "r")
for line in f:
  os.write(1, trans(line[4:6], line[0:2]))
f.close()

and recognizing(thanks rob) that these packages are not in chronologic order:


Code


<80>rxterm -geometry 12x1+0+0
echo k
<80>rxterm -geometry 12x1+75+0
echo e
<80>rxterm -geometry 12x1+150+0
echo y
<80>rxterm -geometry 12x1+225+0
echo {
<80>rxterm -geometry 12x1+300+0
echo c
<80>rxterm -geometry 12x1+375+0
echo 4
<80>rxterm -geometry 12x1+450+0
echo 8
<80>rxterm -geometry 12x1+525+0
echo b
<80>rxterm -geometry 12x1+600+0
echo a
<80>rxterm -geometry 12x1+675+0
echo 9
<80>rxterm -geometry 12x1+0+40
echo 9
<80>rxterm -geometry 12x1+75+40
echo 3
<80>rxterm -geometry 12x1+150+40
echo d
<80>rxterm -geometry 12x1+225+40
echo 3
<80>rxterm -geometry 12x1+300+40
echo 5
<80>rxterm -geometry 12x1+450+40
echo c
<80>rxterm -geometry 12x1+375+40
echo 3
<80>rxterm -geometry 12x1+525+40
echo a
<80>rxterm -geometry 12x1+600+40
echo }

key{c48ba993d353ca}


Latest article



Fix for zfs-dkms-git in arch for kernel 5.15.7 erstellt am 11. December 2021


Project gemini erstellt am 13. Februar 2021


Eat Sleep PWN Repeat erstellt am 07. Dezember 2020


Physico-chemically motivated parameterization and modelling of real-time capable lithium-ion battery models: a case study on the Tesla Model S battery erstellt am 06. Dezember 2020


Breaking out of cisco anyconnect no local network restriction erstellt am 8. April 2018


Insomni Hack 2015(Lost In Memories) writeup erstellt am 23. Maerz 2014


ruCTF 2014(Pidometer) writeup erstellt am 21. Dezember 2014


Footer



Hauptseite


Impressum


Übersicht


Bio

-- Response ended

-- Page fetched on Fri May 17 02:10:19 2024